by ?
Written in Microsoft Visual C++, compressed with UPX
Backdoor.Win32.Rbot.gen: dropped file: c:\WINDOWS\system32\win32snd.exe size: 89.600 bytes port: 113 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Win32 Sound Config" data: win32snd.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Win32 Sound Config" data: win32snd.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Win32 Sound Config" data: win32snd.exe modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole "EnableDCOM" old data: Y new data: N tested on Windows XP December 03, 2004MegaSecurity