by L_Killer
Written in Delphi
Made in Poland
Server: dropped file: c:\WINDOWS\system32\D_instal size: 25 bytes port: 9697, 6969 TCP added to registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices "Danton3" data: C:\WINDOWS\System32\Backdoor.Danton.30.EXE /lama tested on Windows XP November 21, 2004MegaSecurity