by ?
Written in Delphi
dropped file: c:\WINDOWS\winsys24.exe size: 212,480 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "System Maintenance" data: "C:\WINDOWS\winsys24.exe" HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache "C:\WINDOWS\winsys24.exe" data: winsys24 attempts to connect to an IRC Server and join #sheepnet2_ tested on Windows XP May 13, 2005MegaSecurity