Trojan, or false positive?

Discussion in 'malware problems & news' started by Comp01, Oct 8, 2003.

Thread Status:
Not open for further replies.
  1. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Okay, TDS-3 found this:
    Positive identification (DLL) (in archive): DragonZap IRC Registry 1.05 (dll)
    File: registry.dll (In c:\program files\mirc\personalsatisticsaddon.zip)

    Positive identification (DLL): DragonZap IRC Registry 1.05 (dll)
    File: c:\program files\mirc\registry.dll

    Didnt give anymore details, They are .dll files forma mIRC script I use, My 2 Antiviruses, AdAware, and SpyBot have not found it, only TDS-3, I dunno if I should delete them or not? I've had these .dll files for quite a while :doubt:
     
  2. the Tester

    the Tester Registered Member

    Joined:
    Jul 28, 2002
    Posts:
    2,854
    Location:
    The Gateway to the Blue Hills,WI.
    I wouldn't delete those files yet!
    You could post in the TDS-3 category for advice or email TDS-3 with your question.
    Click the "help" tab in TDS-3 control panel and there is a spot in there for "email support".
     
  3. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Yeah, I did delete them.. :doubt: but I can give source to where I got the script ... if needed..
     
  4. Gavin - DiamondCS

    Gavin - DiamondCS Former DCS Moderator

    Joined:
    Feb 10, 2002
    Posts:
    2,080
    Location:
    Perth, Western Australia
    These DLLs and some others are used by a reasonable number of IRC Bots (mIRC based backdoors) so they are detected. These will probably be downgraded to a warning alarm which would be best, you can ignore them for now if you wish. Please do let me know which script you run, I'd like to know how many do now distribute these DLLs
     
  5. Comp01

    Comp01 Registered Member

    Joined:
    Sep 4, 2003
    Posts:
    638
    Its probably not a well known script, its a System info script, I found it while looking for searching for mIRC scripts, its called "Personal Statistics Addon" I got it from http://www.adamj.org/ a WHILE ago, I am still using the script, I just have the DLL files deleted (The DLL's find the system info, so it can save to mIRC variables, after its done once, its basically setup :doubt:)
     
  6. HenryS

    HenryS Guest

    Hi Gavin:

    Im using the mirc script called: UPP 2.0

    My TDS-3 alarms on this registry.dll file
    Should I be worried?

    Being that its only an alarm, I have not deleted it.

    Scan Control Dumped @ 10:55:01 27-07-04
    Positive identification (DLL): DragonZap IRC Registry 1.05 (dll)
    File: c:\program files\upp\system\dlls\registry.dll

    Would you like me to send you the file??

    Location of script: http://www.upp-irc.tk

    Thanks so much
     
Loading...
Thread Status:
Not open for further replies.