**** Malware_Report_-_Results ****
This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:
MD5 =93c98cfc407afe3c3b3cd557643a160e

**** Malware_Report_-_Results ****
 ___________________________________________________________________________________________________________________________________________________________________________________________________________________
|File_MD5Sum_____________________|SHA1SUM_________________________________|SHA256SUM_______________________________________________________|FUZZY_HASH____________________________________________________|File_Size|
|93c98cfc407afe3c3b3cd557643a160e|fbca31e452e693c1ac01b04105a184e5755fd0ec|5a06d7ca8e39b39291e9eb2203283080dbe8d5a6eb1956288e6a2963e19a24c5|1536:PmkgRjKOPM82q2qstg4QeV/EVWUXLNjUYphlp:PmV3Pz2fgneV8tXp9jD|80596____|
**** File_Results ****
 _________________________________________
|File_Name________________________________|
|www.hhezahh.co.cc.exe____________________|
|thootham.exe_____________________________|
|statsbeck.com.exe________________________|
|statistics.php.exe_______________________|
|shufaica.exe_____________________________|
|scan.exe_________________________________|
|saejuogi.exe_____________________________|
|oomiephe.exe_____________________________|
|load.php%3Fspl%3Djava%5Fgsb%26h%3B%3D.exe|
|laangiet.exe_____________________________|
|l.php.exe________________________________|
|installer.0042.exe_______________________|
|index.php.exe____________________________|
|exe.exe__________________________________|
|bot.exe__________________________________|
|baiquaad.exe_____________________________|
|%3Espl%3DMDAC%26exe%5Facces%3Don.exe_____|
**** SNORT_Results ****
 ____________________________________________________________________
|Snort_Class|Snort_Alert_______________________________________|Count|
|Misc_Attack|ET_RBN_Known_Russian_Business_Network_IP_TCP_(284)|1____|
**** AV_Results ****
 __________________
|AV_Alert|AV_Vendor|
**** Folders_(Added)_-_ICC_Results ****
 ___________________________________________________________________________________________________________________________
|Path__________________________________________________________________________________|Folder_Name_________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|d5cc4b46-34b2-412f-b87b-aabed2287952|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|715393df-506a-4832-86cd-900138ca1b89|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|4e571963-08d3-4f93-8c2d-2fd9538527df|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|9f400591-57db-473c-a155-b39f3cbc63e0|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|c7ea2850-ca0c-4821-a711-babad3ca589a|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|38340485-bed7-4681-a270-d326e6cd1d37|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|dacc35b4-73e4-4c0d-b819-d67fb7297581|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|ae7c964e-3e4b-4d61-b40e-527828533e05|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|f0edcf17-7b3e-4eed-98f8-0428940ac24b|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|66260f35-cc1f-44f5-ba98-b0d442e123e2|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp________________________________|d3240025-0d8f-4942-be4c-9f77407798df|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|ITB2CJ0C____________________________|
**** Files_(Added)_-_ICC_Results ****
 ___________________________________________________________________________________________________________________________________________
|Path___________________________________________________________________________________________|File_Name__________________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d5cc4b46-34b2-412f-b87b-aabed2287952____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d5cc4b46-34b2-412f-b87b-aabed2287952____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d5cc4b46-34b2-412f-b87b-aabed2287952____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-2512DEBF.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-306B40A1.pf___________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/715393df-506a-4832-86cd-900138ca1b89____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/715393df-506a-4832-86cd-900138ca1b89____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/715393df-506a-4832-86cd-900138ca1b89____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-13722C3F.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-1AB3B55B.pf___________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/4e571963-08d3-4f93-8c2d-2fd9538527df____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/4e571963-08d3-4f93-8c2d-2fd9538527df____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/4e571963-08d3-4f93-8c2d-2fd9538527df____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|CYGRUNSRV.EXE-01BF82AE.pf__________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-1CE2C65D.