Pizdarije

[Guest sanjalica]

daj nehaj me strašit...sem brez nortona, brez požarega zidu....sem čisto "gola"...

grrrrrrrrrrrrr virusi usmilite se me......... ; dokler ne bom pri volji, da vse to najdem in inštaliram in usposobim.......... Pri meni to traaaaaaaaaaajaaaaa (kot pač vse )

[Volk K.L.]

Teli pr' Nortonu komplicirajo s temi ključi sto na uro. Mamicu jim kalaisavu.

[VEČNOST]

Kaj pa Panda?

[FLEGMA]

Tudi sam sem lastnik virusa. Javlja mi virus TROJANSKI KONJ. Kako bi vedel, kateri virus je to? Norton mi ga ne odstrani.

TROJANSKI KONJ NI VIRUS................TO JE LE SERVER..........KAR POMENI DA SE TVOJ RAČUNALNIK OBNAŠA KOT SERVER OZIROMA STREŽNIK DO TISTEGA KI IMA DRUGI DEL TEGA TROJANCA.....KAR POMENI DA SE LAHKO ČLOVEK PRIKLOPI NA TVOJ KOMPJUTER TAKOJ KO SI TI ON-LINE IN BRSKA PO NJEM KAKOR TI BRSKAŠ RECIMO PO LUNINEM NETU............TO U BISTVU NI NIČ STRAŠNEGA..........ODVISNO OD OSEBE NA DRUGI STRANI IN OD TEGA KAKE PODATKE IMAŠ NA KOMPJUTRU...........ZAVEDAJ SE DA IMA VPOGLED V VSE...........VSI TVOJI PASSWORDI........MAILI.....ŠTEVILKE BANČNIH RAČUNOV IN UPRAVLJANJE Z NJIMI (KORIŠČENJE TVOJEGA DENARJA!!!!!)NISO VEČ SKRIVNOST..........

SAJ PRAVIM JE PA TO USE ODVISNO OD ČLOVEKA NA DRUGI STRANI

PONAQVADI SO TO KAKI OSNOVNOŠOLCI

KI PAČ PROBAVAJO HEKERSKE PROGRAMČKE...............

 

 

PRIPOROČAM KOMBINACIJO VEČIH PROGRAMOV

KASPERSKY - ANTIVIRUS

THE CLEANER - TROJAN REMOWER

BLACK ICE - FIREWOLL/ APPLICATION PROTECTION

TZ SPYWARE ADWARE REMOWER

NOADWARE

 

ČE NE NAJDEŠ KAKIH KOD VEŠ KJE ME NAJDEŠ..........

 

JE PA TKO ČE SE KDO PROV SPRAV NATE............

 

HAHAHAHAHA .......UPOŠTEVAJ NAVODILO OD LUCIFERJA..........

 

FORMATIRAJ DISK..........ČE PA TEGA NEZNAŠ........MI LAHKO POŠLJEŠ SVOJ ..........IP...........PA TI GA BOM JAZ

[krokodil]

Zanimivo...in pri vsem tem znanju ne ves, kako se izklopi Caps-Lock tipka na tipkovnici...

[majica]

Lahko potem vprašam za Trojanca... tudi meni javlja ta trojanec...torej je to nekakšna bližnjica tretje osebe do tvojega PC in ima vanj enako velik vpogled, kot ti?

Ampak sem slišala, da je Trojanc virus... se da zaščititi pred njim z anti virusnim programom F-secure, ali ne?

[FLEGMA]

KROKO

 

 

MAJICA........TROJANC JE IZ DVEH DELOV........KOT .......SPREJEMNIK IN ODDAJNIK..........SPREJEMNIK JE PRI TEBI ODDAJNIK PA PRI NEKOM DRUGEM.............VIRUS PA KOT SAMO IME POVE SE ŠIRI SAM ..........NAJVEČKRAT PREKO MAILA..........LAHKO SE PRILEPI NA KAK FILE IZ RECIMO SISTEMA IN KO TI ANTI VIRUS NAJDE OKUŽBO GA ODSTRANI AMPAK S TEM ODSTRANI TUDI SISTEMSKI FILE IN ZATO TI KOMP ZAČNE BOLJ POČASI DELAT ALI PA TUDI NEHA...............NEKATERI SO NAPISANI TAKO DA KAR SAMI ZBRIŠEJO DOLOČENE FAJLE ............DRUGI PA TI JIH SAMI NAPIŠEJO VELIKO KOLIČINO TAKO DA TI KOMP ZAČNE FUL ŠTEKAT I USUVAT...............

 

 

VSI TI ANTI VIRUSI SO PRBLIŽN ISTI ŠIT

SAM DOBR JE DA JIH MAŠ VEČ

 

DA TI BO PA TO USE BL JASN PEJT NA PROGENIC.COM..........PA PREGLEJ GOR MAŠ USE ZA IN PROTI............PA TUT VELIK TEXTOV KAKO SE STVAREM STREŽE ..........POSKUS TUT SAMA MAL POHEKAT TKO SE NAJLAŽI NAUČIŠ KAKO SE TEGA OBRANT..........

