GregStar Trojan 2.1
(Not detected by KAV on July 29, 2005)

by gregstar

Written in Delphi

Released in July 2005

more versions 




Server:
dropped files:
c:\WINDOWS\includesys.inx    Size: 22 bytes 
c:\WINDOWS\shell.exe         Size: 797,684 bytes 

startup:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinShell"
data: C:\Windows\shell.exe 




tested on Windows XP
July 18, 2005
MegaSecurity