Month: April 2010

winupdservice.net

Uncategorized

Remote Host Port Number winupdservice.net 81 NICK [USA|XP]vsauaea USER s s s :s JOIN #twizt# NICK n[USA|XP]rdcsdfo NICK [USA|XP]ciirgkj Other details * To mark the presence in the system, the following Mutex object was created: o L6C8D3B8H7E3N6 * The following ports were open in the system: Port Protocol Process 1034 TCP winsvcn.exe (%AppData%winsvcn.exe) 1035 TCPRead more...

stores.dellhp.net

Uncategorized

Remote Host Port Number stores.dellhp.net 1234 NICK [USA|XP]8106732 USER 3546 “” “lol” :3546 JOIN #dl# NICK n[USA|XP]4637818 USER 8703 “” “lol” :8703 Other details To mark the presence in the system, the following Mutex object was created: SN8JSN868L The following ports were open in the system: Port Protocol Process 1034 TCP secfil.exe (%Windir%secfil.exe) 1035 TCPRead more...

poo.panjsheri.com

Uncategorized

Remote Host Port Number poo.panjsheri.com 1234 NICK [USA|XP]5234294 USER 8687 “” “lol” :8687 JOIN #po# NICK n[USA|XP]0719163 USER 3151 “” “lol” :3151 Other details * To mark the presence in the system, the following Mutex object was created: o SN5JSN868L * The following ports were open in the system: Port Protocol Process 1034 TCP winmbu.exeRead more...

boxdeccode.vaiosys.com

Uncategorized

Remote Host Port Number boxdeccode.vaiosys.com 1234 Resolved : [boxdeccode.vaiosys.com] To [85.234.144.237] Resolved : [boxdeccode.vaiosys.com] To [216.246.99.115] Resolved : [boxdeccode.vaiosys.com] To [212.117.166.201] NICK {NEW}[USA][XP-SP2]678388 USER 5100 “” “lol” :5100 JOIN #b# NICK [USA][XP-SP2]229885 USER 3392 “” “lol” :3392 NICK [USA][XP-SP2]567630 USER 9099 “” “lol” :9099 NICK [USA][XP-SP2]336902 USER 8944 “” “lol” :8944 Other details * ToRead more...

n33d.r00taccess.com

Uncategorized

Remote Host Port Number n33d.r00taccess.com 6769 NICK {NEW}[USA][XP-SP2]447382 USER 6799 “” “lol” :6799 JOIN #r00t# rootroot NICK [USA][XP-SP2]408098 USER 5014 “” “lol” :5014 NICK [USA][XP-SP2]094963 USER 3399 “” “lol” :3399 Other details * To mark the presence in the system, the following Mutex object was created: o gHJHTthrtTRu * The following port was open inRead more...

irc.soccerboss.net

Uncategorized

una.exe : INFECTED with W32/Backdoor (Signature: W32/Spybot) [ DetectionInfo ] * Filename: C:analyzerscanuna.exe. * Sandbox name: W32/Backdoor. * Signature name: W32/Spybot.EDJV. * Compressed: NO. * TLS hooks: NO. * Executable type: Application. * Executable file structure: OK. * Filetype: PE_I386. [ General information ] * Drops files in %WINSYS% folder. * File length: 261120 bytes.Read more...

desbarata.homeip.net

Uncategorized

rage1.exe : INFECTED with W32/Backdoor (Signature: NO_VIRUS) [ DetectionInfo ] * Filename: C:analyzerscanrage1.exe. * Sandbox name: W32/Backdoor. * Signature name: NO_VIRUS. * Compressed: NO. * TLS hooks: NO. * Executable type: Application. * Executable file structure: OK. * Filetype: PE_I386. [ General information ] * File length: 88064 bytes. * MD5 hash: 5b4c17334849e14b7ae630f2384d941e. * SHA1Read more...

zzxxbryanxxzz.info

Uncategorized

NICK AdR[USA-XP]892916 USER AdR[USA-XP]892916 * 0 :(null) MODE AdR[USA-XP]892916 +iR JOIN #|bryan|# NICK AdR[USA-XP]819671 USER AdR[USA-XP]819671 * 0 :(null) MODE AdR[USA-XP]819671 +iR NICK AdR[USA-XP]503906 USER AdR[USA-XP]503906 * 0 :(null) MODE AdR[USA-XP]503906 +iR NICK AdR[USA-XP]276625 USER AdR[USA-XP]276625 * 0 :(null) MODE AdR[USA-XP]276625 +iR Other details * To mark the presence in the system, the following MutexRead more...

Oficla.37

Uncategorized

virustotal analysis: http://www.virustotal.com/fr/analisis/8c8070b4b875beac9bb102186d65ecad8ab3b3b8acfba8f11a22cdb54b2f1743-1270297329 exe file: http://www.mediafire.com/?n02dignyw22 downloaded files: secondchancefilm.com/blogs/locales/bot.exe secondchancefilm.com/blogs/locales/fid.exe secondchancefilm.com/blogs/locales/ups.exe sunbeltsecurity scan: http://www.sunbeltsecurity.com/cwsandboxreport.aspx?id=12058252&cs=490E17ECA39C7DF8220185434967A0FF 195.78.108.201=wapdodoit.ru

irc.148club.com

Uncategorized

irc.148club.com:6667 NICK {NEW}[USA][XP-SP2]046767 USER 2260 “” “lol” :2260 JOIN #niu NICK [USA][XP-SP2]610113 USER 9833 “” “lol” :9833 NICK [USA][XP-SP2]253886 USER 8004 “” “lol” :8004 * The following Host Name was requested from a host database: o irc.148club.com Other details * To mark the presence in the system, the following Mutex object was created: o fJHGgjJNhgKRead more...