Log in
Register
Menu
Log in
Register
Home
What's new
Latest activity
Authors
Forums
New posts
Search forums
What's new
New posts
Latest activity
Members
Current visitors
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Computer Discussion
Following on from the Smitfraud issue
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Channel Hopper" data-source="post: 415733" data-attributes="member: 175144"><p>and exit one drive.</p><p></p><p>Another tested clean drive (28G<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite6" alt=":cool:" title="Cool :cool:" loading="lazy" data-shortname=":cool:" /> erased with Active Killdisk (free version)</p><p>_http://www.majorgeeks.com/Active_KillDisk_d4791.html</p><p></p><p>Then formatted , and again using the Win 2000 disc.</p><p>Loaded up SP4 upgrade, the usual firewalls/spyware/Winzip and Avast stuff, and then all the security updates, along with DivX and upgrades to DirectX.</p><p></p><p>Started running slowly the first time I went online to post last night, checked the in/out speeds and found more was going out than in. </p><p></p><p>When I came to check and clean up, ran Adaware old (usual cookies and some Alexa, but nothing suspect) and then the new (2007), and this found - Win32. backdoor.VANBOT - in the PC, less than 5 hours after a complete start from scratch.</p><p></p><p>This is what it has the power to do </p><p><a href="http://www.f-secure.com/v-descs/backdoor_w32_vanbot_br.shtml" target="_blank">http://www.f-secure.com/v-descs/backdoor_w32_vanbot_br.shtml</a></p><p></p><p>Create remote command shell </p><p>Delete files </p><p>Download and run files </p><p>Gather infected system information </p><p>Join and part IRC channels, change nicks, change server </p><p>List and terminate processes including security related software products </p><p>Log keystrokes </p><p>Monitor and sniff network traffic </p><p>Open a mail proxy, http and tftp server for file transfers </p><p>Perform DDOS and send ICMP and SYN packets </p><p>Report bot uptime to a hacker </p><p>Save a screen and webcam image capture </p><p>Scan for vulnerable computers and try to get access to IPC$ and ADMIN$ shares by performing a dictionary attack then spread to them </p><p>Send current IP address to a hacker </p><p>Steal user credentials and PC games private keys </p><p>Visit a remote website </p><p></p><p>Just cleaned out the drive once again and it now appears to be behaving itself, but if I get one more intrusion, I'll most likely go back to Win98, as I had virtually no downtime when using the old o/s, and very little interest from outside sources.#</p><p></p><p>Not a happy bunny.</p></blockquote><p></p>
[QUOTE="Channel Hopper, post: 415733, member: 175144"] and exit one drive. Another tested clean drive (28GB) erased with Active Killdisk (free version) _http://www.majorgeeks.com/Active_KillDisk_d4791.html Then formatted , and again using the Win 2000 disc. Loaded up SP4 upgrade, the usual firewalls/spyware/Winzip and Avast stuff, and then all the security updates, along with DivX and upgrades to DirectX. Started running slowly the first time I went online to post last night, checked the in/out speeds and found more was going out than in. When I came to check and clean up, ran Adaware old (usual cookies and some Alexa, but nothing suspect) and then the new (2007), and this found - Win32. backdoor.VANBOT - in the PC, less than 5 hours after a complete start from scratch. This is what it has the power to do [url]http://www.f-secure.com/v-descs/backdoor_w32_vanbot_br.shtml[/url] Create remote command shell Delete files Download and run files Gather infected system information Join and part IRC channels, change nicks, change server List and terminate processes including security related software products Log keystrokes Monitor and sniff network traffic Open a mail proxy, http and tftp server for file transfers Perform DDOS and send ICMP and SYN packets Report bot uptime to a hacker Save a screen and webcam image capture Scan for vulnerable computers and try to get access to IPC$ and ADMIN$ shares by performing a dictionary attack then spread to them Send current IP address to a hacker Steal user credentials and PC games private keys Visit a remote website Just cleaned out the drive once again and it now appears to be behaving itself, but if I get one more intrusion, I'll most likely go back to Win98, as I had virtually no downtime when using the old o/s, and very little interest from outside sources.# Not a happy bunny. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Miscellaneous Sections
Tech Head - The Technology Section
Computer Discussion
Following on from the Smitfraud issue
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…
Top