|
Porta Usata |
Nome |
Chiave di registro per l'auto-start all'avvio del PC |
Nome Server |
|
25
|
AntiGen
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
antigen.exe
|
|
UDP 31337
|
Back Orifice
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
boserve.exe
|
|
1999
|
BackDoor
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
icqnuke.exe
|
|
34324
|
Big Gluck
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
bg10.exe
|
|
5400-5402, 21
|
Blade Runner
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
server.exe
|
|
2115
|
Bugs
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
Bugs.exe
|
|
UDP 31338
|
Deep Back Orifice
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
boserve.exe
|
|
2140, 3150
|
Deep Throat
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
server.exe
|
|
2140, 3150, 6670, 6711, 60000
|
Deep Throat v2
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
SystemPatch.exe
|
|
26274, 47262
|
Delta Source
|
sconosciuto
|
Server.exe
|
|
65000
|
Devil
|
sconosciuto
|
ICQFlood.exe
|
|
21, 1011
|
Doly Trojan
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
tesk.exe
|
|
25
|
Email Password Sender
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
eps.exe
|
|
80
|
Executer
|
sconosciuto
|
Exec.exe
|
|
TCP 5321
|
Firehotcker BackDoorz
|
sconosciuto
|
server.exe
|
|
21, 50766
|
Fore
|
sconosciuto
|
foresvr.exe
|
|
1492
|
FTP99cmp
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
FTP99cmp.exe
|
|
TCP 12345-12346
|
Gaban Bus
|
sconosciuto
|
Patch.exe
|
|
TCP 6969-6970
|
Gate Crasher
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
Server.exe
|
|
TCP 21554
|
GirlFriend
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
windll.exe
|
|
12223
|
Hack '99 KeyLogger
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
Server.exe
|
|
TCP 31785, 31787
UDP 31789 31791
|
Hack 'a' Tack
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
expl32.exe
|
|
2023
|
HackCity Ripper Pro
|
sconosciuto
|
RipServer.exe
|
|
31, 456
|
Hackers Paradise
|
sconosciuto
|
server.exe o explorer.exe
|
|
7789
|
icKiller
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
ICKiLLeR.exe
|
|
4950
|
ICQ Trojan
|
sconosciuto
|
icqtrogen.exe o Command.exe e FindFast.exe
|
|
555, 9989
|
iNi-Killer
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
server.exe
|
|
25
|
Kuang2
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
K2pS_FULL.exe o K2pS.exe
|
|
40421-40423, 40426
|
Masters' Paradise
|
sconosciuto
|
icqcrk.exe o uagent.exe o Agent.exe o Angel.exe o progman.exe
|
|
20000-20001
|
Millenium
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
spy.exe o modem.exe
|
|
TCP 12345, 12346
|
NetBus
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
Patch.exe
|
|
TCP 20034
|
NetBus Pro
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
NBSvr.exe
|
|
7300-7301, 7306-7308
|
NetMonitor
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
spyserver.exe e netspy.exe
|
|
31338-31339
|
NetSpy
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
server.exe
|
|
555
|
Phase Zero
|
sconosciuto
|
phase.exe
|
|
2801
|
Phineas Phucker
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
Phineas.com
|
|
10067, 10167, 3700, 9872-9875
|
Portal of Doom
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
Server.exe
|
|
6969, 16969
|
Priority
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
PServer.exe
|
|
11223
|
Progenic
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
AntiNuke.exe
|
|
22222, 33333
|
Prosiak
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
prosiak.exe
|
|
1170, 1024-4000
|
Psyber Stream Server
|
sconosciuto
|
Wave.exe e wave.dll
|
|
7000
|
Remote Grab
|
sconosciuto
|
gserver.exe
|
|
53001
|
Remote Windows Shutdown
|
sconosciuto
|
RmtEwxS.exe
|
|
5569
|
Robo-Hack
|
sconosciuto
|
robo-serv.exe
|
|
666
|
Satanz backDoor
|
sconosciuto
|
WinVMM32.exe
|
|
1981
|
ShockRave
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
shockrave.exe
|
|
25
|
Shtirlitz
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
faxmgr.exe
|
|
1600
|
Sivka-Burka
|
sconosciuto
|
hs.exe
|
|
1001
|
SK Silencer
|
sconosciuto
|
Server.exe
|
|
5000-5001
|
Sockets de Troie
|
sconosciuto
|
lame.exe
|
|
1807
|
SpySender
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
client.exe
|
|
555
|
Stealth Spy
|
sconosciuto
|
telserv.exe e tserv.dll
|
|
25
|
Stealth
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
Zip.exe
|
|
2565
|
Striker
|
sconosciuto
|
ServerS.exe
|
|
1243, 6711-6713, 6776, 27374
|
SubSeven
|
SOFTWAREMicrosoftWindowsCurrentVersionRun o SOFTWAREMicrosoftWindowsCurrentVersionRunServices o nel file WIN.INI file ("run=" o "load=" line) o ancora in SYSTEM.INI file ("shell=" line)
|
Server.exe
|
|
25
|
Tapiras
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
tapiras.exe
|
|
61466
|
TeleCommando
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
TeLeCoMMaNDo Server.exe
|
|
25
|
Terminator
|
sconosciuto
|
param1.exe, param2.exe, param3.exe, sat.exe e uninst.exe
|
|
2140, 3150
|
The Invasor
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
runme.exe
|
|
40412
|
The Spy
|
SOFTWAREMicrosoftWindowsCurrentVersionRunServices
|
SpyServ1.exe
|
|
2001
|
The Trojan Cow
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
CowServer.exe
|
|
34324
|
TN
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
tnsrv.exe
|
|
23456
|
Ugly FTP
|
sconosciuto
|
UglyFTP.exe
|
|
1234
|
Ultor's Trojan
|
sconosciuto
|
t5port.exe
|
|
1170, 1024-4000
|
Voice
|
sconosciuto
|
Wave.exe e wave.dll
|
|
1245
|
Voodoo Doll
|
sconosciuto
|
adm.exe
|
|
1001
|
Web Ex
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
Task_Bar.exe
|
|
3024, 4092, 5714, 5741-5742
|
WinCrash
|
SOFTWAREMicrosoftWindowsCurrentVersionRun
|
server.exe o cfg95.exe e ICQFuckerExtentitions.exe e win32cfg.exe
|
