by Niklaus
Written in Delphi
Released in October 2005
Made in Turkey
Server: dropped files: c:\WINDOWS\hook.dll Size: 9,728 bytes c:\WINDOWS\svchost.exe Size: 19,901 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MSIService" data: C:\WINDOWS\svchost.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "MSIService" data: C:\WINDOWS\svchost.exe tested on Windows XP January 10, 2006MegaSecurity