What is Ghost as well as dismissal instructions
Ghost is a vast RAT pathogen family, combined to provoke a plant by behaving foolish invalid operations, such as open/close CD-rom, spin off/on a monitor, etc. The pathogen in a non-destructive sort of RAT. It can not repairs a system, however a little versions embody a “keylogger” ability. Some personal information, such as passwords as well as bank comment numbers can be lost. The writer of this harassment is a hacker called Lame_Joker. The harassment is combined in Visual Basic. Many variants (Ghost 2.0, Ghost 2.1, Ghost 2.2, Ghost 2.3, Ghost 2.4a, Ghost Mini-Server 2.3) appeared in a internet from Oct 2001 to Aug 2002. The place of fad is Israel.
From a publisher:
“The role of this module is to ANNOY THE VICTEM but giveing a ‘hacker’ a collection which could fall short or repairs a victem’s computer… Open/Close we host’s CD-ROM drive, Hide/Show begin button, Hide/Show startBar, Hide/Show taskIcons, Disable/Enable Ctrl alt del, Set a pointless credentials color, Logoff user, Force restart, send customed messages, Send horde to a url, Blackout/Blackin host’s windows, Start host’s notepad, Chack ICQ UINs for online status, Prank host, Put a custome junk File upon Host’s DeskTop ,Print crap upon host’s printer, reset host’s rodent upon all sides as well as Hide/Show teskBar Clock. Pranks: Microsoft notice – Send a horde a feign worning summary from a Microsoft server revelation it which an bootleg Windows pass series was rescued commissioned upon his system. Tip of a day – Let a horde know about a little engaging nonetheless foolish tips/facts about himself.’
‘This server is undetected to many antivirus programs! Including Macaffe,Norton,The cleaner,AVP,Panda,Esafe(Antivirus) etc… Server is unequivocally tiny (31k), as well as was tested upon Win9x/NT/ME/XP systems. In sequence to work, Microsoft VB runtime files contingency be commissioned upon aim Personal Computer (including winsock controls!)”
Ghost primer removal:
Kill processes:
binder.exe, ghost.exe, ghostserver.exe, ghostservereditor.exe, mini-server.exe, server.exe, winsck_droper.exe
Delete files:
alpha.txt, binder.exe, spook mini-server.txt, ghost.exe, ghostserver.exe, ghostservereditor.exe, mini-server.exe, readme.txt, server.exe, tiny server.bat, winsck_droper.exeWhat is Ghost 2.3 as well as dismissal instructions
This is a newer chronicle of a Ghost RAT virus. It was combined to provoke a plant by behaving foolish invalid operations, such as open/close CD-rom, spin off/on a monitor, etc. The pathogen in a non-destructive sort of RAT. It can not repairs a system, however a little versions embody a “keylogger” ability. Some personal information, such as passwords as well as bank comment numbers can be lost. The writer of this harassment is a hacker called Lame_Joker. The harassment is combined in Visual Basic. Many variants (Ghost 2.0, Ghost 2.1, Ghost 2.2, Ghost 2.3, Ghost 2.4a, Ghost Mini-Server 2.3) appeared in a internet from Oct 2001 to Aug 2002. The place of fad is Israel. This chronicle was combined in Dec 2001.
From a publisher:
“=====================
Ghost v2.3 -
OnLine Hacking tool
=====================
By regulating this module we determine to a following terms:
1) we (The male referred by a name of Lame_joker) will not be hold obliged as well as will not accept responsibillity for a operate of this module (Use it during your own risk!). This is additionally together with all forms of repairs or detriment of report as well as hardware.
2) This Program is a freeware as well as which equates to we can duplicate it to any a single we wish as prolonged As we keep all of a essence of this zip record along.
How do we operate this thing?
First we need to find yourself a victim… afterwards we send him a “server.exe” record (you competence wish to revise it first…) a plant govern a record as well as walla! we can bond to his/hers IP series as well as provoke them to death!
In this zip record we can find: Ghost.exe – The customer side of ghost. Server.exe – The server partial of ghost. Ghost server editor – Enables we to revise a little of a settings in a Ghost server (Only for chronicle 2.3) Binder.exe – Bind server with an exe for easy infection. Winsck_Droper.exe – Installs “Mswinsck.ocx” upon remote mechanism (try contracting it with server!). Small Server.bat – Make server not as big regulating upx.exe, Edit prior to compressing! (you won’t be equates to to do so after a server has been compressed!). ReadMe.txt – This content file.
With spook we can: Open/Close we host’s CD-ROM drive, Hide/Show begin button, Hide/Show startBar, Hide/Show taskIcons, Disable/Enable Ctrl alt del, Logoff user, Force restart, send customed messages, Send horde to a url, Blackout/Blackin host’s windows, Start host’s notepad, Prank host,Print crap upon host’s printer, reset host’s rodent upon all sides , Hide/Show teskBar Clock, Disable host’s mouse, Disable host’s Keyboard as well as messup host’s windows colors,Spy upon open windows,Close active windows, Open window, Flick set of keys lights, Control files regulating record manager, Log keys, discuss with host, Get report as well as ICQ numbers, Send pass types.
Pranks: Microsoft notice – Send a horde a feign notice summary from a Microsoft server revelation it which an bootleg Windows pass series was rescued commissioned upon his system. Tip of a day – Let a horde know about a little engaging nonetheless foolish tips/facts about himself. Insult appurtenance – Let a user know what we unequivocally consider about him 
FAQ:
Q:Why in a little cases a server is not infecting a aim system?
A:could be a module using upon mental recall restraint a server (Fire walls, charge managers etc…)
Q:Some times when we operate WindowSpy it’s heading is blank.
A:The heading showen in WindowSpy is a heading of a stream window host’s rodent upon all sides is at, competence give we a little ideas
Q:Client is not connecting.
A:Are we certain a horde was infected?, may be to horde is using a firewall upon his system.
Q:When active: a server is promulgation an blunder about “Mswinsck.ocx”
A:Well…, Ghost customer as well as Ghost Server have been in need of “Mswinsck.ocx” to be commissioned in internal as well as remote systems, we can find it in a Ghost zip file, or operate a “Winsck_droper.exe” to implement it upon remote mechanism (You can bond it with a server!)
Q:When we try to bond to a plant we get this message: “Ghost X.X server’s have been no longer upheld by this client!” what is this all mean?
A:The ultimate versions of Ghost has newer information exchnage engine, as well as since of which a comparison versions of Ghost have been no longer supported, as well as which equates to a server or a customer competence not duty as they should…
Q:How can we bond you?
A:Email me: Lame_Joker@yahoo.com
All rights indifferent to Lame_joker, 2001
Have fun! 
”
Ghost 2.3 primer removal:
Kill processes:
binder.exe, ghost.exe, ghostservereditor.exe, server.exe, winsck_droper.exe
Delete files:
binder.exe, ghost.exe, ghostservereditor.exe, readme.txt, server.exe, tiny server.bat, winsck_droper.exe