LeenTech Millenium (1.0)
Server name: LeenTech Millenium 1.0
Version: 1.0
Different versions: NA
Tested: Yes, on Windows 95 and Windows NT
Server size: 47K
Server files: modem.exe
Server icon:

Infects: Windows 95/98/ME/NT/2000
Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\
Key: ModemTCP, Win.ini: run=c:\windows\system\modem.exe under [windows] 
Default port: 2000 TCP
Can port be changed: No

Server Features


 
Comments 
LeenTech modified the Millenium 1.0 trojan by changing it's registry entry and encrypting the server exe. It's interesting to note that the time Millenium was released it was able to do something SubSeven took 20+ times to do, this was the ability to infect Windows NT. Also keep in mind this was in 1998.

How To Remove 
Quick fix: no quick fix programs
Manual removal:

  1. Remove the ModemTCP key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run  Which can be done with regedit or any other registry editing program. Also remove the run=c:\windows\system\modem.exe under [windows] in the win.ini. Which can be done with any text editing program. 
  2. Reboot the computer or close modem.exe 
  3. Delete the trojan file modem.exe in the windows system directory. 

 
Related 
Article: General removal info
Section: Test your knowledge, take our Trojan Quiz
Service: Trojan removal
Service: Tell a friend about this trojan
Service: Print this page
 
 
Copyright © 2000 and 2001, Dark Eclipse Software. All rights reserved. 
This page may not be redistributed or reproduced in any manner without specific written permission from Dark Eclipse Software. If permission to use this page is desired then contact Dark Eclipse Software. While we consider the content of this page to be accurate, we cannot guarantee either the accuracy or the appropriateness of any portion of the page, including our analysis and manual removal. 
Any actions taken by a reader in response to this or any other Dark Eclipse Software page are completely and solely their responsibility.