ThreatExpert Report

Submission Summary:

Submission details:

Submission received: 21 April 2011, 18:48:27
Processing time: 14 min 13 sec
Submitted sample:

File MD5: 0x38C9769F877C9FE876D4CEA744D74644
File SHA-1: 0xA18EE4F47FF2CBAFA346C3695376960103AA8023
Filesize: 302 783 bytes

Summary of the findings:

What's been found	Severity Level
Downloads/requests other files from Internet.

Technical Details:

The new window was created, as shown below:

NOTICE: The content shown in the above window is captured automatically and is not controlled or endorsed by ThreatExpert.
Please contact us on this link should any material be offensive or inappropriate and we will ensure any such content is blocked from future viewers of the report.

File System Modifications

The following files were created in the system:

#	Filename(s)	File Size	File Hash
1	%DesktopDir%\Zattoo.lnk	1 531 bytes	MD5: 0x4F46C4F766454D8A488C90B9520690B2 SHA-1: 0x524196642A600C869BBDF7F309BD43C86F6F2DE1
2	%Temp%\installer.exe	0 bytes	MD5: 0xD41D8CD98F00B204E9800998ECF8427E SHA-1: 0xDA39A3EE5E6B4B0D3255BFEF95601890AFD80709
3	%Temp%\nsa2.tmp\NSISdl.dll	14 848 bytes	MD5: 0xA5F8399A743AB7F9C88C645C35B1EBB5 SHA-1: 0x168F3C158913B0367BF79FA413357FBE97018191
4	%Temp%\nsa2.tmp\pantallacodigo	1 440 bytes	MD5: 0x656F76090D6A3886BD2D5B4C9CA1957D SHA-1: 0x27CE1CFBEC5831AD6F2A1A2CEFEAEE1B28CA66E2
5	%Temp%\nsa2.tmp\UAC.dll	17 408 bytes	MD5: 0x09CAF01BC8D88EEB733ABC161ACFF659 SHA-1: 0xB8C2126D641F88628C632DD2259686DA3776A6DA
6	%Temp%\nsl4.tmp\modern-wizard.bmp	26 494 bytes	MD5: 0xCBE40FD2B1EC96DAEDC65DA172D90022 SHA-1: 0x366C216220AA4329DFF6C485FD0E9B0F4F0A7944
7	%Temp%\nsl4.tmp\nsDialogs.dll	9 728 bytes	MD5: 0xC10E04DD4AD4277D5ADC951BB331C777 SHA-1: 0xB1E30808198A3AE6D6D1CCA62DF8893DC2A7AD43
8	%Temp%\nsl4.tmp\Processes.dll	36 352 bytes	MD5: 0x2CFBA79D485CF441C646DD40D82490FC SHA-1: 0x83E51AC1115A50986ED456BD18729653018B9619
9	%Temp%\nsl4.tmp\System.dll	11 264 bytes	MD5: 0xC17103AE9072A06DA581DEC998343FC1 SHA-1: 0xB72148C6BDFAADA8B8C3F950E610EE7CF1DA1F8D
10	%Programs%\Zattoo4\Zattoo.lnk	1 543 bytes	MD5: 0xB8501E429AA7444A9C9F36A782FD5BE6 SHA-1: 0x30FFE7A1866DA38DF0E1BFAD3A83C2CF73165307
11	%ProgramFiles%\Zattoo4\App.ico	582 430 bytes	MD5: 0x6BE4417CF102B73F9FE56349981D387C SHA-1: 0x82B3660523EE4BA667979215E74EDAFA1F8F9ADF
12	%ProgramFiles%\Zattoo4\codecs\qcncodecs4.dll	197 632 bytes	MD5: 0x137BE9AD514DC29A7DDF9689DBE09535 SHA-1: 0x5C2B22F287B1ECFD0CB5308FD5FC9DABF5032C98
13	%ProgramFiles%\Zattoo4\codecs\qjpcodecs4.dll	224 768 bytes	MD5: 0xB51AED1FA2F9AAE25D1F77C5BC4880E5 SHA-1: 0x76C562A7DA814B0663386A453F3BE0BF304273C2
14	%ProgramFiles%\Zattoo4\codecs\qkrcodecs4.dll	132 096 bytes	MD5: 0x0FA4F69443D11DF9F11780F98257A738 SHA-1: 0x24B78ACBED7433598904E61F1DDEDB84EC573E49
15	%ProgramFiles%\Zattoo4\codecs\qtwcodecs4.dll	210 432 bytes	MD5: 0x64E94875F90CB7484E28F3253C660DA0 SHA-1: 0xA392412BA99DC00100B60450BF14400932519934
16	%ProgramFiles%\Zattoo4\GetFlashHelper.exe	93 696 bytes	MD5: 0x19075C6274D2C001351C4FF6A4C43A67 SHA-1: 0x8E069DE7B0CF5C65E5031D20F59D373D109BF85B
17	%ProgramFiles%\Zattoo4\imageformats\qgif4.dll	82 944 bytes	MD5: 0x79D5B6E6ED8D163B4BFC7E94CE3744CB SHA-1: 0x4DDAA9479737504DAC2BC81A3365A9A3E8F37F50
