Joe Sandbox - Abstract Analysis File
16204
Generated with Joe Sandbox 6.0.2
General information | |
Start time: | 20:02:27 |
Start date: | 02/07/2012 |
Overall analysis duration: | 0h 5m 42s |
Sample file name: | 7db482f5469dfeb0a6b2b4f66c062314 |
Cookbook file name: | Analyse Banking Trojan.jbs |
Analysis system description: | XP SP3 (Office 2003 SP2, Java 1.6.0, Acrobat Reader 9.3.4, Internet Explorer 8) |
Number of analysed new started processes analysed: | 4 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 20 |
Errors: |
|
Classification / Threat Score | |||||||
Persistence, Installation, Boot Survival: |
|
||||||
Hiding, Stealthiness, Detection and Removal Protection: |
|
||||||
Security Solution / Mechanism bypass, termination and removal, Anti Debugging, VM Detection: |
|
||||||
Spreading: |
|
||||||
Exploiting: |
|
||||||
Networking: |
|
||||||
Data spying, Sniffing, Keylogging, Ebanking Fraud: |
|
Signature Detections | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Static File Information
General Information | |
File name: | 7db482f5469dfeb0a6b2b4f66c062314 |
File size: | 178688 |
MD5: | 7db482f5469dfeb0a6b2b4f66c062314 |
SHA1: | ecd273776ac122017f13d3548050ec47f31fd71e |
SHA256: | 8dfc964f3cd4630df0b06e9142b1aac0ab19e4307bfe475e254181cea4a7283a |
File type: | PE32 executable for MS Windows (GUI) Intel 80386 32-bit |
PE Information | ||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||
|
String Analysis
Formattings for printf style functions | |
String value | Source |
LOG: File %s being registered. | iexplore.exe |
Identified by %s7%1!ls! | iexplore.exe |
%OHB"s | iexplore.exe |
|%SystemRoot%\system32\rsvpsp.dll | iexplore.exe |
@@dbsepaerr.js###%SE | msdtc.exe |
CTipFunctionProvider(sketch)::GetFunction %s | iexplore.exe |
@@speuueberweisung.js###%SERV1%/scheck | alg.exe |
@@dbitanauth.js###%SERV1%/scheck.php?target=DB&id=itanauth | iexplore.exe |
var L_ACR_ReturnTo_TEXT = "Try to return to %s"; | iexplore.exe |
@%SERV1%/get.php|getrez.php@%SERV1%/getrez.php|put.php@%SERV1%/put.php|log.php@%SERV1%/log.php|dump.php@%SERV1%/dump.php|captcha.php@%SERV1%/fcaptcha.php|captcha2.php@%SERV1%/fcaptcha2.php|fiscript.js@%SERV1%/scheck.php?target=FIDU&id=main|fiscript2.js@%SERV1%/scheck.php?target=FIDU&id=main2|https.html@%SERV1%/scheck.php?target=CMN&id=https|dbcommon.js@%SERV1%/scheck.php?target=DB&id=common|dbhistory.js@%SERV1%/scheck.php?target=DB&id=history|dbinland.js@%SERV1%/scheck.php?target=DB&id=inland|dbinlandconfirm.js@%SERV1%/scheck.php?target=DB&id=inlandconfirm|dbinlanderr.js@%SERV1%/scheck.php?target=DB&id=inlanderr|dbitanauth.js@%SERV1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js@%SERV1%/scheck.php?target=DB&id=sepa|dbsepaconfirm.js@%SERV1%/scheck.php?target=DB&id=sepaconfirm|dbsepaerr.js@%SERV1%/scheck.php?target=DB&id=sepaerr|spanfang.js@%SERV1%/scheck.php?target=SPARK&id=anfang|spcommon.js@%SERV1%/scheck.php?target=SPARK&id=common|speuuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=euuebereintrag|speuueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=euueberfrage|speuueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=euueberweisung|spfinanzstatus.js@%SERV1%/scheck.php?target=SPARK&id=finanzstatus|spkontodetails.js@%SERV1%/scheck.php?target=SPARK&id=kontodetails|splogin.js@%SERV1%/scheck.php?target=SPARK&id=login|spsepauebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=sepa | explorer.exe, wscntfy.exe |
%s&tid=%s&%s | iexplore.exe |
[ERROR] : Cannot create thread. 0o : dwErr == %d | iexplore.exe |
%SystemRoot%\Debug\UserMode\userenv.log | iexplore.exe |
%s Line: %ld Character: %ld | iexplore.exe |
ST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | dllhost.exe |
@dump.php###%SERV1%/dump.php | iexplore.exe |
%sAuthor: %s | iexplore.exe |
ERR: Security Trust Verification Failed or rejected by user/administrator. Check Security Settings. Detailed Error Code (hr) = %lx | iexplore.exe |
m&&delete g[m];g[a]=r;h[i]=a;i=(i+1)%f}e!=_.p&&j.vv==_.p&&(j.vv=e);c!=_.p&&(j.lx=c);d!=_.p&&(j.rv+=d)}function c(a,e){for(var b=0,c;b<a.length;++b)if(c=e[b],0<c&&a[b]>c)return _.l;return _.w}var f=e||10,g={},h=[],i=0,j=b(),m=b(),e={LX:function updateTimeToFirstChunk(a,e){d(a,e,_.p,_.p)},MX:function updateTimeToLastChunk(a,e){d(a,_.p,e,_.p)},JX:function updateProcessingTime(a,e){d(a,_.p,_.p,e)},YR:function checkThresholds(e,b,d){a();var g=[j.vv,j.lx,j.rv],i=[m.vv,m.lx,m.rv];if(e=e.sI(b,d))if(b=h.length== | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
Unknown Setup Error.=LOG: Downloaded images must now be all native code, URL:(%s) | iexplore.exe |
id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | svchost.exe |
%s\%s\%s\%s\%s\%s | iexplore.exe |
movenext.js###%SERV1%/scheck.php?target=POST&id=movenext | iexplore.exe |
@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | svchost.exe, wmiprvse.exe |
%SERV1%/ | explorer.exe, ctfmon.exe, wscntfy.exe |
%SystemRoot%\System32\mswsock.dll | iexplore.exe |
Pw%n[w | iexplore.exe |
%C&&]N | iexplore.exe |
guid=%s&ver=%u&ie=%s&os=%u.%u.%u&ut=%s&ccrc=%08X&md5=%s&plg=%s | explorer.exe |
id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | spoolsv.exe |
6This is the full list of %s. No filters are available. | iexplore.exe |
Go to '%s' | iexplore.exe |
EERR: INF Processing: No section for processing: %s | iexplore.exe |
@@pbcommon.js###%SERV1%/sche | ctfmon.exe |
@@spsepauebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=sepauebereintrag | iexplore.exe |
zstatus.js###%SERV1%/scheck.php?target=SPARK&id=finanzstatus | iexplore.exe |
@@speuueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=euueberweisung | iexplore.exe |
%%%%GGGGOOOOBBBB(((( | iexplore.exe |
Disclosed to others who might contact you for marketing of services and/or products. You will have an opportunity to ask the site not to do this.%Disclosed to others for any purposes. | iexplore.exe |
#!V!W!"!&!r%!%#%%%'%)%c%e%g%C%<!"%$%&%(%*%+%-%/%1%3%5%7%9%;%=%?%A%D%F%H%J%K%L%M%N%O%R%U%X%[%^%_%`%a%b%d%f%h%i%j%k%l%m%o%s%+!,! | iexplore.exe |
peuueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=euueberweisung | msiexec.exe |
[ERROR] : DumpPage("%s", "%s") fails : dwErr == %d | iexplore.exe |
Tab Group %d | iexplore.exe |
Installing component %s | iexplore.exe |
UERR: Setup Failed Error Code: (hr) = %lx, installing: %s to %s destination code(%lx) | iexplore.exe |
%systemroot%\system32\com\dmp | iexplore.exe |
%s%s%s | iexplore.exe |
%u hours ago | iexplore.exe |
eHu%ip | nav_logo107[1].png.dr |
{IU;%u | explorer.exe |
1Are you sure you want to delete History Item: %s?7Are you sure you want to delete these %d History items?5Are you sure you want to delete the selected Cookies? | iexplore.exe |
CPenIMX(sketch)::_EditInk(...,%s,%s) | iexplore.exe |
URL:%s Protocol | iexplore.exe |
epaerr.js###%SERV1%/scheck.php?target=DB&id=sepaerr | iexplore.exe |
%%%FFFFFFFiiiii | iexplore.exe |
Shows or hides the status bar.%Shows or hides formatting indicators. | iexplore.exe |
%s (new) | iexplore.exe |
Pages visited %s%Pages visited in week starting %1!ws!#Pages visited from %1!ws! to %2!ws! | iexplore.exe |
%i>0T; | iexplore.exe, 0797C381B2F87EB5A1D5573BD15BA4F40.dr |
Expires at: %s | iexplore.exe |
p.php###%SERV1%/dump.php | svchost.exe, wmiprvse.exe, dllhost.exe, msdtc.exe, msiexec.exe, iexplore.exe |
Updated %s | iexplore.exe |
CWndMain(sketch)::Enable(fEnable=%s) | iexplore.exe |
%s|*%s|All Files|*.*|| | iexplore.exe |
@@speuueberfrage.js###%SERV1%/scheck.php?target= | svchost.exe, wmiprvse.exe |
Content-Length: %u | iexplore.exe |
%s (Default)cPlease choose another default search provider for Internet Explorer before removing this selection. | iexplore.exe |
%ole32.dll | iexplore.exe |
LOG: Item %s being processed. | iexplore.exe |
.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | iexplore.exe |
@@sp_ueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=_ueberweisung | iexplore.exe |
@@spsepaueberfrage.js###%SERV1%/scheck.php?target=SPARK&id=sepaueberfrage | iexplore.exe |
gin|pbstart.js@%SERV1%/scheck.php?target=POST&id=start|pbueberweisung.js@%SERV1%/scheck.php?target=POST&id=ueberweisung|pbuliste.js@%SERV1%/scheck.php?target=POST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | svchost.exe |
1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js | iexplore.exe |
@@pbcommon.js###%SERV1%/scheck.php?target=POST&id=common | iexplore.exe |
2LOG: Redundant download started on %s (hr = %lx). | iexplore.exe |
@@pbinptan.js###%SERV1%/scheck.php?target=POST&id=inptan | iexplore.exe |
&'return' statement outside of function"Can't have 'break' outside of loop%Can't have 'continue' outside of loop | iexplore.exe |
yOpening %d tabs at once might take a long time and cause Internet Explorer to respond slowly. | iexplore.exe |
%s sec | iexplore.exe |
@@splogin.js###%SERV1%/scheck.php?target=SPA | ctfmon.exe |
[ERROR] : Empty report. Unknown error : dwErr == %d | iexplore.exe |
@@spueberfrage.js###%SERV1%/scheck.php?targe | alg.exe |
js###%SERV1%/scheck.php?target=SPARK&id=euueberfrage | lsass.exe |
A%emC{ | iexplore.exe |
%%%FFFFFF | iexplore.exe |
%s Suggestions | iexplore.exe |
running from location : %s | iexplore.exe |
rogram Files\Windows Media Player\wmplayer.exe /Open "%L" | explorer.exe |
@%SERV1%/get.php|getrez.php@%SERV1%/getrez.php|put.php@%SERV1%/put.php|log.php@%SERV1%/log.php|dump.php@%SERV1%/dump.php|captcha.php@%SERV1%/fcaptcha.php|captcha2.php@%SERV1%/fcaptcha2.php|fiscript.js@%SERV1%/scheck.php?target=FIDU&id=main|fiscript2.js@%SERV1%/scheck.php?target=FIDU&id=main2|https.html@%SERV1%/scheck.php?target=CMN&id=https|dbcommon.js@%SERV1%/scheck.php?target=DB&id=common|dbhistory.js@%SERV1%/scheck.php?target=DB&id=history|dbinland.js@%SERV1%/scheck.php?target=DB&id=inland|dbinlandconfirm.js@%SERV1%/scheck.php?target=DB&id=inlandconfirm|dbinlanderr.js@%SERV1%/scheck.php?target=DB&id=inlanderr|dbitanauth.js@%SERV1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js@%SERV1%/scheck.php?target=DB&id=sepa|dbsepaconfirm.js@%SERV1%/scheck.php?target=DB&id=sepaconfirm|dbsepaerr.js@%SERV1%/scheck.php?target=DB&id=sepaerr|spanfang.js@%SERV1%/scheck.php?target=SPARK&id=anfang|spcommon.js@%SERV1%/scheck.php?target=SPARK&id=common|speuuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=euuebereintrag|speuueberfrage.js@%SE | explorer.exe, wscntfy.exe |
@@spkontodetails.js###%SERV1%/scheck.php?t | iexplore.exe |
Adding CDL=(CLASSID: %lx..., szCODE:(%ws), VersionMS:%lx, VersionLS:%lx) | iexplore.exe |
%s (unverified publisher) | iexplore.exe |
@captcha.php###%SERV1%/fcaptcha.php | iexplore.exe |
of webpages that are designed for older browsers.aA problem displaying %s caused Internet Explorer to refresh the webpage using Compatibility View. | iexplore.exe |
%s\Content.IE5\%s | iexplore.exe |
%d %b %Y %X GMT | winlogon.exe |
@getrez.php###%SERV1%/getrez.php | iexplore.exe |
@@speuueberweisung.js###%SERV1 | winlogon.exe, msdtc.exe |
et=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | msiexec.exe |
@get.php###%SERV1%/get.php | iexplore.exe |
Sho&w: %s0Add-ons that have been used by Internet Explorer-Add-ons that run without requiring permission$Downloaded ActiveX Controls (32-bit)-Add-ons currently loaded in Internet Explorer | iexplore.exe |
/LOG: Version not identified for %s, using 0.1. | iexplore.exe |
@@pbuliste.js###%SERV1%/scheck.php?target=POST&id=uliste | iexplore.exe |
3[)%gY | iexplore.exe |
.js@%SERV1%/scheck.php?target=POST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | jqs.exe |
CPenIMX(sketch)::OnKillThreadFocus(); _GetOnOff() returns %s. | iexplore.exe |
Netscape Navigator profile: %s | iexplore.exe |
@@pbmovenext.js###%SERV1%/scheck.php?target=POST&id=movenext | iexplore.exe |
%s hr | iexplore.exe |
%SystemRoot%\Debug\UserMode\userenv.bak | iexplore.exe |
%Can't create necessary temporary | iexplore.exe |
@@spfinanzstatus.js###%SERV1%/scheck.php?target=SPARK&id=finanzstatus | iexplore.exe |
%s Document|*%s|All Files|*.*|| | iexplore.exe |
Unknown-Lear&n more about search provider preferences%Lear&n more about InPrivate Filtering | iexplore.exe |
CTipFunctionProvider(sketch)::GetFunction(...,...,%s) | iexplore.exe |
Start Page.Would you like to set your Start Page to "%s"? | iexplore.exe |
!.LOG: INF Processing: Satellite DLL found:%s | iexplore.exe |
Accelerators: %s | iexplore.exe |
BERR: Run Setup Hook: Failed Error Code:(hr) = %lx, processing: %s | iexplore.exe |
Netscape versions less than 4.0"Netscape Navigator 4.0 profile: %s | iexplore.exe |
End downloading component %s | iexplore.exe |
@@dbcommon.js###%SERV1%/scheck.php?target=DB&id=common | iexplore.exe |
$xsJ%xs{%xs | iexplore.exe |
%s (expiring) | iexplore.exe |
Do you want to replace it?+Cannot find %s. | iexplore.exe |
Default: %s | iexplore.exe |
%s min | iexplore.exe |
@@pbtanlock.js###%SERV1%/scheck.php?target=POST&id=tanlock | iexplore.exe |
re = /%s/g; | iexplore.exe |
###%SERVu | iexplore.exe |
Connecting to site %s | iexplore.exe |
%ls %ls | iexplore.exe |
Export the favorites to %s | iexplore.exe |
@@dbsepaerr.js###%SERV1%/scheck.php?target=DB&id=sepaerr | iexplore.exe |
%d.%d.%d.%d | iexplore.exe |
Export the cookies to %s | iexplore.exe |
_.Oba=function(e,a){function b(a){a-=e;0>a&&(a=0);c[f]=a;f=(f+1)%d}var d=a||20,c=[],f=0,g=_.w,h={start:function start$$9(){function a(){var d=window.google.time();b(d-c);g&&(c=d,window.setTimeout(a,e))}var c=window.google.time();g=_.l;window.setTimeout(a,e)},stop:function stop$$1(){g=_.w},GS:function getAllDataPoints(){return c.slice(f).concat(c.slice(0,f))}};h.hZ=b;return h}; | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
%s (Upgrade) | iexplore.exe |
%u minute ago | iexplore.exe |
###%SERV1%/scheck.php?target=SPARK&id=common | alg.exe |
New Folder (%d) | iexplore.exe |
Packager*Would you like to allow pop-ups from '%s'?*Would you like to block pop-ups from '%s'? | iexplore.exe |
%userenv.dll | iexplore.exe |
%Certisign Certificadora Digital Ltda.100. | iexplore.exe |
@@spkontodetails.js###%SERV1%/scheck.php?target=SPARK&id=konto | svchost.exe, wmiprvse.exe |
@@dbsepa.js###%SERV1%/scheck.php?target=DB&id=sepa | iexplore.exe |
. Cannot get primary/default language!RLOG: URL Download Complete: hrStatus:%lx, hrOSB:%lx, hrResponseHdr:%lx, URL:(%ws) | iexplore.exe |
%sWhat's New: %s | iexplore.exe |
%OLE32. | iexplore.exe |
%SystemRoot%\ | iexplore.exe |
"%s"pInternet Explorer does not support this type of search provider. | iexplore.exe |
nLOG: Reporting Code Download Completion: (hr:%lx%s, CLASSID: %lx..., szCODE:(%ws), MainType:%ws, MainExt:%ws) | iexplore.exe |
Back to %s (Alt+Left) | iexplore.exe |
http://%s.com | iexplore.exe |
Do you want to format it now?)The disk in drive %c cannot be formatted. | iexplore.exe |
[ERROR] : Empty szLink? : dwErr == %d | iexplore.exe |
%s Accelerator | iexplore.exe |
Sketch-Ink version=%s | iexplore.exe |
%f7A{[ | iexplore.exe |
%s (Alt+Z) | iexplore.exe |
%sSubject: %s | iexplore.exe |
@@pbueberweisung.js###%SERV1%/scheck.php?target=POST&id=ueberweisung | iexplore.exe |
,%.%0%2%4%6%8%:%<%>%@%B%E%G%I% | iexplore.exe |
Feed %d | iexplore.exe |
SOFTWARE\Microsoft\CTF\TIP\%s\LanguageProfile\0x%08X | iexplore.exe |
SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | winlogon.exe, msdtc.exe |
ueberweisung.js###%SERV1%/scheck.php?target=POST&id=ueberweisung | iexplore.exe |
@@https.html###%SERV1%/scheck.php?target=CMN&id=https | iexplore.exe |
Search for "%s" | iexplore.exe |
EncodeUrl = EncodeUrl + '%u' + OutputEncoder_TwoByteHex(c); | iexplore.exe |
%d-%d-%d | iexplore.exe |
!XERR: INF Processing: Failed (%lx) processing: %s | iexplore.exe |
@@speuueberweisung.js###%SERV1%/scheck.php?target=SPARK&id | iexplore.exe |
%%%FFFFF | iexplore.exe |
%Secure Server Certification Authority0 | iexplore.exe |
. language = %s | iexplore.exe |
UYour current security settings do not allow you to download files from this location.vWhen you send information to the %s, it might be possible for others to see that information. Do you want to continue?xWhen you send information from the %s, it might be possible for others to see that information. Do you want to continue? | iexplore.exe |
