by ?
Original name unknown
Written in Delphi
Backdoor.Win32.Delf.ew: size: 114.176 bytes port: 1456 TCP dropped files: c:\WINDOWS\MS SPOOL32.dat size: 1.604 bytes c:\WINDOWS\ms spool32.exe size: 114.176 bytes c:\WINDOWS\MS SPOOL32k.dat size: 0 bytes startup: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run "Ms Spool32" data: C:\WINDOWS\MS SPOOL32.EXE registry added: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "EnableAutodial" HKEY_LOCAL_MACHINE\Software\EYWMegaSecurity