18	%ProgramFiles%\Zattoo4\imageformats\qico4.dll	81 920 bytes	MD5: 0x1173839CC2DD346A433ECBCD3E0E3D93 SHA-1: 0x2AF04627280E9E360CC872D0ECE1105479314EEE
19	%ProgramFiles%\Zattoo4\imageformats\qjpeg4.dll	192 000 bytes	MD5: 0x358E6F8929E7C365B6B58F2718EAF330 SHA-1: 0x6E667077A88D165973D6DF47D61B2CAD8285227A
20	%ProgramFiles%\Zattoo4\imageformats\qmng4.dll	350 720 bytes	MD5: 0xF4A7A2249382F11234DC2A807A26A03F SHA-1: 0x821FD10914B59C16058359CD03DF05DD81BFD7F4
21	%ProgramFiles%\Zattoo4\imageformats\qsvg4.dll	72 192 bytes	MD5: 0x0BE4DAC1C0E95E5D39DF8C68F1208BFC SHA-1: 0x831ABBCA01E48E5E658F0E29EA204AFAE302C20C
22	%ProgramFiles%\Zattoo4\imageformats\qtiff4.dll	370 176 bytes	MD5: 0xDBE0489D337B5E4FB8CD9A31B6DC927D SHA-1: 0x993ED51524EC033C77EF8AEA829533A019613769
23	%ProgramFiles%\Zattoo4\libeay32.dll	1 441 323 bytes	MD5: 0xE4063AF347DC2E6D885C3110D70DC16C SHA-1: 0x3C0FE26CAC68F64E3BC9F0F79CE79269A7967C19
24	%ProgramFiles%\Zattoo4\libgcc_s_dw2-1.dll	43 008 bytes	MD5: 0xC4B4409F186DA70FCF2BCC60D5F05489 SHA-1: 0x056663C9FD2851CD64F39D882F6758E7A987BD42
25	%ProgramFiles%\Zattoo4\mingwm10.dll	11 362 bytes	MD5: 0xDBDA60D92E774B4ACB3B1CD71F909426 SHA-1: 0x66BFE06A16025F574323A0CE64DCC7C8216EB56C
26	%ProgramFiles%\Zattoo4\phonon4.dll	306 176 bytes	MD5: 0xBE2FC508AA884AD35F0A31717C804DC3 SHA-1: 0xF496F38E572487E441B5CF60CC63FDD15DC217AA
27	%ProgramFiles%\Zattoo4\Plugins\expat.dll	151 552 bytes	MD5: 0x3F6AB8A1EC06D54D862BD4517C9E971F SHA-1: 0xD064A0A36688FB45212B968719FB14503B42707B
28	%ProgramFiles%\Zattoo4\Plugins\npzattooplugin.dll	155 136 bytes	MD5: 0x8D87538CDA22BAA829DD07E4DC7831AF SHA-1: 0x77CD10DB7788527689B63800192495FF9C6A1EB0
29	%ProgramFiles%\Zattoo4\Plugins\player.dll	1 265 664 bytes	MD5: 0x1F20CE01F193D0D2061DFFA8A651C731 SHA-1: 0x0E2EDA943B66E92F53FCD8004DBC9268497F068F
30	%ProgramFiles%\Zattoo4\QtCore4.dll	2 418 176 bytes	MD5: 0xA973CE522E84885E90FAD1E653C7E854 SHA-1: 0xB83C4865788109517FE2DA3142F66BAF98FECAF6
31	%ProgramFiles%\Zattoo4\QtGui4.dll	9 532 416 bytes	MD5: 0xC70CB7C1B8CA6A17984F73B777E51252 SHA-1: 0xD040E8E394ACBCE5C39B1E03553AA1D94187DE52
32	%ProgramFiles%\Zattoo4\QtNetwork4.dll	1 148 416 bytes	MD5: 0x2D8CF1128C695E79B42F7D99E18BBEDC SHA-1: 0xA0F1208A98A0968E3409CFB3696E99E4CAEE1B3C
33	%ProgramFiles%\Zattoo4\QtOpenGL4.dll	783 360 bytes	MD5: 0xA33D51D1E24B0EABB90AA8F3FE72708B SHA-1: 0xEB6482F660CE08D58C71D348A3CEF61C47777E61
34	%ProgramFiles%\Zattoo4\QtScript4.dll	1 851 392 bytes	MD5: 0xC1FB2B0E4EC5E113707BDD9EB7080466 SHA-1: 0xB530A93A35C8DA6608408C64D158DB681BF31090
35	%ProgramFiles%\Zattoo4\QtWebKit4.dll	0 bytes	MD5: 0xD41D8CD98F00B204E9800998ECF8427E SHA-1: 0xDA39A3EE5E6B4B0D3255BFEF95601890AFD80709
36	%ProgramFiles%\Zattoo4\QtXmlPatterns4.dll	3 962 880 bytes	MD5: 0x843B72AC10FD0CF548B5725CB3457FBB SHA-1: 0x0281E0F000E92107F1BA023A0BDA02984F0127CA
37	%ProgramFiles%\Zattoo4\ssleay32.dll	319 105 bytes	MD5: 0xFF87724FEF11805CF694CCF2040966FB SHA-1: 0x544D3E7B654E0304C8748CE91216E60900A40628
38	%ProgramFiles%\Zattoo4\Zattoo.exe	238 080 bytes	MD5: 0x910FD0CFDCD3ABFE01880DDE8B49C3F9 SHA-1: 0xC9727072A8565F0FAB21343AE2C9B728A645F721
39	[file and pathname of the sample #1]	302 783 bytes	MD5: 0x38C9769F877C9FE876D4CEA744D74644 SHA-1: 0xA18EE4F47FF2CBAFA346C3695376960103AA8023

