SubZero (alpha)
Server name: SubZero
Version: Alpha
Different versions: NA
Tested: Yes, on Windows 95 and Windows NT
Server size: 309K
Server files: server.exe
Server icon:

Infects: Windows 95/98/ME
Autoloads: No
Default port: 15382 TCP
Can port be changed: Yes

Server Features

  • AIM, ICQ, IE, MSN and YAHOO spy
  • Change resolution
  • Change volume
  • Chat with server
  • Clear, get or set clipboard
  • Change start button icon
  • Change windows colors
  • Control mouse
  • Disable/enable keyboard
  • Download and run file
  • Exit, log off, power off, reboot or shutdown windows
  • Find files
  • File manager
  • FTP server
  • Get AIM passwords
  • Get cached passwords
  • Get information
  • Get RAS (dial up) passwords
  • Get screen shot
  • Hide/show/disable/remove clock
  • Hide/show/disable/remove start button
  • Hide/show/disable/remove systray
  • Hide/show/disable/remove task bar
  • Key logger
  • Print
  • Port redirect
  • Record sound
  • Send message
  • Send to URL
  • Swap mouse buttons
  • View/kill processes
  • Window manager

 
Comments 
SubZero alpha is a early release with many incomplete features. When we tested the SubZero server it copied itself to the windows system directory. However it did not autoload with windows, which is probably because this is a alpha version. On December 21st, 2000 the author stated that he will no longer develop SubZero. He also said he would not released any source code.

How To Remove 
Quick fix: no quick fix programs
Manual removal:

  1. Reboot the computer or close taskmann.dll.exe.
  2. Delete the trojan file taskmann.dll.exe in the windows system directory. 

 
Related 
Article: General removal info
Section: Test your knowledge, take our Trojan Quiz
Service: Trojan removal
Service: Tell a friend about this trojan
Service: Print this page
 
 
Copyright © 2000 and 2001, Dark Eclipse Software. All rights reserved. 
This page may not be redistributed or reproduced in any manner without specific written permission from Dark Eclipse Software. If permission to use this page is desired then contact Dark Eclipse Software. While we consider the content of this page to be accurate, we cannot guarantee either the accuracy or the appropriateness of any portion of the page, including our analysis and manual removal. 
Any actions taken by a reader in response to this or any other Dark Eclipse Software page are completely and solely their responsibility.