|
| Name: | Nirvana |
| Aliases: | Visual Killer, |
| Ports: | 2255 |
| Files: | Vkclient.zip - 662,381 bytes Vksrv.zip - Nirvanac1_94.zip - 662,381 bytes Nirvanas1_94.zip - 78,395 bytes Nirvanac1_95.zip - 666,865 bytes Nirvanas1_95.zip - 78,727 bytes Nirvana1.95.zip - Nirvana1.97.zip - Nirvana1.99.zip - 2,231,157 bytes Nirvana2.0a.zip - Nirvana2.1.zip - NTrojanerClient2.0.zip - NTrojanerServer2.0.zip - Client.zip- 1,432,039 bytes Server.zip - 798,553 bytes 7thsp.zip - Client.exe - 1,445,888 bytes Server.exe - 811,520 bytes Visualkillerclient.exe - 142,336 bytes Visualkillerserver.exe - 75,776 bytes Nirvanatrojanerclient.exe - 156,672 bytes Nirvanatrojanerserver.exe - 76,800 bytes Ariel.exe - Comdlg32.ocx - 140,096 bytes Mscomctl.ocx - 1,062,704 bytes Mswinsck.ocx - 108,336 bytes |
| Created: | Aug 1999 |
| Requires: | Comdlg32.ocx, Mscomctl.ocx and Mswinsck.ocx - are required to run the trojan. |
| Actions: | Remote Access |
| Versions: | 1.94, 1.95, 1.96, 1.97, 1.99, 2.0a, 2.1, |
| Registers: | HLM\SOFTWARE\Microsoft\windows\CurrentVersion\Run\ |
| Notes: | Works on Windows 95, 98 and NT. ˆ Source code is available. |
| Country: | written in Germany |
| Program: | N/A |
 Using the Process Monitor from AATools, you will see whether any foreign
programs are running on your computer. If you find some unwanted program, you
can terminate it by clicking the 'Terminate Process' button on the Toolbar.
Using the AATools Network Monitor, you can see what ports are in use on
your local PC for connection with remote systems (LAN/Internet). On Windows
NT/2000/XP the Network Monitor will display you the services that are active on
the ports, and map the ports to their respective applications. If you register
port probes directed against ports that are normally not used, it is possible
that someone is trying to connect to a Trojan inside your network. Using the
Registry Cleaner (Startup section) from AATools, you will see
the list of programs that are registered under Run, RunOnce, RunOnceEx and
RunService registry keys. So you can find out what programs are started behind
your back. You should check these programs to see they are legitimate ones but
not Trojans programs.
0-C | D-H | I-N
| O-S | T-Z
If you have any questions or information about ports used by Trojans not
listed above, please contact us. |
