0 Members and 12 Guests are viewing this topic.
+---------------------+-------------+-------------+--------------------------------------+---------------+--------------------------------------------+-----------------+----------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+-------------+--------------------------------------+---------------+--------------------------------------------+-----------------+----------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2012-02-07 04:01:03 | sub16 | Rising | Trojan.Win32.Generic.1246BC37 | 1/40 (2.5%) | AS3595 | 69.73.176.160 | abuse@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | 08f801533c1e4b5e50470f2c38f427b2 | http://audio2convert.com/ape-player/download/ape-player-plus.exe || 2012-02-07 04:01:05 | sub16 | avira | ADWARE/Agent.227840.10 | 30/40 (75%) | AS20940 | 92.122.50.186 | abuse@akamai.com | EU | RIPE | EU-AKAMAI-20071113 | b9b5a1c36580d5b880b6ea2883802b35 | http://content3.flingstone.com/Software/MossySky01/775/MossySkyInstaller.exe || 2012-02-06 20:06:54 | sub8 | undef | Trojan-Banker.BAT.Banker.m | 0/40 (0.0%) | AS20738 | 94.136.40.196 | abuse@webfusion.com | GB | RIPE | UK-WEBFUSION-LEEDS | fcdec9906ca506ab6850a9597f2f92f9 | http://www.mercuryew.com/modules/mod_search/ || 2012-02-06 20:06:54 | sub8 | undef | HEUR:Trojan.Win32.Generic | 0/40 (0.0%) | AS16265 | 95.211.13.68 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 588dedf880bd47cc5f0d3435b67468f8 | http://guyanaxxx.com/ideasclaro/ || 2012-02-06 20:06:55 | sub8 | undef | Adware.Agent.NHH | 0/38 (0.0%) | AS35662 | 188.227.187.67 | abuse@redstation.com | GB | RIPE | RSDEDI-MAPCHAPI | ecc6b2d3976c434acd11c235b9498738 | http://yamyam.in/ || 2012-02-06 20:06:57 | sub8 | undef | Trojan/W32.Agent.90624.GK | 0/38 (0.0%) | AS16276 | 188.165.238.109 | abuse@ovh.net | FR | RIPE | OVH | d38880ccdaf3101a41698abba070423a | http://java.it-host.pl/ || 2012-02-06 20:06:58 | sub8 | undef | Trojan-Dropper.Win32.Dapato.aane | 0/40 (0.0%) | AS36351 | 173.192.189.240 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 8b1b5f5e55efddebf851597a01547cf3 | http://pagodeiro10.com.br/web/images/fb/ || 2012-02-06 20:07:02 | sub8 | undef | Trojan-Downloader.Win32.Refroso.afhp | 0/40 (0.0%) | AS35662 | 109.73.75.3 | abuse@dedicatedservercontact.com | GB | RIPE | DSC-PDGMJGPG | b31478ff07e1409950d531ffb9c30d1c | http://109.73.75.3/mirc/ || 2012-02-07 04:20:08 | sub16 | AhnLab_V3 | Trojan/Win32.HDC | 18/40 (45%) | AS29873 | 209.59.218.195 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC02 | b75e78144e3e2db221a1a00fa025a40f | http://consultoria.is-a-blogger.com/Proposta/2viaBoleto.pdf.com || 2012-02-07 04:20:08 | sub16 | avira | TR/Conjar.37376.14 | 27/40 (67.5%) | AS36420, AS30315, AS13749, AS21844 | 67.18.199.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-11 | b97d38646fdf0678457c7a71fe1ad7fa | http://coraltanks.com/inf/mara.exe || 2012-02-07 04:20:08 | sub16 | avira | TR/Crypt.CFI.Gen | 23/40 (57.5%) | AS11798 | 74.220.215.202 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 4cb50178e6f5a18b4e4dfd073e1bc242 | http://cottonhouse.com.sg/SpryAssets/gold/img/new/jammms/Documento_PLANILHA-DOCX.scr || 2012-02-07 04:20:08 | sub16 | Avast | Win32:Adware-gen [Adw] | 15/40 (37.5%) | AS21788 | 64.191.99.186 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | cd10637ec18a11065074bf7aa4b8cca2 | http://digitalproductsreview.net/download/cbbar.exe || 2012-02-07 04:20:08 | sub16 | avira | TR/Crypt.XPACK.Gen | 31/40 (77.5%) | AS14618 | 107.20.182.97 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | bdabf62165a628568d309641a8ee9918 | http://dl.dropbox.com/u/52637568/slides_209.com || 2012-02-07 04:20:09 | sub16 | avira | TR/VB.Downloader.Gen | 15/43 (34.9%) | AS14618 | 107.20.182.97 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 455b5e9217da6c3d5f0df71b871f77c1 | http://dl.dropbox.com/u/60575544/Data%20e%20Hora.scr || 2012-02-07 04:20:09 | sub16 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS47328 | 212.124.110.14 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | c89730c3089f2e553341b5e9d8798f5b | http://door.kdn-ke.net/content/adfp2.php?f=23 || 2012-02-07 04:20:09 | sub16 | avira | DR/Dldr.Injecter.PW.8 | 17/40 (42.5%) | AS25973, AS35937, AS36025, AS6130, AS15244 | 216.97.225.95 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 3745f163630d157699ce56a41b414adf | http://dvdtomkv.com/download/avaidedvdtomkv.exe || 2012-02-07 04:20:09 | sub16 | avira | TR/Spy.Gen | 2/40 (5%) | AS26347 | 173.236.163.61 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK10 | dbabeb0213e77a570f1a6129b1e993cd | http://feeplay.com/download/online-live-tv.exe || 2012-02-07 04:20:11 | sub16 | AhnLab_V3 | Trojan/Win32.Buzus | 19/40 (47.5%) | AS32613 | 70.38.98.239 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | cd8cc577e78f30a137c3ea6e4eb75182 | http://img105.herosh.com/2012/02/05/841267754.gif || 2012-02-07 04:20:11 | sub16 | Avast | Win32:MediaGet-B [PUP] | 5/40 (12.5%) | AS41947 | 92.241.182.191 | abuse@wahome.ru | RU | RIPE | WAHOME-COLO | 9b5fd93afc5f63ae2ade19df84a23a15 | http://ld.mediaget.com/index.php?reinstall=true || 2012-02-07 03:50:33 | sub5 | avira | PHP/Shellbot.7642 | 33/42 (78.6%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/32597 || 2012-02-07 03:41:19 | sub5 | avira | PHP/Shellbot.7642 | 33/42 (78.6%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt || 2012-02-07 03:46:38 | sub5 | avira | PHP/Shellbot.7642 | 33/42 (78.6%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt? || 2012-02-07 03:47:25 | sub5 | avira | PHP/Shellbot.7642 | 33/42 (78.6%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt? || 2012-02-07 04:30:40 | sub16 | avira | HTML/Rce.Gen | 8/39 (20.5%) | AS36420, AS30315, AS13749, AS21844 | 174.122.1.108 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 39f0aa1dd78a0bf3642626657336283f | http://megacompartilhador.com/?option=com_user || 2012-02-07 03:48:48 | sub5 | avira | PHP/Shellbot.7642 | 33/42 (78.6%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt? || 2012-02-07 04:30:41 | sub16 | avira | HTML/Crypted.Gen | 25/39 (64.1%) | AS23352 | 64.202.115.181 | support@servercentral.net | US | ARIN | SCN-CHG-1 | c8458a63b1498a13a33df327daf7065b | http://monosdepatricio.com/wp-content/uploads/2007/news-200-20081020.html || 2012-02-07 04:30:47 | sub16 | avira | TR/VB.rjo | 27/40 (67.5%) | AS15003 | 108.62.114.141 | abuse@nobistech.net | US | ARIN | NETBLK-NOBIS-TECHNOLOGY-GROUP-09 | 35513ed124cae5e525e6698de25ba34d | http://pic.watersb.com/az/tssqj.php?bd=ef8js0998737eufh389su32jd992j29302fwuwus283&&&&&&&&qid=CzHYBYhdwyehu887378299s || 2012-02-07 04:30:49 | sub16 | avira | JS/iFrame.psa.22 | 22/38 (57.9%) | AS34221 | 217.199.218.172 | dn@quickline.ru | RU | RIPE | QL-LAN-LL1 | a414abfb67880dc4b6f3c68aee7dbee1 | http://qaqalar.net/oxu/index.php?kat=Islam-Dini&view=1 || 2012-02-07 04:30:52 | sub16 | AhnLab_V3 | Trojan/Win32.VBKrypt | 15/40 (37.5%) | AS15201 | 200.98.134.172 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 5420cbe89629912c420adc1e0a1dcbc3 | http://savanbr.com/telegrama.com || 2012-02-07 04:30:52 | sub16 | avira | TR/PSW.37888.A | 20/43 (46.5%) | AS4538 | 202.117.35.252 | dzhang@xjtu.edu.cn | CN | APNIC | XJTU-CN | 626aaedb2fd3cbeabfdc5b8f7a6855c5 | http://sd.xjtu.edu.cn/soft/winrar3.2.exe?POSTNUKESID=a7834fea55aead&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&ampampl || 2012-02-07 04:30:58 | sub16 | avira | ADSPY/NaviPromo.J | 14/40 (35%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 2677336404a435c2e3e69f55bf866a6e | http://toptenreport.com/download/pad-recover-access-database.exe || 2012-02-07 04:30:58 | sub16 | avira | ADSPY/NaviPromo.J | 11/39 (28.2%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | d9525ccc894ecaa09b84511e4735eebe | http://toptenreport.com/iobit/romeoyjulietacigars.exe || 2012-02-07 04:30:58 | sub16 | avira | ADWARE/Relevant.377472 | 11/40 (27.5%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | fd9bc771239d7ec2fd607714be6e5546 | http://toptenreport.com/securityxploded/meebopassworddecryptor_padfile.exe || 2012-02-07 04:31:03 | sub16 | DrWeb | JS.IFrame.189 | 3/40 (7.5%) | AS26753 | 209.151.21.179 | abuse@in2net.com | CA | ARIN | IN2NETWORK | 12086991e8992ac4d1605f1615310eb3 | http://world-english.org/ielts_free_tests.htm || 2012-02-07 05:01:55 | sub16 | avira | TR/Gendal.1788490 | 12/39 (30.8%) | AS19318 | 66.45.226.226 | network@interserver.net | US | ARIN | INTERSERVER | a6d732dd4b460000151a5f3cb448a4be | http://www.phreedom.org/solar/code/tinype/tiny.webdav.133/tiny.exe || 2012-02-06 20:07:11 | sub8 | avira | TR/PSW.Banker.Q.1 | 35/43 (81.4%) | AS32613 | 174.142.75.147 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e81d530bb623f39bb6336e7acf94a0b8 | http://geoffroy-espinasse.infographie-heaj.be/wp-content/uploads/2011/06/WWW.DINERS.COM.BR/ || 2012-02-07 00:32:02 | sub8 | undef | Trojan.Heur.RP.MuW@a8GNrujk | 0/40 (0.0%) | AS18866 | 69.50.209.95 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 53a368253411bdc2b967e18da066b62d | http://www.optinsecretsexposed.com/abs/ || 2012-02-07 00:32:02 | sub8 | undef | File is damaged | 0/40 (0.0%) | AS36351 | 74.86.63.66 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 9257a94f1c413a13497e2542bf93a78b | http://consus.pk/ || 2012-02-07 01:47:12 | sub8 | avira | TR/Ruskill.FD.5 | 29/40 (72.5%) | AS7366 | 199.7.177.228 | abuse@lemuriaco.com | US | ARIN | LEMURIA-COMMUNICATIONS | 6fa0a17c7fba74c47e64e323fe53cfd4 | http://hotfile.com/dl/145328963/2e8c74e/ || 2012-02-07 01:48:08 | sub8 | avira | HTML/Afreim.W | 20/40 (50%) | AS24238 | 118.127.15.26 | noc@dedicatedservers.net.au | AU | APNIC | DEDICATEDSERVERS | fe5ec8af3a72f9d82f07267a64c1454c | http://www.northernbeachespressurecleaning.com.au/ || 2012-02-07 05:20:04 | sub10 | avira | TR/Scar.dsaj | 14/40 (35%) | AS6939 | 65.19.183.224 | abuse@he.net | US | ARIN | HURRICANE-4 | 0f49fdfc450c18d9255e6e35076377d8 | http://65.19.183.224/bak/2.1d/Setup.exe || 2012-02-07 05:20:13 | sub16 | clamav | PUA.Game.Casino-2 | 14/40 (35%) | AS17036, AS22653 | 69.61.74.188 | abuse@cyberwurx.com | US | ARIN | NET-GLOBAL-COMPASS | 501c1017e42ec4cbc1830e126b1f7cf5 | http://www.casinoschule.com/downloads/gamingclubcasino.exe || 2012-02-07 05:20:17 | sub16 | avira | ADSPY/NaviPromo.J | 12/40 (30%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 4002b07dd2322a97f1cce7f56b16de10 | http://www.toptenreport.com/download/MouseSpeedSwitcherProDownloader.exe || 2012-02-07 05:20:24 | sub20 | avira | TR/Downloader.Gen | 28/40 (70%) | AS11798 | 74.220.215.202 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 64d10e656558f023d10f44ae042ef6e7 | http://www.cottonhouse.com.sg/SpryAssets/gold/img/new/cotthouse/l1.zip || 2012-02-07 05:20:24 | sub20 | avira | TR/Crypt.TPM.Gen | 25/40 (62.5%) | AS11798 | 74.220.215.202 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 2ac1c1408e6bdf5db7c532a657d3d205 | http://www.cottonhouse.com.sg/SpryAssets/gold/img/new/cotthouse/l2.zip || 2012-02-07 05:20:24 | sub20 | avira | TR/Dropper.Gen | 23/40 (57.5%) | AS11798 | 74.220.215.202 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 7401c8efb7aadb45934209adf7b43955 | http://www.cottonhouse.com.sg/SpryAssets/gold/img/new/cotthouse/l3.zip || 2012-02-07 05:30:15 | sub16 | F_Prot | File is damaged | 2/40 (5%) | AS32875 | 208.89.208.167 | noc@virpus.com | US | ARIN | VIRPUS-KC-1 | 1bbde1bbb3342052a3f6e6df1e44e5ad | http://beritaberitainspiratif.com/bbi/keren.exe || 2012-02-07 05:30:20 | sub16 | Avast | Win32:MalOb-IK [Cryp] | 8/40 (20%) | AS16276 | 46.105.232.103 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 1c0c0fa53e8b939a291a50e26a37564e | http://imagekiz.com/gvnqqz/ickbgs.exe || 2012-02-07 05:30:20 | sub16 | avira | HTML/Crypted.Gen | 23/39 (59%) | AS39020 | 195.78.228.17 | abuse@comvive.com | ES | RIPE | COMVIVE-NET | db40e19da5a332c565fbc693b9898b66 | http://lingarto.com/extras/taxes/3advanced_search.html || 2012-02-07 05:15:11 | sub5 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | c9a8ef21e8ab7542c607ea2a54664cc7 | http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt?http://fileden.com/files/2012/2/4/3259779//p3dr1n.txt? || 2012-02-07 05:50:16 | sub16 | avira | ADWARE/Relevant.BA.784 | 12/39 (30.8%) | AS29789 | 66.254.123.32 | hostmaster@reflected.net | US | ARIN | REFLECTED-1 | cb2069969338b55c7e4702a52a62dd85 | http://www.sexy-screen-savers.com/downloads/sexyss119.exe || 2012-02-07 06:01:01 | sub16 | Jiangmin | Trojan/Menti.pcq | 2/40 (5%) | AS14618 | 107.20.227.210 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 10e484d75f8a465b13c1759689c723d4 | http://soft.foxtab.com/pdf-reader/gb/sf/?dl=1 || 2012-02-07 06:01:05 | sub16 | Comodo | UnclassifiedMalware | 8/40 (20%) | AS8560 | 74.208.28.204 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 5d244feb715681217c882ec1229f0cd3 | http://www.jv-web.com/reverseph2/Reverse-Telephone-Lookup.exe || 2012-02-07 06:10:12 | sub20 | undef | unknown_exe | 0/40 (0.0%) | AS47856 | 91.206.144.58 | wayne.mitchell@derivco.com | GB | RIPE | DELTA-PRODUCTIONS-NET1-PI-LON-GB | e73c066bc662d3aab2a5dcc9df52e4a4 | http://gamingclub.mgsmup.com/mupp/gamingclub/gamingclub.cab || 2012-02-07 06:20:27 | sub5 | avira | PHP/Shellbot.7642 | 33/43 (76.7%) | AS15201 | 200.98.135.178 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | f73d836e6144b01af41986df4e2b222c | http://200.98.135.178/hehe.txt?]http://200.98.135.178/hehe.txt?] || 2012-02-07 06:06:37 | sub5 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS15201 | 200.98.135.178 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | f73d836e6144b01af41986df4e2b222c | http://200.98.135.178/hehe.txt? || 2012-02-07 06:50:18 | sub16 | avira | ADWARE/Agent.1844787 | 19/38 (50%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 29f1f5523976ca7f8dae14ba5f536cc0 | http://www.toptenreport.com/download/intel.exe || 2012-02-07 07:03:38 | sub5 | avira | PHP/BackDoor.AR | 32/40 (80%) | AS4766 | 125.141.221.80 | abuse@kornet.net | KR | APNIC | KORNET-KR | cf1868d53ebaff2219511089f9eacd88 | http://chungmac.co.kr/data/id2.jpg?? || 2012-02-07 07:50:05 | sub10 | avira | TR/Spy.186368.31 | 22/40 (55%) | AS16276 | 178.32.144.85 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | 8b2126f8dd34ae08dacba7e0ceb5f00e | http://tam.fl0w.ws/tam.exe || 2012-02-07 07:50:18 | sub16 | avira | ADSPY/NaviPromo.J | 4/40 (10%) | AS36351 | 50.22.80.58 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-9 | 7a9f0e2f3f9aa389e51ba84cf04e5360 | http://www.vsevensoft.com/downloads/FLACPlayerSetup.exe || 2012-02-07 08:20:06 | sub10 | avira | TR/Buzus.AS.11 | 25/42 (59.5%) | AS35622 | 84.247.61.25 | Honoriu.Lazar@telemobil.ro | ro | RIPE | TELEMOBIL-SA | dd0bcd657af594f2171474682244fa92 | http://84.247.61.25/mp3/bkmnki3njfd.exe || 2012-02-07 08:20:20 | sub16 | AVG | Generic17.ADIV | 4/42 (9.5%) | AS30496 | 67.222.10.19 | noc@privatesystems.net | US | ARIN | PRIVATE-1 | 765007759b9ea04875162518eebad398 | http://www.flash2x.net/downloads/exe_packager_setup.exe || 2012-02-07 08:30:37 | sub10 | avira | TR/Buzus.AS.11 | 24/39 (61.5%) | AS41390 | 195.3.145.44 | abuse@altnet.lv | LV | RIPE | ALTNET-LV | dd0bcd657af594f2171474682244fa92 | http://rodelen.in/bdnj3romvgk.exe || 2012-02-07 08:30:37 | sub10 | avira | TR/Kazy.54594 | 27/42 (64.3%) | AS41390 | 195.3.145.44 | abuse@altnet.lv | LV | RIPE | ALTNET-LV | a39eb24c9994249687cf515cbc579742 | http://rodelen.in/bgtrfk5romdf.exe || 2012-02-07 07:07:03 | sub8 | undef | WebToolbar.Win32.RK.cb | 0/40 (0.0%) | AS16276 | 178.32.144.85 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | 6f5c7b058213bb7e9d509f544d3db09b | http://tam.fl0w.ws/ || 2012-02-07 09:30:45 | sub10 | K7AntiVirus | Trojan | 4/40 (10%) | AS21788 | 66.96.243.146 | abuse@hostnoc.net | US | ARIN | NOC | 0798e5d9817bfe72621e4c37b15ba091 | http://loliloli.01g.info/24.exe || 2012-02-07 09:30:46 | sub10 | BitDefender | Trojan.Generic.KD.527797 | 6/40 (15%) | AS24238 | 118.127.15.26 | noc@dedicatedservers.net.au | AU | APNIC | DEDICATEDSERVERS | 8ee61ac475c42beef0165fca2d61194d | http://northernbeachespressurecleaning.com.au/report.pdf.exe || 2012-02-07 09:40:05 | sub15 | AVG | Generic27.ET | 12/38 (31.6%) | AS12824 | 62.129.210.129 | abuse@home.pl | PL | RIPE | HOMEPL | 2e4c8d1c4cb06421d10f5a08247cd2ab | http://time4men.pl/components/com_jmultimedia/assets/thumbs/phpthumb/albums.php? || 