REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Network Instruments\Observer\Filters\(Virus) SQL Injection - Backdoor.Win32.Buzus.croo]
"szFolder"="Virus Filters"
"szDescr"="The client sid of this conversation may have accessed a compromised Web Page and now is infected with the Buzu.croo Trojan."
"RGBValue"=dword:00800080
"dwVersion"=dword:00000000
"bDeleted"=dword:00000000
"FilterBuffer"=hex:8a,01,00,00,05,00,00,00,1f,00,27,00,00,00,01,00,10,67,00,01,\
  79,0e,88,05,00,00,00,06,00,50,00,00,00,00,00,00,00,00,00,57,00,7e,00,00,00,\
  1f,00,00,75,1d,00,02,00,01,00,06,00,02,00,00,b0,04,00,0e,33,31,38,78,2e,63,\
  6f,6d,2f,61,2e,68,74,6d,01,00,06,00,02,00,00,b0,04,00,25,61,61,31,31,30,30,\
  2e,32,32,38,38,2e,6f,72,67,2f,68,74,6d,6c,61,73,70,2f,64,61,73,70,2f,61,6c,\
  74,2e,68,74,6d,6c,79,00,14,01,f7,00,1f,00,00,5b,3d,00,01,00,01,00,06,00,02,\
  00,00,b0,04,00,2e,68,78,78,70,3a,2f,2f,64,6e,73,2e,77,69,6e,73,64,6f,77,6e,\
  2e,63,6f,6d,2e,63,6e,2f,43,6f,75,6e,74,64,6f,77,6e,2f,63,6f,75,6e,74,2e,61,\
  73,70,01,00,06,00,02,00,00,b0,04,00,27,68,78,78,70,3a,2f,2f,77,69,6e,64,6f,\
  77,73,73,70,2e,37,37,36,36,2e,6f,72,67,2f,64,6f,77,6e,2f,64,6f,77,6e,2e,63,\
  73,73,1d,00,00,00,00,00,1f,00,00,64,00,00,00,00,01,00,06,00,02,00,00,64,00,\
  00,04,50,4f,53,54,76,00,00,00,00,00,1f,00,00,fd,37,00,02,00,01,00,06,00,02,\
  00,00,b0,04,00,28,6a,73,2e,74,6f,6e,67,6a,69,2e,6c,69,6e,65,7a,69,6e,67,2e,\
  63,6f,6d,2f,31,33,35,38,37,37,39,2f,74,6f,6e,67,6a,69,2e,6a,73,01,00,06,00,\
  02,00,00,b0,04,00,2a,69,6d,67,2e,74,6f,6e,67,6a,69,2e,6c,69,6e,65,7a,69,6e,\
  67,2e,63,6f,6d,2f,31,33,36,34,30,36,37,2f,74,6f,6e,67,6a,69,2e,67,69,66

[HKEY_LOCAL_MACHINE\Software\Network Instruments\Observer\ProtocolPresetsV9]