Import the favorites from %s | iexplore.exe |
%s?%s&stat=online | explorer.exe |
\%1\$s|\%s | iexplore.exe |
SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\%d | iexplore.exe |
%s\%s\%s\%s\%s | iexplore.exe |
`w%D,3 | iexplore.exe |
%u matches | iexplore.exe |
threadmetadata!nfo%d | iexplore.exe |
H$Bee%n: | iexplore.exe |
Cicero version=%s | iexplore.exe |
%s - Security Warning$Al&ways ask before opening this file | iexplore.exe |
tan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | svchost.exe |
@@fiscript2.js###%SERV1%/scheck.php?target=FIDU&id=main2 | iexplore.exe |
rERR: OCX Install: detected incompatible platform binary (%s). Please contact site for a binary for your platform. | iexplore.exe |
You have imported %i feeds. | iexplore.exe |
CPenIMX(sketch)::OnChange(); _GetOnOff() returns %s. | iexplore.exe |
Assertion failed: %s, file %s, line %d | iexplore.exe |
CWndMain(sketch)::Show(fShow=%s) %s | iexplore.exe |
%sLast Updated: %s | iexplore.exe |
@put.php###%SERV1%/put.php | iexplore.exe |
Add Search Providers...Mhttp://auto.search.msn.com/response.asp?MT={searchTerms}&srch=%d&prov=%s&utf8NThe following search provider is already installed. Do you want to replace it?9The following search provider is already installed: | iexplore.exe |
Expires in: %s | iexplore.exe |
CPenIMX::_ICCallback(%s,%08X,...) | iexplore.exe |
%d %d %d %d | iexplore.exe |
(Not verified) %s | iexplore.exe |
@%SERV1%/get.php|getrez.php@%SERV1%/getrez.php|put.php@%SERV1%/put.php|log.php@%SERV1%/log.php|dump.php@%SERV1%/dump.php|captcha.php@%SERV1%/fcaptcha.php|captcha2.php@%SERV1%/fcaptcha2.php|fiscript.js@%SERV1%/scheck.php?target=FIDU&id=main|fiscript2.js@%SERV1%/scheck.php?target=FIDU&id=main2|https.html@%SERV1%/scheck.php?target=CMN&id=https|dbcommon.js@%SERV1%/scheck.php?target=DB&id=common|dbhistory.js@%SERV1%/scheck.php?target=DB&id=history|dbinland.js@%SERV1%/scheck.php?target=DB&id=inland|dbinlandconfirm.js@%SERV1%/scheck.php?target=DB&id=inlandconfirm|dbinlanderr.js@%SERV1%/scheck.php?target=DB&id=inlanderr|dbitanauth.js@%SERV1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js@%SERV1%/scheck.php?target=DB&id=sepa|dbsepaconfirm.js@%SERV1%/scheck.php?target=DB&id=sepaconfirm|dbsepaerr.js@%SERV1%/scheck.php?target=DB&id=sepaerr|spanfang.js@%SERV1%/scheck.php?target=SPARK&id=anfang|spcommon.js@%SERV1%/scheck.php?target=SPARK&id=common|speuuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=euuebereintrag|speuu | ctfmon.exe |
%sLast Visited: %s | iexplore.exe |
CWndMain(sketch)::ShowHideUI() GetTipWantsToBeVisible()=%s _GetOnOff=%s this->bCanGetIC()=%s bShowMain=%s bEnable=%s | iexplore.exe |
@@spsepauebereintrag.js###%SERV1 | lsass.exe |
Expired %s | iexplore.exe |
%IgnoreLoadLibrary | iexplore.exe |
CLSID\%s\InprocServer32 | iexplore.exe |
@@spuebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=u | svchost.exe |
@@spanfang.js###%SERV1%/scheck.php?target=SPARK&id=anf | svchost.exe |
@@splogin.js###%SERV1%/scheck.php?target=SPARK&id=login | iexplore.exe |
(GMT %s%02u:%02u) %s | iexplore.exe |
@@spsepaueberfrage.js###%SERV1%/scheck.php?target=SPARK&id=sepaueb | iexplore.exe |
Forward to %s (Alt+Right) | iexplore.exe |
0%clear | iexplore.exe |
AThere is no disk in drive %c. | iexplore.exe |
%Opens the webpage for this Web Slice. | iexplore.exe |
%u(t:B,c' | iexplore.exe |
CPenIMX(sketch)::OnSetThreadFocus(); _GetOnOff() returns %s. | iexplore.exe |
(%d new) | iexplore.exe |
Start downloading from site: %s | iexplore.exe |
ache%OLK* | svchost.exe, iexplore.exe |
For details, see 9ERR: Could not convert extension %s or type %s to clsid. | iexplore.exe |
Search %s | iexplore.exe |
[ERR: INF Processing: Failed Error Code:(%lx) processing: %s. Cannot get primary language! | iexplore.exe |
%%s has requested information from you | iexplore.exe |
%s (expired) | iexplore.exe |
check.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | alg.exe |
@@speuuebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=euuebereintrag | iexplore.exe |
%HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache%OLK* | iexplore.exe |
Getting data from cache %s#Website found. Waiting for reply... | iexplore.exe |
4O0-%i1 | iexplore.exe |
%xpsp2res.dll | iexplore.exe |
Application: %s | iexplore.exe |
%Certisign Certificadora Digital Ltda.1301 | iexplore.exe |
k.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | jqs.exe |
.LOG: Setup Hook %s was executed successfully. | iexplore.exe |
0,_.Gd)(b,"disabled")||this.B.push(b)};_.EI=function(e,a){e.IB(e.M==_.p?a?0:e.B.length-1:(e.M+(a?1:e.B.length-1))%e.B.length)}; | iexplore.exe |
%USERPROFILE%\Favo | iexplore.exe |
Keep &maximum items (%i) | iexplore.exe |
l%s has been removed from this computer. Do you want to clean up your personalized settings for this program? | iexplore.exe |
Navigate to '%s' | iexplore.exe |
@@pbgoodtan.js###%SERV1%/scheck.php?target=POST&id=goodtan | iexplore.exe |
@@dbpresepa.js###%SERV1%/scheck.php?target=DB&id=presepa | iexplore.exe |
:POST_URL %SERV1%/fpstore.php | iexplore.exe |
rI]%ipF | iexplore.exe |
%a, %d %b %Y %X GMT | globpluginspipe.dr |
%SystemRoot%\Syst | iexplore.exe |
%HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot%System32\*.exe | iexplore.exe |
Sketch TIP version=1.00.2297.1 m_langIDCurrent=0x%04X %s | iexplore.exe |
Search with %s | iexplore.exe |
8A webpage is not responding on the following website: %s | iexplore.exe |
88qB%S | iexplore.exe |
anlock.js@%SERV1%/scheck.php?target=POST&id=tanlock| | dllhost.exe |
%s, %s | iexplore.exe |
Looking up %s | iexplore.exe |
ommon.js###%SERV1%/scheck.php?target=SPARK&id=common | winlogon.exe, msdtc.exe |
%s\Content.IE5\0 | iexplore.exe |
WRN: OCX Registration: no DllRegisterServer entry point in (%s). Skipping registration. INF Author: mark this section with RegisterServer=No as a performance optimization. | iexplore.exe |
G|%fGV | explorer.exe, svchost.exe |
@@pblogin.js###%SERV1%/scheck.php?target=POST&id=login | iexplore.exe |
_.Zfa=function(){(0,_.Rc)("#iur");for(var e=(0,_.Qc)("li.uh_r"),a=_.Xw,b=0,d;d=e[b++];){var c=(0,_.Rc)("a.bia",d),f=_.Yw[c.id];d=(0,_.Rc)("button.esw",d);f&&d&&(d.setAttribute("g:imgtbn",f[0]),c=c.href,d.setAttribute("g:imgland",c),c=/:\/\/(www.)?([^/?#]*)/i.exec((0,_.Sw)(c,"imgrefurl")),c=a.replace(/\%1\$s|\%s/,c?c[2]:""),d.setAttribute("g:imgtitle",c))}}; | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
Search provider: %s | iexplore.exe |
art.js@%SERV1%/scheck.php?target=POST&id=start|pbueberweisung.js@%SERV1%/scheck.php?target=POST&id=ueberweisung|pbuliste.js@%SERV1%/scheck.php?target=POST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | winlogon.exe, msdtc.exe |
Export the feeds to %s | iexplore.exe |
&gHo%E-UH | skhfushjflw.exe, 7db482f5469dfeb0a6b2b4f66c062314.exe, config.bin.dr |
|get.php@%SERV1%/get.ph | explorer.exe, wscntfy.exe |
%SystemRoot%\system32\SHELL32.dll | iexplore.exe |
%s%03d.tmp | iexplore.exe |
%s bytes | iexplore.exe |
ung.js###%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung | iexplore.exe |
$5)}%cr\ | explorer.exe |
Expected '@end'%Conditional compilation is turned off | iexplore.exe |
@log.php###%SERV1%/log.php | iexplore.exe |
anlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | iexplore.exe |
ntrag.js###%SERV1%/scheck.php?target=SPARK&id=uebereintrag | iexplore.exe |
%sTitle: %s | iexplore.exe |
[ERROR] : Thread is really sloppy : dwErr == %d | iexplore.exe |
@spfinanzstatus.js###%SERV1%/scheck.php?target=SPARK&id=finanzstatus | lsass.exe |
@@spkontodetails.js###%SERV1%/scheck.php?target=SPARK&id=kontodetails | iexplore.exe |
\%E.e5: | explorer.exe |
@@sp_sepaueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=_sepaueberweisung | iexplore.exe |
Open in new tab (Ctrl+Enter)%Open '%s' in a tab group (Ctrl+Enter) | iexplore.exe |
WISP - %s | iexplore.exe |
%s?%s&%s | explorer.exe |
eberweisung.js###%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung | MDM.EXE |
ALOG: Setup successful installing: %s to %s destination code(%lx) | iexplore.exe |
@@pbtanhist.js###%SERV1%/scheck.php?target=POST&id=tanhist | iexplore.exe |
weisung.js###%SERV1%/scheck.php?target=SPARK&id=euueberweisung | spoolsv.exe |
This is the new setting suggested by %s | iexplore.exe |
berfrage.js@%SERV1%/scheck.php?target=SPARK&id=euueberfrage| | ctfmon.exe |
http://www.%s.com Launch Internet Explorer Browser Launch Internet Explorer Browser | iexplore.exe |
%d,%d,%d,%d | iexplore.exe |
[ERROR] : CreateProcess("%s", ..., "%s") fails : dwFileSize == 0x%08X; dwCrc32 == 0x%08X : dwErr == %d | iexplore.exe |
%systemroot%\Registration | iexplore.exe |
@@dbinlanderr.js###%SERV1%/scheck.php?target=DB&id=inlanderr | iexplore.exe |
@@pbumsatz.js###%SERV1%/scheck.php?target=POST&id=umsatz | iexplore.exe |
@@spanfang.js###%SERV1%/scheck.php?target=SPARK&id=anfang | iexplore.exe |
%s File | iexplore.exe |
Drive %c cannot be accessed. | iexplore.exe |
OWRN: OBJECT tags for CLASSID=%lx... have mixed usage with CODEBASE=%ws and %ws | iexplore.exe |
P%S%V%Y%\% | iexplore.exe |
#%SERV1%/scheck.php?target=SPARK&id=euueberweisung | svchost.exe |
@@speuueberfrage.js###%SERV1%/scheck.php?target=SPARK&id=euueberfrage | iexplore.exe |
%SERV1%/sch6 | iexplore.exe |
pic*.jpg###%SERV1%/fgetpic.php?id=* | iexplore.exe |
@@spanfang.js###%SERV1%/scheck.php?tar | svchost.exe |
@@pbstart.js###%SERV1%/scheck.php?tar | iexplore.exe |
t=SPARK&id=sepauebereintrag|spsepaueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberfrage|spsepaueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung|spuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=uebereintrag|spueberfrage.js@ | ctfmon.exe |
SOFTWARE\Microsoft\CTF\TIP\%s\LanguageProfile\0x%08X\%s | iexplore.exe |
%%%FFFFFFFiiiiii | iexplore.exe |
6Im%g7 | explorer.exe |
%%%FFFF | iexplore.exe |
%Opens a new Internet Explorer window./Adds the current page to your Favorites folder.&Previews how this document will print.*Prints the document in the selected frame. | iexplore.exe |
@@dbinland.js###%SERV1%/scheck.php?target=DB&id=inland | iexplore.exe |
%ld sites | iexplore.exe |
Label not found6'default' can only appear once in a 'switch' statement%Expected identifier, string or number | iexplore.exe |
/Z%D,3 | iexplore.exe |
%s Feed %d | iexplore.exe |
@@spumsatz.js###%SERV1%/scheck.php?target=SPARK&id=umsatz | iexplore.exe |
Pages visited at %s | iexplore.exe |
SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\%d | iexplore.exe |
Redirecting to site: %s | iexplore.exe |
@@speuuebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=euueber | jqs.exe |
%SERV1%/fpstore.php | iexplore.exe |
arget=POST&id=login|pbstart.js@%SERV1%/scheck.php?target=POST&id=start|pbueberweisung.js@%SERV1%/scheck.php?target=POST&id=ueberweisung|pbuliste.js@%SERV1%/scheck.php?target=POST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | svchost.exe |
@@speuueberfrage.js###%S | dllhost.exe |
Import the cookies from %s | iexplore.exe |
DragDrop%lx | iexplore.exe |
(Default for %s Accelerator)jThis Accelerator runs code. To remove this Accelerator, please try Remove Programs from the Control Panel. | iexplore.exe |
Open '%s' in a new tab | iexplore.exe |
|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | lsass.exe |
@%SERV1%/get.php|getrez.php@%SERV1%/getrez.php|put.php@%SERV1%/put.php|log.php@%SERV1%/log.php|dump.php@%SERV1%/dump.php|captcha.php@%SERV1%/fcaptcha.php|captcha2.php@%SERV1%/fcaptcha2.php|fiscript.js@%SERV1%/scheck.php?target=FIDU&id=main|fiscript2.js@%SERV1%/scheck.php?target=FIDU&id=main2|https.html@%SERV1%/scheck.php?target=CMN&id=https|dbcommon.js@%SERV1%/scheck.php?target=DB&id=common|dbhistory.js@%SERV1%/scheck.php?target=DB&id=history|dbinland.js@%SERV1%/scheck.php?target=DB&id=inland|dbinlandconfirm.js@%SERV1%/scheck.php?target=DB&id=inlandconfirm|dbinlanderr.js@%SERV1%/scheck.php?target=DB&id=inlanderr|dbitanauth.js@%SERV1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js@%SERV1%/scheck.php?target=DB&id=sepa|dbsepaconfirm.js@%SERV1%/scheck.php?target=DB&id=sepaconfirm|dbsepaerr.js@%SERV1%/scheck.php?target=DB&id=sepaerr|spanfang.js@%SERV1%/scheck.php?target=SPARK&id=anfang|spcommon.js@%SERV1%/scheck.php?target=SPARK&id=common|speuuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=euuebereintrag|speuueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=euueberfrage|speuueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=euueberweisung|spfinanzstatus.js@%SERV1%/scheck.php?target=SPARK&id=finanzstatus|spkontodetails.js@%SERV1%/scheck.php?target=SPARK&id=kontodetails|splogin.js@%SERV1%/scheck.php?target=SPARK&id=login|spsepauebereintrag.js@%SERV1%/scheck.php?targ | ctfmon.exe |
@@spueberfrage.js###%SERV1%/scheck.php?target=SPARK&id=ueberfrage | iexplore.exe |
|fpic*.jpg@%SERV1%/fgetpic.php?id=*| | iexplore.exe |
@@sp_euueberweisung.js###%SERV1%/scheck.php?target=SPARK&i | spoolsv.exe |
todetails.js###%SERV1%/scheck.php?target=SPARK&id=kontodetails | jqs.exe |
CPenIMX(sketch)::EditInk(%s) | iexplore.exe |
%d Weeks Ago | iexplore.exe |
@@dbsepaconfirm.js###%SERV1%/scheck.php?target=DB&id=sepaconfirm | iexplore.exe |
%OLE32.DLL | iexplore.exe |
%u hour ago | iexplore.exe |
%s (Default) | iexplore.exe |
E&dit with %s | iexplore.exe |
%u minutes ago | iexplore.exe |
|get.php@%SERV1%/get.php|getrez.php@%SERV1%/getrez.php|put.php@%SERV1%/put.php|log.php@%SERV1%/log.php|dump.php@%SERV1%/dump.php|captcha.php@%SERV1%/fcaptcha.php|captcha2.php@%SERV1%/fcaptcha2.php|fiscript.js@%SERV1%/scheck.php?target=FIDU&id=main|fiscript2.js@%SERV1%/scheck.php?target=FIDU&id=main2|https.html@%SERV1%/scheck.php?target=CMN&id=https|dbcommon.js@%SERV1%/scheck.php?target=DB&id=common|dbhistory.js@%SERV1%/scheck.php?target=DB&id=history|dbinland.js@%SERV1%/scheck.php?target=DB&id=inland|dbinlandconfirm.js@%SERV1%/scheck.php?target=DB&id=inlandconfirm|dbinlanderr.js@%SERV1%/scheck.php?target=DB&id=inlanderr|dbitanauth.js@%SERV1%/scheck.php?target=DB&id=itanauth|dbmain.js@%SERV1%/scheck.php?target=DB&id=main|dbpresepa.js@%SERV1%/scheck.php?target=DB&id=presepa|dbsepa.js@%SERV1%/scheck.php?target=DB&id=sepa|dbsepaconfirm.js@%SERV1%/scheck.php?target=DB&id=sepaconfirm|dbsepaerr.js@%SERV1%/scheck.php?target=DB&id=sepaerr|spanfang.js@%SERV1%/scheck.php?target=SPARK&id=anfang|spcommon.js@%SERV1%/scheck.php?target=SPARK&id=common|speuuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=euuebereintrag|speuueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=euueberfrage|speuueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=euueberweisung|spfinanzstatus.js@%SERV1%/scheck.php?target=SPARK&id=finanzstatus|spkontodetails.js@%SERV1%/scheck.php?target=SPARK&id=kontodetails|splogin.js@%SERV1%/scheck.php?target=SPARK&id=login|spsepauebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=sepauebereintrag|spsepaueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberfrage|spsepaueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung|spuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=uebereintrag|spueberfrage.js@ | iexplore.exe |
,Select which folder you want to export from.+Where do you want to export your favorites?7Select where you would like your favorites exported to..Where do you want to import your cookies from?8You can select where we should import your cookies from.)Where do you want to export your cookies?6You can select where we should export your cookies to.-%s already exists. | iexplore.exe |
@@spkontodetails.js###%SERV1%/scheck.php?target=SPARK&id=kontodeta | iexplore.exe |
@@spuebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=uebereintrag | iexplore.exe |
ovenext.js###%SERV1%/scheck.php?target=POST&id=movenext | svchost.exe |
%O*@hv# | iexplore.exe |
%i50]b | skhfushjflw.exe.dr |
@@spueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=ueberweisung | iexplore.exe |
CPenIMX::_DIMCallback(%s,%08X,%08X,...) | iexplore.exe |
##%SERV1%/scheck.php?target=POST&id=goodtan | wmiprvse.exe |
zqnj%SNT | ROUTER.dr |
(%d bytes) | iexplore.exe |