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-218ACEC9.pf___________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/9f400591-57db-473c-a155-b39f3cbc63e0____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/9f400591-57db-473c-a155-b39f3cbc63e0____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/9f400591-57db-473c-a155-b39f3cbc63e0____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_______________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/c7ea2850-ca0c-4821-a711-babad3ca589a____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/c7ea2850-ca0c-4821-a711-babad3ca589a____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/c7ea2850-ca0c-4821-a711-babad3ca589a____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/38340485-bed7-4681-a270-d326e6cd1d37____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/38340485-bed7-4681-a270-d326e6cd1d37____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/38340485-bed7-4681-a270-d326e6cd1d37____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-25DE1D47.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-482AC6D9.pf___________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/dacc35b4-73e4-4c0d-b819-d67fb7297581____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/dacc35b4-73e4-4c0d-b819-d67fb7297581____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/dacc35b4-73e4-4c0d-b819-d67fb7297581____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_______________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-27C30B35.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-35836DA9.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|SANDNET.EXE-2012C478.pf____________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|netstat_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_base.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|tasksvc_post.txt___________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_base.txt_____________________________|
|c:/DELL/VIDEO/OUTPUT___________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/ae7c964e-3e4b-4d61-b40e-527828533e05____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/ae7c964e-3e4b-4d61-b40e-527828533e05____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/ae7c964e-3e4b-4d61-b40e-527828533e05____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|7Z.EXE-1A62CD19.pf_________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|CYGRUNSRV.EXE-01BF82AE.pf__________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET.EXE-01A53C2F.pf________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|NET1.EXE-029B9DB4.pf_______________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/f0edcf17-7b3e-4eed-98f8-0428940ac24b____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/f0edcf17-7b3e-4eed-98f8-0428940ac24b____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/f0edcf17-7b3e-4eed-98f8-0428940ac24b____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/66260f35-cc1f-44f5-ba98-b0d442e123e2____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/66260f35-cc1f-44f5-ba98-b0d442e123e2____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/66260f35-cc1f-44f5-ba98-b0d442e123e2____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-19E0DDC4.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-32993667.pf___________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/Documents_and_Settings/dmc73144/Application_Data____________________________________________|8fbc0ebc-15d7-4dae-818a-50f3473ae912_47.avi|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d3240025-0d8f-4942-be4c-9f77407798df____|wrk1.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d3240025-0d8f-4942-be4c-9f77407798df____|wrk2.tmp___________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temp/d3240025-0d8f-4942-be4c-9f77407798df____|wrk2.tmp_47________________________________|
|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5/ITB2CJ0C|desktop.ini________________________________|
|c:_____________________________________________________________________________________________|netstat_post.txt___________________________|
|c:_____________________________________________________________________________________________|tasksvc_post.txt___________________________|
|c:_____________________________________________________________________________________________|taskv_post.txt_____________________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-1EAC97FA.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|RUNDLL32.EXE-4AE4645F.pf___________________|
