Green Light 1.1

Green Light 1.1
(not-a-virus:Monitor.Win32.VirKeyLog.10 for Client)
(Backdoor.Win32.Agent.zz for Server)
(Backdoor.Win32.Agent.fxq)

by ?

Released in July 2006

Made in China

more versions


Server:
dropped file:
c:\WINDOWS\svcehost.exe
size: 277,376 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "svcehostsys"
data: C:\WINDOWS\svcehost.exe 



tested on Windows XP
April 13, 2007

MegaSecurity