|
Joined: Dec 2003
Posts: 5
Nutrimatic drinks dispenser
|
OP
Nutrimatic drinks dispenser
Joined: Dec 2003
Posts: 5 |
I ran an online antivirus -http://housecall.trendmicro.com/housecall/start_corp.asp and it detects a virus while mIRC 5.9 is running and deletes mirc32.exe. The virus is called malware.bkdr_random.k. I tried running mIRCv6.03 while running the AV and nothing happens. Does anyone know what's up with this? Thanks in advance.
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
Did you set the same directory for v6.03 that you had for 5.9? If it's a different directory it's possible the virus doesn't affect mIRC in different folders. Either way, you should have upgraded to version 6.12 by now. The Trendmicro virus scanner does not remove a virus, so I suggest you download a good free virus scanner (personally, I recommend AVG) and run a full system scan. That should safely remove your virus. To be sure it has, run the Trendmicro one after running a full system scan with AVG. 5.9 has a serious buffer overflow exploit, and 6.0 > 6.11 have a serious DCC exploit, therefore, I strongly suggest you upgrade. I also suggest that in future, you do not: - Download files off of other users without trusting them (this includes XDCC files etc). - Go to any websites which are advertised to you. - Let other people use your computer without knowing what they are doing, especially if they use IRC. Good luck Regards,
Mentality/Chris
|
|
|
|
Joined: Dec 2003
Posts: 5
Nutrimatic drinks dispenser
|
OP
Nutrimatic drinks dispenser
Joined: Dec 2003
Posts: 5 |
I tried now testing it out with mIRCv5.91 and it detects the following virus: worm_thrax.a
I have installed v6.12 and no virus was detected. The weird thing is that some friends of mine ran the online scan while using v5.9 and v5.91 and no virus was detected.
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
Indeed, it has nothing to do with the mIRC version you use, *you* have an infection on *your* computer. Why it is only affecting mIRC 5.9x I don't know, however, AVG should remove it from your system, and you should be using 6.12 anyway.
Regards,
Mentality/Chris
|
|
|
|
Joined: Dec 2003
Posts: 5
Nutrimatic drinks dispenser
|
OP
Nutrimatic drinks dispenser
Joined: Dec 2003
Posts: 5 |
That's weird considering the fact NAV is constantly running. Also, I received the exe file of mircv5.91 via email and put it in a new folder and ran it. Then I ran the scan and it detected another virus called: worm_thrax.a.
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
A recent finding of mine has been that despite having to pay ridiculous amounts of money to keep NAV registered, it doesn't catch as many worms or viruses as AVG does. I have them both running, and earlier I (deliberately) visited a virus infected URL - AVG alerted me of a backdoor being placed in my Documents and Settings folder...NAV (with Auto Protect enabled) did not. Anyway, if you receive an .exe file via any form, particuarly by IRC or email, you should be caution, and if it is from someone you don't know, delete it straight away without opening it. My previous posts still apply Regards,
Mentality/Chris
|
|
|
|
Joined: Jun 2003
Posts: 384
Fjord artisan
|
Fjord artisan
Joined: Jun 2003
Posts: 384 |
You should never run two AV products at the same time, ditto firewalls, as they can interfere with each other's operation
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
I used to run one without the other, but I've heard of several people who do so, so I decided to try it out - thus far, no problems.
I have never and intend to never run two firewalls at the same time.
Regards,
Mentality/Chris
|
|
|
|
Joined: Dec 2003
Posts: 5
Nutrimatic drinks dispenser
|
OP
Nutrimatic drinks dispenser
Joined: Dec 2003
Posts: 5 |
I ran AVG 6.0 and it didn't detect anything. I'm an oper on an irc network and I am aware of mirc exploits and the like. Anyway, I know NAV sometimes doesn't detect things other AV software detect. That's why I decided to give AVG a try. I also run ad-aware and spybot which supposedly also detect malware but they didn't catch anything. I am now running v6.12 and after running the online AV no virus was detected.
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
Doesn't that mean your problem is sorted? Regards,
Mentality/Chris
|
|
|
|
Joined: Dec 2003
Posts: 5
Nutrimatic drinks dispenser
|
OP
Nutrimatic drinks dispenser
Joined: Dec 2003
Posts: 5 |
Maybe, maybe not. I sure hope so, though. Thanks to all the people who tried to help me out.
|
|
|
|
Joined: Jun 2003
Posts: 5,024
Hoopy frood
|
Hoopy frood
Joined: Jun 2003
Posts: 5,024 |
No problem, I hope so too Have a good chat experience! Regards,
Mentality/Chris
|
|
|
|
Joined: Apr 2003
Posts: 1
Mostly harmless
|
Mostly harmless
Joined: Apr 2003
Posts: 1 |
i also get this problem with mIRC 6.14 :[ click here and it only happens when i have mIRC running :\
|
|
|
|
Joined: Dec 2002
Posts: 3,127
Hoopy frood
|
Hoopy frood
Joined: Dec 2002
Posts: 3,127 |
its a good idea to close mIRC and other apps when you're running housecall.
versions of mIRC that you download from mirc.com arent infected. you dont say where exactly housecall found the trojan, but of course you know those things hide all over the place and effect lots of things. one possibility to keep in mind (other than you got infected) is that sometimes AV's get what are called false positives from software. if you are sure that your puter shows clean just before adding a new clean legit copy of mIRC and shows infected after you download it, then contact trendmicro, explain and ask about the possibility of a false positive
ParaBrat @#mIRCAide DALnet
|
|
|
|
|