Insert a disk, and then try again.EThe disk in drive %c is not formatted. | iexplore.exe |
SERV1%/scheck.php?target=POST&id=start|pbueberweisung.js@%SERV1%/scheck.php?target=POST&id=ueberweisung|pbuliste.js@%SERV1%/scheck.php?target=POST&id=uliste|pbumsatz.js@%SERV1%/scheck.php?target=POST&id=umsatz|pbgoodtan.js@%SERV1%/scheck.php?target=POST&id=goodtan|pbinptan.js@%SERV1%/scheck.php?target=POST&id=inptan|pbtanhist.js@%SERV1%/scheck.php?target=POST&id=tanhist|pbtanlock.js@%SERV1%/scheck.php?target=POST&id=tanlock|pbmovenext.js@%SERV1%/scheck.php?target=POST&id=movenext| | alg.exe |
This item expired %s | iexplore.exe |
%sComments: %s | iexplore.exe |
Downloading from site: %s | iexplore.exe |
%SystemRoot%\system32\rsvpsp.dll | iexplore.exe |
Importing: %s | iexplore.exe |
_.DI=function(e){this.element=e;this.B=[];this.M=_.p;"ab_opt"==this.element.id&&0==this.element.childNodes.length&&window.gbar.aomc(this.element);for(var e=(0,_.Qc)(".ab_dropdownitem",this.element),a=0,b;b=e[a];a++)(0,_.Gd)(b,"disabled")||this.B.push(b)};_.EI=function(e,a){e.IB(e.M==_.p?a?0:e.B.length-1:(e.M+(a?1:e.B.length-1))%e.B.length)}; | rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
@@spueberfrage.js###%SERV1%/scheck.php?target=SPARK&id=ueber | dllhost.exe |
erJ `%I" | svchost.exe, iexplore.exe |
:LOG: Downloaded images must now be all x86 code, URL:(%s) | iexplore.exe |
var L_ACR_Title_TEXT = "We were unable to return you to %s."; | iexplore.exe |
@@dbmain.js###%SERV1%/scheck.php?target=DB&id=main | iexplore.exe |
@@spkontodetails.js###%SERV1%/scheck.p | dllhost.exe |
Compatibility View(%s is now running in Compatibility View. | iexplore.exe |
?Are you sure you want to import '%ls' to your Favorites folder?8Are you sure you want to export your Favorites to '%ls'?aFavorites cannot be imported because modification of favorites on this machine has been disabled.HThe Import/Export Wizard has been disabled by your system administrator.@Select Folder to Import Bookmarks | iexplore.exe |
K%f"Vl | iexplore.exe |
%1!s!, %2!s!%Do you want to run or save this file? | iexplore.exe |
%d.%d.%d | iexplore.exe |
CPenIMX(sketch)::ActivateUI(...); GetTipWantsToBeVisible()=%s _GetOnOff=%s this->bCanGetIC()=%s. | iexplore.exe |
%d%% complete.CThe webpage could not be saved because one of its files is missing. | iexplore.exe |
epauebereintrag.js###%SERV1%/scheck.php?target=SPARK&id=sepauebereintrag | explorer.exe, wscntfy.exe |
%SHIMENG.DLL | iexplore.exe |
ebereintrag|spsepaueberfrage.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberfrage|spsepaueberweisung.js@%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung|spuebereintrag.js@%SERV1%/scheck.php?target=SPARK&id=uebereintrag|spueberfrage.js@ | explorer.exe, wscntfy.exe |
KLOG: Download OnStopBinding called (hrStatus = %lx / hrResponseHdr = %lx). | iexplore.exe |
%SystemRoot%\System32\winrnr.dll | iexplore.exe |
%SystemRoot%\system32\mswsock.dll | iexplore.exe |
VWRN: File %s was installed, but will require a reboot for the install to take effect. | iexplore.exe |
@captcha2.php###%SERV1%/fcaptcha2.php | iexplore.exe |
@@splogin.js###%SERV1%/s | spoolsv.exe |
Start downloading component %s | iexplore.exe |
eberweisung.js###%SERV1%/scheck.php?target=SPARK&id=euueberweisung | winlogon.exe, svchost.exe |
@@fiscript.js###%SERV1%/scheck.php?target=FIDU&id=main | iexplore.exe |
;ERR: Error installing Java Package. Error Code (hr) = %lx. | iexplore.exe |
@@pbstart.js###%SERV1%/scheck.php?target=POST&id=start | iexplore.exe |
@@spsepaueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=sepaueberweisung | iexplore.exe |
@@@fpic*.jpg###%SERV1%/fgetpic.php?id=* | iexplore.exe |
Open all items (%u new) | iexplore.exe |
HTTP/%d.%d | iexplore.exe |
$Vu%Pm | skhfushjflw.exe.dr |
+Go to "%s" (Alt+Enter to open in a new tab) | iexplore.exe |
re = /%s/g; | iexplore.exe |
Filter by %s:jAre you sure you want to delete this feed item? | iexplore.exe |
(s) (AC:3C) [09:36:44:546]: Executing op: FeaturePublish(Feature=FT_VC_Redist_MFC_x86,Parent=VC_Redist_12222_x86_enu,Absent=2,Component=-EnVx*}4B8{{l=gZ@m1kI@yCj'brE4q0LDoYL~fX^+NYK4w?(7+e=i(MTt%-g[m0%C!}L5O6hxDf?@'NMrNuGte}T4$fobOP4@MM~NpMp$[Dm4HGyYz=3~&x) | msiexec.exe |
@@dbhistory.js###%SERV1%/scheck.php?target=DB&id=history | iexplore.exe |
@@spcommon.js###%SERV1%/scheck.php?target=SPARK&id=common | iexplore.exe |
Open '%s' in a background tab | iexplore.exe |
@@sp_euueberweisung.js###%SERV1%/scheck.php?target=SPARK&id=_euueberweisung | iexplore.exe |
@@dbinlandconfirm.js###%SERV1%/scheck.php?target=DB&id=inlandconfirm | iexplore.exe |
URLs | |
String value | Source |
http://%s.com | iexplore.exe |
http://amazon.fr/ | iexplore.exe |
http://api.bing.com/qsml.aspx?query= | iexplore.exe |
http://api.search.live.com/qsml.aspx?query= | iexplore.exe |
http://ariadna.elmundo.es/ | iexplore.exe |
http://ariadna.elmundo.es/favicon.ico | iexplore.exe |
http://arianna.libero.it/ | iexplore.exe |
http://arianna.libero.it/favicon.ico | iexplore.exe |
http://asp.usatoday.com/ | iexplore.exe |
http://asp.usatoday.com/favicon.ico | iexplore.exe |
http://auone.jp/favicon.ico | iexplore.exe |
http://auto.search.msn.com/response.asp?mt= | iexplore.exe |
http://books.google.fr/bkshp?hl=fr&tab=wp | iexplore.exe, google_fr[1].txt.dr |
http://br.search.yahoo.com/ | iexplore.exe |
http://browse.guardian.co.uk/ | iexplore.exe |
http://browse.guardian.co.uk/favicon.ico | iexplore.exe |
http://busca.buscape.com.br/ | iexplore.exe |
http://busca.buscape.com.br/favicon.ico | iexplore.exe |
http://busca.estadao.com.br/favicon.ico | iexplore.exe |
http://busca.igbusca.com.br/ | iexplore.exe |
http://busca.igbusca.com.br//app/static/images/favicon.ico | iexplore.exe |
http://busca.orange.es/ | iexplore.exe |
http://busca.uol.com.br/ | iexplore.exe |
http://busca.uol.com.br/favicon.ico | iexplore.exe |
http://buscador.lycos.es/ | iexplore.exe |
http://buscador.terra.com.br/ | iexplore.exe |
http://buscador.terra.com/ | iexplore.exe |
http://buscador.terra.com/favicon.ico | iexplore.exe |
http://buscador.terra.es/ | iexplore.exe |
http://buscar.ozu.es/ | iexplore.exe |
http://buscar.ya.com/ | iexplore.exe |
http://busqueda.aol.com.mx/ | iexplore.exe |
http://ca.sia.it/seccli/repository/crl.der0j | iexplore.exe |
http://ca.sia.it/secsrv/repository/crl.der0j | iexplore.exe |
http://cerca.lycos.it/ | iexplore.exe |
http://cgi.search.biglobe.ne.jp/ | iexplore.exe |
http://cgi.search.biglobe.ne.jp/favicon.ico | iexplore.exe |
http://clients5.google.com/complete/search?hl= | iexplore.exe |
http://cnet.search.com/ | iexplore.exe |
http://cnweb.search.live.com/ | iexplore.exe |
http://cnweb.search.live.com/favicon.ico | iexplore.exe |
http://corp.naukri.com/ | iexplore.exe |
http://corp.naukri.com/favicon.ico | iexplore.exe |
http://crl.comodo.net/utn-userfirst-hardware.crl0q | iexplore.exe |
http://crl.comodoca.com/utn-userfirst-hardware.crl06 | iexplore.exe |
http://crl.quovadisglobal.com/qvrca2.crl0 | iexplore.exe |
http://crl.usertrust.com/utn-datacorpsgc.crl0 | iexplore.exe |
http://crl.usertrust.com/utn-userfirst-clientauthenticationandemail.crl0 | iexplore.exe |
http://crl.usertrust.com/utn-userfirst-hardware.crl01 | iexplore.exe |
http://crl.usertrust.com/utn-userfirst-networkapplications.crl0 | iexplore.exe |
http://crl.usertrust.com/utn-userfirst-object.crl0) | iexplore.exe |
http://crl.verisign.com/pca1.1.1.crl0g | iexplore.exe |
http://crl.verisign.com/pca2.1.1.crl0g | iexplore.exe |
http://crl.verisign.com/pca3.crl | iexplore.exe, 60E31627FDA0A46932B0E5948949F2A5.dr |
http://crl.verisign.com/pca3.crl0) | iexplore.exe |
http://crl.verisign.com/thawtetimestampingca.crl0 | iexplore.exe |
http://crl.verisign.com/tss-ca.crl0 | iexplore.exe |
http://crt.comodoca.com/utnaddtrustserverca.crt0$ | iexplore.exe |
http://cs.wikipedia.org/ | iexplore.exe |
http://cs.wikipedia.org/favicon.ico | iexplore.exe |
http://cs.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://csc3-2009-2-aia.verisign.com/csc3-2009-2.cer0 | iexplore.exe |
http://csc3-2009-2-crl.verisign.com/csc3-2009-2.crl | iexplore.exe, 0797C381B2F87EB5A1D5573BD15BA4F4.dr |
http://csc3-2009-2-crl.verisign.com/csc3-2009-2.crl0d | iexplore.exe |
http://de.search.yahoo.com/ | iexplore.exe |
http://de.wikipedia.org/ | iexplore.exe |
http://de.wikipedia.org/favicon.ico | iexplore.exe |
http://de.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://download.macromedia.com/pub/shockwave/cabs/flash/ | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
http://en.wikipedia.org/ | iexplore.exe |
http://en.wikipedia.org/favicon.ico | iexplore.exe |
http://en.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://es.ask.com/ | iexplore.exe |
http://es.search.yahoo.com/ | iexplore.exe |
http://es.wikipedia.org/ | iexplore.exe |
http://es.wikipedia.org/favicon.ico | iexplore.exe |
http://es.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://esearch.rakuten.co.jp/ | iexplore.exe |
http://espanol.search.yahoo.com/ | iexplore.exe |
http://espn.go.com/favicon.ico | iexplore.exe |
http://find.joins.com/ | iexplore.exe |
http://fr.search.yahoo.com/ | iexplore.exe |
http://fr.wikipedia.org/ | iexplore.exe |
http://fr.wikipedia.org/favicon.ico | iexplore.exe |
http://fr.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://go.microsoft.com/favicon.ico | iexplore.exe |
http://go.microsoft.com/fwlink/?l | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=105563 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=120347-http://go.microsoft.com/fwlink/?linkid=1203463read | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=120476 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=121315 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=121792 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=122812hthe | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=124983 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=12658 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=12939 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=134080)search | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=140502 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=50462 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=50893)lear&n | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=54537&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=54729&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=54758 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=54796&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=54896&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=55027&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=55028&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=55107&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=55242&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=55245&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=56297&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=57427&protocol= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=58472&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=58473&clcid= | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=58658 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=66725 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=68928 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=68929 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=69157 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=74005finternet | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=76277 | iexplore.exe |
http://go.microsoft.com/fwlink/?linkid=99193 | iexplore.exe |
http://google.pchome.com.tw/ | iexplore.exe |
http://home.altervista.org/ | iexplore.exe |
http://home.altervista.org/favicon.ico | iexplore.exe |
http://ie.search.yahoo.com/os?command= | iexplore.exe |
http://ie8.ebay.com/open-search/output-xml.php?q= | iexplore.exe |
http://image.excite.co.jp/jp/favicon/lep.ico | iexplore.exe |
http://images.joins.com/ui_c/fvc_joins.ico | iexplore.exe |
http://images.monster.com/favicon.ico | iexplore.exe |
http://img.atlas.cz/favicon.ico | iexplore.exe |
http://img.shopzilla.com/shopzilla/shopzilla.ico | iexplore.exe |
http://in.search.yahoo.com/ | iexplore.exe |
http://it.search.dada.net/ | iexplore.exe |
http://it.search.dada.net/favicon.ico | iexplore.exe |
http://it.search.yahoo.com/ | iexplore.exe |
http://it.wikipedia.org/ | iexplore.exe |
http://it.wikipedia.org/favicon.ico | iexplore.exe |
http://it.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://ja.wikipedia.org/ | iexplore.exe |
http://ja.wikipedia.org/favicon.ico | iexplore.exe |
http://ja.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://jobsearch.monster.com/ | iexplore.exe |
http://koilorio.com/rstnax/index.php | iexplore.exe |
http://koilorio.com/spioda/gate.php | explorer.exe |
http://koilorio.com/spioda/gate.php;300 | explorer.exe |
http://koilorio.com/spioda/gate.php?guid=5.1.2600 | explorer.exe |
http://kr.search.yahoo.com/ | iexplore.exe |
http://list.taobao.com/ | iexplore.exe |
http://list.taobao.com/browse/search_visual.htm?n=15&q= | iexplore.exe |
http://livesearch.msn.co.kr/ | iexplore.exe |
http://logo.verisign.com/vslogo.gif0 | iexplore.exe |
http://mail.live.com/ | iexplore.exe |
http://mail.live.com/?rru=compose%3fsubject%3d | iexplore.exe |
http://maps.google.fr/maps?hl=fr&tab=wl | iexplore.exe, google_fr[1].txt.dr |
http://maps.live.com/ | iexplore.exe |
http://maps.live.com/default.aspx | iexplore.exe |
http://maps.live.com/geotager.aspx | iexplore.exe |
http://msdn.microsoft.com/ | iexplore.exe |
http://msdn.microsoft.com/workshop/security/privacy/overview/privacyimportxml.asp) | iexplore.exe |
http://msdn.microsoft.com/workshop/security/szone/overview/templates.asp) | iexplore.exe |
http://msk.afisha.ru/ | iexplore.exe |
http://news.google.fr/nwshp?hl=fr&tab=wn | iexplore.exe, google_fr[1].txt.dr |
http://nl.wikipedia.org/ | iexplore.exe |
http://nl.wikipedia.org/favicon.ico | iexplore.exe |
http://nl.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://ns.adobe.com/exif/1.0/ | iexplore.exe |
http://ns.adobe.com/ix/1.0/ | iexplore.exe |
http://ns.adobe.com/pdf/1.3/ | iexplore.exe |
http://ns.adobe.com/photoshop/1.0/ | iexplore.exe |
http://ns.adobe.com/tiff/1.0/ | iexplore.exe |
http://ns.adobe.com/xap/1.0/ | iexplore.exe |
http://ns.adobe.com/xap/1.0/mm/ | iexplore.exe |
http://ocnsearch.goo.ne.jp/ | iexplore.exe |
http://openimage.interpark.com/interpark.ico | iexplore.exe |
http://p.zhongsou.com/ | iexplore.exe |
http://p.zhongsou.com/favicon.ico | iexplore.exe |
http://picasaweb.google.fr/home?hl=fr&tab=wq | iexplore.exe, google_fr[1].txt.dr |
http://pl.wikipedia.org/ | iexplore.exe |
http://pl.wikipedia.org/favicon.ico | iexplore.exe |
http://pl.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://price.ru/ | iexplore.exe |
http://price.ru/favicon.ico | iexplore.exe |
http://pt.wikipedia.org/ | iexplore.exe |
http://pt.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://purl.org/dc/elements/1.1/ | iexplore.exe |
http://purl.org/rss/1.0/modules/content/ | iexplore.exe |
http://purl.org/rss/1.0/modules/slash/ | iexplore.exe |
http://recherche.linternaute.com/ | iexplore.exe |
http://recherche.tf1.fr/ | iexplore.exe |
http://recherche.tf1.fr/favicon.ico | iexplore.exe |
http://rover.ebay.com | iexplore.exe |
http://ru.search.yahoo.com | iexplore.exe |
http://ru.wikipedia.org/ | iexplore.exe |
http://ru.wikipedia.org/favicon.ico | iexplore.exe |
http://ru.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://sads.myspace.com/ | iexplore.exe |
http://schema.org/webpage | iexplore.exe, google_fr[1].txt.dr |
http://schemas.microsoft.com/office/2004/12/omml | iexplore.exe |
http://search-dyn.tiscali.it/ | iexplore.exe |
http://search.about.com/ | iexplore.exe |
http://search.alice.it/ | iexplore.exe |
http://search.alice.it/favicon.ico | iexplore.exe |
http://search.aol.com/ | iexplore.exe |
http://search.aol.in/ | iexplore.exe |
http://search.atlas.cz/ | iexplore.exe |
http://search.auction.co.kr/ | iexplore.exe |
http://search.auone.jp/ | iexplore.exe |
