by ?
Written in Delphi
Released in January 2007
Made in China
Server: dropped files: c:\WINDOWS\system32\dddrkn.dll Size: 37,888 bytes c:\WINDOWS\system32\dddrkn.exe Size: 31,943 bytes c:\WINDOWS\system32\severe.exe Size: 31,943 bytes c:\WINDOWS\system32\drivers\ahwxvj.com Size: 31,943 bytes c:\WINDOWS\system32\drivers\etc\hosts added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ahwxvj" data: C:\WINDOWS\System32\dddrkn.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" old data: Explorer.exe new data: Explorer.exe C:\WINDOWS\System32\severe.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services tested on Windows XP February 08, 2007MegaSecurity