2012-02-07 09:40:05 | sub15 | avira | ADWARE/Agent.NHW | 7/38 (18.4%) | AS16276 | 46.105.174.26 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 1d1c28f83b984e5665ed5b8d33fdec9b | http://dlfr.pctuto.com/clib/pctuto/fr/tutoccleaner001_02/pctuto.exe || 2012-02-07 10:00:43 | sub1 | AhnLab_V3 | Trojan/Win32.Jorik | 16/40 (40%) | AS14441, AS19871, AS6245 | 205.178.132.150 | noc@networksolutions.com | US | ARIN | NTSL-01 | 7922b26dfa1eed20b6fd1cd5d7d3819c | http://00004xv.previewcoxhosting.com/n4tARxMx/crnosok.exe || 2012-02-07 10:00:44 | sub1 | Avast | Win32:OpenInstall-D [PUP] | 3/42 (7.1%) | AS33597 | 72.21.214.144 | noc@amazon.com | US | ARIN | AMAZON-02 | 6ca1a33707ef05b9d3d6a53cd1d2bed8 | http://dl02.s3.amazonaws.com/installers/805747/oi_FreeDVDVideoConverterexe.exe || 2012-02-07 10:00:46 | sub1 | avira | TR/Dropper.Gen | 25/40 (62.5%) | AS4812 | 61.152.239.21 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 6d235e79a884bd322d1ceeaf01b55196 | http://gml.ns02.us/d/r.exe || 2012-02-07 10:00:46 | sub1 | avira | WORM/Palevo.HG.2 | 27/38 (71.1%) | AS4812 | 61.152.239.21 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 23afcc291a9bfd06ab88ab084e0c3086 | http://gml.ns02.us/d/t.exe || 2012-02-07 10:00:47 | sub1 | avira | TR/Dldr.IstBar.bg.1 | 35/40 (87.5%) | AS14720 | 66.152.93.119 | noc@gammanetworking.com | CA | ARIN | GAMMANET-BLK1 | 9aba3696992499b5f6d764095981b4ef | http://www.slotch.com/ist/softwares/bundlers/bundler_adlogix.exe || 2012-02-07 10:30:49 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 12/43 (27.9%) | AS9143 | 134.3.105.188 | bitbucket@ripe.net | EU | AFRINIC | IANA-BLK | 0f6af16bbd44f88f4b105337a20bf0a8 | http://cnbromoribn.com/content/adp1.php?f=26 || 2012-02-07 10:31:04 | sub16 | avira | ADSPY/NaviPromo.J | 7/43 (16.3%) | AS41550 | 91.207.44.10 | abuse@hostbizua.com | UA | RIPE | FUIR-MNT | 9bd5767ee7d9778b5d2e14872da1d4d4 | http://falcogames.com/SmileyAdventureSetup.exe || 2012-02-07 10:31:15 | sub16 | avira | ADWARE/Agent.1911306 | 7/43 (16.3%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | ec655b37c19ca430857fdc15325c75ab | http://www.toptenreport.com/download/disk-defrag-setup.exe || 2012-02-07 08:34:04 | sub8 | avira | HTML/Afreim.W | 20/40 (50%) | AS24238 | 118.127.15.26 | noc@dedicatedservers.net.au | AU | APNIC | DEDICATEDSERVERS | fe5ec8af3a72f9d82f07267a64c1454c | http://northernbeachespressurecleaning.com.au/ || 2012-02-07 11:18:36 | sub16 | BitDefender | Trojan.JS.Redirector.UA | 7/37 (18.9%) | AS8386 | 195.87.101.92 | abuse@koc.net | TR | RIPE | TR-KOCNET-960726 | de23674808d06e473270d61b696ae44a | http://babilhotel.com/iSWRFbUF/index.html || 2012-02-07 11:18:47 | sub16 | avira | ADSPY/NaviPromo.J | 8/43 (18.6%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | c5d59e894951c0f21642bb1b86fba434 | http://www.toptenreport.com/download/rdsdigital.exe || 2012-02-07 11:29:16 | sub1 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS28753 | 78.159.115.55 | abuse@leaseweb.de | DE | RIPE | NETDIRECT-NET | 8e2319127b4657b2d24ac3833fe896f7 | http://50.list.themediafinder.com/files || 2012-02-07 11:29:16 | sub1 | Avast | JS:ScriptIP-inf Trj | 2/40 (5%) | AS18779 | 68.68.101.251 | abuse@egihosting.com | US | ARIN | EGIHOSTING-3 | cc4de96fad29edd25a11b18ad949b48b | http://ac.myffn.info:251/rfrfrfrfrf.php?gg=a1&tt=26&ur=1&a93def34e59ca9943084332133b151c032b540dd || 2012-02-07 11:29:16 | sub1 | avira | TR/Crypt.XPACK.Gen | 23/38 (60.5%) | AS4134 | 121.14.152.152 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 41ba0e75b65ce4537782a03cafb79f97 | http://al.Sdflt.Com:76/Lo01.js || 2012-02-07 11:29:16 | sub1 | avira | TR/Dropper.Gen | 30/38 (78.9%) | AS4134 | 121.14.152.152 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | ce32339db432b84515c116709eda6afa | http://al.Sdflt.Com:76/Lo02.js || 2012-02-07 11:30:15 | sub23 | BitDefender | Trojan.Ransom.FA | 9/38 (23.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8b17f9810a72f7bd5557e444520988eb | http://os8128.ru/files/1258 || 2012-02-07 11:30:22 | sub23 | BitDefender | Trojan.Ransom.FA | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4dcab60f4ed1dd4d93d3feef8869454a | http://os8128.ru/files/1259 || 2012-02-07 11:30:23 | sub1 | undef | unknown_exe | 0/41 (0.0%) | AS36351 | 74.86.63.66 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 65f4b1b4054124060830495d6753f14a | http://www.consus.pk/chin.exe || 2012-02-07 11:30:23 | sub1 | undef | unknown_exe | 0/41 (0.0%) | AS12310 | 80.86.106.18 | abuse@ines.ro | RO | RIPE | INES-DATACENTER-NET | 65f4b1b4054124060830495d6753f14a | http://www.buletindeprima.ro/chin.exe || 2012-02-07 11:30:23 | sub1 | undef | unknown_exe | 0/38 (0.0%) | AS18450 | 173.231.38.131 | NOC@webnx.com | US | ARIN | WEBNX-BLK-3 | 65f4b1b4054124060830495d6753f14a | http://www.indosu.com/chin.exe || 2012-02-07 11:30:23 | sub1 | eSafe | Win32.Artemis | 6/40 (15%) | AS26505 | 200.124.131.116 | noc@E-COMMERCEPARK.COM | AN | LACNIC | AN-ECPN-LACNIC | aab82c4076268a66efef376eef3105e0 | http://www.casinocontroller.com/uploads/clientfiles/Superior/Loader.exe || 2012-02-07 11:30:23 | sub1 | Jiangmin | TrojanDropper.Injector.ich | 12/40 (30%) | AS38661 | 114.141.14.19 | luvyong@hclc.co.kr | KR | APNIC | HCLC-KR | 1869ae7b8ff9f4715608f8a92c3dc3a2 | http://www.aceinfosys.co.kr//bbs/data/update/34upjmrlzz.exe || 2012-02-07 11:07:43 | sub5 | trendmicro | PHP_REMOTEAD.SM | 18/40 (45%) | AS32613 | 174.142.68.231 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 7d1fca693482c117f86573893c3cfc62 | http://infecteur.servebeer.com/e107/id.txt? || 2012-02-07 11:08:07 | sub5 | avira | PHP/C99Shell.F | 30/40 (75%) | AS32613 | 174.142.68.231 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d9644cf8ae6487762297270f8df79bae | http://infecteur.servebeer.com/rfildisql/c2d.gif?? || 2012-02-07 11:08:15 | sub5 | avira | PHP/Small.C | 23/40 (57.5%) | AS32613 | 174.142.68.231 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6e92cb6b090d8e99b3d8a2b147f598be | http://infecteur.servebeer.com/rfildisql/dd.gif?? || 2012-02-07 11:31:01 | sub24 | avira | BDS/Sinowal.6553621 | 34/41 (82.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 62a9a3fa0af2372852e5270324207491 | http://108.59.12.138/files/103 || 2012-02-07 11:31:01 | sub24 | avira | BDS/Sinowal.6553621 | 30/41 (73.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | afb0e22b472be5e2a5a352efc76f1726 | http://108.59.12.138/files/104 || 2012-02-07 11:31:01 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 82406b34a990637c9fee67a0ce2628a6 | http://108.59.12.138/files/110 || 2012-02-07 11:31:01 | sub24 | avira | BDS/Sinowal.6553621 | 30/38 (78.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 6271883a931ecd660cba267d2e6f3e16 | http://108.59.12.138/files/111 || 2012-02-07 11:31:01 | sub24 | avira | BDS/Sinowal.655361 | 31/38 (81.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | cbf131ff6efe5faf367d9f7e4ce47593 | http://108.59.12.138/files/112 || 2012-02-07 11:31:01 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/38 (7.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 67b3c02f4f866ffe300d459daebd129a | http://108.59.12.138/files/122 || 2012-02-07 11:31:01 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/38 (7.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 31bf2c744b1e771587bfa527326ada16 | http://108.59.12.138/files/123 || 2012-02-07 11:31:01 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | f8cef7856fd46c74da9844173a2c3503 | http://108.59.12.138/files/124 || 2012-02-07 11:31:01 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | a1a09a8a566c75a13c2aaa6090d47d4f | http://108.59.12.138/files/125 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 5cfa3a3dd77517fe289c561c4e14242e | http://108.59.12.138/files/126 || 2012-02-07 11:31:02 | sub24 | TrendMicro | PAK_Generic.012 | 2/40 (5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 01bd155395fdf0fa5ac4941c8956ab2d | http://108.59.12.138/files/127 || 2012-02-07 11:31:02 | sub24 | TrendMicro | PAK_Generic.012 | 2/40 (5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 49189d9efad56d52618d9f07cfc1c5df | http://108.59.12.138/files/128 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/38 (7.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 21f9ef9c128919920fa59a5dba9cffe2 | http://108.59.12.138/files/129 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 11/38 (28.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | c12610ebbf40f94cec25135d90b8a116 | http://108.59.12.138/files/130 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/38 (7.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 68d64e8e10eefadcff5344edf8ef1c7a | http://108.59.12.138/files/131 || 2012-02-07 11:31:02 | sub24 | BitDefender | Gen:Variant.Kazy.54934 | 9/38 (23.7%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 8e4791cf54ac8b07b528f41fc7a8ca51 | http://108.59.12.138/files/132 || 2012-02-07 11:31:02 | sub24 | TrendMicro | PAK_Generic.012 | 2/38 (5.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 2dcb5e332443494a8d29abab301b180c | http://108.59.12.138/files/133 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 11/38 (28.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 1a969279a17345562ebdb99386900808 | http://108.59.12.138/files/134 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/38 (7.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 1fd5fe19e05f7fad05f410bc1465e511 | http://108.59.12.138/files/135 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 11/38 (28.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 48e60eaf37f273164c9fea338c63744f | http://108.59.12.138/files/136 || 2012-02-07 11:31:02 | sub24 | TrendMicro | PAK_Generic.012 | 2/40 (5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 2e9bad9246dbc9908e5407f1c1698cc7 | http://108.59.12.138/files/137 || 2012-02-07 11:31:02 | sub24 | BitDefender | Gen:Variant.Kazy.54932 | 10/40 (25%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 3c5b1079c50e0e6f7fc95f58280f0dc1 | http://108.59.12.138/files/138 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | f39da1e89e45e7240adae73b430d69ff | http://108.59.12.138/files/139 || 2012-02-07 11:31:02 | sub24 | BitDefender | Gen:Variant.Kazy.54934 | 9/40 (22.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | c47876bcddb54a8f0662bfef26922bdf | http://108.59.12.138/files/140 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 885fc45d25019bfa785d9cf31a4074ec | http://108.59.12.138/files/141 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 11/40 (27.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | bcd248019b60c8944dd97f4956b1a1bb | http://108.59.12.138/files/142 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 61df6676af3b7207a5d7a5855cccd5ee | http://108.59.12.138/files/143 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 12/43 (27.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 026fa2943d264d3a37cb34dc0d8bfc36 | http://108.59.12.138/files/144 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 8d975df66aeef5d98331e139031628d4 | http://108.59.12.138/files/145 || 2012-02-07 11:31:02 | sub24 | BitDefender | Gen:Variant.Kazy.54934 | 10/40 (25%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | cb87fe18f7a2ae847ae095a7c3054326 | http://108.59.12.138/files/146 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 199d7f51b5bd1ee0b91d7290bdbdc6a0 | http://108.59.12.138/files/147 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.yaklz | 28/40 (70%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 9cd9b4cbfb978199272cb8ce5cf33d57 | http://108.59.12.138/files/148 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 7501cfc4fcd8465fc78eafacaa5a04ab | http://108.59.12.138/files/149 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.yaklz | 28/40 (70%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | b49b27e2a48321800715246b4c3c3665 | http://108.59.12.138/files/150 || 2012-02-07 11:31:02 | sub24 | Comodo | TrojWare.Win32.FakeAV.HH | 3/40 (7.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 4933d3d05088ecd05e4aedffe1531342 | http://108.59.12.138/files/151 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen | 4/43 (9.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 4c7624c181f684d534311f2eded7f3e7 | http://108.59.12.138/files/152 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen | 4/43 (9.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | a4360eff0f413cda92195c78516dfd1c | http://108.59.12.138/files/153 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 10/38 (26.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 4b23109e321cf61a5decaadd19dbccb9 | http://108.59.12.138/files/154 || 2012-02-07 11:31:02 | sub24 | TrendMicro | PAK_Generic.012 | 2/38 (5.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 81dd727d2911df745505bac4dbb967c1 | http://108.59.12.138/files/155 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen | 12/38 (31.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | f88deaeb24ee0ae8f783ed61c8508b37 | http://108.59.12.138/files/17 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 34/38 (89.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | f07fd4d1157cbed4f1b8152b7ea765b0 | http://108.59.12.138/files/18 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen2 | 34/38 (89.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 2412f0d6bd88d3cc376c89c0ab582e4e | http://108.59.12.138/files/19 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.ozzda | 39/42 (92.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 93c2bc0f80feeaf160e87cbe385b1a6c | http://108.59.12.138/files/27 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | ca3009282bc7f3d45493f4ce00ea5bba | http://108.59.12.138/files/35 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 29/38 (76.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | d4920ab60232de8ed8569723b3bf0620 | http://108.59.12.138/files/36 || 2012-02-07 11:31:02 | sub24 | Antiy_AVL | Trojan/win32.agent.gen | 14/41 (34.1%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | fddb6811a76c2368979a63babd9c2fcf | http://108.59.12.138/files/44 || 2012-02-07 11:31:02 | sub24 | avira | TR/Sisproc.A.224 | 29/38 (76.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | ea09ae97aa2250af94aa003f9e23db66 | http://108.59.12.138/files/57 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 31/38 (81.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | cdd751004eb1e63b9b24d95d85c9c654 | http://108.59.12.138/files/64 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 29/38 (76.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 2fe175a20172989dbb9ea3714eb6a5d9 | http://108.59.12.138/files/65 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | db39073af41b22b392db36591b0b1e08 | http://108.59.12.138/files/68 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/38 (78.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | d25a2b0d12b6f82c581d19fa8b25b7e1 | http://108.59.12.138/files/69 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 31/38 (81.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | f0bacb6c7f6c60e761223b3a6f82c092 | http://108.59.12.138/files/70 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/38 (78.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 68a8ae806e9a2ffdfdc1ca10899a1d31 | http://108.59.12.138/files/71 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | b57d7f690d0495cd8b2d011256fffb81 | http://108.59.12.138/files/72 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/38 (78.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 5b669bf34f09ae4e9306e5e621bb8c45 | http://108.59.12.138/files/73 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 31/38 (81.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | b01c55e4d1e11790e67979f0a2b5b60f | http://108.59.12.138/files/74 |+---------------------+-------------+-------------+--------------------------------------+---------------+--------------------------------------------+-----------------+----------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+150 rows in set (0.01 sec)