[krokodil]

KROKO  

Meni se to ne zdi smesno..je bilo resno misljeno.

[FLEGMA]

KROKO  

Meni se to ne zdi smesno..je bilo resno misljeno.

KROKO ...............PREBER MOJ NICK

 

 

JEBE SE MEN KVA SE TEB ZDI

[FLEGMA]

MAL VEČ O TROJANCIH

 

 

 

 

|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-| |++++++++++|

|The Complete Trojans Text |--------|Written On|

|(Security Related) | | |

|by tHe MaNiAc | |3.04.2000 |

|contact me at: themaniac@blackcode.com |--------|++++++++++|

|maniac@forbidden.net-security.org |

|-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-|

 

This guide is for educational purposes only I do not take any responsibility about anything

happen after reading the guide. I'm only telling you how to do this not to do it. It's your decision.

If you want to put this text on your Site/FTP/Newsgroup or anything else you can do it but don't

change anything without the permission of the author.I'll be happy to see this text on other pages too.

 

All copyrights reserved.You may destribute this text as long as it's not changed.

 

<--=--=--=--=--=--=--=--=>

Author Notes:

 

I hope you like my texts and find them useful.

If you have any problem or some suggestion feel free to e-mail me but please don't send mails like

"I want to hack the US government please help me" or "Tell me how to blind a trojan into a .jpg"

"WHere can I get a portscanner" etc......

Be sure if I can help you with something I will do it.

I've started writing security related tutorials and I hope you like that.I'll try to cover

much more topics in my future texts and I want to thank to all of the people that like my

texts.

<--=--=--=--=--=--=--=--=>

 

Links:

------------------------------ \

Here you can find other texts \

written by me or other friends: \

http://www.blackcode.com /

blacksun.box.sk /

neworder.box.sk /

------------------------------

 

Table of Contents

<---------------------------------------\

| \

|-1.What Is This Text About? \

|-2.What Is A Trojan Horse \

|-3.Trojans Today \

|-4.The future of the trojans \

|-5.Anti-Virus Scanners \

|-6.How You Can Get Infected? \

|-----From ICQ \

|-----From IRC \

|-----From Attachment \

|-----From Physical Access \

|-----From Trick \

|-7.How Dangerous A Trojan Can Be? \

|-8.Different Kinds Of Trojans \

|-----Remote Access Trojans \

|-----Password Sending Trojans \

|-----Keyloggers \

|-----Destructive Trojans \

|-----FTP Trojans \

|-9.Who Can Infect You? \

|-10.What is the attacker looking for? \

|-11.How The Trojans Works \

|-12.The Most Common Trojan Ports |

|-13.How Can I Monitor My Comp for trojans without any scanner?|

|-14.Software To Help You Monitor Your Computer |

|-----Log Monitor /----------------------->

|-----PrcView /

|-----XNetStat /

|-----AtGuard \

|-----ConSeal PC FIREWALL \

|-----LockDown2000 /

|-----TDS /

|-15.Placing Backdoors In Programs /

|-16.Advices /

|-17.Final Words /

\_______________________________/

 

1.What is this text about?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=/

In this text I'm going to explain you interesting things about

the trojans and about their future.I hope you'll realize that

trojans are dangerous and they're still big security problem although

many people say don't download files from the net and you won't get

infected which is not right.The main thing I want to explain here is

do the trojans have future and other interesting things about them.

This text is only for Windows based trojans not Unix one.

=-=-=-=-=-=-=-=-=-=-=-=-=-=

 

2.What Is A Trojan Horse?

/=-=-=-=-=-=-=-=-=-=-=-=-=/

 

A trojan horse is

-An unauthorized program contained within a legitimate program. This unauthorized

program performs functions unknown (and probably unwanted) by the user.

 

-A legitimate program that has been altered by the placement of

unauthorized code within it; this code performs functions unknown

(and probably unwanted) by the user.

 

-Any program that appears to perform a desirable and necessary

function but that (because of unauthorized code

within it that is unknown to the user) performs functions unknown

(and probably unwanted) by the user.

 

Trojans can also be called RAT's, or Remote Administration Tools.

The trojan got it's name from the old mythical story about how the greeks during

the war, gave their enemy a huge wooden horse as a gift.

They accepted this gift and they brought into their kingdom,

and during the night, greek soldiers crept out of the horse and attacked the city,

completely overcoming it.

 

3.Trojans Today

/=-=-=-=-=-=-=-=/

Trojans has always been big security problem even today.Most of the people

don't know what a trojan is and they keep downloading files from untrusted

sources or from suspicious people.Today there are more than 600 trojans on

the net that I know but I think there are many many more.Because every hacker or

programer today have it's own trojan made for his/her special needs and not

published anywhere.Every hacking group has also it's own trojans and programs.

When someone start learning winsock the first creating is chat client or trojan

horse.Even the anti-virus scanners I'll talk below people still get infected

by themselves,by some hacker or by some of your friends.

----------------------->

 

4.The Future Of Trojans

=-=-=-=-=-=-=-=-=-=-=-=-=

I think there're a lot of people out there that think the

trojans are outdated and they don't have future.Well I don't

think so.Trojans will always have future and new things added in

them.There are so many things that can be improved by skilled programers

in the trojans.

Trojans that COMPLETELY hide in the system and of course restart every time Windows is loaded

trojans that will lie every trojan and anti-virus program this is the future I think.

People that program trojans has a lot of ideas that makes their trojans unique.

These people start placing backdoors in ActiveX and who knows maybe in future they'll

find other sources they can place the trojans in.Programmers will always think of

new and unique trojans with functions never seen before.

Trojans are made every day by the programers with new options and with better encryption so

the Anti-Trojan software can't detect them.So noone knows how many are the trojans on the net.

But the programmers are still programming trojans and they will continue in the future.

Technically, a trojan could appear almost anywhere, on any operating system or platform.

However, with the exception of the inside job mentioned previously, the spread of trojans works

very much like the spread of viruses. Software downloaded from the Internet, especially shareware or freeware,

is always suspect. Similarly, materials downloaded from underground servers

or Usenet newsgroups are also candidates.There are thousand of programs with not checked

source and new programs are appearing every day especially the freeware one so they can all be

trojans.So be careful what you're downloading and from where you're downloading it.

Always download software from the official page.

----------------------------->

 

5.Anti-Virus Scanners

/=-=-=-=-=-=-=-=-=-=-=-=/

People think that when they have a virus scanner with the latest virus definitions

they're secure on the net and they can't get infected with a trojan or noone can

have access to their computer.This is NOT right.The purpose of the anti-virus

scanners is to detect not trojans but viruses.But when trojans became popular

the scanners started adding also trojan definitions.These scanners just can't

find the trojans and analyze them that's why they're just detecting the common

and the well know from everyone trojans like Back Orifice and NetBus and also

several other.As I told they're around 600 trojans I know out there and the

anti-virus scanners are detecting just a LITTLE part of them.

These scanners are not firewalls that will stop someone that want to connect

to your computer or try to attack you as people think they are.So I hope that

you understand that the main purpose of these scanners is not to detect

trojans and protect you while you're online.

Most of the internet users know only Back Orifice and NetBus as trojans.

There are some specific tools out there that clean ONLY from these trojans.

Again people think that they're secure and protected from every trojan.

--------------------------->

 

6.How Can I get Infected?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=/

Everyone ask this question and often people ask themselves how they got

infected.Also when someone ask them did they run some file send to them

by someone or downloaded from somewhere people always say they didn't

run anything or download some file but they did it.People just don't

pay attention to things they do online and that's why they forget

about the moment of the infection with the trojan.

You can get infected from many places and I'll try to explain

you these things here.

 

6.1 From ICQ

6.2 From IRC

6.3 From Attachment

6.4 Physical Access

6.5 Tricks-diskette

 

6.1 From ICQ

 

People think that they can't infect while they're talking via ICQ

but they just forget the moment when someone sends them a file.

Everyone knows how insecure ICQ is and that's why some people

are afraid of using it.

 

As you maybe know there's a bug in ICQ allowing you to send a .exe

file to someone but it will look as .bmp or .jpg or whatever you want

it to look like.This is very dangerous as you see and can get you in

trouble.The attacker will just change the icon of the file like

a BMP image,tell you it's a pic of him,rename it to photo.bmp

then you'll get it and of course before getting it you'll see that

it's .bmp and you're secure because the file is not executable.

Then you run it see the picture and you think there's nothing to

worry about but there is.

 

That's why most of the people say that they didn't run any files

because they know that they've run an image not executable.

A way to prevent this bug in ICQ is always to check the type of

the file before running it.It may has an BMP icon but if at the type

of the file is written executable I thin you know that it will be

mistake if you run that file.

 

6.2 From IRC

 

You can also get infected from IRC by receiving files from

untrusted sources.But I advice you always to be paranoid

and do not receive files from ANYONE even from your best

friend because someone may stolen his/her password

and infect you.Some people think that they can be 100% sure

that the other person is their friend when they ask him/her

something like a secret or something else that only he/she know

but as I told you be paranoid because someone may infect your friend

and just check his/her IRC logs and see what is this secret about or

learn other things.Be paranoid it's more secure as I say and do not

receive files from anyone on IRC or from somewhere else like

e-mail,ICQ or even your online friends.

