202.73.11.63 (6667) Current Local Users: 68 Max: 14 Current Global Users: 68 Max: 146 #kimi# 28 #boot# 2 #lnx 1 #!x! #vnc?# 1
n.main-update.com
n.main-update.com:81 #newbin# http://share-friend.com/n/phto-jpg-2010-05-29.scr
91.211.117.87
Remote Host Port Number 91.211.117.87 4723 NICK n{USA|XP}jjywrvd USER n{USA|XP}jjywrvd 0 0 :n{USA|XP}jjywrvd JOIN #E# Registry Modifications * The following Registry Key was created: o HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionApp * The following Registry Keys were deleted: o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBoot o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimal o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalAppMgmt o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalBase o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalBoot Bus Extender o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalBoot file system o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalCryptSvc o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimalDcomLaunch o HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSafeBootMinimaldmadminRead more...
n3w.metraiciono.com
n3w.metraiciono.com 74.82.57.113 * C&C Server: 74.82.57.113:6567 PASS pr1v4d0onl1n3r * Server Password: * Username: XP-5152 * Nickname: [SI|DEU|00|P|69152] * Channel: #salvando# (Password: c1rc0s0leil) * Channeltopic: :- MODE [SI|USA|00|P|84975] -ix JOIN #n3wb0t# c1rc0s0leil PRIVMSG #n3wb0t# :[Dl]: File download: 104.1KB to: C:DOCUME~1UserNameLOCALS~1Temperaseme_06333.exe @ 104.1KB/sec. QUIT [Update]: Updating to new bin. NICK [SI|USA|00|P|37304] USER XP-5387 * 0 :COMPUTERNAME MODERead more...
64.202.120.49
Remote Host Port Number 204.0.5.41 80 204.0.5.42 80 204.0.5.43 80 204.0.5.48 80 204.0.5.51 80 207.38.101.12 80 216.178.38.103 80 216.178.38.168 80 63.135.86.21 80 63.135.86.37 80 64.202.120.49 81 ircd here PASS xxx JOIN #XXL test PONG 22 MOTD NICK NEW-[USA|00|P|16828] USER XP-8033 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|16828] -ix * The data identified by the following URLs wasRead more...
66.225.219.7
Remote Host Port Number 204.0.5.40 80 204.0.5.41 80 204.0.5.48 80 204.0.5.50 80 204.0.5.51 80 204.0.5.59 80 207.38.101.12 80 216.178.38.103 80 216.178.38.168 80 63.135.86.30 80 66.225.219.7 1234 ircd here PASS xxx JOIN #jakarta test MODE NEW-[USA|00|P|03217] -ix NICK NEW-[USA|00|P|03217] USER XP-9813 * 0 :COMPUTERNAME PONG irc.priv8net.com * The data identified by the following URLs was thenRead more...
url.digitwordurl.com
url.digitwordurl.com 213.154.225.135 update.articlesdealing.com 74.86.97.166 74.86.97.166 74.86.97.166 Download URLs http://74.86.97.166/check.php (update.articlesdealing.com) * C&C Server: 213.154.225.135:1234 * Server Password: * Username: XP-3409 * Nickname: NEW-[DEU|00|P|04478] * Channel: #jakarta (Password: test) * Channeltopic: :.m.s|.m.n foto 😀 http://tinyurl.com/fb-views-album Outgoing connection to remote server: update.articlesdealing.com TCP port 80 Resolved : [url.digitwordurl.com] To [213.154.225.135] Resolved : [url.digitwordurl.com] To [200.113.159.243] browseusers.myspace.com browseusers.myspace.comRead more...
irc.ThunderNet.gr
Remote Host Port Number 123.242.226.29 14032 NICK latest_|USA||XP-SP2|631276 USER 6476 “” “lol” :6476 JOIN #.x.# %3%#%!%#^#%@^ PONG :irc.ThunderNet.gr Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Java updater2 = “%Temp%jusched2.exe” so that jusched2.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Java updater2 = “%Temp%jusched2.exe” so that jusched2.exe runs every timeRead more...
173.203.112.32
Remote Host Port Number 173.203.112.32 81 NICK n[USA|XP]1345482 USER s “” “lol” :s JOIN #newbin# PONG 422 JOIN #USA (null) * The following port was open in the system: Port Protocol Process 1055 TCP msng.exe (%AppData%msng.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows System Guard = “%AppData%msng.exe” so thatRead more...
doko.no-ip.org
doko.no-ip.org 72.20.1.26 Opened listening TCP connection on port: 13156 * C&C Server: 72.20.1.26:6667 * Server Password: * Username: ilkxj * Nickname: [nLh-VNC]wkceru * Channel: ##!seuz!## (Password: hackmx) * Channeltopic: :+scan 60 1 189.x.x.x 3 1 200.x.x.x Outgoing connection to remote server: 200.133.0.250 TCP port 5900 Outgoing connection to remote server: 200.216.191.20 TCP port 5900 OutgoingRead more...