Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IRC/BackDoor.Flood

Status
Not open for further replies.
Hawkide

Hawkide

Technical User
Oct 8, 2003
159
US
According to the free version of AVG, i have a trojan named IRC/Backdoor.Flood. The AVG software is simply identifying the problem, but not rectifying it. Per someones advice, I tried to run the AVG program after booting to Safe-Mode. Unfortunately, I could not open the AVG program while I was in Sage-Mode.

Should I have been able to run it from Safe-Mode(maybe I didn't give it ample time to open?)?
What would cause the virus checker to detect but not clean a virus?
I was told that McAfee mwy offer a utility to clean this particular virus. Is this a common practice?

I would truely appreciate any help on this. Sorry if my questions seem trivial, but I do not know much about virus protection. TIA...Derek
 
Sort by date Sort by votes
I am running Windows 2000. The software you recommend is NOT tested with 2000.

Also, I went to McAfee's site and they have a standalone reomver called "Stinger.exe" that someone suggested may remove the "IRC/Backdoor.Flood" trojan. However, it does NOT specifically mention this trojan. It mentions names that are similar to "IRC/Backdoor.Flood" however. Are they the same thing? Has anybody used this remover for this problem? The link to the description is as follows:

 
Upvote 0 Downvote
Had to guess, as you neglected mention your OS in your first post. We've used it on 2k boxes with success, however.
Stinger should work in your case. Great tool, use it a few times a week anymore...
 
Upvote 0 Downvote
I ran Stinger.exe. It finds the IRC/Flood.ap Trojan, but it does not clean it. I selected the repair option. Am I doing something wrong?
 
Upvote 0 Downvote
Are you networked? Have you tried running removal in safe mode?
 
Upvote 0 Downvote
It is a stand-alone PC connected to the Internet via a cable modem. It is NOT networked to any other computers. I did try running in safe mode.

The system is acting quite strange. I tried to run Check Disk on the C:\ dive and I get an error saying that it could not be performed because "exclusive access to the drive could not be obtined"...

Anyway...any other ideas for getting rid of the trojan would be appreciated. The Stinger program says:

C:\WINNT\System32\ocxdll.exe\dll32nt.help
Found the IRC/Flood.ap Trojan !!!

TIA...I really appreciate your help. Derek
 
Upvote 0 Downvote
Symantec's site give the following two instructions for manual removal:

"Delete all files that are detected as Backdoor.IRC.Flood.

Use Windows Explorer to delete the \Window\á Uninstaller.exe file."
 
Upvote 0 Downvote
Thanks for all your help carr...Turns out that there was a file ocxdll.exe found in the system32 folder that created about a dozen files. I removed them and all is well now. In case anybody else is having th same issue, I found a complete desription of how to handle the problem at

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

BENACY
  • Locked
  • Question
REMOVAL OF IRC/BACKDOOR.FLOOD VIRUS ON WIN 2000
Replies
3
Views
42
KimberTech
KimberTech
Accessdabbler
  • Locked
  • Question
IRC/backdoor.flood virus 3
Replies
2
Views
74
Mojocream
Mojocream
rsunra
  • Locked
  • Question
Win32/IRCbot.8275
Replies
2
Views
38
Xemus
Xemus
smile11
  • Locked
  • Question
IRC Trojan Virus
Replies
10
Views
75
smile11
smile11
rickmac72
  • Locked
  • Question
irc trojan
Replies
1
Views
41
SESaskDFC
SESaskDFC

Part and Inventory Search

Sponsor

Back
Top