openme.exe - how did it get on my PC?

[Jammer]

My virus checker (AVG) found a virus in a file called openme.exe in
the Windows directory.

Fortunately, I managed to get rid of it.
I've done a complete virus scan of the whole system and everything
'seems' to be OK.

BUT... what I want to know is how the virus got there in the first
place?
I'm very religious about what I run on my PC.
OK... so I do download programs from peer to peer software.
But... before executing any executable, I always virus check before
running ANYTHING.

And... I would add that I'm the ONLY person using my PC.

AND... on startup... Widnows reports an error saying that openme.exe
can't be run becasue it doesn't exist (deleted by the virus checker).
HOW DO I stop this command from trying to be run on startup?
(I've looked in msconfig and can't find anything.)

Any help would be really appreciated.

Thanks.


Jam

 

[Beauregard T. Shagnasty]

Quoth the raven named Jammer:

My virus checker (AVG) found a virus in a file called openme.exe in
the Windows directory.
....
HOW DO I stop this command from trying to be run on startup?
(I've looked in msconfig and can't find anything.)

Google is your friend.
<http://securityresponse.symantec.com/avcenter/venc/data/w32.dss.trojan.html>

 

[Geese_Hunter]

Quoth the raven named Jammer:


Google is your friend.
<http://securityresponse.symantec.com/avcenter/venc/data/w32.dss.trojan.html>

Chances are very good that it came in automatically from your peer 2
peer software, trojans, virus's, & mal-ware have been running rampant
through those programs. After your reboot a file has been placed in
your registry &/or other start up ini files.

If you are going to use p2p get avast. To get rid of the file go to
majorgeeks,com & get the hijack this program. You can post your results
on spywareinfo.com/forums/ , or tomcoyote.com/forums/ , or you can read
the tutorial from hjt.wizardsofwebsites.com/ & remove yourself, but I'd
backup your registry 1st just incase you remove something you shouldn't
have.

 

[Ben Myers]

Click "Start", "Run", type "system.ini" and click "OK". Find the "[boot]"
section and make sure the "shell" line is "shell=explorer.exe". Be sure to
save any changes. Then go to http://windowsupdate.microsoft.com and
install all the critical updates for the system.

Ben

 

[FromTheRafters]

My virus checker (AVG) found a virus in a file called openme.exe in
the Windows directory.

Are you sharing your entire harddrive with the network?

Fortunately, I managed to get rid of it.
I've done a complete virus scan of the whole system and everything
'seems' to be OK.

BUT... what I want to know is how the virus got there in the first
place?

Knowing which malware it was detected as would be a
good starting point in tracking down the answer to your
question. "Openme.exe" is a filename, and a fairly generic
one at that.

I'm very religious about what I run on my PC.

Chanting, singing hymns, that sort of thing?

OK... so I do download programs from peer to peer software.

But... before executing any executable, I always virus check before
running ANYTHING.

Good, but it is not enough. Accepting executables from
strangers and executing them on your machine will bite
you eventually. These executables could be *anything*,
and even the best array of scanners will only look for
some things, the ones that they are supposed to recognize.

And... I would add that I'm the ONLY person using my PC.

One is enough.

AND... on startup... Widnows reports an error saying that openme.exe
can't be run becasue it doesn't exist (deleted by the virus checker).
HOW DO I stop this command from trying to be run on startup?
(I've looked in msconfig and can't find anything.)

Look in the AV's activity log to see what the name of the
malware was. After reading the description of the malware,
maybe we can sort this out.