JES 1.6
(Backdoor.Jes.16)

by ?

Compressed with PKLite


Server:
size: 256.482 bytes

dropped files:
c:\WINDOWS\dyski.dat             size: 12 bytes 
c:\WINDOWS\COMMAND\RUN32DLL.BAT  size: 256.482 bytes 
c:\WINDOWS\SYSTEM\WININI.EXE     size: 256.482 bytes 

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Run32DLL" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Winini" 

MegaSecurity