I have used Spybot SnD to scan and it found no spies on my computer. Recently I just used Trendmicro housecall online scan and it detected IRCFLOOD.BK.X malware and cleaned it. This is the second time in a week, and I cleaned it last time too so it seems it has come back. Can someone tell me exactly how to stop this coming back through protection or deleting of reg entries or files? Thanks.

Hi Dan:

It might be your OS--are you either Win XP or Win Me? If so this bug might be hiding in your system restore and you must reset it to clean it out. If so please read this:


http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?OpenDocument&src=sec_doc_nam

It is nominally for Win XP, but there is a url for the Win Me procedure. Don't forget to create a new restore point after you are *certain* you are back to 100% normal.

Also download, UPDATE, and run Adaware, and don't forget to empty the quarentine sections of both Adaware and SpyBot. Also, if your AV found and quarentined any virus or trojan horse, be sure to delete the contents of the vault after you are sure that the infected-vaulted files were backed-up.

A-squared just released their latest updates, so you may want to download, UPDATE, and run A-squared. In the free version you can manually update, very easy.

You don't mention that you have a Firewall in place, so check mjc's AV page and check out the free or paid ones available.

After that, you may want to post a HiJackThis log, and one of the experts on that will examine it for you.