|c:/WINDOWS/Prefetch____________________________________________________________________________|SANDNET.EXE-2012C478.pf____________________|
**** Files_(Deleted)_-_ICC_Results ****
 _____________________
|Action|Path|File_Name|
**** Files_(Changed)_-_ICC_Results ****
 ________________________________________________________________________________________________________________________
|Action__|Path__________________________________________________________________________________|File_Name_______________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/Program_Files/OpenSSH/var/run______________________________________________________|sshd.pid________________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING1.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/drivers/etc_______________________________________________________|hosts___________________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING1.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/Program_Files/OpenSSH/var/run______________________________________________________|sshd.pid________________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wbemess.log_____________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/Documents_and_Settings/dmc73144/Cookies____________________________________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/History/History.IE5_________________|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144/Local_Settings/Temporary_Internet_Files/Content.IE5|index.dat_______________|
|modified|c:/Documents_and_Settings/dmc73144____________________________________________________|ntuser.dat.LOG__________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|CMD.EXE-087B4001.pf_____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|NETSTAT.EXE-2B2B4428.pf_|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SH.EXE-00254D2B.pf______|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SLEEP.EXE-094A3D2A.pf___|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SSHD.EXE-298CA236.pf____|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|SWITCH.EXE-0496EC21.pf__|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|TASKLIST.EXE-10D94B23.pf|
|modified|c:/WINDOWS/Prefetch___________________________________________________________________|WMIPRVSE.EXE-28F301A9.pf|
|modified|c:/WINDOWS/system32/drivers/etc_______________________________________________________|hosts___________________|
|modified|c:/WINDOWS/system32/wbem/Logs_________________________________________________________|wmiprov.log_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|INDEX.MAP_______________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING.VER_____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|MAPPING2.MAP____________|
|modified|c:/WINDOWS/system32/wbem/Repository/FS________________________________________________|OBJECTS.MAP_____________|
**** Registry_Keys_(Added)_-_ICC_Results ****
 ___________
|Action|Path|
**** Registry_Values_(Added)_-_ICC_Results ****
 _____________________________
|Action|Path|Val_Name|Val_Data|
**** Registry_Values_(Deleted)_-_ICC_Results ****
 ________________________________________________________________
|Action|Path|Val_Name|Val_Type|Mod_Val_Type|Val_Data|Mod_Val_Data|
**** Registry_Values_(Changed)_-_ICC_Results ****
 ______________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
|Action__|Path____________________________________________________________________________________________________________________|Val_Name___________|Val_Data________________________________________________________________________|Mod_Val_Data___________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|3C_CD_90_34_AF_12_4E_04_C9_D8_78_DF_34_A1_F2_41_0F_CF_C2_DD_9A_06_B7_61_84_81_D9|DC_FF_71_F3_0E_60_68_19_A4_37_E4_B2_91_9F_31_B1_DD_B9_3E_98_2D_AA_D7_51_8D_E0_E|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|7D_F3_5A_DF_45_69_2D_90_41_FC_31_EF_2A_AD_45_11_4A_18_CA_3C_04_72_2C_13_15_45_84|98_3A_C4_20_78_6A_6E_CD_56_3C_5B_BB_2E_0A_DA_F6_03_83_AF_38_05_93_AE_75_29_78_C|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|FC_D8_B0_06_28_3A_60_7C_FB_36_CA_AD_44_8D_F4_62_1D_B9_D6_DA_0F_8D_E9_2B_F9_8B_C7|1E_62_07_FB_95_0B_2E_5E_C1_47_77_58_AF_FF_CD_50_C4_28_FA_AE_B4_0C_66_D3_9C_00_C|
|modified|HKLM/SYSTEM/ControlSet001/Control/ServiceCurrent________________________________________________________________________|___________________|0x00000009______________________________________________________________________|0x0000000A_____________________________________________________________________|
