IE PS 1.5.8
(Not detected by KAV on April 28, 2006)

by pswin.pooya

Written in Visual Basic

Released in April 2006

Made in The Middle East

more versions





Server:
dropped files:
c:\WINDOWS\system32\regm.dat      Size: 0 bytes 
c:\WINDOWS\system32\regsvr.exe    Size: 33,792 bytes 


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "regsvr.exe"
data: C:\WINDOWS\System32\regsvr.exe sysdir 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "regsvr.exe"
data: C:\WINDOWS\System32\regsvr.exe sysdir 	

	

tested on Windows XP
April 28, 2006

MegaSecurity