Results 1 to 2 of 2
Thread: !!!
Hybrid View
-
6th December 2003 23:08 #1
!!!
Windows Explorer,Control Panel Sygate Firewall- rundll32.exe
File Version : 5.1.2600.0 (xpclient.010817-1148)
File Description : Run a DLL as an App (rundll32.exe)
File Path : C:\WINDOWS\system32\rundll32.exe
Process ID : 0xA24 (Heximal) 2596 (Decimal)
Connection origin : local initiated
Protocol : TCP
Local Address : 192.168.0.2
Local Port : 3850
Remote Name : dst.trafficsyndicate.com
Remote Address : 146.82.109.220
Remote Port : 80 (HTTP - World Wide Web)
Ethernet packet details:
Ethernet II (Packet Length: 76)
Destination: 00-06-25-9f-07-f4
Source: 00-e0-7d-83-33-9e
Type: IP (0x0800)
Internet Protocol
Version: 4
Header Length: 20 bytes
Flags:
.1.. = Don't fragment: Set
..0. = More fragments: Not set
Fragment offset:0
Time to live: 64
Protocol: 0x6 (TCP - Transmission Control Protocol)
Header checksum: 0x4dcb (Correct)
Source: 192.168.0.2
Destination: 146.82.109.220
Transmission Control Protocol (TCP)
Source port: 3850
Destination port: 80
Sequence number: 4282370897
Acknowledgment number: 0
Header length: 28
Flags:
0... .... = Congestion Window Reduce (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
Checksum: 0x5ae8 (Correct)
Data (0 Bytes)
Binary dump of the packet:
0000: 00 06 25 9F 07 F4 00 E0 : 7D 83 33 9E 08 00 45 00 | ..%.....}.3...E.
0010: 00 30 AE A1 40 00 40 06 : CB 4D C0 A8 00 02 92 52 | .0..@.@..M.....R
0020: 6D DC 0F 0A 00 50 FF 3F : CB 51 00 00 00 00 70 02 | m....P.?.Q....p.
0030: FF FF E8 5A 00 00 02 04 : 05 B4 01 01 04 02 00 11 | ...Z............
0040: 00 00 00 00 00 11 00 00 : 00 00 61 69 | ..........ai
, , F-prot Trojan Remover up-date-.
SygateFirewall-a
rundll32.exe WindowsXP ." , "
-
7th December 2003 03:06 #2




Reply With Quote
R9 280,
7th May 2023, 21:28 in