|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
07-04-2008
| #1 (permalink) |
| | worm? I believe my computer was affected by some virus. Somehow program called 'mirc.exe' has been installed. I tried to unistall it, however problem exists. Every time after turning on my computer, the winsow pops -up with the message: COULD NOT LOAD OR RUN 'C:\WINDOWS\SYSTEM32\SETUP\DRONA\MIRC.EXE' SPECIFIED IN THE REGISTRY. MAKE SURE FILE EXISTS ON YOUR COMPUTER OR REMOVE THE REFERENCE TO IT IN THE REGISTRY Is there a way to get rid of it? please, help. thank you |
My System Specs |
|
07-04-2008
| #2 (permalink) |
| | Re: worm? Maggie wrote: Quote: > I believe my computer was affected by some virus. > Somehow program called 'mirc.exe' has been installed. I tried to unistall > it, however problem exists. Every time after turning on my computer, the > winsow pops -up with the message: > COULD NOT LOAD OR RUN 'C:\WINDOWS\SYSTEM32\SETUP\DRONA\MIRC.EXE' SPECIFIED > IN THE REGISTRY. MAKE SURE FILE EXISTS ON YOUR COMPUTER OR REMOVE THE > REFERENCE TO IT IN THE REGISTRY > > Is there a way to get rid of it? please, help. > thank you http://www.elephantboycomputers.com/...moving_Malware Only after you've determined this, manage your startup: Start Orb>Start Search box>msconfig [enter] If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. Then see what is on the Startup tab. You don't need to restart immediately, but the next time you do you'll get a dialog saying you've used the Utility. Usually in Vista this will be blocked by Windows Defender and you'll need to allow it so you can then tick the box that says in effect, "don't bother me about this again". Important - Do not use the System Configuration Utility to stop processes. Instead, use Start>Run>services.msc [enter] and do not stop any services unless you really, really know what you're doing. The free Autoruns program is very useful for managing your Startup - http://www.microsoft.com/technet/sys...s/default.mspx - Autoruns Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ |
| My System Specs |
|
07-04-2008
| #3 (permalink) |
| | Re: worm? Maggie wrote: Quote: > I believe my computer was affected by some virus. > Somehow program called 'mirc.exe' has been installed. I tried to unistall > it, however problem exists. Every time after turning on my computer, the > winsow pops -up with the message: > COULD NOT LOAD OR RUN 'C:\WINDOWS\SYSTEM32\SETUP\DRONA\MIRC.EXE' SPECIFIED > IN THE REGISTRY. MAKE SURE FILE EXISTS ON YOUR COMPUTER OR REMOVE THE > REFERENCE TO IT IN THE REGISTRY > > Is there a way to get rid of it? please, help. > thank you > it (Link on page). http://www.threatexpert.com/files/mirc.exe.html There is a legitimate mirc executable, but be aware that internet relay chat is also a good way to get people to infect themselves with trojans etc, so look on that page about 15 lines down and you will see your critter is clearly identified by the "DRONA" in the path name. It's gone, you nailed it, but the registry entry that tries to run it is still there. It won't do anything, the error message tells you that it cannot find the file you removed, but you need to edit the registry to stop that message. See if anything Malke suggested gets it first. |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| conficker worm | Vista General | |||
| Brontok.KO worm help | Vista security | |||
| Messenger worm | Live Messenger | |||
| Worm | Vista security | |||
| WORM Generic.Z | Vista General | |||
