Results 1 to 7 of 7

Thread: instantmsgtr.exe

  1. #1
    Junior Member
    Join Date
    Dec 2004
    Posts
    3

    instantmsgtr.exe

    Does anyone know anything about this file? it starts an app that seem to do a bunch of port scans and what not..

  2. #2
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,303
    Are you sure of the exact filename? I'm not finding anything on that one...

  3. #3
    Junior Member
    Join Date
    Dec 2004
    Posts
    3
    absolutely! this is on a laptop i have here at work and really curious if someone is watching my MSN.. Weird thing is it has to be loaded from server side because i can reimage my unit and look for executable and its gone, but as soon as i reconnect via lan line and leave it on for a few minutes ill get a system32 error Lsass status code 128 and it will shut down. when it comes back up i have this nice little executable file and it starts to run a bunch of commands in a DOS window (lots of port scan stuff). It also updates in my registry to run on boot

    Couldnt find anything on it either

  4. #4
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,303
    Ok. So I assume you are on a Corporate lan?

  5. #5
    Junior Member
    Join Date
    Dec 2004
    Posts
    3
    Yes

  6. #6
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,303
    That item is loading from a network script that runs whenever you login. Sounds like it's part of their Group Policies that they want you to have on your system. Are they watching/logging your Messenger? Probably. Is there anything you can do to prevent this? Not if you plan on keeping your job.

    Sorry.

    BTW, Welcome to Techzonez...

  7. #7
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,212
    trojans can be named anything.

    no search results found.

    the fact that your computer shuts down to install this is alarming as you could loose valuable work.

    www.trojanhunter.com

    this program can find some serious trojans on your computer. It should alert you to the open ports or something. The fact that the program is looking for an open port seems to imply that it is a reverse connection. meaning the program looks for a way out of your computer to connect to the internet and connect to an ip at a specific port.

    your corporate network most likely has a virus or intruder and you should investigate and scan your computer to determine what the program is and then take it to your boss. many businesses are being probed so bad asses can get info.

    if trojanhunter finds nothing you should still scan online using panda scanner.
    http://www.pandasoftware.com/actives..._principal.htm

    please use both

    good luck!
    ------------------------------------------------------------



Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •