Analysis Date2015-10-10 12:06:06
MD5361eb3fd5050d61e306237a6f344e84f
SHA1a92a0f31c26f271fb4cd6aa0b6ea18152c596e97

Static Details:

File typePE32 executable for MS Windows (GUI) Intel 80386 32-bit
Section.text md5: c9ff621a373ae51ef6be19877d78bf09 sha1: 084ccaae2dda681763c390979f089da15b130cd8 size: 157184
Section.rdata md5: 21a77cbb501680f671c06d6375964393 sha1: 92917a5efae9feba6fd722004d75fd7663fd5041 size: 42496
Section.data md5: 7f058966635db866d358b03bec27dedf sha1: 803e0b7acf3691604ef0ef2f9aeadc2dea53755f size: 6144
Section.rsrc md5: cb3fa48fe534b990f2ab5bb60ada616d sha1: 991585d16d74e8c92c68a71381342b8c18475810 size: 63488
Timestamp2015-09-10 09:22:35
PackerMicrosoft Visual C++ ?.?
PEhash4b21cd16b4a23b01525ce51bfe2101ce53e9af5b
IMPhash4d716f77eb9746daf4ad5ff8daa17d13
AVCA (E-Trust Ino)no_virus
AVF-SecureTrojan.Agent.BMPK
AVDr. WebBackDoor.Andromeda.1218
AVClamAVno_virus
AVArcabit (arcavir)Trojan.Agent.BMPK
AVBullGuardTrojan.Agent.BMPK
AVPadvishno_virus
AVVirusBlokAda (vba32)no_virus
AVCAT (quickheal)Trojan.Cutwail.r4
AVSophosMal/Wonton-BB
AVTrend Microno_virus
AVKasperskyTrojan.Win32.Cutwail.vpk
AVZillya!no_virus
AVEmsisoftTrojan.Agent.BMPK
AVIkarusno_virus
AVFrisk (f-prot)no_virus
AVAuthentiumW32/Trojan.DNRA-7374
AVMalwareBytesBackdoor.Andromeda
AVMicroWorld (escan)Trojan.Agent.BMPK
AVMicrosoft Security EssentialsTrojan:Win32/Skeeyah.A!bit
AVK7Trojan ( 004cf3be1 )
AVBitDefenderTrojan.Agent.BMPK
AVFortinetW32/Kryptik.DWRV!tr
AVSymantecTrojan.Gen
AVGrisoft (avg)Crypt_r.QZ
AVEset (nod32)Win32/Kryptik.DWLC
AVAlwil (avast)Dropper-gen [Drp]
AVAd-AwareTrojan.Agent.BMPK
AVTwisterno_virus
AVAvira (antivir)TR/Crypt.ZPACK.183983
AVMcafeeno_virus
AVRisingno_virus

Runtime Details:

Screenshot

Process
↳ C:\malware.exe

RegistryHKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\xuanorniptix ➝
C:\Documents and Settings\Administrator\xuanorniptix.exe
RegistryHKEY_CURRENT_CONFIG\Software\Microsoft\windows\CurrentVersion\Internet Settings\ProxyEnable ➝
NULL
RegistryHKEY_CURRENT_USER\software\Euetskmeevwak\Bazpobrat ➝
NULL
RegistryHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass ➝
1
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\pb-games[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\pb-games[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\jenco.co[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\depalo[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\pohlfood[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\usadig[1].htm
Creates FileC:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-500\a18ca4003deb042bbee7a40f15e1970b_666939c9-243b-475e-9504-51724db22670
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\tyrns[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\tyrns[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\otena[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\sclover3[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\t-tre[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\fe-bauer[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\credo.edu[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\nqks[1].htm
Creates FileC:\Documents and Settings\Administrator\Application Data\Microsoft\Crypto\RSA\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-500\c5d8393293ce2ba62f117b2c2d55bc3e_666939c9-243b-475e-9504-51724db22670
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\tc17[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\valdal[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\iamdirt[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\valdal[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\History\History.IE5\index.dat
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\aevga[1].htm
Creates FilePIPE\lsarpc
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\sjbs[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\tvtools[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\ex-olive[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\tvtools[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\naoi-a[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\h-f[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\item-pr[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\speelhal[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\yumgiskor[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\ftchat[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\wifi4all[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jacomfg[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\pupi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\abdg[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\ex-olive[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\ora.ecnet[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\edimart[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jroy[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\iamdirt[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\nqks[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\snugpak[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\crcsi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\mqs.com[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\netcr[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\ottospm[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\edimart[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\stnic.co[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\11tochi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\ora-ito[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\speelhal[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\fcwcvt[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\stnic.co[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\wnsavoy[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\pr-park[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\vitaindu[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\owsports[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\koz1[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\medius[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\item-pr[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\wkhk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\fe-bauer[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\aevga[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\tc17[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\yoruksut[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\spanesi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\depalo[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\transsib[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\pupi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\snugpak[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\rs-ag[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\yumgiskor[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\evcpa[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\abart[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\ftchat[1].htm
Creates FileC:\Documents and Settings\Administrator\xuanorniptix.exe
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\pr-park[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\dgmna[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\jroy[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\valselit[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jacomfg[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\jenco.co[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\otena[1].htm
Creates FileC:\Documents and Settings\Administrator\Cookies\index.dat
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\rs-ag[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\sjbs[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\2print[1].htm
