by Retina-X Studios
Released in November 2007
Server Dropped Files: c:\Documents and Settings\All Users\Application Data\registry\rec12232007163702719.log c:\Documents and Settings\All Users\Application Data\registry\regsvc32.exe Size: 176,128 bytes c:\Documents and Settings\All Users\Application Data\registry\regsvc32.ini Size: 188 bytes c:\Documents and Settings\All Users\Application Data\registry\scr12232007163707.jpg Size: 34,535 bytes c:\Documents and Settings\All Users\Application Data\registry\snhost.exe Size: 45,056 bytes c:\Documents and Settings\All Users\Application Data\registry\syslog.txt Added to Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "sysclean" Data: C:\Documents and Settings\All Users\Application Data\registry\regsvc32.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "sysclean" Data: C:\Documents and Settings\All Users\Application Data\registry\regsvc32.exe Tested on Windows XP December 23, 2007MegaSecurity