Nehledas nahodou tohle, sem si jistej ze jo.... ;) Speaking of remote access tools, here are some programs that can log computer activity in stealth mode and one of them will even email the log file to the address you specify. You can schedule the mailing once a day and set the size of the log file so it won't get too big. You will have to get these programs installed on the computer you want to monitor. They don't have any built in "stealth" installation process. The logging process is very good. It not only shows keystrokes but lists the name of the application that was running and the messages it displayed on screen. The real beauty of these programs is that they have been around a long time and NONE of the anti-viral programs that I ran detected it, even with it running and capturing my activity. It seems the anti-viral community has decided NOT to classify these programs as trojans. If you press crtl-alt-del you won't find them running (they hide like Back Orifice and Netbus). If you run Msconfig and check the programs that load at Startup you will find the stealth mailing program is loading a program named "wsarun.exe" from \window\system directory. It also places a program named "vcrond.vxd" and "kim.exe" in the same folder. I could not get any serial numbers or key code programs to register the current version. The unregistered version displays a notice at bootup that says: "a monitoring program is running." (That's probably why the anti-viral community doesn't consider it a trojan.) Once it's registered that notice will not be displayed. If you view the "HexOther" screen cam tutorial I made it will help you easily figure out how to hex edit that message to say something like: "System Drivers Loaded" (See the end of this newsletter for the link to the tutorials.) The tutorial on "Optimize" also shows how to find these kinds of programs running and loading at startup that are hidden from the ctrl-alt-del menu and the "remove programs" menu. http://annaltd.webjump.com/index.html Terry Blount, Crack Talk Newsletter Dizzi
This archive was generated by hypermail 2.1.2 : 03. 09. 2001, 22:17 CEST