67.43.232.35

By Pig, October 18, 2009

Remote Host Port Number
67.43.232.35 10324

USER tntmej tntmej tntmej :kcmgivvvhwvccgbk
NICK IeqiUsJy
MODE IeqiUsJy +xi
JOIN #kok6
USERHOST IeqiUsJy
MODE ##xddc +smntu
MODE #xddc1 +smntu
MODE #xddc2 +smntu
MODE #kok6 +smntu

* The following ports were open in the system:

Port Protocol Process
1052 TCP winamp.exe (%System%winamp.exe)
17022 TCP winamp.exe (%System%winamp.exe)

Registry Modifications

* The newly created Registry Value is:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
+ Winamp Agent = “%System%winamp.exe”

so that winamp.exe runs every time Windows starts

Memory Modifications

* There was a new process created in the system:

Process Name Process Filename Main Module Size
winamp.exe %System%winamp.exe 209 301 bytes

Categories: Uncategorized
Previous post
Next post