Telecommando v1.5.4
Info:
Telecommando is a Remote Administration Program. This is the first program
that I've seen it where you can't do anything until you click an I Agree button saying
that you agree that everything is not his fault and that this program must remain
freeware. Also this is the first time I've ever seen it where if you don't do
anything for a while it will time you out. I have also noticed this program
disables Ctrl+Esc and Alt+Ctrl+Del when you run the server. You also can't
explore any of the commands until you connect to a server. You can send a
command in two ways, one is typing it in in the command line, or by click on one of the
radio buttons. This is a program made by a person named Night Navigator.
This is the first program from him. At least the first one for the Windows
platform. Here are the features:
Advanced Password Options
Server Options
Dialog Boxes with either a OK or Yes or No answer
Get Logical Drives
Create/Delete Directories
List/Delete Files
Lock/Unlock Desktop
Shuffle the Desktop once
Randomly Shuffle the Desktop
Make Stars show on the screen, like a Screensaver
Hide/Show the Start Button
Hide/Show the Taskbar
Hide/Show Desktop
Execute Programs either Minimized, Maximized, Hidden, or Normal
List/Kill Active Applications (execs, DLLs, etc..)
Logoff/Reboot/Shutdown User
Get Users Name
Get Computers Name
Get Users Date & Time
To use this program simply download the Client program . Then open it. You will have
the screen like the one at the top. In order to go into someone's system you
will have to have them run the Server part from the top. This can easily be renamed.
Once the server is run, then you can go into there system by typing in there IP
number where it says IP Address and then click connect. You can get there IP number
various ways. The first is to ask them to go to Start then Run then type in
Winipcfg then click enter and to have them tell you what the IP number is.
Some other possibilities are through ICQ by getting the users info, or through IRC by
typing in /dns UserName. Once in the system you have the ability to do anything.
Here's a description of what each button does:
Name of the Command
Description
Shutdown Server :
This will shutdown the server temporarily until the user runs the trojan again, or
restarts the computer.
Uninstall Server:
This will uninstall all of the components to the Server.
Password Status:
This will tell you if another user has changed the password while you are in the computer.
If they have it will disable you from doing anything to them.
Password Confirm:
Will bring up a dialog box for you to type in a password if the Password Status says it's
not OK.
Password Change:
Self-explanatory. Will change the Password.
Password Delete:
Will remove the Password.
Pony Express Messenger Box: This will pop up a
dialog box with which ever you choose for the answer,
either Yes or No or OK. It will pop up with the title Pony Express.
Execute Normal:
Will execute a program normally.
Execute Minimized:
Will execute a program minimized.
Execute Maximized:
Will execute a program maximized.
Execute Hidden:
Will execute a program that will not appear on the screen. This is only
used for text-based applications such as DOS to use like a Telnet client to move your way
around them.
List 32bit Process:
Will list all of 32bit Processes currently active. These include DLL files etc...
Kill 32bit Process:
Will kill a 32bit Process that is active. These include DLL files etc...
Logoff User:
Will logoff the user from Windows.
Reboot User:
Reboots the user's computer.
Shutdown User:
Will shutdown the user's computer.
Get User Name:
This will get the user's name.
Get Computer Name:
Gets the computer's name.
Get Date & Time:
Will get the user's date and time.
Change Dir:
Changes the users directory to one that you specify in the Command Line.
Make Dir:
Makes a directory that you specify in the Command Line.
Remove Dir:
Removes a directory that you specify in the Command Line.
Delete File:
Deletes a file that you specify in the Command Line.
List Files:
Lists the files in the Current Directory.
Get Current Directory:
Tells you the directory you are currently in.
Lock/Unlock Desktop:
Will lockup or unlock the desktop.
Misc.:
Will shuffle up pieces of your screen. Only once however.
Star On/Off:
Will make stars pop up on the user's screen. Also freezes up the desktop.
This is sort of like a screen saver. Click on the image to view full size.
Then click on the image to go back.
Hide/Show Start:
Will hide or show the Start button.
Misc. On/Off:
Will do the same thing as Misc., but it will continuously do it.
Hide/Show Taskbar:
Will hide or show the Taskbar.
Hide/Show Desktop:
Will hide or show the Desktop.
Tips & Tricks
From what I have tested, I found that when someone does the Star Screensaver or Freeze the
Desktop, if you hit Alt+F4 it will return it back to normal. I'm still testing to make
sure it works. If it doesn't I'll update this right away.
Removal
Removal is fairly simple. First go to Start, then Run, then type in regedit.
When in the Registry Editor, please, be VERY careful! Once in
there, you will see 7 "folders". double-click on the one that says
HKEY_Local_Machine.
Then double-click on Software, then Microsoft, then Windows, then double-click on Current
Version, then finally, click (as in click once) on Run. You will see a list to
your right of different things. Once you did that, then you have the name and location of
the Server, 99% of the time it will be OBDL.exe but it could be renamed along the way with
another program.
It will also be in the Windows System directory. Then highlight where it says
SystemApp. This could also be changed, but in very rare cases.
Once you have gotten there delete that key. Once that is done you must restart
your system. Once you are back, go into Windows Explorer (by going to Start
then Programs then Windows Explorer) then go in to your Windows System directory and
delete OBDL.exe, make sure that's ALL you delete!