from the doc: d0ped Trojan is a
client/server thing, running under any Windows9x
or XP. The zip-file containing this textfile, also
includes a setup file. Install the packets, then
walk through the Start/Program menu. You'll find a
new menue called "Telhack Inc", whereunder you'll
find the Client app. The server application is
simply named "d0ped.exe" as default. As far as i
know, CTRL-ALT-DEL (which - ofcourse - your'e able
to disable:) list will display the EXE-name of the
file as a running process. You might see this
"trojan" as a later version of the "Rths"-trojan?
Well HECK it's not! This one is not to be
controlled by any terminal session, it has its own
client application. The d0ped Trojan also contain
a lots of (new) amusing functions, for
example: * Snoop on users Internet Explorer
navigation * Edit filesystem * Process and
hardware status * Constant
change-of-system-wide-parameters status * Hide
mousecursor * Very nice black textscreen
function * A silly "Please Enter passwords:"
function * Automatic search for Internet
login/password * Desktop management * "Use
'Em": use the server to initiate a third session.
(Use the target as a secound terminal). * Or
initiate a hidden pingflood against.. anything.
* Desktop Management * Port- and Password
Settings * A cute "incomming data"-textbox -
Default port is: 1661 - There is no password
set as default. Zeromatic
Alias:
Backdoor Program [Panda]
Backdoor.Dopedoor.10
Backdoor.Dopedoor.10
[Kaspersky]
Backdoor/Dopedoor.1_0 [Computer
Associates]
d0ped
Generic BackDoor.b [McAfee]
security risk or a "backdoor" program [F-Prot]
SennaSpy2001 [McAfee]
Win32.Doped.10 [Computer
Associates]
Win32/Doped.10!Trojan [Computer
Associates]
