mIRC Home    About    Download    Register    News    Help

Print Thread
Page 6 of 6 1 2 3 4 5 6
Re: malware.Bkdr_Ircflood.X #76490 01/05/04 10:44 AM
Joined: Aug 2003
Posts: 1,831
I
Iori Offline
Hoopy frood
Offline
Hoopy frood
I
Joined: Aug 2003
Posts: 1,831
Yeah, sysclean most likely does work just fine with some, or even most. smile

This...
"So, I clicked okay, and it then scanned my computer and found the following file:
  • Virus: DOS AGOBOT.HM
    Scan result: Non Cleanable
    File: c:\windows\system32\drivers\etc\hosts
Since it was not cleanable, I deleted the file.
- I then used TM's House scan once again, and it found nothing in the initial system scann and no viruses detected.
"

... seems to indicate that Trend only found one file (hosts) in connection to that worm, in which case it couldn't possibly clean it as a modified hosts file is but one symptom of the worm (and of many others).

So I recommend a trojan scanner|remover, something I think everyone should have in their arsenal - along with at least one good AV program. smile

Re: malware.Bkdr_Ircflood.X #76491 01/05/04 10:54 AM
Joined: Dec 2002
Posts: 1,527
L
landonsandor Offline
Hoopy frood
Offline
Hoopy frood
L
Joined: Dec 2002
Posts: 1,527

1) I then used TM's House scan once again, and it found nothing in the initial system scann and no viruses detected.
2) After doing this, I found I was then able to access antivirus websites once again, Including te ones at Trend Micro and Grisoft that I had previously not been able to access.
3) I thought I had solved my problem, so I reacvtivated system retore, and rebooted my computer.
4) after my computer rebooted AVG tried to launch, and I got the same error message again.


I would hope you would NOT repeat step #4 again because it SOUNDS like the virus is on that previous version of your OS and brought the virus back with it. I can only hope that some of the info posted here can at least lead you in the right direction. We're posting tons of updated info (as you can tell) when we find something new to add so it can help others (even if it turns out to be a "tried that, didnt work").

(general statement): I sure hope we (the IRC community) can now learn to NOT CLICK THINGS WE DONT KNOW ABOUT. A LOT of these TYPES of things can be avoided if we use a bit of discretion when clicking links, going to sites, etc. When in doubt, DONT CLICK A LINK IN MIRC. What's the harm from that, curiosity's gonna kill you? ;-)


Those who fail history are doomed to repeat it
Re: malware.Bkdr_Ircflood.X #76492 01/05/04 11:03 AM
Joined: Aug 2003
Posts: 1,831
I
Iori Offline
Hoopy frood
Offline
Hoopy frood
I
Joined: Aug 2003
Posts: 1,831
Turning System Restore off wipes all previous restore points. wink

Re: malware.Bkdr_Ircflood.X #76493 01/05/04 11:05 AM
Joined: Dec 2002
Posts: 1,527
L
landonsandor Offline
Hoopy frood
Offline
Hoopy frood
L
Joined: Dec 2002
Posts: 1,527
I didnt know that (as I dont use an OS with Restore like XP has). A notable tidbit to say the least smile Thanks for the info


Those who fail history are doomed to repeat it
Re: malware.Bkdr_Ircflood.X #76494 01/05/04 11:18 AM
Joined: Aug 2003
Posts: 1,831
I
Iori Offline
Hoopy frood
Offline
Hoopy frood
I
Joined: Aug 2003
Posts: 1,831
No probs. smile
Sytem Restore is a pretty nice feature (XP and ME both have it), but if a virus gets backed up through it, the only way to clean it is to disable then reenable it.

Re: malware.Bkdr_Ircflood.X #76495 01/05/04 11:25 AM
Joined: Nov 2003
Posts: 2,327
T
tidy_trax Offline
Hoopy frood
Offline
Hoopy frood
T
Joined: Nov 2003
Posts: 2,327
Problem with using a dedicated trojan remover is that it's already blocking some of the sites that (s)he could download one from. wink


New username: hixxy
Re: malware.Bkdr_Ircflood.X #76496 01/05/04 11:35 AM
Joined: Aug 2003
Posts: 1,831
I
Iori Offline
Hoopy frood
Offline
Hoopy frood
I
Joined: Aug 2003
Posts: 1,831
Perhaps, but then you dl one from MajorGeeks or PCWorld or some such mirror. smile

Re: malware.Bkdr_Ircflood.X #76497 04/05/04 12:44 AM
Joined: May 2004
Posts: 1
H
hdsht Offline
Mostly harmless
Offline
Mostly harmless
H
Joined: May 2004
Posts: 1
hm well i read now trough all this comments and i have done all fixes,searched the registry entries and run 5 AV/trojan programs (Kaspersky,TheCleaner,AVG,Stinger,Panda) but no AV program found this trojan. then i started trendmicro online scan and it found the malware.Bkdr_Ircflood.X thingy . But always when i open my mirc the virus is there again i dont need to connect to a server or smt just load it and the virus is active . there is no new process running then like they said on the trendmicro hp so there are no registry entries aswell .
dont know what to do now hope trendmicro comes up with a solution/patch or whatever

Re: malware.Bkdr_Ircflood.X #76498 05/05/04 01:02 AM
Joined: May 2004
Posts: 1
O
otso8otso Offline
Mostly harmless
Offline
Mostly harmless
O
Joined: May 2004
Posts: 1
Trend Micro Has fixed this issue. No need to worry anymore.

Re: malware.Bkdr_Ircflood.X #76499 05/05/04 10:18 AM
Joined: Dec 2002
Posts: 1,527
L
landonsandor Offline
Hoopy frood
Offline
Hoopy frood
L
Joined: Dec 2002
Posts: 1,527
What can I ask is you proof of this? Do they state somewhere that the issue's been resolved? Did they send you an email? Did you hear it from a friend of a friend of a friend? Did their virus scanner clean a virus for you? Im not doubting you, I just would like to know where the proof of this is before I blindly believe it, that's all. No offense intended


Those who fail history are doomed to repeat it
Re: malware.Bkdr_Ircflood.X #76500 05/05/04 09:00 PM
Joined: Dec 2002
Posts: 3,127
P
ParaBrat Offline
Hoopy frood
Offline
Hoopy frood
P
Joined: Dec 2002
Posts: 3,127
My thoughts exactly landon. Altho, when i checked, i did see that trend updated their patterns on may 3rd, and when i scanned there's no more of that ircflood found msg when none of the files/registry entries exist on my puter. Looks like they decided to fix it without fanfare i guess. I'd suggest anyone who has had the same issue (ie getting that msg but not finding any of the files or registry entries) try now and see what happens.


ParaBrat @#mIRCAide DALnet
Page 6 of 6 1 2 3 4 5 6