by ColdLife
This is an Internet Relay Chat BOT/DDoS tool
Released in april 2002
patch.exe: c:\WINDOWS\litmus\winhelper.exe size: 20.512 bytes port: 113 TCP keys added: startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "LTM2" Systray.exe: size: 598.016 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "ColdLife - icmp" HKEY_CLASSES_ROOT\irc\Shell\open\command "(Default)" added: HKEY_CURRENT_USER\Software\mIRC HKEY_CURRENT_USER\Software\mIRC\DateUsed HKEY_CLASSES_ROOT\.cha HKEY_CLASSES_ROOT\.chat HKEY_CLASSES_ROOT\ChatFile HKEY_CLASSES_ROOT\ChatFile\DefaultIcon HKEY_CLASSES_ROOT\ChatFile\Shell HKEY_CLASSES_ROOT\ChatFile\Shell\open HKEY_CLASSES_ROOT\ChatFile\Shell\open\command HKEY_CLASSES_ROOT\ChatFile\Shell\open\ddeexec HKEY_CLASSES_ROOT\ChatFile\Shell\open\ddeexec\Application HKEY_CLASSES_ROOT\ChatFile\Shell\open\ddeexec\ifexec HKEY_CLASSES_ROOT\ChatFile\Shell\open\ddeexec\Topic HKEY_CLASSES_ROOT\irc HKEY_CLASSES_ROOT\irc\DefaultIcon HKEY_CLASSES_ROOT\irc\Shell HKEY_CLASSES_ROOT\irc\Shell\open HKEY_CLASSES_ROOT\irc\Shell\open\command HKEY_CLASSES_ROOT\irc\Shell\open\ddeexec HKEY_CLASSES_ROOT\irc\Shell\open\ddeexec\Application HKEY_CLASSES_ROOT\irc\Shell\open\ddeexec\ifexec HKEY_CLASSES_ROOT\irc\Shell\open\ddeexec\TopicMegaSecurity