by unreachableboy
Released in December 2005
Made in Turkey
Server: dropped files: c:\WINDOWS\system32\directx32.exe Size: 448,506 bytes c:\WINDOWS\system32\dxdlg.dat Size: 2,927 bytes c:\WINDOWS\system32\dxdlg.dll Size: 96,256 bytes c:\WINDOWS\system32\ka_keyg.dat Size: 0 bytes deleted: c:\WINDOWS\system32\Restore\MachineGuid.txt added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "DirectX Plugin" data: C:\WINDOWS\System32\directx32.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore "DisableSR" old data: 00, 00, 00, 00 new data: 01, 00, 00, 00 HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sr "ImagePath" old data: System32\DRIVERS\sr.sys new data: \SystemRoot\System32\DRIVERS\sr.sys HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr "ImagePath" old data: System32\DRIVERS\sr.sys new data: \SystemRoot\System32\DRIVERS\sr.sys tested on Windows XP February 18, 2006MegaSecurity