Hi to all, was hoping somebody could shed some light on a problem I am having,Im running xpsp2 with avg,sygate,adaware,anyway avg told me it had found trojan irc/backdoor.sdbot.egy it then said it had healed the file but ever since then my browsers keep locking up and my speed are realy slow,I will post my hjt log any help would be apreciated
Trojan??
- Thread starter daveyc2k5
- Start date
- Status
Tedster
Posts: 5,746 +14
first of all- never use instant messangers. IRC is an instant messanger virus. using IM is like having an open door to your computer.
technical details
Threats that are detected as IRC Trojan will try to get access to your system through an IRC server. They will typically attempt to open a hidden connection from your computer to an IRC server. Once this happens, the hacker can send commands to the hidden IRC connection to steal system information or any other information that they program the IRC Trojan to obtain. They can also do things that other Trojan horse programs do, such as delete a file, open the CD-ROM drive tray, shut down the system, and so on.
norton removal:
removal instructions
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan and delete all the files detected as IRC Trojan.
4. Delete any values that were added to the registry.
5. Remove any references to the infected files that have been added to the Win.ini and System.ini files (Windows 95/98/Me).
technical details
Threats that are detected as IRC Trojan will try to get access to your system through an IRC server. They will typically attempt to open a hidden connection from your computer to an IRC server. Once this happens, the hacker can send commands to the hidden IRC connection to steal system information or any other information that they program the IRC Trojan to obtain. They can also do things that other Trojan horse programs do, such as delete a file, open the CD-ROM drive tray, shut down the system, and so on.
norton removal:
removal instructions
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
1. Disable System Restore (Windows Me/XP).
2. Update the virus definitions.
3. Run a full system scan and delete all the files detected as IRC Trojan.
4. Delete any values that were added to the registry.
5. Remove any references to the infected files that have been added to the Win.ini and System.ini files (Windows 95/98/Me).
howard_hopkinso
Posts: 21,238 +17
Hello and welcome to Techspot.
The only entries in your HJT log that may be bad are.
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E7463F7-EE09-4722-B53E-528EBDB5A6DA}: NameServer = 62.6.40.178 194.72.0.98
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E7463F7-EE09-4722-B53E-528EBDB5A6DA}: NameServer = 62.6.40.178 194.72.0.98
If these entries don`t belong to your isp, and you don`t recognise them. let HJT fix them.
Regards Howard :wave: :wave:
The only entries in your HJT log that may be bad are.
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E7463F7-EE09-4722-B53E-528EBDB5A6DA}: NameServer = 62.6.40.178 194.72.0.98
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E7463F7-EE09-4722-B53E-528EBDB5A6DA}: NameServer = 62.6.40.178 194.72.0.98
If these entries don`t belong to your isp, and you don`t recognise them. let HJT fix them.
Regards Howard :wave: :wave:
- Status
Similar threads
Latest posts
-
New Affordable AMD B650 Motherboard Roundup- Starfals replied
-
PlayStation 5 Pro will be bigger, faster, and better using the same CPU
- anastrophe replied
-
How to play PS1 Doom on PC (and why you might want to)- amghwk replied
-
Modder builds a Nintendo Wii the size of a deck of cards- WhiteLeaff replied
