I have this, too.

And I just got this yesterday night when I clicked on a link in a channel. It was from a person I know so, I didn't think it was fishy. Also, once you are infected w/ this, you advertise that link at certain intervals and only other ppl can see that link and not you, so you don't know about it.

I never had anything of this sort before so I _don't_ think this is a false positive.

I have also come to the following conclusion (like some before):

-it's a mirc backdoor.
-it doesn't self-re-install after booting your comp.
-it does that only after mirc.exe is executed.
-so far, only trend micro has picked this up.


I went to this site for help, http://es.trendmicro-europe.com/enterprise/security_info/ve_detail.php?VName=BKDR_IRCFLOOD.X (someone here posted it).

But, I am having some problems w/ their manual removal.

Go to the directory where the file IEEXEC.EXE is located.
Open a command prompt in this location.
Type the following:
C:\ieexec.exe – uninstall
Press Enter to remove the application.

I can't find a file named "ieexec.exe."

Open Registry Editor. Click Start>Run, type Regedit then hit Enter.
In the left panel, double click the following:
In the right panel, locate the following entry:
(Default) = <current directory>\IEEXEC.EXE

Again, I didn't have ieexec.exe key in there. Although, my key had " -no connect" at the end. Does anyone know what that means? I removed. mIRC seems to be working fine so far.

In the left panel, double-click the following: HKEY_CLASSES_ROOT>ChatFile>Shell>Open>Command

I don't have a key named "chatfile."

And similar problems w/ the rest of their solution.

I am actively seekying a resolution to this and will post when I find something new.

*sigh* frown