RCT's & RAT's
What are they?
How do I detect them?
How many are there?
What ports do they use?
How do I Remove?
Acid Shivers (modified)
Deep Back Orifice
Deep Throat v2
Hack 'a' Tack
NetBus 2 Pro
Sockets 'de Troie
Deep Back Orifice currently affects Windows 95/98 PC's.
The "server" portion is typically named ".exe". It would be found in the WINDOWS directory and is relatively small (about 122kb).
Port 31338 (by default) is used to establish the connection between the "client" and "server".
Once installed, it is rerun every time the computer is started by means of an entry under the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices" branch in the Registry.
Who is Responsible?
Deep Back Orifice was written by individuals calling themselves Hybrid, Maiden and Rael.
Here are some of the functions that Deep Back Orifice offers:
- Configuration only on one port
Here's a picture of what the "client" portion of the software looks like.
How to Remove Deep Back Orifice
Follow the removal instructions for Back Orifice.
Copyright Commodon Communications. All rights reserved.