|modified|HKLM/SYSTEM/CurrentControlSet/Control/ServiceCurrent____________________________________________________________________|___________________|0x00000009______________________________________________________________________|0x0000000A_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|BF_D8_DF_BD_31_24_8D_3A_18_14_6A_0F_2E_73_16_9C_0A_D9_48_99_43_F6_B5_8F_B1_6E_A5|8A_20_94_23_13_AA_B5_66_FE_A5_B9_28_E6_8C_87_BD_0D_AB_BF_C0_52_CD_98_AD_A1_9E_A|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|7E_4A_7B_4F_BE_70_EA_6F_12_98_3F_E1_6A_B8_38_F1_AC_6A_5D_D4_7B_6B_2A_20_DF_92_07|94_FF_ED_6A_E7_EB_BA_AC_2D_C6_BE_D7_F0_66_AF_9B_4C_14_81_2C_6D_D4_59_8B_E3_A4_5|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|5D_4D_7A_66_2F_05_F5_B4_4D_5E_29_B1_AD_62_1D_CE_79_78_D3_D1_D2_24_47_5B_AD_4C_6C|A8_D2_33_7D_80_B7_30_5B_A0_6B_57_7A_2A_EA_67_15_7E_8D_C9_63_CC_6F_C8_D7_88_5E_7|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|C7_11_9D_D8_21_7E_33_56_AE_F4_5D_61_FB_F7_D3_77_5A_EE_B5_FC_FC_04_AF_B9_65_05_38|AE_29_F4_D0_6A_D9_D0_7B_63_01_30_31_A6_CD_3F_76_DF_AD_5D_A8_C3_13_E4_25_F5_A5_3|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|C2_3C_A8_CB_9F_70_88_6B_9D_31_CF_9B_4D_8E_3C_2C_B0_41_19_89_40_91_4B_29_49_A1_CF|32_25_47_B9_90_56_AD_5D_94_64_AF_CE_E2_B0_E3_DE_90_13_48_64_CA_74_D0_D8_14_B1_1|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|A5_9B_26_48_4A_0E_AA_6E_9D_86_56_28_24_62_0F_CF_F2_01_F6_C8_1A_AC_3F_BE_C3_31_EB|27_EA_BE_67_59_C0_3B_7B_DB_F2_8D_82_80_02_AB_46_3F_B2_E7_59_C2_26_48_F8_09_45_E|
|modified|HKLM/SYSTEM/CurrentControlSet/Control/ServiceCurrent____________________________________________________________________|___________________|0x00000009______________________________________________________________________|0x0000000A_____________________________________________________________________|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|B0_41_82_82_5D_A6_91_3D_E3_4C_33_32_80_5B_E2_E6_A7_FD_F4_B9_41_94_45_75_24_CD_2F|AF_79_42_E5_9F_F0_DC_04_28_6D_B6_09_96_6E_AC_A0_C8_75_7E_33_7D_AB_C6_E0_72_E2_7|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|55_FF_B9_4C_EF_7D_03_F0_7C_CE_B1_C7_1B_66_58_62_93_1D_17_EE_FE_2D_BC_76_A1_44_94|69_CF_69_17_A2_4B_0A_B9_4A_26_B9_5E_BD_1D_CA_1C_02_96_22_8E_A1_65_56_96_1C_03_8|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|19_A0_15_C1_E6_C7_2A_D9_DE_4D_21_02_50_41_9E_3F_F3_13_98_F8_33_39_D7_9C_A1_F1_18|42_63_A3_F1_F2_3C_C0_FD_E4_18_E8_D7_B1_1E_50_61_25_A5_BC_52_18_08_19_48_9E_EB_1|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
|modified|HKLM/SOFTWARE/Microsoft/Cryptography/RNG________________________________________________________________________________|Seed_______________|89_9C_6F_08_CA_CF_C8_04_08_1E_46_EC_F8_C6_AF_5A_7B_14_27_E6_05_0F_EB_9B_76_C0_B3|8F_FB_3B_E8_92_22_13_27_7C_D6_A2_26_72_98_61_ED_D7_7B_69_28_71_FA_B2_9B_45_F5_7|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet_Settings/Connections|SavedLegacySettings|3C_00_00_00_15_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_00|3C_00_00_00_17_00_00_00_01_00_00_00_00_00_00_00_00_00_00_00_00_00_00_00_04_00_0|
|modified|HKU/S-1-5-21-1844237615-562591055-839522115-1004/SessionInformation_____________________________________________________|ProgramCount_______|0x00000002______________________________________________________________________|0x00000001_____________________________________________________________________|
**** DNS_Results ****
 ___________________________________________________________________________________________________________
|DNS________________________|DNS_Response___________________________________________________________________|
|windowsupdate.microsoft.com|Standard_query_response_CNAME_windowsupdate.microsoft.nsatc.net_A_65.54.221.118|
|windowsupdate.microsoft.com|Standard_query_response_CNAME_windowsupdate.microsoft.nsatc.net_A_207.46.18.94_|
**** URL_Results ****
 __________________________________________________________________________________________________________________________________________________________
|DstIP__________|HTTP_HOST__________________|HTTP_REQUEST_URI_____________________________________________________________________|HTTP_USER_AGENT|PROTOCOL|
|65.54.221.118__|windowsupdate.microsoft.com|/____________________________________________________________________________________|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=d5cc4b46-34b2-412f-b87b-aabed2287952&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=d5cc4b46-34b2-412f-b87b-aabed2287952&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=d5cc4b46-34b2-412f-b87b-aabed2287952&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=d5cc4b46-34b2-412f-b87b-aabed2287952&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=d5cc4b46-34b2-412f-b87b-aabed2287952&l=240|_______________|0x06____|
