by ?
Written in C
Made in Czech Republic
Backdoor.Gargamel.a: dropped file: c:\WINDOWS\SYSTEM\SYST32.EXE size: 25.422 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "System32" does pop up internet explorer launches silently windows ftp (ftp -v -i -s) and tries to connect to an IP in Czech RepublicMegaSecurity