Re: Bonzovaci program - dlouhe

• Previous message: Spock: "Re: MS IntelliMouse"
• In reply to: Milos Vorel: "Bonzovaci program"
• Next in thread: Spock: "Re: Bonzovaci program - dlouhe"
• Reply: Spock: "Re: Bonzovaci program - dlouhe"
• Reply: Milos Vorel: "Re: Bonzovaci program"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Nehledas nahodou tohle, sem si jistej ze jo.... ;)

Speaking of remote access tools, here are some programs that can log
computer activity in stealth mode and one of them will even email the
log file to the address you specify. You can schedule the mailing once a
day and set the size of the log file so it won't get too big.  You will
have to get these programs installed on the computer you want to
monitor. They don't have any built in "stealth" installation process.

The logging process is very good. It not only shows keystrokes but lists
the name of the application that was running and the messages it
displayed on screen. The real beauty of these programs is that they have
been around a long time and NONE of the anti-viral programs that I ran
detected it, even with it running and capturing my activity. It seems
the anti-viral community has decided NOT to classify these programs as
trojans.

If you press crtl-alt-del you won't find them running (they hide like
Back Orifice and Netbus).  If you run Msconfig and check the programs
that load at Startup you will find the stealth mailing program is
loading a program named "wsarun.exe"  from \window\system directory.
It also places a program named "vcrond.vxd" and "kim.exe" in the same
folder.

I could not get any serial numbers or key code programs to register the
current version. The unregistered version displays a notice at bootup
that says: "a monitoring program is running." (That's probably why the
anti-viral community doesn't consider it a trojan.)  Once it's
registered that notice will not be displayed.

If you view the "HexOther"  screen cam tutorial I made it will help you
easily figure out how to hex edit that message to say something like:
"System Drivers Loaded"   (See the end of this newsletter for the link
to the tutorials.)  The tutorial on "Optimize" also shows how to find
these kinds of programs running and loading at startup that are hidden
from the ctrl-alt-del menu and the "remove programs" menu.

                 http://annaltd.webjump.com/index.html

Terry Blount, Crack Talk Newsletter


                                                      Dizzi

• Previous message: Spock: "Re: MS IntelliMouse"
• In reply to: Milos Vorel: "Bonzovaci program"
• Next in thread: Spock: "Re: Bonzovaci program - dlouhe"
• Reply: Spock: "Re: Bonzovaci program - dlouhe"
• Reply: Milos Vorel: "Re: Bonzovaci program"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 03. 09. 2001, 22:17 CEST