|
|
by Splinter
Written in Visual Basic
Released in July 2004
|
|
|
Server: size: 49.292 bytes folders deleted: c:\Documents and Settings\All Users\Desktop c:\Program Files\Accessories c:\Program Files\Accessories\Imagevue c:\Program Files\Common Files\Adaptec Shared c:\Program Files\Common Files\Adaptec Shared\CDEngine c:\Program Files\Common Files\Adaptec Shared\CreatorAPI c:\Program Files\Common Files\AVP Shared Files\AVPBASES port: 781 TCP added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "blabla" data: c:\windows\system32\bomb.exe tested on win2000 on win98: dropped files: c:\WINDOWS\SYSTEM\bomb.exe size: 49.292 bytes c:\WINDOWS\SYSTEM32\bomb.exe size: 49.292 bytes folders deleted: c:\Program Files\Common Files\InstallShield c:\Program Files\Common Files\InstallShield\Driver c:\Program Files\Common Files\InstallShield\Driver\7 c:\Program Files\Common Files\InstallShield\Driver\7\Intel 32 c:\Program Files\Common Files\InstallShield\Driver\8 c:\Program Files\Common Files\InstallShield\Driver\8\Intel 32 c:\Program Files\Common Files\Microsoft Shared\MSINFO c:\Program Files\Common Files\Microsoft Shared\TEXTCONV c:\Program Files\Common Files\SERVICES c:\Program Files\Common Files\SYSTEM c:\Program Files\Common Files\SYSTEM\ADO c:\Program Files\Common Files\SYSTEM\MSADC c:\Program Files\Common Files\SYSTEM\ole db port: 781 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "blabla" data: c:\windows\system32\bomb.exe