Category: Uncategorized

Remote Host Port Number 112.78.112.208 80 218.85.133.201 80 204.45.74.106 6682 PASS laorosr MODE #! -ix MODE #Ma -ix USER SP2-650 * 0 :COMPUTERNAME MODE [N00_USA_XP_3831042] @ -ix MODE #dpi -ix Other details * The following ports were open in the system: Port Protocol Process 1054 TCP cwdrive32.exe (%Windir%cwdrive32.exe) 1056 TCP cwdrive32.exe (%Windir%cwdrive32.exe) 1782 TCP cwdrive32.exeRead more...

DNS Lookup Host Name IP Address bleedmachine.dyndns.org 82.113.145.98 Lelystad.NL.EU.UnderNet.Org 195.47.220.2 Helsinki.FI.EU.Undernet.Org 195.197.175.21 mue-88-130-0-202.dsl.tropolys.de 88.130.0.202 Opened listening TCP connection on port: 113 C&C Server: 82.113.145.98:6667 Server Password: Username: bleed Nickname: catd Channel: (Password: ) Channeltopic: Outgoing connection to remote server: Lelystad.NL.EU.UnderNet.Org TCP port 6667 Outgoing connection to remote server: Lelystad.NL.EU.UnderNet.Org TCP port 6667 C&C Server: 195.197.175.21:6667Read more...

Remote Host Port Number 216.178.38.224 80 216.178.39.11 80 64.208.241.41 80 66.225.241.182 2345 PASS xxx JOIN #!gf! test MODE NEW-[USA|00|P|39547] -ix PONG 22 MOTD NICK NEW-[USA|00|P|39547] USER XP-2882 * 0 :COMPUTERNAME * The data identified by the following URLs was then requested from the remote web server: o http://browseusers.myspace.com/Browse/Browse.aspx o http://www.myspace.com/browse/people o http://www.myspace.com/help/browserunsupported o http://x.myspacecdn.com/modules/splash/static/img/cornersSheet.png oRead more...

Remote Host Port Number 174.37.200.82 80 63.135.80.224 80 63.135.80.46 80 64.208.241.27 80 66.220.149.25 80 64.202.107.109 1234 PASS xxx JOIN #!nn! test MODE NEW-[USA|00|P|82252] -ix PONG 22 MOTD NICK NEW-[USA|00|P|82252] USER XP-0038 * 0 :COMPUTERNAME * The data identified by the following URLs was then requested from the remote web server: o http://174.37.200.82/index.php o http://browseusers.myspace.com/Browse/Browse.aspx oRead more...

Resolved : [leaf.15781.com] To [174.137.125.78] Remote Host Port Number 173.163.15.116 9595 PASS prison 204.13.248.70 80 72.233.89.199 80 NICK {00-USA-XP-COMP-7851} PONG leaf.15781.com NICK {iNF-00-USA-XP-COMP-3925} USER MEAT * 0 :COMP JOIN ###mini Now talking in ###mini Topic By: [ pe[ro ] Modes On: [ ###mini ] [ +smntu ] Now talking in ###USA Topic On: [ ###USARead more...

DNS Lookup Host Name IP Address dell-d3e62f7e26 10.1.9.2 nice.niceshot.in 207.210.96.152 C&C Server: 207.210.96.152:6567 Server Password: Username: XP-9009 Nickname: [SI|DEU|00|P|70534] Channel: #cuchi# (Password: c1rc0dus0leil) Channeltopic: C&C Server: 207.210.96.152:6567 Server Password: Username: XP-4274 Nickname: [SI|DEU|00|P|34816] Channel: #cuchi# (Password: c1rc0dus0leil) Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Service ares” = conmysys.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRunRead more...

Remote Host Port Number 209.236.69.47 81 NOTICE IRC : V3RS10N 15D3v1Lz Sp 14yB0t M0d3d A nd C0d3d By 14sNo0p_Do0g For 15D3v1Lz T34m PRIVMSG #spy : winhostmanager.net P: 22 D: 150 T:1500. L3ts Th3 D3v1Lz W0rk! T1ll H3 G3t D1sc0nn3ct3d. JOIN #Spy Spy MODE UserName85 +i MODE #spy +ntusMm x1x4x0.net P: 5500 D: 150 T:1500. L3tsRead more...

DNS Lookup Host Name IP Address img1.alyoy.in 70.39.100.4 70.39.100.4 70.39.100.4 0 127.0.0.1 UDP Connections Remote IP Address: 127.0.0.1 Port: 1037 Send Datagram: 113 packet(s) of size 1 Recv Datagram: 113 packet(s) of size 1 Download URLs http://70.39.100.4/img/img.txt (img1.alyoy.in) http://70.39.100.4/img/YdtaOeu0lfMm1.exe (img1.alyoy.in) Outgoing connection to remote server: img1.alyoy.in TCP port 61688 Outgoing connection to remote server: img1.alyoy.inRead more...

Remote Host Port Number 69.14.212.123 65267 PASS daloot JOIN #NzM# screwu USERHOST USA|00|XP|SP2|3342046 MODE USA|00|XP|SP2|3342046 -x+i PRIVMSG #NzM# : (patcher.p fixed, version 1. NICK USA|00|XP|SP2|3342046 USER pnlzszqe 0 0 :USA|00|XP|SP2|3342046 PONG :A2E3B7DC Now talking in #NzM# Topic On: [ #NzM# ] [ .root.start dcom135 200 0 0 109.x.x.x -a -b -r -s ] Topic By:Read more...

DNS Lookup Host Name IP Address beautybiz.no-ip.org 84.19.169.234 Outgoing connection to remote server: beautybiz.no-ip.org TCP port 80DNS Lookup Host Name IP Address 127.0.0.1 127.0.0.1 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “UserInit” = C:WINDOWSsystem32userinit.exe,C:Windupdtwinupdate.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “winupdater” = C:Windupdtwinupdate.exe HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableRegistryTools” = [REG_DWORD, value: 00000001] HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfile “EnableFirewall” = [REG_DWORD, value: 00000001] HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileRead more...