 

6.3 From Attachment

 

The same thing goes about the e-mail attachments.NEVER run anything

even if it says you'll see hot porno or some passwords for server or

anything else.The best way to infect someone with a trojan is mass

e-mailing the server because there're new people on the net and

they'll of course get infected.This is the best way of infecting

as I said that's why it's preferred by the people that want to infect

the masses.

 

6.4 Physical Access

 

You can of course get infected by some of your "friends" when they

have physical access to your computer.Let's suppose you leave

someone on your computer just for 5 minutes,then of course you can

get infected by one of your "friends".There are some very smart people

out there that keep thinking of new ways of getting physical access

to someone's computer.Here are some tricks that are interesting:

 

1.You "friend" may ask you "Hey bro can you give me some water"

or something that will leave him alone.You'll go to take some

water and then........You know

 

2.The attacker may have a plan.Let's say you invited him/her

at 12:00 at your home and that attacker told one of your

"friends" to call the victim at 12:15 and start talking

about something with the victim.The attacker again have time

to infect you.

Also the "friend" that is calling you may say something like

"Is there anyone around you,if so move somewhere

else I don't want anyone to hear what we are talking about"

The attacker is again alone and have time to infect you.

 

6.5 Trick

 

This is one trick that may work on people that really

want something and the attacker knows what is it.

Let's say that the victim wants to watch some porno

or want xxx passwords,then attacker can just leave

a diskette with the trojan in the front of the victim's

house and put the trojan with some xxx pics of course.

 

This is bad things because sometimes if you really want

something and you finally found it you don't think about

anything else except to check it you.You again get infected.

 

I hope now you understand how you got infected the last time

(if you got infected of course).

----------------------------------->

 

7.How dangerous a trojan can be?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

 

Many people that don't know what a trojan is

think that when they run an executable nothing

happened because their computer is still working

and all the data is there,if it was a virus

their data will be damaged and their computer will

stop working.

 

Someone is downloading and uploading files on your

computer.

Someone is reading all of your IRC logs and learning

interesting things about you and your friends.

Someone is reading ALL of your ICQ messages.

Someone is deleting files on your computer.

 

These are some examples how dangerous a trojan can be.

There people that use trojans just to place virus

on the infected machine like CIH and destroy the machine.

--------------------------->

 

8.Different Kinds Of Trojans

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Remote Access Trojans

-------------------------------

 

These trojans are the most popular trojans now.

Everyone wants to have such trojan because he

or she want to have access to their victim's hard drive.

The RAT'S (remote access trojans)are very

simple to use.Just make someone run the server

and you get the victim's IP and you have FULL

access to his or her computer.They you can

almost everything it depends of the trojan you use.

But the RAT'S have the common remote access trojan functions like:

keylogger,upload and download function,

make a screen shot and so on.Some people use the

trojans for malicious purposes.

They want just to delete and delete.This is lame.But a have a guide

about the best way to use a trojan.You should read it.

There are many programs out there

that detects the most common trojans,but new trojans are

coming every day and these programs are not the maximum defense.

The trojans do always the same things.

If the trojan restart every time Windows is loaded that

means it put something in the registry

or in win.ini or in other system file so the trojan can restart.

Also the trojans create some file in

the WINDOWS\SYSTEM directory.The file is always looking

to be something that the victim will think

is a normal WINDOWS executable.Most trojans hide

from the Alt+Ctrl+Del menu.This is not

good because there are people who use only this way to see

which process are running.There are programs

that will tell me you exactly the process and the

file from where it comes.Yeah but some trojans

as I told you use fake names and it's a little hard

for some people to understand which process

should they kill.The remote access trojans opens

a port on your computer letting everyone to connect.

Some trojans has options like change the port

and put a password so only the guy that infect you

will be able to use the computer.The change

port option is very good because I'm sure you

don't want your victim to see that port 31337 is open

on their computer.Remote access trojans are

appearing every day and they will continue to appear.

For those that use such trojans: BE CAREFUL

you can infect yourself and they the victim you

wanted to destroy will revenge and you'll be sorry.

---------------------------------------

Password Sending Trojans

 

The purpose of these trojans is to rip all cached

passwords and send them to specified e-mail

without letting the victim about the e-mail.

Most of these trojans don't restart every time Windows

is loaded and most of them use port 25 to

send the e-mail.There are such trojans that e-mail

other information too like ICQ number

computer info and so on.These trojans are dangerous if

you have any passwords cached anywhere on your computer.

----------------------------------------

Keyloggers

 

These trojans are very simple.The only one thing

they do is to log the keys that the victim is pressing

and then check for passwords in the log file.

In the most cases these trojans restart every

time Windows is loaded.They have options

like online and offline recording.In the online recording

they know that the victim is online and

they record everything.But in the offline recording

everything written after Windows start is

recorded and saved on the victims disk waiting for

to be transferred.

