Server Features

• Open source: very configurable
• Choose between XOR and 3DES encryption
• Ping
• Query
• Reboot Machine
• Lock up machine
• Get passwords
• Get system info
• Log keystrokes
• Send message box
• Http fileserver
• Recieve file
• Port redirection
• Send file
• Add/List shares on Microsoft networks
• List connections
• Map network
• List/Start/Kill proccess
• Registry editor
• Capture still picture
• Capture AVI
• Play WAV can also loop it
• List capture devices
• Capture screen
• Compress files
• Plugin support
• DNS stuff
• Shutdown/Restart server
• Load/Debug/List/Remove plugins
• Start/List/Stop command socket
• Start/List/Stop butt plugs
• View/Kill apps
• Chat
• Shutdown/Reboot/Logoff/Poweroff
• Startumenu on/off
• Email using victim

Comments
    The mother of all Trojans is back and better then ever(trojan wise). Now it infects Windows NT unlike version 1.20. To make it more dangerous it is totally open source. Currently this is the most dangerous trojan around. More about it later maybe.

How To Remove

Quick fix: None.
Trojan B' Gone plugin: None yet.
Manual removal:

• Due to the fact it is open source this will only work for the default version we recieved not configured versions

1. Remove the UMG32.EXE key located in the registry at: HKEY_LOCAL_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\. Which can be done with regedit or any other registry editing program.
2. Reboot the computer, or close it.
3. Delete the trojan file UMG32.EXE in the Windows System directory. 

Related Pages

Dark Eclipse Software article: How trojans work ? general removal info
Dark Eclipse Software section: Trojan B' Gone page
Dark Eclipse Software service: Trojan removal