by ?
Original name unknown
Written in Delphi
Made in Russia
Backdoor.Win32.Delf.bm: dropped files: c:\WINDOWS\obnov.exe Size: 319 bytes c:\WINDOWS\SYSTEM\MPSEXE.EXE Size: 507.392 bytes port: 26666 TCP added to registry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Options" data: C:\WINDOWS\SYSTÅM\CLARIÎN.EXE HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "WindowsService" data: C:\WINDOWS\SYSTEM\MPSEXE.EXE HKEY_CLASSES_ROOT\.kil HKEY_CLASSES_ROOT\WinAmp tested on Windows 98 May 01, 2005MegaSecurity