fake error message
by ?
Written in Delphi, compressed with ASPack
Made in Hungary
Backdoor.Win32.Feri.b: dropped file: c:\WINDOWS\vbrun.exe size: 158.208 bytes port: 1978 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Visual Basic Runtime Library" data: C:\WINDOWS\vbrun.exe following url can be found in the binary: http://thedeadcowhu.tripod.com/deadcow.bin tested on Windows 98 March 27, 2005MegaSecurity