encyclo
msg:373364 | 9:03 pm on Jun 22, 2004 (gmt 0) |
Taking a guess here...Try this site (delinked for obvious reasons): soft.iwap.biz?
|
AmericanBulldog
msg:373365 | 9:11 pm on Jun 22, 2004 (gmt 0) |
I have the usual suspects when it comes to spyware checking, spybot, adaware, pest patrol, hijack this, they do not have any documentation concerning this.
|
Sean Spruill
msg:373366 | 9:43 pm on Jun 23, 2004 (gmt 0) |
please help. this iwap_www is driving me nuts, is there any relief in sight. Are thier any solutions to the problem.
|
wackal
msg:373367 | 9:44 pm on Jun 23, 2004 (gmt 0) |
as a first step, you might want to delete that user acct
|
AmericanBulldog
msg:373368 | 8:52 pm on Jun 24, 2004 (gmt 0) |
Seems symantec have picked it up now and given it a name
backdoor.berbew.F
follow their instructions and also delete that extra user ID.
|
encyclo
msg:373369 | 11:52 pm on Jun 24, 2004 (gmt 0) |
Nice find, AmericanBulldog! Removal instructions can be found here [sarc.com]. As the trojan has a password-sniffing feature, don't forget to change all you passwords, especially for things such as online banking, after having removed the trojan. Of course, you should also get all the critical updates from Windows Update and for your anti-virus software, and check the configuration of your firewall to reduce the risk of getting infected in the future.
|
its4jag
msg:373370 | 4:17 am on Jun 30, 2004 (gmt 0) |
Any new info on this? One of our home PCs running XP has it. I've deleted the account. Will try to clean tomorrow. Note: the Symantec site doesn't specifically mention IWAP_WWW. TIA, - John
|
skippy
msg:373371 | 5:19 am on Jun 30, 2004 (gmt 0) |
It is related to this
[webmasterworld.com ] more information is here [isc.sans.org ] I am guessing you might want to change browers.
|
|
