by Carl-Fredrik Neikter
modified by DeadSector
Written in Delphi
Released in June 2000
Modified Netbus with ports 650 and 651 (instead of 12345 and 123456) and different named keylogger. Server: dropped file: c:\WINDOWS\MPOWER.EXE size: 494.592 bytes port: 650, 651 TCP startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "MPOWER" added: c:\WINDOWS\mpowerk.dllMegaSecurity