- Joined
- Jan 1, 2000
- Messages
- 35,613
- Reaction score
- 8,581
- Points
- 113
- Age
- 59
- Website
- www.sat-elite.uk
- My Satellite Setup
- A little less analogue, and a lot more crap.
- My Location
- UK
and exit one drive.
Another tested clean drive (28G erased with Active Killdisk (free version)
_http://www.majorgeeks.com/Active_KillDisk_d4791.html
Then formatted , and again using the Win 2000 disc.
Loaded up SP4 upgrade, the usual firewalls/spyware/Winzip and Avast stuff, and then all the security updates, along with DivX and upgrades to DirectX.
Started running slowly the first time I went online to post last night, checked the in/out speeds and found more was going out than in.
When I came to check and clean up, ran Adaware old (usual cookies and some Alexa, but nothing suspect) and then the new (2007), and this found - Win32. backdoor.VANBOT - in the PC, less than 5 hours after a complete start from scratch.
This is what it has the power to do
http://www.f-secure.com/v-descs/backdoor_w32_vanbot_br.shtml
Create remote command shell
Delete files
Download and run files
Gather infected system information
Join and part IRC channels, change nicks, change server
List and terminate processes including security related software products
Log keystrokes
Monitor and sniff network traffic
Open a mail proxy, http and tftp server for file transfers
Perform DDOS and send ICMP and SYN packets
Report bot uptime to a hacker
Save a screen and webcam image capture
Scan for vulnerable computers and try to get access to IPC$ and ADMIN$ shares by performing a dictionary attack then spread to them
Send current IP address to a hacker
Steal user credentials and PC games private keys
Visit a remote website
Just cleaned out the drive once again and it now appears to be behaving itself, but if I get one more intrusion, I'll most likely go back to Win98, as I had virtually no downtime when using the old o/s, and very little interest from outside sources.#
Not a happy bunny.
Another tested clean drive (28G erased with Active Killdisk (free version)
_http://www.majorgeeks.com/Active_KillDisk_d4791.html
Then formatted , and again using the Win 2000 disc.
Loaded up SP4 upgrade, the usual firewalls/spyware/Winzip and Avast stuff, and then all the security updates, along with DivX and upgrades to DirectX.
Started running slowly the first time I went online to post last night, checked the in/out speeds and found more was going out than in.
When I came to check and clean up, ran Adaware old (usual cookies and some Alexa, but nothing suspect) and then the new (2007), and this found - Win32. backdoor.VANBOT - in the PC, less than 5 hours after a complete start from scratch.
This is what it has the power to do
http://www.f-secure.com/v-descs/backdoor_w32_vanbot_br.shtml
Create remote command shell
Delete files
Download and run files
Gather infected system information
Join and part IRC channels, change nicks, change server
List and terminate processes including security related software products
Log keystrokes
Monitor and sniff network traffic
Open a mail proxy, http and tftp server for file transfers
Perform DDOS and send ICMP and SYN packets
Report bot uptime to a hacker
Save a screen and webcam image capture
Scan for vulnerable computers and try to get access to IPC$ and ADMIN$ shares by performing a dictionary attack then spread to them
Send current IP address to a hacker
Steal user credentials and PC games private keys
Visit a remote website
Just cleaned out the drive once again and it now appears to be behaving itself, but if I get one more intrusion, I'll most likely go back to Win98, as I had virtually no downtime when using the old o/s, and very little interest from outside sources.#
Not a happy bunny.