----------------------------------------

Destructive

 

The only one function of these trojans is to

destroy and delete files.This makes them very simple

and easy to use.They can automatically

delete all your .dll or .ini or .exe files on your computer.

These are very dangerous trojans and once

you're infected be sure if you don't disinfect your

computer information will no longer exist.

-----------------------------------------

FTP trojans

 

These trojans open port 21 on your computer

letting EVERYONE that has a FTP client to connect

to your computer without password and will full upload and download options.

 

 

These are the most common trojans.They all are dangerous

and you should me careful using them.

-------------------------------------->

 

9.Who Can Infect You?

/=-=-=-=-=-=-=-=-=-=-=/

 

Well basically you can get infected by everyone that know how

to use a trojan(it's VERY easy) and of course know how to infect you.

People that use trojans are wannabe hackers that are just at the stage

of using trojans.Some of these people don't move to the next stage

and they're lamers that can only use trojans and as I said it's VERY easy.

But after reading this text you'll know the most common ways that someone

can infect you with a trojan and it will be hard for the people using them

to infect you.

------------------------>

 

10.What Is The Attacker Looking For?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

 

Some of you may think that trojans are used for damage only.

Well they can also be used to spy on someone's machine and

take a lot of private information from it.Wellthe common data an attacker looks

for would include but not limit to the following.

 

-----> Credit Card Information

-----> Credit Information

-----> Checking Account Information

-----> Any accounting data

-----> Data bases

-----> Mailing Lists

-----> Personal Addresses

-----> Email Addresses

-----> Account Passwords

-----> Home Office / Small Business Information

-----> Company Accounts / Subscribed for Services

-----> Resumes

-----> Email

-----> Any Company Information / Services He Can Access

-----> Your or spouse's first and last name

-----> Children's names / ages

-----> Your address

-----> Your telephone number

-----> Letters you write to people

-----> Email

-----> Your personal resume

-----> Your family pictures

-----> School work

-----> Any school accounts / information

 

 

 

11.How The Trojans Works

/=-=-=-=-=-=-=-=-=-=-=-=/

 

Here I'll explain you how the trojans work.If you don't know some words

you can check the "Terms Used In The Text" section and read about them there.

When the victim runs the server it does functions like opening some specific port and listening

for connections.It can use TCP or UPD protocols.

When you connect with the victim IP the you can do what you want because the server let you do

the trojan functions on the infected computer.Some trojans restart every time Windows is loaded.

They modify win.ini or system.ini so the trojan can restart but most of the new trojans use the

registry so they can restart.

Trojans communicate like client and server.The victim runs the server,the attacker sends command

to the infected server with the client and the server is just following what the client "says" to it.

 

-------------------------->

 

12.The Most Common Trojan Ports

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

Here's a list of the most common trojan ports:

 

