Malware Report

Malware Report - Results

This report shows all the different areas TAZER analyzes for the sample: Host, Network Activity, and Detection.

Malware Search Criteria:

MD5 =adb13ee6b3a46d0ab290c17feeaf3a59

Malware Report - Results

File MD5Sum	SHA1SUM	SHA256SUM	FUZZY HASH	File Size
adb13ee6b3a46d0ab290c17feeaf3a59	57a8d5eb1be8c5c3f40d0893727877e88e4d9ff8	66644d34f8d649f74a5953aef9ff37e0d9b02249a3f12ab94253074609518c06	6144:Qhv6tTBgRLar5ZY9R3/4YIJ8m1MxUyRzoVOBlYQflIG:QhitTXZARP4BJTM6++OBlYER	313344

File Results

File Name
d.exe

SNORT Results

Snort Class	Snort Alert	Count
Misc activity	ICMP PING	2559
Misc activity	ICMP Echo Reply	2559
Misc activity	ET SCAN Behavioral Unusual Port 445 traffic, Potential Scan or Infection	2
Misc activity	ET SCAN Behavioral Unusual Port 139 traffic, Potential Scan or Infection	2
Potential Corporate Privacy Violation	ET P2P BitTorrent Announce	2
Potential Corporate Privacy Violation	ET P2P BitTorrent DHT ping request	1

AV Results

AV Alert	AV Vendor

Folders (Added) - ICC Results

Path	Folder Name
c:/Documents and Settings/dmc73144/Local Settings/Temp	WERc0dd.dir00
c:/Documents and Settings/NetworkService	Favorites
c:/Documents and Settings/NetworkService/Favorites	Links
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft	CryptnetUrlCache
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache	content
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache	MetaData

Files (Added) - ICC Results

Path	File Name
c:/Documents and Settings/dmc73144/Local Settings/Temp/WERc0dd.dir00	appcompat.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp/WERc0dd.dir00	manifest.txt
c:/Documents and Settings/dmc73144/Local Settings/Temp/WERc0dd.dir00	svchost.exe.hdmp
c:/Documents and Settings/dmc73144/Local Settings/Temp/WERc0dd.dir00	svchost.exe.mdmp
c:/Documents and Settings/NetworkService/Cookies	index.dat
c:/Documents and Settings/NetworkService/Favorites	desktop.ini
c:/WINDOWS/Prefetch	78ED6E79.EXE-1F30B7FB.pf
c:/WINDOWS/Prefetch	AUTOIT3.EXE-32361418.pf
c:/WINDOWS/Prefetch	DIEP.EXE-0B3E1DC8.pf
c:/WINDOWS/Prefetch	DUMPREP.EXE-1B46F901.pf
c:/WINDOWS/Prefetch	DWWIN.EXE-30875ADC.pf
c:/WINDOWS/Prefetch	HSTART.EXE-221D72BF.pf
c:/WINDOWS/Prefetch	IEXPLORE.EXE-27122324.pf
c:/WINDOWS/Prefetch	REG.EXE-0D2A95F7.pf
c:/WINDOWS/Prefetch	REGSHOT.EXE-010A5EE6.pf
c:/WINDOWS/Prefetch	SANDNET.EXE-2012C478.pf
c:/WINDOWS/SoftwareDistribution/DataStore/Logs	tmp.edb
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/Content	60E31627FDA0A46932B0E5948949F2A5
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/Content	74BFD122C0875EC75DBE5C6DB4C59019
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/Content	B69D763EB21649DA26F20618312DEE70
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/Content	DC2135CED98D8A4D7C0CEE202BB0B810
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/Content	E6024EAC88E6B6165D49FE3C95ADD735
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/MetaData	60E31627FDA0A46932B0E5948949F2A5
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/MetaData	74BFD122C0875EC75DBE5C6DB4C59019
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/MetaData	B69D763EB21649DA26F20618312DEE70
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/MetaData	DC2135CED98D8A4D7C0CEE202BB0B810
c:/WINDOWS/system32/config/systemprofile/Application Data/Microsoft/CryptnetUrlCache/MetaData	E6024EAC88E6B6165D49FE3C95ADD735
c:/WINDOWS/system32	c_20178.nls
c:/WINDOWS/system32	dmutilio.dll
c:/WINDOWS/system32	RxmutlC.dll
c:/WINDOWS/Temp	58bc7449.rar

Files (Deleted) - ICC Results

Action	Path	File Name
deleted	c:/WINDOWS/system32/appmgmts.dll

Files (Changed) - ICC Results

Action	Path	File Name
modified	c:/DELL	DELLBUTN.HTM
modified	c:/DELL	UWAKEOFF.EXE
modified	c:/DELL	UWAKEON.EXE
modified	c:/DELL/VIDEO/AI/INSTALL/Aut2Exe	upx.exe
modified	c:/DELL/VIDEO/AI/INSTALL/Extras/Editors/Crimson	Manual Install and Notes.htm
modified	c:/DELL/VIDEO/AI/INSTALL/Extras/Editors/TextPad	Manual Install and Notes.htm
modified	c:/DELL/VIDEO/AI/INSTALL/Extras/SQLite	sqlite3.exe
modified	c:/DELL/VIDEO/AI/INSTALL/Extras/v2_to_v3_Converter	AutoItV2toV3.exe
modified	c:/DELL/VIDEO/AI/INSTALL/SciTE	SciTE.exe
modified	c:/DELL/VIDEO/AI/INSTALL	uninstall.exe
modified	c:/DELL/VIDEO/DIEP	DIEP.exe
modified	c:/DELL/VIDEO/DIEP/plugins/BoB	IDToText.HTML
modified	c:/DELL/VIDEO/DIEP/plugins	kanal.htm
modified	c:/DELL/VIDEO	gothere.exe
modified	c:/DELL/VIDEO	keymaster.exe
modified	c:/DELL/VIDEO/RS	regshot.exe
modified	c:/DELL/VIDEO	sendit.exe
modified	c:/Documents and Settings/dmc73144/Cookies	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/History/History.IE5	index.dat
modified	c:/Documents and Settings/dmc73144/Local Settings/Temporary Internet Files/Content.IE5	index.dat
modified	c:/Documents and Settings/dmc73144	ntuser.dat.LOG
modified	c:/Program Files/7-Zip	7z.exe
modified	c:/Program Files/7-Zip	7zFM.exe
modified	c:/Program Files/7-Zip	7zG.exe
modified	c:/Program Files/7-Zip	uninstall.exe
modified	c:/Program Files/Adobe/Adobe Help Viewer/1.0	ahv.exe
modified	c:/Program Files/InCtrl5	InCtrl5.exe
modified	c:/Program Files/InCtrl5	UNWISE.EXE
modified	c:/Program Files/Java/jre1.5.0_05/bin	java.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	javacpl.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	javaw.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	javaws.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	jucheck.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	jusched.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	keytool.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	kinit.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	klist.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	ktab.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	orbd.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	pack200.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	policytool.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	rmid.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	rmiregistry.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	servertool.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	tnameserv.exe
modified	c:/Program Files/Java/jre1.5.0_05/bin	unpack200.exe
modified	c:/Program Files/Mozilla Firefox/defaults/profile	bookmarks.html
modified	c:/Program Files/Mozilla Firefox/res	hiddenWindow.html
modified	c:/Program Files/MSN/MSNCoreFiles/Install	msnsusii.exe
modified	c:/Program Files/OpenSSH/bin	chmod.exe
modified	c:/Program Files/OpenSSH/bin	chown.exe
modified	c:/Program Files/OpenSSH/bin	cygrunsrv.exe
modified	c:/Program Files/OpenSSH/bin	false.exe
modified	c:/Program Files/OpenSSH/bin	last.exe
modified	c:/Program Files/OpenSSH/bin	ls.exe
modified	c:/Program Files/OpenSSH/bin	mkdir.exe
modified	c:/Program Files/OpenSSH/bin	mkgroup.exe
modified	c:/Program Files/OpenSSH/bin	mkpasswd.exe
modified	c:/Program Files/OpenSSH/bin	rm.exe
modified	c:/Program Files/OpenSSH/bin	scp.exe
modified	c:/Program Files/OpenSSH/bin	sh.exe
modified	c:/Program Files/OpenSSH/bin	ssh-add.exe
modified	c:/Program Files/OpenSSH/bin	ssh-agent.exe
modified	c:/Program Files/OpenSSH/bin	ssh-keygen.exe
modified	c:/Program Files/OpenSSH/bin	ssh-keyscan.exe
modified	c:/Program Files/OpenSSH/bin	switch.exe
modified	c:/Program Files/OpenSSH/docs	sftp-server-manual.htm
modified	c:/Program Files/OpenSSH/docs	ssh-add-manual.htm
modified	c:/Program Files/OpenSSH/docs	ssh-agent-manual.htm
modified	c:/Program Files/OpenSSH/docs	ssh-keygen-manual.htm
modified	c:/Program Files/OpenSSH/docs	ssh-keyscan-manual.htm
modified	c:/Program Files/OpenSSH/docs	sshd-config-manual.htm
modified	c:/Program Files/OpenSSH/docs	sshd-manual.htm
modified	c:/Program Files/OpenSSH	uninstall.exe
modified	c:/Program Files/OpenSSH/usr/sbin	sftp-server.exe
modified	c:/Program Files/OpenSSH/usr/sbin	ssh-keysign.exe
modified	c:/Program Files/OpenSSH/usr/sbin	sshd.exe
modified	c:/Program Files/Windows Resource Kits/Tools	adlb.exe
modified	c:/Program Files/Windows Resource Kits/Tools	atmarp.exe
modified	c:/Program Files/Windows Resource Kits/Tools	atmlane.exe
modified	c:/Program Files/Windows Resource Kits/Tools	autoexnt.exe
modified	c:/Program Files/Windows Resource Kits/Tools	cdburn.exe
modified	c:/Program Files/Windows Resource Kits/Tools	cepsetup.exe
modified	c:/Program Files/Windows Resource Kits/Tools	chklnks.exe
modified	c:/Program Files/Windows Resource Kits/Tools	chknic.exe
modified	c:/Program Files/Windows Resource Kits/Tools	cleanspl.exe
modified	c:/Program Files/Windows Resource Kits/Tools	clearmem.exe
modified	c:/Program Files/Windows Resource Kits/Tools	clusterrecovery.exe
modified	c:/Program Files/Windows Resource Kits/Tools	compress.exe
modified	c:/Program Files/Windows Resource Kits/Tools	confdisk.exe
modified	c:/Program Files/Windows Resource Kits/Tools	consume.exe
modified	c:/Program Files/Windows Resource Kits/Tools	creatfil.exe
modified	c:/Program Files/Windows Resource Kits/Tools	csccmd.exe
modified	c:/Program Files/Windows Resource Kits/Tools	custreasonedit.exe
modified	c:/Program Files/Windows Resource Kits/Tools	delprof.exe
modified	c:/Program Files/Windows Resource Kits/Tools	dh.exe
modified	c:/Program Files/Windows Resource Kits/Tools	diskraid.exe
modified	c:/Program Files/Windows Resource Kits/Tools	diskuse.exe
modified	c:/Program Files/Windows Resource Kits/Tools	dnsdiag.exe
modified	c:/Program Files/Windows Resource Kits/Tools	dvdburn.exe
modified	c:/Program Files/Windows Resource Kits/Tools	empty.exe
modified	c:/Program Files/Windows Resource Kits/Tools	eventcombmt.exe
modified	c:/Program Files/Windows Resource Kits/Tools	fcsetup.exe
modified	c:/Program Files/Windows Resource Kits/Tools	getcm.exe
modified	c:/Program Files/Windows Resource Kits/Tools	gpmonitor.exe
modified	c:/Program Files/Windows Resource Kits/Tools	gpotool.exe
modified	c:/Program Files/Windows Resource Kits/Tools	hlscan.exe
modified	c:/Program Files/Windows Resource Kits/Tools	ifilttst.exe
modified	c:/Program Files/Windows Resource Kits/Tools	ifmember.exe
modified	c:/Program Files/Windows Resource Kits/Tools	iniman.exe
modified	c:/Program Files/Windows Resource Kits/Tools	instcm.exe
modified	c:/Program Files/Windows Resource Kits/Tools	instexnt.exe
modified	c:/Program Files/Windows Resource Kits/Tools	instsrv.exe
modified	c:/Program Files/Windows Resource Kits/Tools	intfiltr.exe
modified	c:/Program Files/Windows Resource Kits/Tools	kerbtray.exe
modified	c:/Program Files/Windows Resource Kits/Tools	kernrate.exe
modified	c:/Program Files/Windows Resource Kits/Tools	klist.exe
modified	c:/Program Files/Windows Resource Kits/Tools	krt.exe
modified	c:/Program Files/Windows Resource Kits/Tools	linkd.exe
modified	c:/Program Files/Windows Resource Kits/Tools	linkspeed.exe
modified	c:/Program Files/Windows Resource Kits/Tools	list.exe
modified	c:/Program Files/Windows Resource Kits/Tools	lockoutstatus.exe
modified	c:/Program Files/Windows Resource Kits/Tools	logtime.exe
modified	c:/Program Files/Windows Resource Kits/Tools	lsreport.exe
modified	c:/Program Files/Windows Resource Kits/Tools	lsview.exe
modified	c:/Program Files/Windows Resource Kits/Tools	mcast.exe
modified	c:/Program Files/Windows Resource Kits/Tools	memmonitor.exe
modified	c:/Program Files/Windows Resource Kits/Tools	memtriage.exe
modified	c:/Program Files/Windows Resource Kits/Tools	mibcc.exe
modified	c:/Program Files/Windows Resource Kits/Tools	moveuser.exe
modified	c:/Program Files/Windows Resource Kits/Tools	mqcast.exe
modified	c:/Program Files/Windows Resource Kits/Tools	mqcatch.exe
modified	c:/Program Files/Windows Resource Kits/Tools	nlsinfo.exe
modified	c:/Program Files/Windows Resource Kits/Tools	now.exe
modified	c:/Program Files/Windows Resource Kits/Tools	ntimer.exe
modified	c:/Program Files/Windows Resource Kits/Tools	ntrights.exe
modified	c:/Program Files/Windows Resource Kits/Tools	oh.exe
modified	c:/Program Files/Windows Resource Kits/Tools	oleview.exe
modified	c:/Program Files/Windows Resource Kits/Tools	pathman.exe
modified	c:/Program Files/Windows Resource Kits/Tools	permcopy.exe
modified	c:/Program Files/Windows Resource Kits/Tools	perms.exe
modified	c:/Program Files/Windows Resource Kits/Tools	pfmon.exe
modified	c:/Program Files/Windows Resource Kits/Tools	pmon.exe
modified	c:/Program Files/Windows Resource Kits/Tools	printdriverinfo.exe
modified	c:/Program Files/Windows Resource Kits/Tools	qgrep.exe
modified	c:/Program Files/Windows Resource Kits/Tools	qtcp.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rassrvmon.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rcontrolad.exe
modified	c:/Program Files/Windows Resource Kits/Tools	readme.htm
modified	c:/Program Files/Windows Resource Kits/Tools	regini.exe
modified	c:/Program Files/Windows Resource Kits/Tools	regview.exe
modified	c:/Program Files/Windows Resource Kits/Tools	remapkey.exe
modified	c:/Program Files/Windows Resource Kits/Tools	reportgen.exe
modified	c:/Program Files/Windows Resource Kits/Tools	robocopy.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rpccfg.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rpcdump.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rpcping.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rpingc.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rpings.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rqc.exe
modified	c:/Program Files/Windows Resource Kits/Tools	rqs.exe
modified	c:/Program Files/Windows Resource Kits/Tools	setprinter.exe
modified	c:/Program Files/Windows Resource Kits/Tools	showacls.exe
modified	c:/Program Files/Windows Resource Kits/Tools	showperf.exe
modified	c:/Program Files/Windows Resource Kits/Tools	showpriv.exe
modified	c:/Program Files/Windows Resource Kits/Tools	sleep.exe
modified	c:/Program Files/Windows Resource Kits/Tools	sonar.exe
modified	c:/Program Files/Windows Resource Kits/Tools	splinfo.exe
modified	c:/Program Files/Windows Resource Kits/Tools	srvany.exe
modified	c:/Program Files/Windows Resource Kits/Tools	srvcheck.exe
modified	c:/Program Files/Windows Resource Kits/Tools	srvinfo.exe
modified	c:/Program Files/Windows Resource Kits/Tools	srvmgr.exe
modified	c:/Program Files/Windows Resource Kits/Tools	ssdformat.exe
modified	c:/Program Files/Windows Resource Kits/Tools	subinacl.exe
modified	c:/Program Files/Windows Resource Kits/Tools	tail.exe
modified	c:/Program Files/Windows Resource Kits/Tools	tccom.exe
modified	c:/Program Files/Windows Resource Kits/Tools	tcmon.exe
modified	c:/Program Files/Windows Resource Kits/Tools	timeit.exe
modified	c:/Program Files/Windows Resource Kits/Tools	timezone.exe
modified	c:/Program Files/Windows Resource Kits/Tools	tsctst.exe
modified	c:/Program Files/Windows Resource Kits/Tools	tsscalling.exe
modified	c:/Program Files/Windows Resource Kits/Tools	uddicatschemeeditor.exe
modified	c:/Program Files/Windows Resource Kits/Tools	uddiconfig.exe
modified	c:/Program Files/Windows Resource Kits/Tools	uddidataexport.exe
modified	c:/Program Files/Windows Resource Kits/Tools	usrmgr.exe
modified	c:/Program Files/Windows Resource Kits/Tools	vadump.exe
modified	c:/Program Files/Windows Resource Kits/Tools	vfi.exe
modified	c:/Program Files/Windows Resource Kits/Tools	volperf.exe
modified	c:/Program Files/Windows Resource Kits/Tools	volrest.exe
modified	c:/Program Files/Windows Resource Kits/Tools	vrfydsk.exe
modified	c:/Program Files/Windows Resource Kits/Tools	winhttpcertcfg.exe
modified	c:/Program Files/Windows Resource Kits/Tools	winhttptracecfg.exe
modified	c:/Program Files/Windows Resource Kits/Tools	winpolicies.exe
modified	c:/WINDOWS/Prefetch	CMD.EXE-087B4001.pf
modified	c:/WINDOWS/Prefetch	NETSTAT.EXE-2B2B4428.pf
modified	c:/WINDOWS/Prefetch	NTOSBOOT-B00DFAAD.pf
modified	c:/WINDOWS/Prefetch	SCP.EXE-174845DC.pf
modified	c:/WINDOWS/Prefetch	SENDIT.EXE-34C997E3.pf
modified	c:/WINDOWS/Prefetch	SH.EXE-00254D2B.pf
modified	c:/WINDOWS/Prefetch	SLEEP.EXE-094A3D2A.pf
modified	c:/WINDOWS/Prefetch	SSHD.EXE-298CA236.pf
modified	c:/WINDOWS/Prefetch	SWITCH.EXE-0496EC21.pf
modified	c:/WINDOWS/Prefetch	TASKLIST.EXE-10D94B23.pf
modified	c:/WINDOWS/Prefetch	WMIPRVSE.EXE-28F301A9.pf
modified	c:/WINDOWS/Prefetch	WUAUCLT.EXE-399A8E72.pf
modified	c:/WINDOWS	SchedLgU.Txt
modified	c:/WINDOWS/SoftwareDistribution/DataStore	DataStore.edb
modified	c:/WINDOWS/SoftwareDistribution/DataStore/Logs	edb.chk
modified	c:/WINDOWS/SoftwareDistribution/DataStore/Logs	edb.log
modified	c:/WINDOWS/system32/config	default
modified	c:/WINDOWS/system32/config	default.LOG
modified	c:/WINDOWS/system32/config	software
modified	c:/WINDOWS/system32/config	software.LOG
modified	c:/WINDOWS/system32/config	SYSTEM
modified	c:/WINDOWS/system32/config	system.LOG
modified	c:/WINDOWS/system32/drivers/etc	hosts
modified	c:/WINDOWS/system32/wbem/Logs	wbemess.log
modified	c:/WINDOWS/system32/wbem/Repository/FS	INDEX.MAP
modified	c:/WINDOWS/system32/wbem/Repository/FS	MAPPING.VER
modified	c:/WINDOWS/system32/wbem/Repository/FS	MAPPING2.MAP
modified	c:/WINDOWS/system32/wbem/Repository/FS	OBJECTS.MAP
modified	c:/WINDOWS	WindowsUpdate.log

