Jump to content

repeated Backdoor.IRCbot infection


Recommended Posts

Hello and Happy New Year to Malwarebytes,

Just 2 days ago I ran a full scan and MBAM detected Backdoor.IRCbot in file xp_cd_update.exe and so MBAM says it has been deleted and placed in quarintine. I then did another scan just yesterday and it again found Backdoor.IRCbot this time in System restore {xxxxxxxxxxxx-xxxx-xxxx} (or so i can't remember exactly). Is this a repeat infection or just the same file detected in quarintine? Is this a false positive coz I noticed that when I enter C: in Windows explorer the choice to 'hide contents of this drive' is gone, I'm not sure if this was the case before MBAM quarintined the infected file or only after? Would like to be able to 'hide contents of this drive' and get rid of Backdoor.IRCbot once and for all.

Link to post
Share on other sites

Hello Utopian -

It sounds like a recurring or entrenched infection - If it still appears then you should have an expert check it out to be sure -

Sorry but we don't usually work on detailed Malware removal in the general forums can you continue with the steps below -

Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available -

Thank You - :)

EDIT -

If you have done 2 Full Scans and it is still there please follow the advice -

Link to post
Share on other sites

Hello Utopian! A Happy New Year to you as well!

So, am I correct in reading your post that you have found ONE instance of this in the computer in general (NOT system restore) and then ONE instance in system restore?

The detection in system restore is whats in the system restore files and detections found in there actually can't harm your system anymore UNLESS you use an infected restore point.

If this is the case, that you have only found one instance in each spot, it sounds as though Malwarebytes has taken care of the infection.

However, I strongly urge you to take a visit over to the Malware removal forums just to get your system checked over by an expert per noknojon's directions for that above to ensure that there is nothing else lurking on your system.

Also, as a side note, when replying, please use the "Add reply" button at the bottom of the page or erase what the person you are replying to said, as this makes the forum easier to read.

Thank you :)

Link to post
Share on other sites

Hello noknojon and mountaintree16,

I have to let u kno that its gonna take some time for me to reply back since I have to download and use many tools as per your directions: GMER(this cud be very dangerous to use, I dont have much experience in altering the Windows registry),DDS, DeFogger, HijackThis which I am all not familiar with. The troubled PC is my mothers and I have to go to there house next door to fix it. Right we use a popular paid internet security which has let this Backdoor.IRCbot thru. I have lost some trust with this paid av(im not telling u which) because they have lousy support and it has already let thru many malware, including this Backdoor.IRCbot. If this goes well I just might recommend to my mother to instead change over to MBAM full all or some of the PCs here when our subscription expires. Also, I understand that after I download all these tools, which I have to ask about- cud we reduce to the most important ones since it seems too many but if all these are 'absolutely' necessary then I will download them, and have the results I will post all the results in 'malware removal' and 'hijack this' forum, is this right?

Link to post
Share on other sites

@ Utopian -

You must still have some type of antivirus operating - Even free Avira or Avast or even the free Microsoft Securities Essentials - It is available free to all registered Micrisoft users - MSE is now the only antivirus I am running (along with Malwarebytes of course) -

Please print the instructions and complete as much as you can - Our experts will guide you through the ongoing later steps as they have often dealt with people who do not always understand the process -

Thank You for your Responses - :)

Link to post
Share on other sites

Hello Utopian :)

May I ask why you can't share which Anti-Virus it is?

Unfortunately, AV's don't catch everything, that's where a product such as Malwarebytes (The one that I recommend of course :welcome:) comes in. It is a one-time fee of $24.95 for home users for a lifetime of use, and can be transferred to a new computer after proper removal from the old computer if it is not going to be used anymore as a paid version on the old computer. Of course, Malwarebytes is ALWAYS free for home-use for manual updates and on-demand scanning. The paid version opens up real-time protection for your computer to block threats before they get in, automatic updates, and scheduled scanning.

Good luck with all of the directions, and if there is anything you aren't comfortable doing or anything you have trouble with, just do all that you can and just post what you were able to do in the Malware Removal Forum.

:)

Link to post
Share on other sites

Hello Utopian -

It sounds like a recurring or entrenched infection - If it still appears then you should have an expert check it out to be sure -

Sorry but we don't usually work on detailed Malware removal in the general forums can you continue with the steps below -

Please read and follow the directions here, skipping any steps you are unable to complete. Then post a NEW topic here.

One of the expert helpers there will give you one-on-one assistance when one becomes available -

Thank You - :welcome:

EDIT -

If you have done 2 Full Scans and it is still there please follow the advice -

Hello noknojon,

Sorry I have to ask, why do I need to run Disable CD-ROM Emulation Software DeFogger? and what is DDS for?

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.