SoftwareTipsandTricks.com
Home Forums Windows 7 Security Tips
Forums

Windows 7
Windows Vista
Windows XP

Security Tips
Troubleshooting
Keyboard Shortcuts
Encyclopedia


Drivers

Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Articles
Hot Downloads


Privacy Policy
Contact Us







  MIRC32.exe

Name MIRC32.exe

Description

Backdoor.IRC.Spybuzz is a backdoor Trojan horse that uses Internet Relay Chat networks as its backdoor channels.

Copies itself as %System%\Mirc32.exe.
Creates a thread that continuously monitors the registry.

Adds the value:
"Winsock2 driver"="MIRC32.exe"
to the registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

Creates a thread that logs key strokes and creates the file, %System%\keylog.txt, to store the keystrokes.
Connects to predefined set of IRC servers at port 6667 and waits for commands from the attacker.
Once the backdoor is established, the attacker could control the infected system.

Some of the actions the attacker can perform include:
- Downloading and executing files
- Launching Denial of Service attacks
- Stealing information
- Listing, stopping, and creating processes
- Controlling the file system and list, deleting, renaming, and creating files

Use antivirus (also check How To Remove section)Startup Optimizer to automatically remove this registry item.


Still have a problem? Ask for help at our discussion forum.



Search Dangerous Files :
 

: : Recent posts at Forums : :


Fatal error: Incompatible file format: The encoded file has format major ID 1, whereas the Loader expects 7 in /home/software/public_html/forum/includes/functions_vbseo.php on line 0