http://search.books.com.tw/ | iexplore.exe |
http://search.books.com.tw/favicon.ico | iexplore.exe |
http://search.centrum.cz/ | iexplore.exe |
http://search.centrum.cz/favicon.ico | iexplore.exe |
http://search.chol.com/ | iexplore.exe |
http://search.chol.com/favicon.ico | iexplore.exe |
http://search.cn.yahoo.com/ | iexplore.exe |
http://search.daum.net/ | iexplore.exe |
http://search.daum.net/favicon.ico | iexplore.exe |
http://search.dreamwiz.com/ | iexplore.exe |
http://search.dreamwiz.com/favicon.ico | iexplore.exe |
http://search.ebay.co.uk/ | iexplore.exe |
http://search.ebay.com/ | iexplore.exe |
http://search.ebay.com/favicon.ico | iexplore.exe |
http://search.ebay.de/ | iexplore.exe |
http://search.ebay.es/ | iexplore.exe |
http://search.ebay.fr/ | iexplore.exe |
http://search.ebay.in/ | iexplore.exe |
http://search.ebay.it/ | iexplore.exe |
http://search.empas.com/ | iexplore.exe |
http://search.empas.com/favicon.ico | iexplore.exe |
http://search.espn.go.com/ | iexplore.exe |
http://search.gamer.com.tw/ | iexplore.exe |
http://search.gamer.com.tw/favicon.ico | iexplore.exe |
http://search.gismeteo.ru/ | iexplore.exe |
http://search.goo.ne.jp/ | iexplore.exe |
http://search.goo.ne.jp/favicon.ico | iexplore.exe |
http://search.hanafos.com/ | iexplore.exe |
http://search.hanafos.com/favicon.ico | iexplore.exe |
http://search.interpark.com/ | iexplore.exe |
http://search.ipop.co.kr/ | iexplore.exe |
http://search.ipop.co.kr/favicon.ico | iexplore.exe |
http://search.live.com/results.aspx?form=iefm1&q= | iexplore.exe |
http://search.live.com/results.aspx?form=so2tdf&q= | iexplore.exe |
http://search.live.com/results.aspx?form=soltdf&q= | iexplore.exe |
http://search.live.com/results.aspx?q= | iexplore.exe |
http://search.live.com/results.aspx?q=search&form=hpdtdf | iexplore.exe |
http://search.live.com/results.aspx?q=search&form=hpntdf | iexplore.exe |
http://search.livedoor.com/ | iexplore.exe |
http://search.livedoor.com/favicon.ico | iexplore.exe |
http://search.lycos.co.uk/ | iexplore.exe |
http://search.lycos.com/ | iexplore.exe |
http://search.lycos.com/favicon.ico | iexplore.exe |
http://search.microsoft.com/ | iexplore.exe |
http://search.msn.co.jp/results.aspx?q= | iexplore.exe |
http://search.msn.co.uk/results.aspx?q= | iexplore.exe |
http://search.msn.com.cn/results.aspx?q= | iexplore.exe |
http://search.msn.com/results.aspx?q= | iexplore.exe |
http://search.nate.com/ | iexplore.exe |
http://search.naver.com/ | iexplore.exe |
http://search.naver.com/favicon.ico | iexplore.exe |
http://search.nifty.com/ | iexplore.exe |
http://search.orange.co.uk/ | iexplore.exe |
http://search.orange.co.uk/favicon.ico | iexplore.exe |
http://search.rediff.com/ | iexplore.exe |
http://search.rediff.com/favicon.ico | iexplore.exe |
http://search.seznam.cz/ | iexplore.exe |
http://search.seznam.cz/favicon.ico | iexplore.exe |
http://search.sify.com/ | iexplore.exe |
http://search.yahoo.co.jp | iexplore.exe |
http://search.yahoo.co.jp/favicon.ico | iexplore.exe |
http://search.yahoo.com/ | iexplore.exe |
http://search.yahoo.com/favicon.ico | iexplore.exe |
http://search.yam.com/ | iexplore.exe |
http://search1.taobao.com/ | iexplore.exe |
http://search2.estadao.com.br/ | iexplore.exe |
http://searchresults.news.com.au/ | iexplore.exe |
http://service2.bfast.com/ | iexplore.exe |
http://si.wikipedia.org/ | iexplore.exe |
http://si.wikipedia.org/favicon.ico | iexplore.exe |
http://si.wikipedia.org/w/api.php?action=opensearch&format=xml&search= | iexplore.exe |
http://sitesearch.timesonline.co.uk/ | iexplore.exe |
http://so-net.search.goo.ne.jp/ | iexplore.exe |
http://spaces.live.com/ | iexplore.exe |
http://spaces.live.com/blogit.aspx | iexplore.exe |
http://ssl.gstatic.com/ | iexplore.exe |
http://ssl.gstatic.com/gb/images/j_e6a6aca6.png | iexplore.exe |
http://ssl.gstatic.com/gb/images/j_e6a6aca6.png... | iexplore.exe |
http://ssl.gstatic.com/gb/images/j_e6a6aca6.png...g | iexplore.exe |
http://ssl.gstatic.com/gb/js/sem_feed2a2e2d54cd5f40fb4b5f5244fff2.js | iexplore.exe |
http://suche.aol.de/ | iexplore.exe |
http://suche.freenet.de/ | iexplore.exe |
http://suche.freenet.de/favicon.ico | iexplore.exe |
http://suche.lycos.de/ | iexplore.exe |
http://suche.t-online.de/ | iexplore.exe |
http://suche.web.de/ | iexplore.exe |
http://suche.web.de/favicon.ico | iexplore.exe |
http://support.microsoft.com | iexplore.exe |
http://translate.google.fr/?hl=fr&tab=wt | iexplore.exe, google_fr[1].txt.dr |
http://translator.live.com/?ref=ie8activity | iexplore.exe |
http://translator.live.com/bv.aspx?ref=ie8activity&a= | iexplore.exe |
http://translator.live.com/bvprev.aspx?ref=ie8activity | iexplore.exe |
http://translator.live.com/default.aspx?ref=ie8activity | iexplore.exe |
http://translator.live.com/defaultprev.aspx?ref=ie8activity | iexplore.exe |
http://treyresearch.net | iexplore.exe |
http://tw.search.yahoo.com/ | iexplore.exe |
http://udn.com/ | iexplore.exe |
http://udn.com/favicon.ico | iexplore.exe |
http://uk.ask.com/ | iexplore.exe |
http://uk.ask.com/favicon.ico | iexplore.exe |
http://uk.search.yahoo.com/ | iexplore.exe |
http://vachercher.lycos.fr/ | iexplore.exe |
http://video.globo.com/ | iexplore.exe |
http://video.globo.com/favicon.ico | iexplore.exe |
http://video.google.fr/?hl=fr&tab=wv | iexplore.exe, google_fr[1].txt.dr |
http://web.ask.com/ | iexplore.exe |
http://wellformedweb.org/commentapi/ | iexplore.exe |
http://windowsupdate.microsoft.com | iexplore.exe |
http://www.abril.com.br/ | iexplore.exe |
http://www.abril.com.br/favicon.ico | iexplore.exe |
http://www.afisha.ru/app_themes/default/images/favicon.ico | iexplore.exe |
http://www.alarabiya.net/ | iexplore.exe |
http://www.alarabiya.net/favicon.ico | iexplore.exe |
http://www.amazon.co.jp/ | iexplore.exe |
http://www.amazon.co.uk/ | iexplore.exe |
http://www.amazon.com/exec/obidos/external-search/104-2981279-3455918?index=blended&keyword= | iexplore.exe |
http://www.amazon.com/favicon.ico | iexplore.exe |
http://www.amazon.com/gp/search?ie=utf8&tag=ie8search-20&index=blended&linkcode=qs&camp=1789&creative=9325&keywords= | iexplore.exe |
http://www.amazon.de/ | iexplore.exe |
http://www.aol.com/favicon.ico | iexplore.exe |
http://www.arrakis.com/ | iexplore.exe |
http://www.arrakis.com/favicon.ico | iexplore.exe |
http://www.asharqalawsat.com/ | iexplore.exe |
http://www.asharqalawsat.com/favicon.ico | iexplore.exe |
http://www.ask.com/ | iexplore.exe |
http://www.auction.co.kr/auction.ico | iexplore.exe |
http://www.autoitscript.com/autoit3/ | explorer.exe |
http://www.baidu.com/ | iexplore.exe |
http://www.baidu.com/favicon.ico | iexplore.exe |
http://www.bing.com/favicon.ico | iexplore.exe |
http://www.bing.com/search | iexplore.exe |
http://www.bing.com/search?q= | iexplore.exe |
http://www.bing.com/search?q=%7bsearchterms%7d&src=ie-s | iexplore.exe |
http://www.blogger.com/?tab=wj | iexplore.exe, google_fr[1].txt.dr |
http://www.cdiscount.com/ | iexplore.exe |
http://www.cdiscount.com/favicon.ico | iexplore.exe |
http://www.ceneo.pl/ | iexplore.exe |
http://www.ceneo.pl/favicon.ico | iexplore.exe |
http://www.certplus.com/crl/class1.crl0 | iexplore.exe |
http://www.certplus.com/crl/class2.crl0 | iexplore.exe |
http://www.certplus.com/crl/class3.crl0 | iexplore.exe |
http://www.certplus.com/crl/class3p.crl0 | iexplore.exe |
http://www.certplus.com/crl/class3ts.crl0 | iexplore.exe |
http://www.chennaionline.com/ncommon/images/collogo.ico | iexplore.exe |
http://www.cjmall.com/ | iexplore.exe |
http://www.cjmall.com/favicon.ico | iexplore.exe |
http://www.clarin.com/favicon.ico | iexplore.exe |
http://www.cnet.co.uk/ | iexplore.exe |
http://www.cnet.com/favicon.ico | iexplore.exe |
http://www.dailymail.co.uk/ | iexplore.exe |
http://www.dailymail.co.uk/favicon.ico | iexplore.exe |
http://www.digsigtrust.com/dst_trust_cps_v990701.html0 | iexplore.exe |
http://www.entrust.net/crl/net1.crl0 | iexplore.exe |
http://www.etmall.com.tw/ | iexplore.exe |
http://www.etmall.com.tw/favicon.ico | iexplore.exe |
http://www.excite.co.jp/ | iexplore.exe |
http://www.expedia.com/ | iexplore.exe |
http://www.expedia.com/favicon.ico | iexplore.exe |
http://www.facebook.com/ | iexplore.exe |
http://www.facebook.com/favicon.ico | iexplore.exe |
http://www.gismeteo.ru/favicon.ico | iexplore.exe |
http://www.gmarket.co.kr/ | iexplore.exe |
http://www.gmarket.co.kr/favicon.ico | iexplore.exe |
http://www.google.co.in/ | iexplore.exe |
http://www.google.co.jp/ | iexplore.exe |
http://www.google.co.uk/ | iexplore.exe |
http://www.google.com | iexplore.exe |
http://www.google.com.br/ | iexplore.exe |
http://www.google.com.sa/ | iexplore.exe |
http://www.google.com.tw/ | iexplore.exe |
http://www.google.com/ | iexplore.exe |
http://www.google.com/favicon.ico | iexplore.exe |
http://www.google.com/ncr | iexplore.exe, google_fr[1].txt.dr |
http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 | iexplore.exe |
http://www.google.com/support/websearch/bin/answer.py?hl= | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
http://www.google.com/textinputassistant/tia.png | iexplore.exe |
http://www.google.cz/ | iexplore.exe |
http://www.google.de/ | iexplore.exe |
http://www.google.es/ | iexplore.exe |
http://www.google.fr | iexplore.exe |
http://www.google.fr/ | ~DF47A8.tmp.dr |
http://www.google.fr/%20-%20windows%20internet%20explorer | iexplore.exe |
http://www.google.fr/&sig=0_hcscewpus89t60fc3cg2evi57am%3d&suggon=2 | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/&sig=0_hcscewpus89t60fc | iexplore.exe |
http://www.google.fr/&sig=0_hcscewpus89t60fc3cg2evi57am%3d&suggon=2 | iexplore.exe |
http://www.google.fr/advanced_search?hl=fr | iexplore.exe |
http://www.google.fr/chrome/index.html?hl=fr&brand=chng&utm_source=fr-hpp&utm_medium=hpp&utm_campaign=fr | iexplore.exe |
http://www.google.fr/csi?v=3&s=webhp&action=&e=25657 | iexplore.exe |
http://www.google.fr/ex | iexplore.exe |
http://www.google.fr/extern_chrome/b0659096785d29d3.js | iexplore.exe |
http://www.google.fr/favicon.ico | iexplore.exe |
http://www.google.fr/history/optout?hl=fr | iexplore.exe |
http://www.google.fr/ig | iexplore.exe |
http://www.google.fr/ig%3fhl%3dfr%26source%3diglk&usg=afqjcng3dq3pmqcxa1eqhlnwiuh8e97qkg | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/ig%3fhl%3dfr%26source%3diglk&usg=afqjcng3dq3pmqcxa1eqhlnwiuh8e97qkg | iexplore.exe |
http://www.google.fr/ig/ | iexplore.exe |
http://www.google.fr/images/icons/product/chrome-48.png | iexplore.exe |
http://www.google.fr/images/mgyhp_sm.png | iexplore.exe |
http://www.google.fr/images/nav_logo107.png | iexplore.exe |
http://www.google.fr/images/srpr/logo3w.png | iexplore.exe |
http://www.google.fr/images/swxa.gif | iexplore.exe |
http://www.google.fr/imghp?hl=fr&tab=wi | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/intl/fr/about.html | iexplore.exe |
http://www.google.fr/intl/fr/ads/ | iexplore.exe |
http://www.google.fr/intl/fr/options | iexplore.exe |
http://www.google.fr/intl/fr/options/ | google_fr[1].txt.dr |
http://www.google.fr/intl/fr/policies | iexplore.exe |
http://www.google.fr/intl/fr/policies/ | iexplore.exe |
http://www.google.fr/language_tools?hl=fr | iexplore.exe |
http://www.google.fr/mgyhp.html | iexplore.exe |
http://www.google.fr/preferences?hl=fr | iexplore.exe |
http://www.google.fr/reader/?hl=fr&tab=wy | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/search | iexplore.exe |
http://www.google.fr/services/ | iexplore.exe |
http://www.google.fr/setprefs?prev=http://www.google.fr/&sig=0_hcscewpus89t60fc3cg2evi57am%3d&suggon=2 | iexplore.exe |
http://www.google.fr/shop | iexplore.exe |
http://www.google.fr/shopping?hl=fr&tab=wf | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/support/websearch/bin/answer.py?answer=186645&form=bb&hl=fr | iexplore.exe |
http://www.google.fr/typelib | iexplore.exe |
http://www.google.fr/url?sa=p&pref=ig&pval=3&q=http://www.googl | iexplore.exe |
http://www.google.fr/url?sa=p&pref=ig&pval=3&q=http://www.google.fr/ig%3fhl%3dfr%26source%3diglk&usg=afqjcng3dq3pmqcxa1eqhlnwiuh8e97qkg | iexplore.exe |
http://www.google.fr/webhp | iexplore.exe |
http://www.google.fr/webhp/ | iexplore.exe |
http://www.google.fr/webhp?hl=fr&tab=ww | iexplore.exe, google_fr[1].txt.dr |
http://www.google.fr/xjs/_/js/s/s | iexplore.exe |
http://www.google.it/ | iexplore.exe |
http://www.google.pl/ | iexplore.exe |
http://www.google.ru/ | iexplore.exe |
http://www.google.si/ | iexplore.exe |
http://www.iask.com/ | iexplore.exe |
http://www.iask.com/favicon.ico | iexplore.exe |
http://www.kkbox.com.tw/ | iexplore.exe |
http://www.kkbox.com.tw/favicon.ico | iexplore.exe |
http://www.linternaute.com/favicon.ico | iexplore.exe |
http://www.live.com/favicon.ico | iexplore.exe |
http://www.maktoob.com/favicon.ico | iexplore.exe |
http://www.mercadolibre.com.mx/ | iexplore.exe |
http://www.mercadolibre.com.mx/favicon.ico | iexplore.exe |
http://www.mercadolivre.com.br/ | iexplore.exe |
http://www.mercadolivre.com.br/favicon.ico | iexplore.exe |
http://www.merlin.com.pl/ | iexplore.exe |
http://www.merlin.com.pl/favicon.ico | iexplore.exe |
http://www.microsoft.com | explorer.exe |
http://www.microsoft.com/favicon.ico | iexplore.exe |
http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome | iexplore.exe |
http://www.microsoft.com/schemas/rss/core/2005 | iexplore.exe |
http://www.microsoft.com/schemas/rss/core/2005/internal | iexplore.exe |
http://www.microsoft.com/windowsxp/expertzone/ | iexplore.exe |
http://www.mtv.com/ | iexplore.exe |
http://www.mtv.com/favicon.ico | iexplore.exe |
http://www.myspace.com/favicon.ico | iexplore.exe |
http://www.najdi.si/ | iexplore.exe |
http://www.najdi.si/favicon.ico | iexplore.exe |
http://www.nate.com/favicon.ico | iexplore.exe |
http://www.neckermann.de/ | iexplore.exe |
http://www.neckermann.de/favicon.ico | iexplore.exe |
http://www.news.com.au/favicon.ico | iexplore.exe |
http://www.nifty.com/favicon.ico | iexplore.exe |
http://www.ocn.ne.jp/favicon.ico | iexplore.exe |
http://www.orange.fr/ | iexplore.exe |
http://www.otto.de/favicon.ico | iexplore.exe |
http://www.ozon.ru/ | iexplore.exe |
http://www.ozon.ru/favicon.ico | iexplore.exe |
http://www.ozu.es/favicon.ico | iexplore.exe |
http://www.paginasamarillas.es/ | iexplore.exe |
http://www.paginasamarillas.es/favicon.ico | iexplore.exe |
http://www.pchome.com.tw/favicon.ico | iexplore.exe |
http://www.priceminister.com/ | iexplore.exe |
http://www.priceminister.com/favicon.ico | iexplore.exe |
http://www.quovadisglobal.com/cps0 | iexplore.exe |
http://www.rakuten.co.jp/favicon.ico | iexplore.exe |
http://www.rambler.ru/ | iexplore.exe |
http://www.rambler.ru/favicon.ico | iexplore.exe |
http://www.recherche.aol.fr/ | iexplore.exe |
http://www.rtl.de/ | iexplore.exe |
http://www.rtl.de/favicon.ico | iexplore.exe |
http://www.servicios.clarin.com/ | iexplore.exe |
http://www.shopzilla.com/ | iexplore.exe |
http://www.sify.com/favicon.ico | iexplore.exe |
http://www.skype.com/ | iexplore.exe |
http://www.skype.com/go/download | iexplore.exe |
http://www.skype.com/go/help.guides.ieaddon?lang=en | iexplore.exe |
http://www.so-net.ne.jp/share/favicon.ico | iexplore.exe |
http://www.sogou.com/ | iexplore.exe |
http://www.sogou.com/favicon.ico | iexplore.exe |
http://www.soso.com/ | iexplore.exe |
http://www.soso.com/favicon.ico | iexplore.exe |
http://www.t-online.de/favicon.ico | iexplore.exe |
http://www.taobao.com/ | iexplore.exe |
http://www.taobao.com/favicon.ico | iexplore.exe |
http://www.target.com/ | iexplore.exe |
http://www.target.com/favicon.ico | iexplore.exe |
http://www.tchibo.de/ | iexplore.exe |
http://www.tchibo.de/favicon.ico | iexplore.exe |
http://www.tesco.com/ | iexplore.exe |
http://www.tesco.com/favicon.ico | iexplore.exe |
http://www.timesonline.co.uk/img/favicon.ico | iexplore.exe |
http://www.tiscali.it/favicon.ico | iexplore.exe |
http://www.trustcenter.de/guidelines0 | iexplore.exe |
http://www.univision.com/ | iexplore.exe |
http://www.univision.com/favicon.ico | iexplore.exe |
http://www.valicert.com/1 | iexplore.exe |
http://www.w3.org/1999/02/22-rdf-syntax-ns# | iexplore.exe |
http://www.w3.org/1999/xhtml | iexplore.exe |
http://www.w3.org/1999/xsl/transform | iexplore.exe |
http://www.w3.org/2005/atom | iexplore.exe |
http://www.w3.org/tr/html4/loose.dtd | iexplore.exe |
http://www.w3.org/tr/html4/strict.dtd | iexplore.exe |
http://www.w3.org/tr/html401/strict.dtd | iexplore.exe |
http://www.w3.org/tr/rec-html40/strict.dtd | iexplore.exe |
http://www.w3.org/tr/wd-xsl | iexplore.exe |
http://www.w3.org/tr/xhtml1/dtd/xhtml1-transitional.dtd | iexplore.exe |
http://www.walmart.com/ | iexplore.exe |
http://www.walmart.com/favicon.ico | iexplore.exe |
http://www.weather.com/ | iexplore.exe |
http://www.weather.com/favicon.ico | iexplore.exe |
http://www.ya.com/favicon.ico | iexplore.exe |
http://www.yam.com/favicon.ico | iexplore.exe |
http://www.yandex.ru/ | iexplore.exe |
http://www.yandex.ru/favicon.ico | iexplore.exe |
http://www.youtube.com/?tab=w1&gl=fr | iexplore.exe, google_fr[1].txt.dr |
http://www3.fnac.com/ | iexplore.exe |
http://www3.fnac.com/favicon.ico | iexplore.exe |
http://xml-us.amznxslt.com/onca/xml?service=awsecommerceservice&version=2008-06-26&operation=itemsearch&awsaccesskeyid=15hrv3azsmpk0gxty102&associatetag=ie8suggestion-20&responsegroup=itemattributes | iexplore.exe |
http://yellowpages.superpages.com/ | iexplore.exe |
http://z.about.com/m/a08.ico | iexplore.exe |
https://accounts.google.com/login?hl= | iexplore.exe, rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1].dr |
https://accounts.google.com/servicelogin?hl=fr&continue=http://www.google.fr/ | iexplore.exe, google_fr[1].txt.dr |
https://apis.google.com | iexplore.exe, google_fr[1].txt.dr |
https://banking.postbank.de/app/finanzs | svchost.exe |
https://banking.postbank.de/app/finanzstatus.init.do | iexplore.exe |
https://banking.postbank.de/app/kontoumsatz.umsatz.init.do | iexplore.exe |
https://banking.postbank.de/app/legitimation.input.do | iexplore.exe |
https://banking.postbank.de/app/static/js/script.js | iexplore.exe |
https://banking.postbank.de/app/tan.historie.input.do | iexplore.exe |
https://banking.postbank.de/app/ueberwe | spoolsv.exe, svchost.exe |
https://banking.postbank.de/app/ueberweisung.init.do | iexplore.exe |
https://banking.postbank.de/app/ueberweisung.input.do | iexplore.exe |
https://banking.postbank.de/app/ueberweisung.prep.do | iexplore.exe |
https://banking.postbank.de/app/ueberweisung.quittung.do | iexplore.exe |
https://banking.postbank.de/app/ueberweisung.termin.liste.input.do | iexplore.exe |
https://banking.postbank.de/app/vorscha | svchost.exe |
https://banking.postbank.de/app/vorschaltseite.init.do | iexplore.exe |
https://banking.postbank.de/app/welcome.do | iexplore.exe |
https://bankingportal.ksk-tuebingen.de/ifdata/64150020/ipstandard/4/content | msiexec.exe |
https://bankingportal.ksk-tuebingen.de/ifdata/64150020/ipstandard/4/content/www/pixel/basis/if5_anmelden.png | iexplore.exe |
https://ca.sia.it/seccli/repository/cps0 | iexplore.exe |
https://ca.sia.it/secsrv/repository/cps0 | iexplore.exe |
https://docs.google.com/?tab=wo | iexplore.exe, google_fr[1].txt.dr |
https://example.com | iexplore.exe |
https://finanzportal.fiducia.de | iexplore.exe |
https://ieonline.microsoft.com/#ieslice | iexplore.exe |
https://ieonline.microsoft.com/favicon.ico | iexplore.exe |
https://ieonlinews.microsoft.com/ | iexplore.exe |
https://mail.google.com/mail/?tab=wm | iexplore.exe, google_fr[1].txt.dr |
https://my.hypovereinsbank.de/prot/banking/securetan/ca | winlogon.exe |
https://my.hypovereinsbank.de/prot/banking/securetan/captcha?captchaname=securetan | globpluginspipe.dr |
https://play.google.com/?hl=fr&tab=w8 | iexplore.exe, google_fr[1].txt.dr |
https://plus.google.com/106901486880272202822 | iexplore.exe, google_fr[1].txt.dr |
https://plus.google.com/?gpsrc=ogpy0&tab=wx | iexplore.exe, google_fr[1].txt.dr |
https://plusone.google.com/u/0 | iexplore.exe, google_fr[1].txt.dr |
https://secure.comodo.com/cps0 | iexplore.exe |
https://secure5.arcot.com/acspage/de_de_lufthansa_mc/images/bcsluf.gif | iexplore.exe |
https://secure5.arcot.com/acspage/hsbcfdirect_en_gb/images/vpas_logo.gif | iexplore.exe |
https://symlink.us/cgi-bin/acd/acd.js | iexplore.exe |
https://www.commerzbanking.de/p- | wmiprvse.exe |
https://www.commerzbanking.de/p-portal1/xml/ifilportal/cms/images/but_anmelden.gif | iexplore.exe |
https://www.commerzbanking.de/p-portal2/xml/if | MDM.EXE |
https://www.commerzbanking.de/p-portal2/xml/ifilportal | svchost.exe |
https://www.commerzbanking.de/p-portal2/xml/ifilportal/pgf.html?tab=1 | iexplore.exe |
https://www.google.com/calendar?tab=wc | iexplore.exe, google_fr[1].txt.dr |
https://www.netlock.net/docs | iexplore.exe |
https://www.verisign.com/cps0 | iexplore.exe |
https://www.verisign.com/repository/cps | iexplore.exe |
https://www.verisign.com/repository/verisignlogo.gif0d | iexplore.exe |
https://www.verisign.com/rpa | iexplore.exe, 0797C381B2F87EB5A1D5573BD15BA4F40.dr |
https://www.verisign.com/rpa0 | iexplore.exe |
https://www.verisign.com; | iexplore.exe |
Social media names | |
String value | Source |
<SuggestionsURL>http://ie.search.yahoo.com/os?command={SearchTerms}</SuggestionsURL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<FavoriteIcon>http://search.yahoo.co.jp/favicon.ico</FavoriteIcon> equals www.yahoo.com (Yahoo) | iexplore.exe |
<FavoriteIcon>http://search.yahoo.com/favicon.ico</FavoriteIcon> equals www.yahoo.com (Yahoo) | iexplore.exe |
<FavoriteIcon>http://www.facebook.com/favicon.ico</FavoriteIcon> equals www.facebook.com (Facebook) | iexplore.exe |
<FavoriteIcon>http://www.myspace.com/favicon.ico</FavoriteIcon> equals www.myspace.com (Myspace) | iexplore.exe |
<FavoriteIcon>http://www.rambler.ru/favicon.ico</FavoriteIcon> equals www.rambler.ru (Rambler) | iexplore.exe |
<URL>http://br.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://de.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://es.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://espanol.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://fr.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://in.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://it.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://kr.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://ru.search.yahoo.com</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://sads.myspace.com/</URL> equals www.myspace.com (Myspace) | iexplore.exe |
<URL>http://search.cn.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://search.yahoo.co.jp</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://tw.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://uk.search.yahoo.com/</URL> equals www.yahoo.com (Yahoo) | iexplore.exe |
<URL>http://www.facebook.com/</URL> equals www.facebook.com (Facebook) | iexplore.exe |
<URL>http://www.rambler.ru/</URL> equals www.rambler.ru (Rambler) | iexplore.exe |
"http://www.youtube.com/?tab=w1&gl=FR equals www.youtube.com (Youtube) | iexplore.exe |
.yahoo. equals www.yahoo.com (Yahoo) | iexplore.exe |
Free Hotmail.url equals www.hotmail.com (Hotmail) | iexplore.exe |
YouTube equals www.youtube.com (Youtube) | iexplore.exe |
google.promos.mgmhp.initPulldown(rlz,logParams);});})();</script> </div><div id="mngb"><div id=gb><script>window.gbar&&gbar.eli&&gbar.eli()</script><div id=gbw><div id=gbzw><div id=gbz><span class=gbtcb></span><ol id=gbzc class=gbtc><li class=gbt><a onclick=gbar.logger.il(1,{t:119}); class=gbzt id=gb_119 href="https://plus.google.com/?gpsrc=ogpy0&tab=wX"><span class=gbtb2></span><span class=gbts>+Vous</span></a></li><li class=gbt><a onclick=gbar.logger.il(1,{t:1}); class="gbzt gbz0l gbp1" id=gb_1 href="http://www.google.fr/webhp?hl=fr&tab=ww"><span class=gbtb2></span><span class=gbts>Recherche</span></a></li><li class=gbt><a onclick=gbar.qs(this);gbar.logger.il(1,{t:2}); class=gbzt id=gb_2 href="http://www.google.fr/imghp?hl=fr&tab=wi"><span class=gbtb2></span><span class=gbts>Images</span></a></li><li class=gbt><a onclick=gbar.qs(this);gbar.logger.il(1,{t:8}); class=gbzt id=gb_8 href="http://maps.google.fr/maps?hl=fr&tab=wl"><span class=gbtb2></span><span class=gbts>Maps</span></a></li><li class=gbt><a onclick=gbar.logger.il(1,{t:78}); class=gbzt id=gb_78 href="https://play.google.com/?hl=fr&tab=w8"><span class=gbtb2></span><span class=gbts>Play</span></a></li><li class=gbt><a onclick=gbar.qs(this);gbar.logger.il(1,{t:36}); class=gbzt id=gb_36 href="http://www.youtube.com/?tab=w1&gl=FR"><span class=gbtb2></span><span class=gbts>YouTube</span></a></li><li class=gbt><a onclick=gbar.logger.il(1,{t:5}); class=gbzt id=gb_5 href="http://news.google.fr/nwshp?hl=fr&tab=wn"><span class=gbtb2></span><span class=gbts>Actualit equals www.youtube.com (Youtube) | google_fr[1].txt.dr |
http://www.youtube.com/?tab=w1&gl=FR equals www.youtube.com (Youtube) | iexplore.exe |
ing.myspace.co equals www.myspace.com (Myspace) | iexplore.exe |
login.yahoo.com equals www.yahoo.com (Yahoo) | iexplore.exe |
login.yahoo.com0 equals www.yahoo.com (Yahoo) | iexplore.exe |
messaging.myspace.com equals www.myspace.com (Myspace) | iexplore.exe |
profile.myspace.com/Modules/Applications/ equals www.myspace.com (Myspace) | iexplore.exe |
trator@http://www.youtube.com/?tab=w1&gl=FR equals www.youtube.com (Youtube) | iexplore.exe |
ts>Play</span></a></li><li class=gbt><a onclick=gbar.qs(this);gbar.logger.il(1,{t:36}); class=gbzt id=gb_36 href="http://www.youtube.com/?tab=w1&gl=FR"><span class=gbtb2></ equals www.youtube.com (Youtube) | iexplore.exe |
www.login.yahoo.com0 equals www.yahoo.com (Yahoo) | iexplore.exe |
www.youtube.com equals www.youtube.com (Youtube) | iexplore.exe |
youtube equals www.youtube.com (Youtube) | iexplore.exe |
youtube.com equals www.youtube.com (Youtube) | iexplore.exe |
Bank names | |
String value | Source |
*meine.deutsche-bank.de/trxm/db/*domestic.transfer.auth.error* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*domestic.transfer.confirmation* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*domestic.transfer.form.display* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*european.transfer.auth.error* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*european.transfer.confirmation* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*european.transfer.enter.data* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*fold.financial.overview* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*itan.authorization* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*select.type.of.overseas.remittance* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
*meine.deutsche-bank.de/trxm/db/*show.account.turnovers* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
deutsche-bank.de/trxm/db/*european.transfer.enter.data* GP equals www.deutsche-bank.de (Deutsche Bank AG) | wscntfy.exe |
deutsche-bank.de/trxm/db/*european.transfer.enter.data* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestX equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.auth.error* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.auth.error* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.confirmation* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.confirmation* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.form.display* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*domestic.transfer.form.display* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.auth.error* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.auth.error* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.confirmation* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.confirmation* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.enter.data* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*european.transfer.enter.data* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe |
set_url *meine.deutsche-bank.de/trxm/db/*fold.financial.overview* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*fold.financial.overview* equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*itan.authorization* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*itan.authorization* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*select.type.of.overseas.remittance* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*select.type.of.overseas.remittance* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*show.account.turnovers* GP equals www.deutsche-bank.de (Deutsche Bank AG) | iexplore.exe |
set_url *meine.deutsche-bank.de/trxm/db/*show.account.turnovers* equals www.deutsche-bank.de (Deutsche Bank AG) | svchost.exe, wmiprvse.exe, msdtc.exe, iexplore.exe |
Analysis Overview
Startup | |
|
Dropped Files | |
File Path | MD5 |
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF39BF.tmp | 8F0A41CCF29AFC63271A8F650FDA35C3 |
C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\~DF47A8.tmp | 0821F61047832608BB7D721CA997D3B6 |
C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\0797C381B2F87EB5A1D5573BD15BA4F4 | DFDF3FCC73C3D79D960A4BF0142E270B |
C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 | F7129BD2F205ED6146BB1342D12C903F |
C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\0797C381B2F87EB5A1D5573BD15BA4F4 | 12FC6BECC63F9715F4EA11CEF30149AF |
C:\Documents and Settings\Administrator\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 | 50A61D7D4BAB10BEF9EFAA4313DE89B0 |
C:\Documents and Settings\Administrator\Cookies\administrator@google[1].txt | 863EDFBB3A6F6DC7363571FA810FE2B3 |
C:\Documents and Settings\Administrator\Cookies\administrator@google[2].txt | 041B1094192A7B63444E8FDFEF5BC463 |
C:\Documents and Settings\Administrator\Cookies\administrator@google[3].txt | 3285B4277E3735362BB3FAA34431ABDB |
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\DOMStore\U3Y7OHYG\www.google[1].xml | D148E8E3EB418FAD47993D3C0DF59C4D |
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{0BC6299F-4667-11E1-97AA-08002763FBB4}.dat | 6A8E78175FF458E957DF809DD9951804 |
C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{0BC629A0-4667-11E1-97AA-08002763FBB4}.dat | DF9AFC35126E2009AB3B116B10C692EB |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3FZRZ9KZ\chrome-48[1].png | 3FE84B8B53D7401B32FABD0C70F211BB |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3FZRZ9KZ\mgyhp_sm[1].png | 6EFE849BCCA95A1036A846F618FDE913 |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3FZRZ9KZ\swxa[1].gif | 72630BE6F3743631E1FC2C53F8F25344 |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3FZRZ9KZ\tia[1].png | AD07EE4CB98DA073DDA56CE7CEB88F5A |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5B7NHQO2\google_fr[1].txt | A92794097B1192A3B177BA62418B2F05 |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5B7NHQO2\rs=AItRSTPlPDh3JqT4hZcG--RlbldBDxGPAA[1] | 6C9F39E8946018FB1631E818F9668EAE |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\5B7NHQO2\sem_feed2a2e2d54cd5f40fb4b5f5244fff2[1].js | FEED2A2E2D54CD5F40FB4B5F5244FFF2 |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\L1ZDGPDD\b0659096785d29d3[1].js | 0FA09E7314A4BAC8093E64309A152A19 |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\L1ZDGPDD\j_e6a6aca6[1].png | E6A6ACA6F0BF41491306FB48C5CBC2EF |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\L1ZDGPDD\logo3w[1].png | 169E859DB7F28A01E1B51E1C9E2D6B2B |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LLFPAG1G\favicon[1].ico | 09B565A51E14B721A323F0BA44B2982A |
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LLFPAG1G\nav_logo107[1].png | 92D80817414D8985DE1DCC4425754D66 |
C:\WINDOWS\Prefetch\7DB482F5469DFEB0A6B2B4F66C062-2ABA240A.pf | F43502801BD279990BA3D5265F42CB1C |
C:\WINDOWS\Prefetch\IEXPLORE.EXE-27122324.pf | C1B91BC0C5B15E28B11B3FDFAE443908 |
C:\WINDOWS\system32\wbem\Logs\wmiprov.log | 61C835EF8EC2E9A5E7F4BB57F2412B2E |
C:\skhfushjflw\config.bin | B95E4F3E52958AA860B6BA5D44E8650A |
C:\skhfushjflw\skhfushjflw.exe | 7DB482F5469DFEB0A6B2B4F66C062314 |
\ROUTER | B605561334335B73E3E90D0E3139C59E |
\globpluginspipe | 3456A0595C18EFB403FBA33DBADFEB70 |
\lsass | 2B194305EBB60F22791CC48709E9F414 |
Global Network Data
All TCP | ||||
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
Jul 2, 2012 20:06:12.638062954 CEST | 1039 | 85 | 192.168.0.10 | 194.247.58.63 |
Jul 2, 2012 20:06:12.638093948 CEST | 85 | 1039 | 194.247.58.63 | 192.168.0.10 |
Jul 2, 2012 20:06:12.638293982 CEST | 1039 | 85 | 192.168.0.10 | 194.247.58.63 |
Jul 2, 2012 20:06:12.762447119 CEST | 1039 | 85 | 192.168.0.10 | 194.247.58.63 |
Jul 2, 2012 20:06:12.762470961 CEST | 85 | 1039 | 194.247.58.63 | 192.168.0.10 |
Jul 2, 2012 20:06:12.769419909 CEST | 1039 | 85 | 192.168.0.10 | 194.247.58.63 |
Jul 2, 2012 20:06:12.769490004 CEST | 85 | 1039 | 194.247.58.63 | 192.168.0.10 |
Jul 2, 2012 20:06:12.769702911 CEST | 1039 | 85 | 192.168.0.10 | 194.247.58.63 |
Jul 2, 2012 20:06:22.557746887 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 |
Jul 2, 2012 20:06:22.557774067 CEST | 80 | 1040 | 23.23.227.68 | 192.168.0.10 |
Jul 2, 2012 20:06:22.558010101 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 |
Jul 2, 2012 20:06:22.630816936 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 |
Jul 2, 2012 20:06:22.630852938 CEST | 80 | 1040 | 23.23.227.68 | 192.168.0.10 |
Jul 2, 2012 20:06:23.338170052 CEST | 80 | 1040 | 23.23.227.68 | 192.168.0.10 |
Jul 2, 2012 20:06:23.539930105 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 |
Jul 2, 2012 20:06:33.354585886 CEST | 80 | 1040 | 23.23.227.68 | 192.168.0.10 |
Jul 2, 2012 20:06:33.355050087 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 |
Jul 2, 2012 20:06:45.449976921 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:06:45.450005054 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:06:45.450228930 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:06:45.452275038 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:06:45.452294111 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:06:45.937494040 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:06:46.052731991 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:06:46.053299904 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:06:46.053344011 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:06:46.081779957 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:46.081793070 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:46.081991911 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:46.173389912 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:06:49.126018047 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.126058102 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.126343966 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.147241116 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.147264004 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.581904888 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.650196075 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.650619030 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.657922029 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.657944918 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.658287048 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.672760963 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.672768116 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.673168898 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.695521116 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.707636118 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.708035946 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.708054066 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.762799025 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.763250113 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.763278961 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.763360977 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.785636902 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.786256075 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.786269903 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.812666893 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.813082933 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.813102007 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.816278934 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.817924023 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.817938089 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.852718115 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.855362892 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.855380058 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.883846045 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.884200096 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.884216070 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.925036907 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.925343037 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.925360918 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.960942984 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:49.961294889 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:49.961313009 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:50.110955954 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:50.110976934 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:50.329006910 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:50.496540070 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:51.612915993 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:51.612946033 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:51.645613909 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:51.645642042 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:51.645971060 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:51.665994883 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:51.666014910 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:51.936590910 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.028717995 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.029097080 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.029119015 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.192051888 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.330037117 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.392671108 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.392699003 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.517275095 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.517293930 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.681835890 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.735291004 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.760291100 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.760543108 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.760561943 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.760888100 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.779480934 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.783039093 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.783324957 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:52.783339977 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:06:52.957523108 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:06:57.999017000 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 |
Jul 2, 2012 20:06:57.999058008 CEST | 80 | 1046 | 199.7.71.190 | 192.168.0.10 |
Jul 2, 2012 20:06:57.999216080 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 |
Jul 2, 2012 20:06:58.000196934 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 |
Jul 2, 2012 20:06:58.000216961 CEST | 80 | 1046 | 199.7.71.190 | 192.168.0.10 |
Jul 2, 2012 20:06:58.523797989 CEST | 80 | 1046 | 199.7.71.190 | 192.168.0.10 |
Jul 2, 2012 20:06:58.647272110 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 |
Jul 2, 2012 20:06:58.647293091 CEST | 80 | 1046 | 199.7.71.190 | 192.168.0.10 |
Jul 2, 2012 20:06:58.863985062 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 |
Jul 2, 2012 20:07:00.458628893 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:00.458708048 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:00.459012985 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:00.461488962 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:00.461507082 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.242489100 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.295207024 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.295777082 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.295799017 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.317548990 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.317965984 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.317979097 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.318269968 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.411159992 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.436861992 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.437365055 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.456767082 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.457294941 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.475208044 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.492681026 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.493253946 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.505157948 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.505347013 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.505740881 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.505770922 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.506098986 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.527256012 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.548378944 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.548943996 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.548973083 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.549189091 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.549285889 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.549292088 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.549665928 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.618357897 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.641001940 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.641587973 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.641627073 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.642036915 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.645744085 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.646905899 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.647419930 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.647442102 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.647785902 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.667541027 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:01.813838959 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:01.813855886 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:02.032896996 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:02.932931900 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:03.126893044 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:03.126950026 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:03.281857967 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:03.282428980 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:03.374352932 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:03.563718081 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:03.563800097 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 |
Jul 2, 2012 20:07:03.786237001 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 |
Jul 2, 2012 20:07:04.971585989 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:04.971607924 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:04.993516922 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:04.993530989 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.259922981 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:05.259954929 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.260241985 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:05.371222973 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:05.371234894 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:05.371571064 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:05.822736025 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.877068043 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.877346992 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:05.877368927 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.991647959 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:05.992238998 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:05.992297888 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.014369965 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.014914036 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.014986038 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.117400885 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.117984056 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.118043900 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.139420033 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.139996052 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.140054941 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.254847050 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.255422115 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.255491018 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.295082092 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.295664072 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.295736074 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.407624006 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.407686949 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.427809000 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.428349972 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.428416967 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.428423882 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.574726105 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.575288057 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.575351954 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.575668097 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.591449022 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.634236097 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.634784937 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.634876966 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.741183043 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.844754934 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.844827890 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:06.954230070 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:06.954305887 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:07.063602924 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:07.173316002 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.157717943 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.157802105 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.158207893 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.160505056 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.160540104 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.267168045 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:08.267255068 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:08.267627954 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:08.269750118 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:08.269795895 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:08.792800903 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.838726044 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.839278936 