VisualShock Keylogger 3.0 build 5

VisualShock Keylogger 3.0 build 5
(Trojan-Spy.Win32.KeyLogger.mf)
(Backdoor.Win32.Pahador.t for Server)

by d3vil

Written in Delphi

Released in September 2006

Made in Poland


Server:
dropped file:
C:\RECYCLER\services.exe 
size: 798,337 bytes

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell"
old data: Explorer.exe 
new data: explorer.exe C:\RECYCLER\services.exe 


tested on Windows XP
September 16, 2006

MegaSecurity