Author: Pig

o Host By Name: + Requested Host: lamentin97.sytes.net + Resulting Address: 82.230.41.47 o Connection Established: 0 o Socket: 0 * UDP connections_listening o Transport Protocol: TCP o Local Port: 113 o Connection Established: 0 o Socket: 1704 * Outgoing Connections + IRC Data # User Name: jiuy # Host Name: 0 # Server Name: #Read more...

Host Name IP Address www.zzgame.co.kr www.zzgame.co.kr 220.90.213.158 114.207.112.169 114.207.112.169 Download URLs http://220.90.213.158/SPMgrs/SPMgrs.svc (www.zzgame.co.kr) http://114.207.112.169/MSSPMGR/NVCC.exe (114.207.112.169) http://220.90.213.158/SPMgrs/initi.dll (www.zzgame.co.kr) http://114.207.112.169/count_log/log/boot.php?p=SPMgrs&m=00-00-00-00-00-00 (114.207.112.169) Outgoing connection to remote server: www.zzgame.co.kr TCP port 80 Outgoing connection to remote server: 114.207.112.169 TCP port 80 Outgoing connection to remote server: www.zzgame.co.kr TCP port 80 Outgoing connection to remote server: 114.207.112.169 TCP port 80Read more...

Remote Host Port Number 75.73.242.77 6667 NICK USA|00|XP|SP2|4431695 USER ftjjnps 0 0 :USA|00|XP|SP2|4431695 USERHOST USA|00|XP|SP2|4431695 MODE USA|00|XP|SP2|4431695 -x+i JOIN ###chaosbot### chaosisfullalulz PRIVMSG ###chaosbot### :[NETINFO]: [Type]: LAN (LAN Connection). [IP Address]: 192.168.194.128. [Hostname]: 174.133.89.72. JOIN ###dd0s### (null) PRIVMSG ###chaosbot### : (patcher.p fixed, version 1. PONG :CE21787E There was an outbound traffic produced on port 6667: 00000000Read more...

* Unknown Connections o Host By Name: + Requested Host: bbs.moiservice.com + Resulting Address: 81.94.201.34 o Connection Established: 0 o Socket: 0 * Outgoing Connections + IRC Data # User Name: wrzorp # Host Name: 0 # Server Name: # Real Name: _CHAR(0x03)_15‹_CHAR(0x03)_4·_CHAR(0x03)_01_CHAR(0x02)_l_CHAR(0x02)_a_CHAR(0x03)_04_CHAR(0x02)_m_CHAR(0x02)__CHAR(0x03)_01e_CHAR(0x02)_r_CHAR(0x02)__CHAR(0x03)_4·_CHAR(0x03)_15› # Nick Name: [USA]XP-SP2[00]9467 # Non RFC Conform: 1 * Channel oRead more...

Host Name IP Address cc.valid.cc 92.32.1.33 Outgoing connection to remote server: cc.valid.cc port 80 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerrun “win32” = C:WINDOWSsystem32wnd32.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “win32” = C:WINDOWSsystem32wnd32.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “win32” = C:WINDOWSsystem32wnd32.exe HKEY_CURRENT_USERSoftwareVB and VBA Program SettingsSrvIDID “ID” = Kebab HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “c:vir.exe” = c:vir.exe:*:Enabled:Windows Messanger HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfile “DoNotAllowExceptions” = [REG_DWORD, value: 00000000] HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsListRead more...

meinedosis.de meinedosis.de 85.13.138.83 UDP Connections Remote IP Address: 127.0.0.1 Port: 1037 Send Datagram: 269 packet(s) of size 1 Recv Datagram: 269 packet(s) of size 1 Download URLs http://85.13.138.83/.sys/1 (meinedosis.de) http://85.13.138.83/.sys/2 (meinedosis.de) http://85.13.138.83/.sys/3 (meinedosis.de) http://85.13.138.83/.sys/4 (meinedosis.de) Outgoing connection to remote server: meinedosis.de TCP port 80 Outgoing connection to remote server: meinedosis.de TCP port 80 Outgoing connectionRead more...

The following Host Name was requested from a host database: mails.pes2009.biz There was registered attempt to establish connection with the remote host. The connection details are: Remote Host Port Number mails.pes2009.biz 8800 Registry Modifications The newly created Registry Values are: [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] Taskman = “C:RECYCLERS-1-5-21-0243556031-888888379-781863308-1455psysnew.exe” so that psysnew.exe runs every time Windows starts [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] psysnewRead more...

Remote Host Port Number 67.43.236.68 1863 98.126.28.121 80 * The data identified by the following URLs was then requested from the remote web server: o http://host3.idfc2.info/fdc2.exe o http://host3.idfc2.info/fdc1.exe USER cakzts cakzts cakzts :vyrkvehxejzvjqvi NICK obpHQJTST MODE obpHQJTST +xi JOIN #rstn3 USERHOST obpHQJTST MODE ##a +smntu MODE ##b +smntu MODE ##c +smntu MODE #rstn3 +smntu ThereRead more...

tes.stuckin.org 98.126.47.218 tes.memehehz.info 98.126.176.186 tes.enterhere2.biz 98.126.176.186 UDP Connections Remote IP Address: 98.126.47.218 Port: 4444 Send Datagram: packet(s) of size 7 Recv Datagram: 1869 packet(s) of size 0 Remote IP Address: 98.126.176.186 Port: 4444 Send Datagram: packet(s) of size 7 Recv Datagram: 1868 packet(s) of size 0 Remote IP Address: 98.126.176.186 Port: 4444 Send Datagram: packet(s)Read more...

Remote Host Port Number 112.78.112.208 80 218.5.74.190 80 204.45.6.194 47221 * The following ports were open in the system: Port Protocol Process 1055 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 1058 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 1059 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2088 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2089 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2090 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2091 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2092 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2093Read more...