by ?
Written in Delphi
Made in Turkey
Released in July 2008
Server Dropped Files: c:\WINDOWS\smss.exe Size: 275,637 bytes c:\WINDOWS\system32\rlog.dll Size: 15,360 bytes c:\WINDOWS\system32\Zreload.scr Size: 8,192 bytes Changes to Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication "Name" Old data: iexplore.exe New data: IEXPLORE.EXE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore "DisableSR" Old data: 00, 00, 00, 00 New data: 01, 00, 00, 00 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" Old data: Explorer.exe New data: explorer.exe ZReload.scr Tested on Windows XP July 08, 2008MegaSecurity