by ?
Released in April 2007
Made in China
Server: dropped files: c:\Documents and Settings\%user%\Local Settings\Temp\E_4\HideProc.dll size: 28,672 bytes c:\Documents and Settings\%user%\Local Settings\Temp\E_4\rhmisc.dll size: 57,344 bytes c:\WINDOWS\��.exe size: 809,241 bytes c:\WINDOWS\smss.exe size: 809,241 bytes startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Userinit" old data: C:\WINDOWS\system32\userinit.exe, new data: C:\WINDOWS\system32\userinit.exe,��, tested on Windows XP April 06, 2007MegaSecurity