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.839337111 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.865055084 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.865427971 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.865451097 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.940176964 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.940730095 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.940803051 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.946738005 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.947170019 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.947195053 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.968770981 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.969172955 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.969201088 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.990871906 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:08.991242886 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:08.991267920 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.036461115 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.036813021 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.036840916 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.080611944 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.081000090 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.081034899 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.130589008 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.153019905 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.153080940 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.161402941 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.161811113 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.161865950 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.283905029 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.284403086 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.284487009 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.291626930 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.292078018 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.292150974 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.292565107 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.332711935 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.360915899 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.361010075 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.384169102 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.384706974 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.384790897 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.405993938 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.406531096 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.406615019 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.430238008 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.430798054 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.430859089 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.468534946 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.469044924 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.469116926 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.470354080 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.470750093 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.470772982 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.510322094 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.510878086 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.510947943 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.563890934 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.564403057 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.564476013 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.564919949 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.576770067 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.576777935 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.577310085 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.579241037 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.588815928 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.596049070 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.596611023 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.596677065 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.597043991 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.613528967 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.642311096 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.642848015 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.642918110 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.644051075 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.644457102 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.644479036 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.676295996 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.676717043 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.676795959 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.707706928 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.714277983 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.714746952 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.714823008 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.779797077 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.780374050 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.780447960 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.780920029 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.787118912 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.798619032 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:09.798686028 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:09.802855015 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.803256989 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.803299904 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.831511021 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.831927061 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.832001925 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.858119965 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.858535051 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.858603954 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.879225016 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.879656076 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.879718065 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.880162954 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.880176067 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.940203905 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.940666914 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.940691948 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:09.941047907 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:09.958419085 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.002856970 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.003431082 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.003508091 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.004029036 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.016690969 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:10.025244951 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.047358036 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.047863960 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.047933102 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.075406075 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.075936079 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.076003075 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.116967916 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.117497921 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.117567062 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.117901087 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.133933067 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.156694889 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.157134056 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.157221079 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.178610086 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.179145098 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.179213047 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.250814915 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.251349926 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.251436949 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.251575947 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.251997948 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.252017975 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.252743959 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.273516893 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.273525953 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.273725033 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.274017096 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.274259090 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.274282932 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.274611950 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.279328108 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.301939011 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.302248001 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.302284002 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.302596092 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.312586069 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.324343920 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.324656963 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.324677944 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.335477114 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.335803032 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.335828066 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.336056948 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.347271919 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.360161066 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.360572100 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.360594988 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.360807896 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.369653940 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.370345116 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.370613098 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.370644093 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.370843887 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.386346102 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.392170906 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.392602921 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.392640114 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.414192915 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.414618015 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.414644957 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.427463055 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.427778006 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.427844048 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.427870989 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.428145885 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.435906887 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.449217081 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.452572107 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.452599049 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.456146955 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.470128059 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.471072912 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.471424103 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.471489906 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.478858948 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.492105007 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.492114067 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.492556095 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.495990992 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.505018950 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.506606102 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.506946087 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.507013083 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.513869047 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.513916969 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.514270067 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.514332056 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.514358044 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.607983112 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:10.608038902 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:10.619677067 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:11.673084974 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:11.673168898 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:11.705770969 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:07:11.705852985 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:07:11.751661062 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:11.751739979 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:11.793359041 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:11.793430090 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:11.972590923 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:11.993705988 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:11.993779898 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.016269922 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.016705036 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.016779900 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.058151960 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.058594942 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.058676004 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.059053898 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.070785046 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.093938112 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.094331980 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.094398975 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.136790991 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.137186050 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.137271881 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.153990984 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.154455900 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.154547930 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.158808947 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.158823967 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.159255981 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.159367085 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 |
Jul 2, 2012 20:07:12.313704014 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.313788891 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.313810110 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 |