+---------------------+-------------+------------------+----------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+------------------+----------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+| 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/43 (74.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 618852a9688752e99a85889312083d29 | http://108.59.12.138/files/75 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 33/40 (82.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 82a1c54181f174ac5d06dc38f1e4480a | http://108.59.12.138/files/76 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 31/43 (72.1%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 719b0709ea09dcd8c9d50eae5c770ab4 | http://108.59.12.138/files/77 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 35/43 (81.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 623a4dc680fcaff0a76340506987967e | http://108.59.12.138/files/78 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/43 (74.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 96f9c4981ffbbf80a05221e98eee6514 | http://108.59.12.138/files/79 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 35/43 (81.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 19b609dc7a82cfe81c45104cab1de330 | http://108.59.12.138/files/82 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 35/43 (81.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | ff9771364d6b581fcfda73c1b41c4b6a | http://108.59.12.138/files/83 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/43 (74.4%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 5102d4395b1606830b9394e4ebf21281 | http://108.59.12.138/files/84 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/40 (75%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 2c80bcb8cc928a797f52a1b6502c2de8 | http://108.59.12.138/files/85 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/40 (80%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | c2bece44583c93e8c25644c5bf6b6915 | http://108.59.12.138/files/86 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 31/40 (77.5%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 1b1222f041e7d7239038c450b7234f3b | http://108.59.12.138/files/87 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 60d2541c525885146b9a058599a5bb4a | http://108.59.12.138/files/88 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 29/38 (76.3%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | bd60d264b5fe01de4a0fc45910f3a33a | http://108.59.12.138/files/89 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 32/38 (84.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 8a09239dcadd97e62cfda5a930658ca1 | http://108.59.12.138/files/90 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/38 (78.9%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | dce91ccba6e25579a083da030967d7cc | http://108.59.12.138/files/91 || 2012-02-07 11:31:02 | sub24 | avira | TR/Crypt.XPACK.Gen3 | 15/41 (36.6%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 0581f214778d7886aecfca63a77a6919 | http://108.59.12.138/files/96 || 2012-02-07 11:31:02 | sub24 | avira | BDS/Sinowal.6553621 | 30/41 (73.2%) | AS30633 | 108.59.12.138 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 48eac6ba0723aba0f0e594541d9128c9 | http://108.59.12.138/files/99 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 363a138dfbfee22aa7040608b7cd824f | http://178.170.147.21/content/adfp2.php?f=147 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | e7db65a8bad6bf7a15679eba749df906 | http://178.170.147.21/content/adfp2.php?f=180 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | bf0d8fa30f0d9722417cec573671f553 | http://178.170.147.21/content/adfp2.php?f=238 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 5b92de7ec471a3082e9ecd67ea2f41ed | http://178.170.147.21/content/adfp2.php?f=266 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 11/41 (26.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | aebde544ff6d986e2eea9dae7dd45b72 | http://79.137.237.66/content/adfp1.php?f=65 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a07ba8d92712782d45ca46cc46e51ebe | http://79.137.237.66/content/adfp2.php?f=134 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | f95368d68e866498ded5cf625ecd7c14 | http://79.137.237.66/content/adfp2.php?f=183 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 5d3ee59aeb20c34d2bf3e7221aa7edce | http://79.137.237.66/content/adfp2.php?f=221 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 26d459af2e8ce62a600852c6e2314812 | http://79.137.237.66/content/adfp2.php?f=246 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 963f429f37ae4c5851d3e4451be3eb73 | http://79.137.237.66/content/adfp2.php?f=271 || 2012-02-07 11:31:02 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | eb998c192d80572351fa236b53ef900d | http://79.137.237.66/content/adfp2.php?f=54 || 2012-02-07 11:31:02 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a36421bed25c5d06eb1898a328b0cec4 | http://79.137.237.66/content/fdp2.php?f=158 || 2012-02-07 11:31:02 | sub16 | Avast | Win32:Adware-gen [Adw] | 8/38 (21.1%) | AS19318 | 209.159.146.144 | network@interserver.net | US | ARIN | INTERSERVER | 70e2c218cda4a7ac6768219299191ecd | http://download.easypdfreader.com/files/sn-ddd-easypdfreader.exe?channel=softwaresubmit || 2012-02-07 11:31:02 | sub16 | avira | ADWARE/Agent.2567867.2 | 12/38 (31.6%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | aba2af95bc5474cb253db49c2af8922d | http://www.dvdbackupexpress.com/sdownload/MagicGames.exe || 2012-02-07 11:40:08 | sub7 | avira | SPR/Tool.Hacktool.Script.C | 11/38 (28.9%) | AS36351 | 74.86.179.82 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 3da1f8c377f378754f6871f25e023da8 | http://www.masterelogios.com.br/components/com_content/models/fogo.txt? || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | db07913d18cf93f8f2ef9d451fdc5c27 | http://178.170.147.21/content/adfp2.php?f=295 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | e3a173dab0789d1e49da605b97f17649 | http://79.137.237.66/content/adfp2.php?f=155 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | da677dc56d737227c836d49208aa4675 | http://79.137.237.66/content/adfp2.php?f=179 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | f91c335edabc62de8d3186cbf3a9358d | http://79.137.237.66/content/adfp2.php?f=223 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 1ee58daba1a2817c6d313a061103b941 | http://79.137.237.66/content/adfp2.php?f=24 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 084478d6c3945a86fbc0bbcad597ca61 | http://79.137.237.66/content/adfp2.php?f=261 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | c1d3e3a2147e2607049ccdeeea7f3660 | http://79.137.237.66/content/adfp2.php?f=298 || 2012-02-07 11:40:25 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8fa95aa579c890857100cf3a35d42733 | http://79.137.237.66/content/adfp2.php?f=87 || 2012-02-07 11:40:25 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | ac2119c139811fa069a4007b64f27f8e | http://79.137.237.66/content/fdp2.php?f=133 || 2012-02-07 11:40:25 | sub24 | avira | EXP/Pidief.atm | 19/39 (48.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 67b176d57dba398849f805063db47acf | http://79.137.237.66/content/fdp2.php?f=160 || 2012-02-07 11:40:25 | sub24 | avira | EXP/Pidief.atm | 19/39 (48.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 758791ec5b805f0977b9a0dc21949b5c | http://79.137.237.66/content/fdp2.php?f=186 || 2012-02-07 11:40:25 | sub24 | BitDefender | Trojan.Ransom.FA | 9/38 (23.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8b17f9810a72f7bd5557e444520988eb | http://79.137.237.66/files/1258 || 2012-02-07 11:40:25 | sub24 | BitDefender | Trojan.Ransom.FA | 8/41 (19.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4dcab60f4ed1dd4d93d3feef8869454a | http://79.137.237.66/files/1259 || 2012-02-07 10:16:23 | sub8 | undef | Trojan.Win32.Yakes.ouv | 0/40 (0.0%) | AS16276 | 46.105.174.27 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 68d0aff604ad0ff1d160ade6cf139111 | http://dlfr.pctuto.com/clib/pctuto/fr/tutoccleaner001_02/ || 2012-02-07 12:10:06 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 2/43 (4.7%) | AS36420, AS30315, AS13749, AS21844 | 174.120.202.61 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 6ffe75b20b3831228b9ef7081f786fd4 | http://mindtoheartinstitute.com/Lifecoachmiamicalcu.exe || 2012-02-07 12:10:06 | sub16 | DrWeb | Trojan.KillProc.13765 | 1/41 (2.4%) | AS21844 | 74.52.78.82 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | df1e3c5e64abed2136ebba45381d334d | http://www.symptomsofpanicattacks.org/software/symptomsofpanicattacks.exe || 2012-02-07 12:10:08 | sub10 | Jiangmin | TrojanDropper.Injector.ich | 12/43 (27.9%) | AS38661 | 114.141.14.19 | luvyong@hclc.co.kr | KR | APNIC | HCLC-KR | 1869ae7b8ff9f4715608f8a92c3dc3a2 | http://aceinfosys.co.kr//bbs/data/update/34upjmrlzz.exe || 2012-02-07 12:20:04 | sub16 | eSafe | Win32.MiscDigRiver | 6/43 (14%) | AS35916 | 204.13.155.243 | noc@multacom.com | US | ARIN | 2GMCORPNET1 | 440fa8f3e25fa8b0317448cc66736258 | http://www.allconvertertools.com/download/appletvconvsuite.exe || 2012-02-07 12:40:36 | sub16 | Comodo | Heur.Suspicious | 2/42 (4.8%) | AS29873 | 66.96.131.4 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | a889d8ad71c36a1248ddb900c97a0ec3 | http://www.godsw.com/download/fileaccesshelper.exe || 2012-02-07 12:41:00 | sub16 | avira | TR/VB.Downloader.Gen | 15/40 (37.5%) | AS3356 | 8.23.224.90 | abuse@level3.com | US | ARIN | LVLT-ORG-8-8 | 455b5e9217da6c3d5f0df71b871f77c1 | http://festa-abelvolks.servemp3.com/ || 2012-02-07 12:50:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 73446a64e91b162da718bc5d2acc055f | http://178.170.147.21/content/adfp2.php?f=188 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 60f8221335940f9b3265e43fc18808e1 | http://178.170.147.21/content/adfp2.php?f=296 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 12/40 (30%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4a465b7783a6dfb9237733d7935496ae | http://79.137.237.66/content/adfp1.php?f=69 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/41 (22%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 00f445732df2056d375739810d39cea6 | http://79.137.237.66/content/adfp2.php?f=128 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 582e259fd2d79df5d8055cf9f5f952f8 | http://79.137.237.66/content/adfp2.php?f=235 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 9c8a1a8c18cc083055fe7270c971f8ac | http://79.137.237.66/content/adfp2.php?f=259 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 89ca907d9d30d3fcf81584b25847d787 | http://79.137.237.66/content/adfp2.php?f=294 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 9/40 (22.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 3e154072862f8d71693d9c4fde4e7f76 | http://79.137.237.66/content/adfp2.php?f=55 || 2012-02-07 12:50:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 8/38 (21.1%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4184556da4d3979d50d4764202da17d9 | http://79.137.237.66/content/adfp2.php?f=86 || 2012-02-07 12:50:07 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 51c5eb679768bf9de801364be9f8baa5 | http://79.137.237.66/content/fdp2.php?f=138 || 2012-02-07 12:50:07 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | c9ff187c5f3be2987c719ea545cdc1cd | http://79.137.237.66/content/fdp2.php?f=166 || 2012-02-07 12:49:14 | sub17 | undef | unknown_exe | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 209.62.92.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-16 | eac602db371312e28ae902eeb099d573 | http://www.run.ir || 2012-02-07 13:20:05 | sub16 | avira | ADWARE/Relevant.G.1 | 3/43 (7%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 59828fff803ac4cbc26fbd601a532307 | http://www.dvdbackupexpress.com/gdownload/fishdom.exe || 2012-02-07 12:49:13 | sub17 | undef | unknown_exe | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 209.62.92.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-16 | a6425ad2cfccf452f754a4a77b0785a5 | http://www.pnntv.ir/ahs.html || 2012-02-07 13:30:05 | sub16 | avira | ADSPY/NaviPromo.J | | AS41550 | 91.207.44.10 | abuse@hostbizua.com | UA | RIPE | FUIR-MNT | b2a568dff3b06fd86928bdf7b31b741a | http://falcogames.com/51HpSetup.exe || 2012-02-07 13:30:17 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 12/40 (30%) | AS9891 | 203.170.193.102 | ip_admin@csloxinfo.net | TH | APNIC | idc-csloxinfo | 0260eaf199de623e37dde9317c21cb94 | http://tr.hyundaita.com/content/adp1.php?f=16 || 2012-02-07 12:49:09 | sub17 | undef | unknown_exe | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 209.62.92.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-16 | eac602db371312e28ae902eeb099d573 | http://www.bicycling.ir || 2012-02-07 13:42:05 | sub16 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS34011 | 46.252.25.144 | abuse@ispgateway.de | DE | RIPE | DOMAINFACTORY-20110519 | a1fcdf1b1a025ad541ba8ace993b7bb5 | http://0l3.de/ || 2012-02-07 13:42:06 | sub16 | AVG | JS/Downloader.Small | 4/40 (10%) | AS26347 | 69.163.224.131 | netops@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | 44909c5bf88ca6b4edd5193ac6c55076 | http://1227.com/ || 2012-02-07 13:42:06 | sub16 | undef | unknown_html_RFI_shell | 0/39 (0.0%) | AS4808 | 202.142.24.155 | 9549816@qq.com | CN | APNIC | BCIS | 498cb6366953ed15cdf98ab14c7eda43 | http://202.142.24.155/redir.php?inv=yusmeryt2006%40hotmail.com || 2012-02-07 13:42:06 | sub16 | Avast | HTML:Iframe-NO [Trj] | 8/38 (21.1%) | AS30083 | 69.64.36.78 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | 207687553cfc2dd492a0a80568943f8f | http://7-furniture.com/ || 2012-02-07 13:42:06 | sub16 | McAfee_GW_Editio | Heuristic.LooksLike.HTML.Suspicious-URL.H | 1/39 (2.6%) | AS33182 | 64.37.52.211 | abuse@dimenoc.com | US | ARIN | DIMENOC-NETWORK | 529a4eff0a7534e39f55d2d96afebb89 | http://akasya-apart.info/ || 2012-02-07 13:42:06 | sub16 | avira | TR/Dropper.Gen | 30/40 (75%) | AS4134 | 121.12.172.134 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 05f8c4810eb801eaa1fb2dcc9b5535a5 | http://amg.421991.com:51/Gvod.exe || 2012-02-07 13:42:07 | sub16 | avira | HTML/Afreim.W | 19/31 (61.3%) | AS39234 | 87.238.163.159 | stein@stone-is.com | BE | RIPE | STONE-IS-INF | ca16a2c9beb628753e5ddcb0e5549e24 | http://antiekvakantie.nl/ || 2012-02-07 13:42:07 | sub16 | AVG | BackDoor.Hupigon5.BWTX | 3/40 (7.5%) | AS13749, AS21844, AS30315, AS36420 | 74.54.30.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 23c9bd40d5727c0173af7437e1db1a9d | http://ashkonsoftware.com/download/amp3edit.exe || 2012-02-07 13:42:07 | sub16 | avira | JS/iFrame.GU | 20/43 (46.5%) | AS7215, AS20401 | 64.71.33.64 | abuse@affinity.com | US | ARIN | AHNET-BLK-2 | bb5bcc7c4637b426b768770071e1dd85 | http://attaj.com/works5.html || 2012-02-07 13:42:07 | sub16 | Rising | Trojan.Win32.Generic.1246BC37 | 3/40 (7.5%) | AS3595 | 69.73.176.160 | abuse@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | eb49a1f0bce7d7fc4bbc9e1c349b39bd | http://audio2convert.com/developers/download/ogg_to_mp3_activex.exe || 2012-02-07 13:42:07 | sub16 | Avast | JS:Redirector-NU [Trj] | 12/37 (32.4%) | AS2914 | 198.65.112.189 | abuse@ntt.net | US | ARIN | NTTA-198-63 | 657dca1a7af974915b92d12300cc95f9 | http://auxedept.org/ || 2012-02-07 13:42:07 | sub16 | avira | TR/VB.rjo | 27/38 (71.1%) | AS15003 | 108.62.114.141 | abuse@nobistech.net | US | ARIN | NETBLK-NOBIS-TECHNOLOGY-GROUP-09 | 439a819c7be2a86c3a1a29beec26effe | http://bf.watersb.com/az/tssqj.php?bd=ef8EHYS77497829388UGHUQ992773883s8dUHiu72ha3029030283&qid=CzaisshYWU7B9s || 2012-02-07 13:42:07 | sub16 | Fortinet | JS/Kryptik.SA!tr | 4/43 (9.3%) | AS33070, AS19994, AS10532, AS27357 | 98.129.229.152 | abuse@rackspace.com | US | ARIN | RSCP-NET-4 | 08dcaeb4dc93db7586279de98426f05f | http://bump.im/main/ || 2012-02-07 13:42:07 | sub16 | avira | HTML/Agent.adn | 20/40 (50%) | AS7303 | 200.43.193.93 | abuse@ta.telecom.com.ar | AR | LACNIC | AR-DATE-LACNIC | ac67355d0170286c32e6327dbb425253 | http://camiloadhoc.com/ || 2012-02-07 13:42:07 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 6d96fae66095c063cc8b94050c259ede | http://carambaw.kwik.to/434 || 2012-02-07 13:42:07 | sub16 | Avast | Java:SMSSend-AJ [Trj] | 6/40 (15%) | AS6849 | 91.213.175.68 | antiddos.org@gmail.com | UA | RIPE | ADDOS-NET | 1f1003abefcd835228a2170e60526e61 | http://centermarkets.ru/getfile.php?dtype=pp&r=4032-4 || 2012-02-07 13:42:07 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 7/43 (16.3%) | AS12314 | 212.42.63.218 | root@ropnet.ru | RU | RIPE | RU-ROPNET-990301 | 5c411d0a1264aa16b7a59a00354b7229 | http://cheathall.playground.ru/6/2/BatmanAC_Update1__5_Trn.7z || 2012-02-07 13:42:07 | sub16 | avira | TR/Black.Gen2 | 13/40 (32.5%) | AS12314 | 212.42.63.218 | root@ropnet.ru | RU | RIPE | RU-ROPNET-990301 | 45a89300ebeb96aa8b0970b38ada4f20 | http://cheathall.playground.ru/8/2/TESVS_11Tr-LNG.rar || 2012-02-07 13:42:07 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 6/40 (15%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 19f6cab0a6311a7682afadaa63767814 | http://chrisqueen.com/dp/distr/app-cablebills/site-0062101e758/lng-eng/cablebills.exe || 2012-02-07 13:42:07 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 4/43 (9.3%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 13565b86316311393a79ce3c88aba099 | http://chrisqueen.com/dp/distr/app-daycarebiz/site-0062101e758/lng-eng/daycarebiz.exe || 2012-02-07 13:42:07 | sub16 | Fortinet | W32/FakeAlert.HD!tr | 5/40 (12.5%) | AS57059 | 91.229.210.115 | timhost@yandex.ru | UA | RIPE | UKREAST | 678dd11ec7aa0f376f7d262843628202 | http://ckabc.ru/a.exe?s=0beeee& || 2012-02-07 13:42:07 | sub16 | Comodo | TestSignature.HTML.TrojanClicker.IFrame.