GregStar Trojan 2.0
(Not detected by KAV on July 18, 2005)

by gregstar

Written in Delphi

Released in July 2005

more versions 




Server:
dropped files:
c:\Program Files\Media Access\Sysini.ino    Size: 22 bytes 
c:\WINDOWS\shell.exe                        Size: 644,084 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinShell"
data: C:\Windows\shell.exe 





tested on Windows XP
July 08, 2005
MegaSecurity