I Got Hit By A Virus! An Internet Pulse Robber!

msw7

New member
Local time
9:34 AM
Messages
3
I am using a Sony VAIO laptop.

The operating system is 64-bit Microsoft Windows 7.

The virus is from the internet while I was in browsing using the Mozilla Firefox browser.

While in browsing, an automatic pop-up message appears on my screen.

I got a message, asking me, do I want to allowing access of a muuxe.exe file?

Then I click allow access.

I am using a chinese-made portable modem called huawei.

It has a small size lcd or led screen, giving me indicator of how much kilobyte, megabyte, and so on, of internet pulse I am using.

At the time I allowed this muuxe.exe file to be accessed, I read my modem screen as 13.14 mb.

How shocked I am when in the next 10 minutes, I read 240.67 mb (two hundreds + forty point sixty seven megabytes) in my portable modem!

I do not download anything when browsing, just read some news, also, no flash video and other video format.

Just a website containing texts and some images.

The automatic update of my laptop also already turned off earlier.

I guess this is a virus from the muuxe.exe file.

Do anyone having same experience as me?

How do I solve this problem such as remove the virus?

Thank you
 

My Computer My Computer

At a glance

64-bit Microsoft Windows 7VAIO6 GBnVIDIA
Computer type
Laptop
Computer Manufacturer/Model Number
Sony
OS
64-bit Microsoft Windows 7
CPU
VAIO
Memory
6 GB
Graphics Card(s)
nVIDIA
Hard Drives
2 x 64 GB Solid State Drive
Browser
Internet Explorer, Mozilla Firefox, Google Chrome
Well, you got hit by a password stealing Bot, also known as a "Backdoor Trojan". https://www.virustotal.com/en/file/...af26f3d74417ce65936d90eb/analysis/1317676706/
Warning! Backdoor Trojans

These are the most dangerous, and most widespread, type of Trojan.
Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.
They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

Banking and credit card institutions should be notified of the possible security breech.
More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security | DSLReports.com, ISP Information

What Anti-Virus and Firewall are you using?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
Well, you got hit by a password stealing Bot, also known as a "Backdoor Trojan". https://www.virustotal.com/en/file/...af26f3d74417ce65936d90eb/analysis/1317676706/
Warning! Backdoor Trojans

These are the most dangerous, and most widespread, type of Trojan.
Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.

If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.
They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.

Banking and credit card institutions should be notified of the possible security breech.
More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security | DSLReports.com, ISP Information

What Anti-Virus and Firewall are you using?

I can not open all of the above websites in my computer with my Mozilla Firefox browser.

I did had few online transactions using my credit card before I got infected by this internet-pulse/quote robber virus.

Will the password still be able to being stolen?

This virus is stealing my internet quote/pulse quickly.

It steals approx two hundreds megabytes within 5-to-10 minutes and makes me shocked.

How to detect and trace this suspect of cyberspace world?
 

My Computer My Computer

At a glance

64-bit Microsoft Windows 7VAIO6 GBnVIDIA
Computer type
Laptop
Computer Manufacturer/Model Number
Sony
OS
64-bit Microsoft Windows 7
CPU
VAIO
Memory
6 GB
Graphics Card(s)
nVIDIA
Hard Drives
2 x 64 GB Solid State Drive
Browser
Internet Explorer, Mozilla Firefox, Google Chrome
Of course! ... You need to change ALL passwords using a known 'clean' computer, not the infected one. You need to notify your bank/credit card carrier of possible 'fraud' transactions on your current card. Close out the account with them and ask for a new card.

Now, I asked you what Anti-virus and Firewall you're using. Can you give me that information?
 