~ABN | 3/40 (7.5%) | AS51191 | 141.101.124.203 | bitbucket@ripe.net | EU | AFRINIC | IANA-BLK | aca2efa19b030329abfbc4ae6f7c1ffb | http://coolstreaming.us/blog/crypt2cb789l.php?tds=84323 || 2012-02-07 13:42:07 | sub16 | undef | unknown_arch_zip | 0/40 (0.0%) | AS36351 | 174.36.253.18 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | 2c41e5dced7aaae27dabfc10c5566a3a | http://customize.org/download/files/67089/Noire.wba || 2012-02-07 13:42:08 | sub16 | NOD32 | a variant of Win32/MessengerPlus.A | 1/39 (2.6%) | AS33597 | 205.251.205.23 | ipmanage@rogers.wave.ca | CA | ARIN | ROGERS-CAB-99 | a3f791978ce40a3b6da7dc25d2ec8489 | http://d2ooso48yflzn8.cloudfront.net/chatvibes109.exe || 2012-02-07 13:42:08 | sub16 | avira | TR/Black.Gen2 | 8/43 (18.6%) | AS29076 | 193.109.247.58 | abuse@compubyte.vg | VG | RIPE | UCOZ-NET | 95cc226f1b85dd9b6bbb601116d41e92 | http://d3d-rus-hack.clan.su/Private_D3D_RUS_HACK.dll || 2012-02-07 13:42:08 | sub16 | DrWeb | Adware.Downware.83 | 3/40 (7.5%) | AS33597 | 205.251.205.131 | ipmanage@rogers.wave.ca | CA | ARIN | ROGERS-CAB-99 | b3abd05a5ae1c8a70e721af462d0a0e6 | http://d9yt0xeucd09m.cloudfront.net/1337/Scanner.exe || 2012-02-07 13:42:08 | sub16 | undef | unknown_html_RFI_eval | 0/40 (0.0%) | AS26753, AS31347 | 69.161.134.141 | noc@in2net.com | CA | ARIN | IN2NETWORK | d104742cb3645e858ab818a18a1dfec9 | http://darkswordminiatures.com/ || 2012-02-07 13:42:08 | sub16 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 12/40 (30%) | AS24940 | 178.63.161.90 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | f93b9fa3f0c4e310e772aee176187d25 | http://deserted.aaotravelblog.com/content/adfp2.php?f=19 || 2012-02-07 13:42:08 | sub16 | Sophos | Troj/Dloadr-DLH | 1/40 (2.5%) | AS24940 | 178.63.161.90 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | b59adcd1332484e5a4cb74810dd0827a | http://device.e1malaysia.com/main.php?page=ebbfa58a3823e30c || 2012-02-07 13:42:08 | sub16 | Sophos | Troj/Dloadr-DLH | 2/40 (5%) | AS47328 | 212.124.110.14 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | 14069e2f129e637bc9e0c001186559a5 | http://division.brettcom.net/main.php?page=5fcafcd243888334 || 2012-02-07 13:42:08 | sub16 | avira | TR/Crypt.XPACK.Gen | 31/40 (77.5%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 8686a32b29634201678f3cede7c1dbd8 | http://dl.dropbox.com/u/40977842/slides_208.com || 2012-02-07 13:42:08 | sub16 | avira | TR/Dldr.Delphi.Gen5 | 32/38 (84.2%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | ddf8776d8c63e000ff15b2ff2a979604 | http://dl.dropbox.com/u/49320721/Comunnity_pps-scrap.scr || 2012-02-07 13:42:08 | sub16 | avira | TR/Spy.Banker.Gen | 30/40 (75%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | b660deb0ff8bbf17f93fa06e281994be | http://dl.dropbox.com/u/51754020/youtube_video.com || 2012-02-07 13:42:08 | sub16 | avira | TR/Virtool.MSIL.Injector.10 | 0/43 (0.0%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 7b73cf464f3487e4163c9536342edf78 | http://dl.dropbox.com/u/52324326/Steam%20Keygen%20by%20Blackmetalcinema.rar || 2012-02-07 13:42:08 | sub16 | avira | TR/Offend.kdv.527612.1 | 17/40 (42.5%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 40730502f47f5df00929e7be8b5e6dd3 | http://dl.dropbox.com/u/54394051/meme.exe || 2012-02-07 13:42:08 | sub16 | AhnLab_V3 | Trojan/Win32.Llac | 6/43 (14%) | AS14618 | 107.22.254.1 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 2457740bfae7e8406e057b3697958518 | http://dl.dropbox.com/u/60220466/Host%20booster.exe || 2012-02-07 13:42:08 | sub16 | avira | TR/Dldr.Delphi.Gen | 24/40 (60%) | AS14618 | 107.22.254.1 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 5d9ea690f926460fed962ba09bd7d76b | http://dl.dropbox.com/u/60225152/Sexo_selvagem.com || 2012-02-07 13:42:08 | sub16 | avira | TR/Crypt.CFI.Gen | 21/40 (52.5%) | AS14618 | 107.22.254.1 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 57b931b07dd3ca1d30204e384d4cdec8 | http://dl.dropbox.com/u/60577421/index.html || 2012-02-07 13:42:08 | sub16 | F_Prot | File is damaged | 1/41 (2.4%) | AS8182 | 209.87.181.43 | hostmaster@digitalriver.com | US | ARIN | DIGITALRIVER | 8c055357d0c9e2ab52ad575ea8e91257 | http://dl.filekicker.com/send/file/203586-6155/install_25clips.exe || 2012-02-07 13:42:08 | sub16 | TheHacker | Trojan/Crypt.bmm | 1/40 (2.5%) | AS4134 | 115.238.226.43 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | 519ef0e74d05e0d8fae420728c0a3fdb | http://down6.flashget.com/flashget196en.exe || 2012-02-07 13:42:08 | sub16 | McAfee | Exploit-CVE2011-2140 | 2/40 (5%) | AS4134 | 222.186.42.117 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 7e1fc3734c26612a2d437d6ab294e897 | http://down.8188game.com:888/mediaplayer.swf?autostart=true&image=video.jpg&file=exploit.mp4 || 2012-02-07 13:42:08 | sub16 | avira | TR/Crypt.XPACK.Gen | 15/40 (37.5%) | AS4134 | 218.76.78.18 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-HN-XX | a7c542eb787e0a36da3722a18af9f58d | http://down.cngr.cn/201109/Primo_Ramdisk_Professional.rar || 2012-02-07 13:42:08 | sub16 | avira | TR/Skillis.kyd | 5/40 (12.5%) | AS24940 | 213.133.110.194 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | ffc9e3046312f0e2b6934eb4f15c4592 | http://downloads.pobierz.pl/files/downloader/Nero_11(Pobierz.pl).exe || 2012-02-07 13:42:09 | sub16 | avira | ADSPY/NaviPromo.J | 15/41 (36.6%) | AS6939 | 184.105.174.172 | abuse@he.net | US | ARIN | HURRICANE-11 | 4c8e5e689d513df943740b3b9c9ed2ce | http://dvdtompegx.com/download/PlatoDVDiPhoneRipper.exe || 2012-02-07 13:42:09 | sub16 | avira | ADSPY/NaviPromo.J | 14/40 (35%) | AS6939 | 184.105.174.172 | abuse@he.net | US | ARIN | HURRICANE-11 | 0aceba90720f1dc405ac01cf9c5e831b | http://dvdtompegx.com/download/PlatoDVDZuneRipper.exe || 2012-02-07 13:42:09 | sub16 | trendmicro | TROJ_SPNR.04CI11 | 18/40 (45%) | AS3595, AS16626 | 64.22.111.77 | engineering@gnax.net | US | ARIN | GNAXNET | 5b280ad33f8590d03f61e8a2b87c057c | http://dwl.xbox-scene.com/xbox360pc/isotools/CreateIsogood(English).rar || 2012-02-07 13:42:09 | sub16 | CAT_QuickHeal | (Suspicious) - DNAScan | 1/40 (2.5%) | AS14585 | 208.76.170.123 | abuse@cifnet.net | US | ARIN | CIFNET-US-1 | ed924edab8d29395f5303fc64fed7d41 | http://elcomsoft.com/download/archpr.zip || 2012-02-07 13:42:09 | sub16 | trendmicro | TROJ_BRDLAB.SMEP | 20/43 (46.5%) | AS24134 | 116.213.113.190 | zp@cn.cnlink.net | CN | APNIC | CNLINKNET | c9ec61dcea594dacd1d671fc8de65485 | http://en.china-drm.com/enproducts/Html2exe_en.rar || 2012-02-07 13:42:09 | sub16 | DrWeb | JS.IFrame.189 | 2/43 (4.7%) | AS26753, AS31347 | 108.60.10.69 | noc@in2net.com | CA | ARIN | IN2NETWORK | 02ecae66cbb1a0fa93ba746c5145356d | http://englishenglish.com/englishtest.htm || 2012-02-07 13:42:09 | sub16 | avira | TR/VB.dzlm.4 | 21/40 (52.5%) | AS36420, AS30315, AS13749, AS21844 | 184.172.173.4 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | dbd5ce6eba213141c700d99ca3382def | http://errorsmart.infoblasters.com/ErrorSmartSetup.exe || 2012-02-07 13:42:10 | sub16 | Jiangmin | Packed.Katusha.air | 2/40 (5%) | AS33597 | 72.21.194.23 | noc@amazon.com | US | ARIN | AMAZON-02 | a05ce48edfdc478b7d40fa175fc41070 | http://files.uniblue.com/aff/rb/noscript/B2/registrybooster.exe || 2012-02-07 13:42:10 | sub16 | Jiangmin | Packed.Katusha.air | 2/40 (5%) | AS33597 | 207.171.163.152 | noc@amazon.com | US | ARIN | AMAZON-01 | 0d9cb2ac64bd7bd04235d620fb55ada2 | http://files.uniblue.com/aff/rb/noscript/U1/registrybooster.exe || 2012-02-07 13:42:10 | sub16 | NOD32 | Win32/SpeedUpMyPC | 1/43 (2.3%) | AS33597 | 72.21.203.149 | noc@amazon.com | US | ARIN | AMAZON-02 | ea7a81ddc9490e46b4142ae28bf8b4ac | http://files.uniblue.com/aff/sp/testmyspeed/B2/speedupmypc.exe || 2012-02-07 13:42:10 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS24940 | 78.47.28.69 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20070416 | fbdc24e50e669d96c241eda6b73439af | http://filez.orgfree.com/ || 2012-02-07 13:42:10 | sub16 | trendmicro | Mal_Hifrm | 14/39 (35.9%) | AS41048 | 78.83.151.98 | support@bgnetwork.net | BG | RIPE | Express-Consult | 529bf3106f091436ed47dcf1a29d6971 | http://forum.arenabg.com/uploads || 2012-02-07 13:42:10 | sub16 | clamav | PUA.Packed.PECompact-1 | 1/40 (2.5%) | AS14242 | 216.36.58.164 | turkers@softcom.com | US | ARIN | SLHOST-216 | beddc8f55484ec37794e654686c9ad72 | http://free-sports-games.org/download/TotallyHammered-Setup.exe || 2012-02-07 13:42:10 | sub16 | avira | HIDDENEXT/Worm.Gen | 14/43 (32.6%) | AS32613 | 70.38.64.49 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | 736f81493e373ce8e67b2556795d4fa9 | http://fun-mafia.com/files/Picture14.JPG.zip || 2012-02-07 13:42:10 | sub16 | ClamAV | PUA.Packed.PECompact-1 | 1/36 (2.8%) | AS31103 | 87.118.65.82 | vertrieb@aaa-webservice.de | DE | RIPE | DE-KEYWEB-AAA | 05d617b28c7824b63fa36dd80ca78abd | http://gambling-kingdom.com/flash_products/af/Aces-and-Faces-Poker-Portable-Multilingual.zip || 2012-02-07 13:42:10 | sub16 | avira | TR/Spy.Ardamax.btpb | 27/39 (69.2%) | AS12586 | 94.249.139.9 | ripe@ghostnet.de | DE | RIPE | DE-GHOSTNET-20080918 | 3feaeb3bf468a074ea93802b8d4e424f | http://get.adobe.com.youtude.co.cc/AdobeFlashPlayer12.1.102.55.exe || 2012-02-07 13:42:10 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS15146 | 208.87.35.103 | abuse@securehost.com | BS | ARIN | SECUREHOST | db2a732e997430c2e533aa3b24a0258c | http://gizzosecure3.com/ || 2012-02-07 13:42:11 | sub16 | AhnLab_V3 | Trojan/Win32.Gimemo | 7/40 (17.5%) | AS26496 | 173.201.247.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | f50bff017be0125f97c7190abd49fb96 | http://goodmartelectric.com/xxx_video_clips_arhiv.exe || 2012-02-07 13:42:11 | sub16 | avira | TR/Spy.137728.92 | 20/40 (50%) | AS15169 | 209.85.148.138 | arin-contact@google.com | US | ARIN | GOOGLE | ac70ad0bde6ee183b3a8009284cb4197 | http://goo.gl/nnknE || 2012-02-07 13:42:11 | sub16 | avira | JS/Decdec.psc | 24/42 (57.1%) | AS20597 | 92.53.106.14 | noc@twnet.ru | RU | RIPE | RZT-TWNetSol | 81a19dd567e752687eaa70c66f75926e | http://hausefilms.ru/templates/film/images/footer_0.gif.htm || 2012-02-07 13:42:11 | sub16 | avira | JS/Decdec.psc | 22/39 (56.4%) | AS20597 | 92.53.106.14 | noc@twnet.ru | RU | RIPE | RZT-TWNetSol | 81a19dd567e752687eaa70c66f75926e | http://hausefilms.ru/templates/film/images/footer_1.gif.htm || 2012-02-07 13:42:11 | sub16 | avira | JS/Decdec.psc | 22/40 (55%) | AS20597 | 92.53.106.14 | noc@twnet.ru | RU | RIPE | RZT-TWNetSol | efd8697be89c34525b233c9cf700dbe7 | http://hausefilms.ru/templates/film/images/forum.gif.htm || 2012-02-07 13:42:11 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 13/39 (33.3%) | AS38676 | 111.67.223.140 | post@clunet.co.kr | KR | APNIC | WIZCDN | bced05517d141a619e1d5aac00100bb7 | http://hidisk.com/mmsv/setup_addition.exe || 2012-02-07 13:42:11 | sub16 | DrWeb | Trojan.IFrameClick.3 | 1/40 (2.5%) | AS38731 | 115.84.178.71 | hm-changed@vnnic.net.vn | VN | APNIC | pvhostingcustomer-net | ea08f31b1d7eddd4861a55e1547e02af | http://hoabinhtravel.com/ || 2012-02-07 13:42:11 | sub16 | NOD32 | Win32/OpenCandy | 1/39 (2.6%) | AS3209 | 151.189.20.30 | abuse@arcor-online.net | DE | RIPE | ARCOR-INTERNET-PLATFORM-1 | bcd4e02a110fbb3e365259656d491cb6 | http://home.arcor.de/distantx/Releases/Office2010TrialExtender1.0.0.4/Office%202010%20Trial%20Extender%201.0.0.4%20-%20Setup.zip || 2012-02-07 13:42:11 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS30217 | 216.87.188.9 | abuse@affinity.com | US | ARIN | AFFINITY-INT | 83bb2583da5256d1650b6029a81b8f3a | http://home.comcast.net/~cityofogden/ || 2012-02-07 13:42:11 | sub16 | DrWeb | Adware.InstallCore.15 | 2/43 (4.7%) | AS36420, AS30315, AS13749, AS21844 | 184.173.134.101 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | f9788ab655a7c7e93668cb346ca472e7 | http://i.facemoods.com/wbst/wr/Facemoods.exe || 2012-02-07 13:42:12 | sub16 | Norman | W32/Suspicious_Gen2.UJJYT | 2/43 (4.7%) | AS40366 | 174.35.7.8 | support@cdnetworks.com | US | ARIN | CDNET-USA-1 | 793742438efac374d1ada36101dd56dd | http://install.iminent.com/IminentSetup{2.WrrCIAbP.2}.exe || 2012-02-07 13:42:12 | sub16 | Avast | Win32:Ivelog-D [PUP] | 5/40 (12.5%) | AS41947 | 77.68.68.112 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 3dd7e6897c0fd48b2338d31f26395dbf | http://install.multinstaller.com/6/?url=aHR0cDovL29zLTgucnUvYmFkLmh0bWw%3D&wmid=wbsm_2696.1_sftport6&bar_allow=1&bundle_allow=1&fname=downloader.exe || 2012-02-07 13:42:12 | sub16 | ClamAV | PUA.Script.Packed | 5/43 (11.6%) | AS4134 | 122.224.34.104 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 29e4173d38f301597d39383e976c9f5e | http://jinziyuan.com/index.htm?top=jiankang || 2012-02-07 13:42:12 | sub16 | Avast | JS:MalHead-EO [Trj] | 6/38 (15.8%) | AS4134 | 222.186.18.208 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 32bb0d7fd168a9490fff66fa9a2a735f | http://jx.ptoml.com:81/nb.html || 2012-02-07 13:42:12 | sub16 | Ikarus | HTML.Downloader.Iframe | 2/41 (4.9%) | AS43350 | 109.201.131.14 | abuse@nforce.nl | NL | RIPE | NL-NFORCE-20100212 | 0f09bd28bf7ebc627086722d5ea689d6 | http://keygen.us/ || 2012-02-07 13:42:12 | sub16 | avira | PHP/IRCBOT.EF | 17/40 (42.5%) | AS3786 | 114.108.150.27 | ip@kidc.net | KR | APNIC | KIDC-KR | 39f317d3b282661d8a17dc5405f88d18 | http://laundus.semyung.ac.kr/bbs/bs.jpg?? || 2012-02-07 13:42:12 | sub16 | AVG | PHP/Zbot | 6/43 (14%) | AS3786 | 114.108.150.27 | ip@kidc.net | KR | APNIC | KIDC-KR | 165ef560723de5e2b720e877cc3daf77 | http://laundus.semyung.ac.kr/bbs/pbot.jpg?? || 2012-02-07 13:42:12 | sub16 | avira | ADWARE/SMSHoax.71.3 | 17/43 (39.5%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://lauraandnate.com/album.php?Facebook.com-IMG328275.JPG || 2012-02-07 13:42:12 | sub16 | avira | ADWARE/SMSHoax.71.3 | 17/43 (39.5%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://lauraandnate.com/album.php?Facebook.com-IMG603810.JPG || 2012-02-07 13:42:13 | sub16 | Avast | Win32:VB-ABAK [Trj] | 10/36 (27.8%) | AS16245 | 193.202.110.80 | abuse@one.com | DK | RIPE | B-ONE-NET | e5fa8c4b48fff1d8d93de4f0371d9125 | http://lonnagency.se/oldstuff/system/plugins/.Postal/Adobe_Flash_Player12.0.45.2.exe || 2012-02-07 13:42:13 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS26496 | 68.178.254.226 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | ad3dad74a1095288d6fd1e7509b91c08 | http://marysoutherland.com/ |+---------------------+-------------+------------------+----------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------+150 rows in set (0.04 sec)
