I have this, too.
And I just got this yesterday night when I clicked on a link in a channel. It was from a person I know so, I didn't think it was fishy. Also, once you are infected w/ this, you advertise that link at certain intervals and only other ppl can see that link and not you, so you don't know about it.
I never had anything of this sort before so I _don't_ think this is a false positive.
I have also come to the following conclusion (like some before):
-it's a mirc backdoor.
-it doesn't self-re-install after booting your comp.
-it does that only after mirc.exe is executed.
-so far, only trend micro has picked this up.
*********************************
I went to this site for help,
http://es.trendmicro-europe.com/enterprise/security_info/ve_detail.php?VName=BKDR_IRCFLOOD.X (someone here posted it).
But, I am having some problems w/ their manual removal.
Go to the directory where the file IEEXEC.EXE is located.
Open a command prompt in this location.
Type the following:
C:\ieexec.exe – uninstall
Press Enter to remove the application.
I can't find a file named "ieexec.exe."
Open Registry Editor. Click Start>Run, type Regedit then hit Enter.
In the left panel, double click the following:
HKEY_CLASSES_ROOT>irc>Shell>open>command
In the right panel, locate the following entry:
(Default) = <current directory>\IEEXEC.EXE
Again, I didn't have ieexec.exe key in there. Although, my key had " -no connect" at the end. Does anyone know what that means? I removed. mIRC seems to be working fine so far.
In the left panel, double-click the following: HKEY_CLASSES_ROOT>ChatFile>Shell>Open>Command
I don't have a key named "chatfile."
And similar problems w/ the rest of their solution.
I am actively seekying a resolution to this and will post when I find something new.
*sigh*
