by ?
MSN toolz trojan V. 1
Written in Visual Basic
Made in The Netherlands
added to registry:
HKEY_CURRENT_USER\Software\Microsoft\RTC
HKEY_CURRENT_CONFIG\System\CurrentControlSet\Enum\ISAPNP\TBA03B0\FFFFFFFF\DirectSoundCapture
HKEY_CLASSES_ROOT\CLSID\{248DD896-BB45-11CF-9ABC-0080C7E7B78D}
HKEY_CLASSES_ROOT\Interface\{248DD892-BB45-11CF-9ABC-0080C7E7B78D}
HKEY_CLASSES_ROOT\TypeLib\{248DD890-BB45-11CF-9ABC-0080C7E7B78D}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService\Add-Ins
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MessengerService\Policies
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\DirectSoundCapture
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\DirectSoundCapture
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MSMSGS"
data: "C:\Program Files\Messenger\msmsgs.exe" /background
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Rundll"
tested on Windows 98
September 22, 2005
MegaSecurity