Satanz Backdoor|666

Silencer|1001

Shivka-Burka|1600

SpySender|1807

Shockrave|1981

WebEx|1001

Doly Trojan|1011

Psyber Stream Server|1170

Ultors Trojan|1234

VooDoo Doll|1245

FTP99CMP|1492

BackDoor|1999

Trojan Cow|2001

Ripper|2023

Bugs|2115

Deep Throat|2140

The Invasor|2140

Phineas Phucker|2801

Masters Paradise|30129

Portal of Doom|3700

WinCrash|4092

ICQTrojan|4590

Sockets de Troie|5000

Sockets de Troie 1.x|5001

Firehotcker|5321

Blade Runner|5400

Blade Runner 1.x|5401

Blade Runner 2.x|5402

Robo-Hack|5569

DeepThroat|6670

DeepThroat|6771

GateCrasher|6969

Priority|6969

Remote Grab|7000

NetMonitor|7300

NetMonitor 1.x|7301

NetMonitor 2.x|7306

NetMonitor 3.x|7307

NetMonitor 4.x|7308

ICKiller|7789

Portal of Doom|9872

Portal of Doom 1.x|9873

Portal of Doom 2.x|9874

Portal of Doom 3.x|9875

Portal of Doom 4.x|10067

Portal of Doom 5.x|10167

iNi-Killer|9989

Senna Spy|11000

Progenic trojan|11223

Hack?99 KeyLogger|12223

GabanBus|1245

NetBus|1245

Whack-a-mole|12361

Whack-a-mole 1.x|12362

Priority|16969

Millennium|20001

NetBus 2 Pro|20034

GirlFriend|21544

Prosiak|22222

Prosiak|33333

Evil FTP|23456

Ugly FTP|23456

Delta|26274

Back Orifice|31337

Back Orifice|31338

DeepBO|31338

NetSpy DK|31339

BOWhack|31666

BigGluck|34324

The Spy|40412

Masters Paradise|40421

Masters Paradise 1.x|40422

Masters Paradise 2.x|40423

Masters Paradise 3.x|40426

Sockets de Troie|50505

Fore|50766

Remote Windows Shutdown|53001

Telecommando|61466

Devil|65000

The tHing|6400

NetBus 1.x|12346

NetBus Pro 20034

SubSeven|1243

NetSphere|30100

Silencer |1001

Millenium |20000

Devil 1.03 |65000

NetMonitor| 7306

Streaming Audio Trojan| 1170

Socket23 |30303

Gatecrasher |6969

Telecommando | 61466

Gjamer |12076

IcqTrojen| 4950

Priotrity |16969

Vodoo | 1245

Wincrash | 5742

Wincrash2| 2583

Netspy |1033

ShockRave | 1981

Stealth Spy |555

Pass Ripper |2023

Attack FTP |666

GirlFriend | 21554

Fore, Schwindler| 50766

Tiny Telnet Server| 34324

Kuang |30999

Senna Spy Trojans| 11000

WhackJob | 23456

Phase0 | 555

BladeRunner | 5400

IcqTrojan | 4950

InIkiller | 9989

PortalOfDoom | 9872

ProgenicTrojan | 11223

Prosiak 0.47 | 22222

RemoteWindowsShutdown | 53001

RoboHack |5569

Silencer | 1001

Striker | 2565

TheSpy | 40412

TrojanCow | 2001

UglyFtp | 23456

WebEx |1001

Backdoor | 1999

Phineas | 2801

Psyber Streaming Server | 1509

Indoctrination | 6939

Hackers Paradise | 456

Doly Trojan | 1011

FTP99CMP | 1492

Shiva Burka | 1600

Remote Windows Shutdown | 53001

BigGluck, | 34324

NetSpy DK | 31339

Hack?99 KeyLogger | 12223

iNi-Killer | 9989

ICQKiller | 7789

Portal of Doom | 9875

Firehotcker | 5321

Master Paradise |40423

BO jammerkillahV | 121

--------------------------------->

 

13.How Can I Monitor My Computer Without Scanner?

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

 

Again the masses think that when they have some

trojan scanner or anti-virus one they're secure.

Well the best way you can check for trojans is to do

it by your own.You're not sure is the trojan scanner

working correctly so start checking it alone.

In this text I've included one list of software and

reviews of course that will help you check your system

for trojans.

 

Well you always need to check which ports are opened on

your system and if you see that one of the common trojan

ports is open you're probably infected.

*NOTE*

You can check that by typing "netstat"

in the MS-DOS prompt or use other software

that can do this for you

*NOTE*

Always pay attention to which files are running on your

computer and check for something suspicious in it like

it's name.Well I think you'll check files like

config.EXE,himem.exe or winlilo.exe or other funny one.

Just Hex Edit them and if you find something interesting

like "SchoolBus Server" kill the running file.

Make sure you're monitoring your registry and check

every new change in it.Also be sure you monitor

system.ini or win.ini because there're still

trojans that restart from there.

And as I told you always download software like

ICQ,MIRC or some other well known program from

the official page.

Following these simple rules will help you

prevent your computer from getting infected.

 

---------------------------------->

 

14.Software To Help You Monitor Your Computer

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=/

 

As I told you I've included one list of software

that will help you monitor your computer and help

you prevent trojan infections.

 

+++++++++++++++

----LogMonitor+

+++++++++++++++

 

Files and directories monitoring tool

=====================================

Version: 1.3.4

Home page: http://www.geocities.com/koenigvad/Eng/

Author: Vadim Dumbravanu, koenigvad@yahoo.com

 

Log Monitor is a files and directories monitoring tool. The program

periodically checks selected file's modification time and executes

external program if file's time was changed or not changed. For

directories it handles such events as files change, addition or

removal.

 

Works under Windows 95/98/NT.

 

It's free for personal and business use. See LICENSE.TXT for

copyright information.

 

This file contains following topics:

 

1. Purpose.

2. Usage.

3. Some features.

4. Installation.

5. Uninstallation.

 

1. PURPOSE

 

The program is intended for different administrators using

automated processes. From time to time these processes stop working

or can even terminate abnormally. Sometimes processes create or

update error log-files. Log Monitor can watch over such processes

via their log-files and warn administrators about problems.

 

Users can watch over common network folders and see what happens

within their directories.

 

2. USAGE

 

Most of automated processes track log-files, periodically updating

them. Accordingly, if such process will terminate abnormally,

log-files cease changing.

 

If the process did not update the log-file during selected

interval, Log Monitor runs an external program. It can be "net send

bla bla bla", or paging program, or process restart. Log Monitor

can run a program if the file was changed too, so you can check

error files for changes.

 

Log Monitor can also watch over directories and handle files

change, addition or removal events within directory tree.

 

Log Monitor can be used as a task scheduler. NT Scheduler Service

is uncomfortable if you need to run a task every hour for example.

