Released in December 2001

added:
HKEY_CLASSES_ROOT\htafile "NeverShowExt" 
HKEY_CLASSES_ROOT\htafile\DefaultIcon "(Default)" 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodial" 


added files:
c:\WINDOWS\$.tmp 
c:\WINDOWS\COMMAND.PIF 
c:\WINDOWS\update.bat 
c:\WINDOWS\Wininit.ini 

remark:
By visiting a prepared webpage a VBScript is executed.
This script does add values to the registry and does create and execute a bat file.
This bat file does start ftp.exe with the commands -v -i -n -s:%windir%\$.tmp.
$.temp contains the commands to  download  a file named 1.exe from ip 213.97.168.232 and execute it.