I have applied all known security patches...

[SDS]

If our friend used an older known exploit, then those holes have been closed. I will forward the necessary lines of the log files to IPS to analyze and determine the nature of the exploit.

 

I'm assuming this was an older exploit. I apologize for any trouble this may cause your machines. If we can get an identification of the nasties they tried to spread, we will post the steps necessary to check your machines and clean them.

[meazza]

I am using Win 2k server. I installed ad-aware and it seems to be fine.

[SDS]

Apparently, the Trojan was:

 

Trojan.Byte Verify

 

http://www.symantec.com/avcenter/venc/data...byteverify.html

[Chilly]

http://www.eset.sk/en/company/NOD32-users-...-Windows-system

[Pete]

расцелуйте моего ишака вы hackers commie

[mjjk73]

so this where i got the trojans yesterday

[L.EvansHands]

how do i get rid of them

[jarthur31]

how do i get rid of them

691275[/snapback]

 

Wow. Read that Symantec link up above.

[SDS]

FWIW, there are a ton of IPB forums that have been hacked from ".ru" in the past week...

[udonkey]

Anyone not running anti-virus software can get a good for FREE at:

 

http://free.grisoft.com/doc/1

 

Its what I use and recommend to those who are a bit thrifty

[stuckincincy]

Anyone not running anti-virus software can get a good for FREE at:

 

http://free.grisoft.com/doc/1

 

Its what I use and recommend to those who are a bit thrifty

691457[/snapback]

 

I've used Grisoft's free AVG product for some time. I recommend it, too.

 

Also, Spybot and Ad-Aware SE.

[SDS]

Anyone not running anti-virus software can get a good for FREE at:

 

http://free.grisoft.com/doc/1

 

Its what I use and recommend to those who are a bit thrifty

691457[/snapback]

 

FWIW, the hack isn't necessarily trojan related. The dude could have just wiped the board clean if he wanted to. The security updates that were performed were done to prevent malicious changes/exploitation in code on the server.

 

His preference was just to try and make people download a file or two, but other sites have been affected in different ways.

[Crap Throwing Monkey]

FWIW, the hack isn't necessarily trojan related.  The dude could have just wiped the board clean if he wanted to. 

691472[/snapback]

 

But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...?

[SDS]

But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...? 

691545[/snapback]

 

[Orton's Arm]

But instead, he decided to be malicious and make us sit though our daily "SOMEONE PLEASE TELL ME MCGAHEE'S FORTY TIME!!!" thread...? 

691545[/snapback]

C'mon Tom. I know you have McGahee's post-injury 40 time. You're holding out on us! Maybe another 20 or 30 threads on the subject will get you to open up.