|207.46.18.94___|windowsupdate.microsoft.com|/____________________________________________________________________________________|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=715393df-506a-4832-86cd-900138ca1b89&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=715393df-506a-4832-86cd-900138ca1b89&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=715393df-506a-4832-86cd-900138ca1b89&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=715393df-506a-4832-86cd-900138ca1b89&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=715393df-506a-4832-86cd-900138ca1b89&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=4e571963-08d3-4f93-8c2d-2fd9538527df&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=4e571963-08d3-4f93-8c2d-2fd9538527df&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=4e571963-08d3-4f93-8c2d-2fd9538527df&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=4e571963-08d3-4f93-8c2d-2fd9538527df&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=4e571963-08d3-4f93-8c2d-2fd9538527df&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=9f400591-57db-473c-a155-b39f3cbc63e0&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=9f400591-57db-473c-a155-b39f3cbc63e0&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=9f400591-57db-473c-a155-b39f3cbc63e0&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=9f400591-57db-473c-a155-b39f3cbc63e0&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=9f400591-57db-473c-a155-b39f3cbc63e0&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=c7ea2850-ca0c-4821-a711-babad3ca589a&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=c7ea2850-ca0c-4821-a711-babad3ca589a&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=c7ea2850-ca0c-4821-a711-babad3ca589a&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=c7ea2850-ca0c-4821-a711-babad3ca589a&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=c7ea2850-ca0c-4821-a711-babad3ca589a&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=38340485-bed7-4681-a270-d326e6cd1d37&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=38340485-bed7-4681-a270-d326e6cd1d37&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=38340485-bed7-4681-a270-d326e6cd1d37&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=38340485-bed7-4681-a270-d326e6cd1d37&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=38340485-bed7-4681-a270-d326e6cd1d37&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=dacc35b4-73e4-4c0d-b819-d67fb7297581&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=dacc35b4-73e4-4c0d-b819-d67fb7297581&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=dacc35b4-73e4-4c0d-b819-d67fb7297581&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=dacc35b4-73e4-4c0d-b819-d67fb7297581&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=dacc35b4-73e4-4c0d-b819-d67fb7297581&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=7f0b41ab-f426-4ffb-a025-01e4fa8cd435&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=7f0b41ab-f426-4ffb-a025-01e4fa8cd435&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=7f0b41ab-f426-4ffb-a025-01e4fa8cd435&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=7f0b41ab-f426-4ffb-a025-01e4fa8cd435&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=7f0b41ab-f426-4ffb-a025-01e4fa8cd435&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=ae7c964e-3e4b-4d61-b40e-527828533e05&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=ae7c964e-3e4b-4d61-b40e-527828533e05&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=ae7c964e-3e4b-4d61-b40e-527828533e05&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=ae7c964e-3e4b-4d61-b40e-527828533e05&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=ae7c964e-3e4b-4d61-b40e-527828533e05&l=240|_______________|0x06____|
|239.255.255.250|239.255.255.250:1900_______|*____________________________________________________________________________________|--blank--______|0x11____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=f0edcf17-7b3e-4eed-98f8-0428940ac24b&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=f0edcf17-7b3e-4eed-98f8-0428940ac24b&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=f0edcf17-7b3e-4eed-98f8-0428940ac24b&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=f0edcf17-7b3e-4eed-98f8-0428940ac24b&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=f0edcf17-7b3e-4eed-98f8-0428940ac24b&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=66260f35-cc1f-44f5-ba98-b0d442e123e2&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=66260f35-cc1f-44f5-ba98-b0d442e123e2&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=66260f35-cc1f-44f5-ba98-b0d442e123e2&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=66260