FYI, no help required yet.

On daily basis my web site gets visits originated from a small group of ip addresses (see the list below) with an obvious purpose of detecting whether the site is driven by SQL Server that could be hacked in.

The agent is always NV32ts. The query string includes SQL statement:

' And char(124)+(Select Cast(Count(1) as varchar(8000))+char(124) From [sysobjects] Where 1=1)>0 and ''=' 

This is the list. I guess the computers are "enslaved" or the ips are all proxies.

remote_address      remote_host
173.3.94.6          ool-ad035e06.dyn.optonline.net
187.4.29.32         187-4-29-32.cslce700.dsl.brasiltelecom.net.br
189.102.161.44      bd66a12c.virtua.com.br
189.38.144.102      189.38.144.102.user.ajato.com.br
189.62.156.179      bd3e9cb3.virtua.com.br
190.21.67.233       233-67-21-190.adsl.terra.cl
190.246.226.148     148-226-246-190.fibertel.com.ar
190.31.217.220      host220.190-31-217.telecom.net.ar
200.116.157.178     cable200-116-157-178.epm.net.co
200.82.112.217      host217.200-82-112.telecom.net.ar
201.0.9.148         201-0-9-148.dsl.telesp.net.br
212.36.65.37        cmv-2.adam.es
217.201.0.140       217.201.0.140
219.80.4.175        219-80-4-175.static.tfn.net.tw
24.186.115.187      ool-18ba73bb.dyn.optonline.net
58.152.89.219       n058152089219.netvigator.com
64.184.8.97         64-184-8-97.bb.hrtc.net
64.233.247.134      static10.anythingcomputer.evv.wideopenwest.com
74.60.155.153       74-60-155-153.mrc.clearwire-dns.net