by _Q_
Written in C
Released in May 2007
Server: dropped files: c:\Documents and Settings\%user%\Update32.exe Size: 32,098 bytes c:\Documents and Settings\%user%\Application Data\windrv.exe Size: 32,098 bytes added to registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "System" data: \Documents and Settings\%user%\Update32.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "Wmvd" data: C:\Documents and Settings\%user%\Application Data\windrv.ex tested on Windows XP July 08, 2007MegaSecurity