TechSpot

Backdoor virus, blocking anti virus software

Inactive
By kellzcv22
Feb 5, 2011
  1. I really need help with my computer, i dont know much about computers so may need quite a bit of detail. Recently my windows defender has been showing i have a virus called Backdoor:Win32/IRCbot.gen!W iv tried downloading avg and avast and have also tried my norton but each time i try to set up these anti virus softwares it comes up with a system error so i cant open any of them. iv added a picture to this post,,, this is the message i get whenever i try to open my anti virus softwear, it happens on everyone iv tried. :(
     

    Attached Files:

  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Welcome to TechSpot![​IMG]
    (Image courtesy animationplayhouse.com)

    The error message you're getting indicates corrupt files. To address that issue first, run a Check disk operation to check if that fixes the issue:
    1. Click on Start >> In the Start Search , type cmd .
    2. Under the programs list, right click on cmd and Run as administrator .
    3. Type in chkdsk /r to execute the Command.
    Note: While running chkdsk, make sure all the programs are closed.
    The may take a while> let it finish.
    ====================================
    You mentioned trying to download or use 3 different AV programs. Be sure the system has only one antivirus program
    ====================================
    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  3. kellzcv22

    kellzcv22 TS Rookie Topic Starter

    Hi thanks for the reply,, i tried right clicking cmd, clicked run as adminerstrator and it comes up with the same message about file error??
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Tell me which operating system you have. I can give you another path for the Error Checking.

    You can also go ahead with the scans in the thread I left. You mention my Norton so you have an AV on board, right? You just can't update it. Once I see what's on the system I will be better able to guide you.
     
  5. kellzcv22

    kellzcv22 TS Rookie Topic Starter

    im a complete amateur with computers,, what do u mean by operating system, im using windows vista if that helps?
     
  6. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    I have to sit on my hands when I get a comment like this. Yes, the operating system is Vista> one of the versions. I have this thought which doesn't work in the real world, but it is:
    Anyone who want to get or use a computer should make themselves aware of the basics first. In fact, I'd send them to "computer-ed"!
    =====================================
    Courtesy of Microsoft

    The very basics you need to know are:
    Operating System
    Installed RAM
    Hard Drive size
    How to take processes off of Startup
    How to uninstall programs.
    How to have layered security
    How to practice safe surfing and safe email handling
    What you should do for routine maintenance

    For Basic Help reference: Windows Vista For Dummies Quick Reference
    Greg Harvey
    ISBN: 978-0-471-78326-8
    Paperback
    240 pages
    January 2007
    US $16.99

    Don't be offended> I have 10 Books for Dummies!
     
  7. kellzcv22

    kellzcv22 TS Rookie Topic Starter

    oh, well erm thanks for the advice, i am completing an IT course at college but its just the basics not what to do if you get a virus! thanks for the advice
    Iv tried completing the hard disc scan i click check now and it comes up with a message that says ' consent UI for administrative applications stopped working and was closed' this happens whenever i try to access something as the administrator since i got the virus, i am the admisistrator of the computer as i am the only user.
     
  8. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Skip the Error Checking and do the scans so I can see what's on the system.
     
  9. kellzcv22

    kellzcv22 TS Rookie Topic Starter

    i downloaded gmer and dds but the same thing happens when i try to open it, the same message i get with the anti virus software saying file error,, also im getting messages come up constantly 1 saying there is no disc in the drive please insert a disc and another saying host process for windows has stopped working!
     
  10. kellzcv22

    kellzcv22 TS Rookie Topic Starter

    Hi i dont know if this helps but i was just using my windows defender to see what programs were running on my computer and noticed a spigot. inc,,,, iv included a picture of the information that comes up on my windows defender, is this where the problems coming from do you think?
     

    Attached Files:

  11. Bobbye

    Bobbye Helper on the Fringe Posts: 16,392   +36

    Good pickup! This needs to be removed but I don't think it's the 'backdoor virus' you're referring to.

    Spigit is a technology company based in Pleasanton, California that provides a software as a service (SaaS) platform for enterprise innovation management.

    File Name: SearchSettings.exe
    Product: Widgi Toolbar
    Company: Spigot, Inc.
    SearchSettings.exe: Vendio "Search Settings" foistware - reportedly installed without notice .
    FYI: Foistware is not malware. It is usually installed without your knowledge or permission when you download another unrelated program. This wouldn't likely be what's stopping the programs, but unless I get some logs from you, I'm not going to be able to help you.


    Win32/IRCbot is a large family of backdoor Trojans that targets computers running Microsoft Windows. The Trojan drops other malicious software and opens a backdoor on the infected computer to connect to IRC servers. The Trojan can maintain multiple IRC server connections simultaneously to receive commands from attackers. From Microsoft

    You need to focus on the most likely malware related problems. CD in the drive isn't one of them. I think it's possible that you are not knowledgeable of the operating system and don't know what setting are suppose to be in place. The errors you left is for downloading AVG at CNet. You don't need to be doing this- you said you have Norton.

    Please make an attempt to run the scans again. No more images- logs only.
     
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.