Bkdr_pcclient.yp

02-05-2008

Registered User

26,240, 27

Join Date: Sep 2000

Last Activity: 1 August 2008, 3:09 PM EDT

Posts: 26,240

Thanks Given: 0

Thanked 27 Times in 26 Posts

Bkdr_pcclient.yp

This backdoor is a .DLL component dropped by other malware to serve as its backdoor component. It is usually dropped in the system folder and registered as system service to ensure its automatic execution every system startup. It is then injected as thread into running processes to remain memory resident and makes it difficult to terminate.
This backdoor connects to a certain URL via a random port and executes commands locally on affected machines.
However, it requires its main component to run properly.

More...

Linux Bot

View Public Profile for Linux Bot

Find all posts by Linux Bot

rmm(1) General Commands Manual rmm(1) NAME
rmm - remove messages (only available within the message handling system, mh) SYNOPSIS
rmm [+folder] [msgs] [-help] OPTIONS
Prints a list of the valid options to this command. The default settings for this command are: +folder defaults to the current folder msgs defaults to the current message DESCRIPTION
The rmm command deletes the current message from the current folder. You can specify messages and folders other than the current ones by using the +folder and msgs arguments. The current message is not changed by rmm, so a next will advance to the next message in the folder as expected. If you have defined a component rmmproc: in your file, then instead of simply renaming the message file, rmm will call the named program to delete the file. The rmm command removes messages by renaming the message files with a preceding comma. Many sites consider files that start with a comma to be a temporary backup, and arrange for cron(8) to remove such files once a day. PROFILE COMPONENTS
Path: To determine your Mail directory rmmproc: Program to delete the message FILES
The user profile. SEE ALSO
rmf(1) rmm(1)

Malware Advisories (RSS)

Bkdr_pcclient.yp

LEARN ABOUT OSF1

rmm