by Red Move
Written in Visual Basic
Released in February 2005
Made in Iran
Server: dropped file: c:\WINDOWS\system32\Mcsng.exe size: 15,935 bytes startup: HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" old data: "%1" %* new data: Mcsng.exe opext "%1" %* tested on Windows XP July 28, 2006MegaSecurity