Registry Keys (Added) - ICC Results

Action	Path
added	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/WindowsUpdate/Reporting/RebootWatch
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360hotfix.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360rp.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360rpt.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360Safe.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360safebox.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360sd.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360se.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360SoftMgrSvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360speedld.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360tray.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/afwServ.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ast.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/AvastUI.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avcenter.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avfwsvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avgnt.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avguard.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avmailc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avp.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avshadow.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avwebgrd.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/bdagent.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/CCenter.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ccSvcHst.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/dwengine.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/egui.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ekrn.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/FilMsg.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KAVStart.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kissvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KMailMon.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KPFW32.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KPFWSvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kpopserver.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/krnl360svc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ksmgui.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ksmsvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kswebshield.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVMonXP.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVMonXP.kxp
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVSrvXP.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KWatch.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kwstray.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxedefend.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxesapp.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxescore.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxeserv.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxetray.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/livesrv.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcagent.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcmscsvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McNASvc.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcods.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McProxy.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McSACore.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcshield.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcsysmon.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcvsshld.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MpfSrv.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPMon.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC1.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC2.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/msksrver.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/qutmserv.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RavMonD.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RavTask.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RsAgent.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/rsnetsvr.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RsTray.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/safeboxTray.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ScanFrm.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/sched.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/seccenter.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/SfCtlCom.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spideragent.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/SpIDerMl.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spidernt.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spiderui.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/TMBMSRV.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/TmProxy.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Twister.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/UfSeAgnt.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/vsserv.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/zhudongfangyu.exe
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/�޸��.exe
added	HKLM/SYSTEM/ControlSet001/Control/MediaResources/msvideo
added	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_BITS/0000/Control
added	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_FASTFAT/0000/Control
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip
added	HKLM/SYSTEM/CurrentControlSet/Control/MediaResources/msvideo
added	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_BITS/0000/Control
added	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_FASTFAT/0000/Control
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Extensions
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Extensions/CmdMapping
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Security
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Security/P3Global
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Security/P3Sites
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Toolbar
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/TypedURLs
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites/Links
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/RunMRU
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore
added	HKU/.DEFAULT/Software/Microsoft/Windows/ShellNoRoam/BagMRU
added	HKU/.DEFAULT/Software/Microsoft/IEAK
added	HKU/.DEFAULT/Software/Microsoft/Internet Connection Wizard
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Extensions
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Extensions/CmdMapping
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Security
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Security/P3Global
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Security/P3Sites
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Toolbar
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/TypedURLs
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites/Links
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/RunMRU
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore
added	HKU/S-1-5-18/Software/Microsoft/Windows/ShellNoRoam/BagMRU
added	HKU/S-1-5-18/Software/Microsoft/IEAK
added	HKU/S-1-5-18/Software/Microsoft/Internet Connection Wizard

Registry Values (Added) - ICC Results

Action	Path	Val_Name	Val_Data
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360hotfix.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360rp.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360rpt.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360Safe.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360safebox.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360sd.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360se.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360SoftMgrSvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360speedld.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/360tray.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/afwServ.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ast.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/AvastUI.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avcenter.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avfwsvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avgnt.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avguard.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avmailc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avp.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avshadow.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/avwebgrd.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/bdagent.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/CCenter.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ccSvcHst.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/dwengine.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/egui.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ekrn.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/FilMsg.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KAVStart.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kissvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KMailMon.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KPFW32.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KPFWSvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kpopserver.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/krnl360svc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ksmgui.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ksmsvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kswebshield.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVMonXP.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVMonXP.kxp	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KVSrvXP.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/KWatch.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kwstray.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxedefend.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxesapp.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxescore.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxeserv.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/kxetray.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/livesrv.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcagent.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcmscsvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McNASvc.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcods.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McProxy.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/McSACore.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Mcshield.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcsysmon.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/mcvsshld.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MpfSrv.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPMon.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC1.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/MPSVC2.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/msksrver.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/qutmserv.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RavMonD.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RavTask.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RsAgent.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/rsnetsvr.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/RsTray.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/safeboxTray.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/ScanFrm.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/sched.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/seccenter.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/SfCtlCom.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spideragent.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/SpIDerMl.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spidernt.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/spiderui.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/TMBMSRV.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/TmProxy.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/Twister.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/UfSeAgnt.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/vsserv.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/zhudongfangyu.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Image File Execution Options/�޸��.exe	Debugger	6E 74 73 64 20 2D 64
added	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_BITS/0000/Control	ActiveService	"BITS"
added	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_FASTFAT/0000/Control	ActiveService	"Fastfat"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	EnableDHCP	0x00000000
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpIPAddress	"0.0.0.0"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpSubnetMask	"255.0.0.0"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpServer	"255.255.255.255"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	Lease	0x00000E10
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseObtainedTime	0x4A449F0E
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T1	0x4A44A616
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T2	0x4A44AB5C
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseTerminatesTime	0x4A44AD1E
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	EnableDHCP	0x00000000
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpIPAddress	"0.0.0.0"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpSubnetMask	"255.0.0.0"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpServer	"255.255.255.255"
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	Lease	0x00000E10
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseObtainedTime	0x4A449F0E
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T1	0x4A44A616
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T2	0x4A44AB5C
added	HKLM/SYSTEM/ControlSet001/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseTerminatesTime	0x4A44AD1E
added	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_BITS/0000/Control	ActiveService	"BITS"
added	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_FASTFAT/0000/Control	ActiveService	"Fastfat"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	EnableDHCP	0x00000000
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpIPAddress	"0.0.0.0"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpSubnetMask	"255.0.0.0"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpServer	"255.255.255.255"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	Lease	0x00000E10
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseObtainedTime	0x4A449F0E
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T1	0x4A44A616
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T2	0x4A44AB5C
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseTerminatesTime	0x4A44AD1E
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	EnableDHCP	0x00000000
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpIPAddress	"0.0.0.0"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpSubnetMask	"255.0.0.0"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	DhcpServer	"255.255.255.255"
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	Lease	0x00000E10
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseObtainedTime	0x4A449F0E
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T1	0x4A44A616
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	T2	0x4A44AB5C
added	HKLM/SYSTEM/CurrentControlSet/Services/{9B7E3E9B-6887-4894-8EE4-B4EFDC3EBE75}/Parameters/Tcpip	LeaseTerminatesTime	0x4A44AD1E
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	{08B0E5C0-4FCB-11CF-AAA5-00401C608501}	0x00002000
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	NextId	0x00002002
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	{FB5F1910-F110-11d2-BB9E-00C04F795683}	0x00002001
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Security/P3Global	Enabled	0x00000001
added	HKU/.DEFAULT/Software/Microsoft/Internet Explorer/Toolbar	Locked	0x00000001
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/CabinetState	Settings	0C 00 02 00 0B 01 F8 75 60 00 00 00
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites/Links	Order	08 00 00 00 02 00 00 00 0C 00 00 00 01 00 00 00 00 00 00 00
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Internet Settings	ProxyEnable	0x00000000
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 03 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	DefaultConnectionSettings	3C 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Type	0x00000003
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Count	0x00000001
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 45 03
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Type	0x00000004
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Count	0x00000001
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 D2 03
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Type	0x00000004
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Count	0x00000001
added	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 D2 03
added	HKU/.DEFAULT/Software/Microsoft/Windows/ShellNoRoam/MUICache	@shell32.dll,-12693:	"Favorites"
added	HKU/.DEFAULT/Software/Microsoft/Windows/ShellNoRoam/BagMRU	NodeSlots
added	HKU/.DEFAULT/Software/Microsoft/Windows/ShellNoRoam/BagMRU	MRUListEx	FF FF FF FF
added	HKU/.DEFAULT/Software/Microsoft/Internet Connection Wizard	ShellNext	"http
added	HKU/.DEFAULT/Software/Microsoft/Internet Connection Wizard	Completed	01 00 00 00
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	{08B0E5C0-4FCB-11CF-AAA5-00401C608501}	0x00002000
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	NextId	0x00002002
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Extensions/CmdMapping	{FB5F1910-F110-11d2-BB9E-00C04F795683}	0x00002001
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Security/P3Global	Enabled	0x00000001
added	HKU/S-1-5-18/Software/Microsoft/Internet Explorer/Toolbar	Locked	0x00000001
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/CabinetState	Settings	0C 00 02 00 0B 01 F8 75 60 00 00 00
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites/Links	Order	08 00 00 00 02 00 00 00 0C 00 00 00 01 00 00 00 00 00 00 00
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Internet Settings	ProxyEnable	0x00000000
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 03 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	DefaultConnectionSettings	3C 00 00 00 01 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Type	0x00000003
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Count	0x00000001
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 45 03
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Type	0x00000004
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Count	0x00000001
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{08B0E5C0-4FCB-11CF-AAA5-00401C608501}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 D2 03
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Type	0x00000004
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Count	0x00000001
added	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Ext/Stats/{FB5F1910-F110-11D2-BB9E-00C04F795683}/iexplore	Time	DB 07 0A 00 05 00 07 00 07 00 09 00 33 00 D2 03
added	HKU/S-1-5-18/Software/Microsoft/Windows/ShellNoRoam/MUICache	@shell32.dll,-12693:	"Favorites"
added	HKU/S-1-5-18/Software/Microsoft/Windows/ShellNoRoam/BagMRU	NodeSlots
added	HKU/S-1-5-18/Software/Microsoft/Windows/ShellNoRoam/BagMRU	MRUListEx	FF FF FF FF
added	HKU/S-1-5-18/Software/Microsoft/Internet Connection Wizard	ShellNext	"http
added	HKU/S-1-5-18/Software/Microsoft/Internet Connection Wizard	Completed	01 00 00 00

