by ?
Compressed with UPX
dropped files: c:\WINDOWS\WININIT.INI size: 45 bytes value: [rename] NUL=C:\WINDOWS\TEMP\KHLXQUG.DLL c:\WINDOWS\SYSTEM\khlxqug.dll size: 131.072 bytes (Backdoor.Afcore.ab) c:\WINDOWS\TEMP\khlxqug.dll size: 131.072 bytes (Backdoor.Afcore.ab) added to registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "khlxqug" data: rundll32 C:\WINDOWS\SYSTEM\khlxqug.dll,Init 1 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce "*khlxqug" data: rundll32 C:\WINDOWS\SYSTEM\khlxqug.dll,Init 1 tested on Windows 98 December 29, 2004MegaSecurity