MAC-NETHow toNetwork SecurityVirus ProtectionSpyware ProtectionDownloadReferenceContact
 

Do more with FirefoxNEW

What is a computer virus?

Alert: Computer Virus Outbreaks

AVG Alternative Update URL

AVG Anti-Virus 7 FE

AVG Anti-Virus 7.5

AVG Email Server Edition

AVG File Server Edition

How to - Avoid Getting Infected

How to - Disabling System Restore

How to - Put Windows in Safe Mode

MAC OS X Anti-Virus

Removal of Trojan

Removing File Locked by OS

Stop the virus Ping-Pong

The real thing !

Viruses: Email-borne

Viruses: On-line Scanners
Home » Virus Protection » Removal of Trojan » 

Backdoor AQF

Alises: Backdoor.EggDrop (AVP), BackDoor.EggDrop (Dr.Web), Backdoor.EggDrop (Symantec)

There are three components of the backdoor, a configuration executable, a service executable and a backdoor dll. The configuration executable is command-line tool. It is used to configure the service executable and backdoor dll. Its action includes following:

  • Set service executable name.
  • Set backdoor server password when connected.
  • Set backdoor server open port.
  • Set email address and ICQ account for notification.
  • Set service display name and description.
  • Set system dll name to inject backdoor dll to.

Once the service executable is configured. It can run on nt/2000/xp machines. When run, it installs itself as a service on the local machine. It creates the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\WinEggDropShell

 

commentPost your comment (1) 
Mail this pageMail this page


© 2004-2008. All Rights Reserved.