Remote Host Port Number irandy.info 8160 NICK {USA-XP}481463 USER yjmpomf * 0 :COMPUTERNAME * The following ports were open in the system: Port Protocol Process 1033 TCP svhost.exe (%Windir%svhost.exe) 1034 TCP svhost.exe (%Windir%svhost.exe) * The following Host Name was requested from a host database: o irandy.info Other details * To mark the presence in theRead more...
stores.dellhp.net
# Remote Address: 82.114.87.46 # Host Name: stores.dellhp.net # Transport Protocol: TCP # Remote Address: 82.114.87.46 # Remote Port: 1234 # Protocol: IRC * IRC Data o User Name: 3052 o Host Name: “” o Server Name: o Real Name: 3052 o Nick Name: n[USA|XP]8081698 o Non RFC Conform: 1 + Channel # Name: #dl#Read more...
173.201.179.47
Remote Host Port Number 173.201.179.47 8016 NICK [00|USA|492539] PONG sv.privatenetwork.pv USER XP-0542 * 0 :COMPUTERNAME MODE [00|USA|492539] +su JOIN #private MODE #private +su NICK [00|USA|890609] USER XP-0460 * 0 :COMPUTERNAME MODE [00|USA|890609] +su * The following port was open in the system: Port Protocol Process 1054 TCP service.exe (%Windir%service.exe) Registry Modifications * The following RegistryRead more...
electric-servers.com
electric-servers.com 217.23.7.121 C&C Server: 217.23.7.121:6667 Server Password: Username: XP-0733 Nickname: [DEU-[L]-65709]NEW Channel: #Cracker (Password: none) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftGDIPlus “FontCachePath” = C:Dokumente und EinstellungenAdministratorLokale EinstellungenAnwendungsdaten HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Micrososft Omg” = taskmgrr.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRun “Micrososft Omg” = taskmgrr.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “C:Dokumente und EinstellungenAdministratorLokale EinstellungenTempfile1.exe” = C:Dokumente und EinstellungenAdministratorLokale EinstellungenTempfile1.exe:*:Enabled:Micrososft OmgRead more...
teamwaffle.net(SPAM BOT)
boards.4chan.org boards.4chan.org 204.152.204.174 static.4chan.org static.4chan.org 204.152.204.172 teamwaffle.net teamwaffle.net 94.102.55.216 0.thumbs.4chan.org 1.thumbs.4chan.org 0.thumbs.4chan.org 204.152.204.169 1.thumbs.4chan.org 204.152.204.169 2.thumbs.4chan.org 2.thumbs.4chan.org 204.152.204.169 edge.quantserve.com edge.quantserve.com 212.201.100.179 pixel.quantserve.com pixel.quantserve.com 4.71.209.20 www.google-analytics.com www.google-analytics.com 74.125.43.113 sys.4chan.org sys.4chan.org 204.152.204.156 UDP Connections Remote IP Address: 127.0.0.1 Port: 1128 Send Datagram: 401 packet(s) of size 1 Recv Datagram: 401 packet(s) of size 1 Download URLs http://204.152.204.174/b/Read more...
just.addsyrup.net
just.addsyrup.net 174.120.225.25 C&C Server: 174.120.225.25:6667 Server Password: Username: 9273 Nickname: [9273|DEU|XP] Channel: ##syrup## (Password: da32rga4a) Channeltopic: :http://teamwaffle.net/bots/syrup.exe Registry Changes by all processes Create or Open Changes HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “Microsoft Windows Hosting Service Login” = C:DOKUME~1ADMINI~1LOKALE~1Tempexplorer.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggleRead more...
und.shkumbimi.net(JimyGJ next botnet)
und.shkumbimi.net 122.183.243.48 Opened listening TCP connection on port: 559 C&C Server: 122.183.243.48:12351 Server Password: Username: pdndt Nickname: pdndt Channel: (Password: ) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows System Configuration” = C:WINDOWSwinupdates.exe Reads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS” HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey” HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey” HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext” HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIMM “Ime File” HKEY_CURRENT_USERSoftwareMicrosoftCTFRead more...
www.MSNAREA.COM
www.MSNAREA.COM 173.208.34.249 membres.lycos.fr membres.lycos.fr 213.131.252.251 membres.multimania.fr membres.multimania.fr 213.131.252.251 Download URLs http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) C&C Server: 173.208.34.249:80 Server Password: Username: SP3-943 Nickname: [N00_DEU_XP_7839707]_CHAR(0x08)_ë@ Channel: (Password: ) Channeltopic: C&C Server: 173.208.34.249:81 Server Password: Username: SP3-720 Nickname: [00_DEU_XP_4068211] Channel: #xx32 (Password: ) Channeltopic: :.asc -SRead more...
wiss.lulzimehodza.com(JimyGJ bots)
Again JimyGJ botnet another lamer from kuksi the land of pidhi arushes – DNS Queries: Name Query Type Query Result Successful Protocol wiss.lulzimehodza.com DNS_TYPE_A 122.183.243.42 YES udp 122.183.243.42:12351 Nick: `tsnugx Username: `tsnugx Joined Channel: #.serve1 with Password kr Joined Channel: #.a with Password -s Channel Topic for Channel #.serve1: “.join #.dc |`adv.start lsass 75 3Read more...
amzo.no-ip.biz
Username: XP-4316 Nickname: [DEU|00|P|67741] Channel: #Amzo (Password: pakie) Channeltopic: :.msn.msg OMG! Who the fuck uploaded this of you? http://amzo.escriptirc.com/DSC120394.com C&C Server: 217.23.7.121:6667 Server Password: Username: XP-5137 Nickname: [DEU|00|P|97851] Channel: #Amzo (Password: pakie) Channeltopic: :.msn.msg OMG! Who the fuck uploaded this of you? http://amzo.escriptirc.com/DSC120394.com amzo.no-ip.biz 217.23.7.121 Opened listening TCP connection on port: 113 C&C Server: 217.23.7.121:6667Read more...