by ?
Written in Visual Basic
Made in the Netherlands
dropped files: c:\autoexec.exe size: 221.184 bytes c:\io.dll size: 66 bytes c:\WINDOWS\mss01.exe size: 221.184 bytes c:\WINDOWS\sprocks.bmp size: 66 bytes c:\WINDOWS\wrgf.exe size: 221.184 bytes c:\WINDOWS\system32\diskf.dll size: 66 bytes c:\WINDOWS\system32\log boot.exe size: 221.184 bytes c:\WINDOWS\system32\msgr.exe size: 221.184 bytes c:\WINDOWS\system32\reginf.ret size: 66 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "bootlogfile" data: C:\WINDOWS\System32\log boot.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "msmsg" data: C:\WINDOWS\wrgf.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "msmsgr" data: C:\Documents and Settings\Kobayashi\Desktop\Backdoor.VB.jw.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Norton antivirus scan" data: C:\WINDOWS\mss01.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "office decryptfiles" data: C:\WINDOWS\System32\msgr.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "start bat file" data: c:\autoexec.exe tested on Windows XP November 10, 2004MegaSecurity