RCT's & RAT's
What are they?
How do I detect them?
How many are there?
What ports do they use?
How do I Remove?
Acid Shivers (modified)
Deep Back Orifice
Deep Throat v2
Hack 'a' Tack
NetBus 2 Pro
Sockets 'de Troie
Deep Throat currently affects Windows 95/98 PC's. It's rumored that the author is working on a Windows NT version.
The "server" portion (typically named "systempatch.exe") is approximately 255kb in size.
UDP Ports 2140 and 3150 are used to establish its connection between the "client" and "server".
Once installed, it is rerun every time the computer is started by means of an entry under the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" branch in the Registry.
Who is Responsible?
Deep Throat was written by an individual known as ^Cold^ KiLler, CEO of DarkLIGHT Corp. His reasoning behind creating Deep Throat appears to be the same reasoning as others have offered. It was done for fun...
Taken from it's readme.txt file, below are some of the functions that Deep Throat offers:
To use the FTP server you will need a FTP Client Like Cute FTP or WS_FTP, This allows you to Upload and download files from the server (Any Client Should Work)
Provided below, is a picture of what the "client" portion of the software looks like. It's what the remote user would use to control your system. What could be easier than "pointing and clicking" your way through another users PC?
How to Remove
Several steps involve working within the Windows 95/98 registry. And although the steps are easy, I cannot be held responsible if a mistake is made. Please use caution.
Note: Look at the path specified within the Data value. Write down the directory where the "systempatch.exe" file is being loaded from.
Congratulations, Deep Throat has now been removed from your system.
Copyright Commodon Communications. All rights reserved.