by System33r
aka Windows Uptime
Written in Visual Basic
Released in October 2003
Server: startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Microsoft Wininit (winlogon32)" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Windows Script Host" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Microsoft Wininit (winlogon32)" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Windows Script Host" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" added: c:\WINNT\system32\system33r.dll size: 12.288 bytes c:\WINNT\system32\winhost32.exe size: 8.064 bytes c:\WINNT\system32\winlogon32.exe size: 21.536 bytes tested on win2000MegaSecurity