Solved

How can I completely delete the Trojan IRC from my network?

Posted on 2004-09-22
5
166 Views
Last Modified: 2013-12-04
I have a sever IBM and 30 clients I have been finding since 2 weeks ago in my server the virus Trojan IRC and what I have been doing is erasing manually the archives in Win NT system32 but I have noticed that they alls regenerate automatically...

I am in the process of implementing a new server but I do not want to include it in my network untill I am sure that the virus has been completly eleminated...What I am going to do with my server is re-install the operating system all over again however what I am un sure of is what I am going to do with my clients...

I called symantec and they advised that I do not have to re install the OS in all my clients and that what I need to do is run the antivirus scan in safe mode to detect the trojan.....

I have already downloaded a trojanhunter tool to use from Mischel Internet Security and I am thinking of running it on all my clients and also one called AD-Aware SE because I found information concerning an application that I downloaded free from the internet called date manager and trhough that program I got adware.trojan

Could you help me giving me advices and tips about that what we can do with my clients?

Thanks in advance!
0
Comment
Question by:modeza
  • 3
  • 2
5 Comments
 
LVL 32

Expert Comment

by:Luc Franken
ID: 12127299
Hi modeza,

With only 30 clients, I suggest you just disconnect them all from the network (you might have to do this in the weekend) and clean them up one-by one so they can't infect each other while cleaning.
Then, reconnect them all to the network after you've verified they're clean. See if that works for you.
adware.trojan is pretty easy to fix with Ad-aware SE normally, just make sure you use the latest reference file.

Greetings,

LucF
0
 

Author Comment

by:modeza
ID: 12127519
Thanks a lot but I am still concern about if do I have to reinstall the operating system again to each client or just use the tools that I already downloaded to clean the virus?
0
 
LVL 32

Accepted Solution

by:
Luc Franken earned 500 total points
ID: 12127642
That depends what you think is easier for you, if all clients have the same hardware, it might be easier to reinstall one system and clone the OS to all workstations.
But, removing it might save you from re-installing in the future also as you now know what can go wrong, and in what way.

After cleaning, what you might want to try is downloading hijackthis from:
http://www.aumha.org/freeware/freeware.php#hjt

And then post the log it creates at:
http://www.hijackthis.de/index.php?langselect=english
to get it analized, this way you can find out if no nasties are left on the computer.

LucF
0
 

Author Comment

by:modeza
ID: 12127754
Thanks a lot for all your help......Not all my computers have the same hardware but most of them do, I am going to use images( clones)
I am going to reinstall everything...
Thanks again!
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 12133690
You're welcome :)

Glad to help,

LucF
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now