by ?
Written in Microsoft Visual C++, compressed with UPX
Backdoor.Rbot.15: dropped file: c:\WINDOWS\system32\scrgrd.exe size: 92.672 bytes port: 113 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Microsoft Restore" data: scrgrd.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft Restore" data: scrgrd.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Microsoft Restore" data: scrgrd.exe changed: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole "EnableDCOM" old data: Y new data: N monitors networks for interesting data packets (i.e. those containing passwords to FTP servers, and e-payment systems such as PayPal etc.) can be used for DDOS attacks tested on Windows XP November 28, 2004MegaSecurity