DTr 1.5 (d)
(Backdoor.Win32.DTR.15.d)

by Danil

Compressed with ASPack

Released in November 2002

Made in Ukrainia

more versions


                  "DTr (RemoteAdmin)" v.1.5
                                                        
The program "DTr (RemoteAdmin)" v.1.5 is designed for remote administration.
The program can work both in a local area network, and through InterNet.

CAPABILITIES: the file manager, exchange of files, start of the programs, 
review all runned processes in a system, completion of selected process, 
scanning of a screen, keyboard spy, turn off / reboot, and and so on. 
( all on the remote computer - server). Plugins. 
Password protection. First password - "dtr".

WORK PROGRAM: view "dtr15.hlp".

DELETING OF THE PROGRAM:
ATTENTION!!! On attempt of  deleting  of  the program, it will be started again.
It is possible to delete the program ONLY with the help of special deleting
program "Deldtr15.exe" in the catalogue DEL_SERV of the distribution kit.
The deleting of the program with the help of TaskManager for NT/2000/XP - is forbidden.
Deleting of the program on 9x/ME by the normal manager of processes (on
"Alt"+"Ctrl"+"Del" the program is latent) - restart.

FreeWare. "AS IS".                     

Before the installation it is necessary closely to read and to accept all 
conditions of the License agreements ("license.txt").

ATTENTION!!! Before start of a server part it is necessary to delete previous 
version of the program.

-----------------------------------------------------------------------                         
November 24, 2002 (v.1.5) 
             * add password protection;
             * server allows connecting with 255 clients;
             * change AutoStart;
             * restart after terminate server's part;
             * fixed bugs.

 Danil


Server:
c:\WINDOWS\SYSTEM\nbsystem.exe 

size: 12.288 bytes

port: 10001 TCP

startup:
HKEY_CLASSES_ROOT\CLSID\{F5B6A343-07E9-44BC-B409-B239BB4C9610}\InProcServer32 "(Default)" 
Type: REG_SZ 
Data: nbsystem.dll 
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad "NBSYSTEM" 
Type: REG_SZ 
Data: {F5B6A343-07E9-44BC-B409-B239BB4C9610} 


added:
c:\WINDOWS\SYSTEM\dtrV.dat 
c:\WINDOWS\SYSTEM\DtrVk.dll 
c:\WINDOWS\SYSTEM\nbsystem.dll 

MegaSecurity