I have a green square screen in the system tray and often in the upper right hand corner of the screen right after boot. This is a Windows 2000 Professional installation. When I restore the item it lists as mIRC task manager. Looking for it through start menus, task manager, visually searching C:>, as well as using search/find looking for the DCC that it claims it is situated in fails. I manually exit this app after I boot since I can't find it to pull it off. Any one got any ideas? The only thing that has changed is I got a cable modem. But the modem install only hooks me to the internet, the installer did not add any other software. Any suggestions as to where to look would be appreciated. Thanks.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
mIRC launching during boot
- Thread starter Brianc2k
- Start date
Sounds like a trojan horse I recently removed off my clients sustem. Go to Symantec Security site and run a complete virus scan [NOTE:it will not scan compressed files] If you're infected with a trojan, use the removal process to get rid it. You will also need to remove the mIRC client from starting up, this will most likely be hiding in the HKLM_Software_Microsoft_Windows_CurrentVersion_Run or possibly Run Once
If it's the same trojan I removed from my client, it will hide itself as [Tskmgr.exe], but don't do any registry editing until after you run a complete virus scan at symantec (or any other site).
Good luck, keep us posted on your findings... sdibias
MCSE 2000
If it's the same trojan I removed from my client, it will hide itself as [Tskmgr.exe], but don't do any registry editing until after you run a complete virus scan at symantec (or any other site).
Good luck, keep us posted on your findings... sdibias
MCSE 2000
I'm pretty sure you're infected with the IRC.mimic trojan. Read this:
It has the exact symptoms as you, and I just removed this off of a few systems last week.
Now that you're on a cable modem, consider running a firewall of some sort, possibly a Linksys hardware firewall with say ZoneAlram for added protection. If you had ZA, it would tell you when the trojan was trying to access the internet, then you could stop it in it's tracks.
ATM, you could be hosting DDoS (Distributed Denial of Service) attacks without even knowing it. Run that scan, install a firewall and AntiVirus software and you wwill be fine.
Let me know what you find.
sdibias
MCSE 2000
It has the exact symptoms as you, and I just removed this off of a few systems last week.
Now that you're on a cable modem, consider running a firewall of some sort, possibly a Linksys hardware firewall with say ZoneAlram for added protection. If you had ZA, it would tell you when the trojan was trying to access the internet, then you could stop it in it's tracks.
ATM, you could be hosting DDoS (Distributed Denial of Service) attacks without even knowing it. Run that scan, install a firewall and AntiVirus software and you wwill be fine.
Let me know what you find.
sdibias
MCSE 2000
- Thread starter
- #4
Too late. By the time I started the cleaning process the worm had worked it's way so deep into the OS that I feel it best to format hard drive and reload. The system is set now so I can backup my data first.
Thanks to everyone who responded. This trojan walked into my system regardless my virus definitions were only three days old. I use Symantec's Norton and keep it current. But once I rebuilt I will also add Zone Alarm. Again thanks to all who responded but it was too late. It is best I cut my slack now while I can restore all programs and data.
Thanks to everyone who responded. This trojan walked into my system regardless my virus definitions were only three days old. I use Symantec's Norton and keep it current. But once I rebuilt I will also add Zone Alarm. Again thanks to all who responded but it was too late. It is best I cut my slack now while I can restore all programs and data.
- Status
Similar threads
