Multi Bot Pro
Released 21 years, 5 months ago. June 2003
Copyright © MegaSecurity
By ?
Informations
| Author | ? |
| Family | Multi Bot Pro |
| Category | Remote Access |
| Version | Multi Bot Pro |
| Released Date | Jun 2003, 21 years, 5 months ago. |
| Language | Visual Basic |
Additional Information
Server:
C:\WINDOWS\winlogon.exe
size: 40.447 bytes
port: 890 TCP
startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-BAFA-00BB00B6017B} "StubPath"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Windows Logon Application"
deleted:
all values in:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
file added:
c:\WINDOWS\SYSTEM\Kernel.bat
registry added:
1246 keys
from
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\_avp32
to
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\zonealarm
remark:
Multi bot pro does install "C:\WINDOWS\winlogon.exe" (Backdoor.DskLite.b) after showing an error message.
It does kill firewalls and anti-virus programs.If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.