f35-cc1f-44f5-ba98-b0d442e123e2&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=66260f35-cc1f-44f5-ba98-b0d442e123e2&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=d3240025-0d8f-4942-be4c-9f77407798df&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=d3240025-0d8f-4942-be4c-9f77407798df&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=d3240025-0d8f-4942-be4c-9f77407798df&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=d3240025-0d8f-4942-be4c-9f77407798df&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=d3240025-0d8f-4942-be4c-9f77407798df&l=240|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=3c04db17-9708-43ad-84ac-fab51f3e062a&t=2_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/hit.php?v=47&app_type_id=1&wm_id=acc0042&u=3c04db17-9708-43ad-84ac-fab51f3e062a&t=5_|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=3c04db17-9708-43ad-84ac-fab51f3e062a&l=416|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/t.php?app_type_id=1&wm_id=acc0042&u=3c04db17-9708-43ad-84ac-fab51f3e062a&v=47_______|_______________|0x06____|
|91.188.60.5____|91.188.60.5________________|/ll.php?v=47&app_type_id=1&wm_id=acc0042&u=3c04db17-9708-43ad-84ac-fab51f3e062a&l=240|_______________|0x06____|
**** ARGUS_PROTOCOL_Results ****
 ______________________________________________
|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|6_______|36______|28______|3817_____|3605_____|
|17______|2_______|0_______|350______|0________|
**** ARGUS_DPORT_Results ****
 ____________________________________________________
|DPORT|PROTOCOL|SRC_PKTS|DST_PKTS|SRC_BYTES|DST_BYTES|
|80___|6_______|36______|28______|3817_____|3605_____|
|1900_|17______|2_______|0_______|350______|0________|
**** ARGUS_DATA_Results ****
 ________________________________________________________________________________________
|Time____|Date______|Protocol|SrcIP_____|DstIP__________|Dir|Flags|Sport|Dport|Pkts|Bytes|
|04:07:24|2010-08-23|6_______|10.10.10.7|65.54.221.118__|->_|e____|42___|80___|9___|889__|
|04:07:25|2010-08-23|6_______|10.10.10.7|65.54.221.118__|->_|e____|412__|80___|9___|889__|
|04:07:26|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|956__|
|04:07:26|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|44___|80___|10__|1509_|
|04:07:27|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|20___|80___|9___|950__|
|04:07:29|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|108__|80___|9___|1273_|
|04:12:42|2010-08-23|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|14:10:33|2010-08-23|6_______|10.10.10.7|207.46.18.94___|->_|e____|159__|80___|9___|889__|
|14:10:34|2010-08-23|6_______|10.10.10.7|207.46.18.94___|->_|e____|451__|80___|9___|889__|
|14:10:35|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|42___|80___|9___|956__|
|14:10:37|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|950__|
|14:10:38|2010-08-23|6_______|10.10.10.7|91.188.60.5____|->_|e____|44___|80___|9___|1273_|
|14:15:52|2010-08-23|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|1___|175__|
|08:34:39|2010-08-27|6_______|10.10.10.7|65.54.221.118__|->_|e____|169__|80___|9___|889__|
|08:34:40|2010-08-27|6_______|10.10.10.7|65.54.221.118__|->_|e____|122__|80___|9___|889__|
|08:34:41|2010-08-27|6_______|10.10.10.7|91.188.60.5____|->_|e____|30___|80___|9___|956__|
|08:34:42|2010-08-27|6_______|10.10.10.7|91.188.60.5____|->_|e____|31___|80___|10__|1509_|
|08:34:43|2010-08-27|6_______|10.10.10.7|91.188.60.5____|->_|e____|32___|80___|9___|950__|
|08:34:44|2010-08-27|6_______|10.10.10.7|91.188.60.5____|->_|e____|62___|80___|9___|1273_|
|08:40:45|2010-08-27|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|06:19:46|2010-08-28|6_______|10.10.10.7|65.54.221.118__|->_|e____|42___|80___|9___|889__|
|06:19:47|2010-08-28|6_______|10.10.10.7|65.54.221.118__|->_|e____|412__|80___|9___|889__|
|06:19:48|2010-08-28|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|956__|
|06:19:49|2010-08-28|6_______|10.10.10.7|91.188.60.5____|->_|e____|20___|80___|9___|950__|
|06:19:50|2010-08-28|6_______|10.10.10.7|91.188.60.5____|->_|e____|108__|80___|9___|1273_|
|06:25:26|2010-08-28|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|00:40:04|2010-09-03|6_______|10.10.10.7|65.54.221.118__|->_|e____|31___|80___|9___|889__|
|00:40:05|2010-09-03|6_______|10.10.10.7|91.188.60.5____|->_|e____|32___|80___|9___|956__|
|00:40:07|2010-09-03|6_______|10.10.10.7|91.188.60.5____|->_|e____|64___|80___|9___|956__|
|00:40:07|2010-09-03|6_______|10.10.10.7|91.188.60.5____|->_|e____|63___|80___|10__|1509_|
|00:40:08|2010-09-03|6_______|10.10.10.7|91.188.60.5____|->_|e____|65___|80___|9___|950__|
|00:40:09|2010-09-03|6_______|10.10.10.7|91.188.60.5____|->_|e____|66___|80___|9___|1273_|
