virus with mIRC? - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: virus with mIRC?

  1. #11
    Well if you didnt do anything at all like you said u havent, then you shouldnt have a worm/virus. You must of done something like accept a file over DCC or open a strange email. We cant hell you unless you give us some backround info on what happened or what you did. Sorry if i affended anyone. -Twisted-

  2. #12
    Banned
    Join Date
    Jan 2003
    Posts
    30
    Hummm.... Look AOers... If he's running old versions of mIRC then he doesn't even need to download from kazza or anything as a matter of fact he most likely got it because he has 'autoget' enabled in mIRC.... This means that he could have been infected straight out of IRC without even knowing it. Its old... mostly popular with macro virii.

    This URL talks all about what I just said... http://www.stiller.com/mirc.htm

    However if you don't have anything like mIRC then you could still be infected with some virii if a bot advertises a site and you visit it such as a a normal looking site or site with FTP downloads or a site with some infected plugins & (ect).

  3. #13
    Member
    Join Date
    May 2003
    Posts
    35

    coulda woulda

    probably just a coinsciedence(i cant spell). Unless the war bots were scanning hosts as they joined. Which i have seen in the past. what virus did your A/V software tell you, that you had??

  4. #14
    i got tons of viruses through mIRC, always the same one. I've been using Kazaa for ages though, downloaded thousands of files, gigs of warez and i've only ever got 2 viruses.

  5. #15
    Member
    Join Date
    Dec 2002
    Posts
    63

    Lightbulb

    As a random thought.. what did your AV find infected? Was it by chance in a firewall log? Or the actual attachment ect.?
    $pak = me;

  6. #16
    Member
    Join Date
    May 2003
    Posts
    43
    the first file that was infected was my windows.exe and then all other *exe, *.com files had been infected....but only the exe ect were infected that wondered me...

  7. #17
    Banned
    Join Date
    Apr 2003
    Posts
    1,147

    Cool

    You may want to consider where you got the mIRC software. There is a download/install package floating around that already includes a trojan. We found a few of those around here recently.

  8. #18
    Member
    Join Date
    May 2003
    Posts
    32
    It is my understanding that Klez actually "spoofs" the sender's email address by randomly selecting an email address from the sender's address book, so you may have opened an email thinking that it was from a trusted source, when infact it was not. Visit http://securityresponse.symantec.com...klez.h@mm.html for a better description than I am able to provide. Anyone please feel free to correct me if I misunderstand this concept, because I am by no means an expert.

  9. #19
    Senior Member
    Join Date
    Feb 2002
    Posts
    253
    theuser,

    Like you, I believe Klez spoofs the sender in the From part of an email. If I want to find the indenity of the sender of an infected email in my Outlook Express, I might look in the Details part of the email Properties.

    The Reply-To designation may help identify the infected machine.
    Sometimes it does & sometimes it does not.

  10. #20
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    theuser is correct regarding Klez. Klez usually comes with with trojan "Elkern" or similar.. simply depends on what patches you DIDN't have installed and if you were using Outlook express AND were running with the preview pain enabled.. simply previewing the infected message infected you.. cool huh.. but if you had all the ie 5.5 or IE 6 updates you "shouldn't have a problem (one of the reports on klez and bugbear claimed that IE6 was imune..what a joke.. most of the systems we fixed had IE 6 and 6.1)

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •