by shesh
Written in Microsoft Visual C++
Released in February 2005
Made in China
Server: dropped files: c:\WINNT\ccPcCortr.dll Size: 24,576 bytes c:\WINNT\system32\Ps.exe Size: 16,070 bytes startup: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run "Ps" data: C:\WINNT\system32\Ps.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Ps" data: C:\WINNT\system32\Ps.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run "Ps" data: C:\WINNT\system32\Ps.exe HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Ps" data: C:\WINNT\system32\Ps.exe tested on Windows 2000 May 03, 2005MegaSecurity