Author: Pig

Remote Host Port Number 173.193.205.116 8014 193.143.121.198 80 200.234.203.76 80 69.163.250.145 80 69.50.197.244 80 78.46.49.226 80 85.17.94.148 80 89.238.149.67 80 92.241.184.111 80 91.203.146.65 7276 ircd here USER gtsufeod gtsufeod gtsufeod :ygzhjngb NICK aSFamvBfc MODE aSFamvBfc +xi JOIN #maxi USERHOST aSFamvBfc PONG :lols.nope.com MODE #maxi +smntu Now talking in #maxi Topic On: [ #maxi ] [Read more...

Remote Host Port Number 72.20.30.114 2265 NICK [USA-0142-XP] USER 0522020 “” “lol” :0522020 JOIN #wiiwii PONG :MrWiiWii.IRC.NET Remote Host Port Number 72.20.30.114 2232 USER BAIO 8 * :Blackout AIO IRC Bot NICK [COMPUTERNAME]952 JOIN #wiiwii PONG :MrWiiWii.IRC.NET (MoDz) !login #wiiwii ([ESP-2151-XP]) Hai BoSS! ([USA-7671-VIS]) Hai BoSS! (MoDz) !version ([ESP-2151-XP]) VanaDiuM iRC BOT v1.3.0. ([USA-7671-VIS]) VanaDiuMRead more...

Resolved : [XxX.Bo7MoD.Net] To [206.41.117.171] XxX.Bo7MoD.Net 3211 chanbot = #g Now talking in #g Topic On: [ #g ] [ !clear ] Topic By: [ A ]

DNS Lookup Host Name IP Address server1.unibaq.com ip.ipwhois.org.uk 195.3.145.182 dell-d3e62f7e26 10.1.7.2 UDP Connections Remote IP Address: Port: 7006 Send Datagram: packet(s) of size 7 Recv Datagram: 1866 packet(s) of size 0 Remote IP Address: 195.3.145.182 Port: 7006 Send Datagram: packet(s) of size 7 Send Datagram: 5 packet(s) of size 3 Send Datagram: packet(s) of sizeRead more...

DNS Lookup Host Name IP Address 0 127.0.0.1 institutoterra.org.br institutoterra.org.br 200.234.200.152 UDP Connections Remote IP Address: 127.0.0.1 Port: 1060 Send Datagram: 1495 packet(s) of size 1 Recv Datagram: 1495 packet(s) of size 1 Download URLs http://200.234.200.152/js/gtec.jpg (institutoterra.org.br) http://200.234.200.152/js/mtec.jpg (institutoterra.org.br) Outgoing connection to remote server: institutoterra.org.br TCP port 80 Outgoing connection to remote server: institutoterra.org.br TCPRead more...

load kernel drivers to hide activity Registry Changes by all processes Create or Open Changes Reads HKEY_LOCAL_MACHINESYSTEMWPAMediaCenter “Installed” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “DisableUNCCheck” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “EnableExtensions” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “DelayedExpansion” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “DefaultColor” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “CompletionChar” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “PathCompletionChar” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCommand Processor “AutoRun” HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor “DisableUNCCheck” HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor “EnableExtensions” HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor “DelayedExpansion” HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor “DefaultColor” HKEY_CURRENT_USERSoftwareMicrosoftCommand Processor “CompletionChar” HKEY_CURRENT_USERSoftwareMicrosoftCommandRead more...

Remote Host Port Number 109.169.40.186 9600 PASS (null) NICK {N}|USA|XP|COMPUTERNAME|615267 USER ktzwiz “” “ntfj” :COMPUTERNAME JOIN #baddy PRIVMSG #baddy :New Servant. Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows Live Firawall = “%ProgramFiles%winlogon.exe” + UserFaultCheck = “%System%dumprep 0 -u” so that winlogon.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] +Read more...

DNS Lookup Host Name IP Address 0 127.0.0.1 vidaboa2009.pochta.ru vidaboa2009.pochta.ru 194.186.88.37 mt-canete.sites.uol.com.br mt-canete.sites.uol.com.br 200.147.33.17 UDP Connections Remote IP Address: 127.0.0.1 Port: 1183 Send Datagram: 2451 packet(s) of size 1 Recv Datagram: 2451 packet(s) of size 1 Download URLs http://194.186.88.37/borlndmm.dll (vidaboa2009.pochta.ru) http://194.186.88.37/expressos.cfg (vidaboa2009.pochta.ru) http://200.147.33.17/USB.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/secdemo.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/secdemo.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/secdemo.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/secdemo.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/USB.txt (mt-canete.sites.uol.com.br) http://200.147.33.17/secdemo.txtRead more...

securebillpayment1.com 88.208.221.204 sysupdatenbz.com 78.26.179.19 sysupdateyte.com 78.26.179.19 Download URLs http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) http://78.26.179.19/0004098213 (sysupdatenbz.com) Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remote server: securebillpayment1.com TCP port 80 Outgoing connection to remoteRead more...

contentserver001.info contentserver001.info 188.95.159.128 www.google.com www.google.com 74.125.43.99 Opened listening TCP connection on port: 21968Download URLs http://188.95.159.128/forum/img/img_1582.jpg (contentserver001.info) http://74.125.43.99/webhp (www.google.com) Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: contentserver001.info TCP port 80 Outgoing connection to remote server: www.google.com TCP port 80 RegistryRead more...