by DaRaTTy
Written in Visual C++
Server: dropped files: c:\WINDOWS\sndctl32.cfg size: 0 bytes c:\WINDOWS\sndctl32.exe size: 16.384 bytes port: 3627 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "SndCtrl" data: C:\WINDOWS\sndctl32.exe c:\windows\system.ini, [boot] "shell" old value: Explorer.exe new value: explorer.exe sndctl32.exe tested on Windows 98 November 29, 2004MegaSecurity