|
| Name: | Masters Paradise |
| Aliases: | Masters Paradise 98, Paradise Agent.srv, Paradise trojan, Backdoor.masterP, |
| Ports: | 31, 3129, 40421, 40422, 40423, 40425, 40426 |
| Files: | Mp9.2.zip - 768,492 bytes Mp98b8.zip - 1,454,567 bytes Mp98b9.2.zip - 768,492 bytes Mp98b9.7.zip - 515,974 bytes Mp98b9.8.zip - 400,068 bytes Mp99b9.9d.zip - 1,373,184 bytes Mpmod.zip - 563,133 bytes Agent.zip - 148,374 bytes Angel.zip - 219,377 bytes Mstparadisev99b.zip - 567,478 bytes Mp.exe - 567,786 bytes Mp98b.exe - 567,786 bytes Paradise.exe - 855,552 bytes Paradise.exe - 888,320 bytes Paradise.exe - 916,480 bytes Paradise.exe - 1,446,400 bytes Master.exe - 1,096,704 bytes Matersparadiswvb9,9.exe - 603,882 bytes Creadisk.exe - 301,568 bytes Setup.uex - 196,096 bytes English.ini - 2,063 bytes Deutsch.ini - 2,519 bytes Autopoll.exe - 250,368 bytes Autopoll.ini - 49 bytes Autopoll.ini - 76 bytes Paradise.ini - 24 bytes Paradise.ini - 82 bytes Paradise.ini - 220 bytes Explorer.exe - 280,576 bytes Dnsmaster.exe - 271,360 bytes Pingbomb.exe - 299,008 bytes Portscan.exe - 296.960 bytes Agent.exe - 293,376 bytes Agent.exe - 769,066 bytes Uagent.exe - 282,624 bytes Game.exe - 506,368 bytes Keyhook.dll - Angel.exe - 430,592 bytes |
| Created: | Mar 1998 |
| Requires: | N/A |
| Actions: | Remote Access |
| Versions: | 8.0 beta, 8.5, 9.2 beta, 9.5 beta, 9.6, 9.7 beta, 9.8 beta, 9.9c beta, 9.9d beta, |
| Registers: | HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices |
| Notes: | Works on Windows 95, 98 and NT. |
| Country: | written in Germany |
| Program: | N/A |
 Using the Process Monitor from AATools, you will see whether any foreign
programs are running on your computer. If you find some unwanted program, you
can terminate it by clicking the 'Terminate Process' button on the Toolbar.
Using the AATools Network Monitor, you can see what ports are in use on
your local PC for connection with remote systems (LAN/Internet). On Windows
NT/2000/XP the Network Monitor will display you the services that are active on
the ports, and map the ports to their respective applications. If you register
port probes directed against ports that are normally not used, it is possible
that someone is trying to connect to a Trojan inside your network. Using the
Registry Cleaner (Startup section) from AATools, you will see
the list of programs that are registered under Run, RunOnce, RunOnceEx and
RunService registry keys. So you can find out what programs are started behind
your back. You should check these programs to see they are legitimate ones but
not Trojans programs.
0-C | D-H | I-N
| O-S | T-Z
If you have any questions or information about ports used by Trojans not
listed above, please contact us. |