|00:48:04|2010-09-03|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|00:48:10|2010-09-03|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|1___|175__|
|06:48:56|2010-09-06|6_______|10.10.10.7|65.54.221.118__|->_|e____|43___|80___|9___|889__|
|06:48:57|2010-09-06|6_______|10.10.10.7|65.54.221.118__|->_|e____|56___|80___|9___|889__|
|06:48:58|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|20___|80___|9___|956__|
|06:48:59|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|316__|80___|9___|950__|
|06:49:00|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|311__|80___|9___|1273_|
|06:54:40|2010-09-06|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|19:43:54|2010-09-06|6_______|10.10.10.7|65.54.221.118__|->_|e____|41___|80___|9___|889__|
|19:43:55|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|499__|80___|9___|956__|
|19:43:56|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|20___|80___|9___|950__|
|19:43:58|2010-09-06|6_______|10.10.10.7|91.188.60.5____|->_|e____|311__|80___|9___|1273_|
|19:50:03|2010-09-06|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|12:37:22|2010-09-07|6_______|10.10.10.7|207.46.18.94___|->_|e____|43___|80___|9___|889__|
|12:37:24|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|956__|
|12:37:25|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|20___|80___|9___|956__|
|12:37:26|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|316__|80___|9___|950__|
|12:37:27|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|311__|80___|9___|1273_|
|23:49:09|2010-09-07|6_______|10.10.10.7|207.46.18.94___|->_|e____|495__|80___|9___|889__|
|23:49:10|2010-09-07|6_______|10.10.10.7|207.46.18.94___|->_|e____|449__|80___|9___|889__|
|23:49:11|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|245__|80___|9___|956__|
|23:49:13|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|496__|80___|9___|950__|
|23:49:14|2010-09-07|6_______|10.10.10.7|91.188.60.5____|->_|e____|497__|80___|9___|1273_|
|12:43:06|2010-09-07|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|1___|175__|
|23:55:18|2010-09-07|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|22:16:55|2010-09-08|6_______|10.10.10.7|207.46.18.94___|->_|e____|159__|80___|9___|889__|
|22:16:56|2010-09-08|6_______|10.10.10.7|207.46.18.94___|->_|e____|451__|80___|9___|889__|
|22:16:57|2010-09-08|6_______|10.10.10.7|91.188.60.5____|->_|e____|412__|80___|9___|956__|
|22:16:58|2010-09-08|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|950__|
|22:16:59|2010-09-08|6_______|10.10.10.7|91.188.60.5____|->_|e____|44___|80___|9___|1273_|
|22:24:57|2010-09-08|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|22:25:03|2010-09-08|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|1___|175__|
|11:50:17|2010-09-09|6_______|10.10.10.7|207.46.18.94___|->_|e____|316__|80___|9___|889__|
|11:50:18|2010-09-09|6_______|10.10.10.7|91.188.60.5____|->_|e____|311__|80___|9___|956__|
|11:50:19|2010-09-09|6_______|10.10.10.7|91.188.60.5____|->_|e____|6____|80___|9___|956__|
|11:50:20|2010-09-09|6_______|10.10.10.7|91.188.60.5____|->_|e____|90___|80___|9___|950__|
|11:50:21|2010-09-09|6_______|10.10.10.7|91.188.60.5____|->_|e____|91___|80___|9___|1273_|
|11:56:05|2010-09-09|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|05:19:32|2010-09-10|6_______|10.10.10.7|65.54.221.118__|->_|e____|159__|80___|9___|889__|
|05:19:33|2010-09-10|6_______|10.10.10.7|91.188.60.5____|->_|e____|451__|80___|9___|956__|
|05:19:34|2010-09-10|6_______|10.10.10.7|91.188.60.5____|->_|e____|412__|80___|9___|956__|
|05:19:34|2010-09-10|6_______|10.10.10.7|91.188.60.5____|->_|e____|43___|80___|10__|1509_|
|05:19:36|2010-09-10|6_______|10.10.10.7|91.188.60.5____|->_|e____|56___|80___|9___|950__|
|05:19:37|2010-09-10|6_______|10.10.10.7|91.188.60.5____|->_|e____|44___|80___|9___|1273_|
|05:25:17|2010-09-10|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
|03:54:18|2010-09-11|6_______|10.10.10.7|207.46.18.94___|->_|e____|282__|80___|9___|889__|
|03:54:19|2010-09-11|6_______|10.10.10.7|91.188.60.5____|->_|e____|283__|80___|9___|956__|
|03:54:21|2010-09-11|6_______|10.10.10.7|91.188.60.5____|->_|e____|223__|80___|9___|956__|
|03:54:21|2010-09-11|6_______|10.10.10.7|91.188.60.5____|->_|e____|224__|80___|10__|1509_|
|03:54:22|2010-09-11|6_______|10.10.10.7|91.188.60.5____|->_|e____|284__|80___|9___|950__|
|03:54:23|2010-09-11|6_______|10.10.10.7|91.188.60.5____|->_|e____|225__|80___|9___|1273_|
|04:00:24|2010-09-11|17______|10.10.10.7|239.255.255.250|->_|e____|8____|1900_|2___|350__|
**** Packer_Results ****
 ___________
|Packer_Name|
**** HoneyTrap_Results ****
 ____________________________
|Honey_Trap_Log_File_Location|
**** PTFB_Results ****
 ______________________
|PTFB_Log_File_Location|