MalwareBytes - found nothing.
Bit Defender - found nothing.
Dr. Web Cureit found some things. No infections, but "suspicious" and"risky" files. One of the "risky" files was mirc.exe again. The suspicious ones were AIM files (I haven't used aim in 2 years, I didn't even know I still had it). 2 restore points were also labeled as suspicious. I didn't know it didn't save a clean log file, so I can't post everything but here are some things I wrote down, I don't remember what each one was labeled as.
I told it to cure them, I got no "successful" or "failed" message..
File mirc.exe received on 12.28.2008 01:39:03 (CET)
Current status: finished
Result: 5/39 (12.82%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.27 -
AhnLab-V3 2008.12.25.0 2008.12.27 -
AntiVir 7.9.0.45 2008.12.27 -
Authentium 5.1.0.4 2008.12.27 -
Avast 4.8.1281.0 2008.12.27 -
AVG 8.0.0.199 2008.12.28 -
BitDefender 7.2 2008.12.27 -
CAT-QuickHeal 10.00 2008.12.27 -
ClamAV 0.94.1 2008.12.27 -
Comodo 826 2008.12.27 -
DrWeb 4.44.0.09170 2008.12.27 -
eSafe 7.0.17.0 2008.12.24 Client-IRC.Win32.mIR
eTrust-Vet 31.6.6276 2008.12.24 -
Ewido 4.0 2008.12.27 -
F-Prot 4.4.4.56 2008.12.27 -
F-Secure 8.0.14332.0 2008.12.28 Client-IRC.Win32.mIRC.631
Fortinet 3.117.0.0 2008.12.27 -
GData 19 2008.12.27 -
Ikarus T3.1.1.45.0 2008.12.27 -
K7AntiVirus 7.10.568 2008.12.27 not-a-virus:Client-IRC.Win32.mIRC.631
Kaspersky 7.0.0.125 2008.12.28 not-a-virus:Client-IRC.Win32.mIRC.631
McAfee 5476 2008.12.27 -
McAfee+Artemis 5476 2008.12.27 -
Microsoft 1.4205 2008.12.28 -
NOD32 3719 2008.12.27 -
Norman 5.80.02 2008.12.26 -
Panda 9.0.0.4 2008.12.27 -
PCTools 4.4.2.0 2008.12.27 -
Prevx1 V2 2008.12.28 -
Rising 21.09.52.00 2008.12.27 -
SecureWeb-Gateway 6.7.6 2008.12.27 -
Sophos 4.37.0 2008.12.27 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.28 -
TheHacker 6.3.1.4.200 2008.12.26 -
TrendMicro 8.700.0.1004 2008.12.26 -
VBA32 3.12.8.10 2008.12.27 -
ViRobot 2008.12.26.1536 2008.12.26 Not_a_virus:ClientIRC.mIRC.2756096
VirusBuster 4.5.11.0 2008.12.27 -
Additional information
File size: 2756096 bytes
MD5...: e72425de3cb77a4ddff9289f728017b4
SHA1..: fdd7d321b8842162ec338e796eba5b3e28ea3cba
SHA256: ae0e65baa03ec1fee5f49c45c52616e065191a7e4e6c737c9c41551db34bfb8f
SHA512: de9eb280683cfca10011d0d68062f668d8ca1288aa3fa957968c6939df402a38
d875f9be24e36302b5e9e4f8db4fa1e0d3528228828ae37a5d7dc75d52f0581b
ssdeep: 24576:rYcbN5oxZY2sQYH2Sr0N//GxKnCTMxjjz7rzyKfOb/Y+V5Js2DOMGeYriz
By/RhR:ffODxihrV2RhN24Zai56kwZdaTEDw
PEiD..: -
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (59.5%)
Windows Screen Saver (20.6%)
Win32 Executable Generic (13.4%)
Generic Win/DOS Executable (3.1%)
DOS Executable Generic (3.1%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5d4b6d
timedatestamp.....: 0x472a2fa3 (Thu Nov 01 19:57:23 2007)
machinetype.......: 0x14c (I386)
( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1e80ea 0x1e8200 6.63 984bce31494c2a483555a1467cb70287
