Permanent loss of all work PC's running Dnetc. Due to the w32.bymer virus all my work servers/workstations have had the dnet client removed.
Virus detroyed my herd.
- Thread starter miken
- Start date
miken,
Did you tell your boss that this virus infects ANY computer, not just ones already running the dnet client? It was the disk shares open on the network/internet that provided a means of the virus entering.
The dnet client still provides the same stress testing benefits and behaves in the same innocent manner as before this intruder came knocking.
Did you tell your boss that this virus infects ANY computer, not just ones already running the dnet client? It was the disk shares open on the network/internet that provided a means of the virus entering.
The dnet client still provides the same stress testing benefits and behaves in the same innocent manner as before this intruder came knocking.
That is really horrible! I got the same virus last weekend at home. Luckily, I was able to catch it quickly, within an hour. Miken, how many computers are you losing because of this virus?
dennilfloss
Past Lifer 1957-2014 In Memoriam
<< . It scans random IP address over NetBIOS for computers that have shares named "C" and a Windows folder called "Windows". When it finds one, it copies itself and the files "dnetc.exe" and "dnetc.ini" to the "c:\windows\system" folder of the remote computer. The file "dnetc.exe" is an encryption-cracking program from www.distributed.net, which is not the author of this worm. The samples received by AVERT are packed with the UPX file-compression utility. >>
From McAfee's info page on the worm.
No wonder this is so prevelant.
viz
Really, these same people are very lucky they haven't had a more lethal virus infected on them... If their computers are that wide open, even I could figure out how to do just about anything I want to their computer (and I am 'is suck' as a cracker/hacker).
Bymer, you are on my "needs-to-be-shot-for-the-good-of-humanity" list. :|
JHutch
Bymer, you are on my "needs-to-be-shot-for-the-good-of-humanity" list. :|
JHutch
He's a little paranoid now, so there is no hope of resurrecting my herd.
Herd included:
3 PIII 550 servers
2 PII 450 Workstations
1 P150 Web Server
2 Athlon 600 Workstations
1 dual PIII 450 Rack server
1 dual PII 300 File server
The real kicker was that in a week they were going to allow me to put it on the rest of the clients. About 25-40 more PII 450's, and if that went ok the facilities would have been next. 15 PII 300's. I forget how many blocks that would crack, but as it was I was at 3-6k blocks depending on DB maintenance. (turn off overnight)
Herd included:
3 PIII 550 servers
2 PII 450 Workstations
1 P150 Web Server
2 Athlon 600 Workstations
1 dual PIII 450 Rack server
1 dual PII 300 File server
The real kicker was that in a week they were going to allow me to put it on the rest of the clients. About 25-40 more PII 450's, and if that went ok the facilities would have been next. 15 PII 300's.
I forget how many blocks that would crack, but as it was I was at 3-6k blocks depending on DB maintenance. (turn off overnight)That's what I can't understand. Our computers weren't that wide open. We have NAV for exchange and Workstation, and our shares are PW protected.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter