by Gedzac Labs
Written in Visual Basic, compressed with UPX
Made in Mexico
dropped file: c:\WINDOWS\svshots.exe size: 17,920 bytes added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\GedzacLabs "Title" data: GedBot by GEDZAC LABS HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "svshots" data: C:\WINDOWS\svshots.exe tested on Windows XP April 01, 2005MegaSecurity