Using this Trojan, an intruder can remotely manage files, exchange and rename files, start programs, review running processes, scan a screen through a shell interface and deliver that systemÆs information to the user of the Trojan, conduct keyboard spying and key stroke logging, and reboot and shutdown systems. Authored by Danil, this Trojan has a simple GUI. The server application resides on the C:/Windowsystembsystem.exe. When the computer hosting the server has started, the KEY LOCAL MACHINESofwareMicrosoftWindowsCurrentVersionRun nbsession is created so that it runs when the Windows operating system is started.
backdoor.dtr.10.a.exebackdoor.dtr.14.b.exebackdoor.dtr.14.b[2].exebackdoor.dtr.14.c.exebackdoor.dtr.142.b.exebackdoor.dtr.144.d.exe