Port Scanning and Malware Planting. Dear All
Over the past few days (21, 22 April) the PeerGuardian block list server was down, at the time I did not realise this and started my usual (early) weekend P2P-ing
Friday morning I noticed that MS AntiSpyware found five instances of NS Keylogger on my PC, two of those instances I now believe were false positives (uninstallers): C:\Program Files\PeerGuardian2\unins000.exe
C:\Program Files\SpywareBlaster\unins000.exe
However, the other three instances cannot be dismissed as easily, leading me to suspect that one of those "agencies" that are constantly crawling down the 6346 port, and are usually kept out by PG2, probably planted this keylogger.
I believe I made a silly mistake in not realising that the block lists that my copy of PG2 used were solely online, so when the PeerGuardian server went offline, a window of vulnerability opened on my PC.
I have now nailed this window shut, and in order to protect my PC, by updating my PG2 with locally installed block lists (from Blocklist.org) now I am no longer dependant on the online lists as I was (unknowingly) before.
UK Bob |