by ?
Written in Visual Basic
Released in June 2008
Made in Turkey
Server Dropped Files: c:\WINDOWS\system32\scvhost.exe Size: 118,784 bytes c:\WINDOWS\system32\u1268.dl1 Size: 88 bytes c:\WINDOWS\system32\drivers\scvhost.sys Size: 192 bytes Added to Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" Data: 02, 00, 00, 00 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" Data: 01, 00, 00, 00 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "MicrosoftSvcHost" Data: C:\WINDOWS\system32\scvhost.exe Tested on Windows XP June 25, 2008MegaSecurity