Notes:

%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.

The following directories were created:

%Temp%\nsl4.tmp
%Programs%\Zattoo4
%ProgramFiles%\Zattoo4
%Temp%\nsa2.tmp
%ProgramFiles%\Zattoo4\codecs
%ProgramFiles%\Zattoo4\imageformats
%ProgramFiles%\Zattoo4\Plugins

Memory Modifications

There were new processes created in the system:

Process Name	Process Filename	Main Module Size
[filename of the sample #1]	[file and pathname of the sample #1]	290 816 bytes
installer.exe	%Temp%\installer.exe	294 912 bytes
GetFlashHelper.exe	%ProgramFiles%\zattoo4\getflashhelper.exe	102 400 bytes

The following modules were loaded into the address space of other process(es):

Module Name	Module Filename	Address Space Details
mingwm10.dll	%ProgramFiles%\Zattoo4\mingwm10.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6FBC0000 - 0x6FBC7000
libgcc_s_dw2-1.dll	%ProgramFiles%\Zattoo4\libgcc_s_dw2-1.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6E940000 - 0x6E950000
QtCore4.dll	%ProgramFiles%\Zattoo4\QtCore4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6A1C0000 - 0x6A414000
QtGui4.dll	%ProgramFiles%\Zattoo4\QtGui4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x65100000 - 0x65A20000
QtNetwork4.dll	%ProgramFiles%\Zattoo4\QtNetwork4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6FF00000 - 0x70020000
QtWebKit4.dll	%ProgramFiles%\Zattoo4\QtWebKit4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x470000 - 0x136F000
QtXmlPatterns4.dll	%ProgramFiles%\Zattoo4\QtXmlPatterns4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x70DC0000 - 0x71190000
phonon4.dll	%ProgramFiles%\Zattoo4\phonon4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x69780000 - 0x697CF000
qcncodecs4.dll	%ProgramFiles%\Zattoo4\codecs\qcncodecs4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x69900000 - 0x69935000
qjpcodecs4.dll	%ProgramFiles%\Zattoo4\codecs\qjpcodecs4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6E500000 - 0x6E53C000
qkrcodecs4.dll	%ProgramFiles%\Zattoo4\codecs\qkrcodecs4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x69080000 - 0x690A5000
qtwcodecs4.dll	%ProgramFiles%\Zattoo4\codecs\qtwcodecs4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x70780000 - 0x707B8000
qgif4.dll	%ProgramFiles%\Zattoo4\imageformats\qgif4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x68F00000 - 0x68F19000
qico4.dll	%ProgramFiles%\Zattoo4\imageformats\qico4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6BDC0000 - 0x6BDD9000
qjpeg4.dll	%ProgramFiles%\Zattoo4\imageformats\qjpeg4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x645C0000 - 0x645F5000
qmng4.dll	%ProgramFiles%\Zattoo4\imageformats\qmng4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x6EFC0000 - 0x6F01B000
qtiff4.dll	%ProgramFiles%\Zattoo4\imageformats\qtiff4.dll	Process name: GetFlashHelper.exe Process filename: %ProgramFiles%\zattoo4\getflashhelper.exe Address space: 0x632C0000 - 0x63320000

