|Subject:||Directory C:\winnt\system32\drivers found on XP - Trojan?|
|Posted by:||Paul Moloney (paul_molon…@hotmail.com)|
|Date:||10 Dec 2003|
While searching for the file "explorer.exe" on XP (due to it having a
high CPU usage), I found a copy in the folder
C:\winnt\system32\drivers. In this folder, I also found the following
explore.exe had the name mIRC associated with it; doing a search for
it turned up the name of a trojan. Needless to say, this all looked
pretty suspicious. However, searching my registry turned up none of
the registry entries associated with this virus. And I run anti-virus
and anti-trojan software regularly, so am surprised nothing was
I found mIrc in the "Add/Remove Programs" dialog box, and I recall
installing IRC software a year or two back. (I removed it once found).
Is it possible this was a trojan, or does the legit mIrc install files
to the above folder, and therefore can be confused with the trojan?
Should I be worried, and if so, what should I look for, and can anyone
recommend a good anti-trojan program? (I moved from the now-default
Anti-Trojan 5.5.x to the new a(2)).