by ?
Written in Delphi, compressed with UPX
Released in September 2005
Made in China
Server: dropped files: c:\WINNT\Help\windnoenngts.hlp Size: 56,320 bytes c:\WINNT\system32\Internet.exe Size: 56,320 bytes added to registry: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDONGBOT HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\tdongbot HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TDONGBOT HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tdongbot tested on Windows 2000 October 07, 2005MegaSecurity