TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
I have done some testings on my computer about the Spy.
I have found some additional DLL's , which are beeing used
"CuteFTP.exe". I have made a screenshot. That shot shows
the "invisible window" and all dependency DLL files on runtime.
What made me intrested was the usage of MPR.DLL by CuteFTP.
MPR.DLL is known (like from Back Orifice) to be the DLL
which has the function to "get" all DialUP accounts including passwords.
I have also done a sniffing test, in order to see what data came over the
ports
1975 and 1749. With no result. The only data that was transferred was the
bannerimage.
The screenshot can be found at www.doc2000.de/SPY.jpg
I have uploaded it to my server so it doesn't make too much traffic for
IISS-mailinglist.
regards
Lark Lizerman