+---------------------+-------------+---------------+---------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+------------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+---------------+---------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+------------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2012-02-07 13:42:13 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS16276 | 178.33.119.60 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | 450ce145bd11af4b744fa55e8af0eacd | http://miscelaneagriega.com/best.work.php?giwhotmailID=43s9 || 2012-02-07 13:42:13 | sub16 | AntiVir | HTML/Infected.WebPage.Gen | 4/37 (10.8%) | AS47583 | 31.170.161.176 | abuse@main-hosting.com | US | RIPE | MAIN-HOSTING-SERVERS | c200fa66b5347a6053a0d39aea6179f7 | http://movielink.webuda.com/1.html || 2012-02-07 13:42:13 | sub16 | avira | TR/Graftor.913125 | 22/40 (55%) | AS34221 | 217.199.217.8 | dn@quickline.ru | RU | RIPE | UCOZ | 68a20f3b5c3a449bba548faa301224d0 | http://mydota.ucoz.ru/m-arhives/MapHack.rar || 2012-02-07 13:42:13 | sub16 | undef | unknown_arch_zip | 0/40 (0.0%) | AS6541 | 206.46.230.44 | abuse@verizononline.net | US | ARIN | GTEN-206-46 | 05a0eb71ec95a42aeabee3d6a4e1bdee | http://mysite.verizon.net/retroware/micronAU.dmg.zip || 2012-02-07 13:42:13 | sub16 | BitDefender | Trojan.JS.Redirector.TQ | 7/38 (18.4%) | AS3216 | 194.186.88.61 | abuse@relax.ru | RU | RIPE | RU-SOVINTEL-MSK-RokVel-NET | a6091b65c39512c625ceffba1f22b9dc | http://nastya.kyzmina.qipim.ru/qebmwlrj.html || 2012-02-07 13:42:13 | sub16 | avira | TR/Ircbrute.A.494 | 17/40 (42.5%) | AS53107 | 187.108.192.18 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0004-38 | 2e4c8d1c4cb06421d10f5a08247cd2ab | http://novalondrina.pr.gov.br/imagens/albums.php?= || 2012-02-07 13:42:13 | sub16 | NOD32 | HTML/Iframe.B.Gen | 2/43 (4.7%) | AS9318 | 211.215.18.238 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | a5335461d7de7f91e2fdae40d88ab0b5 | http://nurungzi.co.kr/game/game_view.php?data=aWR4PTYxOSZwYWdlY250PTAmbGV0dGVyX25vPTQ1MSZvZmZzZXQ9MCZzZWFyY2g9JnNlYXJjaHN0cmluZz0mcHJlc2VudF9udW09NDUx|| || 2012-02-07 13:42:13 | sub16 | NOD32 | HTML/Iframe.B.Gen | 1/40 (2.5%) | AS9318 | 211.215.18.238 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | a5335461d7de7f91e2fdae40d88ab0b5 | http://nurungzi.co.kr/game/game_view.php?data=aWR4PTYxOSZwYWdlY250PTAmbGV0dGVyX25vPTQ1MSZvZmZzZXQ9MCZzZWFyY2g9JnNlYXJjaHN0cmluZz0mcHJlc2VudF9udW09NDUx%7C%7C&t=0 || 2012-02-07 13:42:14 | sub16 | DrWeb | JS.Click.236 | 1/43 (2.3%) | AS14618 | 107.22.248.198 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 021dcbd77a508d8908790790d7e41a72 | http://oibruvv.com/ || 2012-02-07 13:42:14 | sub16 | Avast | NSIS:TheMediaFinder-A [PUP] | 2/40 (5%) | AS50245 | 109.206.185.134 | abuse@serverel.com | EU | RIPE | SERVEREL | ccd6b48e1de469bacd846b3df659c2eb | http://pdfsearchgroup.com/files/download.php?get&file_id=&advert=153&sub=1&site=41&filename=2094608-MGT.445.Week.5.Individual.Assignment---.Article.Analysis--Plagiarism.free.pdf&name=2094608-MGT.445.Week.5.Individual.Assignment---.Article.Analysis--Plagiarism.free.pdf&data=uYmNok6NrMlSl7S700r0jmiKSkJv0rXBdLJ0aCSwY8QtzdQH1RDCIcDeVE5xzzClh8kAUueIpGR4QywPti06uQ%3D%3D&ip=152.216.3.5 || 2012-02-07 13:42:14 | sub16 | DrWeb | Trojan.KillProc.13765 | 3/40 (7.5%) | AS36420, AS30315, AS13749, AS21844 | 184.173.196.209 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | 335c1ac4849296f935a0b268e08c5c14 | http://petblog.co.nz/PGPS/PGPS.exe || 2012-02-07 13:42:14 | sub16 | DrWeb | Adware.Downware.174 | 2/41 (4.9%) | AS16276 | 178.32.28.133 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | 3a4e2b4268d3bcf6e5cef8f7b1fdb310 | http://pf.phpnuke.org/s/4/6/46757-657546-windows-password-cracker.exe || 2012-02-07 13:42:14 | sub16 | ClamAV | PUA.JS.Obfus-7 | 1/38 (2.6%) | AS30890 | 94.63.147.112 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | be537bcfb39b9413e3bd84309308491e | http://pharmacyllea.ru/ || 2012-02-07 13:42:14 | sub16 | DrWeb | Adware.Downware.97 | 1/40 (2.5%) | AS30633 | 108.59.10.36 | arin@leaseweb.com | US | ARIN | LEASEWEB-US | 12e0ba42e565e5d6f2845e07164aa114 | http://premiumsafe.info/v26/ || 2012-02-07 13:42:14 | sub16 | avira | TR/Crypt.XPACK.Gen | 3/37 (8.1%) | AS52000 | 178.170.160.2 | info@aldan-3.ru | RU | RIPE | MSK-ALDAN-3 | a570fa2d0a834af63ed03fb073f85dc7 | http://profismart.ru/web/df117517.php || 2012-02-07 13:42:14 | sub16 | TheHacker | Trojan/DNSChanger.nwy | 1/40 (2.5%) | AS8182 | 209.87.181.38 | hostmaster@digitalriver.com | US | ARIN | DIGITALRIVER | e0cdadff85f0166ba9fe46c12b51f684 | http://qwerks.com/download/8635/HexCmpsetup.exe || 2012-02-07 13:42:14 | sub16 | Antiy_AVL | Trojan/Win32.Refroso.gen | 3/43 (7%) | AS36351 | 96.125.165.169 | ipadmin@websitewelcome.com | US | ARIN | WW-2011-A-NET | b5f5b734646dad92cab8b1c0e5699866 | http://recoverwindowspasswords.com/RecoverWindowsPasswords.exe || 2012-02-07 13:42:14 | sub16 | avira | EXP/CVE-2011-3544 | 18/37 (48.6%) | AS32164 | 66.85.178.139 | abuse@securedservers.com | US | ARIN | SS7 | 1ecd1f0ad929e893387595609c87fac4 | http://reg.facebookreg.com:8080/help/Exploit.jar || 2012-02-07 13:42:14 | sub16 | eSafe | Win32.Banker | 2/40 (5%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 590e0f3c5c7b4820482fa1c1b0385d74 | http://registrycleaner.shukraware.com/dr/FileDataRecovery/Run-RecoveryUtility.exe || 2012-02-07 13:42:14 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS15146 | 208.87.35.103 | abuse@securehost.com | BS | ARIN | SECUREHOST | d30263eb780e1c8307ac3edfcbeef3c6 | http://rockengines.info/ || 2012-02-07 13:42:15 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS10316 | 64.150.191.172 | abuse@codero.com | US | ARIN | CODERO2008A | 5fe0dae94fcf91053aeccb4b4952a5c4 | http://securityxploded.com/hashgenerator.php || 2012-02-07 13:42:15 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS20738 | 94.136.40.82 | abuse@webfusion.com | GB | RIPE | UK-WEBFUSION-LEEDS | 8e2e8ecf5b81beb084c2a36ff1a3f64b | http://sekurity.ws/ || 2012-02-07 13:42:15 | sub16 | avira | JS/Decdec.psc | 19/41 (46.3%) | AS30968 | 77.221.143.194 | abuse@infobox.ru | RU | RIPE | INFOBOX | c817ae8959e56b391ac6f00bf68d14a5 | http://sex-vishenki.ru/ || 2012-02-07 13:42:15 | sub16 | undef | unknown_file_$INSTDIR/LimeWire.exe | | AS16276 | 188.165.54.1 | abuse@ovh.net | FR | RIPE | OVH | 7a96f2da87a7cfc6f10ab6a325ec0e48 | http://soft.telecharger.com/LimeWirePirateEdition.exe || 2012-02-07 13:42:15 | sub16 | avira | ADWARE/Relevant.Q | 11/40 (27.5%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.230.50 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 8400a9779960b95dd628d93c0d4e22eb | http://spyflusher.com/download/spfl.exe || 2012-02-07 13:42:15 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33182 | 66.7.202.240 | abuse@dimenoc.com | US | ARIN | DIMECNET | 450ce145bd11af4b744fa55e8af0eacd | http://tartalotxantrea.com/home.work.php?ohfriend=97en7 || 2012-02-07 13:42:15 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33182 | 66.7.202.240 | abuse@dimenoc.com | US | ARIN | DIMECNET | 450ce145bd11af4b744fa55e8af0eacd | http://tartalotxantrea.com/home.work.php?teaolID=91tax || 2012-02-07 13:42:15 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS17971 | 202.71.102.178 | abuse@netmyne.com | MY | APNIC | EASTGATE | 8a348e2c2a84470f8b11f070d55443e9 | http://tesdec.edu.my/ || 2012-02-07 13:42:16 | sub16 | trendmicro | TROJ_ZBOT.IGW | 17/43 (39.5%) | AS34325 | 83.142.206.76 | abuse@profiline.pl | PL | RIPE | PROFILINE-NET | bd69b2a9f087d465f11c9222cc3b26ad | http://tester.done.pl/emoda/av.zip || 2012-02-07 13:42:16 | sub16 | ClamAV | PUA.Script.Packed | 1/40 (2.5%) | AS4134 | 222.76.208.151 | anti-spam@ns.chinanet.cn.net | CN | APNIC | XIAMEN-TELECOM-IDC-XIAMEN-FJ | d7ed09d6244fdb593b1a24d0e7c7bfb8 | http://t.jiuyaoyouxi.com/game/py_yiqiv9730.php?tguser=8810 || 2012-02-07 13:42:16 | sub16 | eSafe | Win32.Banker | 2/37 (5.4%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 93f8fd682ce2becb1b5a75ca0a7af438 | http://updatedrivers.jupitersoftwares.com/as/SpywareProtection/Run-SpywareStopper.exe || 2012-02-07 13:42:16 | sub16 | eSafe | Win32.Banker | 2/40 (5%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | c0c1f736bdf47cbd278fdac1ee7a3d7f | http://updatedrivers.jupitersoftwares.com/rec/RecoverDeletedPhotos/Run-RecoverProgram.exe || 2012-02-07 13:42:16 | sub16 | eSafe | Win32.Banker | 2/40 (5%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 188c3d26367471b19227d80a7c9f08d9 | http://updatedrivers.jupitersoftwares.com/rec/RecoverFaster/Run-RecoverMedia.exe || 2012-02-07 13:42:16 | sub16 | eSafe | Win32.Banker | 3/43 (7%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 286977cc6aab920fbc63a4ec151edd8c | http://updatedrivers.jupitersoftwares.com/reg/FixError13/Run-SystemRegistryCleanup.exe || 2012-02-07 13:42:16 | sub16 | Kaspersky | Packed.Win32.PasswordProtectedExe.gen | 1/40 (2.5%) | AS4766 | 222.122.199.23 | abuse@kornet.net | KR | APNIC | KORNET-KR | e482ba3774f7d7282e2929c5df9339f4 | http://update.nprotect.net/ebiz_up/app/npnv45/npxgd32.exe.npz || 2012-02-07 13:42:16 | sub16 | Kaspersky | Packed.Win32.PasswordProtectedExe.gen | 1/40 (2.5%) | AS4766 | 222.122.199.23 | abuse@kornet.net | KR | APNIC | KORNET-KR | 698e3ba14064d604997366a36313c673 | http://update.nprotect.net/ebiz_up/app/npnv45/npxgd64.exe.npz || 2012-02-07 13:42:16 | sub16 | Antiy_AVL | Trojan/win32.agent | 2/38 (5.3%) | AS4766 | 222.122.199.23 | abuse@kornet.net | KR | APNIC | KORNET-KR | 4ec6a34d14989992f6d4b372bc26edf1 | http://update.nprotect.net/ebiz_up/app/seculog/busanbank/npPCStatusUninst.exe.npz || 2012-02-07 13:42:16 | sub16 | avira | VBS/StartPage.psb | 12/42 (28.6%) | AS36420, AS30315, AS13749, AS21844 | 174.132.162.163 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-15 | 4ac6940e06cdb038369a476825a1ca66 | http://videolag.com/izle.hta || 2012-02-07 13:42:16 | sub16 | avira | JS/Agent.akj | 6/40 (15%) | AS42331 | 178.20.152.67 | noc@freehost.ua | UA | RIPE | FREEHOST-DC | f2916e4cf3c093cf7aa0eacce7befd67 | http://vikotechestvo.org.ua/ || 2012-02-07 13:42:16 | sub16 | avira | JS/Obfuscated.ZX | 15/43 (34.9%) | AS19873 | 200.187.64.89 | info@infolink.com.br | BR | LACNIC | 000.801.786/0001-46 | 08ca28d1d843fa448898e93aadbf4878 | http://visaosubnormal.org.br/ || 2012-02-07 13:42:16 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 74.55.8.35 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 5f6effd81000b96534a628595e75a453 | http://visaverifiby.tk/ || 2012-02-07 13:42:16 | sub16 | Avast | Win32:MalOb-IJ Cryp | 16/39 (41%) | AS15497 | 31.28.167.205 | abuse@colocall.net | UA | RIPE | UA-COLOCALL-20110228 | 6ce2939b0e36b4f8ef7559f1ef131b16 | http://vprograms.org.ua/download/3x90/VKSaver-3.1-installer.rar || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | de3c96ad1ab7ffa6bb13e6eba14fc81e | http://www1.hardlqfsuite.rr.nu/kxxh7?3aykzc=V9Xl3%2BjEpcXW3eHV2%2BOb3t3JcJmpnaqJ2MrWoZ%2BXx9XX27G4dK7JkebWpZKim5Lg2bDs36uLlcrdqNzCq8nk09nWjODd37HZrcvs4fHbjsTVocHEjNzlpquVYZKqnKiVmY%2Bjlp6X2efW3enYcIfw1N6gmZGknZLl2t%2ByoKWYaJqsnbGZncKY2N%2Bul6anoaica5Osn6DH187Tzdqu3ersnKLVotje3e3Uz8Lk0eWf2OWj1%2BmLnNDjqOPT29bkiA%3D%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | de3c96ad1ab7ffa6bb13e6eba14fc81e | http://www1.hardlqfsuite.rr.nu/r09yp15?3rwwhqf0=V9jv7%2BGu06jS0uXTkubP17KhpJdjmOfgzK6ZVsnD1NapxKfAxY%2Fg2HCjp66O4Nlt39epis7ayrDXyLfNpeHk3I7c2p%2BlyefJ1NPbmdjMsbqGmODnpaiWXpmSo5KdqJuhp5qli6bm2Ovd5KNW38rWoZ2hmKyb3ejRcKmoqp2qmWKfl6fFkuXZsKacpp1nqq2qm6qMlNfO083art3q7Jyiy5zk6uuV5NWW3MvZ0Jrj2KHj3prTrdu079re0pXLyZY%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 5437e9c39ac12f3cd802ac8ba653c1bd | http://www1.powersecurityfli.myfw.us/gsuftqz4b?pvod4o3tig=lN7dzqXkcNvX1uLS24vn3MmgraKbpJ%2FW1c2tqZXFltGlsbyovb%2Bd0eWwlpOsmNjntt3ioJbY2Mhx0ZK6r43g5enT2rDU0trY3ebbjM%2FMrbq0ip3fcKuhlaSlpZapppOUrKqP5%2B3H4N7js5XbndNwpZmZqZXr2d6wl5Smp5%2Bnsp2ioKWc49dxoGamoZyopqyWpJnJ0uLT0uK23ePgo6TXxabTptnM3OLY697j4NCR2OHWmuXH3eHds%2BbHm9admtvM1qzf2ebjipa2l5u6npiy3NXX4cecnazV0dbfndrU35iXqejXyubczpGcstXo0KiUZriq09Te8Jzp7dDH6buZxMSc4cqxyLjXe9GpzuGblaK929WYmKeapJ%2Fa6cXV2ZWps8iZlGWq2Yyjs%2BPGl6Wn097T4%2B7ai56r1uLe1pzQoJmbqeDQ6dCXpZvX5NnQ4N6Ln62hm6Gal96jmZyr3eLqiqSpysyapa3JzayZoZWopcqmlGa44s3gnOuSqaOWhw%3D%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e2fec8fea47263916db5eecaeabc03f0 | http://www1.save-checkerjvge.myfw.us/aaxh211_8020.php?05iszb=VKrb1bfI6Mrs0J%2BJ3c7HqJ2inKaN1ZmZpqagw9XD6KKApLW1idfYr5ynmIufqKbq8JmZw9%2FJasXHq6mR1NvV4aTZlaHf4qDF1p7OvVPM2KKUopignKubk2Fum6GtmJnU6sah2NuiieLO1qenl5dpW93n5p%2BlkqeaY5a || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e2fec8fea47263916db5eecaeabc03f0 | http://www1.save-checkerjvge.myfw.us/elb107_8020.php?29lx=VqjZ7LDT2Nyf19CL2NTJr6KmmZVYqdXcsJScxo/F2qK2rLLCkOLaomNpo57i1LPco5qOx8zPotTJuc/XoabRnuzP36KWzs3VyuXRmM3ZpLqFX9XosJink1+YmJOWoJOpm5za2ZOt4euwh+3OkaCZlZWki+be4qSXY2qhrqaarZtkmI7Z1qiWpZyunJ1icp6rmcXl0o7M1qLa4tylmN7I15as0dvo09/ZptTV0JHO1N+Q69HYqKCp3OjN39CPidvaxa7S1qfpzNOWf9Xk2IU= || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e2fec8fea47263916db5eecaeabc03f0 | http://www1.save-checkerjvge.myfw.us/gstf211_8020.php?tc77950jev=mNmqoaRymtLa2OyH686RoKCVlZuL4tPapJiaxJmZq3KDq7LGmc3pol+UmYvS3qLp4K2Nx93HdJmYeJjc1OPYh9vfnNSl2NjS2t7Z5Y3I16CMil+eoKecp6GTq5Vblp2TmpyL5d7X29rnoGhdsJ6Up5ampZqc2aHPpZeUnJqona+em6uYXauscmGdl66omK2YZZiOydLYxtvYs97c65Zln5qnlN3K2ejT39mm1NXQkc7U35DX2sfjxXSks6qlz8remdTrx3DQzKLW0NPWsN/Typg= || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e2fec8fea47263916db5eecaeabc03f0 | http://www1.save-checkerjvge.myfw.us/jqblkj211_8020.php?6qe32=WuLZnqCw0NnbndHdi9jUya%2BippmVXOHOl2%2Bmh9fHj9WluKS4tZjW6aSXZ6KLoqWw2OycU8XRyaDNxLiwnNrVoeiiraXnyOvGkYnLyKC0sZjT5qScbZ%2BXZ2mhkq6WW5SemYne2dPe69qiXOjOl2%2BkkaieU9fc0aCdlqOfrJqebaecaFjn1LOWYJWgmpucnqqenMvUo9LOoW%2Fq2O2YW8vJ18feytXf6NDZr%2BLSnmDW0OOLn9LOotjk3%2BDa29SLqNbLcJrn1eaKYKSNl6mQl7jd28jXmdmTrJPb0OWTkNLVipWx2NfL6MrNW6Snkqvf1ZuYcaTUydLknOnk4cvZf6G1fmjowre3dtavx9nF3aaPqa3bmZaYd1ell9zVjMzYipavydePqJ3VW6Spn5OYk7jVlsTi38SQl7TQ4tbXntLSWGS10dfXmIiam9fazNnW24yYeqKKZWjW0OaKYKfV2NaQl6jP34yYesa5eV%2Brhqibk9WNmKfky%2BKX6pScZqKLpqfVpOPJatbN08exzt7PnM3LiNbJnKSwkpo%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e2fec8fea47263916db5eecaeabc03f0 | http://www1.save-checkerjvge.myfw.us/wujy211_8020.php?pkd79x=lOPIsaa12cvp1afPjtrMz6KqmqiXi%2BDUyHRsntTD2Ndqtqmys5HR5aeomJaW2td0sO6qh9jOkaDKxKmxi97h7NKi0tDXmLHrmcTZon%2Byjs7TqJ6lmKeYmp6dmGhnqpnU6sah2NuiieLO1qenl5epkdirpbWlkqeaY5ahnJmimpje6aSWo52cbHGqo5mpi5HS1cbM2aLp4e2ak9jM1pus3dbW6M6h3NnSzpnI4dec38vhqMemr%2Bba0N2Ln8jOosvf2eKPqaiKorGJaX%2Fr2MLoyJWR4cbL2tSgzeXUiqKx15ya6tbJm5hvwuHR15CYtqviy9TpotuxpNznqqa1eJndxqS9ruWx2N2%2F6J%2BJan%2Fu1oapqVKVnsvTys7ij6mrydWQlm2pnaal4sZSlarVzMzf7MubmafW19OpodnghqinncTa0Iidm%2BbZ3c7R1ZCXe2qdpZfZ1J2Im6nQ3tiXnKzMzpWeqIyNvqCZm5djydqKlq%2Fe2Nqj25Knm5VdrO3VpOPJatbN08exzt7PnM3LwtDIoKu1pIU%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 46489b5930ee6c511bc0a4fadf020ad9 | http://www1.stronggahmantivir.rr.nu/ || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/5akzm66rf?uat47q2trv=mdbmlnTXp93o4eaO2svJsKyZk56IndzJoKiYytbb557HdYTBWODls6aZlojU5rHg16WIj9zJoNfRr7qf5Mrfn3Tll%2BDo5ZrLyJ%2B9y5rS0auTZKaTlaqml6Wyp4%2Bnal3kptXm6%2Beli9nO17GakaCbU%2BfZz7KkmqWuq5Sta22oZ5rm6bGZmJSdqKyamaCbU9fU0Nbb17Hw7NinYp%2FSpNjl29fd18vZ7OXWzJzFnOCL0tbrpujb78bfoZyXpNnYs9zc2dKKprWOk7SHX7nYyNbkzNyn7sLco6aflePfm6au2MfG5dfRhqGkjOzR15qlrbXl2dDta67rndjmv6S4sJja1LW7quGpj%2Bm%2F26mXnLrv2IaneFyjaNri1d3YipWp19mOk6TSUqapz9aXm7bp3sLurpiWZLbY4uPazcPSmKar0c%2FUmJiXmenh0Nvl2oaneGiWZKrV5eSNmKbS5ueOk6THlpiYp8rGr6GxmpOqmqmWZbjr3OSV2Y%2Bco6WN || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/aizumx?e9rf6kf=ia3m2HPNytrg14ja3NimmZ6UXZnVzNmvnJrax5vko4mss8SO0dWipKSgh93VaurbmpvU0ti2x5i4rFzb3%2BbcotPS59fSh9HFaratid7ipquwk2qin2Scma2WnZmL5ujK1ePVapnczNmvmqSrnl%2Fm2qKomKWZmpiYrKufmKOIoeailKikoamxl2qonFzP1eHJztCi6uvglJzKjuXJ1trV3ubi2bLj06GZyePVi8nQ3bHfxd7FnNfeiefXz7Hh2a3ii2msi6auipSr5tnK09HKW%2BzGy%2BThl9fo0l6krKnQx%2BbLzYeYtdPizeKHYLemz9nh4qvw36TW2n%2Bbtr%2Be2sOmxb3cqNDYh%2BuZiKi439eemH2XmGzR1tPR1YeYt9jOhqCYnZiYp%2BHTjqa71aLT4LDMi6aqy87U5dzKzpOUb%2BPG1eCXm6rt1KDZ0puQmbiZipSb1uPZhqGmmubYiKeozt2emH3HunyYnpmam8jXmKet2tTSWueSmqWjjQ%3D%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/eabwl3j?nli9=ks7iseOl3dHN7Nfhh%2BPLkbCdk6eij%2BTi0qmcX9XKx9SixrW2sZTOoLCWk6yY2Oe25eKgX9bRyZ%2FH0rqvh9fan%2BCixNvW3e2f0c%2BmjseOztKipqWXkqWUW6aVkamY3Oja4uHcdqWO3MvJsKWZk6eIoefRoKejmqmvoaWgb6udi9bYsKWck6aXZaSck6qYzePmz9XXduvf3JWT29XbxeHHkOjXzOnr2uHknM%2FYpprL39fZ7bHd0c%2FElZnXyNuv0ejt3pGcepmaq4eXuefOwuDFlaHexN3h2KLc3dmOa7rbysPX1tyOlLDBpt%2FZiKi2quDd3eWgsO7Tydauo8S0l%2BPDbsWu1rzU387xopGcf%2BrLipWpmKafx97BluOKlrnWzpmrpNyObLjUxoeXteTSwujcjpiXpdve2Obhz9mOa7bYxtTQmKaf1d3JlN%2FKiKi2mpmrpM%2FYqZmbqc%2FY5pmbl9PLUqapuMm4lqyeoKLPq5mbqdvL46HdjqWSXpc%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/eic9eml?8hl7sxsp3s=XODQseC12dqm4%2B7Ui9fO17GhkaCSU%2BPOx7Klj9XbmtqpirTFw5af5rGalpOL4uem2OSZU9XOx7LUyLq%2FXtTjrd611dWm1Ozbi8XIsMa4h9fSaqyYkaajnqKrbJmaaZnr59Gn6Oeli9nO17GakaCbU%2BfZz7KkmqWubpulbqmvqJan5rGZmJSdqKybkaaVU9fU0Nbb17Hwr9%2BfZdvZ5dSm2Nfd18vZ7OXWzJzFnOCL29vjptfortbTptqe5dWZsNzc2dKKprWOk7SHX7nYyNbkzNynscnUpuKm1t%2BgmKau2MfG5dfRhqGkjOzR15qlrbXlnNflbury3tSnvKS4sJja1LW7quGpj%2Bm%2F26mXnLrvm42fe5iqqdaj0t3YipWp19mOk6TSUqapz9aXm7bpocnmsdSdpbKZ3%2BPazcPSmKar0c%2FUmJiXmenh0NvlnY2fe6SdpaaW4uSNmKbS5ueOk6THlpiYp8rGr6GxXZqineWdprSs2eSV2Y%2Bco6WN || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/if6xlq8s?54163n88=WaKbl3DVrJnm182I2tzYppmelF2Z1czZr5ya2peWo3OGr4WImtTYn5ekpY%2FQ4Z%2Bk6ZyJ19vNsduUendcqdqldefO0MrU45rMxKu6hZnO07KjoKenZ2llZGSnamannYvV2dTo3tSriKTcyaCmoputn6monXNln2ltqpuemZuqqY%2FV4Z9eppebqqqaq69nWpWloM%2BhprHf3NmYodzK09LVktba1d7m4uXmoGKUpaCUsZzfpdjD3uDh3Ifgx5Owzdfp4o6nulpmd1tltKud1drIypPs1dHQ3ZCQ4tKIp7jc2dqnl5lbZrCXseDcipWptODN0OeZpO3Qx%2Bm7mcTEa6mSd4W3q3%2FW3r%2FamZinr9fRh2C3ipWr2NnT4qVZZHqX011qqtiKlanf1Y6TsNKW1N%2Fd1pebtt%2Bho6OelNtdarbYxtTQmKaf1d3JlN%2FKiKi2mpmra5egplihfKXn24qUm9jdjpSyt4G5kpuapJ%2Fa61pnda%2BZ3mWsoZ%2BVk4k%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/jynea2ou?mr42xdr6=kemtqeHKr6bW3s%2FR2Jnp0sWrml2llYnl282xrJPTlpTqocV3wbiLztiwpZmYlNGgsNzZrJjL3d2q1JN4vorYnt3KyZ%2FT1tbN0pTFkLCur5vb2bGwpKBmZq%2BSo26llpaYmpnn3cLi16Cwi9re1qalqZ%2BrWqbs0K9opZmamJisq5%2BYo4ih5qKUqKShqbGeq2lmnsjho9XR05%2Fc6uucj9bDn9fYyNjn293t5uOhnabH4aOa4djZot3azNbnyFPlysmy2t3o6ZKldVeqqpdoutvKw9fW3Jfaz8qc4pPG5N%2BOpr%2Fg15Wk28yXabbH3s7ZmKetotrGnOyc2u%2FdzejCncJ%2FaO3Fs4i926zE283snYahqKPWipa5l5uq393RnaKdl7aa2Y2XmNWYp63Nz4dftdXM1uzj1Z6ftJqe59bal%2BGNl6TV1ObUhqCYoeLMyuHXjqe9npdmaNvT4lunrNLV2Jimn8bXh2C3ure7n6GZq6PYplerqOuc5JXZj5yjpY0%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/mp1cslvqw?rhfcfks=ltfZztLksNjM28bU2JreytKfZaOXk5vi0ti2pY7HxcjdsMepsrKL3%2Bemkp6ZU%2BLYoOzooJrb28yjxcWxuZrNx9zJ5LHQ0NzOl%2BOLxtivvLmf29ijm5qZqKmWlpOcoaaekpTVodTZ2Oivj%2Bvi1qWXk5ikmejc0Z%2BXpKWel6GbZKmcmJvm3LGqpZqemJ6crKShi8bU4NXSz6vZpOqYkd3T29js18vb1c%2Ff7OXV0JDI4uGP1OHSkbDcx%2BLX1Jrr186jy9rf45mbpoeXuZmbp%2BHHjuXIy6Prytzo4ZbJ0tOQpbrbysPX1tyOlLDBpt%2FZiKi2quDd4eGd2uDW1%2BixlbKwqenKosCroLrH2c%2FqnZmsuN7JiJmvmKaey9LE3OSOlLLGkpiXmeWXnLjl042YpdbU1O7ixoeXtdrV0ODKjuCKlbfiyubkl5qc19XS2uDNipWppJmbl9HRnZiYp%2BLl3JmrqM3PiJmvyMiukpqKparP05OVcezL06Lmlqupo4w%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 9c820546d70cc9212f33c70b8b7369ff | http://www1.thebestianb-security.myfw.us/vi50eex6l4?bxwz=hunr5eKl1MXb4%2BLeh%2BPLkbCdk6eij%2BTixrWqoNXKx9SixrW2sZTOoLCXlKaY2Oe22e6uoNbRyZ%2FH0rqvh%2BHSmOqi3ejm0Onaxp7a3bGxsYjO47GgmJyUYaqTlK2jl6Wvlp7q7tXc2tWimevSxauTXaWeienm1bGrk6mssKehnJicqJrd1KuTYKWdmK2joqytiNzm59XR05%2Fc6uucj9bDn9fYyNjn293t2%2Bnk5aLL1M%2BL5ePPnuPbp%2BHVyOKY29nfn%2BDr7uSNmKOKpbqOk7TVktTXxt2g4tXh0eel3ePVipSr5tnK09HKUqanwu7e3Zmsprnj3uPhnNnf3tjdqp6yeKnaxLbEsufAxO7R8qiNmKjb1pmcpZOUY9nVwt7ijqe9xt2crKrYipWp39WOk7DSltTf3daXm7bfzufp4tXVipSn49XbzJOUY%2BfUytzezpmspqmcrKrL1NKKprjW1OGHX6nKzJqlrcnNqKWvn6aey9SKprjix96PoaCck6aW || 2012-02-07 13:42:17 | sub16 | TheHacker | Trojan/Diple.aalb | 1/43 (2.3%) | AS26496 | 50.63.32.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | b919745feb4077fae8b4c1739ba172d4 | http://www.247mahjongsolitaire.com/PAD/onlinemahjongsolitaire_exe/DiamondRingMahjongSolitaire.exe || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 6271012834163e83833ddf05b176c964 | http://www2.firstsvholder.rr.nu/rcqyy107_8020.php?in6ffrw1=jeifyKPf25bczJjo3dezoJ%2BelIvi0tJzmYzT2ZPYprPGxJni26ydlJyY2OFz3dzKx1fI0taw1tK50OHb0cqYz9iZo9Tp4arQ0OKZ19azqsGSzdWvmp5klpSnqF%2BYnKiZ5%2BfX3OTfoZaY4Neao5eiqWqM3ebfsdmny6Sjl5ionaRujNrltGKZm6mprKmso || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 334de95f5cad56524e2218c0fb4c2783 | http://www2.personal-scanerfhs.rr.nu/ffels211_8020.php?rt6de=luSg3dXoouLX1NjTkqLcx56mlaSWjuPb2HOXi9HH1OWswaK5fZnP1KuXo5eO4uWxrdqclsfb16zQwK+V5dLO04vb1uDgr+Sg0tLn1OiZ0tGewYCZzNGrnKKUmaSjomiVk6GXpJni4sLgouagh+XO1qOZo6StXNjZ3KKppKKjmp9fqpmWz4vm2aWkpaZumJyjlaKjldLQ2Y7c0Z7l3OmZluPh65vW2OHM0+Xc54/en6HR1pTY5dbf26/ipt3Y6ovk2NWryeCh44iUr4qkrI2luOut25PX1OHa29OPz5zgiJO02uTSjaa455eJmLTZl6Wl4MTgUqany5OXqNeNpraZaJrK49fVmKKy1JFfqdbQ49fVy42mtuubxoqim9XXlKGlnlKlmdfTyZeZrKO1uXe1q9qmtJihpNbemZiWpdbZ5taNpaend4mXpZe4mKGjk7KZ1NPKz9/sx9bdoNel0YqimqS5lKCX0ZaYlqWfyrfbvKe5zoCvzr+Vw7vd1rHAg7bKhqCb59nPmKW4d6q22qjAu+LR2LSbpNrTm8bGua3Z1Mxjr57b1d+n2ea2vVKlmdTXzKSLm7fG2HfXtJ3ZvMiinpq+d8u3qeW5yNXPmeXpmKfS1KLl2N3Sp9WZ2Ic= || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 334de95f5cad56524e2218c0fb4c2783 | http://www2.personal-scanerfhs.rr.nu/nmwtn107_8020.php?816e=XJqq1NOi39nV4sLkU%2BjMxaudopiYmaiamqKji9PV0eCev27As4fa2K%2BXmKpeoKmi59upmdHXxamP0qbJ4NTfy47aqqSd1q3W3dTjz4fPkLC4tJTO4qOfo2ZiZ5ael6OhoKCTkqDnxNXj2K%2BM39ycbmeVop6Y5%2BPanqNeppiaoZepnJ3UXqWpoqGYpKujpZOhYKuJxd3S08%2FWsK%2BorZie1eHq1ODU3ZTU1c7nk%2BTYluGtV63T0aLm3uLdw%2BajmdXG1KLa2tzjXWR3iqKrl6W15djjW9rS0NXR15TL4qVWaKvl196YorTUzVKmp9WTl6jYy%2BddZHrPlZeo5JShpZFfqcjU4MiXmazmXWNs2N%2Fa5NbUk5SwpNjFhqCb1cqNpnxjW5em29fXlKGlnHC4pLK0z7OojaVupqjRlZi22%2BPi0ZFfqJaik5enmK6YamZoq9zG4tzQ6NvNm92RxN3Sl5idpX5WaJvVzpems5%2FGsaLHl6jIr73Pt6OJeaTNwLnIttaTk6Ki5sqGoamzrLnde39%2B2NPcuuGg5dOZjse2ptTHypOzrKOho5na3cfElKCX35balYahqcbKqeaHXqqvxZiirMG4ucB16re33cyY2d3Ve56aouPK4Ne1183RUQ%3D%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 334de95f5cad56524e2218c0fb4c2783 | http://www2.personal-scanerfhs.rr.nu/yxqw211_8020.php?0wy20=VOHzlW3Sx+Dd1pTW1ZGwm5GglZjW0ddtqp+TktLXr8awu7GSmeagk5+WmNXbsKftsFiS2cmv1c6xyd6c4MiH58nlzNSwquLgnJyWyNWwxMGH1Z2wmpGclqOXlqVhpapkYpbY5tTj49SpXpnaytKio5aarFbr7Z5tp5alqKihk6NjqMSH4tivl5ulaKuvamehmZjX3tvC1Zuw2tjlmKDW1+qV6eyjl9HX3+yd4NOam+iJ1Njdr8zh3Jzi3KVW4srYsNfi1dxSpqSGoKuXmK7qp+6nmZ/fzN7YndHQ2VKlqdbg0ZeZruaRnKx2pJWXqOXS4oafcd2Ik6TWl5msmGKt3qWi04qlt+KTk6Kg4tjT0cqXmazqldmeZGbTyZems6CGnmPm1MqTmLaYjaVm7d6WVaOporazorKyl7SlhqCb59jUmGO74aak4IqkqKKvhp5ipamGoJqkrNTUoODarKrR09yh0t3OkV+olaeTl6jL0Zhju66AeeW5prbhu6rEmKO0qLiX46rbtpecq2il48yXprOvp72XtrGp4cjprtakp+mmk4TDqtjVx5uspZjj0JXY3ce3jaVm6uKZYpWYtuTgv9PSdrTLsaK9uc/M1IC/x6dz5KaY5uTQpNmRsNbG3Mm4z9TYVA== || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 6beb4c96c9254c29933785ddccbf7940 | http://www2.smart-guardxxw.rr.nu/ptj211_8020.php?v9ipj=mpre3Kfo38vY1o7Mm9bbyLWwp6hpj%2BDT16qUmNWPyeeexaXFyJ3irKaim6ST0OWxpN2sh9TN3LXZ1XzR4tng0ofi2p3Wssbj0d7qndmcpsW9mdbRr6tdlaaSo5Kpr6yka5qhkObhwubpoKSmh%2BnN3LWopmuilt7n2Z6ppWCcrpSkm66t2Jyt3K2bpp%2BZpqxgm6yamMjn5djfp6bn4eqgj9jdn9rpjuXT3uzh3aWX4tyh29aY7KDU48ivyfHm7u2s1Zbd6M%2Bk39hq2trP1qrh5Nya || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | b0fa748b57450ff7fda6e5302a90f60a | http://www2.thebestcheckerbnc.rr.nu/cqva211_8020.php?sqmn6uy7=l%2BDb15jZtqXoycbRi%2Bjdx6Wdk52VmNLXx7Ckk8%2BY1%2Bt0x6mysovf56CalpSR1OWf5dmql8%2FXmrLblrfQ19HS2JrLydCgzt7YzubGmdTQq4vIn6DkpZySk6SllJaWmqCTpJOfieblzuKr6LZd69HJn5ajppyO2dfXoqaTpZippKOlZ6uuXejbopOYpayXoJyTpJyYxt3Q1Nrbq63s8Gqizs7U2Oeh1tfL19XM3pDg1aHf4pSj2dulseDe1tXjmtbdx6bYya%2FV09HXt9bam5k%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | b0fa748b57450ff7fda6e5302a90f60a | http://www2.thebestcheckerbnc.rr.nu/gyh211_8020.php?cbgv3z5=h8/Q5J3ucufQyNDU2prY0cmgo5WkkpTTzMakqVnbl9baorWmwMSJ1NignZajiN3WoNndrVncntilx8Go2+bS1cqJ5N7VzNSgzNfJ6ZagmNelurWL3OSgn5WRnJajkJ+amJCZp2SgqOjJ2dfYsJra0cmgnJWkm5TX186kqmSxaqqbm5mWqamJ3NignJikmqKcmpObrFnepOHJztCi6uvam5PJ1Nfl1pvW0sjb4JrmY+bak9DamePV2MfEqN7ZxeDK09uN6ajceOHMotXK4dip0dHIjw== || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | b0fa748b57450ff7fda6e5302a90f60a | http://www2.thebestcheckerbnc.rr.nu/vgpx107_8020.php?wo3nm2n=m92n1KqT6Ofe0szLmenMzKKbm5eiiN7M26xmlM6U0OaluKOyw5rP26KUm5yY0eGg7uVqlM+b0rHKxKXN5ePQzYvd5dna0avZ6OWb3ZOV0bG9uIjO47GamJOUnJagk6WYpaFkn5Ol4tXc2tWimevMzKKUm5eriOLX46xnn6RnpKeenJObqJrX26KUnpeql56XrZ9nlNGh29XR05/c6uuWlsvM3djmj+HS3eOd1dlg4OaW09eL3dzdpdHT293jiOHY2bKg0qql0+LMq8vR2Jg= || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 4070d1fdfef9cae05cf04bf71d09a4f6 | http://www2.top-networkcs.rr.nu/EkozvOeWlC107_8009.php?3w0ey=V96S1+LXrOai3Nnf5uCY4MzXcK9glbKa39mRq5ia2NHU3aDGdMSAi+XnrKFdpYvj6qzp4bvDWdmZybbWzrlypYvp2dbXz6DcmvGc1ODXldOQq7rHndjiqJSpaqVhnK+ioKZbpovn69Dm4NawZJ2nzt2xqKJflNno46ymnJqoaapmnKqqpJah4aKlqqGqoJaoaKxni93j3NGW3KLr7ualmcvUpdub297b5NGf0pPm6Z3g4InXntum07ba4til28mY || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | f2a6f8cfeb924d5a07e77c98432997ec | http://www3.hardnsdholder.rr.nu/ || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 33cb84ba0a31325b5d58b2cc361fb7ab | http://www3.hardsajsuite.isthebe.st/?w6o5m7zm=m6vYmapvqp%2BYh%2BLN156dmend4KKrZ6Zqo2qwpJmXp4g%3D || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | ec77239fdaadbc11afcb0823a5baa56e | http://www3.save-antivirtd.rr.nu/ || 2012-02-07 13:42:17 | sub16 | TheHacker | Trojan/Nilage.hnq | 1/43 (2.3%) | AS10026 | 202.147.63.139 | apnic@asianetcom.net | AP | APNIC | ANC-NETBLK02 | c1600f40ded72a71a7c96e7d824c8c41 | http://www42.tok2.com/home/hatena19/samplefile/MDen98.exe || 2012-02-07 13:42:17 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 8a8426f170877a810e6bb05b920f584b | http://www4.simpleantivirmyx.kwik.to/?4pquody=WOXa2ayZr6mZk9zfoo6gmt3q1a+hqq9ppqSrppWvqI0= || 2012-02-07 13:42:17 | sub16 | CAT_QuickHeal | (Suspicious) - DNAScan | 4/40 (10%) | AS36420, AS30315, AS13749, AS21844 | 70.84.228.42 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 0b6fe8045e461c5e6639b7018efae070 | http://www.abf-dev.com/splash-screen/data/abfSS.zip || 2012-02-07 13:42:17 | sub16 | Fortinet | Misc/RK | 1/40 (2.5%) | AS36420, AS30315, AS13749, AS21844 | 174.122.51.167 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 43849904838b84181aa4cd4a0747fe00 | http://www.acez.com/downloads/political/georgebush.exe || 2012-02-07 13:42:17 | sub16 | ClamAV | PUA.Packed.ASPack | 2/41 (4.9%) | AS30217 | 208.64.137.62 | abuse@webmasters.com | US | ARIN | NETTUNER-200509 | d2caca3d708bd60aef1f73c8f4d87254 | http://www.adultpdf.com/products/pdftohtml/pdftohtml_cmd.zip || 2012-02-07 13:42:17 | sub16 | CAT_QuickHeal | (Suspicious) - DNAScan | 2/40 (5%) | AS36420, AS30315, AS13749, AS21844 | 184.173.206.193 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | 8464ea3a4187c58f7f9701ceb41c444f | http://www.amazebrowser.com/flvdownload/flvdown.exe || 2012-02-07 13:42:17 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 3/42 (7.1%) | AS36444 | 129.121.66.179 | abuse@osogrande.com | US | ARIN | OGTNET | ef51efa213ad72ea1bfb403465691df1 | http://www.articletrip.com/toolbar/articletrip_charter_jets_chmod_calculator.exe || 2012-02-07 13:42:18 | sub16 | Jiangmin | Trojan/Generic.wbre | 1/37 (2.7%) | AS8560 | 87.106.181.57 | abuse@1and1.com | DE | RIPE | SCHLUND-CUSTOMERS | 1e996be9f8d39c37c1ba2bb54c30976f | http://www.autoitscript.com/files/autoit3/autoit-v3-setup.exe || 2012-02-07 13:42:18 | sub16 | undef | unknown_exe | | AS3595 | 205.251.130.130 | engineering@gnax.net | US | ARIN | GNAXNET | bd0467969b7fe20f6036f755e8a4264e | http://www.avsofts.com/softwares/psp-converter.exe || 2012-02-07 13:42:18 | sub16 | DrWeb | Adware.Downware.193 | 6/40 (15%) | AS40366 | 174.35.7.22 | support@cdnetworks.com | US | ARIN | CDNET-USA-1 | 50b417c51648b14db06621fec86cb2de | http://www.bestdlzone.com/nsi/nsis-2.46/Testbundle23w_1254.exe || 2012-02-07 13:42:18 | sub16 | ClamAV | PUA.Packed.PECompact-2 | 5/43 (11.6%) | AS13122 | 80.65.249.11 | abuse@manx.net | GB | RIPE | Manx-Telecom | 7c1d35038904aee8f42d8d7c3c611a05 | http://www.bfdownload.com/ptsvrdemo.exe || 2012-02-07 13:42:18 | sub16 | avira | SPR/SpyAnyTime.A | 19/40 (47.5%) | AS16626 | 74.81.82.234 | abuse@gnax.net | US | ARIN | GNAXNET | 821d5569bb5d2f349ffd1aca9bf356f7 | http://www.cool-computer-software.com/rfs/rfs1.0.1.zip || 2012-02-07 13:42:18 | sub16 | Avast | JS:Redirector-MR [Trj] | 7/39 (17.9%) | AS26347 | 67.205.3.36 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK7 | d7ec5d875d5542c1368192366d9e6b90 | http://www.dernier-exile.com/ || 2012-02-07 13:42:18 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 5/40 (12.5%) | AS36351 | 74.86.174.204 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 9484e13c2212a9b77e6f59f2605a4b70 | http://www.dotcomsecrets.com/dlc/make_money_with_micro_continuity/output/make_money_with_micro_continuity.exe || 2012-02-07 13:42:18 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 5/43 (11.6%) | AS36351 | 74.86.174.204 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | d50ba8c4bfb3c65a87b2721c97dfefe6 | http://www.dotcomsecrets.com/dlc/micro_continuity/output/micro_continuity.exe || 2012-02-07 13:42:18 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS32244 | 67.227.246.225 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | 5266fac2a1e3eecfeea0ccfa451dd231 | http://www.downloadplex.com/ || 2012-02-07 13:42:19 | sub16 | Jiangmin | AdWare/Rabio.at | 1/41 (2.4%) | AS36420, AS30315, AS13749, AS21844 | 174.122.240.7 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 71e2bf808f33e4819a1861e79bc78087 | http://www.driverecovery.in/downloads/msaccess-to-mysql.exe || 2012-02-07 13:42:19 | sub16 | Avast | Win32:Malware-gen | 13/40 (32.5%) | AS47328 | 83.222.124.62 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | d5a45ad913b93e8c1c3621b5065df06d | http://www.drive-software.com/download/halloween.zip || 2012-02-07 13:42:19 | sub16 | DrWeb | Adware.Relevant.81 | 3/40 (7.5%) | AS26496 | 173.201.216.111 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 2c53ddc225d31536cf4f9493387d299a | http://www.dvdvideomedia.com/download/dvdvideomedia-free-3gp-video-converter.exe || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_RFI_eval | 0/40 (0.0%) | AS19066 | 209.188.92.41 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 081ffae4216a41896be1a7dff2a58f2b | http://www.epharmtech.com/home.php || 2012-02-07 13:42:19 | sub16 | AVG | HTML/Framer | 3/40 (7.5%) | AS33182 | 67.23.244.109 | abuse@dimenoc.com | US | ARIN | DIMECNET | 8ac33dd6564397d8f6416f4950da6bad | http://www.esurveying.net/ || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS44820 | 91.203.4.140 | abuse@tuthost.com | UA | RIPE | TUTHOST | 4f6082ec5302c95ab1ce69ec9b1a1dd6 | http://www.fayloobmennik.net/1511115 || 2012-02-07 13:42:19 | sub16 | Jiangmin | AdWare/Rabio.at | 1/40 (2.5%) | AS10316 | 68.168.100.48 | abuse@codero.com | US | ARIN | CODERO2010A | 71e2bf808f33e4819a1861e79bc78087 | http://www.filesrecovery.in/downloads/msaccess-to-mysql.exe || 2012-02-07 13:42:19 | sub16 | K7AntiVirus | Trojan | 6/40 (15%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 1b13867820068eccdf250d4b68d7a778 | http://www.forex.jupitersoftwares.com/afs/Automated-Forex-Trading-System.exe || 2012-02-07 13:42:19 | sub16 | Kaspersky | not-a-virus:Client-SMTP.Win32.Blat.a | 1/39 (2.6%) | AS15201 | 200.98.196.33 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 10cdb65eca342653f4ebae644f3a027a | http://www.fpqsystem.com.br/demo/Instalar_PET3.0_DEMO.exe || 2012-02-07 13:42:19 | sub16 | Ikarus | JS.IframeRef | 2/37 (5.4%) | AS32780 | 174.127.119.210 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 5bd311df5247128c2fbc923587b3f77b | http://www.free-registry-repair.com/fixregistryerrorz.exe || 2012-02-07 13:42:19 | sub16 | CAT_QuickHeal | AdWare.Agent.nk (Not a Virus) | 3/43 (7%) | AS15598 | 212.112.227.158 | abuse@ip-exchange.de | DE | RIPE | IPX-Server-NET | 3640c594e94dc5d1d838efc66e72bd1d | http://www.free-space.at/gratis-webspace.exe || 2012-02-07 13:42:19 | sub16 | AVG | PHP/Zbot | 5/43 (11.6%) | AS11798 | 74.220.215.64 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 165ef560723de5e2b720e877cc3daf77 | http://www.gatewayinternetmarketing.com/images/Products.php |+---------------------+-------------+---------------+---------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+------------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+100 rows in set (0.03 sec)
