Month: July 2010

Resolved : [pop.saherhop.com] To [216.240.158.98] Remote Host Port Number 216.240.158.98 51115 NICK XP3d2Q55a3E7 NICK XP5n9Z41e1Q5 USER ZoooP “” “pop.saherhop.com” : 14Don`t 14Abuse 14Power JOIN #USE# MODE #USE# NICK XP7w7C12v4T3 PONG :HTTP1.4 Now talking in #USE# Topic On: [ #USE# ] [ !alls 98.126.49.203 1995 1995 9999 -s ] Topic By: [ Admin ] Registry ModificationsRead more...

IP of : 75.102.25.96 host fotoglasi.com IP of : 216.246.23.186 host fotoglasi.com 75.102.25.96:1234 chanel:#!nn! .m.e foto 😀 lolll http://ow.ly/27WQL?=http://facebook.com/photo.php?=

Remote Host Port Number 204.0.5.41 80 204.0.5.48 80 204.0.5.51 80 204.0.5.56 80 204.0.5.57 80 204.0.5.58 80 216.178.38.103 80 216.178.38.168 80 216.178.39.11 80 63.135.86.21 80 66.225.241.182 2345 PASS xxx NICK NEW-[USA|00|P|11380] USER XP-4288 * 0 :COMPUTERNAME MODE NEW-[USA|00|P|11380] -ix JOIN #!gf! test PONG 22 MOTD * The data identified by the following URLs was then requestedRead more...

Remote Host Port Number x.msnsolution.org 81 Resolved : [x.msnsolution.org] To [93.174.94.87] Resolved : [x.msnsolution.org] To [93.174.94.86] Resolved : [x.msnsolution.org] To [222.73.86.59] NICK n[USA|XP]6061212 USER s “” “lol” :s JOIN #zenica# NICK [USA|XP]9153447 NICK [USA|XP]4828111 * The following ports were open in the system: Port Protocol Process 1034 TCP msdn.exe (%AppData%msdn.exe) 1036 TCP msdn.exe (%AppData%msdn.exe) 1037Read more...

Remote Host Port Number 67.210.170.142 20000 PASS ohai NICK cbikfo USER qiyvar “” “xxh” :qiyvar Registry Modifications * The following Registry Key was created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{98ZVD5C0-4FCB-11CF-AAX5-81CX1C635612} * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftActive SetupInstalled Components{98ZVD5C0-4FCB-11CF-AAX5-81CX1C635612}] + StubPath = “c:ReCycLErS-1-5-21-1482276501-1663491937-6831267430-1013svchost.exe” so that svchost.exe runs every time Windows starts File System Modifications *Read more...

c0r3.no-ip.org 66.76.203.197 C&C Server: 66.76.203.197:6667 Server Password: Username: tyykg Nickname: [00|DEU|XP|SP3]-0040 Channel: ##c0r3## (Password: death2u) Channeltopic: :.find vnc-5900 300 5 0 128.x.x.x -b Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Microsoft” = iexplorer.exe HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices “Microsoft” = iexplorer.exe HKEY_CURRENT_USERSoftwareASProtect “Microsoft” = iexplorer.exe Reads HKEY_LOCAL_MACHINESYSTEMWPAMediaCenter “Installed” HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcSecurityService “10” HKEY_LOCAL_MACHINESYSTEMControlSet001ControlSecurityProviders “SecurityProviders” HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Name” HKEY_LOCAL_MACHINESYSTEMControlSet001ControlLsaSspiCachemsapsspc.dll “Comment”Read more...

Remote Host Port Number 217.23.13.45 2012 NICK {iNF-00-USA-XP-COMP-5233} USER blaze * 0 :COMP JOIN #kyle94shop NICK {00-USA-XP-COMP-6395} PONG priv8.net Now talking in #kyle94shop Topic On: [ #kyle94shop ] [ .aSc -S |.sub |.wu |.worm |.scan svrsvc_BRUTE 45 20 100 -r -b -e -s |.scan SVRSVC_ESP_SP2 35 3 0 -b -r -e -s |.scan SVRSVC_ARG_SP2 35Read more...

Remote Host Port Number updat1.bejsis.com 1234 NICK n[USA|XP]7239180 USER 7784 “” “lol” :7784 JOIN #dl# NICK [USA|XP]3969837 USER 0665 “” “lol” :0665 Other details * To mark the presence in the system, the following Mutex object was created: o sv6Jsf868L * The following ports were open in the system: Port Protocol Process 1034 TCP redfil.exeRead more...

Remote Host Port Number 184.82.37.136 6667 NICK tltknwytlm USER ztetqtgovb 0 0 :tltknwytlm JOIN #dickery hickery USERHOST tltknwytlm MODE tltknwytlm -xi+B PONG :S.W.A.T Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices o HKEY_CURRENT_USERSoftwareMicrosoftOLE * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Microsoft = “vcpkgsrv.exe” so that vcpkgsrv.exe runs every timeRead more...

Remote Host Port Number 212.69.208.105 80 94.23.45.70 6667 NICK vrX|na|XP|SP2|00001 JOIN #vncrad# itsinearstoo MODE #vncrad# NICK :vrX|na|XP|SP2|00001 PRIVMSG #vncrad# : Scanning Range 10195.241.0.0 10scan USER RadXScan “” “94.23.45.70” :RadX MODE vrX|na|XP|SP2|00001 +i Registry Modifications * The following Registry Keys were created: o HKEY_LOCAL_MACHINESOFTWAREClasses.cha o HKEY_LOCAL_MACHINESOFTWAREClasses.chat o HKEY_LOCAL_MACHINESOFTWAREClassesChatFile o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileDefaultIcon o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShell o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopen o HKEY_LOCAL_MACHINESOFTWAREClassesChatFileShellopencommandRead more...