by Yinsoft
Written in Delphi
Made in China
installer: size: 626.176 bytes port: 5800, 5900 TCP startup: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows "run" data: winsoho.exe installed files: c:\WINNT\winsoho.exe size: 211.968 bytes c:\WINNT\system32\omnithread_rt.dll size: 46.080 bytes c:\WINNT\system32\sohohooks.dll size: 12.800 bytes Install is visible. Possible misuse: winsoho.exe will run invisible on any system if you put the 3 installed files in the same directoryMegaSecurity