Hello, I work for a major financial institution and djrunner2.exe was brought to our attention.

This is a key logger program that is capturing you browse activity to most financial related sites. You may want to research further to see if you can find the location in which this file was downloaded from. Most likely the current site is one hosted by Managed.com in Fremont Ca. This site is completely ALARMING. I don’t want to disclose the ip of the server due to the fact that the perp did not put security on the compromised server and there are TONS of files there for several major financial institutions. It captures the url, your id, your password and any other clear text entry associated with the post activity.

You should probably consider any inet banking, eCommerce sites you use to perform financial transactions compromised.

I have no word on the remedial actions associated with identification, removal or remedial actions.

Just out of curiosity, are any of you running personal firewalls?