Registry Values (Deleted) - ICC Results

Action	Path	Val_Type
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/Service: "AppMgmt"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/Legacy: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/ConfigFlags: 0x00000000	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/Class: "LegacyDriver"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/0000/DeviceDesc: "Application Management"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Enum/Root/LEGACY_APPMGMT/NextInstance: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Enum/0: "Root/LEGACY_APPMGMT/0000"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Enum/Count: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Enum/NextInstance: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Parameters/ServiceDll: "%SystemRoot%/System32/appmgmts.dll"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Parameters/ServiceDllUnloadOnStop: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Description: "Provides software installation services such as Assign, Publish, and Remove."	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/DisplayName: "Application Management"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/ErrorControl: 0x00000001	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/ImagePath: "%SystemRoot%/system32/svchost.exe -k netsvcs"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/ObjectName: "LocalSystem"	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Start: 0x00000003	N/A
deleted	HKLM/SYSTEM/ControlSet001/Services/AppMgmt/Type: 0x00000020	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/Service: "AppMgmt"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/Legacy: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/ConfigFlags: 0x00000000	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/Class: "LegacyDriver"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/ClassGUID: "{8ECC055D-047F-11D1-A537-0000F8753ED1}"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/0000/DeviceDesc: "Application Management"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_APPMGMT/NextInstance: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Enum/0: "Root/LEGACY_APPMGMT/0000"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Enum/Count: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Enum/NextInstance: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Parameters/ServiceDll: "%SystemRoot%/System32/appmgmts.dll"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Parameters/ServiceDllUnloadOnStop: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Description: "Provides software installation services such as Assign, Publish, and Remove."	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/DisplayName: "Application Management"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/ErrorControl: 0x00000001	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/ImagePath: "%SystemRoot%/system32/svchost.exe -k netsvcs"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/ObjectName: "LocalSystem"	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Start: 0x00000003	N/A
deleted	HKLM/SYSTEM/CurrentControlSet/Services/AppMgmt/Type: 0x00000020	N/A

Registry Values (Changed) - ICC Results

Action	Path	Val_Name	Val_Data	Mod_Val_Data
modified	HKLM/SOFTWARE/Microsoft/Cryptography/RNG	Seed	F4 84 91 A0 EF C8 B0 CD 5B D0 5D 9D DE B2 D3 FC C7 D4 DC 62 65 38 41 78 05 A2 14	49 C3 56 3C 94 75 F7 9B 0C B3 9B 5B 13 B3 AD 00 5D 35 65 72 6A F5 18 92 A1 65 04
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/0048F8D37B153F6EA2798C323EF4F318A5624A9E	Blob	14 00 00 00 01 00 00 00 14 00 00 00 A4 A5 D4 D1 5F A0 C9 A8 4B 20 8D AC 4B 71 64	04 00 00 00 01 00 00 00 10 00 00 00 15 B2 98 A3 54 70 40 48 70 3A 37 55 82 C4 5A
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/00EA522C8A9C06AA3ECCE0B4FA6CDC21D92E8099	Blob	14 00 00 00 01 00 00 00 14 00 00 00 AB 06 44 40 2A 02 F0 56 E2 92 05 07 47 7D 02	04 00 00 00 01 00 00 00 10 00 00 00 3E 80 17 5B AD D7 7C 10 4B F9 41 B0 CF 16 42
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/0483ED3399AC3608058722EDBC5E4600E3BEF9D7	Blob	14 00 00 00 01 00 00 00 14 00 00 00 A1 72 5F 26 1B 28 98 43 95 5D 07 37 D5 85 96	04 00 00 00 01 00 00 00 10 00 00 00 4C 56 41 E5 0D BB 2B E8 CA A3 ED 18 08 AD 43
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/049811056AFE9FD0F5BE01685AACE6A5D1C4454C	Blob	14 00 00 00 01 00 00 00 14 00 00 00 B7 57 67 50 94 4C 16 3A 48 80 6E EA FF 4C EC	04 00 00 00 01 00 00 00 10 00 00 00 F2 7D E9 54 E4 A3 22 0D 76 9F E7 0B BB B3 24
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/0B77BEBBCB7AA24705DECC0FBD6A02FC7ABD9B52	Blob	14 00 00 00 01 00 00 00 14 00 00 00 98 E6 9D 04 2E 46 A9 CC E3 20 AC 94 2E B6 99	04 00 00 00 01 00 00 00 10 00 00 00 26 6D 2C 19 98 B6 70 68 38 50 54 19 EC 90 34
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/1331F48A5DA8E01DAACA1BB0C17044ACFEF755BB	Blob	14 00 00 00 01 00 00 00 14 00 00 00 F2 55 78 4F A3 28 20 86 9D 43 A6 23 59 2A 15	04 00 00 00 01 00 00 00 10 00 00 00 50 E1 41 9D 59 73 8B 46 73 2D 7F 7F CF 5C 44
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/1F55E8839BAC30728BE7108EDE7B0BB0D3298224	Blob	14 00 00 00 01 00 00 00 14 00 00 00 D1 B1 5F 41 79 73 79 20 58 C9 2F A2 A8 47 C7	04 00 00 00 01 00 00 00 10 00 00 00 8C D7 9F EB C7 B8 14 4C 54 78 A7 90 3B A9 35
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/209900B63D955728140CD13622D8C687A4EB0085	Blob	14 00 00 00 01 00 00 00 14 00 00 00 72 49 C2 73 34 C6 55 F4 0B 76 72 81 7E 77 F4	04 00 00 00 01 00 00 00 10 00 00 00 1E 74 C3 86 3C 0C 35 C5 3E C2 7F EF 3C AA 3C
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/216B2A29E62A00CE820146D8244141B92511B279	Blob	14 00 00 00 01 00 00 00 14 00 00 00 86 E1 E1 81 71 BF 6A 12 F1 0A F2 01 E4 C8 FB	04 00 00 00 01 00 00 00 10 00 00 00 E1 4B 52 73 D7 1B DB 93 30 E5 BD E4 09 6E BE
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/23E594945195F2414803B4D564D2A3A3F5D88B8C	Blob	14 00 00 00 01 00 00 00 14 00 00 00 07 15 28 6D 70 73 AA B2 8A 7C 0F 86 CE 38 93	04 00 00 00 01 00 00 00 10 00 00 00 C5 70 C4 A2 ED 53 78 0C C8 10 53 81 64 CB D0
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/24A40A1F573643A67F0A4B0749F6A22BF28ABB6B	Blob	14 00 00 00 01 00 00 00 14 00 00 00 90 2F 82 A3 7C 47 97 01 1E 0F 4B A5 AF 13 13	04 00 00 00 01 00 00 00 10 00 00 00 DD 75 3F 56 BF BB C5 A1 7A 15 53 C6 90 F9 FB
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/24BA6D6C8A5B5837A48DB5FAE919EA675C94D217	Blob	14 00 00 00 01 00 00 00 14 00 00 00 28 C8 72 9E DB C9 73 51 D3 5D 0E 2D 99 44 DD	04 00 00 00 01 00 00 00 10 00 00 00 7B B5 08 99 9A 8C 18 BF 85 27 7D 0E AE DA B2
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/273EE12457FDC4F90C55E82B56167F62F532E547	Blob	14 00 00 00 01 00 00 00 14 00 00 00 B7 57 67 50 94 4C 16 3A 48 80 6E EA FF 4C EC	04 00 00 00 01 00 00 00 10 00 00 00 DB 23 3D F9 69 FA 4B B9 95 80 44 73 5E 7D 41
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/284F55C41A1A7A3F8328D4C262FB376ED6096F24	Blob	14 00 00 00 01 00 00 00 2C 00 00 00 43 3D 20 46 52 2C 20 4F 3D 20 43 65 72 74 69	04 00 00 00 01 00 00 00 10 00 00 00 01 1A 3F 4D B5 F8 14 C5 68 48 AD 08 3E B9 C8
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/2F173F7DE99667AFA57AF80AA2D1B12FAC830338	Blob	14 00 00 00 01 00 00 00 14 00 00 00 60 7B 66 1A 45 0D 97 CA 89 50 2F 7D 04 CD 34	04 00 00 00 01 00 00 00 10 00 00 00 AB BF EA E3 6B 29 A6 CC A6 78 35 99 EF AD 2B
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/317A2AD07F2B335EF5A1C34E4B57E8B7D8F1FCA6	Blob	14 00 00 00 01 00 00 00 14 00 00 00 A8 48 B4 24 2F C6 EA 24 A0 D7 8E 3C B9 3C 5C	04 00 00 00 01 00 00 00 10 00 00 00 A9 23 75 9B BA 49 36 6E 31 C2 DB F2 E7 66 BA
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/36863563FD5128C7BEA6F005CFE9B43668086CCE	Blob	14 00 00 00 01 00 00 00 14 00 00 00 E8 4E E5 C9 ED 84 83 53 9A E1 42 0E D5 4E C2	04 00 00 00 01 00 00 00 10 00 00 00 3A B2 DE 22 9A 20 93 49 F9 ED C8 D2 8A E7 68
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/394FF6850B06BE52E51856CC10E180E882B385CC	Blob	14 00 00 00 01 00 00 00 14 00 00 00 50 9E 0B EA AF 5E B9 20 48 A6 50 6A CB FD D8	04 00 00 00 01 00 00 00 10 00 00 00 AA BF BF 64 97 DA 98 1D 6F C6 08 3A 95 70 33
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/3F85F2BB4A62B0B58BE1614ABB0D4631B4BEF8BA	Blob	14 00 00 00 01 00 00 00 14 00 00 00 98 E6 9D 04 2E 46 A9 CC E3 20 AC 94 2E B6 99	04 00 00 00 01 00 00 00 10 00 00 00 2A 5D 00 37 39 46 94 75 39 7B 11 A6 F2 93 41
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4072BA31FEC351438480F62E6CB95508461EAB2F	Blob	14 00 00 00 01 00 00 00 14 00 00 00 A6 B8 20 C9 16 4B 8F 4F 5C 0C C3 C3 EE 98 0D	04 00 00 00 01 00 00 00 10 00 00 00 70 B5 7C 48 81 95 3E 80 DC 28 9B BA EF 1E E4
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/40E78C1D523D1CD9954FAC1A1AB3BD3CBAA15BFC	Blob	14 00 00 00 01 00 00 00 14 00 00 00 AF C6 45 72 AB D9 E8 B3 88 94 2D BA E6 62 FA	04 00 00 00 01 00 00 00 10 00 00 00 E6 0B D2 C9 CA 2D 88 DB 1A 71 0E 4B 78 EB 02
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/43DDB1FFF3B49B73831407F6BC8B975023D07C50	Blob	14 00 00 00 01 00 00 00 14 00 00 00 BD E1 53 2F BA FB 23 6C 5F 52 3F B8 82 2E 22	04 00 00 00 01 00 00 00 10 00 00 00 00 53 1D 1D 72 01 D4 23 C8 20 D0 0B 60 88 C5
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/43F9B110D5BAFD48225231B0D0082B372FEF9A54	Blob	14 00 00 00 01 00 00 00 14 00 00 00 40 9A 76 44 97 74 07 C4 AC 14 CB 1E 8D 4F 3A	04 00 00 00 01 00 00 00 10 00 00 00 25 9D CF 5E B3 25 9D 95 B9 3F 00 86 5F 47 94
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4463C531D7CCC1006794612BB656D3BF8257846F	Blob	14 00 00 00 01 00 00 00 14 00 00 00 15 A1 44 60 3A 5E 09 FC 21 B2 92 E9 6D 5C 47	04 00 00 00 01 00 00 00 10 00 00 00 74 7B 82 03 43 F0 00 9E 6B B3 EC 47 BF 85 A5
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/47AFB915CDA26D82467B97FA42914468726138DD	Blob	14 00 00 00 01 00 00 00 14 00 00 00 04 CD E1 16 DC 67 36 A9 0B C5 4F 75 10 4A 59	04 00 00 00 01 00 00 00 10 00 00 00 50 19 3E 2F E8 B6 F4 05 54 49 F3 AE C9 8B 3E
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4B421F7515F6AE8A6ECEF97F6982A400A4D9224E	Blob	14 00 00 00 01 00 00 00 14 00 00 00 60 F8 5F 2F DB 3A B6 4B 69 41 D7 7C 22 FE 3D	04 00 00 00 01 00 00 00 10 00 00 00 5A 11 B9 22 85 02 89 E1 C3 F2 2C E1 4E C1 01
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4BA7B9DDD68788E12FF852E1A024204BF286A8F6	Blob	14 00 00 00 01 00 00 00 14 00 00 00 D0 63 94 ED 80 09 0B 27 9F E0 4F B6 FB 5C 27	04 00 00 00 01 00 00 00 10 00 00 00 18 AE 69 5D 15 CA B9 17 67 32 67 D5 97 B2 60
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4C95A9902ABE0777CED18D6ACCC3372D2748381E	Blob	14 00 00 00 01 00 00 00 14 00 00 00 64 C6 DC F7 32 68 0B B2 6C EA 4A CB 5E 6E 53	04 00 00 00 01 00 00 00 10 00 00 00 4B 1C 56 8C A0 E8 C7 9E 1E F5 EE 32 93 99 65
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4EF2E6670AC9B5091FE06BE0E5483EAAD6BA32D9	Blob	14 00 00 00 01 00 00 00 14 00 00 00 55 E5 E7 94 62 B6 49 0D C6 3C BC 71 22 36 12	04 00 00 00 01 00 00 00 10 00 00 00 03 42 87 D7 C1 16 7D 18 AF A4 70 3C B8 31 2C
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/AuthRoot/Certificates/4EFCED9C6BDD0C985CA3C7D253063C5BE6FC620C	Blob	14 00 00 00 01 00 00 00 14 00 00 00 B8 C1 5A 24 EC EF 44 DA 73 7A 98 D7 CC C7 A8	04 00 00 00 01 00 00 00 10 00 00 00 85 2F F4 76 4C D5 42 6C CB 5E 7D F7 17 E8 35
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/CA/Certificates/E5215D3460C2C20BBE2D9FE5FB665DAA2C0E225C	Blob	14 00 00 00 01 00 00 00 14 00 00 00 87 DB D4 5F B0 92 8D 4E 1D F8 15 67 E7 F2 AB	04 00 00 00 01 00 00 00 10 00 00 00 6F 7E 74 A3 A1 3A CA BB 63 CF 74 04 17 05 FA
modified	HKLM/SOFTWARE/Microsoft/SystemCertificates/CA/Certificates/FEE449EE0E3965A5246F000E87FDE2A065FD89D4	Blob	14 00 00 00 01 00 00 00 14 00 00 00 9A A6 58 7F 94 DD 91 D9 1E 63 DF D3 F0 CE 5F	04 00 00 00 01 00 00 00 10 00 00 00 C0 A7 23 F0 DA 35 02 6B 21 ED B1 75 97 F1 D4
modified	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths	Directory	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesCon
modified	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path1	CachePath	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesCon
modified	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path2	CachePath	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesCon
modified	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path3	CachePath	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesCon
modified	HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Paths/path4	CachePath	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet FilesCon
modified	HKLM/SYSTEM/ControlSet001/Services/BITS	Start	0x00000003	0x00000002
modified	HKLM/SYSTEM/ControlSet001/Services/BITS/Parameters	ServiceDll	"C	"C:WINDOWSsystem32RxmutlC.dll"
modified	HKLM/SYSTEM/ControlSet001/Services/Eventlog/Application/ESENT	EventMessageFile	"c	"C:WINDOWSsystem32ESENT.dll"
modified	HKLM/SYSTEM/ControlSet001/Services/Eventlog/Application/ESENT	CategoryMessageFile	"c	"C:WINDOWSsystem32ESENT.dll"
modified	HKLM/SYSTEM/CurrentControlSet/Services/BITS	Start	0x00000003	0x00000002
modified	HKLM/SYSTEM/CurrentControlSet/Services/BITS/Parameters	ServiceDll	"C	"C:WINDOWSsystem32RxmutlC.dll"
modified	HKLM/SYSTEM/CurrentControlSet/Services/Eventlog/Application/ESENT	EventMessageFile	"c	"C:WINDOWSsystem32ESENT.dll"
modified	HKLM/SYSTEM/CurrentControlSet/Services/Eventlog/Application/ESENT	CategoryMessageFile	"c	"C:WINDOWSsystem32ESENT.dll"
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	AppData	"C	"C:Documents and SettingsNetworkServiceApplication Data"
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Cookies	"C	"C:Documents and SettingsNetworkServiceCookies"
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Desktop	"C	""
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Favorites	"C	"C:Documents and SettingsNetworkServiceFavorites"
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Cache	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet Files"
modified	HKU/.DEFAULT/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	History	"C	"C:Documents and SettingsNetworkServiceLocal SettingsHistory"
modified	HKU/S-1-5-21-1844237615-562591055-839522115-1004/Software/Microsoft/Windows/CurrentVersion/Internet Settings/Connections	SavedLegacySettings	3C 00 00 00 15 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00	3C 00 00 00 16 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 00 00
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	AppData	"C	"C:Documents and SettingsNetworkServiceApplication Data"
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Cookies	"C	"C:Documents and SettingsNetworkServiceCookies"
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Desktop	"C	""
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Favorites	"C	"C:Documents and SettingsNetworkServiceFavorites"
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	Cache	"C	"C:Documents and SettingsNetworkServiceLocal SettingsTemporary Internet Files"
modified	HKU/S-1-5-18/Software/Microsoft/Windows/CurrentVersion/Explorer/Shell Folders	History	"C	"C:Documents and SettingsNetworkServiceLocal SettingsHistory"

DNS Results

DNS	DNS Response
www.baidu.com	Standard query response CNAME www.a.shifen.com A 220.181.111.147
154.nsb927.com	Standard query response A 8.5.1.15
154.ns768.com	Standard query response A 8.5.1.13
154.ns792.com	Standard query response A 64.74.223.10
154.ns529.com	Standard query response A 64.74.223.7
154.nsvjn987.com	Standard query response, No such name
154.nsvhn987.com	Standard query response, No such name
154.ns2275ab.com	Standard query response, No such name
vbnet.mvps.org	Standard query response CNAME w2.mvps.org A 216.155.126.44
crl.globalsign.net	Standard query response CNAME crl.ops.cybertrust.com A 64.18.21.1 A 194.7.155.81
crl.usertrust.com	Standard query response CNAME security.cachefly.net A 205.234.175.175
router.bitcomet.net	Standard query response A 127.0.0.1
router.bitcomet.com	Standard query response, No such name
router.utorrent.com	Standard query response A 67.215.242.139 A 67.215.242.138
router.bittorrent.com	Standard query response CNAME router.utorrent.com A 67.215.242.138 A 67.215.242.139
vip.ere5453.com	Standard query response A 92.242.140.35
www.ere5453.com	Standard query response A 92.242.140.35
crl.verisign.com	Standard query response CNAME crl.verisign.net A 199.7.51.190
crl.verisign.com	Standard query response CNAME crl.verisign.net A 199.7.71.190
crl.thawte.com	Standard query response CNAME crl.verisign.net A 199.7.71.190
crl.thawte.com	Standard query response CNAME crl.verisign.net A 199.7.51.190
crl.thawte.com	Standard query response CNAME crl.verisign.net A 199.7.48.190
crl.microsoft.com	Standard query response CNAME crl.www.ms.akadns.net CNAME a1363.g.akamai.net A 66.16.230.11 A 66.16.230.16

URL Results

DstIP	HTTP_HOST	HTTP_REQUEST_URI	HTTP_USER_AGENT	PROTOCOL
8.5.1.13	8.5.1.13	/msdownload/update/v5/redir/wuredirt.rar	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)	0x06
8.5.1.15	8.5.1.15:8080	/mac.htm?154	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)	0x06
64.74.223.10	64.74.223.10	/msdownload/update/v5/redir/wuredirt.rar	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)	0x06
64.74.223.7	64.74.223.7	/msdownload/update/v5/redir/wuredirt.rar	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)	0x06
216.155.126.44	vbnet.mvps.org	/resources/tools/getpublicip.shtml	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)	0x06
64.18.21.1	crl.globalsign.net	/Root.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.7	10.10.0.7	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.4	10.10.0.4	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.5	10.10.0.5	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.9	10.10.0.9	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.11	10.10.0.11	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.13	10.10.0.13	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.2	10.10.0.2	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.16	10.10.0.16	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.15	10.10.0.15	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.14	10.10.0.14	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.12	10.10.0.12	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.21	10.10.0.21	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.17	10.10.0.17	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.20	10.10.0.20	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.25	10.10.0.25	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.24	10.10.0.24	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.10	10.10.0.10	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.26	10.10.0.26	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.27	10.10.0.27	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.18	10.10.0.18	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.29	10.10.0.29	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.28	10.10.0.28	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.30	10.10.0.30	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
205.234.175.175	crl.usertrust.com	/UTN-USERFirst-Object.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.31	10.10.0.31	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.33	10.10.0.33	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.35	10.10.0.35	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.37	10.10.0.37	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.40	10.10.0.40	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.42	10.10.0.42	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.44	10.10.0.44	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.47	10.10.0.47	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.34	10.10.0.34	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.51	10.10.0.51	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.52	10.10.0.52	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.54	10.10.0.54	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
199.7.51.190	crl.verisign.com	/pca3.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.55	10.10.0.55	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.59	10.10.0.59	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.63	10.10.0.63	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.60	10.10.0.60	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.22	10.10.0.22	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.66	10.10.0.66	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
199.7.71.190	crl.verisign.com	/pca3.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.67	10.10.0.67	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.68	10.10.0.68	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.73	10.10.0.73	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.72	10.10.0.72	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.69	10.10.0.69	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.76	10.10.0.76	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.77	10.10.0.77	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.79	10.10.0.79	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.80	10.10.0.80	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.81	10.10.0.81	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.83	10.10.0.83	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.88	10.10.0.88	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.43	10.10.0.43	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.23	10.10.0.23	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.91	10.10.0.91	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
199.7.71.190	crl.thawte.com	/ThawtePremiumServerCA.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.75	10.10.0.75	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.3	10.10.0.3	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.93	10.10.0.93	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.95	10.10.0.95	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.19	10.10.0.19	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.98	10.10.0.98	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.102	10.10.0.102	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.38	10.10.0.38	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.100	10.10.0.100	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
199.7.51.190	crl.thawte.com	/ThawtePremiumServerCA.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.94	10.10.0.94	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.107	10.10.0.107	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.113	10.10.0.113	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
199.7.48.190	crl.thawte.com	/ThawtePremiumServerCA.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.109	10.10.0.109	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.111	10.10.0.111	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.115	10.10.0.115	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
66.16.230.11	crl.microsoft.com	/pki/crl/products/CodeSignPCA.crl	Microsoft-CryptoAPI/5.131.2600.2180	0x06
10.10.0.119	10.10.0.119	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.110	10.10.0.110	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.39	10.10.0.39	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.125	10.10.0.125	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.106	10.10.0.106	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.139	10.10.0.139	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.32	10.10.0.32	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.64	10.10.0.64	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.130	10.10.0.130	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.74	10.10.0.74	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.85	10.10.0.85	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.99	10.10.0.99	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.131	10.10.0.131	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.45	10.10.0.45	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.46	10.10.0.46	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.141	10.10.0.141	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.123	10.10.0.123	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.142	10.10.0.142	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.143	10.10.0.143	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.149	10.10.0.149	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.150	10.10.0.150	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.153	10.10.0.153	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.158	10.10.0.158	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.154	10.10.0.154	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.159	10.10.0.159	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.162	10.10.0.162	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.164	10.10.0.164	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.169	10.10.0.169	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.90	10.10.0.90	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.120	10.10.0.120	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.170	10.10.0.170	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.97	10.10.0.97	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.173	10.10.0.173	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.175	10.10.0.175	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.121	10.10.0.121	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.178	10.10.0.178	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.180	10.10.0.180	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.181	10.10.0.181	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.183	10.10.0.183	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.185	10.10.0.185	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.187	10.10.0.187	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.188	10.10.0.188	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.189	10.10.0.189	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.193	10.10.0.193	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.191	10.10.0.191	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.197	10.10.0.197	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.195	10.10.0.195	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.202	10.10.0.202	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.198	10.10.0.198	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.200	10.10.0.200	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.206	10.10.0.206	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.204	10.10.0.204	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.208	10.10.0.208	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.210	10.10.0.210	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.212	10.10.0.212	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.218	10.10.0.218	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.216	10.10.0.216	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.163	10.10.0.163	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.219	10.10.0.219	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.220	10.10.0.220	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.222	10.10.0.222	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.223	10.10.0.223	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.226	10.10.0.226	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.227	10.10.0.227	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.240	10.10.0.240	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.230	10.10.0.230	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.241	10.10.0.241	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.243	10.10.0.243	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.244	10.10.0.244	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.242	10.10.0.242	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.245	10.10.0.245	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.231	10.10.0.231	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.246	10.10.0.246	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.250	10.10.0.250	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.233	10.10.0.233	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.249	10.10.0.249	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.247	10.10.0.247	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.86	10.10.0.86	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.255	10.10.0.255	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.1	10.10.1.1	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.0	10.10.1.0	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.2	10.10.1.2	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.3	10.10.1.3	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.4	10.10.1.4	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.6	10.10.1.6	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.236	10.10.0.236	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.5	10.10.1.5	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.176	10.10.0.176	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.24	10.10.1.24	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.19	10.10.1.19	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.25	10.10.1.25	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.27	10.10.1.27	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.26	10.10.1.26	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.239	10.10.0.239	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.182	10.10.0.182	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.37	10.10.1.37	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.46	10.10.1.46	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.38	10.10.1.38	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.190	10.10.0.190	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.40	10.10.1.40	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.42	10.10.1.42	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.161	10.10.0.161	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.36	10.10.1.36	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.51	10.10.1.51	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.47	10.10.1.47	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.48	10.10.1.48	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.52	10.10.1.52	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.56	10.10.1.56	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.61	10.10.1.61	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.50	10.10.1.50	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.57	10.10.1.57	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.194	10.10.0.194	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.58	10.10.1.58	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.87	10.10.0.87	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.62	10.10.1.62	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.64	10.10.1.64	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.63	10.10.1.63	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.67	10.10.1.67	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.65	10.10.1.65	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.66	10.10.1.66	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.167	10.10.0.167	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.199	10.10.0.199	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.68	10.10.1.68	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.70	10.10.1.70	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.160	10.10.0.160	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.69	10.10.1.69	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.75	10.10.1.75	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.76	10.10.1.76	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.77	10.10.1.77	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.92	10.10.0.92	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.78	10.10.1.78	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.79	10.10.1.79	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.80	10.10.1.80	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.82	10.10.1.82	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.81	10.10.1.81	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.172	10.10.0.172	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.88	10.10.1.88	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.90	10.10.1.90	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.91	10.10.1.91	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.205	10.10.0.205	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.99	10.10.1.99	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.100	10.10.1.100	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.101	10.10.1.101	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.102	10.10.1.102	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.108	10.10.0.108	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.103	10.10.1.103	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.105	10.10.1.105	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.106	10.10.1.106	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.107	10.10.1.107	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.108	10.10.1.108	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.111	10.10.1.111	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.112	10.10.1.112	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.113	10.10.1.113	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.116	10.10.1.116	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.148	10.10.0.148	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.11	10.10.1.11	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.115	10.10.1.115	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.201	10.10.0.201	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.121	10.10.1.121	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.124	10.10.1.124	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.122	10.10.1.122	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.123	10.10.1.123	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.125	10.10.1.125	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.131	10.10.1.131	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.126	10.10.1.126	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.174	10.10.0.174	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.217	10.10.0.217	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.132	10.10.1.132	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.139	10.10.1.139	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.133	10.10.1.133	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.134	10.10.1.134	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.140	10.10.1.140	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.141	10.10.1.141	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.142	10.10.1.142	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.143	10.10.1.143	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.147	10.10.1.147	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.157	10.10.0.157	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.153	10.10.1.153	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.152	10.10.1.152	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.150	10.10.1.150	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.154	10.10.1.154	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.155	10.10.1.155	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.156	10.10.1.156	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.147	10.10.0.147	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.158	10.10.1.158	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.157	10.10.1.157	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.167	10.10.1.167	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.159	10.10.1.159	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.12	10.10.1.12	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.161	10.10.1.161	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.214	10.10.0.214	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.160	10.10.1.160	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.82	10.10.0.82	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.170	10.10.1.170	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.171	10.10.1.171	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.174	10.10.1.174	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.169	10.10.1.169	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.178	10.10.1.178	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.177	10.10.1.177	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.184	10.10.1.184	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.172	10.10.1.172	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.221	10.10.0.221	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.182	10.10.1.182	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.179	10.10.1.179	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.191	10.10.1.191	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.193	10.10.1.193	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.156	10.10.0.156	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.190	10.10.1.190	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.192	10.10.1.192	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.194	10.10.1.194	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.197	10.10.1.197	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.196	10.10.1.196	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.198	10.10.1.198	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.146	10.10.0.146	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.200	10.10.1.200	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.199	10.10.1.199	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.204	10.10.1.204	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.203	10.10.1.203	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.205	10.10.1.205	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.206	10.10.1.206	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.207	10.10.1.207	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.36	10.10.0.36	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.13	10.10.1.13	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.210	10.10.1.210	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.212	10.10.1.212	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.0.192	10.10.0.192	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.214	10.10.1.214	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.211	10.10.1.211	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.220	10.10.1.220	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
10.10.1.222	10.10.1.222	/	Microsoft-WebDAV-MiniRedir/5.1.2600	0x06
239.255.255.250	239.255.255.250:1900	*	--blank--	0x11

