by Radon
Written in Visual Basic
Released in August 2007
Server Dropped File: c:\WINDOWS\system32\netcmd.exe Size: 25,021 bytes Startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" Old data: Explorer.exe New data: explorer.exe netcmd.exe Tested on Windows XP January 20, 2008MegaSecurity