trojan info


	Services Trojan info Chat Downloads About Us Contact Us Help Forum Support Us Search


	ACID SHIVERS Acid shiver is a pretty bad trojan to become infected with , it has a lot of damaging abilities and should be removed immediately if found The port opened by acid shiver is dynamic , meaning it changes every time the victim comes online and sends the victims ip number and what port has been opened to the hacker by email. Removal instructions : Fortunately removing this trojan is fairly simple. It adds two lines to your registry, both identical. Using regedit, go to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the line which reads: Explorer = "C:\WINDOWS\MSGSVR16.EXE" Also go to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices and delete the same line above. (Explorer = "C:\WINDOWS\MSGSVR16.EXE") Reboot your computer, and use windows explorer to go to C:\windows\ and delete the file MSGSVR16.EXE Be careful however, as in C:\windows\system\ there are a few files with similar names, which are needed by windows to run. Do NOT delete anything in C:\windows\system\ for this trojan


	Acid shivers modified Leentech are famous for there modification of existing trojan servers , there modifications are much more dangerous , and in most cases are not picked up by conventional virus scanners Telnet is used as the client part of this trojan meaning that any operating system can hack an infected computer. Acid shivers opens a new port each time the victims computer is booted up so it is impossible for hackers to just go and scan you off the internet and hack you , the victims computer sends an email with details like ip number , port opened etc to the hacker every time the computer is logged onto the net. How to remove : look for the registry line at: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and delete the line which reads: Wintour = "C:\WINDOWS\WINTOUR.EXE" Also look in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices and delete the same Wintour line. The file is located in C:\windows\wintour.exe.