RedShell is a light (15k) backdoor that is capable of spawning a shell on a remote computer, allowing a user the ability to connect (via Telnet, NC. etc) up to the remote computer, [port 1337], and execute any commands they wish. Installation: Put WINSYS32.EXE into the Windows/System32 folder of your victims computer and execute. Uninstallation: Kill the WINSYS32.EXE process, Delete WINSYS32.EXE from the Windows/System32 folder and to remove the service, start Regedit and delete: HKEY LOCAL MACHINESYSTEMCurrentControlSetServicesWINSYS32
Backdoor.Small.n