by shesh
Written in Microsoft Visual C++
Released in March 2005
Made in China
Server: dropped files: c:\WINNT\system32\server.asf Size: 28,672 bytes c:\WINNT\system32\server.exe Size: 17,923 bytes c:\WINNT\system32\server.wmv Size: 77,824 bytes added to registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule "ImagePath" old data: %SystemRoot%\system32\MSTask.exe new data: C:\WINNT\system32\server.exe HKEY_CURRENT_USER\Software\Microsoft\Multimedia\DrawDib HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\MediaResources\msvideo HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\MediaResources\msvideo tested on Windows 2000 May 25, 2005MegaSecurity