by i11C0re
Written in Visual Basic
Released in March 2006
Made in Iran
Server Dropped Filea: c:\WINDOWS\system\shell32.dll Size: 3 bytes c:\WINDOWS\system\svchost.exe Size: 49,664 bytes Startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" Old data: Explorer.exe New data: Explorer.exe C:\WINDOWS\system\svchost.exe Tested on Windows XP January 20, 2008MegaSecurity