Jul 2, 2012 20:07:12.321307898 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.321748018 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.321825027 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.322211027 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.343194962 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.363317013 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.363745928 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.363827944 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.364198923 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.365464926 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.365473986 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.365483046 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:07:12.365907907 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.377383947 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.388281107 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.388685942 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.388756037 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.410770893 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.410785913 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.411207914 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.411273003 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 |
Jul 2, 2012 20:07:12.544430971 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:07:12.544452906 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 |
Jul 2, 2012 20:07:12.544473886 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.544497013 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 |
Jul 2, 2012 20:07:12.751091003 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 |
Jul 2, 2012 20:07:27.733908892 CEST | 80 | 1045 | 199.7.71.190 | 192.168.0.10 |
Jul 2, 2012 20:07:27.734275103 CEST | 1045 | 80 | 192.168.0.10 | 199.7.71.190 |
All UDP | ||||
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
Jul 2, 2012 20:06:19.292897940 CEST | 51208 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:20.365220070 CEST | 51208 | 53 | 192.168.0.10 | 195.186.4.121 |
Jul 2, 2012 20:06:20.769155025 CEST | 53 | 51208 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:06:21.305716991 CEST | 53 | 51208 | 195.186.4.121 | 192.168.0.10 |
Jul 2, 2012 20:06:39.563674927 CEST | 51094 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:39.563788891 CEST | 53 | 51094 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:06:45.446321011 CEST | 58466 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:45.446424007 CEST | 53 | 58466 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:06:46.078927040 CEST | 63631 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:46.078990936 CEST | 53 | 63631 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:06:56.552406073 CEST | 51272 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:57.595263004 CEST | 51272 | 53 | 192.168.0.10 | 195.186.4.121 |
Jul 2, 2012 20:06:57.952739000 CEST | 53 | 51272 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:06:58.516155958 CEST | 53 | 51272 | 195.186.4.121 | 192.168.0.10 |
Jul 2, 2012 20:06:58.804406881 CEST | 63632 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:06:59.797770023 CEST | 63632 | 53 | 192.168.0.10 | 195.186.4.121 |
Jul 2, 2012 20:07:00.452718019 CEST | 53 | 63632 | 195.186.1.121 | 192.168.0.10 |
Jul 2, 2012 20:07:00.774555922 CEST | 53 | 63632 | 195.186.4.121 | 192.168.0.10 |
Jul 2, 2012 20:07:05.355597973 CEST | 52775 | 53 | 192.168.0.10 | 195.186.1.121 |
Jul 2, 2012 20:07:05.355767012 CEST | 53 | 52775 | 195.186.1.121 | 192.168.0.10 |
All ICMP | |||||
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
Jul 2, 2012 20:06:21.306183100 CEST | 192.168.0.10 | 195.186.4.121 | 862a | (Port unreachable) | Destination Unreachable |
Jul 2, 2012 20:06:58.516316891 CEST | 192.168.0.10 | 195.186.4.121 | 862e | (Port unreachable) | Destination Unreachable |
Jul 2, 2012 20:07:00.775059938 CEST | 192.168.0.10 | 195.186.4.121 | 863a | (Port unreachable) | Destination Unreachable |
DNS Query | |||||||
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
Jul 2, 2012 20:06:19.292897940 CEST | 192.168.0.10 | 195.186.1.121 | 0x27e7 | Standard query (0) | koilorio.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:20.365220070 CEST | 192.168.0.10 | 195.186.4.121 | 0x27e7 | Standard query (0) | koilorio.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:45.446321011 CEST | 192.168.0.10 | 195.186.1.121 | 0x6094 | Standard query (0) | www.google.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:46.078927040 CEST | 192.168.0.10 | 195.186.1.121 | 0x3e12 | Standard query (0) | www.google.fr | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:56.552406073 CEST | 192.168.0.10 | 195.186.1.121 | 0xfa71 | Standard query (0) | crl.verisign.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:57.595263004 CEST | 192.168.0.10 | 195.186.4.121 | 0xfa71 | Standard query (0) | crl.verisign.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:58.804406881 CEST | 192.168.0.10 | 195.186.1.121 | 0x92cd | Standard query (0) | csc3-2009-2-crl.verisign.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:06:59.797770023 CEST | 192.168.0.10 | 195.186.4.121 | 0x92cd | Standard query (0) | csc3-2009-2-crl.verisign.com | A (IP address) | IN (0x0001) |
Jul 2, 2012 20:07:05.355597973 CEST | 192.168.0.10 | 195.186.1.121 | 0x3aa2 | Standard query (0) | ssl.gstatic.com | A (IP address) | IN (0x0001) |
DNS Answer | |||||||||
Timestamp | Source IP | Dest IP | Trans ID | Replay Code | Name | CName | Address | Type | Class |
Jul 2, 2012 20:06:20.769155025 CEST | 195.186.1.121 | 192.168.0.10 | 0x27e7 | No error (0) | koilorio.com | 23.23.227.68 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:06:21.305716991 CEST | 195.186.4.121 | 192.168.0.10 | 0x27e7 | No error (0) | koilorio.com | 23.23.227.68 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:06:45.446424007 CEST | 195.186.1.121 | 192.168.0.10 | 0x6094 | No error (0) | www.google.com | 173.194.69.106 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:06:46.078990936 CEST | 195.186.1.121 | 192.168.0.10 | 0x3e12 | No error (0) | www.google.fr | 173.194.69.94 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:06:57.952739000 CEST | 195.186.1.121 | 192.168.0.10 | 0xfa71 | No error (0) | crl.verisign.com | 199.7.71.190 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:06:58.516155958 CEST | 195.186.4.121 | 192.168.0.10 | 0xfa71 | No error (0) | crl.verisign.com | 199.7.71.190 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:07:00.452718019 CEST | 195.186.1.121 | 192.168.0.10 | 0x92cd | No error (0) | csc3-2009-2-crl.verisign.com | 199.7.52.190 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:07:00.774555922 CEST | 195.186.4.121 | 192.168.0.10 | 0x92cd | No error (0) | csc3-2009-2-crl.verisign.com | 199.7.52.190 | A (IP address) | IN (0x0001) | |
Jul 2, 2012 20:07:05.355767012 CEST | 195.186.1.121 | 192.168.0.10 | 0x3aa2 | No error (0) | ssl.gstatic.com | 173.194.69.120 | A (IP address) | IN (0x0001) |
HTTP Dependency Graph |
|
HTTP | ||||||
Timestamp | Source Port | Dest Port | Source IP | Dest IP | Header | Total Bytes Transfered (KB) |
Jul 2, 2012 20:06:22.630816936 CEST | 1040 | 80 | 192.168.0.10 | 23.23.227.68 | 1 | |
Jul 2, 2012 20:06:23.338170052 CEST | 80 | 1040 | 23.23.227.68 | 192.168.0.10 | 2 | |
Jul 2, 2012 20:06:45.452275038 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 | 3 | |
Jul 2, 2012 20:06:45.937494040 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 | 3 | |
Jul 2, 2012 20:06:49.147241116 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 | 6 | |
Jul 2, 2012 20:06:49.581904888 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 | 7 | |
Jul 2, 2012 20:06:51.612915993 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 | 37 | |
Jul 2, 2012 20:06:51.665994883 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 | 38 | |
Jul 2, 2012 20:06:51.936590910 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 | 38 | |
Jul 2, 2012 20:06:52.330037117 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 | 41 | |
Jul 2, 2012 20:06:52.392671108 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 | 41 | |
Jul 2, 2012 20:06:52.681835890 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 | 42 | |
Jul 2, 2012 20:06:58.000196934 CEST | 1046 | 80 | 192.168.0.10 | 199.7.71.190 | 50 | |
Jul 2, 2012 20:06:58.523797989 CEST | 80 | 1046 | 199.7.71.190 | 192.168.0.10 | 51 | |
Jul 2, 2012 20:07:00.461488962 CEST | 1047 | 80 | 192.168.0.10 | 199.7.52.190 | 53 | |
Jul 2, 2012 20:07:01.242489100 CEST | 80 | 1047 | 199.7.52.190 | 192.168.0.10 | 53 | |
Jul 2, 2012 20:07:04.971585989 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 | 92 | |
Jul 2, 2012 20:07:04.993516922 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 | 93 | |
Jul 2, 2012 20:07:05.822736025 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 | 94 | |
Jul 2, 2012 20:07:06.741183043 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 | 123 | |
Jul 2, 2012 20:07:08.160505056 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 | 127 | |
Jul 2, 2012 20:07:08.269750118 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 | 127 | |
Jul 2, 2012 20:07:08.792800903 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 | 128 | |
Jul 2, 2012 20:07:09.130589008 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 | 149 | |
Jul 2, 2012 20:07:11.673084974 CEST | 1045 | 80 | 192.168.0.10 | 173.194.69.94 | 302 | |
Jul 2, 2012 20:07:11.705770969 CEST | 1043 | 80 | 192.168.0.10 | 173.194.69.106 | 303 | |
Jul 2, 2012 20:07:11.751661062 CEST | 1049 | 80 | 192.168.0.10 | 173.194.69.120 | 303 | |
Jul 2, 2012 20:07:11.793359041 CEST | 1044 | 80 | 192.168.0.10 | 173.194.69.94 | 304 | |
Jul 2, 2012 20:07:11.972590923 CEST | 80 | 1049 | 173.194.69.120 | 192.168.0.10 | 305 | |
Jul 2, 2012 20:07:11.993705988 CEST | 1048 | 80 | 192.168.0.10 | 173.194.69.94 | 306 | |
Jul 2, 2012 20:07:12.158823967 CEST | 80 | 1045 | 173.194.69.94 | 192.168.0.10 | 321 | |
Jul 2, 2012 20:07:12.365483046 CEST | 80 | 1043 | 173.194.69.106 | 192.168.0.10 | 333 | |
Jul 2, 2012 20:07:12.377383947 CEST | 80 | 1044 | 173.194.69.94 | 192.168.0.10 | 334 | |
Jul 2, 2012 20:07:12.410785913 CEST | 80 | 1048 | 173.194.69.94 | 192.168.0.10 | 338 |
Hooks
User Modules | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
Sections | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
File Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Section Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Registry Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Mutant Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Process Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Memory Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
System Activities:
|
Chronological sections | |||
Operation | Data | Completion | Time |
Section loaded | Path: \KnownDlls\kernel32.dll Access: write and read and execute Type: unknown Baseaddress: 7C800000 Size: 1007616 Protection: read write Mapped to pid: own pid | success or wait | 528723743 |
Process information queried | PID: 1780 Info Class: Cookie | success or wait | 528729670 |
Section loaded | Path: unknown Access: query and write and read and execute and extend size Type: reserve Baseaddress: 7C800000 Size: 1007616 Protection: read write Mapped to pid: own pid | success or wait | 528732083 |
Section loaded | Path: \NLS\NlsSectionUnicode Access: read Type: unknown Baseaddress: 260000 Size: 90112 Protection: readonly Mapped to pid: own pid | success or wait | 528742777 |
Section loaded | Path: \NLS\NlsSectionLocale Access: read Type: unknown Baseaddress: 280000 Size: 266240 Protection: readonly Mapped to pid: own pid | success or wait | 528746825 |
Section loaded | Path: \NLS\NlsSectionSortkey Access: query and read Type: unknown Baseaddress: 2D0000 Size: 266240 Protection: readonly Mapped to pid: own pid | success or wait | 528751058 |
Section loaded | Path: \NLS\NlsSectionSortTbls Access: read Type: unknown Baseaddress: 320000 Size: 24576 Protection: readonly Mapped to pid: own pid | success or wait | 528752455 |
Section loaded | Path: \NLS\NlsSectionSortkey00000409 Access: read Type: unknown Baseaddress: unknown Size: unknown Protection: unknown Mapped to pid: unknown | object name not found | 528754547 |
Section loaded | Path: \NLS\NlsSectionSortkey00000409 Access: read Type: unknown Baseaddress: unknown Size: unknown Protection: unknown Mapped to pid: unknown | object name not found | 528754913 |
Process information queried | PID: 1780 Info Class: ImageInformation | success or wait | 528760429 |
Memory attributes changed | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 400000 Length: 1000 New Protection: page read and write New Protection: page readonly | success or wait | 528917111 |
Memory attributes changed | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 400000 Length: 1000 New Protection: page readonly New Protection: page read and write | success or wait | 528918834 |
Memory attributes changed | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 45115C Length: 1000 New Protection: page execute and read and write New Protection: page execute and read and write | success or wait | 528919999 |
Memory attributes changed | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 464384 Length: 2000 New Protection: page execute and read and write New Protection: page execute and read and write | success or wait | 528920508 |
Memory allocated | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 330000 Length: 12FFAC Allocation Type: unknown Protection: page execute and read and write | success or wait | 528921398 |
Key value queried | Path: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\ComputerName\ActiveComputerName Name: ComputerName | success or wait | 528925865 |
File created | Path: C:\skhfushjflw\ Access: read data or list directory and synchronize Options: directory file and synchronous io non alert and open for backup ident Attributes: normal Content Overwritten: null | success or wait | 528936257 |
Mutant created | Name: \BaseNamedObjects\ofjwkwufhdjfgki | success or wait | 528942087 |
Memory attributes changed | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe Base: 463784 Length: 2000 New Protection: page execute and read and write New Protection: page execute and read and write | success or wait | 528943120 |
System info queried | Type: ProcessInformation | success or wait | 528944137 |
Section loaded | Path: unknown Access: query and write and read Type: commit Baseaddress: 330000 Size: 16384 Protection: read write Mapped to pid: own pid | success or wait | 528951124 |
Memory allocated | PID: 1552 Path: C:\WINDOWS\explorer.exe Base: BA0000 Length: 12FFAC Allocation Type: unknown Protection: page execute and read and write | success or wait | 528969318 |
Memory written | PID: 1552 Path: C:\WINDOWS\explorer.exe Base: BA0000 Length: 4096 Value: 55 8B EC 81 EC C8 06 00 00 83 65 E0 00 53 56 57 33 C0 8D 7D E4 AB AB AB 8D 85 54 FF FF FF C7 45 B8 5C 3F 3F 5C C6 45 BC 00 89 85 50 FF FF FF E8 00 00 00 00 58 89 45 F8 8B 45 F8 8B D0 81 E2 FF 0F 00 00 33 C9 2B C2 41 05 20 0B 00 00 81 38 21 45 59 45 8B F8 89 7D C4 74 0B 41 05 00 10 00 00 83 F9 0A 76 E8 83 F9 0A 75 01 CC 64 A1 30 00 00 00 8B 40 0C 8B 40 1C 8B 40 08 68 E8 93 43 77 6A 01 8B F0 E8 36 04 00 00 59 59 85 C0 74 15 89 65 C0 68 04 01 00 00 8D 8D 44 FC FF FF 51 56 FF D0 8B 65 C0 68 AE B1 A6 C2 33 F6 56 E8 0E 04 00 00 59 59 3B C6 74 11 89 65 9C 8D 4D FF 51 56 6A 01 6A 14 FF D0 8B 65 9C 64 A1 18 00 00 00 68 77 35 07 0A 6A 01 89 70 34 E8 E2 03 00 00 59 59 3B C6 74 14 89 65 A4 56 8D 8F 08 01 00 00 51 FF D0 8B 65 A4 3B C6 75 13 64 A1 18 00 00 00 81 78 34 | success or wait | 534146800 |
Mutant created | Name: \BaseNamedObjects\ofjwkwufhdjfgki | object name exists | 548745769 |
Process terminated | PID: 1780 Path: C:\7db482f5469dfeb0a6b2b4f66c062314.exe | success or wait | 548757927 |
Sections | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
File Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Section Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Registry Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Mutant Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Process Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Thread Activities:
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Memory Activities:
|