Backdoor.Win32.VB.ej
(Backdoor.Win32.VB.ej)

by ?

Original name Kernel32.exe

Written in Visual Basic

more in this category


Dropped file:
c:\WINNT\DirectX8.log size: 19 bytes

added to the registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "KERNEL32" 

tested on win2000

MegaSecurity