by RaRaRa
Written in Microsoft Visual C++
Made in Japan
server: dropped file: c:\WINDOWS\system32\Win32.dII size: 39,937 bytes port: 45645 TCP added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "RUN" data: none Win32.dII HKEY_CLASSES_ROOT\.dII HKEY_CLASSES_ROOT\dIIfile HKEY_CLASSES_ROOT\dIIfile\DefaultIcon HKEY_CLASSES_ROOT\dIIfile\Shell HKEY_CLASSES_ROOT\dIIfile\Shell\open HKEY_CLASSES_ROOT\dIIfile\Shell\open\command tested on Windows XP February 01, 2005MegaSecurity