by Bros Team
Written in Visual Basic
Released in May 2004
Server: port: 7896, 7897 TCP dropped files: c:\WindowsDAT.exe size: 307.200 bytes c:\WINDOWS\WliveUPdate.exe size: 307.200 byte registry added: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Shell2938" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce "QuickTask" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "FTH2004" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MAT" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce "NortonAVProtect" HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce "Player00997MegaSecurity