Using Log Monitor you can add nonexisting file, then select

interval of 3600 seconds and the program. As long as the file does

not update, selected program will run every hour.

 

You can specify working time and days when program will be

launched.

 

3. SOME FEATURES

 

- Several files or directories can be monitored simultaneously,

each file has its own interval and is processing in a separate

thread.

 

- A list of monitoring processes stores in the configuration file.

 

- Minimizes to the System Tray (and restores from it).

 

- There is an ability to pause monitoring of selected files.

"Paused" state can be stored in the configuration file.

 

- Works on the schedule, can check files and directories only

during selected time interval and days of week or month.

 

- Many other really beautiful things.

 

++++++++++++

----PrcView+

++++++++++++

 

PrcView is a freeware process viewer utility that shows comprehensive

information about running processes. This information includes such

details as the creation time, version and full path for each DLL used

by a selected process, a list of all threads, memory blocks and heaps.

PrcVIew also allows you to kill and attach a debugger to a selected process.

PrcView runs on both Windows 95/98 and Windows NT platforms and includes

Windows and command-line version of the program.

This software is free and freely distributable on a non-commercial basis in the format

ORIGINALLY RELEASED (PrcView.zip) with the original Copyright clause.

The author expressly disclaims any warranty for this software. This software and

any related documentation is provided "as is" without warranty of any kind.

 

Distribution of the program or any work based on the program by a commercial

organization to any third party is permitted only with the written permission of the author

 

If you encounter a problem while running PrcView, please visit

http://www.teamcti.com to obtain the latest version. If you still have problems,

please send a short description to: IgorNys@writeme.com

 

----XNetStat

 

XNetStat is a program like the "netstat"

command in the MS-DOS promt.The programs

shows you all of the open ports of your computer

and all of the established connections.

Mail fresh@arez.com if you want it

or have questions about it.

 

++++++++++++

----AtGuard+

++++++++++++

 

AtGuard is a nice firewall with some cool

features.It can also show you which file

opened a connection from your computer

that is VERY useful if you want to detect

some trojans on your machine.

I currently lost the URL for that program

but try searching altavista.com

or packetstorm.securify.com

 

+++++++++++++++++++++++++

-----ConSeal PC FIREWALL+

+++++++++++++++++++++++++

 

This software will help you to secure your PC.

It has some major advantages over other PC-based firewalls.

It is available on Windows 95, Windows 98 and Windows NT

(3.51 & 4.0).

This is probably the best firewall for Windows machines

that will help you block trojans ports on your machine

and also against various D.O.S attacks.

 

+++++++++++++++++

----LockDown2000+

+++++++++++++++++

 

This is really good anti-trojan package that detects

a LOT of trojans and other tools and also acts as a firewall,

protect you against nuke and ICQ attacks.It also

block file sharing so you won't have problems with it.

It's updated regulary with many new trojan definitions.

A must have for those of you that want to be protected

against attacks and trojan infections.

 

You can get it at http://www.lockdown2000.com

 

++++++++++

----TDS-2+

++++++++++

 

Trojan Defence Suite is also one very good

anti trojan package with a lot of functions and

plugins in it.It also detects probably all of

the trojans out there and is regulary updated.

A must have for those of you that want to be protected

against attacks and trojan infections.

 

You can get it at http://www.tds.diamondcs.com.au

 

Using all of these tools of course with the anti-trojan

packages will result in one SECURE against trojans

Windows machine so go and get them.

 

15.Placing BackDoors In Programs

/=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-/

 

The people that infect with trojans are becoming smarter.

They started placing the trojans in some real programs that

everyone is using so they can infect the victim.

Most of the people know that when they run a trojan

nothing will happen or an error message will apear,but

when the trojan is "joined" with another program

the program will work normally without any error messages

and the victim will think that he/she is not infected.

That's not right.Programmers made such programs that

just "join" two or more executables in one so they

can place the trojan in some programs that everyone

know about.

Such well known programs with open source are

also very dangerous.Good programmer may modify

the source and make it like a trojan so let's

say you're using modified e-mail client.As well

all know the password sending trojans use port 25

to send the e-mail with the information.How about

if the attacker modified the e-mail client to send

your e-mail password to him/her.You'll of course

see(if you're monitoring)that port 25 is open but

probably you won't pay attention because you're sending

e-mails and that's why the port is open.

As I said people are becoming smarter and smarter.

--------------------------------->

 

16.Advices

/=-=-=-=-=-=/

 

Some advises from me to help you prevent

being infected by trojan or virus.

 

[1]-Never accept file even it is from some friend.

You're never sure who's on the other side of the computer.

[2]-When executing file first check it's type

someone may try to trick you into running it.

[3]-Always monitor your open ports and the running files

on your computer.

[4]-Download software ONLY from it's official page.