Creates File\Device\Afd\Endpoint
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\ora-ito[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\abart[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\lrsuk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\alteor[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\dgmna[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\jchysk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\fcwcvt[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\mobilnic[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\2print[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\synetik[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\11tochi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\ottospm[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\wifi4all[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\koz1[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\pohlfood[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\dayvo[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\nunomira[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\x0c[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\mobilnic[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\sclover3[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\naoi-a[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\crcsi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\abdg[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\elpro[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\evcpa[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\h-f[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\spanesi[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\elpro[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\synetik[2].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\transsib[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\x0c[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\yoruksut[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\vitaindu[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\nunomira[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\dayvo[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\credo.edu[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\ora.ecnet[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\wkhk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\medius[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\alteor[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\netcr[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\t-tre[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\valselit[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\owsports[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\cokocoko[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\usadig[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\cokocoko[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\com-sit[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\lrsuk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\com-sit[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\wnsavoy[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jchysk[1].htm
Creates FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\mqs.com[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\pb-games[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\jenco.co[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\pohlfood[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\pupi[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\snugpak[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\tyrns[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\yumgiskor[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\evcpa[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\ftchat[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\abart[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\t-tre[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\fe-bauer[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\dgmna[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\tc17[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\valdal[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\aevga[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\otena[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\rs-ag[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\sjbs[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\tvtools[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\naoi-a[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\h-f[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\alteor[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\jchysk[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jacomfg[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\mobilnic[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\2print[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\synetik[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\ex-olive[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\ottospm[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\ora.ecnet[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\edimart[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\wifi4all[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\jroy[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\koz1[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\iamdirt[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\dayvo[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\nunomira[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\nqks[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\sclover3[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\crcsi[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\abdg[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\elpro[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\mqs.com[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\netcr[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\stnic.co[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\11tochi[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\x0c[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\ora-ito[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\speelhal[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\fcwcvt[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\credo.edu[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\pr-park[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\medius[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\valselit[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\vitaindu[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\owsports[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\usadig[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\cokocoko[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\wkhk[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\item-pr[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\lrsuk[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\D4Z32ED8\yoruksut[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\spanesi[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\depalo[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\BSDHA97U\transsib[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\658HSJSD\wnsavoy[1].htm
Deletes FileC:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\IIQ3LGTM\com-sit[1].htm
Creates Mutexc:!documents and settings!administrator!local settings!history!history.ie5!
Creates Mutexxuanorniptix
Creates MutexWininetConnectionMutex
Creates Mutexc:!documents and settings!administrator!cookies!
Creates Mutexc:!documents and settings!administrator!local settings!temporary internet files!content.ie5!
Winsock DNSwww.usadig.com
Winsock DNSwww.tc17.com
Winsock DNSwww.naoi-a.com
Winsock DNSwww.fcwcvt.org
Winsock DNSwww.h-f.net
Winsock DNSwww.valselit.com
Winsock DNSwww.jroy.net
Winsock DNSwww.2print.com
Winsock DNSwww.nunomira.com
Winsock DNSwww.pr-park.com
Winsock DNSwww.alteor.cl
Winsock DNSwww.snugpak.com
Winsock DNSwww.edimart.hu
Winsock DNSwww.fe-bauer.de
Winsock DNSwww.holleman.us
Winsock DNSwww.11tochi.net
Winsock DNSwww.transsib.com
Winsock DNSwww.tvtools.fi
Winsock DNSwww.iamdirt.com
Winsock DNSwww.stnic.co.uk
Winsock DNSwww.elpro.si
Winsock DNSwww.lrsuk.com
Winsock DNSwww.jenco.co.uk
Winsock DNSwww.ex-olive.com
Winsock DNSwww.wifi4all.nl
Winsock DNSwww.ftchat.com
Winsock DNSwww.yumgiskor.kz
Winsock DNSwww.sjbs.org
Winsock DNSwww.speelhal.net
Winsock DNSwww.cokocoko.com
Winsock DNSwww.depalo.com
Winsock DNSwww.yoruksut.com
Winsock DNSwww.medius.si
Winsock DNSwww.item-pr.com
Winsock DNSwww.jchysk.com
Winsock DNSwww.owsports.ca
Winsock DNSwww.wnsavoy.com
Winsock DNSwww.x0c.com
Winsock DNSwww.ora-ito.com
Winsock DNSwww.valdal.com
Winsock DNSwww.mobilnic.net
Winsock DNSwww.credo.edu.pl
Winsock DNSwww.com-sit.com
Winsock DNSwww.mqs.com.br
Winsock DNSwww.abart.pl
Winsock DNSwww.ottospm.com
Winsock DNSwww.ora.ecnet.jp
Winsock DNSwww.vitaindu.com
Winsock DNSwww.netcr.com
Winsock DNSwww.nqks.com
Winsock DNSwww.rs-ag.com
Winsock DNSwww.pupi.cz
Winsock DNSwww.aevga.com
Winsock DNSwww.otena.com
Winsock DNSwww.synetik.net
Winsock DNSwww.t-tre.com
Winsock DNSwww.dgmna.com
Winsock DNSwww.pb-games.com
Winsock DNSwww.crcsi.org
Winsock DNSwww.jacomfg.com
Winsock DNSwww.vazir.se
Winsock DNSwww.pohlfood.com
Winsock DNSwww.tyrns.com
Winsock DNSwww.sclover3.com
Winsock DNSwww.koz1.net
Winsock DNSwww.spanesi.com
Winsock DNSwww.abdg.com
Winsock DNSwww.evcpa.com
Winsock DNSwww.wkhk.net
Winsock DNSwww.dayvo.com

Network Details:

DNSwww.wifi4all.nl
Type: A
178.250.193.121
DNSwww.ottospm.com
Type: A
67.225.155.104
DNSora.ecnet.jp
Type: A
118.23.162.86
DNS2print.com
Type: A
72.44.92.23
DNSwww.owsports.ca
Type: A
72.3.177.107
DNSwww.owsports.ca
Type: A
72.3.177.104
DNSwww.koz1.net
Type: A
210.172.144.247
DNSwww.jroy.net
Type: A
69.163.152.182
DNSwww.elpro.si
Type: A
146.247.25.190
DNSwww.ex-olive.com
Type: A
219.122.1.240
DNSmqs.com.br
Type: A
186.202.53.85
DNSnqks.com
Type: A
98.172.157.32
DNSwww.x0c.com
Type: A
72.52.4.120
DNSwww.jacomfg.com
Type: A
166.63.0.41
DNSaevga.com
Type: A
50.97.65.91
DNSstudyrussian.com
Type: A
80.74.154.6
DNSwww.alteor.cl
Type: A
190.215.113.207
DNSwww.11tochi.net
Type: A
157.112.176.4
DNSwww.abart.pl
Type: A
85.128.201.93
DNSwww.credo.edu.pl
Type: A
195.149.225.101
DNSvaldal.com
Type: A
77.66.54.114
DNSwww.valselit.com
Type: A
213.186.33.16
DNSwww.snugpak.com
Type: A
104.24.18.4
DNSwww.snugpak.com
Type: A
104.24.19.4
DNSwww.pr-park.com
Type: A
210.172.144.23
DNScrcsi.org
Type: A
107.180.41.126
DNSwww225.wixdns.net
Type: A
216.185.153.236
DNSwww.tyrns.com
Type: A
188.138.102.228
DNSwww.h-f.net
Type: A
188.165.168.121
DNSrd-lj.medius.si
Type: A
193.95.242.34
DNSmobilnic.net
Type: A
144.76.241.119
DNSora-ito.com
Type: A
213.186.33.40
DNSvitaindu.com
Type: A
104.27.131.8
DNSvitaindu.com
Type: A
104.27.130.8
DNSwww.wkhk.net
Type: A
203.189.104.242
DNSdayvo.com
Type: A
198.41.204.36
DNSdayvo.com
Type: A
198.41.205.36
DNSwww.jenco.co.uk
Type: A
176.56.61.85
DNSwww.yumgiskor.kz
Type: A
104.28.9.175
DNSwww.yumgiskor.kz
Type: A
104.28.8.175
DNSwww.spanesi.com
Type: A
45.79.174.213
DNSdgmna.com
Type: A
23.229.142.38
DNSwww.t-tre.com
Type: A
193.201.171.50
DNSwww.wnsavoy.com
Type: A
96.91.204.114
DNSweb.sabacom.cz
Type: A
212.96.182.14
DNSnetcr.com
Type: A
208.76.82.161
DNSwww.depalo.com
Type: A
216.122.105.20
DNSwww.naoi-a.com
Type: A
122.152.128.110
DNSsynetik.net
Type: A
193.166.255.171
DNSwww.stnic.co.uk
Type: A
193.34.148.140
DNSrs-ag.com
