botdmostg.zapto.org 204.188.244.70 * C&C Server: 204.188.244.70:6667 * Server Password: * Username: XP-6602 * Nickname: [DEU|00|P|06089] * Channel: #botd (Password: botdxD) * Channeltopic: Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “test20” = servicsewn.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminal ServerInstallSoftwareMicrosoftWindowsCurrentVersionRun “test20” = servicsewn.exe HKEY_LOCAL_MACHINESYSTEMControlSet001ServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsList “c:d4n.exe” = c:d4n.exe:*:Enabled:test20 HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTracingMicrosofteappcfg “LogSessionName” = [REG_EXPAND_SZ, value: stdout] HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTracingMicrosofteappcfg “Active”Read more...
irc.sicakalem.com
irc.sicakalem.com 212.174.140.71 * C&C Server: 212.174.140.71:6667 * Server Password: * Username: XP-1648 * Nickname: [00|DEU|239956] * Channel: (Password: ) * Channeltopic: * C&C Server: 212.174.140.71:6667 * Server Password: * Username: XP-8131 * Nickname: [00|DEU|184371] * Channel: (Password: ) * Channeltopic: * C&C Server: 212.174.140.71:6667 * Server Password: * Username: XP-6634 * Nickname: [00|DEU|338589] * Channel:Read more...
irc.malvager.com
* The following Host Name was requested from a host database: o irc.malvager.com * The data identified by the following URLs was then requested from the remote web server: o http://slayeraeb.angelfire.com/Server.ini o http://slayeraeb.angelfire.com/AJ.sla * There was application-defined hook procedure installed into the hook chain (e.g. to monitor keystrokes). The installed hook is handled by theRead more...
facebook-pic.co.cc(17k bots)
facebook-pic.co.cc 88.255.120.174 * C&C Server: 88.255.120.174:7575 * Server Password: * Username: ccviglx * Nickname: [DEU|XP|578551] * Channel: #im (Password: heur) * Channeltopic: :.p2p |.msn.link comedy porn video :)) http://www.sevdamiz.net |.msn.email comedy porn video :)) http://www.sevdamiz.net |.aim.start comedy porn video :)) http://www.sevdamiz.net Registry Changes by all processesCreate or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Windows Services” = antiver.exeHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionTerminalRead more...
winudpmgr.mydyn.net
Remote Host Port Numberwinudpmgr.mydyn.net 8080 NICK [XP]|239064039USER bvuucwlfl 0 0 :[XP]|239064039USERHOST [XP]|239064039MODE [XP]|239064039 -xi+BJOIN #ddosbotNICK [XP]|756551194USER jvecgoeyl 0 0 :[XP]|756551194USERHOST [XP]|756551194MODE [XP]|756551194 -xi+BNICK [XP]|617625980USER hojfuelqopx 0 0 :[XP]|617625980USERHOST [XP]|617625980MODE [XP]|617625980 -xi+B Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices o HKEY_CURRENT_USERSoftwareMicrosoftOLE * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + MicrosoftRead more...
www.melankolik.us
www.melankolik.us 174.120.135.28Download URLshttp://174.120.135.28/202/yenibot.php?hddseri=ACE1-A30C (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)http://174.120.135.28/202/kontrol.php (www.melankolik.us)Outgoing connection to remote server: www.melankolik.us TCP port 80Outgoing connection to remote server: www.melankolik.us TCP port 80Outgoing connection to remote server: www.melankolik.us TCP port 80Outgoing connection to remote server: www.melankolik.us TCP port 80Outgoing connection to remote server: www.melankolik.us TCP port 80Outgoing connection to remote server:Read more...
deli.byinter.net (turkish lamers)
deli.byinter.net 93.190.138.202 * C&C Server: 93.190.138.202:6667 * Server Password: * Username: ryatoaj * Nickname: [DEU|XP|516568] * Channel: #!x!# (Password: cih4n1313) * Channeltopic: : * C&C Server: 93.190.138.202:6667 * Server Password: * Username: XP-4392 * Nickname: [00|DEU|636610] * Channel: #x# (Password: hacimackackac) * Channeltopic: :.msn.stop|.msn.msg þu resme bi bakarmýsýn (yemekteyim) http://www.facebookbul.co.cc/images.php?=resim166-jpeg?= * C&C Server: 93.190.138.202:6667 *Read more...
bozoo.no-ip.biz
bozoo.no-ip.biz 94.120.148.91Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.biz TCP port 15963Outgoing connection to remote server: bozoo.no-ip.bizRead more...
67.43.226.2
ip : 67.43.226.2 port : 5540#tegane /NICK x|XP|132701#sutido /NICK ESP-NPUKP#final /NICK [JUM]-390187#surtido!login misamores lasamoo found by bi0
louisianadynamics.com
ip : 66.252.13.214h : louisianadynamics.comport : 9890 9890NICK F-olmgmodpUSER F-olmgmodp 0 0 :F-olmgmodpJOIN ##S## whith pass J