Home page logo

fulldisclosure logo Full Disclosure mailing list archives

backdoor irc
From: "Steven Dowd" <full-disclosure () dowd co uk>
Date: Sun, 28 Mar 2004 16:23:10 +0100

I need some help and wonder whether anyone can offer any to me

I believe I have had a system hacked/compromised, I have checked the system
and found these files,



I believe someone may have used to gain access into the system. It was a
patched win2k system.

I am looking for details on what these programs do, and how they are
activated or how control is gained through them

Symantec have the Zfn4.exe listed as Backdoor.IRC.Flood


There website states "Backdoor.IRC.Flood is a backdoor Trojan. It installs
an mIRC client that has backdoor capabilities; this gives the hacker
unlimited access to the computer."

Pestcontrol lists the Die3nt.exe also as a trojan.


But I am having a few problems actually finding out anything else about the
files. has anyone any insight into how they work , what they do, how does a
person connect to a system via them. how far could a person get into the
system through these files, symantec seem quite clear that a hacker would
have unlimited access, but nowhere else can i find anything about this.

Thanks for your Time.

Steven Dowd

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]