| Porta
Usata |
Nome
|
Chiave di
registro per l'auto-start all'avvio del PC HKEY_LOCAL_MACHINE
|
Nome Server
|
| 25 |
AntiGen |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
antigen.exe |
| UDP
31337 |
Back
Orifice |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
boserve.exe |
| 1999 |
BackDoor |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
icqnuke.exe |
| 34324 |
Big
Gluck |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
bg10.exe |
| 5400-5402,
21 |
Blade
Runner |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
server.exe |
| 2115 |
Bugs |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Bugs.exe |
| UDP
31338 |
Deep
Back Orifice |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
boserve.exe |
| 2140,
3150 |
Deep
Throat |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
server.exe |
| 2140,
3150, 6670, 6711, 60000 |
Deep
Throat v2 |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
System
Patch.exe
|
| 26274,
47262 |
Delta
Source |
sconosciuto |
Server.exe |
| 65000 |
Devil |
sconosciuto |
ICQFlood.exe |
| 21,
1011 |
Doly
Trojan |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
tesk.exe |
| 25 |
Email
Password Sender |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
eps.exe |
| 80 |
Executer |
sconosciuto |
Exec.exe |
| TCP
5321 |
Firehotcker
BackDoorz |
sconosciuto |
server.exe |
| 21,
50766 |
Fore |
sconosciuto |
foresvr.exe |
| 1492 |
FTP99cmp |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
FTP99cmp.exe |
| TCP
12345-12346 |
Gaban
Bus |
sconosciuto |
Patch.exe |
| TCP
6969-6970 |
Gate
Crasher |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Server.exe |
| TCP
21554 |
GirlFriend |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
windll.exe |
| 12223 |
Hack
'99 KeyLogger |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
Server.exe |
TCP
31785, 31787
UDP 31789 31791 |
Hack
'a' Tack |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
expl32.exe |
| 2023 |
HackCity
Ripper Pro |
sconosciuto |
RipServer.exe |
| 31,
456 |
Hackers
Paradise |
sconosciuto |
server.exe
o
explorer.exe
|
| 7789 |
icKiller |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
ICKiLLeR.exe |
| 4950 |
ICQ
Trojan |
sconosciuto |
icqtrogen.exe
o Command.exe e FindFast.exe |
| 555,
9989 |
iNi-Killer |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
server.exe |
| 25 |
Kuang2 |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
K2pS_FULL.exe
o K2pS.exe |
| 40421-40423,
40426 |
Masters'
Paradise |
sconosciuto |
icqcrk.exe
o
uagent.exe
o
Agent.exe
o
Angel.exe
o
progman.exe
|
| 20000-20001 |
Millenium |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
spy.exe
o
modem.exe
|
| TCP
12345, 12346 |
NetBus |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Patch.exe |
| TCP
20034 |
NetBus
Pro |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
NBSvr.exe |
| 7300-7301,
7306-7308 |
NetMonitor |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
spyserver.exe
e netspy.exe |
| 31338-31339 |
NetSpy |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
server.exe |
| 555 |
Phase
Zero |
sconosciuto |
phase.exe |
| 2801 |
Phineas
Phucker |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
Phineas.com |
| 10067,
10167, 3700, 9872-9875 |
Portal
of Doom |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
Server.exe |
| 6969,
16969 |
Priority |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
PServer.exe |
| 11223 |
Progenic |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
AntiNuke.exe |
| 22222,
33333 |
Prosiak |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
prosiak.exe |
| 1170,
1024-4000 |
Psyber
Stream Server |
sconosciuto |
Wave.exe
e
wave.dll
|
| 7000 |
Remote
Grab |
sconosciuto |
gserver.exe |
| 53001 |
Remote
Windows Shutdown |
sconosciuto |
RmtEwxS.exe |
| 5569 |
Robo-Hack |
sconosciuto |
robo-serv.exe |
| 666 |
Satanz
backDoor |
sconosciuto |
WinVMM32.exe |
| 1981 |
ShockRave |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
shockrave.exe |
| 25 |
Shtirlitz |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
faxmgr.exe |
| 1600 |
Sivka-Burka |
sconosciuto |
hs.exe |
| 1001 |
SK
Silencer |
sconosciuto |
Server.exe |
| 5000-5001 |
Sockets
de Troie |
sconosciuto |
lame.exe |
| 1807 |
SpySender |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
client.exe |
| 555 |
Stealth
Spy |
sconosciuto |
telserv.exe
e
tserv.dll
|
| 25 |
Stealth |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Zip.exe |
| 2565 |
Striker |
sconosciuto |
ServerS.exe |
| 1243,
6711-6713, 6776, 27374 |
SubSeven |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
o \SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices o nel file
WIN.INI file ("run=" o "load=" line) o ancora in
SYSTEM.INI file ("shell=" line) |
Server.exe |
| 25 |
Tapiras |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
tapiras.exe |
| 61466 |
TeleCommando |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
TeLeCoMMaNDo
Server.exe |
| 25 |
Terminator |
sconosciuto |
param1.exe,
param2.exe,
param3.exe,
sat.exe
e
uninst.exe
|
| 2140,
3150 |
The
Invasor |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
runme.exe |
| 40412 |
The
Spy |
\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
SpyServ1.exe |
| 2001 |
The
Trojan Cow |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
CowServer.exe |
| 34324 |
TN |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
tnsrv.exe |
| 23456 |
Ugly
FTP |
sconosciuto |
UglyFTP.exe |
| 1234 |
Ultor's
Trojan |
sconosciuto |
t5port.exe |
| 1170,
1024-4000 |
Voice |
sconosciuto |
Wave.exe
e
wave.dll
|
| 1245 |
Voodoo
Doll |
sconosciuto |
adm.exe |
| 1001 |
Web
Ex |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Task_Bar.exe |
| 3024,
4092, 5714, 5741-5742 |
WinCrash |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
server.exe
o
cfg95.exe
e ICQFucker
Extentitions.exe
e win32cfg.exe
|
