IRC Trojan

Discussion in 'Malware Help (A Specialist Will Reply)' started by bigpapas, Aug 15, 2008.

  1. bigpapas

    bigpapas Private E-2

    I use Norton Protection Center provided by Yahoo Online Protection. It scans every night & usually finds several tracking cookies. Last evening, my husband clicked on a greeting card email & then this morning, the scan said that it had found 2 instances of IRC Trojan that it could not remove. I scanned with AdAware & removed everything it found & then ran a Hijack this scan. I have attached the log to this. I tried to do a system restore & could not, but that is not the first time I have not been able to restore.

    Can you tell me if this trojan is still there & if so, how can I remove it?
     
    bigpapas, Aug 15, 2008
    #1
  2. bigpapas

    bigpapas Private E-2

    Sorry, I forgot to attach the Hijack This log.
     

    Attached Files:

    bigpapas, Aug 15, 2008
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    Where exactly were they found? Were they in System Volume Information? If yes, that is just System Restore and you need to toggle System Restore to disabled, reboot, and then reenable to remove infected restore points.

    If it is not in System Volume Information, tell me exact where it is and then move on to do the below.

    Please follow the instructions in the below link and attach the requested logs when you finish these instructions.
    • If something does not run, write down the info to explain to us later but keep on going.
    • Do not assume that because one step does not work that they all will not.
    Notes:
    1. If you run into problems trying to run theREAD & RUN ME or any of the scans in normal boot mode. You can running steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
    2. If you have problems downloading on the problem PC, download the tools on another PC and burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
     
    chaslang, Aug 16, 2008
    #3
  4. bigpapas

    bigpapas Private E-2

    Sorry, I don't have more information. As soon as I clicked on it to get more info, it switched to saying that everything was good. (I meant to put that in the original post.)

    Just in case it was in System Restore, I turned it off & turned it on again.

    I also ran a full scan in Malwarebytes & Spyware Doctor. Spyware Doctor found & removed PWS.Tanspy & PWS.Bancos trojans, but I never saw anything about the IRC trojan in any scans, so that I'm not sure if it is cleared or not. My daily Norton Protection Center provided by Yahoo Online Protection scan showed no problems this morning, which was after the Spyware Doctor scan ran but before any removal.

    Here's my new Hijack This log. Hope there's enough info to figure it out.
     

    Attached Files:

    bigpapas, Aug 16, 2008
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    If you are still having any malware problems, you need to follow the instructions I gave and attach only the logs I asked for which did not ask for a HijackThis log.
     
    chaslang, Aug 16, 2008
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds