It appears that the file I received installs a new goal.exe in C:\Winnt which is set to run on startup. Disassembly of the file reveals that it gathers information about my machine from the registry and attempts to recover my netscape password from prefs.js. It then emails the information to [EMAIL PROTECTED] I will post a dissasembly of both files on my website http://www.cell2000.net/security/ -steven alexander
- Warning to Bugtraq posters. Steven Alexander
- Warning to Bugtraq posters. Steven Alexander
- Re: Warning to Bugtraq posters. Richard M. Smith