Results 1 to 2 of 2

Thread: Re: NDIS user mode I/O driver

  1. #1
    WazzoTheMartian
    Guest

    Re: NDIS user mode I/O driver


    I had the same problem as Tiago. Thanks Duane for the solution.
    Here is some further info on my attack:

    I was running my BitTorrent client when I noticed some unknown URL
    wanting to use LSASS. I told Sygate "no" and then it was asking me
    whether the same URL could use NDIS I said "no" again. This started to
    worry me so I looked at the Sygate traffic window and saw that despite
    being denied, NDIS was still importing traffic.

    I then looked at my BitTorrent leeches and found the same URL there.
    Shortly after another BT URL was trying the same thing.

    Clearly what was happening here is that a worm on infected machines is
    using BitTorrent protocol to find open ports ON REMOTE MACHINES and then
    using those ports with NDIS to infect further machines.

    NASTY!


    --
    WazzoTheMartian
    ------------------------------------------------------------------------
    WazzoTheMartian's Profile: http://forums.techarena.in/members/150804.htm
    View this thread: http://forums.techarena.in/virus-spyware/173886.htm

    http://forums.techarena.in


  2. #2
    XP + akbarri's Avatar
    Join Date
    Dec 2008
    Location
    Caterpillar Inc
    Posts
    938
    Blog Entries
    3
    wow, interesting case!!

    # OS: Windows, Linux # Browser: Blink, Gecko, Presto, Webkit + Squid + Bind

Similar Threads

  1. (long post) New system and new tech advice and help.
    By osuprowler in forum Hardware & Overclocking
    Replies: 11
    Last Post: 10-07-08, 10:05 PM
  2. 64 MB Vid Card appears as 32 MB
    By PsykoPenguin in forum Hardware & Overclocking
    Replies: 10
    Last Post: 01-02-08, 11:43 AM
  3. Slow page loading. Loads of info! Help.
    By Magnus3204 in forum General Broadband Forum
    Replies: 3
    Last Post: 09-06-07, 08:13 AM
  4. nVidia and Vista Driver news
    By Sava700 in forum Software Forum
    Replies: 0
    Last Post: 02-25-07, 02:01 PM
  5. winantivirus again
    By robertdempster in forum Software Forum
    Replies: 12
    Last Post: 02-20-07, 08:57 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •