Hi Rsdogy,
This is the info on this executable:
File Behaviour
LOCALHOST.EXE has been seen to perform the following behavior:
* The Process is polymorphic and can change its structure
* Can Send email using SMTP protocols
* This Process sends MIME Email
* Creates a hidden window which can be used to run other programs without your knowledge
* This Process Contains User Mode Rootkit Functionality and can hide itself from the running process list
* Adds a Registry Key (RUN) to auto start Programs on system start up
* The Process is packed and/or encrypted using a software packing process
* This Process Deletes Other Processes From Disk
* The process hooks code into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents
* Can communicate with other computer systems using HTTP protocols
* Communicates with other computers using FTP connections
LOCALHOST.EXE has been the subject of the following behavior:
* Created as a new Background Service on the machine
* Created as a process on disk
* Executed as a Process
* The process is hooked into all running processes which could allow it to take control of the system or record keyboard input, mouse activity and screen contents
* Has code inserted into its Virtual Memory space by other programs
* Terminated as a Process
Country Of Origin
The filename LOCALHOST.EXE was first seen on Jan 9 2008 in the following geographical regions of the Prevx community:
* The EUROPEAN UNION on Jan 9 2008
* CANADA on Jul 8 2008
* SPAIN on Jul 17 2008
File Name Aliases
LOCALHOST.EXE can also use the following file names:
* 31669457.EXE
* 16007819.EXE
* DC622.EXE
Filesizes
The following file size has been seen:
* 15,356 bytes
* 320,512 bytes
* 7,958,528 bytes
* 5,609,984 bytes
Vendor, Product and Version Information
Files with the name LOCALHOST.EXE have been seen to have the following Vendor, Product and Version Information in the file header:
* LocalOff; ; 1.8.6.0
* Wizet; MapleStory; 1, 0, 0, 1
File Type
The filename LOCALHOST.EXE refers to many versions of an executable program.
Virus
So what you need an executable that is a virus for? Are you convinced it will help you run GAMEZ and other undesirables? Are you contemplating to back-engineer it into something useful?
You know that people that are into illegal GAMEZ, P2P-ing etc. are easily framed, and big content industry is not very friendly towards the users that are into it, and hinder them in various ways (fake codecs, intentional malware, etc.), best advice I can give you: “stay clear of it, then it cannot bite you”,
polonus