Trojans and Data Miners

[Slideblues]

Hey Dude's

Just spent the last three hours recovering from a nasty one,

This slipped through Norton AV, Sygate Firewall, Ad Aware 6, and took bout 5 seconds to install

My virus scanner called it the following:

Win 32 Jeet [Trj]

The file it leaves on C:Windows/System is:

msrexe.exe

The takes over your IE browser and redirects it at will, changing home page and a lot of other Crap!!!

Took four registery edits and a Emergency disk reboot and file delete to fix and a clean install of IE and yer done

Last browser history was leaving Google.com and Yahoo. com

So watch OUT!!!!

Gene

 

[TomMoorehouse]

you got it just surfing the web?

you also have to make sure you have your windows up to date with windowsupdate.microsoft.com or just run linux!

but i'm a glutten for a punnishment..... im thinking of installing a beta longhorn for fun!

 

[Mike G]

Spybot search and destroy, download it, update it, run it once a week and then use the Imunise feature, good as gold! h34r:

 

[TimD]

That is not good Gene - thanks for the info tho'.

 

[Mike Nowicki]

This virus is a trojan. It didn't come from google or yahoo it appears to come in through ICQ. It also alters your win.ini and system.ini files. The msrexe.exe is not the only exe that it creates it usually creates four randomly named exe files. If you only found one exe your system may still be compromised.

Good luck!

 

[Slideblues]

Yeah was just surfin round and did couple searches for Ferrari Enzo pics, Left there hit Home and WHAM!!!!

Thanks for the suggestions guy's

Checked the .ini files and they are clean, Got four different names edited out using regedit

C: Windows/System files look good too, I am still on the lookout fer anything else to pop up thou.

Man this thing worked FAST!!!!

Gene B)

 

[waterbug]

It got me Saturday 10:07pm !!!!!!! It took my home page and put up 4 notices " make sure you typed in the right home page" with square empty boxes!!!! Was not current with Norton AntiVirus !!!!!!! TROJAN !!!!! :angry: :angry: :angry:

I had to delete Windows XP and download it again !!! then got hit with " Blaster " during the down load :angry: :angry: Got a Email from IW and opened the file and wam !!!!!! had something like , Help the boating cumminity "click here" then came up " you had .exe attached on end of !@##$%^*() [jibberish] DIE () !!!!!!!!!!!! :angry: :angry: { NOT SAYING IT CAME FROM HERE} !!!!!!!!!! Finaly got going again monday morning . I now have 8 ISP's in recycle bin and don't know wich one i'm using now !!!!! :wacko: :wacko:

P.S. Had Dell tech line Baffled 1 1/2 hours wait !!! then 2 am Monday got a woman that finally new what to do !!!! And 3 hours of down loads from Microsoft :angry: :angry: And I'm still MAD :angry: :angry: WISH I COULD GET MY HANDS AROUND THIS PERSONS NECK !!!!!!!

 

[waterbug]

SORRY!!!!!!!!!!!! Guys for rambling !!!!

But !!!!!!! Did get the newest version of Windows XP !!!!!!! Totally different look !!!

Also I looked in files and found some more EXE files but the new down load would not let me delete them !!! { Will compromise Windows protection}

 

[Mike Byer]

try www.my-etrust.com it fixed the same problem for me today. local computer dude said it's better than norton.

mike

 

[Slideblues]

Hey Butch,

Wow got you too, Yeah its a bugger to get everything cleaned up, Mine seems OK so far, But I'm still a watchin!!!

Hey Mike,

Thanks for the tip, I will check it out,

Gene

 

[Propjockey]

Anyone running XP Pro been hit?

 

[Jerry T]

I run XP Pro, Norton AV(live update on, with auto protect on) and run Spybot at the end of the day. Also have Goback Deluxe( in case I really screw things up) Norton catches a lot of files on the downloads that come in from some sites.

Haven't seen this virus yet. You can't be too careful out there.

Jerry

 

[Ron Olson]

After reading the first posts, I decided to get the AOL/ McAfee Anti-virus installed. Last week it appeared that my AIM was hacked into because I was getting a message that I was signed on at another computer. Other members of this site got hit also with the same problem. Is someone in this site out to hack some of us? I don't know.

 

[Mike G]

Mcafee AV sucked the life out of my PC, it is very RAM intensive. I have had no troubles with Norton and Spybot, even got rid of ADaware as the Spybot imunise works better. And you guys know how much I am on line! :lol:

 

[TimD]

Mike - is the IW sticker still on your boat? hehehe

Disco King and I thought it was funny!

 

[Mike G]

Yeah but I think it cursed me! :lol:

 

[TimD]

Come to think of it - it was the first time I had raced my boat with it too <_< <_<

I wonder if that was the reason for my bad run of luck :blink: :blink:

 

[RUNNERX]

I use spybot and System Security Suite to do junk cleaning daily. It has seemed to stop some of the junk email I have been getting.