.rdata 0x1ea000 0x2328a 0x23400 6.22 93952b38069c99985f48fc997bf30008
.data 0x20e000 0x4f370 0x4000 5.66 8f752f0b907977cbec4ebc3fcaccdf9a
.rsrc 0x25e000 0x91318 0x91400 4.83 24805ba997fb490870a80145c4e48d1d
( 13 imports )
> COMCTL32.dll: ImageList_Draw, ImageList_Destroy, ImageList_Create, ImageList_GetIconSize, ImageList_ReplaceIcon
> MPR.dll: WNetCloseEnum, WNetOpenEnumA, WNetEnumResourceA
> VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
> WINMM.dll: sndPlaySoundA, mciSendStringA, mciGetDeviceIDA, timeEndPeriod, timeSetEvent, timeKillEvent, timeBeginPeriod, timeGetDevCaps, mixerClose, mixerSetControlDetails, mixerGetControlDetailsA, mixerGetLineControlsA, mixerGetLineInfoA, mixerOpen, mciGetErrorStringA
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
> KERNEL32.dll: GetLocaleInfoA, GetSystemDefaultLCID, GetWindowsDirectoryA, SetEndOfFile, GetModuleFileNameA, GlobalUnlock, GlobalLock, GlobalFree, GlobalAlloc, lstrcatW, lstrlenW, lstrcpyW, GetVersionExA, QueryPerformanceCounter, QueryPerformanceFrequency, CreateFileA, EnumResourceNamesA, EnumResourceTypesA, LoadLibraryExA, GetDiskFreeSpaceA, GetCurrentProcess, QueryDosDeviceA, GetFileType, GetFileAttributesA, WinExec, FindClose, FindNextFileA, FindFirstFileA, _lwrite, _lclose, _hwrite, GlobalSize, OpenFile, WriteFile, MulDiv, InterlockedIncrement, InterlockedDecrement, SetFilePointer, GetLastError, ReadFile, FlushFileBuffers, GetSystemDefaultLangID, GetDriveTypeA, GetLogicalDriveStringsA, SetFileAttributesA, WritePrivateProfileStringA, GetPrivateProfileStringA, RemoveDirectoryA, CreateDirectoryA, GetLocalTime, GetCurrentThreadId, UnmapViewOfFile, MapViewOfFile, OpenFileMappingA, CreateMutexA, SetErrorMode, FindCloseChangeNotification, FindNextChangeNotification, WaitForMultipleObjects, FindFirstChangeNotificationA, GetEnvironmentVariableA, GetShortPathNameA, CompareFileTime, GetFileTime, ReleaseMutex, GetTimeZoneInformation, LocalAlloc, LocalReAlloc, LocalFree, DeleteFileA, CopyFileA, MoveFileA, SetLastError, GetTempPathA, EnterCriticalSection, SetStdHandle, GetSystemTimeAsFileTime, CreateThread, TlsGetValue, TlsSetValue, ExitThread, RtlUnwind, HeapFree, HeapAlloc, TerminateProcess, GetModuleHandleA, ExitProcess, CreateEventA, WaitForSingleObject, LoadLibraryA, GetProcAddress, FreeLibrary, GetCurrentThread, SetThreadPriority, SetEvent, Sleep, WideCharToMultiByte, CloseHandle, MultiByteToWideChar, GetTickCount, FindResourceA, LoadResource, LockResource, LeaveCriticalSection, HeapReAlloc, FileTimeToSystemTime, FileTimeToLocalFileTime, SetConsoleCtrlHandler, GetACP, GetOEMCP, GetCPInfo, RaiseException, GetTimeFormatA, GetDateFormatA, GetStartupInfoA, GetCommandLineA, TlsFree, TlsAlloc, DeleteCriticalSection, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, UnhandledExceptionFilter, LCMapStringA, LCMapStringW, SetHandleCount, GetStdHandle, InitializeCriticalSection, GetFullPathNameA, GetCurrentDirectoryA, SetCurrentDirectoryA, GetStringTypeA, GetStringTypeW, HeapSize, SetUnhandledExceptionFilter, SetEnvironmentVariableA, SetEnvironmentVariableW, VirtualProtect, GetSystemInfo, VirtualQuery, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCurrentProcessId, CompareStringA, CompareStringW, IsBadReadPtr, IsBadCodePtr, GetFileInformationByHandle, GetVolumeInformationA, PeekNamedPipe
> USER32.dll: DdeDisconnect, DdeUninitialize, DdeNameService, DdeFreeDataHandle, DdeUnaccessData, DdeAccessData, DdeQueryStringA, DdeCreateDataHandle, DdeClientTransaction, DdeConnect, DdeCreateStringHandleA, DdeInitializeA, CallWindowProcA, GetMessageA, ClipCursor, SetKeyboardState, GetKeyboardState, ToAscii, ScrollDC, GetSystemMetrics, MessageBoxA, FlashWindow, RedrawWindow, ShowScrollBar, CharLowerBuffA, CharLowerA, EndDeferWindowPos, DeferWindowPos, BeginDeferWindowPos, VkKeyScanA, GetKeyboardLayout, CopyAcceleratorTableA, MapVirtualKeyA, CallNextHookEx, GetCapture, CharUpperBuffA, DrawIcon, LoadIconA, GetWindowDC, DefMDIChildProcA, GetScrollInfo, IsMenu, GetMenuState, RemoveMenu, SetMenuItemInfoA, GetMenuItemInfoA, GetMenuItemID, TrackPopupMenu, RegisterWindowMessageA, SetWindowsHookExA, GetWindowThreadProcessId, LoadAcceleratorsA, DispatchMessageA, TranslateMessage, TranslateMDISysAccel, TranslateAcceleratorA, IsDialogMessageA, LoadMenuA, PostQuitMessage, DefFrameProcA, RegisterClassExA, UnhookWindowsHookEx, ValidateRect, InvertRect, DefWindowProcA, DrawFrameControl, RegisterClassA, CopyImage, CreateIconIndirect, GetWindowRgn, SetWindowRgn, IsRectEmpty, OffsetRect, SetScrollInfo, DdeFreeStringHandle, GetWindow, GetWindowPlacement, GetMessagePos, GetAsyncKeyState, GetWindowLongA, IsClipboardFormatAvailable, EmptyClipboard, SetClipboardData, OpenClipboard, EnumClipboardFormats, GetClipboardFormatNameA, CreateWindowExA, GetClipboardData, DestroyWindow, CloseClipboard, LoadStringA, MessageBeep, GetTopWindow, IsZoomed, GetActiveWindow, IsWindow, IsCharAlphaA, IsCharAlphaNumericA, GetDesktopWindow, IsIconic, GetDialogBaseUnits, SetDlgItemInt, GetDlgItemInt, GetSystemMenu, CheckMenuItem, LoadCursorA, SetCursor, CreatePopupMenu, DestroyMenu, GetMenu, GetSubMenu, GetMenuItemCount, DeleteMenu, EnableMenuItem, AppendMenuA, DrawMenuBar, GetWindowTextA, FrameRect, GetParent, DrawFocusRect, GetSysColor, GetKeyState, PeekMessageA, MsgWaitForMultipleObjects, BeginPaint, EndPaint, DrawIconEx, DestroyIcon, LoadImageA, IsWindowVisible, FillRect, DrawEdge, IsDlgButtonChecked, EndDialog, SetFocus, CheckDlgButton, SetWindowPlacement, GetWindowTextLengthA, SetActiveWindow, GetMenuStringA, SetRect, SendMessageA, GetDlgCtrlID, GetCursorPos, ScreenToClient, SetWindowPos, UpdateWindow, PtInRect, SetWindowTextA, EnableWindow, ShowWindow, DialogBoxParamA, IsChild, IntersectRect, ModifyMenuA, GetNextDlgTabItem, ChildWindowFromPointEx, GetScrollPos, GetScrollRange, SetScrollPos, CreateMenu, SetMenu, SetScrollRange, SetCapture, EqualRect, ReleaseCapture, IsWindowUnicode, CreateDialogParamA, CopyRect, FindWindowExA, ReleaseDC, PostMessageA, MapWindowPoints, GetWindowRect, GetDlgItem, GetDC, SendDlgItemMessageA, wsprintfA, SetForegroundWindow, ClientToScreen, ChildWindowFromPoint, WindowFromPoint, BringWindowToTop, SetWindowLongA, GetClassNameA, GetFocus, GetIconInfo, WinHelpA, SystemParametersInfoA, GetForegroundWindow, DrawTextA, FindWindowA, MoveWindow, GetClientRect, SetTimer, KillTimer, IsWindowEnabled, InvalidateRect, InsertMenuA
> GDI32.dll: BitBlt, GetObjectA, CreateCompatibleDC, SetBrushOrgEx, SetStretchBltMode, StretchBlt, CreateCompatibleBitmap, GetDIBits, CreateDIBSection, CombineRgn, LineTo, MoveToEx, CreatePen, SelectClipRgn, CreateRectRgn, GetNearestColor, GetDeviceCaps, GetTextExtentPointA, CreateFontIndirectA, PtInRegion, CreatePolygonRgn, DeleteDC, CreatePatternBrush, Rectangle, RoundRect, Ellipse, GetStockObject, SetROP2, SetBkMode, IntersectClipRect, GetClipRgn, ExtTextOutW, GetBkColor, GetTextColor, GetCurrentObject, EnumFontFamiliesExA, GetTextCharset, GetTextExtentPointW, Polyline, ExcludeClipRect, GetObjectType, CreateBitmap, Polygon, FrameRgn, CreateRoundRectRgn, CreateRectRgnIndirect, RectInRegion, CreateFontA, CreateHatchBrush, GetTextMetricsA, ExtTextOutA, CreateSolidBrush, DeleteObject, SelectObject, SetTextColor, SetBkColor, GetPixel, ExtFloodFill, SetPixelV
> comdlg32.dll: ChooseColorA, CommDlgExtendedError, ChooseFontA
> ADVAPI32.dll: RegSetValueA, RegCreateKeyA, RegQueryValueA, RegOpenKeyA, RegDeleteKeyA, RegCreateKeyExA, RegSetValueExA, RegOpenKeyExA, RegEnumKeyA, RegCloseKey
> SHELL32.dll: SHBrowseForFolderA, SHGetDesktopFolder, SHGetMalloc, SHFileOperationA, SHGetSpecialFolderLocation, SHGetPathFromIDListA, DragQueryFileA, FindExecutableA, SHAppBarMessage, ShellExecuteExA, ShellExecuteA, ExtractIconExA, ExtractIconA, Shell_NotifyIconA
> ole32.dll: ReleaseStgMedium, RegisterDragDrop, CoTaskMemFree, CoGetInterfaceAndReleaseStream, RevokeDragDrop, CoCreateInstance, ProgIDFromCLSID, OleSetContainedObject, CoGetClassObject, CoLockObjectExternal, OleInitialize, CLSIDFromProgID, OleUninitialize
> OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -
( 0 exports )
ThreatExpert info: http://www.threatexpert.com/report.aspx?md...ff9289f728017b4
I really didn't think my mirc.exe file had been tampered with in any way but out of curosity I deleted the program and reinstalled anew from their website and resubmitted the file; this time the logs were clean. Of course, the original was over a year old and the mirc.exe file more than likely wasn't an exact copy of mine. Not sure where to go from here, my explorer.exe is still disgustingly slow starting up, if that was in any way related. I schedualed a check disk to run on restart earlier and it came up fine.