FAKEdOs
(Not detected by KAV on May 19, 2007)

by GerArD

Written in Visual Basic

Released in August 2004

more versions 


Server:
dropped file:
c:\WINNT\system32\fdos.exe

size: 188.476 bytes
 
port: 60000 TCP (changeable)

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "fakedos"
data: C:\WINNT\system32\fdos.exe
MegaSecurity