Month: October 2011

server:irc.sxe-injected.com port:6667 chan:#magno321 password:lol123 hosting infos: http://whois.domaintools.com/200.43.192.219

Remote Host Port Number 204.0.5.50 80 204.0.5.58 80 216.178.38.224 80 63.135.80.46 80 72.21.91.19 80 74.125.47.100 80 74.208.164.167 1234 PASS xxx NICK NEW-[USA|00|P|21899] USER XP-0708 * 0 :COMPUTERNAME NICK [USA|00|P|65504] USER XP-6261 * 0 :COMPUTERNAME NICK [USA|00|P|68249] USER XP-7577 * 0 :COMPUTERNAME NICK [USA|00|P|47739] USER XP-7950 * 0 :COMPUTERNAME I have 748 clients and 1 serversRead more...

Remote Host Port Number 88.86.119.55 4244 PASS BIG NICK new[iRooT-XP-USA]036409 USER 0364 “” “TsGh” :0364 JOIN #N# BIG PONG :irc.akanska.com hosting infos: http://whois.domaintools.com/88.86.119.55

Remote Host Port Number 82.192.87.164 80 91.121.243.240 3389 The data identified by the following URL was then requested from the remote web server: http://tmrace.net/v5/v5.php?action=logout exe file: http://c442cbf8.tubeviral.com hosting infos: http://whois.domaintools.com/91.121.243.240

Remote Host Port Number 212.7.214.59 80 216.178.38.224 80 63.135.80.46 80 72.21.91.19 80 92.241.165.124 1234 PASS xxx NICK NEW-[USA|00|P|01507] USER XP-5713 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|01507] -ix JOIN #!nw! test PONG 22 MOTD text file used to give cmd’s to bots index.txt: http://ef8488f8.tubeviral.com hosting infos: http://whois.domaintools.com/92.241.165.124

Remote Host Port Number 199.15.234.7 80 66.45.56.124 80 69.71.57.254 80 70.38.98.238 80 222.88.205.215 5101 PASS hax0r PRIVMSG #% :[Visit]: Visited “http://g.1click.im/fY” PRIVMSG #p– :[d=”http://img104.herosh.com/2011/10/16/876345700.gif” s=”229376 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 hosting infos: http://whois.domaintools.com/222.88.205.215

Remote Host Port Number 173.245.60.21 80 63.135.80.224 80 63.135.80.46 80 64.62.181.43 80 72.21.91.19 80 212.7.214.129 2866 PASS xxx NICK NEW-[USA|00|P|77494] USER XP-8936 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|77494] -ix JOIN #!nine! test PONG 22 MOTD * The data identified by the following URLs was then requested from the remote web server: o http://www.refillntime.com/sweet.txt o http://browseusers.myspace.com/Browse/Browse.aspx oRead more...

Remote Host Port Number 199.15.234.7 80 83.233.33.6 80 212.7.214.129 1866 PASS ngrBot PRIVMSG #!hot! :[DNS]: Blocked 1310 domain(s) – Redirected 0 domain(s) NICK n{US|XPa}rzvcxsk USER rzvcxsk 0 0 :rzvcxsk JOIN #!hot! ngrBot PRIVMSG #!hot! :[HTTP]: Updated HTTP spread interval to “3” PRIVMSG #!hot! :[MSN]: Updated MSN spread interval to “2” PRIVMSG #!hot! :[HTTP]: Updated HTTPRead more...

Remote Host Port Number 119.59.99.239 1234 PASS priv9 199.15.234.7 80 NICK n{US|XP}fktrfon USER fktrfon 0 0 :fktrfon JOIN #ngr HELO hosting infos: http://whois.domaintools.com/119.59.99.239

Remote Host Port Number 199.15.234.7 80 66.45.56.124 80 69.71.57.93 80 70.38.98.238 80 60.190.223.150 5101 PASS hax0r PRIVMSG #p– :[d=”http://img104.herosh.com/2011/10/16/876345700.gif” s=”229376 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” – Download retries: 0 PRIVMSG #% :[Visit]: Visited “http://cpv.onlinelivesearch.com/cpv.jsp?p=113890&aid=10036145&partnerMin=0.00&ron=on&ronMin=0.00&url=&context=&default=http://cpvback.onlinelivesearch.com/ads.php” channel:#ngme ng00 hosting infos: http://whois.domaintools.com/60.190.223.150