by ?
Original name unknown
Written in Visual Basic
Backdoor.Win32.VB.iu: dropped file: c:\WINDOWS\system32\MANINHO .EXE size: 131,072 bytes startup: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run "Beoz" data: C:\WINDOWS\SYSTEM32\MANINHO .EXE HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run "Beoz" data: C:\WINDOWS\SYSTEM32\MANINHO .EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Dxdexd" data: C:\WINDOWS\SYSTEM32\MANINHO .EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Edyqlvx" data: C:\WINDOWS\SYSTEM32\MANINHO .EXE HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\Gycxatbdx tested on Windows XP September 03, 2005MegaSecurity