by PA HAC
Written in Delphi
Released in July 2004
Made in Poland
Server: dropped file: c:\WINDOWS\mks.exe size: 561.664 bytes port: 1906, 1986, 1910, 8610, 861, 8618, 9717, 869, 1907, 1718, 1010, 1011, 69, 71 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "LoadPowerProfile" old data: Rundll32.exe powrprof.dll,LoadCurrentPwrScheme new data: C:\windows\mks.exeMegaSecurity