 Remove Recon. Description and removal instructions
From the publisher: "Remote Control Over Networks v2 ReCON aka RCONv2 by [nexuz] & [ZaJoker] version 1.99.19.10 (c) 1999 XLegacy INC. NOTE: The only available login in this version is "root" and the default password is also "root". ReCON commands description: "CMDS" - sintax: "/cmds" - very usefull command (acctualy THE MOST USEFULL) - lists all available ReCON built-in commands "VER" - sintax: "/ver" - displays the ReCON version info and stuff "PROGMAST" - sintax "/ver" - used to complete "/VER" "PWL" - sintax: "/pwl [old password] [new password]" - changes the "old password" (default "root") to "new password" - [old password] specifies the old login password; must be valid - [new password] specifies the new password; can't contain spaces "EXEC" - sintax: "/exec [application]" - executes the specified application and reports any error - [application] must be a program's name including path "COPY" - sintax: "/copy [source file]![destination file]" - copy's a file to specified location - no wildcards allowed - [source file], [destination file] may contain spaces (LFN) "UNLINK" - sintax: "/unlink [file name]" - deletes the specified file - [file name] may be a long file name "CD" - sintax: "/cd [new directory]" - changes the current directory - the parameter is optional - if no parameter, displays the current directory "DIR" - sintax: "/dir [file specifier]" - lists all files and subdirs matching the [file specifier] - wildcards allowed - if no parameter, lists all subdirs and files in current directory "RMDIR" - sintax: "/rmdir [directory name]" - removes the specified directory - the specified directory must be empty - [directory name] supports LFN "MKDIR" - sintax: "/mkdir [directory name]" - creates a new directory with specified name - [directory name] supports LFN - [directory name] musn't exist "ATTR" - sintax: "/attr [file name] [+attributes] [-attributes]" - sets/clears the specified attributes for a file - [+attributes], [-attributes] are optional parameters; if missing the the current attributes of the file are listed - wildcards not allowed "RCPCALL" - sintax: "/rcpcall [RCP name] [RCP function]" - executes a function from a RCP (Remote Control Plugin) - [RCP name] points to a valid RCP module created with RDK - [RCP function] is the RCP function name to be called note: You may get the RDK (ReCON Development Kit) by sending an e-mail to: xl@yahoo.com "MSG" - sintax: "/msg [from->][message]" - shows a message on host - [from->] parameter is optional; default is "a ghost" "ERR" - sintax: "/err [fake error message]" - generates a fake error on host "TITLEMSG" - sintax: "/titlemsg [caption]" - change the title of all windows listed by "DOZES" - [caption] is the new title for all windows note: after using "TITLEMSG" you won't be able to recognize the windows listed with "DOZES" "ALLMSG" - sintax: "/allmsg [message]" - changes all captions (buttons, windows, labels, etc.) - [message] is the new caption to be set note: same as "TITLEMSG" "STATE" - sintax: "/state [on/off] [window title]" - enables/disables the specified window - if the [window title] parameter is "*" then all windows will be enabled/disabled note: use with care if you are testing on the localhost because you might get stuck "PAINT" - sintax: "/paint" - it paints the desktop over all other windows (pretty cool) - the effect is temporary "DESK" - sintax: "/desk [on/off]" - shows/hides all icons on desktop "TASK" - sintax: "/task [on/off]" - shows/hides the taskbar - Start menu is still active and can be accessed using the Win-key "MONITOR" - sintax: "/monitor [on/off]" - turns on/off the monitor (so far it worked on all tested monitors) - the monitor stays off until "/monitor on" command fallows or the PC is rebooted "WINKEYS" - sintax: "/winkeys [on/off]" - it turns on/off the windows special keys and the windows keyboard shortcuts (CRTL+ESC, ALT+TAB, and all others) "CDEJ" - sintax: "/cdej [on/off]" - opens/closes the CD-audio door - it may not work on all computers (the only PC on wich i encountred difficultyes during tests, wich freezes on "CDEJ" command is a FUNAI E285XA (my own :) "DOZES" - sintax: "/dozes" - lists all windows that have a "display-able" title - doesn't make much sense after "TITLEMSG" or "ALLMSG" "KILLWIN" - sintax: "/killwin [windowname]" - destroys a window - if there are more windows with the same name then only the first found is killed, then you must repeat the command "PIDS" - sintax: "/pids" - lists all proccesses currently running - more effective than "DOZES" "KILLPID" - sintax: "/killpid [PID]" - stops the specified proccess (must use "PIDS" to get a list) - this is 100% efficient proccess killing (unlike "KILLWIN") note: DO NOT mess with system's proccesses (like KERNEL32.DLL) because this will probably ( (31.8*PI)% chances) freeze the host PC "WHO" - sintax: "/who" - lists all "clients" connected to the ReCON server note: if a client is in the login state then the name will be preceded by "WANNABE" "SAY" - sintax: "/say [onliner number] [message]" - prints the [message] on the terminal of the client matching [onliner number] (use "WHO" to get a list) note: the "you're looney" message apears when you try talking to yourself :) "REBOOT" - sintax: "/reboot" - reboots the host machine "LOGOUT" - sintax: "/logout" - logs out the current logged on user "HALT" - sintax: "/halt" - performs system shutdown - is the case is ATX then Power off will be performed too "NFOS" - sintax: "/nfos" - retreives system general info "PASSWDS" - sintax: "/passwds" - squeezes cached passwords from host PC note: very usefull... you don't know what you might find in there "SHARES" - sintax: "/shares" - lists all shares on PC including theyre access passwords "ADDSHR" - sintax: "/addshr [path] [sharename]" - adds a new share to the system - sharename must be 12 chars long tops note: the description of the new share is set to "ReCONed path" "RMSHR" - sintax: "/rmshr [sharename]" - removes the specified share from host "CLS" - sintax: "/cls" - clears the screen "CL" - sintax: "/cl [color index(optional)]" - usefull under Linux Telent client - changes the text color - if parameter missing then lists all color indexes "BK" - sintax: "/bk [color index(optional)]" - usefull on Linux Telnet client - changes background color - if parameter missing then lists the color index "QUIT" - sintax: "/quit" - disconnects from ReCON server - most usefull command :))) COMMAND COMBOS: "COPY"+"DEL" - to rename/move a file "WINKEYS"+"TASK" - completly deactivates taskbar and start menu" Recon properties: • Allows remote user connection • Hides from the user • Stays resident in background Automatic Recon removal:remover for Recon
Other programs to remove Recon:• SUPERAntiSpyware - Review - Download• CounterSpy - Review - Download • Windows Defender - Review - Download Information added: 25/04/05 Information updated: 25/04/05 Additional resources related to Recon:Attention: If you know or you have a website or page about Recon removal, feel free to add a link to this list: add url
more resources Post Comment:Attention: Use this form only if you have additional information about Recon parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
|
Related news:
Similar parasites:
 Botao 1.0 MIRC Orifice 3.1.1 Pornuwka RemoteStorm Intruzzo BlueWater CDU Backdoor.Porkodio Insane TCP Backdoor CIARelated articles:
Related discussions:
|
FORUM:
