Registry Change The following Registry Keys were changed Action Registry Changed [NTUSER/Software/Microsoft/Internet Explorer/Main/Default Feeds] Changed [NTUSER/Software/Microsoft/Internet Explorer/PhishingFilter] Changed [NTUSER/Software/Microsoft/Internet Explorer/Recovery] Traffic – by DNS: n39rfiuewh9uihc.org 146.185.242.131 Traffic – by TCP/IP Connections: 146.185.242.131 80 Traffic – by URL: URL n39rfiuewh9uihc.org/G0X7Z3vtzdpVPR4sBFa95jxTSQYAD82f.tiff n39rfiuewh9uihc.org/tBKNvbQpVYCDRSGmck4nxAaWhX.bmp xandora results here: http://www.xandora.net/xangui/malware/view/692cfa2313899607124752a9f8d88b6d hosting infos: http://whois.domaintools.com/146.185.242.131