Month: November 2010

217.23.13.240

Uncategorized

Remote Host Port Number 217.23.13.240 6374 NICK n{USA|XP}417752 USER 3940 “” “TsGh” :3940 JOIN #nade2# PONG :irc.NaDe.gov * The following port was open in the system: Port Protocol Process 1055 TCP hidserv.exe (%AppData%hidserv.exe) Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Update System = “%AppData%hidserv.exe” so that hidserv.exe runs everyRead more...

46.4.245.19

Uncategorized

Remote Host Port Number 46.4.245.19 6667 NICK n[XP-USA]724493 USER 8653 “” “TsGh” :8653 JOIN #PhobiiA r00t8585 PONG :BoTNeT.GoV NICK n{USA|XP}045555 USER 9218 “” “TsGh” :9218 JOIN #blazinshotguns badass PONG :BoTNeT.GoV * The following port was open in the system: Port Protocol Process 1055 TCP taskeng.exe (%AppData%taskeng.exe) Registry Modifications * The newly created Registry Values are:Read more...

irc.njoftohu.net(JiMiGj albanian lamer)

Uncategorized

this guy is from pidhi arushes kuksi a nightmare city in nord albania only bears and lamers live there Dns resolving irc.njoftohu.net Dns resolved irc.njoftohu.net to 203.81.179.38 Server: irc.njoftohu.net:6667 Domain Name………. njoftohu.net Creation Date…….. 2010-09-21 Registration Date…. 2010-09-21 Expiry Date………. 2011-09-21 Organisation Name…. njoftohu Organisation Address. 11 japan road Organisation Address. chadwell heath Organisation Address.Read more...

75.102.21.13(Parabola’s botnet hosted with United States Chicago Hostforweb Inc)

Uncategorized

Remote Host Port Number 184.73.209.168 80 204.0.5.41 80 204.0.5.42 80 204.0.5.48 80 204.0.5.56 80 216.178.38.103 80 216.178.38.168 80 63.135.86.21 80 64.208.138.220 80 64.208.241.27 80 75.102.21.13 1234 PASS xxx MODE NEW-[USA|00|P|67055] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|67055] USER XP-7278 * 0 :COMPUTERNAME * The data identified by the following URLs was then requestedRead more...

74.208.43.209

Uncategorized

Remote Host Port Number 74.208.43.209 7000 PONG A89D4707 MODE {XPUSA654841} -ix JOIN #bots# Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Services = “service2.exe” so that service2.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Windows Update = “%Temp%service2.exe” so that service2.exe runs every time Windows starts Memory Modifications *Read more...

kleverig.nl(gay ddoser)

Uncategorized

kleverig.nl 91.216.34.130 Opened listening TCP connection on port: 113 C&C Server: 91.216.34.130:6667 Server Password: Username: Administrator Nickname: Java30020 Channel: #Int3r (Password: Internal) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Win32_” = C:WINDOWSSystem32suchost.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey” HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext” HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIMM “Ime File” HKEY_CURRENT_USERSoftwareMicrosoftCTF “DisableRead more...

pig.botsgod.info(Virus egyptian lamer big net 80k)

Uncategorized

u must use botnick and ident to join his net lol looks like this lamer is mad at me (VirUs) 02:50] ??? Current Local Users: 27007 Max: 29988 (VirUs) [02:50] ??? Current Global Users: 72903 Max: 73660 pig.botsgod.info ip: 217.70.188.30 pig.botsgod.info ip: 92.243.28.194 pig.botsgod.info ip: 95.142.163.184 pig.botsgod.info:5900 User Name: VirUs Real Name: Iam_PIG_And_Iam_A_GAY0003 Password: isPigaGAYRead more...

92.243.28.194(Virus egyptian lamer)

Uncategorized

Remote Host Port Number 216.45.58.150 80 92.243.28.194 5900 PASS Virus NICK VirUs-sgpzxuis USER VirUs “” “usk” : 2Black 3Box 2360. JOIN #B2# Virus PRIVMSG #B2# :ESHTAA PONG :TESTING3.VirUs.HERE NICK VirUs-kdxrzmeu USER VirUs “” “yqs” : 8Coded 8VirUs.. JOIN #OgarD3# Virus PRIVMSG #OgarD3# :Success. * The data identified by the following URL was then requested fromRead more...

92.243.28.194

Uncategorized

(IRC) [00|FRA|852967]: Bot sniff “92.243.28.194:6667”: – “JOIN #VirUs.aLiS# Testbro “

70.61.101.163

Uncategorized

Remote Host Port Number 70.61.101.163 9595 PASS prison 72.233.89.199 80 91.198.22.71 80 PONG leaf.44274.com NICK {iNF-00-USA-XP-COMP-0885} USER MEAT * 0 :COMP JOIN ###mini NICK {00-USA-XP-COMP-0172} Other details * The following ports were open in the system: Port Protocol Process 1051 TCP usbmgr.exe (%Windir%usbmgr.exe) 1053 TCP usbmgr.exe (%Windir%usbmgr.exe) 1054 TCP usbmgr.exe (%Windir%usbmgr.exe) Registry Modifications * TheRead more...