|
 |  |  |  |  |  |  |
Welcome to Vista Forums we are your forum to discuss Windows Vista x64 and x86 systems. Whether you need help or just want to post an idea you have on Vista, this is the forum for you.
 |
| |||||||
 |
| | Thread Tools | Display Modes |
07-04-2008
| #1 (permalink) |
| Guest | worm? I believe my computer was affected by some virus. Somehow program called 'mirc.exe' has been installed. I tried to unistall it, however problem exists. Every time after turning on my computer, the winsow pops -up with the message: COULD NOT LOAD OR RUN 'C:\WINDOWS\SYSTEM32\SETUP\DRONA\MIRC.EXE' SPECIFIED IN THE REGISTRY. MAKE SURE FILE EXISTS ON YOUR COMPUTER OR REMOVE THE REFERENCE TO IT IN THE REGISTRY Is there a way to get rid of it? please, help. thank you |
|
07-04-2008
| #2 (permalink) | ||||||||||||
| Guest | Re: worm? Maggie wrote:
http://www.elephantboycomputers.com/...moving_Malware Only after you've determined this, manage your startup: Start Orb>Start Search box>msconfig [enter] If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. Then see what is on the Startup tab. You don't need to restart immediately, but the next time you do you'll get a dialog saying you've used the Utility. Usually in Vista this will be blocked by Windows Defender and you'll need to allow it so you can then tick the box that says in effect, "don't bother me about this again". Important - Do not use the System Configuration Utility to stop processes. Instead, use Start>Run>services.msc [enter] and do not stop any services unless you really, really know what you're doing. The free Autoruns program is very useful for managing your Startup - http://www.microsoft.com/technet/sys...s/default.mspx - Autoruns Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ | ||||||||||||
|
07-04-2008
| #3 (permalink) | ||||||||||||
| Guest | Re: worm? Maggie wrote:
it (Link on page). http://www.threatexpert.com/files/mirc.exe.html There is a legitimate mirc executable, but be aware that internet relay chat is also a good way to get people to infect themselves with trojans etc, so look on that page about 15 lines down and you will see your critter is clearly identified by the "DRONA" in the path name. It's gone, you nailed it, but the registry entry that tries to run it is still there. It won't do anything, the error message tells you that it cannot find the file you removed, but you need to edit the registry to stop that message. See if anything Malke suggested gets it first. | ||||||||||||
| |
| |
|
| Thread Tools | |
| Display Modes | |
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Brontok.KO worm help | Jerry Hughes | Vista security | 1 | 07-01-2008 02:58 PM |
| Problem due to worm! | BillyJay | Vista security | 4 | 06-05-2008 07:36 PM |
| Worm | UNIT86 | Vista security | 3 | 11-26-2007 05:56 AM |
| Help have adware and a worm | astro999 | Vista General | 8 | 11-13-2006 08:13 AM |
| WORM Generic.Z | deebs | Vista General | 6 | 08-10-2006 03:24 PM |
Linear Mode
