Remote Host Port Number194.109.20.90 6664bircd.w0rms.ro 200869.16.172.40 666869.16.172.40 7000 NICK jonasgUSER truman “” “194.109.20.90” :minedUSERHOST nickPART channelUSER truman “” “bircd.w0rms.ro” :minedSILENCE +*!*@*,~*!*@*undernet.orgMODE jonasg +iwxNICK soowonaUSER tandy “” “194.109.20.90” :alexUSER tandy “” “bircd.w0rms.ro” :alexMODE soowona +iwxMODE nick +iwxUSER tandy “” “69.16.172.40” :alex * There was application-defined hook procedure installed into the hook chain (e.g. to monitor keystrokes).Read more...
irc.seslichat5.com
Remote Host Port Numberirc.seslichat5.com 6664 NICK USA|80748USER qyleek 0 0 :USA|80748USERHOST USA|80748MODE USA|80748 -xJOIN #zxc zxcNICK USA|75655USER snzef 0 0 :USA|75655USERHOST USA|75655MODE USA|75655 -xNICK USA|15845USER nbhjmi 0 0 :USA|15845USERHOST USA|15845MODE USA|15845 -xNICK USA|12043USER glhnnaw 0 0 :USA|12043USERHOST USA|12043MODE USA|12043 -xNICK USA|76159USER opqoge 0 0 :USA|76159USERHOST USA|76159MODE USA|76159 -x Other details * To mark the presenceRead more...
xdcc.h4ck.biz
Remote Host Port Numberxdcc.h4ck.biz 53381 NICK UteetorUSER Uteetor Esmyia 127.0.0.1 :OsulusJOIN #mic#privmsg #mic# New install..NICK AlamUSER Alam Erosas 127.0.0.1 :AsernerNICK BisolfrUSER Bisolfr Edesim 127.0.0.1 :Frimsed * The following ports were open in the system: Port Protocol Process1033 TCP tcpipx.exe (%Windir%tcpipx.exe)1034 TCP tcpipx.exe (%Windir%tcpipx.exe)1035 TCP tcpipx.exe (%Windir%tcpipx.exe) * The following Host Name was requested from aRead more...
irc.sicakalem.com
PASS cih4n1313NICK USA|XP|SP2|00|0059USER ivchk 0 0 :..4CodeD .8By …1zerX.-…Virus.USERHOST USA|XP|SP2|00|0059MODE USA|XP|SP2|00|0059 -x+iJOIN #Botistan cih4n1313NOTICE USA|XP|SP2|00|0059 :.VERSION mIRC v6.21 Khaled Mardam-Bey.PRIVMSG #Botistan :.8,1-VrX- Bot ID: 915860.PRIVMSG #Botistan :.8,1-VrX- Uptime: 0d 0h 2m.PRIVMSG #Botistan :-.4.procs..- Failed to terminate process: PROCESS_NAME_TO_TERMINATE The following port was open in the system: Port Protocol Process 1041 TCP zjeecr.exe (%System%zjeecr.exe) Other detailsRead more...
xx.sqlteam.info
xx.sqlteam.info 83.68.16.6xx.enterhere.biz * C&C Server: 83.68.16.6:5190 * Server Password: * Username: jwnzny * Nickname: qRRfqWVX * Channel: (Password: ) * Channeltopic: * C&C Server: 83.68.16.6:5190 * Server Password: * Username: jwnzny * Nickname: qRRfqWVX * Channel: #las6 (Password: ) * Channeltopic: : Registry Changes by all processesCreate or Open Changes HKEY_CURRENT_USERSoftwarebcrypt “i” = [REG_DWORD, value:Read more...
xx.nadnadzz.info(VaneBot )
xx.nadnadzz.info:5190 Now talking in #mTopic On: [ #m ] [ =NuGITTP9xJfGNsT11y7ZTNlmnxwJ6cqiUAX70HX7sFxHUIpR833LVoJB7TaUK1Pzr6ddH/IiXKspDoGDbNVV2Gj3x/Y3qj1oQzyBsLjfUNELAMp ]Topic By: [ k1a3 ]Modes On: [ #m ] [ +smntSMCu ] Resolved : [xx.nadnadzz.info] To [67.43.236.67]
92.240.234.164(Mouse’s 100k botnet)
Remote Host Port Number92.240.234.164 3305 NICK P|hy4m13g8cUSER kv7ucu7y9 * 0 :USA|XP|601USERHOST P|hy4m13g8cMODE P|hy4m13g8cJOIN #mm RSAPRIVMSG #mm :+Cpiwe/Bec9E07RQ/c0vtb4S//EdYX/xXUDj093Z0X0JV7.c0puSW4.pimDm1LRefR1ZyBMf0vZEvo.KMXSW1c0M3m/Fwv310uA.y6/SUz0u/OGWL5.gwJqI.6pkc9.kty0t0KWEjq.nHZN20/qQ08.asyjW/qqA8J1QcT5G1 PASS secretpass Other details * The following ports were open in the system: Port Protocol Process69 UDP unwise_.exe (%FontsDir%unwise_.exe)1052 TCP unwise_.exe (%FontsDir%unwise_.exe)20620 TCP unwise_.exe (%FontsDir%unwise_.exe) Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate o HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftMRTRead more...
legend.rootyou.org(spybot server)
83.217.70.132:443 Nick: rrzhkUsername: rrzhkJoined Channel: #spybot with Password chanpassPrivate Message to Channel #spybot: “Version:spybot1.2c cpu: 0MHz. ram: 127MB total, 28MB free 77% in use os: Windows XP [Service Pack 3] (5.1, build 2600). uptime: 0d 0h 9m. Date: 02:Jul:2009 Time: 14:21:37 Current user: Administrator IP:192.168.0.2 Hostname:pc Windir: C:WINDOWS Systemdir: C:WINDOWSsystem32”Private Message to Channel #spybot: “KeyloggerRead more...
79.172.162.116
Host Name IP Address79.172.162.116 79.172.162.116Outgoing connection to remote server: 79.172.162.116 TCP port 3085DNS LookupHost Name IP Address79.172.162.116 79.172.162.116Outgoing connection to remote server: 79.172.162.116 TCP port 3085Outgoing connection to remote server: 79.172.162.116 TCP port 3085Outgoing connection to remote server: 79.172.162.116 TCP port 3085Outgoing connection to remote server: 79.172.162.116 TCP port 3085 Registry Changes by all processesCreateRead more...
irc.priv8net.com
Remote Host Port Number208.98.57.48 2201 NICK rpvlutUSER vafssj “” “kgq” :vafssjPONG :FDFA11A9JOIN #unf mksPONG :irc.priv8net.com PASS MSMS Registry Modifications * The following Registry Key was created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}] + StubPath = “c:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013iseL2.exe” so that iseL2.exe runs every time Windows starts * TheRead more...