[5]-When playing with trojans you can also get infected

because the creators some time put the server in the client

so when you run the client you also get infected.This shows you

once again that trojans are dangerous and when you make mistake

you can lose sensitive information.

[6]-Become a paranoid it's more secure.People laugh at these people

that burn every paper they have,that keep all of their passwords

in their minds,that always use encryption,that don't ICQ or IRC because

they know how weak these protocols are BUT that's why these people never

get caught because they know how to protect themselves.

------------------------>

 

17.Final Words

/=-=-=-=-=-=-=-=/

 

That's it for now I'll update this text in future too.

Btw this was my biggest and well writer text for now and I really like it

also I hope it will help to those of you that want to know how to protect from

trojans and want to learn more about them.Once again this is a security related

tutorial as I told I've starting writing such texts from now.

Also check out my magazine at blackcode.com/bc-tech/magazine.php3

 

 

This guide is for educational purposes only I do not take any responsibility about anything

happen after reading the guide. I'm only telling you how to do this not to do it. It's your decision.

If you want to put this text on your Site/FTP/Newsgroup or anything else you can do it but don't

change anything without the permission of the author.I'll be happy to see this text on other pages too.

 

All copyrights reserved.You may destribute this text as long as it's not changed.

©TheManiac

 

 

 

UPAM DA JE ZDEJ BL JASN..........

[majica]

Ne...ker se mi ne da tega brat...jez dam sam 'delite'...upam, da je to dovolj...

[FLEGMA]

http://www.kaspersky.com/trials?chapter=14...nlink=149405045

 

 

 

TUKI MAŠ TRAIL .......POSKUSNI 15 DNEVNI ANTIVIRUS K JE PO MOJE NAJBOLŠI..............PA KLIKN NA ZADN LINK..........GOOD LUCK

[majica]

Bohve, kaj mi boš uturil... a nej ti verjamem?

[FLEGMA]

JA..........HEHEHE..........SEJ MAŠ F-SECURE.......NIMAŠ SE ČESA BAT

....SI BL VARNA K SEX S KONDOMOM

[majica]

JEBE SE MEN KVA SE TEB ZDI

se jebe in jebe se mu...

[FLEGMA]

pa kaj tak dolgi post, no

dai to na privat

TO JE ZA VSE ...........TUT ZATE

[El Nino]

JA..........HEHEHE..........SEJ MAŠ F-SECURE.......NIMAŠ SE ČESA BAT

....SI BL VARNA K SEX S KONDOMOM    

a ti meni praviš da je večja možnost da kaj staknem s kondomom kot brez hehe, to dobi človek če je krnaprej online, kaj stakne, noben program ne nuca... razen moj seveda,

[FLEGMA]

HAHAHA....EL NINO..........JA TKO TO JE ČE SI SKOS U AKCIJI PREJ KO SLEJKO...........KEJ STAKNEŠ..........PA TI NBEN KONDOM NE POMAGA.............RES JE

[FLEGMA]

S ČIM PA TI VARUJEŠ SVOJO ŠKATLO???

[El Nino]

slišal sem že za več kondomov ki so počili kot za tiste k so zdržali hehe, hecno če pomislim, koliko viusov zaustavi sistem, pol ga pa preklinjamo zarad enga k je šel mimo haha, 100% zaščita je da si offline, seveda to je zanič alternativa, vse ostalo pa boljš da si tough in znaš računalniško prvo tretjo in četro pomoč, da maš ene tri rezerve poznaš računalničarja, imaš količinski popust pri lokalni trgovini jasno kanček sreče, ala moj tibetanski varuh hiše nad računalnikom hehe

[Vojko]

slišal sem že za več kondomov ki so počili kot za tiste k so zdržali hehe, hecno če pomislim, koliko viusov zaustavi sistem, pol ga pa preklinjamo zarad enga k je šel mimo haha, 100% zaščita je da si offline, seveda to je zanič alternativa, vse ostalo pa boljš da si tough in znaš računalniško prvo tretjo in četro pomoč, da maš ene tri rezerve poznaš računalničarja, imaš količinski popust pri lokalni trgovini jasno kanček sreče, ala moj tibetanski varuh hiše nad računalnikom hehe

Živijo El Nino

 

Pa veš, da računalnik ni varen niti takrat, ko je izklopljen!

 

 

Napade ga črv, ki se imenuje "ZOB ČASA"

 

Lp, Vojko

[Volk K.L.]

Pa saj ne moreš več slediti novim virusom.

[Mateja]

Ej, Bu, a jih Norton in Stinger zaznata ...

[Guest sstane]

Ej, Bu, a jih Norton in Stinger zaznata    ...

Ne, samo Buda

[Mateja]

 

( sam ni čist res, me je dons brat klical, da naj prečekiram kako je kaj z virusi, ker mu ena pošta od mene baje uletava )