ARGUS PROTOCOL Results

PROTOCOL	SRC_PKTS	DST_PKTS	SRC_BYTES	DST_BYTES
1	2559	2559	199602	199602
6	19727	14293	1645759	2285969
17	24	128	3513	7680

ARGUS DPORT Results

DPORT	PROTOCOL	SRC_PKTS	DST_PKTS	SRC_BYTES	DST_BYTES
1040	1	2559	2559	199602	199602
80	6	1965	1603	166541	269203
139	6	6229	4037	406874	247402
445	6	11322	8463	1055232	1757924
6969	6	30	28	2352	1684
8080	6	181	162	14760	9756
1900	17	10	0	1745	0
6881	17	4	28	608	1680
8957	17	1	10	116	600
9342	17	1	10	116	600
16306	17	1	10	116	600
22137	17	1	10	116	600
25439	17	1	10	116	600
30478	17	1	10	116	600
38338	17	1	10	116	600
40139	17	1	10	116	600
50144	17	1	10	116	600
58856	17	1	10	116	600

ARGUS DATA Results

Time	Date	Protocol	SrcIP	DstIP	Dir	Flags	Sport	Dport	Pkts	Bytes
16:59:02	2011-10-05	1	10.10.10.7	8.5.1.13	<->	e	5	1040	2	156
16:59:04	2011-10-05	1	10.10.10.7	10.10.0.2	<->	e	5	1040	2	156
16:59:05	2011-10-05	1	10.10.10.7	10.10.0.30	<->	e	5	1040	2	156
16:59:06	2011-10-05	1	10.10.10.7	10.10.0.251	<->	e	5	1040	2	156
16:59:07	2011-10-05	1	10.10.10.7	10.10.1.206	<->	e	5	1040	2	156
16:59:08	2011-10-05	1	10.10.10.7	10.10.2.167	<->	e	5	1040	2	156
16:59:09	2011-10-05	1	10.10.10.7	10.10.3.101	<->	e	5	1040	2	156
16:59:10	2011-10-05	1	10.10.10.7	10.10.4.34	<->	e	5	1040	2	156
16:59:11	2011-10-05	1	10.10.10.7	10.10.4.142	<->	e	5	1040	2	156
16:59:12	2011-10-05	1	10.10.10.7	10.10.5.35	<->	e	5	1040	2	156
16:59:13	2011-10-05	1	10.10.10.7	10.10.5.160	<->	e	5	1040	2	156
16:59:14	2011-10-05	1	10.10.10.7	10.10.6.6	<->	e	5	1040	2	156
16:59:15	2011-10-05	1	10.10.10.7	10.10.6.164	<->	e	5	1040	2	156
16:59:16	2011-10-05	1	10.10.10.7	10.10.7.84	<->	e	5	1040	2	156
16:59:17	2011-10-05	1	10.10.10.7	10.10.7.219	<->	e	5	1040	2	156
16:59:18	2011-10-05	1	10.10.10.7	10.10.8.116	<->	e	5	1040	2	156
16:59:19	2011-10-05	1	10.10.10.7	10.10.9.22	<->	e	5	1040	2	156
16:58:05	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	251	8080	15	1108
16:58:07	2011-10-05	6	10.10.10.7	8.5.1.13	->	e	399	8080	9	773
16:58:08	2011-10-05	6	10.10.10.7	8.5.1.15	->	e	520	8080	13	934
16:58:10	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	251	8080	11	660
16:58:10	2011-10-05	6	10.10.10.7	64.74.223.10	->	e	521	8080	9	777
16:58:13	2011-10-05	6	10.10.10.7	8.5.1.15	->	e	520	8080	11	660
16:58:13	2011-10-05	6	10.10.10.7	64.74.223.7	->	e	522	8080	9	776
16:58:15	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	251	8080	5	300
16:58:26	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	557	8080	15	1108
16:58:31	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	557	8080	10	600
16:58:36	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	557	8080	6	360
16:58:47	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	596	8080	15	1108
16:58:52	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	596	8080	10	600
16:58:55	2011-10-05	6	10.10.10.7	8.5.1.13	->	e	469	8080	9	773
16:58:57	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	596	8080	6	360
16:58:58	2011-10-05	6	10.10.10.7	64.74.223.10	->	e	432	8080	9	777
16:59:01	2011-10-05	6	10.10.10.7	64.74.223.7	->	e	369	8080	9	776
16:59:02	2011-10-05	6	10.10.10.7	216.155.126.44	->	e	370	80	14	2438
16:59:03	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	470	80	13	2051
16:59:04	2011-10-05	6	10.10.10.7	8.5.1.13	->	e	620	8080	9	773
16:59:04	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	627	80	13	2051
16:59:04	2011-10-05	6	10.10.10.7	10.10.0.8	->	e	621	445	7	996
16:59:04	2011-10-05	6	10.10.10.7	10.10.0.8	->	e	622	139	5	370
16:59:04	2011-10-05	6	10.10.10.7	10.10.0.7	->	e	130	139	8	550
16:59:04	2011-10-05	6	10.10.10.7	10.10.0.6	->	e	259	139	3	184
16:59:05	2011-10-05	6	10.10.10.7	10.10.0.12	->	e	629	445	7	996
16:59:05	2011-10-05	6	10.10.10.7	10.10.0.16	->	e	59	139	3	184
16:59:05	2011-10-05	6	10.10.10.7	10.10.0.26	->	e	471	139	8	550
16:59:05	2011-10-05	6	10.10.10.7	10.10.0.130	->	e	685	139	5	370
16:59:05	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	793	80	13	2051
16:59:06	2011-10-05	6	10.10.10.7	10.10.0.226	->	e	796	445	7	996
16:59:06	2011-10-05	6	10.10.10.7	10.10.0.226	->	e	797	139	3	184
16:59:06	2011-10-05	6	10.10.10.7	10.10.0.7	->	e	798	80	9	956
16:59:06	2011-10-05	6	10.10.10.7	10.10.0.246	->	e	819	139	8	550
16:59:06	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1019	80	13	2051
16:59:07	2011-10-05	6	10.10.10.7	10.10.1.177	->	e	1042	445	7	996
16:59:07	2011-10-05	6	10.10.10.7	10.10.1.172	->	e	1043	139	3	184
16:59:07	2011-10-05	6	10.10.10.7	10.10.0.5	->	e	10	80	9	956
16:59:07	2011-10-05	6	10.10.10.7	10.10.1.196	->	e	1067	139	8	550
16:59:07	2011-10-05	6	10.10.10.7	216.155.126.44	->	e	370	80	10	1965
16:59:07	2011-10-05	6	10.10.10.7	64.74.223.10	->	e	1250	8080	9	777
16:59:08	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1293	80	14	2384
16:59:08	2011-10-05	6	10.10.10.7	10.10.2.114	->	e	1294	445	7	996
16:59:08	2011-10-05	6	10.10.10.7	10.10.2.114	->	e	1295	139	3	184
16:59:08	2011-10-05	6	10.10.10.7	10.10.0.13	->	e	1303	80	9	957
16:59:08	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	470	80	11	2298
16:59:08	2011-10-05	6	10.10.10.7	10.10.2.157	->	e	1353	139	8	550
16:59:08	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	1489	8080	16	1168
16:59:08	2011-10-05	6	10.10.10.7	10.10.3.4	->	e	1513	139	5	370
16:59:09	2011-10-05	6	10.10.10.7	10.10.3.40	->	e	1561	445	7	996
16:59:09	2011-10-05	6	10.10.10.7	10.10.3.41	->	e	1564	139	3	184
16:59:09	2011-10-05	6	10.10.10.7	10.10.3.55	->	e	1589	139	5	370
16:59:09	2011-10-05	6	10.10.10.7	10.10.3.52	->	e	1598	139	8	550
16:59:09	2011-10-05	6	10.10.10.7	10.10.0.15	->	e	1601	80	9	957
16:59:09	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	627	80	10	1965
16:59:10	2011-10-05	6	10.10.10.7	10.10.0.21	->	e	1830	80	9	957
16:59:10	2011-10-05	6	10.10.10.7	10.10.3.227	->	e	1833	445	7	996
16:59:10	2011-10-05	6	10.10.10.7	10.10.3.227	->	e	1834	139	3	184
16:59:10	2011-10-05	6	10.10.10.7	10.10.3.233	->	e	1841	139	8	550
16:59:10	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1855	80	13	2051
16:59:10	2011-10-05	6	10.10.10.7	64.74.223.7	->	e	1918	8080	9	776
16:59:10	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	793	80	11	2298
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.28	->	e	1925	445	7	996
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.28	->	e	1926	139	3	184
16:59:11	2011-10-05	6	10.10.10.7	10.10.0.25	->	e	1933	80	9	957
16:59:11	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1942	80	14	2384
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.34	->	e	1947	139	8	550
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.53	->	e s	1980	445	8	1187
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.57	->	e	1991	139	13	981
16:59:11	2011-10-05	6	10.10.10.7	10.10.4.51	->	e	1986	445	1	62
16:59:11	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1019	80	10	1965
16:59:12	2011-10-05	6	10.10.10.7	10.10.4.193	->	e	2199	445	7	996
16:59:12	2011-10-05	6	10.10.10.7	10.10.4.191	->	e	2204	139	3	184
16:59:12	2011-10-05	6	10.10.10.7	10.10.4.193	->	e	2207	139	8	550
16:59:12	2011-10-05	6	10.10.10.7	10.10.0.26	->	e	2223	80	9	957
16:59:12	2011-10-05	6	10.10.10.7	216.155.126.44	->	e	370	80	3	180
16:59:13	2011-10-05	6	10.10.10.7	10.10.0.29	->	e	2379	80	9	957
16:59:13	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1293	80	10	1965
16:59:13	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	2398	80	13	2051
16:59:13	2011-10-05	6	10.10.10.7	10.10.5.56	->	e	2380	445	7	996
16:59:13	2011-10-05	6	10.10.10.7	10.10.5.0	->	e	2383	139	8	550
16:59:13	2011-10-05	6	10.10.10.7	10.10.5.61	->	e	2388	139	3	184
16:59:13	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	470	80	4	240
16:59:13	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	1489	8080	10	600
16:59:14	2011-10-05	6	10.10.10.7	10.10.5.138	->	e	2526	445	7	996
16:59:14	2011-10-05	6	10.10.10.7	10.10.5.138	->	e	2527	139	3	184
16:59:14	2011-10-05	6	10.10.10.7	10.10.5.139	->	e	2529	139	8	550
16:59:14	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1535	80	11	2025
16:59:14	2011-10-05	6	10.10.10.7	10.10.0.31	->	e	2533	80	9	957
16:59:14	2011-10-05	6	10.10.10.7	10.10.5.154	->	e	2565	139	5	370
16:59:14	2011-10-05	6	10.10.10.7	92.242.140.35	->	e	2569	6969	13	1051
16:59:14	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3935	80	14	2399
16:59:14	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	627	80	5	573
16:59:15	2011-10-05	6	10.10.10.7	10.10.6.35	->	e	2749	445	7	996
16:59:15	2011-10-05	6	10.10.10.7	10.10.6.35	->	e	2750	139	3	184
16:59:15	2011-10-05	6	10.10.10.7	10.10.0.37	->	e	2766	80	9	957
16:59:15	2011-10-05	6	10.10.10.7	10.10.6.49	->	e	2773	139	8	550
16:59:15	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1855	80	10	1965
16:59:15	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2868	80	13	2066
16:59:16	2011-10-05	6	10.10.10.7	10.10.6.198	->	e	2963	445	7	996
16:59:16	2011-10-05	6	10.10.10.7	10.10.6.198	->	e	2964	139	3	184
16:59:16	2011-10-05	6	10.10.10.7	10.10.6.199	->	e	2966	139	8	550
