Remote Host Port Number 67.43.236.68 1863 98.126.28.121 80 * The data identified by the following URLs was then requested from the remote web server: o http://host3.idfc2.info/fdc2.exe o http://host3.idfc2.info/fdc1.exe USER cakzts cakzts cakzts :vyrkvehxejzvjqvi NICK obpHQJTST MODE obpHQJTST +xi JOIN #rstn3 USERHOST obpHQJTST MODE ##a +smntu MODE ##b +smntu MODE ##c +smntu MODE #rstn3 +smntu ThereRead more...

tes.stuckin.org 98.126.47.218 tes.memehehz.info 98.126.176.186 tes.enterhere2.biz 98.126.176.186 UDP Connections Remote IP Address: 98.126.47.218 Port: 4444 Send Datagram: packet(s) of size 7 Recv Datagram: 1869 packet(s) of size 0 Remote IP Address: 98.126.176.186 Port: 4444 Send Datagram: packet(s) of size 7 Recv Datagram: 1868 packet(s) of size 0 Remote IP Address: 98.126.176.186 Port: 4444 Send Datagram: packet(s)Read more...

Remote Host Port Number 112.78.112.208 80 218.5.74.190 80 204.45.6.194 47221 * The following ports were open in the system: Port Protocol Process 1055 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 1058 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 1059 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2088 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2089 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2090 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2091 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2092 TCP ccdrive32.exe (%Windir%ccdrive32.exe) 2093Read more...

Remote Host Port Number 64.120.14.52 27034 PASS sextsex MODE #!!pp!!# +ix NICK [00|USA|765097] USER XP-4182 * 0 :COMPUTERNAME MODE [00|USA|765097] +ix JOIN #!!pp!!# sextsex Other details * The following port was open in the system: Port Protocol Process 1052 TCP tub3tex.exe.exe (%Windir%tub3tex.exe.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + JavaRead more...

Remote Host Port Number 62.193.242.95 8080 NICK [New|OutBreak|USA|XP|026717] PONG 22 MOTD USER [New|OutBreak|USA|XP|026717] * 0 :(null) MODE [New|OutBreak|USA|XP|026717] +iR JOIN #out PRIVMSG #out :[OutBreak]: 08New * The following port was open in the system: Port Protocol Process 1056 TCP iexplore.exe (%Windir%iexplore.exe) Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + iexplore.exe =Read more...

java.KUTLUFAMILY.COM 66.90.113.196 membres.lycos.fr membres.lycos.fr 213.131.252.251 membres.multimania.fr membres.multimania.fr 213.131.252.251 proxyworld.ifrance.com proxyworld.ifrance.com 82.196.5.79 Download URLs http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://213.131.252.251/proxyworld/azenv.php (membres.lycos.fr) http://82.196.5.79/azenv.php (proxyworld.ifrance.com) * C&C Server: 66.90.113.196:81 * Server Password: * Username: SP3-536 * Nickname: [N00_DEU_XP_9471050]ˆð@ * Channel: (Password: ) * Channeltopic: * C&C Server: 66.90.113.196:80 * Server Password:Read more...

onlinecentralstore.com onlinecentralstore.com 193.105.0.60 76.191.104.55 76.191.104.55 Opened listening TCP connection on port: 28976 Opened listening TCP connection on port: 37660 Download URLs http://193.105.0.60/pemperem.bin (onlinecentralstore.com) http://193.105.0.60/pemperem.bin (onlinecentralstore.com) http://193.105.0.60/ononnono.exe (onlinecentralstore.com) Outgoing connection to remote server: onlinecentralstore.com TCP port 80 Outgoing connection to remote server: onlinecentralstore.com TCP port 80 Outgoing connection to remote server: 76.191.104.55 TCP port 443 OutgoingRead more...

mindleak.com 0xff.memzero.info 0x80.online-software.org 0x80.goingformars.com 0x80.martiansong.com 0x80.my1x1.com /server 194.109.11.65 6556 channel: #9#, #raw #exploit detox bot

mot.thand.su 69.42.218.72 fr.thand.su fr.thand.su 67.214.175.92 www.cship.info www.cship.info 87.98.247.2 Download URLs http://67.214.175.92/ (fr.thand.su) http://67.214.175.92/ (fr.thand.su) http://67.214.175.92/ (fr.thand.su) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) http://87.98.247.2/azenv.php (www.cship.info) * C&C Server: 69.42.218.72:1863 * Server Password: * Username: SP3-082 * Nickname: [N00_DEU_XP_8844899]_CHAR(0x18)_á@ * Channel: (Password: ) * Channeltopic: * C&C Server: 69.42.218.72:1863 * Server Password: * Username: SP3-582 * Nickname:Read more...

grummerhens.net grummerhens.net 66.96.219.101 Opened listening TCP connection on port: 21366 Download URLs http://66.96.219.101/13/cc.bin (grummerhens.net) Outgoing connection to remote server: grummerhens.net TCP port 80 Outgoing connection to remote server: grummerhens.net TCP port 80 Outgoing connection to remote server: grummerhens.net TCP port 80 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon “userinit” = C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32sdra64.exe,Read more...