Results 1 to 8 of 8

Thread: ircbot

  1. #1
    cometbaby Guest

    Default ircbot

    Checking my program files tonight and found something troubling, as follows:

    Product name ircBot
    File name C:\WINDOWS\system32\scif\explorer.exe
    Last policy update Not applicable
    Version 1.00
    Last modified date 12/30/2005 4:35:52
    File size 80 KB


    Looking up ircBot on the net indicates a trojan .. unless this is something different. I did a full system scan and it found nothing. Just to be safe, I killed it's ability to access the net.

    I have version 6.5 of ZASS, and my Overview indicates I am up-to-date. Should I be concerned?

    Thanks much for your assistance :-)

    CometBaby

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ircbot

    Hi!you could have a scan in SAFE MODE with DrWeb Cure it (download link below):www.freedrweb.comand/or Try to scan your system with this online scanner:http://www.ewido.net/en/onlinescan/And finally you may want to update your ZASS to the latest 7 version (with a new and much stronger AV engine). Please completely remove 6.5 before installing. ZASS 7 does not play well with other security tools, so please remove them before installing.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    cometbaby Guest

    Default Re: ircbot

    Fax,

    Thanks for the advice. I did the scan in Safe Mode with Dr. Cure and it didn't find anything.

    Then I did the online scan with ewido. It found some spyware but nothing serious. I also updated to ZASS 7.

    Should I assume I am safe?

    CometBaby

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ircbot

    Hi!what you could is to upload the file "C:\WINDOWS\system32\scif\explorer.exe" to www.virustotal.comand see what major antivirus engines say about "explorer.exe". Please post back with your results.Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    cometbaby Guest

    Default Re: ircbot

    Hi Fax,

    Before I saw your response, ZASS v7 began a full system scan and found 7 infections. I had two worms IM-Worm.Win32.V and Backdoor.Win32.V in seven locations. This may not be the full name of the worm, but is all of the name that showed in the window.

    Later, when I saw your post, I went to the website, uploaded the file in question, and it found NO virus.

    I do have one other comment to make. This scan was VERY difficult .. it slowed down my machine so much, that I was barely able to close down other programs to give it full access to the computer. It lagged me so bad, I could not type a full sentence. It took 6 hours to complete at a snail's pace. During this time I was unable to utilize my computer as it was commandeered by this virus scan. Something must not be right .. any advice on this? Here is some information about my system, if it will help:

    Intel Core2Extreme quad-core QX6700 (2.66GHz, 1066MHz,2x4MB
    4096MB SDRAM
    1000GB 7200rpm Serial ATA II/300 hard drivew/Raid 5(3-500GB)
    MS XP Media Center 2005

    Fax, thanks so much for your interest and help. :-)

    CometBaby
    You can twist perceptions .. reality won't budge.

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ircbot

    Hi!You're welcome.The new scan engine in ZASS 7 is far more stronger than the previous ZASS 6.5. You pay a better virus detection with slower speed of the scan and operation. A full scan should be ideally perfomed over night or when you are not using your system. Furthermore, the slow performance of the scan may be due to the active infections you had on your system.I would recommend a ZA antivirus scan in SAFE MODE and also a check with another AV/AS, for example, with AVG antispyware online scanner, to be sure you are free of infections or inactive left overs.. Here: http://www.ewido.net/en/onlinescan/Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    cometbaby Guest

    Default Re: ircbot

    fax

    I'm there now getting the scan. Read a white paper from ZD Net tonight that was very interesting .. says you can really improve scan times by regularly defraging the hard drive. In case you are interested here is the link:

    http://whitepapers.zdnet.com/abstrac...;ctype=default

    They give before and after defraging examples .. and show how much time was saved on the scan.

    Thanks so much for your help. :-)


    CometBaby
    You can twist perceptions .. reality won't budge.

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: ircbot

    Thanks for the link...:8}Have a nice day!!Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •