Forums General Discussion malware.Bkdr_Ircflood.X

Yeah, sysclean most likely does work just fine with some, or even most.

This...
"So, I clicked okay, and it then scanned my computer and found the following file:

• Virus: DOS AGOBOT.HM
  Scan result: Non Cleanable
  File: c:\windows\system32\drivers\etc\hosts

Since it was not cleanable, I deleted the file.
- I then used TM's House scan once again, and it found nothing in the initial system scann and no viruses detected."

... seems to indicate that Trend only found one file (hosts) in connection to that worm, in which case it couldn't possibly clean it as a modified hosts file is but one symptom of the worm (and of many others).

So I recommend a trojan scanner|remover, something I think everyone should have in their arsenal - along with at least one good AV program.

1) I then used TM's House scan once again, and it found nothing in the initial system scann and no viruses detected.
2) After doing this, I found I was then able to access antivirus websites once again, Including te ones at Trend Micro and Grisoft that I had previously not been able to access.
3) I thought I had solved my problem, so I reacvtivated system retore, and rebooted my computer.
4) after my computer rebooted AVG tried to launch, and I got the same error message again.

I would hope you would NOT repeat step #4 again because it SOUNDS like the virus is on that previous version of your OS and brought the virus back with it. I can only hope that some of the info posted here can at least lead you in the right direction. We're posting tons of updated info (as you can tell) when we find something new to add so it can help others (even if it turns out to be a "tried that, didnt work").

(general statement): I sure hope we (the IRC community) can now learn to NOT CLICK THINGS WE DONT KNOW ABOUT. A LOT of these TYPES of things can be avoided if we use a bit of discretion when clicking links, going to sites, etc. When in doubt, DONT CLICK A LINK IN MIRC. What's the harm from that, curiosity's gonna kill you? ;-)

Turning System Restore off wipes all previous restore points.

I didnt know that (as I dont use an OS with Restore like XP has). A notable tidbit to say the least Thanks for the info

No probs.
Sytem Restore is a pretty nice feature (XP and ME both have it), but if a virus gets backed up through it, the only way to clean it is to disable then reenable it.

Problem with using a dedicated trojan remover is that it's already blocking some of the sites that (s)he could download one from.

Perhaps, but then you dl one from MajorGeeks or PCWorld or some such mirror.

hm well i read now trough all this comments and i have done all fixes,searched the registry entries and run 5 AV/trojan programs (Kaspersky,TheCleaner,AVG,Stinger,Panda) but no AV program found this trojan. then i started trendmicro online scan and it found the malware.Bkdr_Ircflood.X thingy . But always when i open my mirc the virus is there again i dont need to connect to a server or smt just load it and the virus is active . there is no new process running then like they said on the trendmicro hp so there are no registry entries aswell .
dont know what to do now hope trendmicro comes up with a solution/patch or whatever

Trend Micro Has fixed this issue. No need to worry anymore.

What can I ask is you proof of this? Do they state somewhere that the issue's been resolved? Did they send you an email? Did you hear it from a friend of a friend of a friend? Did their virus scanner clean a virus for you? Im not doubting you, I just would like to know where the proof of this is before I blindly believe it, that's all. No offense intended

My thoughts exactly landon. Altho, when i checked, i did see that trend updated their patterns on may 3rd, and when i scanned there's no more of that ircflood found msg when none of the files/registry entries exist on my puter. Looks like they decided to fix it without fanfare i guess. I'd suggest anyone who has had the same issue (ie getting that msg but not finding any of the files or registry entries) try now and see what happens.