Event ID - 30303

Port No30303
Service NameKAMIKAZE
RFC Doc0
ProtocolTCP
DescriptionThis is a net hack tool similar to the Back Orifice and BackDoor viruses. It was created using DELPHI 3; it pretends to be a setup program lacking SETUP32.DLL. It copies itself with the filename "MSCHV32.EXE" in the \WINDOWS\SYSTEM subdirectory. In order to have itself executed at every startup, it creates an entry in the registry pointing to itself (\HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run). It also adds the entry HKEY_CLASSES_ROOT\ DirectSockets in the Windows Registry. When this Trojan file is loaded, it enables a remote user to log into the infected system and take control over it (assuming the remote user has a client program and the correct IP address of the infected system).
Reference LinkKAMIKAZE
AttackDetail:

Once the remote user has taken control of the infected system, he/she is capable of doing just about anything on the infected computer
this includes, but is not limited to, complete control of the file, video, keyboard systems, and the behavior of the desktop, monitor, speaker, cd-rom, mouse, speaker, and printer. Likewise, the hacker can play around with the start button, desktop icons, currently running processes, and all opened windows. Last but not least, he/she is able to communicate with the infected user via a chat-like window. The virus is able to download all the recorded passwords on the infected computer since startup.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.