Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Maximus backdoorVB6
5 views
Skip to first unread message
Nicholas Forystek
Feb 3, 2016, 7:27:40 PM2/3/16
to
Symantec Norton Antivirus and the latest Malware proection included caught
Vb6.EXE sending UDP packets on maybe port 51 or 81, it remove and cleaned
just fine but further issues found it coming in through the front end of
starting VB and runing to the WebControl in "Internet Controls"
(shdocvw.dll, possibly a different dll in IE8 upgraded ieframe.dll) included
in the project in order to be able to send these UDP packets so onl y
applications with the control in use might exhibit the behavior. I did not
find the upgrade to IE8 a resolve as it had ieframe.dll and the shdocvw.dll
backwards and showed version of ieframe.dll from Longhorn. A registry
change of ieframe returns the issue such that the project loads once again
on XP SP2 with out upgrades.
Vb6.EXE sending UDP packets on maybe port 51 or 81, it remove and cleaned
just fine but further issues found it coming in through the front end of
starting VB and runing to the WebControl in "Internet Controls"
(shdocvw.dll, possibly a different dll in IE8 upgraded ieframe.dll) included
in the project in order to be able to send these UDP packets so onl y
applications with the control in use might exhibit the behavior. I did not
find the upgrade to IE8 a resolve as it had ieframe.dll and the shdocvw.dll
backwards and showed version of ieframe.dll from Longhorn. A registry
change of ieframe returns the issue such that the project loads once again
on XP SP2 with out upgrades.
Nicholas Forystek
Feb 4, 2016, 7:13:03 PM2/4/16
to
Halt the entrance that passes each time a instance of VB is ran or command
line compiled by replacing with a valid original or SP Vb6.EXE, then find
the reference for "Microsoft Internet Controls" in the references window, if
the reference is to ieframe.dll\1 replace that very string "ieframe.dll\1"
in the registry with "shdocw.dll" where applicative by the "Microsoft
Internet Controls" typelib or ClassID pertaining to the root for the object
it exists. Likely, just replace them all, not certain. The project's
should be correct in load for the reference placement. Maybe a fact is if
ieframe.dll is "longhorn" in the file properties.
"Nicholas Forystek" <nfor...@sosouix.net> wrote in message
news:%Vwsy.658377$Vm2....@fx44.am4...
line compiled by replacing with a valid original or SP Vb6.EXE, then find
the reference for "Microsoft Internet Controls" in the references window, if
the reference is to ieframe.dll\1 replace that very string "ieframe.dll\1"
in the registry with "shdocw.dll" where applicative by the "Microsoft
Internet Controls" typelib or ClassID pertaining to the root for the object
it exists. Likely, just replace them all, not certain. The project's
should be correct in load for the reference placement. Maybe a fact is if
ieframe.dll is "longhorn" in the file properties.
"Nicholas Forystek" <nfor...@sosouix.net> wrote in message
news:%Vwsy.658377$Vm2....@fx44.am4...
Nicholas Forystek
Feb 4, 2016, 7:22:34 PM2/4/16
to
You know what I like about Norton, verses malware and smartfilter apply....
Umm show your work in apply. Instead of target and defry with out deploy to
the watchful eye... Maybe that's confidence in my amusement, folk stand over
in tunnel ware and jsut defeat all exe on my comptuer writen by me, 2 to
20..
Umm show your work in apply. Instead of target and defry with out deploy to
the watchful eye... Maybe that's confidence in my amusement, folk stand over
in tunnel ware and jsut defeat all exe on my comptuer writen by me, 2 to
20..
0 new messages