Type: A
80.86.3.249
DNSitem-pr.com
Type: A
213.186.33.17
DNSfcwcvt.org
Type: A
104.28.19.104
DNSfcwcvt.org
Type: A
104.28.18.104
DNSpb-games.com
Type: A
103.241.2.201
DNStc17.com
Type: A
216.51.232.61
DNStvtools.fi
Type: A
94.101.13.101
DNSwww.lrsuk.com
Type: A
188.65.118.137
DNSwww.ftchat.com
Type: A
104.28.1.44
DNSwww.ftchat.com
Type: A
104.28.0.44
DNSwww.sclover3.com
Type: A
210.188.201.166
DNSwww.abdg.com
Type: A
192.252.155.173
DNSwww.evcpa.com
Type: A
207.32.48.112
DNSwww.fe-bauer.de
Type: A
37.59.218.52
DNSwww.usadig.com
Type: A
24.223.107.10
DNSwww.cokocoko.com
Type: A
203.189.104.225
DNSotena.com
Type: A
205.251.133.202
DNSyoruksut.com
Type: A
37.230.108.75
DNSwww.com-sit.com
Type: A
213.198.78.226
DNSsjbs.org
Type: A
198.1.85.250
DNSwww.speelhal.net
Type: A
217.19.237.54
DNSwww.ora.ecnet.jp
Type: A
DNSwww.2print.com
Type: A
DNSwww.mqs.com.br
Type: A
DNSwww.transsib.com
Type: A
DNSwww.nqks.com
Type: A
DNSwww.vazir.se
Type: A
DNSwww.aevga.com
Type: A
DNSwww.valdal.com
Type: A
DNSwww.mobilnic.net
Type: A
DNSwww.crcsi.org
Type: A
DNSwww.medius.si
Type: A
DNSwww.iamdirt.com
Type: A
DNSwww.ora-ito.com
Type: A
DNSwww.vitaindu.com
Type: A
DNSwww.dayvo.com
Type: A
DNSwww.dgmna.com
Type: A
DNSwww.pupi.cz
Type: A
DNSwww.netcr.com
Type: A
DNSwww.synetik.net
Type: A
DNSwww.rs-ag.com
Type: A
DNSwww.item-pr.com
Type: A
DNSwww.fcwcvt.org
Type: A
DNSwww.pb-games.com
Type: A
DNSwww.tc17.com
Type: A
DNSwww.tvtools.fi
Type: A
DNSwww.yoruksut.com
Type: A
DNSwww.otena.com
Type: A
DNSwww.sjbs.org
Type: A
DNSwww.edimart.hu
Type: A
HTTP POSThttp://www.owsports.ca/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.2print.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wifi4all.nl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.koz1.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ottospm.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ora.ecnet.jp/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jroy.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.elpro.si/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ex-olive.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ottospm.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.mqs.com.br/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wifi4all.nl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.owsports.ca/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.2print.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.koz1.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ex-olive.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jroy.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ora.ecnet.jp/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.elpro.si/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.mqs.com.br/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.nqks.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jacomfg.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.x0c.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.aevga.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.nqks.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.transsib.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.alteor.cl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.11tochi.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.abart.pl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.x0c.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jacomfg.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.aevga.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.credo.edu.pl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.transsib.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.alteor.cl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.11tochi.