+---------------------+-------------+------------------+----------------------------------------------------------+---------------+------------------------------------+-----------------+-------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+------------------+----------------------------------------------------------+---------------+------------------------------------+-----------------+-------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2012-02-07 13:42:19 | sub16 | avira | WORM/HappyTime | 29/40 (72.5%) | AS14618 | 184.73.189.105 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-7 | 6155a65d614d898fa115da7ce5870d62 | http://www.ghostscript.com/pipermail/bug-gswin/2001-July.txt || 2012-02-07 13:42:19 | sub16 | Comodo | Heur.Suspicious | 1/40 (2.5%) | AS15133 | 93.184.220.20 | noc@edgecast.com | EU | RIPE | EDGECAST-NETBLK-04 | 82087cb1764de51bcd47624ae7475a17 | http://www.goforsharing.com/downloads/aktiv-download-manager-setup.exe || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_RFI_eval | 0/38 (0.0%) | AS16276 | 188.165.246.179 | abuse@ovh.net | FR | RIPE | OVH | 8ddba8dde88dbce497c4587c7928a3b5 | http://www.gtagarage.com/mods/show.php?id=9226 || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_RFI_eval | 0/40 (0.0%) | AS8455 | 91.217.56.90 | freek@tiscomhosting.nl | NL | RIPE | Tiscomhosting | de2cb8d220d2585b5b351d0cbcae9707 | http://www.hoogwaterlaagland.nl/adware.mywebsearch&page=2 || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS24940 | 213.133.104.16 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 48fdf7f438605efdd27cf9fd719f5e17 | http://www.ilonexs.de/ || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS30496 | 207.7.94.15 | noc@privatesystems.net | US | ARIN | PRIVATE-3 | 7102c9d25a7489469056f63ec4ee77ab | http://www.indochinatravelevent.com/ || 2012-02-07 13:42:19 | sub16 | eSafe | Suspicious File | 1/38 (2.6%) | AS29873 | 65.254.250.109 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC03 | 09f1ea4941353adf3b0c36256e9e83cd | http://www.intelligent-converters.com/demos/pdf2xmld.exe || 2012-02-07 13:42:19 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 6/40 (15%) | AS32613 | 174.142.134.109 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 276a84bda58a9def55eef35bf2838a77 | http://www.itsecteam.com/files/havij/Havij1.13Free.rar || 2012-02-07 13:42:19 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS49322 | 92.43.96.130 | hostmaster@vim.at | AT | RIPE | VIMDC | b1506bc0a557f2768ad8070d132fe12e | http://www.klausbiedermann.com/ || 2012-02-07 13:42:19 | sub16 | Avast | Win32:Malware-gen | 14/40 (35%) | AS6539 | 65.255.235.50 | western.gt@bell.ca | CA | ARIN | GT-65-255-235-0 | ca11cd5789ff8cfeb286e9729584c901 | http://www.largedocument.com/2/2824bc47/Runescape.exe || 2012-02-07 13:42:20 | sub16 | clamav | Trojan.Agent-250214 | 4/40 (10%) | AS36420, AS30315, AS13749, AS21844 | 184.173.219.200 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | ab3b6e73b21eb10ff005c676995ed520 | http://www.macvideosoft.com/software/macvideo_m2tsconverter.exe || 2012-02-07 13:42:20 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS39729 | 81.88.48.95 | abuse@register.it | IT | RIPE | REGISTERIT03 | 2706549670689b02f9c866c9b91124f9 | http://www.mcimmo.fr/ || 2012-02-07 13:42:20 | sub16 | McAfee_GW_Editio | Heuristic.BehavesLike.Win32.Downloader.C | 2/40 (5%) | AS12990 | 213.180.150.17 | abuse@onet.pl | PL | RIPE | PL-ONET-20000125 | c504bf8eb69f292d7ecb90669bbc6208 | http://www.mmdfactory.com/exsetup.exe || 2012-02-07 13:42:20 | sub16 | ClamAV | PUA.JS.Obfus-7 | 2/38 (5.3%) | AS15169 | 74.125.79.121 | arin-contact@google.com | US | ARIN | GOOGLE | 11f1a835391dd7c02648d78ffdb6c915 | http://www.mohsinworld4free.co.cc/2011/02/test-drive-unlimited-2.html || 2012-02-07 13:42:20 | sub16 | Avast | Win32:Relevant-X [PUP] | 6/39 (15.4%) | AS36351 | 173.193.143.250 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | a8d2c4ac59374d6d812899024fa33347 | http://www.morpheussoftware.net/morpheusmorph/download/16/MorpheusPhotoMorpher-316.exe || 2012-02-07 13:42:20 | sub16 | Symantec | WS.Reputation.1 | 0/40 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 69.93.79.171 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-9 | c0be64f4a1f1f954b170a5eccb531c8d | http://www.mp3towav.org/download/audio-encoder-21713.exe || 2012-02-07 13:42:20 | sub16 | F_Prot | File is damaged | 2/40 (5%) | AS36420, AS30315, AS13749, AS21844 | 69.93.79.171 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-9 | 0154327a0bb953fe0d753e82ca7b8151 | http://www.mp3towav.org/download/dvd_player_morpher_gold.exe || 2012-02-07 13:42:20 | sub16 | Jiangmin | Backdoor/IRC.aj | 2/40 (5%) | AS36420, AS30315, AS13749, AS21844 | 69.93.79.171 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-9 | 7b0b45cf1989e85878cecffc3d2dd0dc | http://www.mp3towav.org/download/Super-DVD-to-iPod-Converter.exe || 2012-02-07 13:42:20 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS6724 | 81.169.145.66 | abuse@strato.de | DE | RIPE | STRATO-RZG-KA | e8e60a8bb76bf2be27098f61d7014579 | http://www.natuerlich-im-mund.de/ || 2012-02-07 13:42:20 | sub16 | avira | SPR/Nospy.XA | 7/33 (21.2%) | AS16276 | 188.165.14.120 | abuse@ovh.net | FR | RIPE | OVH | 22b8d204e554a7678f6b563e071ef966 | http://www.no-spy.com/releases/installSpywareBrowserAdv.exe || 2012-02-07 13:42:20 | sub16 | AntiVir | HEUR/HTML.Malware | 17/40 (42.5%) | AS36420, AS30315, AS13749, AS21844 | 67.18.36.13 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-11 | bfe4b13bbd5d71b3c34dbe69ab543609 | http://www.outdoorleisurecompany.com/index_old.php || 2012-02-07 13:42:20 | sub16 | Jiangmin | Backdoor/Hupigon.bfuq | 1/40 (2.5%) | AS30277 | 72.9.158.54 | contact@dfw-datacenter.com | US | ARIN | TAILORMADESERVERS | b33705189f359b8fbed311d75a549e62 | http://www.perfecticon.com/downloads/perfect-computer-icons.zip || 2012-02-07 13:42:20 | sub16 | Jiangmin | Backdoor/Hupigon.bfuq | 1/40 (2.5%) | AS30277 | 72.9.158.54 | contact@dfw-datacenter.com | US | ARIN | TAILORMADESERVERS | 78cbd6b5d4155544bdc543a01e0155df | http://www.perfecticon.com/downloads/perfect-web-20-icons.zip || 2012-02-07 13:42:20 | sub16 | undef | unknown_file_$INSTDIR/ORA.exe | | AS32244 | 72.52.145.54 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-6 | ddf9776bc704df3f5feabce7d834d0f9 | http://www.phelios.net/files/pc/offroadsetup.exe || 2012-02-07 13:42:20 | sub16 | Rising | Suspicious | 0/40 (0.0%) | AS53628 | 173.0.139.163 | abuse@jdnextgen.com | US | ARIN | APYLI-AS | 6ed6d4237ecbac05ec8d121f1d6288f0 | http://www.productsfoundry.com/downloads/spamremover.exe || 2012-02-07 13:42:20 | sub16 | Comodo | UnclassifiedMalware | 4/40 (10%) | AS53628 | 173.0.139.163 | abuse@jdnextgen.com | US | ARIN | APYLI-AS | fa95b82522ca52382850e93476425824 | http://www.productsfoundry.com/downloads/webclonerpro.exe || 2012-02-07 13:42:20 | sub16 | VirusBuster | Trojan.PWS.LdPinch!QnFRv2meJ0Y | 1/40 (2.5%) | AS15657 | 217.13.199.46 | roquette@speedbone.de | DE | RIPE | PROSITE-WEB-199 | 0dcaed446de623264183daac07427add | http://www.pro-ebook.de/art/art.exe || 2012-02-07 13:42:20 | sub16 | Symantec | WS.Reputation.1 | 1/40 (2.5%) | AS15657 | 217.13.199.46 | roquette@speedbone.de | DE | RIPE | PROSITE-WEB-199 | 586e665b5e625e9a49424abb884ca643 | http://www.pro-ebook.de/blond/blond.exe || 2012-02-07 13:42:20 | sub16 | VirusBuster | Trojan.PWS.LdPinch!QnFRv2meJ0Y | 1/39 (2.6%) | AS15657 | 217.13.199.46 | roquette@speedbone.de | DE | RIPE | PROSITE-WEB-199 | 8007093de9a0ea628ba6b3b593354868 | http://www.pro-ebook.de/manet/manet.exe || 2012-02-07 13:42:20 | sub16 | VirusBuster | Trojan.PWS.LdPinch!QnFRv2meJ0Y | 1/39 (2.6%) | AS15657 | 217.13.199.46 | roquette@speedbone.de | DE | RIPE | PROSITE-WEB-199 | df5e61c65c99c7e46192382ef95f1e27 | http://www.pro-ebook.de/seurat/seurat.exe || 2012-02-07 13:42:20 | sub16 | NOD32 | HTML/ScrInject.B.Gen | 1/39 (2.6%) | AS16276 | 188.165.211.170 | abuse@ovh.net | FR | RIPE | OVH | 50d24880e2b536a9bafdcd3ce1fa2fb5 | http://www.radiolunaser.com/ || 2012-02-07 13:42:20 | sub16 | eSafe | Win32.TrojanHorse | 3/39 (7.7%) | AS8560 | 82.165.87.129 | abuse@1and1.com | DE | RIPE | SCHLUND-SHARED | 9005e911dfb39715d1d29748518d37d4 | http://www.reactive-software.com/instant-messenger/password-recovery-for-msn-setup.exe || 2012-02-07 13:42:20 | sub16 | DrWeb | BACKDOOR.Trojan | 2/40 (5%) | AS16406 | 64.78.27.90 | abuse@intermedia.net | US | ARIN | INTRMD-1 | 672e025ba697ef79ae3de0e5b867805f | http://www.rebrandsoftware.com/demodownload.asp?id=25 || 2012-02-07 13:42:20 | sub16 | avira | BDS/Agent.864256 | 6/40 (15%) | AS16406 | 64.78.27.90 | abuse@intermedia.net | US | ARIN | INTRMD-1 | b53de1a54bfc6d863efcea4538720e78 | http://www.rebrandsoftware.com/downloaddemo.asp?soft_id=22 || 2012-02-07 13:42:20 | sub16 | DrWeb | BACKDOOR.Trojan | 3/40 (7.5%) | AS16406 | 64.78.27.90 | abuse@intermedia.net | US | ARIN | INTRMD-1 | 1396dd586f585c66600b7bfaec9f26c8 | http://www.rebrandsoftware.com/downloaddemo.asp?soft_id=25 || 2012-02-07 13:42:21 | sub16 | undef | unknown_arch_zip | 0/40 (0.0%) | AS18779 | 64.92.119.161 | admin@name-serve.net | US | ARIN | NETFRONTS-BLK-1 | 6a799407a19a9702b8539e28f6ae37d7 | http://www.semsim.com/ccna/tutorial/subnetting/CCNA-Subnetting-Course-Map.zip || 2012-02-07 13:42:21 | sub16 | undef | unknown_file_$PLUGINSDIR/Download_Energy.exe | | AS15133 | 93.184.220.20 | noc@edgecast.com | EU | RIPE | EDGECAST-NETBLK-04 | 5a1e5d5e089114f647e6df8295d6b1e1 | http://www.sharingzone.com/winmx_mp3_free.exe || 2012-02-07 13:42:21 | sub16 | undef | unknown_file_edlv/EmployeeDesktopLiveVieweAgentSetup.exe | | AS36420, AS30315, AS13749, AS21844 | 184.172.190.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | c3305c54fa2806ff77215ce038b4bc99 | http://www.spywaretool.net/download/spyware-software.zip || 2012-02-07 13:42:21 | sub16 | undef | unknown_html_google_malware | 0/41 (0.0%) | AS4134 | 218.77.129.111 | hostmaster@ns.chinanet.cn.net | CN | APNIC | CHINANET-HI | 3f893cbb2f82ace26e91b827f2548b9c | http://www.sygdw.com/a/shitingsanya/diyiminsheng/20120203/3407.html || 2012-02-07 13:42:21 | sub16 | DrWeb | Trojan.KillProc.13765 | 3/39 (7.7%) | AS21844 | 74.52.78.82 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d2a5bbc631ded392f3e5e46efddbc5f9 | http://www.symptomsofpanicattacks.org/software/panicattacksolutionpuzzle.exe || 2012-02-07 13:42:21 | sub16 | Avast | Win32:Malware-gen | 7/40 (17.5%) | AS36351 | 67.228.97.152 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | 1fb2d955f614a00f18460fbf56e9fbe9 | http://www.tailileather.com/soft/taili5.exe || 2012-02-07 13:42:21 | sub16 | avira | SPR/UltraSurf.i.1 | 12/38 (31.6%) | AS6939 | 65.49.14.20 | abuse@he.net | US | ARIN | HURRICANE-9 | b2d30ed05e7a230b1d6254666234d51f | http://www.ultrareach.com/downloads/ultrasurf/u1008.exe || 2012-02-07 13:42:21 | sub16 | K7AntiVirus | Trojan | 3/38 (7.9%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 5d6574fadb88adb8c6475300a00e6df6 | http://www.updatedrivers.jupitersoftwares.com/2/linuxpcidriver/linuxpcidriver.exe || 2012-02-07 13:42:21 | sub16 | avira | JS/Infected.C | 20/38 (52.6%) | AS31178 | 95.128.72.25 | yann.szkolnik@celeonet.fr | FR | RIPE | FR-CELEONET-20090123 | 69e21ff2be0a639367d7e1a9d8774e93 | http://www.vinaigreblanc.com/wp-content/plugins/cforms/js/cforms.js || 2012-02-07 13:42:21 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 2/38 (5.3%) | AS26496 | 72.167.131.220 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | b76f2dd18e555704fdfd1b212abd8fc7 | http://www.vintagerecordz.com/xtramoney/programs/chmod.exe || 2012-02-07 13:42:21 | sub16 | ClamAV | PUA.Packed.EXECryptor | 3/40 (7.5%) | AS14585 | 208.76.175.47 | abuse@cifnet.net | US | ARIN | CIFNET-US-1 | 0c2aa548e239a06a64f0d2edd60bb5e6 | http://www.voicecallcentral.co.uk/downloads/fix_my_disk_setup.exe || 2012-02-07 13:42:21 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 14/39 (35.9%) | AS26347 | 69.163.251.84 | netops@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | e49b49868fc35991f4569b82bf4d82d8 | http://www.whitsoftdev.com/files/slimftpd.zip || 2012-02-07 13:42:21 | sub16 | avira | TR/Spy.1219057 | 4/39 (10.3%) | AS36420, AS30315, AS13749, AS21844 | 174.120.180.124 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 2db0c55ef8e8cfba5906de30a5f66bc6 | http://www.wifihotspotcreator.com/WiFiHotSpotCreatorSetup.exe || 2012-02-07 13:42:21 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS46475 | 69.162.73.75 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 039662fe157996ca9ad0e389e25d8fc0 | http://www.xtibia.com/forum/index.php?app=core || 2012-02-07 13:42:22 | sub16 | avira | ADSPY/NaviPromo.J | 6/40 (15%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 5e5de27991da81eeb01145d1f48f625e | http://www.zillaftp.com/download/zfmx10016.exe || 2012-02-07 13:42:22 | sub16 | Sophos | Troj/TdlMbr-D | 1/40 (2.5%) | AS35584 | 89.36.197.205 | abuse@jump.ro | RO | RIPE | RO-JUMP-20051129 | 6a727e5463b8bbf28ae33e87aca44d5b | http://www.zylsoft.com/zylnmeagen.zip || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 14/43 (32.6%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG025031.JPG || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 14/43 (32.6%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG256968.JPG || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 14/43 (32.6%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG370978.JPG || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 14/43 (32.6%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG425061.JPG || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 14/43 (32.6%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG853856.JPG || 2012-02-07 13:42:22 | sub16 | avira | ADWARE/SMSHoax.71.3 | 18/38 (47.4%) | AS26347 | 69.163.165.69 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | b374dfa5144d88cd9e0f1aeca85f7be2 | http://youvsfood.com/album.php?Facebook.com-IMG902410.JPG || 2012-02-07 13:42:22 | sub16 | Avast | HTML:Iframe-inf | 3/41 (7.3%) | AS4808 | 220.194.56.109 | zhouxm@chinaunicom.cn | CN | APNIC | UNICOM | b19262d27320424ade809d7856cab87f | http://zhyyjlw.com.cn/ || 2012-02-07 12:49:07 | sub17 | avira | HTML/ImgHack.A.1 | 9/38 (23.7%) | AS3595 | 69.73.171.21 | abuse@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | 58eacb33f7e42f93dd43295cb19cd6c4 | http://shabelleh.com || 2012-02-07 13:58:11 | sub1 | McAfee_GW_Editio | Heuristic.BehavesLike.JS.Downloader.A | 1/40 (2.5%) | AS11798 | 69.27.174.10 | abuse@0catch.com | US | ARIN | 0CATCH-NETWORK-1 | e5f16d06e92fa6dda02ff9a13b55384b | http://qyrete1379.o-f.com/vizeyy2.html || 2012-02-07 13:58:11 | sub1 | DrWeb | SCRIPT.Virus | 2/40 (5%) | AS3356 | 8.21.33.222 | abuse@level3.com | US | ARIN | LVLT-ORG-8-8 | 02135bb60de3961dd0df8bb04f743c9e | http://alyxee1183.cwahi.net/uhojif.html || 2012-02-07 14:10:08 | sub10 | avira | TR/Agent.389120 | 22/43 (51.2%) | AS21788 | 184.82.131.218 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 7708a4e6a631073910b6e4ff709af6fa | http://ahat1.org/1000host.exe || 2012-02-07 14:11:10 | sub5 | avira | PHP/PBot.A | 29/43 (67.4%) | AS27715 | 186.202.12.20 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | ce16cde060893afb62309641e37dff42 | http://sindtur.org.br/arquivos/documentos/pbotdelay_7tzzznbya5.txt? || 2012-02-07 14:30:08 | sub16 | undef | unknown_arch_zip | 0/43 (0.0%) | AS25653 | 69.57.164.41 | abuse@fortressitx.com | US | ARIN | FORTRESSITX | d666c23ada7815ca216ef1f36c18bf93 | http://biniinvest.com/pad/hl7.zip || 2012-02-07 14:30:09 | sub16 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS33182 | 199.168.189.168 | abuse@dimenoc.com | US | ARIN | DIMENOC | de6c8173afaa5cf496b8755e5e8bfee7 | http://www.bestnzb.com/dl/downloadfreegamesonpsp.exe || 2012-02-07 14:30:09 | sub16 | avira | JS/Agent.alf | 21/43 (48.8%) | AS29802 | 199.167.145.21 | abuse@noc4hosts.com | US | ARIN | NOC4HOSTS | 974fb249dbf3bee0b2d9268d90825fb7 | http://www.coffeetoffee.co.id/ || 2012-02-07 14:44:48 | sub10 | Avast | Win32:Injector-AJM [Trj] | 9/43 (20.9%) | AS197812 | 91.226.97.60 | alex.kitai@gmail.com | RU | RIPE | BASCOL-NET | 77981728f0b6355974ae0c7199c7588c | http://horny4us.info/bll/load.exe || 2012-02-07 14:44:49 | sub10 | avira | TR/Spy.186368.31 | 21/43 (48.8%) | AS16276 | 178.32.144.85 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | 87ad0da0f59c9ac18642ed56004a0e49 | http://tam.fl0w.ws/dj/bot.exe || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | db572855aab70fe1e0f85be5811f4462 | http://178.170.147.21/content/adfp2.php?f=126 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/42 (26.2%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | a79c69b7ba23a830a0a3b5345a323fa2 | http://178.170.147.21/content/adfp2.php?f=163 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 03385dadca0880ac7dc94bfeeaf6ac60 | http://178.170.147.21/content/adfp2.php?f=222 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/43 (32.