Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > network management > Content
Hot Articles
The share network manage
NUUO Surveillance Softwa
Can Inforenz crack the c
NUUO helps prevent accid
North Somerset Council p
Aladdin's HASP Secures C
BT4 Internet Settings sk
The discovery discovers
The share network manage
Pubwin2007 explains all
The computer password ex
Batch open 3389 port pro
VoIP security crack anal
OpenSSH Buffer Managemen
SQL pours into the new t
Recommend Articles
The expert analyzes ten
Safeguard system clean n
Graphic solution IE8 man
SQL pours into the new t
Why can't hundreds of th
Prevents the hacker to i
Teaches you to close the
The share network manage
Chats in local area netw
About the network connec
Let the network transmis
Explains in detail virtu
To hoodlum software and
Careful system initiatio
The common wooden horse
New Articles
The GHOST of Win7 before
Windows 7 of VMware wire
Examples of skills again
360 security experts war
Give oneself of the Inte
Ensure the Web applicati
Banned WVS scanner scann
By 2010, the introductio
Website backlinks going
Win7 desktop screen
Protection were cloud se
Ensure the effective DNS
Talk about ADSL safety p
Expose a seo's attack mo
Linux (RHEL5) regular se
Teaches you manual to eliminate the PcShare wooden horse (chart)
  Add date: 12/11/2008   Publishing date: 12/11/2008   Hits: 5
Total 2 pages, Current page:1, Jump to page:
 
The PcShare wooden horse is a section of formidable remote control software, it has the domestic origination actuation hideaway port technology, might be known as is the system perfect essence back door. Even if in intrepid kills the poisonous software, sometimes could hoodwink by it the eye, the following author has put out two pictures to do for the ironclad proof (Figure 01) (Figure 02).

Figure 01 the auspicious star looks up kills the result

Figure 02 Caba Siji looks up kills the contact surface
  The author in has not made any processing to its wooden horse in the situation, it may escape kills the poisonous software Zha Sha, obviously its wooden horse's confidentiality is very strong. How as for to eliminate, we already saw from above, the light depending on kills softly is definitely incorrect, therefore here we eliminate on the union manual method its wooden horse.
Using Find.exe tool search wooden horse
  In order to eliminate wooden horse's authenticity, author in own this aircraft, moved its wooden horse's service end document, such wooden horse will be succeeded loads to the system, thus has controlled the entire computer. How then do we eliminate its load the wooden horse? Here single-clicks “the start” in turn -> “the movement” the dialog box, in springs “the movement” in the dialog box, the input “CMD” the order carriage return, may the dialog box open “the order prompt”, or system's in CMD document, the duplication glues under some table of contents, and double-clicks this CMD execution document, may also achieve springs “the order prompt” the dialog box goal (Figure 03).

Figure 03 opens the CMD order prompt dialog box
  Then skips the table of contents to the Find.exe tool table of contents place, then in the cursor twinkle's position, inputs Find - the f order carriage return, this time then may search way C:\program Files\dzgmhncg.sys which the wooden horse hides, as well as wooden horse service name “1 hidden service” (Figure 04).

Figure 04 searches the wooden horse using the Find tool to hide the way
  Since had known the wooden horse way as well as its service name, we are forbid first its wooden horse service, lets its stop in system's movement, here continues in “the cursor twinkle” the command line place, the input “Find - cd dzgmhncg.sys” the order carriage return, then may serve it is forbid successfully (Figure 05).

Figure 05 the success is forbid the wooden horse service
  Then examined that this service present's attribute, in its following cursor twinkle place, the input “Find - c dzgmhncg.sys” the order carriage return, this time looked demonstrates its wooden horse service the condition (Figure 06).

Figure 06 uses the Find order examination attribute
  From the chart may clear see that its result is The Service “dzgmhncg.sys” has not been the found information, then the expression has not discovered this service, i.e. this service now opening condition. Has known these, we enter to C:\ program Files\ table of contents, finds the Uwupqudn.dll document which the back door releases, and deletes it (Figure 07).

 
Other pages: : 1 * 2 * Next>>
Prev:Seeing through the VoIP security hype Next:How teaches you to protect the information security to prevent the local area network monitor

Comment:

Category: Home > network management
Home