16:59:16	2011-10-05	6	10.10.10.7	10.10.0.44	->	e	2981	80	9	957
16:59:16	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	793	80	4	240
16:59:16	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1942	80	10	1965
16:59:16	2011-10-05	6	10.10.10.7	10.10.4.57	->	e	1991	139	11	660
16:59:16	2011-10-05	6	10.10.10.7	10.10.7.13	->	e	3105	139	13	981
16:59:16	2011-10-05	6	10.10.10.7	10.10.7.13	->	e	3104	445	1	62
16:59:16	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1019	80	5	573
16:59:17	2011-10-05	6	10.10.10.7	10.10.7.80	->	e	3196	445	7	996
16:59:17	2011-10-05	6	10.10.10.7	10.10.7.80	->	e	3197	139	3	184
16:59:17	2011-10-05	6	10.10.10.7	10.10.0.51	->	e	3216	80	9	957
16:59:17	2011-10-05	6	10.10.10.7	10.10.7.91	->	e	3225	139	8	550
16:59:17	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3237	80	13	2049
16:59:18	2011-10-05	6	10.10.10.7	10.10.7.206	->	e	3964	445	7	996
16:59:18	2011-10-05	6	10.10.10.7	10.10.7.206	->	e	3965	139	3	184
16:59:18	2011-10-05	6	10.10.10.7	10.10.0.55	->	e	3970	80	9	957
16:59:18	2011-10-05	6	10.10.10.7	10.10.7.218	->	e	3402	139	8	550
16:59:18	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1293	80	4	240
16:59:18	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	2398	80	11	2298
16:59:18	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3454	80	14	2382
16:59:18	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2459	80	10	1965
16:59:18	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	1489	8080	5	300
16:59:19	2011-10-05	6	10.10.10.7	10.10.8.116	->	e	3566	445	7	996
16:59:19	2011-10-05	6	10.10.10.7	10.10.8.115	->	e	3567	139	3	184
16:59:19	2011-10-05	6	10.10.10.7	10.10.8.116	->	e	3569	139	8	550
16:59:14	2011-10-05	17	10.10.10.7	239.255.255.250	->	e	2537	1900	10	1745
16:59:14	2011-10-05	17	10.10.10.7	65.6.163.4	<->	e	4725	50144	5	356
16:59:14	2011-10-05	17	10.10.10.7	89.123.188.11	<->	e	4725	8957	5	356
16:59:14	2011-10-05	17	10.10.10.7	90.52.108.231	<->	e	4725	58856	5	356
16:59:14	2011-10-05	17	10.10.10.7	85.11.66.73	<->	e	4725	38338	5	356
16:59:14	2011-10-05	17	10.10.10.7	72.192.20.73	<->	e	4725	16306	5	356
16:59:14	2011-10-05	17	10.10.10.7	219.77.13.11	<->	e	4725	22137	5	356
16:59:14	2011-10-05	17	10.10.10.7	90.201.190.208	<->	e	4725	25439	5	356
16:59:14	2011-10-05	17	10.10.10.7	58.63.39.204	<->	e	4725	40139	5	356
16:59:14	2011-10-05	17	10.10.10.7	77.66.224.30	<->	e	4725	30478	5	356
16:59:14	2011-10-05	17	10.10.10.7	62.65.208.112	<->	e	4725	9342	5	356
16:59:15	2011-10-05	17	10.10.10.7	67.215.242.139	<->	e	4725	6881	7	604
16:59:19	2011-10-05	17	10.10.10.7	65.6.163.4	<-	e	4725	50144	5	300
16:59:20	2011-10-05	1	10.10.10.7	10.10.9.157	<->	e	5	1040	2	156
16:59:22	2011-10-05	1	10.10.10.7	10.10.10.1	<->	e	5	1040	2	156
16:59:19	2011-10-05	6	10.10.10.7	10.10.0.60	->	e	3588	80	9	957
16:59:19	2011-10-05	6	10.10.10.7	92.242.140.35	->	e	2569	6969	10	600
16:59:19	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	3637	80	13	2049
16:59:19	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3935	80	10	1965
16:59:19	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1535	80	3	180
16:59:20	2011-10-05	6	10.10.10.7	10.10.3.161	->	e	3713	445	7	996
16:59:20	2011-10-05	6	10.10.10.7	10.10.3.161	->	e	3714	139	3	184
16:59:20	2011-10-05	6	10.10.10.7	10.10.8.230	->	e	3720	139	8	550
16:59:20	2011-10-05	6	10.10.10.7	10.10.0.67	->	e	3748	80	9	957
16:59:20	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1855	80	5	573
16:59:20	2011-10-05	6	10.10.10.7	10.10.0.55	->	e	120	139	5	370
16:59:20	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	328	80	13	2049
16:59:20	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2868	80	10	1965
16:59:20	2011-10-05	6	10.10.10.7	10.10.9.76	->	e s	66	445	8	1187
16:59:20	2011-10-05	6	10.10.10.7	10.10.9.82	->	e	134	445	1	62
16:59:20	2011-10-05	6	10.10.10.7	10.10.9.82	->	e	34	139	13	981
16:59:20	2011-10-05	6	10.10.10.7	10.10.9.126	->	e	131	139	14	1041
16:59:21	2011-10-05	6	10.10.10.7	10.10.9.166	->	e	37	445	7	996
16:59:21	2011-10-05	6	10.10.10.7	10.10.9.166	->	e	38	139	3	184
16:59:21	2011-10-05	6	10.10.10.7	10.10.0.72	->	e	242	80	9	957
16:59:21	2011-10-05	6	10.10.10.7	10.10.9.225	->	e	273	139	8	550
16:59:21	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	1942	80	4	240
16:59:21	2011-10-05	6	10.10.10.7	10.10.4.57	->	e	1991	139	6	360
16:59:21	2011-10-05	6	10.10.10.7	10.10.7.13	->	e	3105	139	11	660
16:59:21	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	249	80	14	2382
16:59:22	2011-10-05	6	10.10.10.7	10.10.0.77	->	e	501	80	9	957
16:59:22	2011-10-05	6	10.10.10.7	10.10.6.102	->	e	502	445	7	996
16:59:22	2011-10-05	6	10.10.10.7	10.10.5.12	->	e	278	139	3	184
16:59:22	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3237	80	11	2298
16:59:22	2011-10-05	6	10.10.10.7	10.10.9.79	->	e	223	139	8	550
16:59:23	2011-10-05	6	10.10.10.7	10.10.10.1	->	e	91	445	7	996
16:59:23	2011-10-05	6	10.10.10.7	10.10.7.92	->	e	505	139	3	184
16:59:23	2011-10-05	6	10.10.10.7	10.10.10.1	->	e	366	139	8	550
16:59:23	2011-10-05	6	10.10.10.7	10.10.0.81	->	e	251	80	9	957
16:59:23	2011-10-05	6	10.10.10.7	64.18.21.1	->	e	2398	80	4	240
16:59:23	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3454	80	11	2025
16:59:23	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2459	80	5	573
16:59:24	2011-10-05	6	10.10.10.7	10.10.1.246	->	e	343	445	7	996
16:59:24	2011-10-05	6	10.10.10.7	10.10.1.246	->	e	344	139	3	184
16:59:24	2011-10-05	6	10.10.10.7	10.10.0.43	->	e	345	80	9	957
16:59:24	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	524	80	13	2064
16:59:24	2011-10-05	6	10.10.10.7	92.242.140.35	->	e	2569	6969	6	360
16:59:24	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	3637	80	10	1965
16:59:24	2011-10-05	6	10.10.10.7	10.10.0.127	->	e	535	139	8	550
16:59:24	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3935	80	4	240
16:59:25	2011-10-05	6	10.10.10.7	10.10.1.185	->	e	453	445	7	996
16:59:25	2011-10-05	6	10.10.10.7	10.10.9.210	->	e	548	139	3	184
16:59:25	2011-10-05	6	10.10.10.7	10.10.1.173	->	e	551	139	8	550
16:59:25	2011-10-05	6	10.10.10.7	10.10.0.75	->	e	553	80	9	957
16:59:25	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	562	80	14	2397
16:59:25	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	328	80	11	2298
16:59:25	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2868	80	5	573
16:59:25	2011-10-05	6	10.10.10.7	10.10.9.82	->	e	34	139	11	660
16:59:26	2011-10-05	6	10.10.10.7	10.10.2.196	->	e	590	445	7	996
16:59:26	2011-10-05	6	10.10.10.7	10.10.2.196	->	e	57	139	3	184
16:59:26	2011-10-05	6	10.10.10.7	10.10.9.126	->	e	131	139	10	600
16:59:26	2011-10-05	6	10.10.10.7	10.10.0.95	->	e	469	80	9	957
16:59:26	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	390	80	13	2049
16:59:26	2011-10-05	6	10.10.10.7	10.10.0.93	->	e	610	139	8	550
16:59:26	2011-10-05	6	10.10.10.7	10.10.7.13	->	e	3105	139	6	360
16:59:26	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	249	80	10	1965
16:59:27	2011-10-05	6	10.10.10.7	10.10.2.179	->	e	611	445	7	996
16:59:27	2011-10-05	6	10.10.10.7	10.10.2.179	->	e	612	139	3	184
16:59:27	2011-10-05	6	10.10.10.7	10.10.7.66	->	e	614	139	8	550
16:59:27	2011-10-05	6	10.10.10.7	10.10.0.102	->	e	470	80	9	958
16:59:27	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	163	80	14	2397
16:59:27	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3237	80	4	240
16:59:28	2011-10-05	6	10.10.10.7	10.10.1.180	->	e	355	445	7	996
16:59:28	2011-10-05	6	10.10.10.7	10.10.1.180	->	e	144	139	8	550
16:59:28	2011-10-05	6	10.10.10.7	10.10.5.116	->	e	637	139	3	184
16:59:28	2011-10-05	6	10.10.10.7	10.10.0.94	->	e	113	80	9	957
16:59:28	2011-10-05	6	10.10.10.7	199.7.48.190	->	e	458	80	13	2064
16:59:29	2011-10-05	6	10.10.10.7	10.10.2.131	->	e	405	445	7	996
16:59:29	2011-10-05	6	10.10.10.7	10.10.8.136	->	e	657	139	3	184
16:59:29	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	3454	80	3	180
16:59:29	2011-10-05	6	10.10.10.7	10.10.0.109	->	e	25	80	9	958
16:59:29	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	524	80	11	2298
16:59:29	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	3637	80	5	573
16:59:29	2011-10-05	6	10.10.10.7	10.10.0.213	->	e	463	139	8	550
16:59:29	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	681	8080	16	1168
16:59:29	2011-10-05	6	10.10.10.7	66.16.230.11	->	e	690	80	14	2407
16:59:30	2011-10-05	6	10.10.10.7	10.10.8.176	->	e	693	445	7	996
16:59:30	2011-10-05	6	10.10.10.7	10.10.8.176	->	e	694	139	3	184
16:59:30	2011-10-05	6	10.10.10.7	10.10.9.74	->	e	706	139	8	550
16:59:30	2011-10-05	6	10.10.10.7	10.10.0.119	->	e	707	80	9	958
16:59:30	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	562	80	10	1965
16:59:30	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	328	80	4	240
16:59:30	2011-10-05	6	10.10.10.7	10.10.9.82	->	e	34	139	6	360
16:59:31	2011-10-05	6	10.10.10.7	10.10.0.114	->	e	743	445	7	996
16:59:31	2011-10-05	6	10.10.10.7	10.10.0.114	->	e	744	139	3	184
16:59:31	2011-10-05	6	10.10.10.7	10.10.9.126	->	e	131	139	7	420
