irc.lulz.ee

By Pig, November 23, 2009

Remote Host Port Number
64.89.27.36 51987

NICK pLagUe{USA}72995
MODE pLagUe{USA}72995 -ix
JOIN #trees
PONG irc.lulz.ee
USER SkuZ * ok
TeaM UniX b0at 0.4
PRIVMSG #trees :
New PC Infected.

Other details

* The following port was open in the system:

Port Protocol Process
1052 TCP raidhost.exe (%Windir%raidhost.exe)

Registry Modifications

* The newly created Registry Value is:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
+ raidhost = “raidhost.exe”

so that raidhost.exe runs every time Windows starts

Categories: Uncategorized
Previous post
Next post