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.abart.pl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.credo.edu.pl/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.valdal.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.valselit.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.snugpak.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.valdal.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pr-park.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.crcsi.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.snugpak.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.valselit.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.iamdirt.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tyrns.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pr-park.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.crcsi.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.h-f.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.iamdirt.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tyrns.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.medius.si/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.h-f.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.mobilnic.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.medius.si/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.mobilnic.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ora-ito.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.vitaindu.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ora-ito.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wkhk.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.dayvo.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.vitaindu.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jenco.co.uk/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wkhk.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.yumgiskor.kz/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.dayvo.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.spanesi.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.dgmna.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.jenco.co.uk/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.t-tre.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.spanesi.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.yumgiskor.kz/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.dgmna.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wnsavoy.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.t-tre.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.wnsavoy.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pupi.cz/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.netcr.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pupi.cz/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.netcr.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.depalo.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.naoi-a.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.synetik.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.depalo.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.stnic.co.uk/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.synetik.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.naoi-a.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.rs-ag.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.item-pr.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.fcwcvt.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.stnic.co.uk/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.rs-ag.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.item-pr.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pb-games.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.fcwcvt.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.pb-games.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tc17.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tvtools.fi/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tc17.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.tvtools.fi/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.lrsuk.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ftchat.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.sclover3.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.lrsuk.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.ftchat.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.sclover3.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.abdg.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.evcpa.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.fe-bauer.de/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.usadig.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.abdg.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.evcpa.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.fe-bauer.de/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.usadig.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.cokocoko.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.cokocoko.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.otena.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.yoruksut.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.otena.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.yoruksut.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.com-sit.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.sjbs.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.com-sit.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.speelhal.net/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
HTTP POSThttp://www.sjbs.org/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
Flows TCP192.168.1.1:1037 ➝ 72.3.177.107:80
Flows TCP192.168.1.1:1038 ➝ 72.44.92.23:80
Flows TCP192.168.1.1:1039 ➝ 210.172.144.247:80
Flows TCP192.168.1.1:1040 ➝ 178.250.193.121:80
Flows TCP192.168.1.1:1041 ➝ 67.225.155.104:80
Flows TCP192.168.1.1:1042 ➝ 118.23.162.86:80
Flows TCP192.168.1.1:1043 ➝ 69.163.152.182:80
Flows TCP192.168.1.1:1044 ➝ 146.247.25.190:80
Flows TCP192.168.1.1:1045 ➝ 219.122.1.240:80
Flows TCP192.168.1.1:1046 ➝ 67.225.155.104:80
Flows TCP192.168.1.1:1047 ➝ 186.202.53.85:80
Flows TCP192.168.1.1:1048 ➝ 178.250.193.121:80
Flows TCP192.168.1.1:1049 ➝ 72.3.177.107:80
Flows TCP192.168.1.1:1050 ➝ 72.44.92.23:80
Flows TCP192.168.1.1:1051 ➝ 210.172.144.247:80
Flows TCP192.168.1.1:1052 ➝ 219.122.1.240:80
Flows TCP192.168.1.1:1053 ➝ 69.163.152.182:80
Flows TCP192.168.1.1:1054 ➝ 118.23.162.86:80
Flows TCP192.168.1.1:1055 ➝ 146.247.25.190:80
Flows TCP192.168.1.1:1056 ➝ 186.202.53.85:80
Flows TCP192.168.1.1:1057 ➝ 98.172.157.32:80
Flows TCP192.168.1.1:1059 ➝ 166.63.0.41:80
Flows TCP192.168.1.1:1060 ➝ 72.52.4.120:80
Flows TCP192.168.1.1:1061 ➝ 50.97.65.91:80
Flows TCP192.168.1.1:1062 ➝ 98.172.157.32:80
Flows TCP192.168.1.1:1063 ➝ 80.74.154.6:80
Flows TCP192.168.1.1:1064 ➝ 190.215.113.207:80
Flows TCP192.168.1.1:1065 ➝ 157.112.176.4:80
Flows TCP192.168.1.1:1066 ➝ 85.128.201.93:80
Flows TCP192.168.1.1:1067 ➝ 72.52.4.120:80
Flows TCP192.168.1.1:1068 ➝ 166.63.0.41:80
Flows TCP192.168.1.1:1069 ➝ 50.97.65.91:80
Flows TCP192.168.1.1:1070 ➝ 195.149.225.101:80
Flows TCP192.168.1.1:1071 ➝ 80.74.154.6:80
Flows TCP192.168.1.1:1072 ➝ 190.215.113.207:80
Flows TCP192.168.1.1:1073 ➝ 157.112.176.4:80
Flows TCP192.168.1.1:1074 ➝ 85.128.201.93:80
Flows TCP192.168.1.1:1075 ➝ 195.149.225.101:80
Flows TCP192.168.1.1:1076 ➝ 77.66.54.114:80
Flows TCP192.168.1.1:1077 ➝ 213.186.33.16:80
Flows TCP192.168.1.1:1078 ➝ 104.24.18.4:80
Flows TCP192.168.1.1:1079 ➝ 77.66.54.114:80
Flows TCP192.168.1.1:1080 ➝ 210.172.144.23:80
Flows TCP192.168.1.1:1081 ➝ 107.180.41.126:80
Flows TCP192.168.1.1:1082 ➝ 104.24.18.4:80