My Computer My Computer

At a glance

Windows 7 Ultimate 32bit SP1Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz4 GBATI Radeon HD 2600 Pro
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Bruce ... somewhere in his 40's
OS
Windows 7 Ultimate 32bit SP1
CPU
Intel(R) Core(TM)2 Quad CPU @ 2.40GHz, 2400 MHz
Motherboard
INTEL/D975XBX2
Memory
4 GB
Graphics Card(s)
ATI Radeon HD 2600 Pro
Monitor(s) Displays
Samsung SyncMaster 914v
Screen Resolution
1280 x 1024
Hard Drives
2/500GB each ... ST3500630AS ATA Device.
One is not connected
PSU
Rocketfish 700 W
Case
G.Skill Gigabyte Chassis
Keyboard
Standard PS/2 Keyboard
Mouse
Microsoft PS/2 Mouse
Internet Speed
DSL
Antivirus
Avira Internet Security
Browser
IE 11
Other Info
ATI HDMI Audio
msw7,

The PWS-Zbot.Gen normally installs a Rootkit to protect itself from removal.

After providing Jacee the information she needs, we can start the removal of this malware with Kaspersky's TDSSKiller Download
Select the .exe version

If you cannot download it to the infected computer, download to a clean computer, and then use a USB pendrive to move the program to the Desktop of the infected computer.

If you cannot get this program to run, rename it.
To do so, right-click on the TDSSKiller.exe icon and select: Rename
Edit the name from TDSSKiller.exe to iexplore.exe, and then double-click on TDSSKiller.exe to run the program.

When the TDSSKiller console opens, click on: Change Parameters
Under Additional Options, place a check in the box next to: Detect TDLFS File System
Click: OK

Press: Start Scan


•If a suspicious object is detected by this program, the default action is Skip. Leave this action as is, and click on: Continue
•If malicious objects are found, they show in the Scan results.
Ensure Cure (the default action) is selected, then click: Continue > Reboot now, to finish the cleaning process.
(Note: If Cure is not available, select Skip, >>Do not select: Delete<<)

When done, the tool creates a log on the disk with the Windows Operating System, normally C:\

Logs have a name like:
C:\TDSSKiller.X.X.X_1.05.2013_15.31.43_log.txt

Please post, or attach, the TDSSKiller log in your reply.
 

My Computer My Computer

At a glance

Windows 7 Home Premium
Computer type
PC/Desktop
Computer Manufacturer/Model Number
An ol' eMachines
OS
Windows 7 Home Premium
Internet Speed
Fine for me...I'm retired!
I realize that this virus is not the muuxe.exe as mentioned earlier.

I can not detect what and where the virus is.

Or maybe someone get my wireless signal, hack its password and using my internet connection.
 
Last edited:

My Computer My Computer

At a glance

64-bit Microsoft Windows 7VAIO6 GBnVIDIA
Computer type
Laptop
Computer Manufacturer/Model Number
Sony
OS
64-bit Microsoft Windows 7
CPU
VAIO
Memory
6 GB
Graphics Card(s)
nVIDIA
Hard Drives
2 x 64 GB Solid State Drive
Browser
Internet Explorer, Mozilla Firefox, Google Chrome
This is a hard lesson to learn, hopefully you have.

If you are surfing the internet and are not downloading anything or installing anything on your pc and a popup box appears asking you for access to something ........ NEVER click ok, either "X" out of the pop up box or close the browser window, if the browser window won't close, force close it using the task manager. But NEVER ,EVER allow something access to your computer on the web unless you know EXACTLY what it is.

First thing I would do is listen to Cottonball's advice above, then on another CLEAN pc, change every single password you have.
 

My Computer My Computer

At a glance

Windows 8 Pro / Windows 7 Home Premium x64 du...6 gigsNvidia GEForce 9400 GT
Computer type
PC/Desktop
Computer Manufacturer/Model Number
HP
OS
Windows 8 Pro / Windows 7 Home Premium x64 dual boot
Memory
6 gigs
Graphics Card(s)
Nvidia GEForce 9400 GT
Screen Resolution
1600 x 900
Hard Drives
Internal - Western Digital 600 gb HDD
Internal - Western Digital 250 gb HDD
External - Western Digital 1 TB HDD
Antivirus
Avast!
Browser
Pale Moon
Back
Top