16:59:31	2011-10-05	6	10.10.10.7	10.10.0.42	->	e	758	139	8	550
16:59:31	2011-10-05	6	10.10.10.7	10.10.0.125	->	e	761	80	9	958
16:59:31	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	390	80	10	1965
16:59:31	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	249	80	4	240
16:59:32	2011-10-05	6	10.10.10.7	10.10.9.148	->	e	794	445	7	996
16:59:32	2011-10-05	6	10.10.10.7	10.10.9.148	->	e	795	139	3	184
16:59:32	2011-10-05	6	10.10.10.7	10.10.0.32	->	e	808	80	9	957
16:59:32	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	163	80	10	1965
16:59:33	2011-10-05	6	10.10.10.7	10.10.1.20	->	e	841	445	7	996
16:59:33	2011-10-05	6	10.10.10.7	10.10.1.20	->	e	842	139	3	184
16:59:33	2011-10-05	6	10.10.10.7	10.10.0.74	->	e	857	80	9	957
16:59:33	2011-10-05	6	10.10.10.7	199.7.48.190	->	e	458	80	11	2298
16:59:34	2011-10-05	6	10.10.10.7	10.10.4.44	->	e	888	445	7	996
16:59:34	2011-10-05	6	10.10.10.7	10.10.4.44	->	e	889	139	3	184
16:59:34	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	908	80	13	2066
16:59:34	2011-10-05	6	10.10.10.7	10.10.4.171	->	e	907	139	8	550
16:59:34	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	524	80	4	240
16:59:34	2011-10-05	6	10.10.10.7	10.10.0.131	->	e	909	80	9	958
16:59:34	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	681	8080	11	660
16:59:35	2011-10-05	6	10.10.10.7	10.10.8.61	->	e	945	445	7	996
16:59:35	2011-10-05	6	10.10.10.7	10.10.8.61	->	e	946	139	3	184
16:59:35	2011-10-05	6	10.10.10.7	66.16.230.11	->	e	690	80	11	2025
16:59:35	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	958	80	14	2399
16:59:35	2011-10-05	6	10.10.10.7	10.10.0.141	->	e	960	80	9	958
16:59:35	2011-10-05	6	10.10.10.7	199.7.71.190	->	e	562	80	4	240
16:59:35	2011-10-05	6	10.10.10.7	10.10.1.144	->	e	3837	139	8	550
16:59:36	2011-10-05	6	10.10.10.7	10.10.3.64	->	e	982	445	7	996
16:59:36	2011-10-05	6	10.10.10.7	10.10.3.64	->	e	983	139	3	184
16:59:36	2011-10-05	6	10.10.10.7	10.10.9.235	->	e	985	139	8	550
16:59:36	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	992	80	14	2399
16:59:36	2011-10-05	6	10.10.10.7	10.10.0.143	->	e	1011	80	9	958
16:59:36	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	390	80	5	573
16:59:37	2011-10-05	6	10.10.10.7	10.10.9.164	->	e	1026	445	7	996
16:59:37	2011-10-05	6	10.10.10.7	10.10.9.164	->	e	1027	139	3	184
16:59:37	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3856	80	13	2066
16:59:37	2011-10-05	6	10.10.10.7	10.10.0.153	->	e	1043	80	9	958
16:59:37	2011-10-05	6	10.10.10.7	10.10.9.151	->	e	1046	139	8	550
16:59:37	2011-10-05	6	10.10.10.7	199.7.51.190	->	e	163	80	4	240
16:59:38	2011-10-05	6	10.10.10.7	10.10.1.29	->	e	1065	445	7	996
16:59:38	2011-10-05	6	10.10.10.7	10.10.1.8	->	e	1067	139	3	184
16:59:38	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	1084	80	13	2066
16:59:38	2011-10-05	6	10.10.10.7	10.10.0.159	->	e	1087	80	9	958
16:59:38	2011-10-05	6	10.10.10.7	199.7.48.190	->	e	458	80	4	240
16:59:39	2011-10-05	6	10.10.10.7	10.10.1.120	->	e	1115	445	7	996
16:59:39	2011-10-05	6	10.10.10.7	10.10.2.22	->	e	1110	139	3	184
16:59:39	2011-10-05	6	10.10.10.7	10.10.2.36	->	e	1118	139	8	550
16:59:39	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	908	80	11	2298
16:59:39	2011-10-05	6	10.10.10.7	10.10.0.169	->	e	1141	80	9	958
16:59:40	2011-10-05	6	10.10.10.7	10.10.3.212	->	e	1172	445	7	996
16:59:40	2011-10-05	6	10.10.10.7	10.10.3.212	->	e	1173	139	3	184
16:59:40	2011-10-05	6	10.10.10.7	10.10.2.29	->	e	1181	139	8	550
16:59:40	2011-10-05	6	10.10.10.7	10.10.0.170	->	e	1204	80	9	958
16:59:40	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	958	80	11	2025
16:59:40	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	681	8080	4	240
16:59:40	2011-10-05	6	10.10.10.7	66.16.230.11	->	e	690	80	3	180
16:59:41	2011-10-05	6	10.10.10.7	10.10.2.34	->	e	1232	139	8	550
16:59:41	2011-10-05	6	10.10.10.7	10.10.0.140	->	e	1233	445	7	996
16:59:41	2011-10-05	6	10.10.10.7	10.10.0.140	->	e	1234	139	3	184
16:59:41	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	992	80	10	1965
16:59:41	2011-10-05	6	10.10.10.7	10.10.0.175	->	e	1267	80	9	958
16:59:42	2011-10-05	6	10.10.10.7	10.10.2.99	->	e	1294	445	7	996
16:59:42	2011-10-05	6	10.10.10.7	10.10.2.99	->	e	1295	139	3	184
16:59:42	2011-10-05	6	10.10.10.7	10.10.8.90	->	e	1305	139	8	550
16:59:42	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3856	80	11	2298
16:59:42	2011-10-05	6	10.10.10.7	10.10.0.180	->	e	1336	80	9	958
16:59:43	2011-10-05	6	10.10.10.7	10.10.2.72	->	e	1366	445	7	996
16:59:43	2011-10-05	6	10.10.10.7	10.10.8.102	->	e	1370	139	3	184
16:59:43	2011-10-05	6	10.10.10.7	10.10.0.78	->	e	1376	139	8	550
16:59:43	2011-10-05	6	10.10.10.7	10.10.2.48	->	e	1386	139	6	430
16:59:43	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	1084	80	11	2298
16:59:43	2011-10-05	6	10.10.10.7	10.10.0.185	->	e	1410	80	9	958
16:59:44	2011-10-05	6	10.10.10.7	10.10.8.76	->	e	1437	445	7	996
16:59:44	2011-10-05	6	10.10.10.7	10.10.8.76	->	e	1438	139	3	184
16:59:44	2011-10-05	6	10.10.10.7	10.10.8.240	->	e	1458	139	8	550
16:59:44	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	908	80	4	240
16:59:44	2011-10-05	6	10.10.10.7	10.10.0.189	->	e	1482	80	9	958
16:59:45	2011-10-05	6	10.10.10.7	10.10.9.149	->	e	1515	445	7	996
16:59:45	2011-10-05	6	10.10.10.7	10.10.9.149	->	e	1516	139	3	184
16:59:45	2011-10-05	6	10.10.10.7	10.10.1.242	->	e	1558	139	8	550
16:59:45	2011-10-05	6	10.10.10.7	10.10.0.197	->	e	1616	80	9	958
16:59:46	2011-10-05	6	10.10.10.7	10.10.0.191	->	e	1643	445	7	996
16:59:46	2011-10-05	6	10.10.10.7	10.10.0.191	->	e	1644	139	3	184
16:59:46	2011-10-05	6	10.10.10.7	10.10.4.119	->	e	1661	139	8	550
16:59:46	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	992	80	4	240
16:59:46	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	958	80	3	180
16:59:46	2011-10-05	6	10.10.10.7	10.10.0.198	->	e	1749	80	9	958
16:59:47	2011-10-05	6	10.10.10.7	10.10.3.229	->	e	1773	445	7	996
16:59:47	2011-10-05	6	10.10.10.7	10.10.8.94	->	e	1775	139	3	184
16:59:47	2011-10-05	6	10.10.10.7	10.10.3.229	->	e	1776	139	8	550
16:59:47	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	3856	80	4	240
16:59:47	2011-10-05	6	10.10.10.7	10.10.0.204	->	e	1861	80	9	958
16:59:48	2011-10-05	6	10.10.10.7	10.10.2.215	->	e	1905	445	7	996
16:59:48	2011-10-05	6	10.10.10.7	10.10.2.167	->	e	1907	139	3	184
16:59:48	2011-10-05	6	10.10.10.7	10.10.6.74	->	e	1913	139	8	550
16:59:48	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	1084	80	4	240
16:59:48	2011-10-05	6	10.10.10.7	10.10.0.212	->	e	1992	80	9	958
16:59:49	2011-10-05	6	10.10.10.7	10.10.9.165	->	e	1999	445	7	996
16:59:49	2011-10-05	6	10.10.10.7	10.10.9.165	->	e	2000	139	3	184
16:59:49	2011-10-05	6	10.10.10.7	10.10.5.23	->	e	2002	139	8	550
16:59:49	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2111	80	14	2399
16:59:49	2011-10-05	6	10.10.10.7	10.10.0.163	->	e	2112	80	9	958
16:59:50	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2121	8080	15	1108
16:59:50	2011-10-05	6	10.10.10.7	10.10.0.222	->	e	2122	80	9	958
16:59:50	2011-10-05	6	10.10.10.7	10.10.0.163	->	e	2123	445	7	996
16:59:50	2011-10-05	6	10.10.10.7	10.10.0.163	->	e	2125	139	3	184
16:59:51	2011-10-05	6	10.10.10.7	10.10.0.220	->	e	2129	445	7	996
16:59:51	2011-10-05	6	10.10.10.7	10.10.0.220	->	e	2130	139	3	184
16:59:51	2011-10-05	6	10.10.10.7	10.10.0.227	->	e	2131	80	9	958
16:59:52	2011-10-05	6	10.10.10.7	10.10.0.240	->	e	2132	80	9	958
16:59:52	2011-10-05	6	10.10.10.7	10.10.0.222	->	e	2136	445	7	996
16:59:52	2011-10-05	6	10.10.10.7	10.10.0.227	->	e	2138	139	3	184
16:59:53	2011-10-05	6	10.10.10.7	10.10.0.244	->	e	2143	80	9	958
16:59:53	2011-10-05	6	10.10.10.7	10.10.0.240	->	e	2147	445	7	996
16:59:53	2011-10-05	6	10.10.10.7	10.10.0.240	->	e	2148	139	3	184
16:59:54	2011-10-05	6	10.10.10.7	10.10.0.246	->	e	2155	80	9	958
16:59:54	2011-10-05	6	10.10.10.7	10.10.0.244	->	e	2156	445	7	996
16:59:54	2011-10-05	6	10.10.10.7	10.10.0.244	->	e	2157	139	3	184
16:59:54	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2111	80	10	1965
16:59:55	2011-10-05	6	10.10.10.7	10.10.0.247	->	e	2167	80	9	958
16:59:55	2011-10-05	6	10.10.10.7	10.10.0.246	->	e	2168	445	7	996
16:59:55	2011-10-05	6	10.10.10.7	10.10.0.246	->	e	2169	139	3	184
16:59:55	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2121	8080	10	600
16:59:56	2011-10-05	6	10.10.10.7	10.10.1.0	->	e	2181	80	9	956
16:59:56	2011-10-05	6	10.10.10.7	10.10.0.255	->	e	2183	445	7	996
16:59:56	2011-10-05	6	10.10.10.7	10.10.0.255	->	e	2184	139	3	184
16:59:57	2011-10-05	6	10.10.10.7	10.10.1.6	->	e	2191	80	9	956
16:59:57	2011-10-05	6	10.10.10.7	10.10.1.0	->	e	2192	445	7	996
16:59:57	2011-10-05	6	10.10.10.7	10.10.1.0	->	e	2193	139	3	184
16:59:58	2011-10-05	6	10.10.10.7	10.10.1.24	->	e	2203	80	9	957
16:59:58	2011-10-05	6	10.10.10.7	10.10.1.6	->	e	2204	445	7	996
16:59:58	2011-10-05	6	10.10.10.7	10.10.1.6	->	e	2205	139	3	184
16:59:59	2011-10-05	6	10.10.10.7	10.10.1.26	->	e	2215	80	9	957
16:59:59	2011-10-05	6	10.10.10.7	10.10.1.24	->	e	2217	445	7	996