Flows TCP192.168.1.1:1083 ➝ 213.186.33.16:80
Flows TCP192.168.1.1:1084 ➝ 216.185.153.236:80
Flows TCP192.168.1.1:1085 ➝ 188.138.102.228:80
Flows TCP192.168.1.1:1086 ➝ 210.172.144.23:80
Flows TCP192.168.1.1:1087 ➝ 107.180.41.126:80
Flows TCP192.168.1.1:1088 ➝ 188.165.168.121:80
Flows TCP192.168.1.1:1089 ➝ 216.185.153.236:80
Flows TCP192.168.1.1:1090 ➝ 188.138.102.228:80
Flows TCP192.168.1.1:1091 ➝ 193.95.242.34:80
Flows TCP192.168.1.1:1092 ➝ 188.165.168.121:80
Flows TCP192.168.1.1:1093 ➝ 144.76.241.119:80
Flows TCP192.168.1.1:1094 ➝ 193.95.242.34:80
Flows TCP192.168.1.1:1095 ➝ 144.76.241.119:80
Flows TCP192.168.1.1:1096 ➝ 213.186.33.40:80
Flows TCP192.168.1.1:1097 ➝ 104.27.131.8:80
Flows TCP192.168.1.1:1098 ➝ 213.186.33.40:80
Flows TCP192.168.1.1:1099 ➝ 203.189.104.242:80
Flows TCP192.168.1.1:1100 ➝ 198.41.204.36:80
Flows TCP192.168.1.1:1101 ➝ 104.27.131.8:80
Flows TCP192.168.1.1:1102 ➝ 176.56.61.85:80
Flows TCP192.168.1.1:1103 ➝ 203.189.104.242:80
Flows TCP192.168.1.1:1104 ➝ 104.28.9.175:80
Flows TCP192.168.1.1:1105 ➝ 198.41.204.36:80
Flows TCP192.168.1.1:1106 ➝ 45.79.174.213:80
Flows TCP192.168.1.1:1107 ➝ 23.229.142.38:80
Flows TCP192.168.1.1:1108 ➝ 176.56.61.85:80
Flows TCP192.168.1.1:1109 ➝ 193.201.171.50:80
Flows TCP192.168.1.1:1110 ➝ 45.79.174.213:80
Flows TCP192.168.1.1:1111 ➝ 104.28.9.175:80
Flows TCP192.168.1.1:1112 ➝ 23.229.142.38:80
Flows TCP192.168.1.1:1113 ➝ 96.91.204.114:80
Flows TCP192.168.1.1:1114 ➝ 193.201.171.50:80
Flows TCP192.168.1.1:1115 ➝ 96.91.204.114:80
Flows TCP192.168.1.1:1116 ➝ 212.96.182.14:80
Flows TCP192.168.1.1:1117 ➝ 208.76.82.161:80
Flows TCP192.168.1.1:1118 ➝ 212.96.182.14:80
Flows TCP192.168.1.1:1119 ➝ 208.76.82.161:80
Flows TCP192.168.1.1:1120 ➝ 216.122.105.20:80
Flows TCP192.168.1.1:1121 ➝ 122.152.128.110:80
Flows TCP192.168.1.1:1122 ➝ 193.166.255.171:80
Flows TCP192.168.1.1:1123 ➝ 216.122.105.20:80
Flows TCP192.168.1.1:1124 ➝ 193.34.148.140:80
Flows TCP192.168.1.1:1125 ➝ 193.166.255.171:80
Flows TCP192.168.1.1:1126 ➝ 122.152.128.110:80
Flows TCP192.168.1.1:1127 ➝ 80.86.3.249:80
Flows TCP192.168.1.1:1128 ➝ 213.186.33.17:80
Flows TCP192.168.1.1:1129 ➝ 104.28.19.104:80
Flows TCP192.168.1.1:1130 ➝ 193.34.148.140:80
Flows TCP192.168.1.1:1131 ➝ 80.86.3.249:80
Flows TCP192.168.1.1:1132 ➝ 213.186.33.17:80
Flows TCP192.168.1.1:1133 ➝ 103.241.2.201:80
Flows TCP192.168.1.1:1134 ➝ 104.28.19.104:80
Flows TCP192.168.1.1:1135 ➝ 103.241.2.201:80
Flows TCP192.168.1.1:1136 ➝ 216.51.232.61:80
Flows TCP192.168.1.1:1137 ➝ 94.101.13.101:80
Flows TCP192.168.1.1:1138 ➝ 216.51.232.61:80
Flows TCP192.168.1.1:1139 ➝ 94.101.13.101:80
Flows TCP192.168.1.1:1140 ➝ 188.65.118.137:80
Flows TCP192.168.1.1:1141 ➝ 104.28.1.44:80
Flows TCP192.168.1.1:1142 ➝ 210.188.201.166:80
Flows TCP192.168.1.1:1143 ➝ 188.65.118.137:80
Flows TCP192.168.1.1:1144 ➝ 104.28.1.44:80
Flows TCP192.168.1.1:1145 ➝ 210.188.201.166:80
Flows TCP192.168.1.1:1146 ➝ 192.252.155.173:80
Flows TCP192.168.1.1:1147 ➝ 207.32.48.112:80
Flows TCP192.168.1.1:1148 ➝ 37.59.218.52:80
Flows TCP192.168.1.1:1149 ➝ 24.223.107.10:80
Flows TCP192.168.1.1:1150 ➝ 192.252.155.173:80
Flows TCP192.168.1.1:1151 ➝ 207.32.48.112:80
Flows TCP192.168.1.1:1152 ➝ 37.59.218.52:80
Flows TCP192.168.1.1:1153 ➝ 24.223.107.10:80
Flows TCP192.168.1.1:1154 ➝ 203.189.104.225:80
Flows TCP192.168.1.1:1155 ➝ 203.189.104.225:80
Flows TCP192.168.1.1:1156 ➝ 205.251.133.202:80
Flows TCP192.168.1.1:1157 ➝ 37.230.108.75:80
Flows TCP192.168.1.1:1158 ➝ 205.251.133.202:80
Flows TCP192.168.1.1:1159 ➝ 37.230.108.75:80
Flows TCP192.168.1.1:1160 ➝ 213.198.78.226:80
Flows TCP192.168.1.1:1161 ➝ 198.1.85.250:80
Flows TCP192.168.1.1:1162 ➝ 213.198.78.226:80
Flows TCP192.168.1.1:1163 ➝ 217.19.237.54:80
Flows TCP192.168.1.1:1164 ➝ 198.1.85.250:80
Flows TCP192.168.1.1:1165 ➝ 217.19.237.54:80

Raw Pcap

Strings