Ads Backdoor.Lifefournow Wednesday, 29 December 2004 Backdoor.Lifefournow is a backdoor Trojan horse program that allows a compromised computer to be used to reveal and test the configuration of a network. Backdoor.Lifefournow will exit immediately if it detects that it is running on a computer that only has a privately allocated IP address: 192.168.* 172.16.* 10.* When Backdoor.Lifefournow is executed, it performs the following actions: Creates a copy of itself as %System%[Random file name].exe. Note: %System% is a variable that refers to the System folder. By default this is C:WindowsSystem (Windows 95/98/Me), C:WinntSystem32 (Windows NT/2000), or C:WindowsSystem32 (Windows XP). Adds the value: "[Random file name]" = "%System%[Random file name].exe " to the registry entry: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun so that it is executed every time Windows starts. Connects to one of the following domains and sends information about the configuration of the local network: todayoct25.biz life4now.biz lifetoday0.biz Listens for a connection on TCP port 36183. When a connection is made, a host and port number are given in the appropriate format. Connects to that host and port and acts as an echo client.   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.