by _1nf3ct0r_
Written in C, source included
Released in August 2006
Made in Russia
Server: dropped file: c:\WINDOWS\system32\Isass.exe size: 5,001 bytes port: 5745 TCP startup: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon "Userinit" old data: C:\WINDOWS\system32\userinit.exe, new data: C:\WINDOWS\System32\userinit.exe,C:\WINDOWS\System32\Isass.exe tested on Windows XP February 06, 2007MegaSecurity