mirc32.exe - Dangerous
mirc32.exe
Manual removal instructions:
Antivirus Report of mirc32.exe:
mirc32.exe
Backdoor.IRC.Spybuzz is a backdoor Trojan horse that uses Internet Relay Chat networks as its backdoor channels.
Copies itself as %System%\Mirc32.exe.
Creates a thread that continuously monitors the registry.
Adds the value:
"Winsock2 driver"="MIRC32.exe"
to the registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Creates a thread that logs key strokes and creates the file, %System%\keylog.txt, to store the keystrokes.
Connects to predefined set of IRC servers at port 6667 and waits for commands from the attacker.
Once the backdoor is established, the attacker could control the infected system.
Some of the actions the attacker can perform include:
- Downloading and executing files
- Launching Denial of Service attacks
- Stealing information
- Listing, stopping, and creating processes
- Controlling the file system and list, deleting, renaming, and creating files
Use RegRun Startup Optimizer to automatically remove this registry item.
| mirc32.exe | Malware |
| mirc32.exe | Dangerous |
| mirc32.exe | High Risk |
Copies itself as %System%\Mirc32.exe.
Creates a thread that continuously monitors the registry.
Adds the value:
"Winsock2 driver"="MIRC32.exe"
to the registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Creates a thread that logs key strokes and creates the file, %System%\keylog.txt, to store the keystrokes.
Connects to predefined set of IRC servers at port 6667 and waits for commands from the attacker.
Once the backdoor is established, the attacker could control the infected system.
Some of the actions the attacker can perform include:
- Downloading and executing files
- Launching Denial of Service attacks
- Stealing information
- Listing, stopping, and creating processes
- Controlling the file system and list, deleting, renaming, and creating files
Use RegRun Startup Optimizer to automatically remove this registry item.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.