by ErCaN
Written in Delphi
Released in January 2005
Made in Turkey
Server: dropped files: c:\WINDOWS\system32\winserv.exe Size: 204,802 bytes c:\WINDOWS\system32\Com\con\winserv\winserv.exe Size: 204,802 bytes startup; HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "winserv" data: C:\WINDOWS\System32\winserv.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "winservu" data: c:\windows\system32\com\con\winserv\winserv.exe tested on Windows XP April 07, 2006MegaSecurity