by Criminal2
Server compressed with FSG
Released in September 2004
Server: dropped / replaced files: c:\WINDOWS\system32\winlogon.exe (Backdoor.Win32.Agent.du) old size: 483,328 bytes new size: 486,257 bytes c:\WINDOWS\system32\dlyinf.exe size: 3,584 bytes c:\WINDOWS\notepad.ini (Backdoor.Win32.Agent.du) size: 486,256 bytes port: 5896 TCP restart: yes tested on Windows XP September 29, 2005MegaSecurity