16:59:59	2011-10-05	6	10.10.10.7	10.10.1.24	->	e	2218	139	3	184
16:59:59	2011-10-05	6	10.10.10.7	205.234.175.175	->	e	2111	80	4	240
17:00:00	2011-10-05	6	10.10.10.7	10.10.1.46	->	e	2228	80	9	957
17:00:00	2011-10-05	6	10.10.10.7	10.10.1.26	->	e	2229	445	7	996
17:00:00	2011-10-05	6	10.10.10.7	10.10.1.26	->	e	2230	139	3	184
17:00:00	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2121	8080	6	360
17:00:01	2011-10-05	6	10.10.10.7	10.10.1.42	->	e	2241	80	9	957
17:00:01	2011-10-05	6	10.10.10.7	10.10.1.46	->	e	2246	445	7	996
17:00:01	2011-10-05	6	10.10.10.7	10.10.1.46	->	e	2247	139	3	184
17:00:02	2011-10-05	6	10.10.10.7	10.10.1.47	->	e	2294	80	9	957
17:00:02	2011-10-05	6	10.10.10.7	10.10.1.36	->	e	2298	445	7	996
17:00:02	2011-10-05	6	10.10.10.7	10.10.1.36	->	e	2299	139	3	184
17:00:03	2011-10-05	6	10.10.10.7	10.10.1.61	->	e	2306	80	9	957
17:00:03	2011-10-05	6	10.10.10.7	10.10.1.47	->	e	2307	445	7	996
17:00:03	2011-10-05	6	10.10.10.7	10.10.1.47	->	e	2308	139	3	184
17:00:04	2011-10-05	6	10.10.10.7	10.10.1.58	->	e	2318	80	9	957
17:00:04	2011-10-05	6	10.10.10.7	10.10.1.61	->	e	2319	445	7	996
17:00:04	2011-10-05	6	10.10.10.7	10.10.1.61	->	e	2320	139	3	184
17:00:05	2011-10-05	6	10.10.10.7	10.10.1.63	->	e	2330	80	9	957
17:00:05	2011-10-05	6	10.10.10.7	10.10.1.58	->	e	2331	445	7	996
17:00:05	2011-10-05	6	10.10.10.7	10.10.1.58	->	e	2332	139	3	184
17:00:06	2011-10-05	6	10.10.10.7	10.10.1.63	->	e d	2343	445	7	1437
17:00:06	2011-10-05	6	10.10.10.7	10.10.0.167	->	e d	2342	80	7	1111
17:00:06	2011-10-05	6	10.10.10.7	10.10.1.63	->	e	2344	139	3	184
17:00:12	2011-10-05	6	10.10.10.7	10.10.1.63	->	e	2343	445	2	120
17:00:12	2011-10-05	6	10.10.10.7	10.10.0.167	->	e	2342	80	4	1629
17:00:12	2011-10-05	6	10.10.10.7	10.10.1.70	->	e	2351	80	3	1569
17:00:12	2011-10-05	6	10.10.10.7	10.10.0.160	->	e	2354	80	9	958
17:00:12	2011-10-05	6	10.10.10.7	10.10.0.167	->	e	2358	445	7	996
17:00:12	2011-10-05	6	10.10.10.7	10.10.0.167	->	e	2359	139	3	184
17:00:13	2011-10-05	6	10.10.10.7	10.10.1.77	->	e	2366	80	9	957
17:00:13	2011-10-05	6	10.10.10.7	10.10.0.160	->	e	2370	445	7	996
17:00:13	2011-10-05	6	10.10.10.7	10.10.0.160	->	e	2371	139	3	184
17:00:14	2011-10-05	6	10.10.10.7	10.10.1.80	->	e	2378	80	9	957
17:00:14	2011-10-05	6	10.10.10.7	10.10.1.77	->	e	2382	445	7	996
17:00:14	2011-10-05	6	10.10.10.7	10.10.1.77	->	e	2383	139	3	184
17:00:15	2011-10-05	6	10.10.10.7	10.10.1.79	->	e	2386	445	7	996
17:00:15	2011-10-05	6	10.10.10.7	10.10.1.79	->	e	2387	139	3	184
17:00:15	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2390	8080	16	1168
17:00:15	2011-10-05	6	10.10.10.7	10.10.1.88	->	e	2391	80	9	957
17:00:16	2011-10-05	6	10.10.10.7	10.10.1.81	->	e	2397	445	7	996
17:00:16	2011-10-05	6	10.10.10.7	10.10.1.81	->	e	2398	139	3	184
17:00:16	2011-10-05	6	10.10.10.7	10.10.1.99	->	e	2403	80	9	957
17:00:17	2011-10-05	6	10.10.10.7	10.10.1.91	->	e	2408	445	7	996
17:00:17	2011-10-05	6	10.10.10.7	10.10.1.88	->	e	2411	139	3	184
17:00:17	2011-10-05	6	10.10.10.7	10.10.1.91	->	e	2414	139	8	550
17:00:18	2011-10-05	6	10.10.10.7	10.10.0.108	->	e	2429	80	9	958
17:00:18	2011-10-05	6	10.10.10.7	10.10.1.99	->	e	2435	445	7	996
17:00:18	2011-10-05	6	10.10.10.7	10.10.1.99	->	e	2441	139	8	550
17:00:19	2011-10-05	6	10.10.10.7	10.10.1.107	->	e	2467	80	9	958
17:00:19	2011-10-05	6	10.10.10.7	10.10.1.103	->	e	2469	445	7	996
17:00:19	2011-10-05	6	10.10.10.7	10.10.1.105	->	e	2477	139	3	184
17:00:20	2011-10-05	6	10.10.10.7	10.10.1.113	->	e	2481	80	9	958
17:00:20	2011-10-05	6	10.10.10.7	10.10.1.107	->	e	2483	445	7	996
17:00:20	2011-10-05	6	10.10.10.7	10.10.1.107	->	e	2484	139	3	184
17:00:20	2011-10-05	6	10.10.10.7	61.136.101.24	->	e d	2390	8080	13	780
17:00:21	2011-10-05	6	10.10.10.7	10.10.1.113	->	e	2494	445	7	996
17:00:21	2011-10-05	6	10.10.10.7	10.10.0.201	->	e	2495	80	9	958
17:00:21	2011-10-05	6	10.10.10.7	10.10.1.113	->	e	2496	139	3	184
17:00:22	2011-10-05	6	10.10.10.7	10.10.1.125	->	e	2511	80	9	958
17:00:22	2011-10-05	6	10.10.10.7	10.10.1.121	->	e	2512	445	7	996
17:00:22	2011-10-05	6	10.10.10.7	10.10.1.121	->	e	2513	139	3	184
17:00:23	2011-10-05	6	10.10.10.7	10.10.1.132	->	e	2527	80	9	958
17:00:23	2011-10-05	6	10.10.10.7	10.10.1.131	->	e	2528	445	7	996
17:00:23	2011-10-05	6	10.10.10.7	10.10.1.131	->	e	2529	139	3	184
17:00:24	2011-10-05	6	10.10.10.7	10.10.1.139	->	e	2530	80	9	958
17:00:24	2011-10-05	6	10.10.10.7	10.10.1.126	->	e	2534	445	7	996
17:00:24	2011-10-05	6	10.10.10.7	10.10.0.217	->	e	2537	139	3	184
17:00:25	2011-10-05	6	10.10.10.7	10.10.1.141	->	e	2541	80	9	958
17:00:25	2011-10-05	6	10.10.10.7	10.10.1.139	->	e	2542	445	7	996
17:00:25	2011-10-05	6	10.10.10.7	10.10.1.139	->	e	2543	139	3	184
17:00:25	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2390	8080	4	240
17:00:26	2011-10-05	6	10.10.10.7	10.10.1.152	->	e	2558	80	9	958
17:00:26	2011-10-05	6	10.10.10.7	10.10.1.143	->	e	2559	445	7	996
17:00:26	2011-10-05	6	10.10.10.7	10.10.1.143	->	e	2560	139	3	184
17:00:26	2011-10-05	6	10.10.10.7	10.10.1.142	->	e	2562	139	5	370
17:00:27	2011-10-05	6	10.10.10.7	10.10.1.154	->	e	2566	80	9	958
17:00:27	2011-10-05	6	10.10.10.7	10.10.0.157	->	e	2570	445	7	996
17:00:27	2011-10-05	6	10.10.10.7	10.10.0.157	->	e	2571	139	3	184
17:00:28	2011-10-05	6	10.10.10.7	10.10.1.158	->	e	2579	80	9	958
17:00:28	2011-10-05	6	10.10.10.7	10.10.1.154	->	e	2581	445	7	996
17:00:28	2011-10-05	6	10.10.10.7	10.10.1.154	->	e	2583	139	3	184
17:00:29	2011-10-05	6	10.10.10.7	10.10.1.12	->	e	3914	80	9	957
17:00:29	2011-10-05	6	10.10.10.7	10.10.1.158	->	e	2589	445	7	996
17:00:29	2011-10-05	6	10.10.10.7	10.10.1.158	->	e	2590	139	3	184
17:00:30	2011-10-05	6	10.10.10.7	10.10.0.82	->	e	2610	80	9	957
17:00:30	2011-10-05	6	10.10.10.7	10.10.1.12	->	e	2612	445	7	996
17:00:30	2011-10-05	6	10.10.10.7	10.10.1.12	->	e	2614	139	8	550
17:00:30	2011-10-05	6	10.10.10.7	10.10.0.214	->	e	2619	139	3	184
17:00:30	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2743	8080	17	1228
17:00:31	2011-10-05	6	10.10.10.7	10.10.1.169	->	e	2755	80	9	958
17:00:31	2011-10-05	6	10.10.10.7	10.10.0.82	->	e	2756	445	7	996
17:00:31	2011-10-05	6	10.10.10.7	10.10.0.82	->	e	2757	139	3	184
17:00:32	2011-10-05	6	10.10.10.7	10.10.0.221	->	e	2768	80	9	958
17:00:32	2011-10-05	6	10.10.10.7	10.10.1.169	->	e	2769	445	7	996
17:00:32	2011-10-05	6	10.10.10.7	10.10.1.169	->	e	2770	139	3	184
17:00:33	2011-10-05	6	10.10.10.7	10.10.0.156	->	e	2783	80	9	958
17:00:33	2011-10-05	6	10.10.10.7	10.10.0.221	->	e	2784	445	7	996
17:00:33	2011-10-05	6	10.10.10.7	10.10.0.221	->	e	2785	139	3	184
17:00:34	2011-10-05	6	10.10.10.7	10.10.1.198	->	e	2791	80	9	958
17:00:34	2011-10-05	6	10.10.10.7	10.10.1.190	->	e	2803	445	7	996
17:00:34	2011-10-05	6	10.10.10.7	10.10.1.190	->	e	2792	139	3	184
17:00:35	2011-10-05	6	10.10.10.7	10.10.1.207	->	e	2825	80	9	958
17:00:35	2011-10-05	6	10.10.10.7	10.10.1.199	->	e	2826	445	7	996
17:00:35	2011-10-05	6	10.10.10.7	10.10.1.199	->	e	2827	139	3	184
17:00:36	2011-10-05	6	10.10.10.7	61.136.101.24	->	e	2743	8080	2	120
17:00:36	2011-10-05	6	10.10.10.7	10.10.1.214	->	e	2875	80	5	445
17:00:37	2011-10-05	6	10.10.10.7	10.10.0.36	->	e	2878	445	5	435
17:00:37	2011-10-05	6	10.10.10.7	10.10.0.36	->	e	2879	139	3	184
17:00:37	2011-10-05	6	10.10.10.7	10.10.1.13	->	e	2880	445	4	375
17:00:37	2011-10-05	6	10.10.10.7	10.10.1.222	->	e	2884	80	5	445
17:00:37	2011-10-05	6	10.10.10.7	10.10.1.215	->	e	2885	80	1	62
16:59:19	2011-10-05	17	10.10.10.7	89.123.188.11	<-	e	4725	8957	5	300
16:59:19	2011-10-05	17	10.10.10.7	90.52.108.231	<-	e	4725	58856	5	300
16:59:19	2011-10-05	17	10.10.10.7	85.11.66.73	<-	e	4725	38338	5	300
16:59:19	2011-10-05	17	10.10.10.7	72.192.20.73	<-	e	4725	16306	5	300
16:59:19	2011-10-05	17	10.10.10.7	219.77.13.11	<-	e	4725	22137	5	300
16:59:19	2011-10-05	17	10.10.10.7	90.201.190.208	<-	e	4725	25439	5	300
16:59:19	2011-10-05	17	10.10.10.7	58.63.39.204	<-	e	4725	40139	5	300
16:59:19	2011-10-05	17	10.10.10.7	77.66.224.30	<-	e	4725	30478	5	300
16:59:19	2011-10-05	17	10.10.10.7	62.65.208.112	<-	e	4725	9342	5	300
16:59:21	2011-10-05	17	10.10.10.7	67.215.242.139	<-	e	4725	6881	6	360
16:59:24	2011-10-05	17	10.10.10.7	65.6.163.4	<-	e	4725	50144	1	60
16:59:24	2011-10-05	17	10.10.10.7	89.123.188.11	<-	e	4725	8957	1	60
16:59:24	2011-10-05	17	10.10.10.7	90.52.108.231	<-	e	4725	58856	1	60
16:59:24	2011-10-05	17	10.10.10.7	85.11.66.73	<-	e	4725	38338	1	60
16:59:24	2011-10-05	17	10.10.10.7	72.192.20.73	<-	e	4725	16306	1	60
16:59:24	2011-10-05	17	10.10.10.7	219.77.13.11	<-	e	4725	22137	1	60
16:59:24	2011-10-05	17	10.10.10.7	90.201.190.208	<-	e	4725	25439	1	60
16:59:24	2011-10-05	17	10.10.10.7	58.63.39.204	<-	e	4725	40139	1	60
16:59:24	2011-10-05	17	10.10.10.7	77.66.224.30	<-	e	4725	30478	1	60
16:59:24	2011-10-05	17	10.10.10.7	62.65.208.112	<-	e	4725	9342	1	60
16:59:27	2011-10-05	17	10.10.10.7	67.215.242.139	<-	e	4725	6881	3	180

Packer Results

Packer Name

HoneyTrap Results

Honey Trap Log File Location

PTFB Results

PTFB Log File Location