Compressed with ASPack

Released in August 2003

Made in China

Server:
dropped files:
c:\Config.Msi\IytSQ.exe                size: 19.456 bytes 
c:\Config.Msi\nFwmlI.exe               size: 19.456 bytes 
c:\Config.Msi\wmlIyt.exe               size: 19.456 bytes 
c:\Documents and Settings\dObdsfpo.exe size: 19.456 bytes 
c:\Documents and Settings\erQSt.exe    size: 19.456 bytes 
c:\Documents and Settings\HaEqnF.exe   size: 19.456 bytes 
c:\Documents and Settings\mlIytS.exe   size: 19.456 bytes 
c:\Program Files\dObdsfpo.exe          size: 19.456 bytes 
c:\Program Files\EqnFwm.exe            size: 19.456 bytes 
c:\Program Files\fpocbvg.exe           size: 19.456 bytes 
c:\Program Files\gHaEqn.exe            size: 19.456 bytes 
c:\WINNT\aEqnFw.exe                    size: 19.456 bytes 
c:\WINNT\bdsfpoc.exe                   size: 19.456 bytes 
c:\WINNT\FwmlIy.exe                    size: 19.456 bytes 
c:\WINNT\wmlIyt.exe                    size: 19.456 bytes 
c:\WUTemp\bdsfpoc.exe                  size: 19.456 bytes 
c:\WUTemp\cbvgHaE.exe                  size: 19.456 bytes 
c:\WUTemp\dsfpocb.exe                  size: 19.456 bytes 
c:\WUTemp\tSQre.exe                    size: 19.456 bytes

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "explorer"

HKEY_CLASSES_ROOT\chm.file\shell\open\command "(Default)"

HKEY_CLASSES_ROOT\txtfile\shell\open\command "(Default)"