by A-D-M
Written in Visual Basic
Released in April 1999
Server: dropped files: c:\msdos.win Size: 0 bytes c:\sys.lon Size: 169,472 bytes c:\Memory manger\data.dll size: 169.472 bytes c:\Memory manger\data.z size: 17.408 bytes c:\Memory manger\mem.chk size: 607.744 bytes c:\Memory manger\mem.dll size: 24.576 bytes c:\Memory manger\memmange.exe size: 27.648 bytes c:\Memory manger\su.chk size: 1.417 bytes c:\Program Files\MStesk.exe size: 169.472 bytes c:\WINNT\dos.win size: 24.576 bytes c:\WINNT\winstart.bat size: 70 bytes c:\WINNT\system\serv-u.ini size: 1.417 bytes c:\WINNT\system\tesk.exe size: 169.472 bytes c:\WINNT\system\windll16.sys size: 607.744 bytes port: 1011 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ms tesk" data: c:\Program Files\MStesk.exe HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "load" data: c:\windows\system\tesk.exe tested on Windows 2000 November 12, 2004MegaSecurity