Backdoor.Win32.VB.n
(Backdoor.Win32.VB.n)

by Pele

Original Filename: dialUP.exe

Written in Visual Basic

Made in Chili

more in this category


dropped files:
c:\WINDOWS\SYSTEM\ccvb32.dll   size: 65.024 bytes 
c:\WINDOWS\SYSTEM\msvb65.dll   size: 137.728 bytes

startup:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "WinDial"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "DialUp" 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices "Dial99"

registry added:
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Control\PlayBar 
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\General 


MegaSecurity