by Fenrir
Original Filename: vr.exe
Written in Visual Basic
Made in Germany
dropped file: c:\WINDOWS\WinOldAp.exe size: 34.819 bytes port: 1337, 361 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "WinOldAp" data: c:\windows\WinOldAp.exe tested on Windows XPMegaSecurity