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 26ad50d735ba64981b4c8ffb67634071 | http://79.137.237.66/content/adfp1.php?f=87 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | d6917607dfb19dfd0a2f3e135dd2bea6 | http://79.137.237.66/content/adfp2.php?f=23 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4404ca7fcedf5a638f21c8a6780c2d2f | http://79.137.237.66/content/adfp2.php?f=230 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 63e7f8c73f3f34a00bd7202a246f545d | http://79.137.237.66/content/adfp2.php?f=256 || 2012-02-07 14:44:49 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 2eefb032eeb1e0b32ed7537eb570ff1a | http://79.137.237.66/content/adfp2.php?f=283 || 2012-02-07 14:44:49 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a5ba21f0e86b08c5ac5e7cd23c431a79 | http://79.137.237.66/content/fdp2.php?f=181 || 2012-02-07 14:44:49 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | d853caa7d86c77b87c6b2f88bdcfbf0c | http://79.137.237.66/content/fdp2.php?f=53 || 2012-02-07 14:44:49 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | dddcbd0eaf6efe5efc0af6b73a319635 | http://79.137.237.66/content/fdp2.php?f=80 || 2012-02-07 15:01:59 | sub20 | undef | unknown_exe | 0/43 (0.0%) | AS26277 | 72.18.192.56 | noc@premianet.com | US | ARIN | PREMIANET | c8307fd5b7257fd5b25b86ccad69b28c | http://www.topcerts.com/jre-6-windows-i586-iftw.exe || 2012-02-07 14:55:44 | sub5 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS30496 | 72.249.87.22 | abuse@colo4dallas.com | US | ARIN | COLO4-BLK2 | 3956d91f5615bcce1a5c58f1ebefc1bd | http://isolaponza.info/ita/control_panel/uploads/injec.php || 2012-02-07 15:20:08 | sub16 | clamav | PUA.Packed.PECompact-1 | 6/43 (14%) | AS17036, AS22653 | 69.61.74.188 | abuse@cyberwurx.com | US | ARIN | NET-GLOBAL-COMPASS | a2936aeb5c78d11b02e722405106fdc5 | http://www.casinoschule.com/downloads/carnivalcasino.exe || 2012-02-07 15:40:09 | sub14 | DrWeb | Adware.InstallCore.17 | 2/43 (4.7%) | AS46281 | 94.127.76.170 | ripeadmin@cotendo.com | US | RIPE | IL-CTNDO-20081008 | 26ab0316563827c0f7cc2e0522f1dd6b | http://audacity.soft32.com/get/file/id/730155 || 2012-02-07 15:40:09 | sub14 | DrWeb | Adware.InstallCore.17 | 2/43 (4.7%) | AS46281 | 94.127.76.170 | ripeadmin@cotendo.com | US | RIPE | IL-CTNDO-20081008 | 73044f43b131adc7b7cf430bb11ce8ee | http://audacity.soft32.com/get/file/id/772795 || 2012-02-07 15:40:09 | sub14 | avira | DR/Dldr.Small.atkz | 21/41 (51.2%) | AS8422 | 78.35.36.202 | abuse@netcologne.de | DE | RIPE | ARTEGIC | 7ee8ba61e081a00a3f03f18360632262 | http://diebestenbits.de/files/86098ef82c97fa789a47a8d2e8800794/115/dana-setup.exe&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&<br&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&> || 2012-02-07 15:40:09 | sub14 | Avast | Win32:MediaGet-B [PUP] | 6/43 (14%) | AS41947 | 92.241.182.191 | abuse@wahome.ru | RU | RIPE | WAHOME-COLO | 43161230c87111dcfe81cd4843511d02 | http://mediaget.com/torrent.php?r=h33t&&&&u=http:%2F%2Fh33t.com%2Fdetails.php?id=5f0fd37e148b21ebbb10ab3a5fb3dc0ee7b78834&&&&f=2010+Counter-Strike+Source+NonSteam+4231+[[drummwill || 2012-02-07 15:40:12 | sub16 | avira | ADWARE/Agent.1893251 | 20/43 (46.5%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 1e967cabe132d9e1980f5a4ee85a72b9 | http://www.toptenreport.com/Acronis/aor.exe || 2012-02-07 15:50:04 | sub16 | Antiy_AVL | Trojan/Win32.Diple.gen | 10/43 (23.3%) | AS11798 | 69.89.21.73 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 1f0168a810f94aecf0ed9cc2860d5ffe | http://dressupgamesmag.com/files/coupledressup4.exe || 2012-02-07 15:50:05 | sub16 | avira | JS/Agent.alf | 20/43 (46.5%) | AS7506 | 210.172.144.27 | warita@gmo.jp | JP | APNIC | INTERQ | 34172d1e2e978641171443315179c594 | http://www.z-cre.jp/ || 2012-02-07 16:00:08 | sub16 | clamav | PUA.Packed.EXECryptor | 2/43 (4.7%) | AS9316 | 61.110.212.47 | abuse@shinbiro.com | KR | APNIC | KRNIC-KR | 8949cb8d89ff5f00c632ffab6ccd2557 | http://kings.nefficient.co.kr/kings/kdfinj6x/411110401_6060/kdfinj.dll || 2012-02-07 16:10:05 | sub16 | avira | ADSPY/NaviPromo.J | 8/43 (18.6%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 2ff21b46274c9239ccf03bc713cdca13 | http://www.downloadupload.com/download/dudc10014.exe || 2012-02-07 16:20:05 | sub10 | Avast | MSIL:Injector-L [Trj] | 5/43 (11.6%) | AS49981 | 217.23.15.160 | abuse@customerpanel.nl | NL | RIPE | WORLDSTREAM | bf99032fc316bc3bc74c91672ccf4e4e | http://217.23.15.160/~javaevic/dinle.exe || 2012-02-07 16:20:06 | sub10 | avira | TR/Toha.A.13 | 17/43 (39.5%) | AS51430 | 91.223.82.63 | abuse@iws.co | NL | RIPE | IWS-NETWORK | 251058ba169f444b5f5e2a1a4d4df229 | http://91.223.82.63/%7eperfect1/Hackscenter%20Free%20Trial.exe || 2012-02-07 16:20:06 | sub10 | avira | TR/Lethic.B.32 | 14/43 (32.6%) | AS197812 | 91.226.97.21 | alex.kitai@gmail.com | RU | RIPE | BASCOL-NET | ea6887247182ccc7b393d59fc1cfeb11 | http://91.226.97.21:80/archive/midekn.exe || 2012-02-07 16:20:08 | sub16 | avira | W32/Induc.A | 21/43 (48.8%) | AS36351 | 67.228.157.142 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | 53801bb0f50ede772368b69929e6157f | http://www.pblsoft.com/ripple/down/setup(ripplex).exe || 2012-02-07 16:20:09 | sub16 | avira | ADSPY/NaviPromo.J | 11/43 (25.6%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 8767e3c0380b6fd60b1c838fd7de59b2 | http://www.toptenreport.com/download/rdsmem.exe || 2012-02-07 16:20:09 | sub16 | avira | ADSPY/NaviPromo.J | | AS31815 | 205.186.187.146 | abuse@mediatemple.net | US | ARIN | MEDIATEMPLE-106 | 983c2557bb128d0f1c3f5cb6aa249ddb | http://www.ultimatumz.com/downloads/freemanta_installer.exe || 2012-02-07 16:30:06 | sub10 | Avast | Win32:Banker-JAP [Trj] | 13/43 (30.2%) | AS36351 | 173.192.220.99 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | a3b46cdde6b1e82d18933af1ae5474cb | http://itainteasy.ca/imgs/Instalador.exe || 2012-02-07 16:30:08 | sub10 | Kaspersky | Trojan-Dropper.Win32.Dapato.abwm | 4/43 (9.3%) | AS33070, AS10532, AS19994, AS27357 | 67.192.194.98 | abuse@rackspace.com | US | ARIN | RSCP-NET-4 | 247632deda1824eab0a1cd71e434eece | http://lmsc.com.au/upload/calender/novaproposta.pdf.exe || 2012-02-07 16:30:08 | sub10 | AhnLab_V3 | Win-Trojan/Agent.616658 | 13/43 (30.2%) | AS31034 | 62.149.128.151 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 9a6a4e086594b0ef6e5d51a390ec5a3e | http://qlt.it/public/Upload_JPG/main/video-889212.wmv.exe |+---------------------+-------------+------------------+----------------------------------------------------------+---------------+------------------------------------+-----------------+-------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+100 rows in set (0.07 sec)
+---------------------+-------------+-------------+------------------------------------------------------------------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+---------+-------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------+| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+-------------+------------------------------------------------------------------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+---------+-------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------+| 2012-02-07 16:30:08 | sub10 | avira | TR/Dldr.Dofoil.O.30 | 11/43 (25.6%) | AS41390 | 195.3.145.44 | abuse@altnet.lv | LV | RIPE | ALTNET-LV | 980bf7ffd92fa390fd95f401872994db | http://rodelen.in:80/sbu2bjn.exe || 2012-02-07 16:40:04 | sub15 | BitDefender | Trojan.Generic.KD.528226 | 8/43 (18.6%) | AS24940 | 78.46.76.106 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | ccd449976f9b47c7dbbac5c18d62edd5 | http://78.46.76.106/files/104 || 2012-02-07 16:40:04 | sub15 | BitDefender | Trojan.Generic.KD.528225 | 5/43 (11.6%) | AS24940 | 78.46.76.106 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 4def032ae4d007873ef5081fc14b5904 | http://78.46.76.106/files/103 || 2012-02-07 16:40:04 | sub15 | BitDefender | Trojan.Generic.KD.528049 | 8/43 (18.6%) | AS24940 | 78.46.76.106 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 4dcd5f0a3b3a156cc3cb91ae0e051e2b | http://78.46.76.106/files/102 || 2012-02-07 16:40:04 | sub15 | BitDefender | Trojan.Generic.KD.528230 | 7/43 (16.3%) | AS24940 | 78.46.76.106 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | ce1edfa1525cd9e656a4e695e2a034b9 | http://78.46.76.106/files/101 || 2012-02-07 16:40:04 | sub15 | Microsoft | Backdoor:Win32/Caphaw.A | 1/43 (2.3%) | AS24940 | 78.46.76.106 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | cd405fb025780ffe294113d4834d60d9 | http://78.46.76.106/files/100 || 2012-02-07 13:36:02 | sub8 | undef | WebToolbar.Win32.RK.cb | 0/43 (0.0%) | AS16276 | 46.105.174.27 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 22a5afdfd044fd69c8b9d1bafce19f55 | http://dlfr.pctuto.com/clib/pctuto/fr/tutoccleaner001_03/ || 2012-02-07 16:50:08 | sub1 | BitDefender | Trojan.Script.HA | 9/41 (22%) | AS45721 | 111.68.119.50 | hostmaster@varnion.com | ID | APNIC | VARNION-ID | 12a39b43b34bca76fca6e32d90a9f5e0 | http://usaha-online.com/51phvwV5/index.html || 2012-02-07 16:50:09 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/41 (26.8%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 353c8b2c22170354daf68ece7f34964f | http://178.170.147.21/content/adfp2.php?f=192 || 2012-02-07 16:50:09 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/41 (26.8%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | c3b1c74915a63f8245eec1bebfebdcea | http://178.170.147.21/content/adfp2.php?f=257 || 2012-02-07 16:50:09 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/41 (26.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a773eea8f2104a05466de55a26af97c8 | http://79.137.237.66/content/adfp2.php?f=127 || 2012-02-07 16:50:09 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 5/42 (11.9%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 2bf27f7e0f208e7551fc2f3541b0dd0e | http://79.137.237.66/content/adfp2.php?f=225 || 2012-02-07 16:50:10 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/42 (26.2%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 69d983618b92c298770ce18206f07415 | http://79.137.237.66/content/adfp2.php?f=253 || 2012-02-07 16:50:10 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 3a3493118a8f4cff140bee899d65f5e9 | http://79.137.237.66/content/adfp2.php?f=27 || 2012-02-07 16:50:10 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | bff0e5b4bcb56a2e75f34553a1134c7f | http://79.137.237.66/content/adfp2.php?f=276 || 2012-02-07 16:50:10 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 97b1638b57fe8c5b8e475fc0f0f07e59 | http://79.137.237.66/content/fdp2.php?f=164 || 2012-02-07 16:50:10 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 45749ad6fad29712de9637c9f6e48696 | http://79.137.237.66/content/fdp2.php?f=184 || 2012-02-07 17:10:09 | sub16 | avira | ADSPY/NaviPromo.J | 13/43 (30.2%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 5a32ab268887a960c825025dab255c85 | http://www.toptenreport.com/download/essb.exe || 2012-02-07 17:10:09 | sub16 | NOD32 | HTML/ScrInject.B.Gen | 1/43 (2.3%) | AS8560 | 74.208.183.153 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 21a4047cc47e8ef4640c42cad4192199 | http://www.wisecurls.com/ || 2012-02-07 17:20:05 | sub10 | AntiVir | HEUR/Malware | 14/42 (33.3%) | AS28271 | 201.33.26.83 | contato@datacorpore.com.br | BR | LACNIC | 008.210.265/0001-26 | d143d6c1c5b2779d35031744ba93f6b5 | http://201.33.26.83/pravc.exe || 2012-02-07 17:30:07 | sub10 | avira | TR/Crypt.ZPACK.Gen2 | 28/42 (66.7%) | AS30568, AS11434, AS14383 | 74.200.85.201 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | 403d8d06d9fc8fe3b86dc9d9b2822f85 | http://houservices.es/pruebas/1.exe || 2012-02-07 17:30:07 | sub10 | avira | TR/Offend.7172731 | 19/43 (44.2%) | AS46664 | 199.168.139.53 | info@volumedrive.com | US | ARIN | VOLUMEDRIVE | 41cc4ad694dee60a1390b3e3d409d68e | http://krobodoping.in/ico/partner_011.exe || 2012-02-07 17:30:07 | sub10 | avira | TR/Crypt.ULPM.Gen | 15/43 (34.9%) | AS31034 | 62.149.128.163 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 32cbba9637933b6f4a11061b848ea21d | http://lacortigianadelre.it/cache/mod_login/upp.exe || 2012-02-07 17:30:07 | sub10 | avira | TR/Ezula.AD | 17/43 (39.5%) | AS27257 | 174.137.173.78 | ipadmin@webair.com | US | ARIN | WEBAIRINTERNET4 | abe7a9ec9a298aebb5a1f318094f5fd5 | http://manidownloads.info/files/javainst3.exe || 2012-02-07 17:30:07 | sub10 | BitDefender | Gen:Variant.Kazy.55008 | 8/43 (18.6%) | AS35470 | 79.170.88.183 | abuse@xl-is.net | NL | RIPE | XLIS-VPS2 | f9504311b212f007930d439f4026578d | http://motion-graphics.nl/rapport.pdf.exe || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/42 (26.2%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | 6e7a106f645c602eea7938e356339ba9 | http://178.170.147.21/content/adfp2.php?f=146 || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | f77dba30ccce0fa345b56c8c2e435e37 | http://178.170.147.21/content/adfp2.php?f=177 || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 10/43 (23.3%) | AS48361 | 178.170.147.21 | | RU | RIPE | GlobaTel | a98edcb4cc1d9daae08b7eaec8996903 | http://178.170.147.21/content/adfp2.php?f=231 || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/42 (33.3%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | c60c212a820ea30ee86ad8eea14dac96 | http://79.137.237.66/content/adfp1.php?f=82 || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | ebea8d149a7ebf2633a29eada847cc23 | http://79.137.237.66/content/adfp2.php?f=228 || 2012-02-07 17:40:04 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 31df4fc9ab5521175fadd549da75dc2d | http://79.137.237.66/content/adfp2.php?f=258 || 2012-02-07 17:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJS-1 | 11/43 (25.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4215f2b22f98873f0dfaa01ba580ca1c | http://79.137.237.66/content/adfp2.php?f=295 || 2012-02-07 17:40:05 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 90fdb3d81f866cf34c9f84a7ab2b8620 | http://79.137.237.66/content/fdp2.php?f=197 || 2012-02-07 17:40:05 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 0b2d245b888a4af55d00fa11a0571792 | http://79.137.237.66/content/fdp2.php?f=78 || 2012-02-07 17:40:05 | sub24 | AhnLab_V3 | Trojan/Win32.PornoAsset | 12/43 (27.9%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 752bf6e1fa9bcabb53ba208daf1c6fbf | http://79.137.237.66/files/1260 || 2012-02-07 17:40:06 | sub16 | avira | EXP/JS.Blacole.AB | 21/43 (48.8%) | AS16637 | 196.7.147.29 | abuse@mtnbusiness.co.za | ZA | AFRINIC | MTNBUSINESS-196-7-147-0-24 | ba2def3aa548879afbb3f1cc5a7972f8 | http://www.cyberco.co.za/ || 2012-02-07 17:40:07 | sub16 | Ikarus | Trojan-Dropper.FakeAle | 7/43 (16.3%) | AS32475 | 69.175.66.250 | netops@singlehop.com | US | ARIN | SINGLEHOP | 10cbb948f64fa1a9200a9c7384765b88 | http://www.spyware-adware-remover.com/sr/registrycleanrepair/RegistryRepairSoftware.exe || 2012-02-07 17:50:06 | sub10 | avira | TR/Dldr.Dofoil.O.27 | 10/41 (24.4%) | AS41390 | 195.3.145.44 | abuse@altnet.lv | LV | RIPE | ALTNET-LV | 4fa76ba0c0897df19467665ac7564a6d | http://rodelen.in/sffnj1mkmc.exe || 2012-02-07 17:50:06 | sub10 | eTrust_Vet | malicious | 5/43 (11.6%) | AS12350 | 212.40.14.8 | abuse@datacomm.vtx.ch | CH | RIPE | CH-VTX-980218 | 5e3da2743868732b75f00a7f8de2ef1f | http://sousa.ch/images/adobe.exe || 2012-02-07 17:50:39 | sub5 | avira | PHP/Pastie.637 | 26/43 (60.5%) | AS12327 | 31.222.203.82 | abuses@idear4business.net | GB | RIPE | IDEAR4BUSINESS-UK | 493d3c720be431004253125118998a5d | http://ralphlaurenukonlineshop.com/php.ini????? || 2012-02-07 18:10:03 | sub7 | avira | PHP/Pastie.637 | 26/43 (60.5%) | AS12327 | 31.222.203.82 | abuses@idear4business.net | GB | RIPE | IDEAR4BUSINESS-UK | 493d3c720be431004253125118998a5d | http://www.ralphlaurenukonlineshop.com/php.ini????? || 2012-02-07 18:10:03 | sub1 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS30968 | 77.221.130.24 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 48b1823cf7c2b407c8d811cd99956522 | http://ag-socrat.spb.ru/phenomenally.html || 2012-02-07 18:20:08 | sub16 | avira | ADWARE/Agent.1817543.1 | 7/43 (16.3%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | a1e625f5e0917707372a796aad7ae956 | http://www.toptenreport.com/download/systools-outlook-to-notes5.exe || 2012-02-07 18:40:07 | sub16 | avira | ADSPY/NaviPromo.J | 7/43 (16.3%) | AS41550 | 91.207.44.10 | abuse@hostbizua.com | UA | RIPE | FUIR-MNT | 68971e12d7c8236107e37f102b39973c | http://www.falcogames.com/ArkanixSetup.exe &n
Topic: clean mx's daily dirt (Read 4195573 times)