Registry Modifications

The following Registry Keys were created:

HKEY_CURRENT_USER\Software\Trolltech
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Program Files
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\%ProgramFiles%\Zattoo4
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\%ProgramFiles%\Zattoo4\imageformats
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:\C:
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:\C:\Program Files
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:\%ProgramFiles%\Zattoo4
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:\%ProgramFiles%\Zattoo4\codecs
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\C:
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\C:\Program Files
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\%ProgramFiles%\Zattoo4
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\%ProgramFiles%\Zattoo4\codecs
HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\%ProgramFiles%\Zattoo4\imageformats

The newly created Registry Values are:

[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\%ProgramFiles%\Zattoo4\imageformats]

qgif4.dll = "2010-02-18T05:07:54 gif"
qico4.dll = "2010-02-18T05:08:14 ico"
qjpeg4.dll = "2010-02-18T05:10:12 jpeg jpg"
qmng4.dll = "2010-02-18T05:09:48 mng"
qtiff4.dll = "2010-02-18T05:10:42 tiff tif"

[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.6\com.trolltech.Qt.QTextCodecFactoryInterface:\%ProgramFiles%\Zattoo4\codecs]

qcncodecs4.dll = "2010-02-18T05:09:24 GB18030 GBK GB2312 CP936 MS936 windows-936 MIB: 114 MIB: 113 MIB: 2025"
qjpcodecs4.dll = "2010-02-18T05:09:24 EUC-JP ISO-2022-JP Shift_JIS JIS7 SJIS MS_Kanji MIB: 18 MIB: 39 MIB: 17"
qkrcodecs4.dll = "2010-02-18T05:09:24 EUC-KR cp949 MIB: 38 MIB: -949"
qtwcodecs4.dll = "2010-02-18T05:09:24 Big5 Big5-HKSCS Big5-ETen CP950 MIB: 2026 MIB: 2101"

[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\%ProgramFiles%\Zattoo4\imageformats]

qgif4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:07:54"
qico4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:08:14"
qjpeg4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:10:12"
qmng4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:09:48"
qsvg4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:10:30"
qtiff4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:10:42"

[HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.6.false\%ProgramFiles%\Zattoo4\codecs]

qcncodecs4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:09:24"
qjpcodecs4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:09:24"
qkrcodecs4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:09:24"
qtwcodecs4.dll = "40602 0 Windows mingw release full-config 2010-02-18T05:09:24"

Other details

There were registered attempts to establish connection with the remote hosts. The connection details are:

Remote Host	Port Number
192.150.16.60	80
192.150.8.45	80
204.0.5.50	80
66.235.138.48	80
91.123.100.68	80

The data identified by the following URLs was then requested from the remote web server:

http://www.adobe.com/go/getflashplayer
http://www.adobe.com/include/img/truste_seal_eu.gif
http://www.adobe.com/ubi/template/identity/adobe/Pane/screen.css
http://www.adobe.com/ubi/template/identity/adobe/Modal.js
http://get.adobe.com/flashplayer
http://get.adobe.com/flashplayer/
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/no-pocket.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/wcms.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/gnav.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/gfooter.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/gfooter_override.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/layout.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/icon.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/data.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/list.menu.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/star.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen/common.css
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/Cookie.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/global.js
http://wwwimages.adobe.com/www.adobe.com/lib/com.adobe/module/SearchBuddy.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/GlobalNav.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/GlobalFooter.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/screen.css?modules=
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/lib/prototype.js
http://wwwimages.adobe.com/www.adobe.com/ubi/template/identity/adobe/print.css
http://download.zattoo.com/Zattoo-4.0.5.exe

All content ("Information") contained in this report is the copyrighted work of Threat Expert Ltd and its associated companies ("ThreatExpert") and may not be copied without the express permission of ThreatExpert.

The Information is provided on an "as is" basis. ThreatExpert disclaims all warranties, whether express or implied, to the maximum extent permitted by law, including the implied warranties that the Information is merchantable, of satisfactory quality, accurate, fit for a particular purpose or need, or non-infringing, unless such implied warranties are legally incapable of exclusion. Further, ThreatExpert does not warrant or make any representations regarding the use or the results of the use of the Information in terms of their correctness, accuracy, reliability, or otherwise.