by OnuR
Written in Dev-C++, Source included
Released in October 2007
Server Dropped File: c:\WINDOWS\system32\services\svchost.exe Size: 33,172 bytes Added to Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" Data: 01, 00, 00, 00 HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" Data: 01, 00, 00, 00 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "Generic Host Process for Win32 Services" Tested on Windows XP October 29, 2007MegaSecurity