 Remove IrcContact. Description and removal instructions
From the publisher: "IrcContact 3.0 by Impactus IrcContact is an IRC client (Trojan/BOT) that hiddenly connects to a specified IRC server when executed, a simple IRC client like mIRC or pIRCH is enought to have full access to the bot. Just send the user password or the master password to log on to the bot and it will answer you with many commands that can be executed in the remote computer. There are two levels of access: The user level and the Master level. - The User Level can execute all commands except "Set", "User", "Bot", which consists in changing bot settings, modifying the access list and uninstalling, restart or shutting down the bot - The Master Level can execute all commands The command's with asterisk symbol before are the new command's added from IrcContact 2.0 to 3.0 Bot Commands: - log on with user access, the "Set", "User" and "Bot" commands will be denied - log on with master access, All following commands will be activated cmdlist - Enumerate commands list, NOTE: all the following commands can be executed in DCC chat cmdlist more - Enumerate more commands list, these commands were not included in "cmdlist" because the bot could be disconnected for flooding \ - This will execute an Irc Command on the bot. Ex: \join #IrcContact (will make the bot to join #IrcContact) GetInfo - Get Information about the remote computer (Windows version, Computer Name, UserName, CPU speed, etc..) ExitWin <1 to 5> - Exit Windows: 1=Shutdown; 2=Reboot; 3=Logoff; 4=PowerOff; 5=Force ShutDown; *6=Crash Shell - Execute a remote shell command (DOS command) Notify Pvts - Notifies you whenever the bot receives a private message Wins - Notifies you whenever the remote user changes the active window * Chans - Notifies you whenever anyone send a message, join's ,part's or quit's a channel (where the bot is) Win list - List visible windows list all - List all windows (visible and invisible) Activ - Activate window Kill - Kill window User -> "User" command requires master level access! list - list currently logged users and retrieves the access level add - logs a user with a certain access level rem - remove user (log out) Set -> "Set" command requires master level access! nick - Change nickname name - Change name ident - Change ident userpass - Change user level password masterpass - Change master level password channel1 - Change auto join channel1 channel2 - Change auto join channel2 channel3 - Change auto join channel3 server - Change server to connect serverport - Change server port NickIdent <0 or 1> - Enable or disable nick auto-identify NickPass - Change nickserv password (auto-identify sould be enabled) RejoinOnKick <0 or 1> - Enable or disable bot Re-Join-on-Kick if kicked from a channel Bot -> "Bot" command requires master level access! Restart - Restart bot Sleep - Shutdown bot.. but doesn't uninstall it! Kill - Completly removes the bot from the infected computer Dir - List directory, this command is recomended to be done in DCC Chat mode or the bot may be disconnected for flooding! Get - Download a file through DCC, * this command now support's mask download files, Ex: 'get C:\images\*.jpg' -> will download all jpeg images in 'C:\images' mv - Move file, *work's using '""' Ex: mv "C:\original file.txt" C":\destination file.txt" cp - Copy file, *work's using '""' del - Delete file Flood - Flood a remote host during a specified time, tometimes the bot may get a timeout quit because it may not respond to server pings while flooding! end - stop flood *randnick - Change to a random nick *lanlist - List shares on lan *DNS - Resolve IP or Hostname *Find - search for files, Ex: 'find C:\program files *.ini' -> will find all ini files in 'C:\program files' *Viewfile - retrieve content of a file (this command work's only in dcc chat to prevent the bot from being disconnected for flood) *mkdir - Create directory *rmdir - Remove directory *setattr - Set attributes of a file, Ex: setattr C:\ircc.txt ASH -> changes the file attributes to: 'hidden', 'archive' and 'system' *msg - send a message to with the text , destination can be a nick or a channel *proc *list - list the processes running on the machine *kill - kill a proccess *spawn - spawn a process visibility can be 0 for hidden and 1 for visible, Ex: proc spawn 1 notepad.exe -> will spawn the notepad.exe process visible *genclone - generate clones *killclones - Kill the clones generated by 'genclone' command *port redir - redirect a port to a remote host in a determined remote port appredir - redirect a port an application *wget - download a file from an url and save it to *wgetrun - same as before but run's the file after downloading it *msgbox - send a message box: the can be: 0 = NOICON; 1 = Exclamation; 2 = Question; 3 = STOP; 4 = INFORMATION; - the can be: 0 = OK; 1 = OkCancel; 2 = AbortRetryIgnore; 3 = YesNoCancel; 4 = YesNo; 5 = RetryCancel; 6 = CancelTryContinue; - the title and the text must be between "", Ex: msgbox 4 3 "Welcome to ircc3" "Do you want to continue?" -> displays a messagebox with an Information icon, buttons Yes, No and Cancel, The title is "Welcome to ircc3" and the text is "Do you want to continue?". The choosen option will be returned to you cancel - Cancel's any Get or Find command that should be in progress. Ping - Ping remote machine IP - Retrieve remote machine's IP Address IPset - Sometimes, IP is not detected correctly, if you want to download files and you know the IP use this command to set it! Log Off - Log Off Note: - All of these commands can be executed" IrcContact properties: • Allows remote user connection • Hides from the user • Stays resident in background Automatic IrcContact removal:remover for IrcContact
IrcContact manual removal:Kill processes:irccontact.exe Delete files: irccontact.exe, readme.txt Other programs to remove IrcContact:• SUPERAntiSpyware - Review - Download• CounterSpy - Review - Download • Windows Defender - Review - Download Information added: 03/04/05 Information updated: 03/04/05 Additional resources related to IrcContact:Attention: If you know or you have a website or page about IrcContact removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about IrcContact parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Latest spyware news:
 What could happen if you’d replied to every single spam message? Is your web browser safe? Supervisor of the newest Nigerian scam gets punished MySpace spammer sentenced to pay $6 million Security experts are worried about home computers France and Japan combines efforts to fight cyber crimes Why can’t spam say goodbye? The most secure and the most insecure domains of virtual world Beware of new scam targeting online banking accounts Why hackers are faster than you areSubscribe to news 
Similar parasites:
|
FORUM:
HELP:
