0 Members and 3 Guests are viewing this topic.
+---------------------+------------------+-------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------------+-------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/AZFAR-PC/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/BASHIR-PC/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/AMIANDHASSU-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/P-1F084A6522C04/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/PMA-7D98690B11A/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/KHAN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/MAJFARHAN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/TTT-333B3D0D04A/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ABC-F22BEEA8B4C/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/JHKJ-4C511463D9/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HG-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HASSAAN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ANOAN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/PAKISTAN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ONUCI-FA7465510/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ZAIFI-PC/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/----------/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/PAK786/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/TAEES-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/WALIKHAN/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/TANGO/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/KHALID/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/NOUMAN/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/ALEEM-606E34111/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ZAHIN-ZAIMA/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/NOOR-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/KHAN-64BE13ED9F/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/KHIZI-B59D4F164/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/EMBASSY-FE6555A/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/34-D43B5BA7BDAA/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/2-2B9A80E330074/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/KHAN/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/ARMY-DDFDE708FC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/DFENCE-712EFEBB/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/PD-F6297FCAF2C5/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ISHTIAQ-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/CBM-12B11311362/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/PERSONAL-016EF1/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/AZHAR/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/JAHANGIR-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/AAA-2C3FC2E5716/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/FAISAL-132FF0D0/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/JOJO-77971039A5/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HUMAYUN-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/MUSHTAQ-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/MUHAMMADJAMI-LT/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/KONVICT-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/SIKANDAR-99315A/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/BOBDYLON-PC/algg.exe || 2011-02-09 19:19:22 | avira | TR/Dropper.Gen | 22/41 (53.7%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 2df4497b3b95c77d6dc1d03deec57cb3 | http://cppblog.net/amazonforest/NETWORLD/algg.exe || 2011-02-09 19:19:22 | avira | TR/Dropper.Gen | 22/41 (53.7%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 2df4497b3b95c77d6dc1d03deec57cb3 | http://cppblog.net/amazonforest/NHA-B013AD3D0BA/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/ALIJAFRI-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/GOLD_XP_HOME/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/MAMOON-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HOME/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ROHAIL/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/FIST-SECURITY/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/IZHAR-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HOME-PC/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/YOUR-0548C161E1/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/HFFDDF/algg.exe || 2011-02-09 19:19:22 | AhnLab_V3 | Backdoor/Win32.Agent | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/TALAAT-LAPTOP/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/CMES/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/ALI-13C50977781/algg.exe || 2011-02-09 19:19:22 | avira | BDS/Agent.bfqr | 27/42 (64.3%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | 3fd48f401edf2e20f1ca11f3dae3e2ef | http://cppblog.net/amazonforest/USER-AA52B00EA5/algg.exe || 2011-02-09 19:19:22 | Avast | Win32:Malware-gen | 10/42 (23.8%) | AS47869 | 109.235.49.158 | abuse@netrouting.eu | NL | RIPE | NL-NETROUTING-20100122 | b99bb62795d76497f7cf31f9fedc9207 | http://cppblog.net/amazonforest/SHAFIQUE/algg.exe || 2011-02-09 19:21:34 | DrWeb | Adware.Softomate.origin | 2/43 (4.7%) | AS13649 | 74.63.145.186 | abuse@viawest.net | US | ARIN | VIAWEST-BLK-17 | 4a66cc2631e618cb26c5ba33d0a2da21 | http://www.shopathome.com/install/toolbar5200_ff.cab || 2011-02-09 19:37:39 | undef | unknown_exe | 0/41 (0.0%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | e812e1f63a952057e3916006cab098c1 | http://www.parislemarais.com/dormir/explorer7.exe || 2011-02-09 17:27:13 | undef | File is damaged | 0/43 (0.0%) | AS12578 | 195.226.218.148 | ripe@vps-hosting.lv | LV | RIPE | VPS-HOSTING-NET2 | 6e33d6ad3d73fa583d814f5dc1131cc1 | http://lock00.ipq.co/ || 2011-02-09 19:12:02 | undef | W32/CodeCcl-based!Maximus | | AS30968 | 109.120.157.60 | abuse@infobox.ru | RU | RIPE | INFOBOX-HYPER-V | 6d2b764a6219470eea0ba8b5161cd88d | http://implex.dyndns.org/1309/ || 2011-02-09 19:12:02 | undef | Backdoor.Win32.SdBot.wgt | 0/43 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | a18bf138611c84847da13041773560aa | http://surprise-mnesa.co.cc/ || 2011-02-09 19:12:02 | undef | Trojan.Win32.VBKrypt.bcuv | | AS15201 | 200.98.197.86 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 67c84a8445cea5bae6f523a3b1b3aaf3 | http://www.hi6.com.br/ || 2011-02-09 20:41:02 | avira | PHP/Spy.Bull | 11/41 (26.8%) | AS18189 | 202.59.201.80 | sabarr@broadnetasia.com | ID | APNIC | BNA | 43e2f9da02cef8a9aa6b146f649f3ebe | http://widyagama.ac.id/-/response?? || 2011-02-09 21:07:44 | avira | SPR/PHP.ID | 21/41 (51.2%) | AS23352 | 205.234.145.224 | support@servercentral.net | US | ARIN | SCN-4 | fe3831c268bc9d41739e3574a04ab0e8 | http://3ds.by/content/id-vnc.txt??? || 2011-02-09 21:07:44 | undef | unknown_html_RFI | | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.118.226 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 4cd4b03abb26a11036a59dc747aaa2c8 | http://imagequest360.com/?fp=8TfCfiQ4OIQDcttlZ111HxRbrwqa1nA2wlNUmErjc47brKeQxIA%2FRbRf7JS87svF82AF%2FKesKkj%2FjmuUB5sesw%3D%3D&prvtof=Qm1KFR895RXiu9OEoiVgG6Irtqj%2FH9iTivh8hKRxSz4%3D&poru=4jzsiBelOofcmRpydCJKLRvEgMRCzcz78gOyH0arFylgcQ5cdDhsNUx2h3JaMqhmpUChm69MPmbfF5A0wCV%2BhA%3D%3D&cifr=1& || 2011-02-09 21:07:44 | avira | PERL/Shellbot.aa | 19/42 (45.2%) | AS45634 | 180.210.203.59 | noc@sparkstation.net | SG | APNIC | SPARKSTATION-AS-AP | 281dbc65f9f54822083ec933accf8149 | http://pta-bandarlampung.go.id/.../sql.txt || 2011-02-09 21:07:44 | undef | unknown_exe | | AS16276 | 91.121.211.55 | abuse@ovh.net | FR | RIPE | OVH | c6c2270e92941bd6b96ac33021371e12 | http://app.freecompressor.com/it/FreeCompressor.msi || 2011-02-09 21:07:44 | undef | unknown_html | 0/43 (0.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | fed56d5d9a56442d5b2f2f4e4736b7aa | http://danidutrasports.com/imagens/videoplayback.flv.wmv || 2011-02-09 21:07:44 | CAT_QuickHeal | WebToolbar.Sahat.b (Not a Virus) | 11/43 (25.6%) | AS13649 | 74.63.145.186 | abuse@viawest.net | US | ARIN | VIAWEST-BLK-17 | 4bebd1a846b617b62f25223062f7b3b1 | http://www.shopathome.com/install/setup5200.cab || 2011-02-09 21:07:46 | undef | unknown_html | 0/43 (0.0%) | AS36351 | 74.86.74.96 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | eed8d252a7219a981e784380d3001616 | http://gustavo12301.bravunet.com/controlador.swf || 2011-02-09 21:07:46 | undef | unknown_html | 0/43 (0.0%) | AS36351 | 74.86.74.96 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 8c1b819f4e558dc38e18563a9c635566 | http://gustavo12301.bravunet.com/mandachuva.swf || 2011-02-09 21:07:46 | undef | unknown_html | 0/43 (0.0%) | AS36351 | 74.86.74.96 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | d0860230b516bf7841beb79dcf61512c | http://gustavo12301.bravunet.com/salvador.swf || 2011-02-09 20:43:00 | avira | PHP/Pbot.A.10 | 20/43 (46.5%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | e63be165530f77601b32273c89ae0ab2 | http://nojtle.t35.com/tr0nd1tj3.txt??? || 2011-02-09 21:42:26 | avira | TR/VB.apac | 7/43 (16.3%) | AS32475 | 184.154.80.138 | abuse@singlehop.com | US | ARIN | SINGLEHOP | c3ba8653e4b2edb9217b970a88739f44 | http://sexytoysland.com/images/facebook-pic0009345919.exe || 2011-02-09 21:43:23 | avira | TR/Crypt.XPACK.Gen3 | 7/43 (16.3%) | AS21788 | 66.197.132.69 | abuse@hostnoc.net | US | ARIN | HOSTNOC-2BLK | 23efeb9128e5325d920ce45376efc867 | http://ma-share.com/uploads/479fc9e694.rar || 2011-02-09 21:43:23 | avira | TR/Dropper.Gen | 14/42 (33.3%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 6dbe508bb262af911bb6e30a1cfc0e1b | http://facebook-surprise-mkwr.tk/surprise.exe || 2011-02-09 21:43:23 | avira | TR/Dropper.Gen | 5/43 (11.6%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | 0dcacfa76a4e7ef8758d72fa17c68b50 | http://bit.ly/gCj8l4?0.29458 || 2011-02-09 21:43:23 | avira | TR/ATRAPS.Gen | 5/43 (11.6%) | AS33182 | 66.7.207.175 | abuse@dimenoc.com | US | ARIN | DIMECNET | 535836c0c1cdcbd676a9ba2c6f3fbeee | http://wwaegroup.com/libraries/domit/domer/Recadastro.exe || 2011-02-09 21:43:23 | avira | TR/ATRAPS.Gen | 5/43 (11.6%) | AS33182 | 66.7.207.175 | abuse@dimenoc.com | US | ARIN | DIMECNET | 535836c0c1cdcbd676a9ba2c6f3fbeee | http://wwaegroup.com/libraries/domit/domer/Recadastro.php || 2011-02-09 21:43:23 | avira | SPR/NetCat.A | 23/43 (53.5%) | AS24940 | 178.63.0.7 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 63c0a42b80603ea119badca8ea4ea5d4 | http://hdmedia.altervista.org/HDMServices/HDMSInstall.zip || 2011-02-09 21:43:23 | avira | TR/Dropper.Gen | 5/43 (11.6%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | 0dcacfa76a4e7ef8758d72fa17c68b50 | http://bit.ly/gCj8l4?0.78918 || 2011-02-09 21:43:23 | avira | TR/Dropper.Gen | 5/43 (11.6%) | AS15201 | 200.98.197.58 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 0dcacfa76a4e7ef8758d72fa17c68b50 | http://monicaroberts-eventos.com/paula/eIAr4X.zip || 2011-02-09 21:43:23 | undef | unknown_html | 0/43 (0.0%) | AS16265 | 217.119.57.22 | abuse@dot.tk | NL | RIPE | SYNNET-VERZA | 298089353becee0faefd99f1003c698f | http://runescape-tools.tk/ || 2011-02-09 21:43:23 | McAfee_GW_Editio | Heuristic.BehavesLike.Win32.ModifiedUPX.C | 5/43 (11.6%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | 18a6d584732bbbee45efb3b5f3adb39d | http://get.whitesmoke.com/GeoInstaller/WhiteSmokeWriterGeo9147_en.exe || 2011-02-09 21:50:19 | AVG | Generic20.CNDF.dropper | 8/42 (19.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 19291cc82e47995cf480f6b4781c83a4 | http://ddk2200.com/abc/load.php?file=0 || 2011-02-09 21:50:19 | AVG | Generic20.CNDF.dropper | 7/42 (16.7%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 4fb9dc55ca9b848e988ba85409175d0c | http://ddk2200.com/abc/load.php?file=1 || 2011-02-09 21:50:19 | clamav | Trojan.Fakesec-309 | 5/39 (12.8%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 1b867b1cec4e882bf7c110c0ea0f9fb1 | http://ddk2200.com/abc/load.php?file=2 || 2011-02-09 21:50:19 | undef | unknown_html | 0/43 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 93990c9c96f3b9f37a75ab1e93905d52 | http://ddk2200.com/abc/load.php?file=grabbers || 2011-02-09 21:50:19 | undef | unknown_html | 0/42 (0.0%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | 395d9f8ea649e969cd6b0e282a6ef986 | http://www.whitesmoke.com/client/GeoInstaller/get.php?alot=0&bandoo=0&offerbox=0&zugo=0&oberon=0&distid=9147 || 2011-02-09 20:27:14 | undef | Trojan-Downloader.Win32.Geral.vnk | 0/43 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | a18bf138611c84847da13041773560aa | http://facebook-surprise-mkwr.tk/ || 2011-02-09 22:43:23 | avira | SPR/AttKit.C | 37/41 (90.2%) | AS21069 | 80.74.129.35 | abuse@metanet.ch | CH | RIPE | METANET | 7a5ca8e700e9b3f48070c2ac27c71f1b | http://www.computec.ch/projekte/atk/download/bin/atk-4.1.zip || 2011-02-09 22:43:23 | avira | TR/Dldr.Delphi.Gen | 28/42 (66.7%) | AS2042 | 202.190.77.45 | abuse@jaring.my | MY | APNIC | JARING-MY | b693778fa1e893b6ca3c1a80addd7b83 | http://www.selangor.gov.my/language/Planilha.exe || 2011-02-09 23:09:29 | undef | unknown_html | | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | e65c58eacfc49df2253e82b0fd3eebd8 | http://fotoshare-dknc.com/ab/setup.php?act=fb_get || 2011-02-09 23:09:29 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.205.192 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | a7dd2a03692bff1418a8dbb1c6ae0740 | http://schn.in/client_hujILILili/info.php?frevny=8941482737&bf=KC-FC7&qrynl=8155555&ire=fpu66&hcqngvzr=8 || 2011-02-09 23:09:29 | avira | TR/Crypt.NSPM.Gen | 28/43 (65.1%) | AS3462 | 61.220.104.123 | network-adm@hinet.net | TW | APNIC | HINET-NET | 4ce556a2e4b1c471d9bc2bca9ab639e6 | http://www.matsuura5211.com/mgmt/contact/,,/img/a1.exe || 2011-02-09 23:09:29 | avira | TR/Downloader.Gen | 28/41 (68.3%) | AS3462 | 61.220.104.123 | network-adm@hinet.net | TW | APNIC | HINET-NET | e0559b100c097b7fe455cbf7eee78408 | http://www.matsuura5211.com/mgmt/contact/,,/img/a2.exe || 2011-02-09 23:40:23 | avira | PHP/Small.C | | AS32392 | 96.0.158.202 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING-2009 | 0a9d304b1457be1a8bed84eaaa5a2952 | http://bolrichmond.org/file/jembot.txt??&modez=shellz || 2011-02-10 01:04:15 | avira | PHP/BackDoor.AR | 31/43 (72.1%) | AS9908 | 203.168.202.14 | dnsadmin@cms.hkcable.com | HK | APNIC | HKCABLE-HK | dcc55d73dae5326abb4f00d9313a7e70 | http://203.168.202.14/resturant/logs/.bbs/id2.txt????? || 2011-02-10 01:44:37 | Antiy_AVL | Trojan/Win32.KillAV | 8/43 (18.6%) | AS34187 | 78.26.179.86 | abuse@odessa.tv | UA | RIPE | RENOME-SERVICE | 7c6bbdb6889f33c6e11b1315b66ed20c | http://ldrdana.co.cc//cfg/stopav.plug || 2011-02-10 01:44:37 | Microsoft | Trojan:Win32/Bamital.I | 5/43 (11.6%) | AS50877 | 195.80.151.61 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | f0a9e5d0d9484ff322e6e874c3cede4d | http://7arhive.com/setup477.exe || 2011-02-10 01:44:37 | AVG | Dropper.Generic3.KWU | 3/42 (7.1%) | AS15756 | 62.213.65.5 | abuse@caravan.ru | RU | RIPE | RU-CARAVAN-20011109 | b922321189535a79db01c4e2a8fb945e | http://st.free-lance.ru/users/skair/contacts/f_4d52f26ac8c92.zip || 2011-02-10 02:09:38 | avira | ADWARE/Agent.rzf.1 | 9/43 (20.9%) | AS26496 | 68.178.211.60 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8812d0c74aeaf87051634d5ee295d66e | http://www.softdevteam.com/download/LAN%20Tornado/LTAsetup.exe || 2011-02-10 02:09:38 | avira | ADWARE/Agent.rzf.1 | 9/43 (20.9%) | AS26496 | 97.74.215.168 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8812d0c74aeaf87051634d5ee295d66e | http://www.lantornado.com/dchkLTACnt.asp || 2011-02-10 02:09:38 | avira | ADWARE/Agent.rzf.1 | 9/43 (20.9%) | AS26496 | 97.74.215.168 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8812d0c74aeaf87051634d5ee295d66e | http://www.lantornado.com/download/LAN%20Tornado/LTAsetup.exe || 2011-02-10 02:09:38 | DrWeb | BackDoor.Tdss.based.7 | 3/43 (7.0%) | AS21788 | 184.82.109.211 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 67ad3f566ddd2d709d6ed703881e26cb | http://directit.info/link/67ad3f566ddd2d709d6ed703881e26cb/3012767ad3f566ddd2d709d6ed703881e26cb.exe || 2011-02-10 02:09:38 | Avast | Win32:Malware-gen | 4/42 (9.5%) | AS33322 | 208.71.173.222 | noc@ndchost.com | US | ARIN | NDCNETWORK-04 | 324aea363345726fa21cc71ccf9f0238 | http://www.elycam.cl/images/DCS00125.jpg.exe || 2011-02-10 02:02:46 | clamav | PUA.Script.Packed-10 | 1/43 (2.3%) | AS16582 | 207.7.108.203 | support@nextlevelinternet.com | US | ARIN | NEXTLVL-046-TEXTDRV-1 | 82e054ab6773a6b4f173e867ea9b7619 | http://207.7.108.203/~netbytes/57.pdf? || 2011-02-10 02:02:32 | avira | PHP/C99Shell.149816 | 18/37 (48.6%) | AS12025 | 74.206.103.242 | noc@iodatacenters.com | US | ARIN | IODC-INET-02 | bdf0ee6d21b53c3b08f789154dac5c56 | http://tukangbecak.com/c99.pdf? || 2011-02-10 03:08:28 | Antiy_AVL | Trojan/Win32.LdPinch | 6/41 (14.6%) | AS34187 | 78.26.179.86 | abuse@odessa.tv | UA | RIPE | RENOME-SERVICE | 0c38ef0a7f962a6010ea79f67b6f6ab3 | http://ldrdana.co.cc//cfg/passw.plug || 2011-02-10 03:08:33 | avira | TR/Qhost.qvz | 29/43 (67.4%) | AS8167 | 200.215.4.11 | csirt@oi.net.br | BR | LACNIC | 076.535.764/0326-90 | 6454cb2b1d4062158ad22cfeaa365c6c | http://www.pmf.sc.gov.br/saude/noticias/Deposito002526/Comprovante002526-DOC.com || 2011-02-10 03:08:33 | undef | unknown_html | 0/42 (0.0%) | AS8560 | 82.165.104.223 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | dd2b804d4c89549edd4c5c370e0dddb8 | http://www.tommti-systems.de/main-Dateien/TOOLS || 2011-02-10 03:00:25 | avira | PHP/Pbot.A.10 | 24/43 (55.8%) | AS36420, AS30315, AS13749, AS21844 | 174.132.12.26 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-15 | 17fcaa05cc9014ac6b0089b9aaec8436 | http://harvestchristianschool.co.za/robots.txt??http://harvestchristianschool.co.za/robots.txt?? || 2011-02-10 02:50:23 | avira | PHP/Pbot.A.10 | 24/43 (55.8%) | AS36420, AS30315, AS13749, AS21844 | 174.132.12.26 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-15 | 17fcaa05cc9014ac6b0089b9aaec8436 | http://harvestchristianschool.co.za/robots.txt?? || 2011-02-10 03:07:38 | avira | TR/PHP.Zapchast.C.5 | 24/43 (55.8%) | AS34224 | 87.121.165.6 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 4bb0bb56c40febb469999d0da1d2106e | http://e-vestnik.bg//imgs/2008/aid.txt?? || 2011-02-10 03:38:23 | avira | TR/Black.Gen2 | 33/43 (76.7%) | AS14571 | 200.226.246.22 | abuse@ig.com.br | BR | LACNIC | 003.368.522/0001-39 | 7ce40cb2784e9cb106d8f2ca24467ea7 | http://acreunagoias.com.br/bg/1.jpg || 2011-02-10 03:38:23 | avira | TR/Spy.Banker.Gen | 18/43 (41.9%) | AS14571 | 200.226.246.22 | abuse@ig.com.br | BR | LACNIC | 003.368.522/0001-39 | 588c4abca61e60fd5c56c1b55372da9a | http://acreunagoias.com.br/bg/2.jpg || 2011-02-10 03:38:23 | avira | TR/VB.Downloader.Gen | 33/43 (76.7%) | AS14571 | 200.226.246.22 | abuse@ig.com.br | BR | LACNIC | 003.368.522/0001-39 | 461bd502133f30d3a6ba663ba341d955 | http://acreunagoias.com.br/bg/3.jpg || 2011-02-10 03:38:23 | avira | TR/Black.Gen2 | 22/43 (51.2%) | AS14571 | 200.226.246.22 | abuse@ig.com.br | BR | LACNIC | 003.368.522/0001-39 | b4f299e72ba84098d24f661af14ac257 | http://acreunagoias.com.br/bg/4.jpg || 2011-02-10 03:42:53 | avira | PHP/Shellbot.7642 | 29/43 (67.4%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 5622eaabf13de682447ef5aa668aad3a | http://mathzor.110mb.com/cmdpro6.txt? || 2011-02-10 05:10:06 | undef | unknown_exe | | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a511a181c58ba5a7b7cc18104718ed94 | http://falcogames.com/E314CenterSetup.exe || 2011-02-10 04:31:42 | avira | PHP/Loader.9852 | | AS23352 | 205.234.145.224 | support@servercentral.net | US | ARIN | SCN-4 | fcd73662e9d42a57c87135ed694ee918 | http://3ds.by/content/ec.txt?? || 2011-02-10 04:37:08 | avira | PHP/Pastie.637 | 17/40 (42.5%) | AS23352 | 205.234.145.224 | support@servercentral.net | US | ARIN | SCN-4 | 493d3c720be431004253125118998a5d | http://3ds.by/content/ID-RFI.txt?? || 2011-02-10 04:35:11 | avira | PHP/Pbot.A | 30/43 (69.8%) | AS23352 | 205.234.145.224 | support@servercentral.net | US | ARIN | SCN-4 | 0f0cc558d4d7ecb8686fcb07dd57e636 | http://3ds.by/content/dor.txt??? || 2011-02-10 04:34:52 | avira | SPR/PHP.ID | 20/42 (47.6%) | AS7385 | 208.186.112.40 | abuse@integratelecom.com | US | ARIN | ELI-2-NETBLK99 | 1c830dc1f7a307c50546f8d9e1329991 | http://fijishaadi.com/forum/r.txt?? || 2011-02-10 05:04:23 | clamav | PHP.Agent-4 | 1/40 (2.5%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | ce15530ec3e00f31eaa26e3d6bdc1dc6 | http://soloteam.zoomshare.com/files/mIRC/copyright.txt??? || 2011-02-10 05:10:17 | AVG | RelevantKnowledge | 8/42 (19.0%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a13d5f05f32ede3255fd36762c8fa97a | http://falcogames.com/JoraChessSetup.exe || 2011-02-10 05:10:18 | AVG | RelevantKnowledge | 9/43 (20.9%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a8e69f7d6a31aa4f6a7709f3e0fa529a | http://falcogames.com/PixClixSetup.exe || 2011-02-10 05:10:43 | trendmicro | TROJ_HILOTI.SMAE | 16/43 (37.2%) | AS21788 | 184.82.109.211 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 1896433685d6a278d927e4a290501aea | http://directit.info/link/1896433685d6a278d927e4a290501aea/shazzman_db48de38dd707879ada19d9d787cb976.exe || 2011-02-10 05:10:43 | Antiy_AVL | Downloader/Win32.PopCap.gen | 9/41 (22.0%) | AS36715 | 64.246.180.111 | liz@popcap.com | US | ARIN | POPCAP1 | e1bdd5c115ae18dcf9e5395bb0a4ef99 | http://www.popcap.com/webgames/popcaploader_v10.cab || 2011-02-10 07:08:23 | avira | TR/Dldr.Delphi.Gen | 23/42 (54.8%) | AS14618 | 184.72.236.250 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | df18a1d46c56140cdea77203ea439e27 | http://dl.dropbox.com/u/17870610/creditos.scr || 2011-02-10 07:08:23 | avira | TR/Kryptik.LD | 18/40 (45.0%) | AS25847 | 209.50.247.135 | abuse@servint.com | US | ARIN | SERVINT-CIDR-1 | 14c1faee50dd9feb56a1f10ae3bf7b97 | http://209.50.247.135/ad.exe |+---------------------+------------------+-------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+141 rows in set (0.02 sec)
+---------------------+-------------+--------------------------------------------+---------------+------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+--------------------------------------------+---------------+------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-10 06:47:04 | avira | PHP/IRCBOT.jxt | 19/40 (47.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8b7625cb22cbbcee2322000ae88e35a4 | http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt??? || 2011-02-10 06:45:19 | avira | PHP/IRCBOT.jxt | 18/43 (41.9%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8b7625cb22cbbcee2322000ae88e35a4 | http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???/index2.php?p=http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???m.jp//assets/snippets/ || 2011-02-10 06:10:07 | avira | SPR/PHP.ID | 15/41 (36.6%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | b6826cabb72064d55bf0d7a9b537d4e4 | http://uni-dubna.ru//fotoalbum/id.gif???????? || 2011-02-10 06:45:19 | avira | PHP/IRCBOT.jxt | 19/41 (46.3%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8b7625cb22cbbcee2322000ae88e35a4 | http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???http://bofa86.t35.com/news.txt???? || 2011-02-10 06:10:18 | avira | PHP/Pbot.A.6 | 24/41 (58.5%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | f0341e328cc2fda4b94bcaa61367136f | http://uni-dubna.ru//fotoalbum/bp.gif?????? || 2011-02-10 06:51:57 | avira | PHP/IRCBOT.jxt | 17/40 (42.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8b7625cb22cbbcee2322000ae88e35a4 | http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/ViRuZBrooklyn/elati0nbot.txt???? || 2011-02-10 07:23:14 | AntiVir | HEUR/Crypted | 11/42 (26.2%) | AS23650 | 61.147.107.183 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | 530c7ddd4e1f70246aa66583615e3c0c | http://61.147.107.183:82/down/cf/kawayi/231wg.com-kwy9.912.rar || 2011-02-10 07:23:14 | undef | unknown_html_RFI | 0/41 (0.0%) | AS4134 | 121.10.172.15 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 75ef6dc7a656aac8ba84d11686b4bd72 | http://goto.ukad.com:88/iclk/?zoneid=55&uid=1026 || 2011-02-10 07:23:14 | avira | PERL/Shellbot.B.3 | 26/43 (60.5%) | AS32392 | 173.83.96.90 | ipadmin@ecommerce.com | US | ARIN | ECOMM-200912 | 551145699fb45c5f4c8deb8eba283547 | http://www.minlutw.com/language/pdf_fonts/php.jpg || 2011-02-10 07:23:14 | avira | PHP/Shellbot.6603 | 14/41 (34.1%) | AS3786 | 180.150.228.146 | ljy1258@ehostidc.co.kr | KR | APNIC | EHOSTIDC | 28f08b1eba1a25245ee76fa74bf87f8d | http://sjyphoto.com/zboard//include/.blue/blue.jpg || 2011-02-10 07:23:14 | undef | unknown_html | 0/41 (0.0%) | AS10297 | 173.244.176.106 | hostmaster@ee.net | US | ARIN | ENET-XLHOST-5 | 79a6807a74c278a9d6cd51d2df912df0 | http://pub.rti.ci/www/images/ || 2011-02-10 07:23:14 | Antiy_AVL | Trojan/Win32.LdPinch | 8/41 (19.5%) | AS10297 | 173.244.176.106 | hostmaster@ee.net | US | ARIN | ENET-XLHOST-5 | 0c38ef0a7f962a6010ea79f67b6f6ab3 | http://pub.rti.ci/ || 2011-02-10 07:23:14 | undef | unknown_html | 0/41 (0.0%) | AS39572 | 213.174.146.196 | abuse@advancedhosters.com | US | RIPE | ADVANCEDHOSTERS-NET | e0aa021e21dddbd6d8cecec71e9cf564 | http://213.174.146.196/reports/new.php?id=54ed28afbe40&code=ae8db1cb2de9&aff=&z=1 || 2011-02-10 07:23:15 | avira | TR/Downloader.Gen | 28/43 (65.1%) | AS51441 | 91.217.162.99 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 21ad1a4b16acbde271fb27c086124365 | http://91.217.162.99/dm11.php?did=2011292241757_XP_ENU_abs_03 || 2011-02-10 07:23:15 | NOD32 | probably a variant of Win32/Spy.Banker.UPK | 8/41 (19.5%) | AS14618 | 184.72.236.250 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 52a1606799002ed0b8f13e0aaef37101 | http://dl.dropbox.com/u/20500692/catedral.jpg || 2011-02-10 07:23:15 | AntiVir | TR/Bamital.H | 8/43 (18.6%) | AS51441 | 91.217.162.176 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 603464e295ba2423602f0f33ecc58b17 | http://global-network-solution.com/d_m_a.php?did=2011292241757_XP_ENU_abs_03 || 2011-02-10 07:23:15 | AntiVir | HTML/Dldr.Barf.A | 2/41 (4.9%) | AS51441 | 91.217.162.176 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 5c86c4ae567f8a22b5b5ac9764ac2b8c | http://global-network-solution.com/signup.php?did=2011292241757_XP_ENU_abs_03 || 2011-02-10 07:23:15 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.205.192 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | a7dd2a03692bff1418a8dbb1c6ae0740 | http://schn.in/client_hujILILili/info.php?frevny=68996155&bf=KC-FC7&qrynl=8155555&ire=fpu68&hcqngvzr=7 || 2011-02-10 07:23:15 | BitDefender | Generic.Banker.Delf.69347AB3 | 3/41 (7.3%) | AS3292 | 80.160.71.22 | csirt@csirt.dk | DK | RIPE | ZITCOM-NET | 2f295c44bc20d1cf1c566d662d547057 | http://www.of-kvistgaard.dk/images/joolam.jpg || 2011-02-10 07:23:15 | undef | unknown_html | 0/43 (0.0%) | AS16245 | 193.202.110.143 | abuse@one.com | DK | RIPE | B-ONE-NET | 41704931a8a3c521cba1fec753c826c2 | http://www.todaygoogle.com/ || 2011-02-10 07:23:29 | avira | JS/Dldr.Agent.crj | 20/39 (51.3%) | AS34224 | 87.121.165.6 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 6e34cd55794f58f0cc13da712173aefd | http://www.e-vestnik.bg//imgs/2008/scan.txt?? || 2011-02-10 07:23:29 | avira | TR/Script.75 | 23/41 (56.1%) | AS36420, AS30315, AS13749, AS21844 | 174.121.25.52 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | a05dfd7cca7771a7565a154d65f05ea2 | http://www.xclusivetouch.co.uk/.files/error? || 2011-02-10 06:40:21 | undef | Variant.Adware.Hotbar.1 | 0/43 (0.0%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | facb8a7017de5d0ca66a2c08940c600f | http://ukhotelforum.co.uk/img/ || 2011-02-10 06:40:30 | undef | Trojan.Win32.Buzus.gxhc | 0/39 (0.0%) | AS26496 | 208.109.181.225 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | d5dc8e7a1cc28d108289106b0ee236e0 | http://www.pixeloverflow.net/wp-content/themes/twentyten/ || 2011-02-10 06:40:31 | undef | Trojan.Heur.DP.RGW@aSUZvmlG | 0/41 (0.0%) | AS25847 | 209.50.247.135 | abuse@servint.com | US | ARIN | SERVINT-CIDR-1 | dfbd1ee66a4e792349591b88660c0956 | http://209.50.247.135/ || 2011-02-10 08:03:55 | clamav | PHP.Agent-14 | 4/43 (9.3%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | c5cff10f283c141204a010c78889fe10 | http://www.asdsingapore.com/includes/domit/Ckrid1.txt?? || 2011-02-10 08:03:55 | avira | SPR/PHP.ID | 20/42 (47.6%) | AS7385 | 208.186.112.40 | abuse@integratelecom.com | US | ARIN | ELI-2-NETBLK99 | 1c830dc1f7a307c50546f8d9e1329991 | http://www.fijishaadi.com/forum/r.txt?? || 2011-02-10 08:03:56 | trendmicro | TROJ_BANKER.SMSV | 24/41 (58.5%) | AS3549 | 208.51.78.252 | abuse@gblx.net | US | ARIN | GBLX-6D | 160d4689f1187f53dc554c2ed25fa9c9 | http://ftiap-up.servehalflife.com/components/com_content/open_acrobat_adobe.com??Deposito/Comprovante/abuse@clean-mx.de || 2011-02-10 08:39:11 | avira | TR/Crypt.XPACK.Gen2 | 26/41 (63.4%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 10e454a2e57475026628b7635ac060db | http://ukhotelforum.co.uk/img/470-01.exe || 2011-02-10 08:39:11 | avira | TR/Olmarik.ANE | 22/41 (53.7%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 359e79d567ac7b86a94c3d6b0bf31890 | http://ukhotelforum.co.uk/img/dm.exe || 2011-02-10 08:39:11 | trendmicro | TROJ_HILOTI.SMAE | 20/39 (51.3%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | e0c146eb1b99c19e1c2b7e95b497b56b | http://ukhotelforum.co.uk/img/tp.exe || 2011-02-10 09:08:47 | avira | TR/Spy.Gen | 24/42 (57.1%) | AS12053 | 67.23.129.46 | abuse@netfirms.com | CA | ARIN | NET-NF-00 | 959283b1ee094827a3f6ee25eff747d8 | http://lostdoor.netfirms.com/Lost_Door_Black_Pro_v5.1.zip || 2011-02-10 09:08:47 | AhnLab_V3 | Malware/Win32.Generic | 17/43 (39.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.37.99 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 542bc0a485a268e248ceba0eb7badf71 | http://grem.net.ru/soft/block%20setup.zip || 2011-02-10 09:08:47 | avira | HIDDENEXT/Worm.Gen | 15/42 (35.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | fdf9c8a3e605adcf252e5927136c5ae2 | http://download3.fileave.com/kid.rar || 2011-02-10 09:08:47 | McAfee | Suspicious Keygen!rar | 5/43 (11.6%) | AS12322 | 212.27.63.106 | abuse@proxad.net | FR | RIPE | FR-PROXAD | 5df74b973e364d9acc208a961e6c1bac | http://defisfc.free.fr/crackmes/tuto_defi_nodh_96_87.rar || 2011-02-10 09:08:47 | avira | TR/ATRAPS.Gen | 15/42 (35.7%) | AS12874 | 83.103.52.43 | abuse@fastweb.it | IT | RIPE | FASTWEB-POP-0201-SMALL-BUSINESS | 747d82029dba14f13777f4c8e848a13e | http://83-103-52-43.ip.fastwebnet.it/images/Cliente_Personnalite.asp || 2011-02-10 09:03:00 | avira | PHP/IRCBOT.E.29297 | 19/41 (46.3%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 275261784fc9db3472e305be8c15d505 | http://asdsingapore.com/includes/domit/dor.txt? || 2011-02-10 08:41:03 | undef | Variant.Kazy.11518 | 0/40 (0.0%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 5b75d01796c60586c6ecff913aab608e | http://download3.fileave.com/ || 2011-02-10 09:40:24 | clamav | PUA.Packed.ASPack | 8/42 (19.0%) | AS16276 | 94.23.105.248 | abuse@ovh.net | FR | RIPE | FR-OVH-20080715 | 7e2952e993c84a8570fa2be3e9aa8357 | http://pcprecautionscenter.com/scan3/53/freesystemscan.exe || 2011-02-10 09:54:27 | avira | PHP/Shell.P | 9/41 (22.0%) | AS45634 | 180.210.203.59 | noc@sparkstation.net | SG | APNIC | SPARKSTATION-AS-AP | 788f6a44921f9d88a64042d8e11b81d1 | http://pta-bandarlampung.go.id/.../idx.txt? || 2011-02-10 10:11:33 | Fortinet | W32/Refroso.DZP!tr | 20/41 (48.8%) | AS31034 | 62.149.140.76 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | edc861a4df64426be312308a191cf749 | http://www.omeyasweb.com/wp-content/themes/blacknwhite/r-ani.exe || 2011-02-10 10:11:33 | Fortinet | W32/Refroso.DZP!tr | 6/42 (14.3%) | AS31034 | 62.149.140.76 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | c6839cc2bd86264963e1560432937708 | http://www.omeyasweb.com/wp-content/themes/blacknwhite/homz.exe || 2011-02-10 10:12:19 | undef | unknown_html | 0/40 (0.0%) | AS6939 | 184.105.207.87 | abuse@he.net | US | ARIN | HURRICANE-11 | 0a0e5a6698cbc0c641845f22cd9a3778 | http://cc1.gogototos.info/i.asp || 2011-02-10 10:12:19 | undef | unknown_html | 0/41 (0.0%) | AS6939 | 184.105.207.87 | abuse@he.net | US | ARIN | HURRICANE-11 | 720a72c4b58420a4072ff09223c50b4c | http://cc1.gogototos.info/www.asp?cpid=cpa001122&unid=sample_1&hid=CD1A40&mac=00-0C-29-EB-71-06&us= || 2011-02-10 10:12:19 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 222.189.238.242 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | b592521ab30b1fe226e57891124452ab | http://googleads.66server.com/ad.js || 2011-02-10 10:12:19 | undef | unknown_html | 0/43 (0.0%) | AS29761 | 204.152.214.5 | noc@quadranet.com | US | ARIN | OC3-NETWORKS2 | 84a28f831154a2b6cd9c6f9d8eaf6eb4 | http://www.1010au.com/htiao.gif || 2011-02-10 10:12:19 | undef | unknown_html | 0/43 (0.0%) | AS38197 | 121.54.168.82 | DNS-Admin@SunNetwork.Com.HK | HK | APNIC | SUN-NETWORK | ee3d501fd6adcc0eafbeb0d99847dda7 | http://www.8mwg.com/ || 2011-02-10 10:12:19 | undef | unknown_html | 0/41 (0.0%) | AS9801 | 118.224.5.5 | brandon.ou@bj.datadragon.net | CN | APNIC | YYNET | 73f3e77664c5bd1b32e96740f75193d6 | http://www.the265.com/?1 || 2011-02-10 10:12:19 | undef | unknown_html | 0/41 (0.0%) | AS30058 | 204.45.13.37 | abuse@fdcservers.net | US | ARIN | FDCSERVERS | a2e3b92767645f765e20d47cbf1a15bd | http://www.x5pd.com/ || 2011-02-10 10:12:19 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 116.255.136.172 | abuse@cnc-noc.net | CN | APNIC | GIANT | ae327afdcc01e4dcce42dadc4511dd90 | http://www.x5xx.net/ || 2011-02-10 10:12:19 | avira | TR/Ransom.ace | 19/39 (48.7%) | AS1680 | 212.150.34.87 | abuse@013netvision.co.il | IL | RIPE | virtual_style | 78f0d2a2f9d570ca753405a4e60c414e | http://gigasexp.info/ks7dl3yv2hea6a6ft1z3tw61fos5sgxs/pornoplayer.exe || 2011-02-10 10:12:19 | BitDefender | Trojan.Generic.KD.128562 | 5/43 (11.6%) | AS21844 | 74.52.124.82 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 4711165b9200f1886a9bb1639f3c8e4b | http://www.essential-travel-insurance.net/wp-admin/class/photo_128343387184440.exe || 2011-02-10 10:12:19 | Avast | Win32:Malware-gen | 9/39 (23.1%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | 5f6a5d11783ac1666e4799045999ca3f | http://get.whitesmoke.com/dl/WSBandoo.exe || 2011-02-10 10:23:51 | undef | unknown_html | 0/39 (0.0%) | AS48709 | 91.200.242.17 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 2e8dca9c0ecbf6293b398cfdac9df12d | http://findcopper.org/pica1/470-direct || 2011-02-10 10:23:51 | undef | unknown_html | 0/41 (0.0%) | AS48709 | 91.200.242.87 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 2e8dca9c0ecbf6293b398cfdac9df12d | http://findvoiceless.org/pica1/470-direct || 2011-02-10 09:12:02 | undef | Trojan.Win32.VBKrypt.beqt | 0/43 (0.0%) | AS16276 | 94.23.105.248 | abuse@ovh.net | FR | RIPE | FR-OVH-20080715 | 68b329da9893e34099c7d8ad5cb9c940 | http://pcprecautionscenter.com/scan3/53/ || 2011-02-10 09:43:01 | undef | Trojan.Win32.FakeAv.afyd | 0/41 (0.0%) | AS21844 | 74.52.124.82 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | b3cf3358ead5d957165611ca1d515fae | http://www.essential-travel-insurance.net/wp-admin/class/ || 2011-02-10 10:40:55 | undef | unknown_html | 0/41 (0.0%) | AS6939 | 184.105.207.87 | abuse@he.net | US | ARIN | HURRICANE-11 | 720a72c4b58420a4072ff09223c50b4c | http://123dd.info/url/g3.asp?hjftcv=CD1A40&mgs=00-0C-29-EB-71-06&usdfsf=sample_1.exe || 2011-02-10 10:41:56 | undef | unknown_arch_zip | 0/43 (0.0%) | AS209 | 66.77.197.154 | abuse@qwest.net | US | ARIN | QWEST-INET-12 | e8887ec17cbda2399a77a5207df79176 | http://badgehelp.ourtoolbar.com/exe?sourceid=14 || 2011-02-10 10:59:58 | avira | PHP/RemoteAdmi.5398 | 12/39 (30.8%) | AS46816 | 69.163.35.173 | noc@directspace.net | US | ARIN | DIRECTSPACE | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://throttlehand.com/user/pages/myid.jpg? || 2011-02-10 10:37:12 | avira | PHP/ShellP.1235 | 21/41 (51.2%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 33c5f31358cb73fec1aa409ce5ba207e | http://terre-de-mistral.com/plugins/xmlrpc/myid.jpg? || 2011-02-10 10:37:16 | avira | PHP/Small.C | 30/43 (69.8%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 15848c2502aa006f3bff67cddca20762 | http://terre-de-mistral.com/plugins/xmlrpc/asu.txt? || 2011-02-10 11:00:03 | avira | PHP/Loader.9852 | 6/38 (15.8%) | AS46816 | 69.163.35.173 | noc@directspace.net | US | ARIN | DIRECTSPACE | 393a9d1c8e643043d03140220bc0559c | http://throttlehand.com/user/pages/c0x.txt? || 2011-02-10 11:10:22 | Avast | HTML:Downloader-W | 4/42 (9.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.29.91 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 00a5131685d652b0295a2605b7e7474b | http://friends4play.com || 2011-02-10 11:10:22 | trendmicro | WORM_MAINBOT.MCL | 5/43 (11.6%) | AS51441 | 91.217.162.59 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | f515fbbe5ad60018ca7336597415d547 | http://91.217.162.59/w96.exe || 2011-02-10 11:10:22 | avira | TR/Agent.40960.NO | 38/42 (90.5%) | AS51441 | 91.217.162.230 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | b7a20fddae7071f1ba9474d0d2c8473c | http://91.217.162.230/sword.exe || 2011-02-10 11:10:22 | clamav | BC.Heuristic.Trojan.SusPacked.TMS | 17/41 (41.5%) | AS42612 | 82.98.160.89 | ripe@dinahosting.com | ES | RIPE | DH-J3-NET | f7d83927e5f9a1b8f96d45cb7302e945 | http://www.aedci.es/images/stories/processo.php?cod=Formulario-Petrobras || 2011-02-10 11:10:28 | AhnLab_V3 | Trojan/Win32.Renos | 23/40 (57.5%) | AS21788 | 66.197.139.151 | abuse@hostnoc.net | US | ARIN | HOSTNOC-2BLK | 4a5942699c6d25ab005cd69c138a8a80 | http://supermovieshow.in/video_id053012.45047.exe || 2011-02-10 11:21:18 | undef | unknown_html | 0/43 (0.0%) | AS15201 | 187.17.98.51 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 2b77ef1ab75468817a288394b0d58db6 | http://www.nossocarnaval.com/ifc.php || 2011-02-10 11:39:23 | ClamAV | PUA.Script.Packed-2 | 2/39 (5.1%) | AS20940 | 95.100.249.128 | abuse@akamai.com | EU | RIPE | EU-AKAMAI-20090202 | 68c83c40318a784a04ecf4c22da137fa | http://c0004553.cdn2.cloudfiles.rackspacecloud.com/WhiteSmoke2011.exe || 2011-02-10 11:39:45 | avira | TR/Drop.VB.ahht.25 | 26/39 (66.7%) | AS27715 | 200.234.200.222 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | ae6313b300a0a306b89430fdc201a801 | http://www.socci.com.br/web/aref/loja/img/system.exe || 2011-02-10 12:00:23 | avira | PHP/BackDoor.AR | 33/40 (82.5%) | AS41186 | 195.114.18.144 | abuse@ispfr.net | FR | RIPE | ISPFR | 8dcad47f3e32e7dc1aee59167e67c601 | http://guerville-78.fr/1.txt? || 2011-02-10 11:13:03 | undef | Net-Worm.Win32.Kolab.tne | 0/42 (0.0%) | AS27715 | 200.234.200.222 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | e35e16b79a638c2d8c8991adba4c9a27 | http://www.socci.com.br/web/aref/loja/img/ || 2011-02-10 11:45:02 | undef | Trojan-Dropper.Win32.VB.ahht | 0/40 (0.0%) | AS36752 | 67.195.145.141 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US8 | c1e57a38f01e5a4b401471d50c75155e | http://christybonham.com/img/ || 2011-02-10 13:08:39 | trendmicro | TROJ_SUSPECT.PB | 20/38 (52.6%) | AS36351 | 208.101.9.140 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-2 | f58a9ca2dce71e01c7a2459756ad66b8 | http://youtube.me.uk/pictures/image3213.exe || 2011-02-10 13:38:28 | AhnLab_V3 | Malware/Win32.Yimfoca | 18/40 (45%) | AS36752 | 67.195.145.142 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US8 | 1e9e5470a18f3168a3979e52956144fb | http://christybonham.com/img/facebook-pic0009345919.exe || 2011-02-10 12:12:04 | undef | Variant.Palevo.4 | 0/41 (0.0%) | AS36351 | 208.101.9.140 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-2 | 9b540b48a424cd21eb85fa995631b464 | http://youtube.me.uk/pictures/ || 2011-02-10 14:05:12 | McAfee | Artemis!28CCD5B486B9 | 4/40 (10%) | AS25694 | 69.67.31.52 | hostmaster@atomicdatacenters.com | US | ARIN | ATOMIC-15-69-67-31-0 | 28ccd5b486b99111802151e262f057e2 | http://69.67.31.52/setup.exe || 2011-02-10 14:05:47 | BitDefender | Trojan.Generic.KD.128866 | 8/43 (18.6%) | AS36420, AS30315, AS13749, AS21844 | 174.132.191.130 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-15 | 27e1fcd41db42f6d31db4d222fb43299 | http://www.gsmhelper.com/opa/plays.php || 2011-02-10 14:08:32 | BitDefender | Gen:Variant.Kazy.11446 | 12/40 (30.0%) | AS34187 | 78.26.187.194 | abuse@odessa.tv | UA | RIPE | RENOME-SERVICE | 7cb7da6f7de7dcaa829e387fa8404c31 | http://78.26.187.194/1.exe || 2011-02-10 14:08:32 | BitDefender | Trojan.Generic.KD.128578 | 18/40 (45%) | AS34187 | 78.26.187.194 | abuse@odessa.tv | UA | RIPE | RENOME-SERVICE | 0ab21f6c5c83c0278145750a7587de26 | http://78.26.187.194/2.exe || 2011-02-10 13:31:18 | clamav | PHP.Id-30 | 5/43 (11.6%) | AS18189 | 202.59.205.185 | sabarr@broadnetasia.com | ID | APNIC | BROADNETASIA | f9ebd9c869dfa634be6977155f0c65b7 | http://smp-pas2grt.sch.id/lab/1.txt??? || 2011-02-10 13:24:57 | clamav | PHP.Agent-14 | 1/42 (2.4%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 939c070622c89cb20f850e95a6d24290 | http://h1.ripway.com/kantincrew/casper/ckrid1.txt?? || 2011-02-10 13:10:02 | undef | Trojan.Generic.KDV.128306 | 0/42 (0.0%) | AS34187 | 78.26.187.194 | abuse@odessa.tv | UA | RIPE | RENOME-SERVICE | e9c2d0b1d14dc6e9b8da4ab5e132d73b | http://78.26.187.194/ || 2011-02-10 14:15:30 | avira | PHP/RemoteAdmi.5398 | 14/43 (32.6%) | AS32475 | 67.212.184.66 | netops@singlehop.com | US | ARIN | SINGLEHOP | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://idahofallsmusicclub.org/biography/myid.jpg? || 2011-02-10 14:15:48 | avira | PHP/PHPShell.BE | 13/42 (31.0%) | AS3595, AS16626 | 207.210.64.84 | abuse@gnax.net | US | ARIN | GNAXNET | 624927fd425c98840fbfda3018162ef9 | http://phamsight.com/Ckrid1.txt??? || 2011-02-10 14:16:05 | avira | PHP/Loader.9852 | 6/43 (14.0%) | AS32475 | 67.212.184.66 | netops@singlehop.com | US | ARIN | SINGLEHOP | 7aa3223da92b136d8860e83e9bcef034 | http://idahofallsmusicclub.org/biography/c0x.txt? || 2011-02-10 14:11:02 | undef | Variant.Kazy.11446 | 0/42 (0.0%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 0c161efebb5b739a0cff8e40ef7dafa1 | http://www.parislemarais.com/dormir/ || 2011-02-10 15:17:12 | avira | PERL/Shellbot.a.6 | 25/43 (58.1%) | AS3462 | 122.116.169.59 | network-adm@hinet.net | TW | APNIC | HINET-NET | ad3f75f842369ed1e4afd4a779fff3f6 | http://122.116.169.59/cvs????&modez=shellz || 2011-02-10 15:17:24 | avira | PERL/Shellbot.a.6 | 25/41 (61%) | AS3462 | 122.116.169.59 | network-adm@hinet.net | TW | APNIC | HINET-NET | ad3f75f842369ed1e4afd4a779fff3f6 | http://122.116.169.59/cvs????&modez=scannerz || 2011-02-10 15:17:30 | avira | PERL/Shellbot.a.6 | 25/43 (58.1%) | AS3462 | 122.116.169.59 | network-adm@hinet.net | TW | APNIC | HINET-NET | ad3f75f842369ed1e4afd4a779fff3f6 | http://122.116.169.59/cvs????&modez=botz || 2011-02-10 15:17:35 | avira | PERL/Shellbot.a.6 | 23/39 (59%) | AS3462 | 122.116.169.59 | network-adm@hinet.net | TW | APNIC | HINET-NET | ad3f75f842369ed1e4afd4a779fff3f6 | http://122.116.169.59/cvs????&modez=psybnc || 2011-02-10 15:28:20 | avira | PHP/ShellP.1235 | 7/42 (16.7%) | AS23670 | 117.20.1.66 | abuse@ozservers.com.au | AU | APNIC | OZSERVERS | 5d5fd2bc01d635b49a784c16d0b45cf0 | http://compume.com.au/loker/id.jpg?? || 2011-02-10 16:29:29 | avira | PHP/Small.Awi.1026 | 27/43 (62.8%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | bf4dcd069d039e4012c2fb8d02e4061b | http://azvoad.org/includes/phpmailer/bamby/myid.jpg? || 2011-02-10 15:27:14 | undef | Trojan.Generic.KD.128537 | 0/43 (0.0%) | AS24940 | 178.63.25.144 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 9cfadf63f772aafa1f2acaeb87bb1c75 | http://retrobau.square7.ch/css/images/ || 2011-02-10 18:39:44 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 58.218.206.132 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | a491e721e0d88d40676feebacbcbb773 | http://code12.onetad.com/zok.php?username=nancylee&url=www.unionhzh.com || 2011-02-10 18:39:44 | avira | TR/Crypt.TPM.Gen | 20/41 (48.8%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 9d9498eaf788770efe9b28d0c0b294da | http://debugr700.com/Firewall.jpg || 2011-02-10 18:39:44 | AntiVir | HEUR/Malware | 3/43 (7.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | abc9e07dfb5f3a9ca8d6ae56f4a4f001 | http://debugr700.com/infsys.jpg || 2011-02-10 18:39:44 | avira | TR/Kazy.4100.10 | 12/43 (27.9%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 917f1e48046c9ebecb74e4273f29e505 | http://debugr700.com/windlog.jpg || 2011-02-10 18:39:44 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 125.46.73.250 | abuse@public.zz.ha.cn | CN | APNIC | UNICOM-HA | d97eaf602407d00ef0470e741e00ff51 | http://js.users.51.la/4260195.js || 2011-02-10 18:39:44 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 125.46.73.195 | abuse@public.zz.ha.cn | CN | APNIC | UNICOM-HA | 5ad96378cb185a970290fc556d5c84c4 | http://js.users.51.la/4387517.js || 2011-02-10 18:39:44 | undef | unknown_html | 0/43 (0.0%) | AS33182 | 67.23.226.159 | abuse@dimenoc.com | US | ARIN | DIMECNET | 0f01b7f7e67a2dc87251228ed7b28fab | http://powerup-host.com/contador/index.php || 2011-02-10 18:39:44 | undef | unknown_html | 0/41 (0.0%) | AS15003 | 173.208.111.61 | admin@nobistech.net | US | ARIN | NETBLK-NOBIS-TECHNOLOGY-GROUP-07 | aaecde141d64c656e05d67f517110f6f | http://www.99cpa.com/t.asp?soft || 2011-02-10 18:39:44 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 58.218.209.104 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | fe31c3ca40948b8cac72e41dfb4c1eaa | http://www.baiduksw.com/1mg/am1.rar || 2011-02-10 18:39:44 | ViRobot | Trojan.Win32.RaMag.Gen | 1/41 (2.4%) | AS4134 | 58.218.209.104 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 5373d2e88ace215aef0d81b87c72972c | http://www.baiduksw.com/1mg/am.rar || 2011-02-10 18:39:44 | undef | unknown_html | 0/43 (0.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.74 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | bc949ea893a9384070c31f083ccefd26 | http://www.debugr700.com/inf/bug.php?usuario=COMPUTERNAME&senha=INFECT%20GOLD%20RED!&email=debugmaria2011@gmail.com || 2011-02-10 18:39:44 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 72.55.186.15 | abuse@panelboxmanager.com | CA | ARIN | PANELBOX-01 | 3438e6ffbdc5802dadff285abb4af77b | http://www.sinadir.com/DirectoryGrab/2/index.php || 2011-02-10 18:42:14 | avira | TR/Kazy.10930.1 | 16/41 (39%) | AS50877 | 195.80.151.59 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 1076a30e9e4567617bef9a8df8bfd52a | http://195.80.151.59/7box/dqj.php?i=8 || 2011-02-10 18:42:14 | undef | unknown_html | 0/43 (0.0%) | AS40824 | 199.80.53.110 | bk@webazilla.com | US | ARIN | WZCOMM-US | 907b58b22feab1ff9afd58def528e8d6 | http://dc204.4shared.com/download/OYMgYZn5/index.html || 2011-02-10 18:48:10 | avira | PHP/PHPInfo.LL | 24/43 (55.8%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | af46ef3f8adcfe94071b7e043759b3df | http://avambee.bplaced.net/rfi/os/idosyris.txt || 2011-02-10 18:48:10 | avira | PHP/Small.Awi.1026 | 24/39 (61.5%) | AS43711 | 87.229.24.252 | abuse@deninet.hu | HU | RIPE | SZERVERNET | bf4dcd069d039e4012c2fb8d02e4061b | http://gabatech.hu/_prod/respon.txt || 2011-02-10 18:48:10 | clamav | PHP.Id-30 | 5/43 (11.6%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f9ebd9c869dfa634be6977155f0c65b7 | http://gethukirc1.110mb.com/b1.txt || 2011-02-10 18:48:10 | avira | PHP/Shellbot.7642 | 29/43 (67.4%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 5622eaabf13de682447ef5aa668aad3a | http://mathzor.110mb.com/cmdpro6.txt || 2011-02-10 18:48:10 | avira | PHP/C99Shell.F | 30/43 (69.8%) | AS21016 | 80.81.32.229 | ripe@telecentrs.lv | LV | RIPE | TCLV-NET | 6282ddab9c04754bd461d904491dbef0 | http://promonitori.lv/uploads/jscript/f.txt || 2011-02-10 18:48:10 | avira | PHP/PHPShell.G | 7/42 (16.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 950e667d26ba6fe83dcbda123d2b1f9e | http://re1.fileave.com/id/id1.txt || 2011-02-10 18:48:10 | clamav | PHP.Id-30 | 5/42 (11.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 370a84b9e88e5b085af73cb427822545 | http://re1.fileave.com/id/zfxid1.txt || 2011-02-10 18:48:10 | trendmicro | BKDR_PERLBOT.SMD | 11/41 (26.8%) | AS33968 | 79.171.34.31 | rob@ukgrid.net | GB | RIPE | INTERNETENGINEERING | cddd3ef44c76c8a132cc19bc7d7dc32e | http://the3gracescoltd.hostinguk.org/templates/sys/dozer.ico || 2011-02-10 18:48:10 | avira | PHP/Shellbot.7642 | 20/40 (50.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 7dd92cd8387d0b04849e2156b6a962de | http://victorfreire.110mb.com/abjects.txt || 2011-02-10 18:48:10 | clamav | PUA.Script.Packed-10 | 4/41 (9.8%) | AS38532 | 116.12.50.205 | shin@clara.ad.jp | SG | APNIC | USONYX-NET | 3303822656f2f4a701287d5b3be4ece8 | http://www.24hrflowershop.com/..%20/stun.jpg || 2011-02-10 18:48:10 | clamav | PHP.Id-4 | 4/43 (9.3%) | AS20207 | 190.183.59.226 | rfeijoo@gigared.com.ar | AR | LACNIC | AR-GISA2-LACNIC | f1f112f3f2f4dd58a75f6ba07340b3f3 | http://www.equiposkami.com.ar/NewDir/god.txt || 2011-02-10 18:48:10 | avira | SPR/PHP.ID | 18/42 (42.9%) | AS7385 | 208.186.112.40 | abuse@integratelecom.com | US | ARIN | ELI-2-NETBLK99 | 1c830dc1f7a307c50546f8d9e1329991 | http://www.fijishaadi.com/forum/r.txt || 2011-02-10 18:48:10 | avira | TR/Script.75 | 22/41 (53.7%) | AS7011, AS5650, AS30064, AS26127, AS3593 | 74.39.191.201 | abuse@frontiernet.net | US | ARIN | FRONTIER-COMMUNICATIONS | a05dfd7cca7771a7565a154d65f05ea2 | http://www.oikka.com//store/IDC/fx29id1.txt || 2011-02-10 18:48:10 | clamav | PHP.Id | 20/41 (48.8%) | AS32244 | 67.227.143.104 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | cc249241db4a7a9a11406ac285f0d3c6 | http://www.sacredmind.net/plugins/editors/userid.txt || 2011-02-10 18:48:10 | avira | PHP/Small.C | 30/43 (69.8%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 15848c2502aa006f3bff67cddca20762 | http://www.terre-de-mistral.com/plugins/xmlrpc/asu.txt || 2011-02-10 18:48:10 | avira | PHP/ShellP.1235 | 18/43 (41.9%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 33c5f31358cb73fec1aa409ce5ba207e | http://www.terre-de-mistral.com/plugins/xmlrpc/myid.jpg || 2011-02-10 18:48:10 | avira | PHP/RemoteAdmi.5398 | 14/43 (32.6%) | AS46816 | 69.163.35.173 | noc@directspace.net | US | ARIN | DIRECTSPACE | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://www.throttlehand.com/user/pages/myid.jpg || 2011-02-10 18:48:10 | avira | PHP/Agent.AS.1 | 16/42 (38.1%) | AS25653 | 208.116.35.58 | abuse@fortressitx.com | US | ARIN | FORTRESSITX | ec6e9cc2a93f3d27a44caf9ce4d9cd45 | http://www.worldofcm.com/pics/idq.txt || 2011-02-10 18:48:10 | avira | PHP/Shellbot.7642 | 20/40 (50.0%) | AS46475 | 69.162.121.34 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 7dd92cd8387d0b04849e2156b6a962de | http://69.162.121.34/abjects.txt || 2011-02-10 18:48:10 | avira | PHP/Small.Awi.1026 | 27/43 (62.8%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | bf4dcd069d039e4012c2fb8d02e4061b | http://azvoad.org/includes/phpmailer/bamby/myid.jpg || 2011-02-10 18:48:10 | avira | PHP/Pastie.637 | 18/42 (42.9%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 493d3c720be431004253125118998a5d | http://azvoad.org/includes/phpmailer/ID-RFI.txt || 2011-02-10 18:48:10 | avira | SPR/PHP.ID | 21/41 (51.2%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | fe3831c268bc9d41739e3574a04ab0e8 | http://azvoad.org/includes/phpmailer/id-vnc.txt || 2011-02-10 18:48:10 | avira | PHP/PHPInfo.E | 17/40 (42.5%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 292dbe6e7a4e9245e72ba548df5c393a | http://azvoad.org/includes/phpmailer/pandegaid.txt || 2011-02-10 18:48:10 | avira | HTML/Agent.5382 | 13/43 (30.2%) | AS2200 | 195.221.60.164 | certsvp@renater.fr | FR | RIPE | FR-RECTORAT-NANTES | 4ecedf4fc7c63c5c5bf9c1a315eadd26 | http://echange.btsati.swap.ljperrin.net/eva/images/img.gif || 2011-02-10 18:48:10 | clamav | PHP.Agent-15 | 4/41 (9.8%) | AS9318 | 118.218.219.178 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 1299becb87c40015afd7a5f5417c7ea4 | http://howtolisten.kr/parti/data/good2773/_file/krid1.txt || 2011-02-10 18:48:10 | avira | TR/Script.77 | 15/41 (36.6%) | AS9318 | 118.218.219.178 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | dc7b2fd7417f4ea1917ac8b7284fecba | http://howtolisten.kr/parti/data/good2773/_file/zfid1.txt || 2011-02-10 18:48:10 | avira | PHP/RemoteAdmi.5398 | 14/43 (32.6%) | AS32475 | 67.212.184.66 | netops@singlehop.com | US | ARIN | SINGLEHOP | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://idahofallsmusicclub.org/biography/myid.jpg || 2011-02-10 18:48:10 | clamav | PHP.Id-30 | 5/43 (11.6%) | AS18189 | 202.59.205.185 | sabarr@broadnetasia.com | ID | APNIC | BROADNETASIA | f9ebd9c869dfa634be6977155f0c65b7 | http://smp-pas2grt.sch.id/lab/1.txt || 2011-02-10 18:48:10 | avira | PHP/ShellP.1235 | 7/42 (16.7%) | AS23670 | 117.20.1.66 | abuse@ozservers.com.au | AU | APNIC | OZSERVERS | 5d5fd2bc01d635b49a784c16d0b45cf0 | http://www.compume.com.au/loker/id.jpg || 2011-02-10 18:48:10 | avira | PHP/BackDoor.AR | 35/43 (81.4%) | AS41186 | 195.114.18.144 | abuse@ispfr.net | FR | RIPE | ISPFR | 8dcad47f3e32e7dc1aee59167e67c601 | http://www.guerville-78.fr/1.txt || 2011-02-10 18:48:10 | avira | BDS/PHP.Small.T.15 | 26/42 (61.9%) | AS29671 | 77.232.83.39 | abuse@servage.net | EU | RIPE | SRVG-NET-FL1-H7 | 84a4c42ab78a5101d4ccd45302d77da0 | http://www.noble-works.net//e107_files/safe.txt || 2011-02-10 18:48:10 | avira | SPR/PHP.ID | 12/41 (29.3%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | b6826cabb72064d55bf0d7a9b537d4e4 | http://www.uni-dubna.ru//fotoalbum/id.gif || 2011-02-10 18:57:44 | undef | unknown_html | 0/41 (0.0%) | AS16509 | 72.21.214.39 | noc@amazon.com | US | ARIN | AMAZON-02 | 8eb5ab3fbcdf5240bfdea2b747b828b3 | http://static.ps3heroes.com/trophy/6710.png || 2011-02-10 18:57:44 | undef | unknown_html | 0/40 (0.0%) | AS6724 | 85.214.17.88 | abuse-server@strato.de | DE | RIPE | STRATO-RZG-DED2 | fabe49d857cf8dbaed8c0943d243ac35 | http://img7.myimg.de/20100213113816e19ba.png || 2011-02-10 18:57:45 | undef | unknown_html | 0/42 (0.0%) | AS19262 | 96.255.59.27 | security@verizon.net | US | ARIN | VIS-BLOCK | 1f39f6e22d02471e54e9914f783989d1 | http://www.clker.com/cliparts/7/e/6/e/12362679192063758008AX11_factory.svg.med.png || 2011-02-10 18:57:46 | avira | HTML/Infected.WebPage.Gen2 | 13/41 (31.7%) | AS13238 | 213.180.199.49 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 4684db5b4b94873a6b2d25189eb5d0cc | http://forextreyder.narod.ru/1.html || 2011-02-10 19:00:52 | clamav | PUA.Packed.ASPack | 8/43 (18.6%) | AS36351 | 174.37.106.6 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | 21664db9fe00b66ab79711d4efa857c5 | http://linkzip.com/X73h?c431f8ec929b3b18f5644705d3003d81/o-mensageiro.exe || 2011-02-10 19:01:00 | undef | unknown_html | 0/41 (0.0%) | ASNA | 64.79.79.227 | abuse@ee.net | US | ARIN | MICHCOM-BLK-1 | ca3509477f7fe2c1b5f35409fee51e14 | http://pack.megabyet.net/novas/11.txt || 2011-02-10 19:01:00 | undef | unknown_html | 0/43 (0.0%) | AS21844 | 209.62.20.200 | abuse@theplanet.com | US | ARIN | EVRY-BLK-16 | c047a6d22610fc39408ae926d3d4bbe7 | http://planetgolf.com/store/images/mode.jpg || 2011-02-10 19:01:00 | undef | unknown_html | 0/41 (0.0%) | AS32392 | 64.17.183.45 | abuse@ecommerce.com | US | ARIN | OPENTRANSFER-ECOMMERCE | 65c3b0480b1b7d32cb848f7332830834 | http://santamariaflowers.com/images/teleflora/birthday/1 || 2011-02-10 19:01:00 | undef | unknown_html | 0/39 (0.0%) | AS32392 | 64.17.183.45 | abuse@ecommerce.com | US | ARIN | OPENTRANSFER-ECOMMERCE | 65c3b0480b1b7d32cb848f7332830834 | http://santamariaflowers.com/images/teleflora/birthday/small/a || 2011-02-10 19:01:00 | undef | unknown_html | 0/38 (0.0%) | AS6539 | 199.175.106.70 | mark@islandnet.com | CA | ARIN | ISLANDNET-COM | db273dde15d2a4b781caddafff2fe216 | http://stagedoor.bc.ca/Movies/info.jpg || 2011-02-10 19:01:02 | avira | PHP/Pbot.A.6 | 27/40 (67.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 052f52ec474e422f93f8b1dd8d3215e6 | http://drust.fileave.com/k1dcmd.txt || 2011-02-10 19:02:48 | F_Prot | W32/VBTrojan.19D!Maximus | 16/39 (41%) | AS24940 | 178.63.25.144 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 947a2c244791de44b1680cf8c69cf656 | http://retrobau.square7.ch/css/images/generate.exe || 2011-02-10 19:02:49 | undef | unknown_exe | | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a511a181c58ba5a7b7cc18104718ed94 | http://www.falcogames.com/E314CenterSetup.exe || 2011-02-10 19:02:49 | AVG | RelevantKnowledge | 10/43 (23.3%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a13d5f05f32ede3255fd36762c8fa97a | http://www.falcogames.com/JoraChessSetup.exe || 2011-02-10 19:02:49 | AVG | RelevantKnowledge | 12/43 (27.9%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | a8e69f7d6a31aa4f6a7709f3e0fa529a | http://www.falcogames.com/PixClixSetup.exe || 2011-02-10 19:02:49 | AVG | RelevantKnowledge | 9/43 (20.9%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | c39f79ee2d9f859e0ba9bae3c8f77c1f | http://www.falcogames.com/SlashXonixSetup.exe || 2011-02-10 19:07:17 | undef | unknown_html | 0/41 (0.0%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c845aa5ce7b8751366e6dc2f24f823ef | http://scrappycoco.fileave.com/ || 2011-02-10 19:07:17 | Avast | Win32:Buzus-ANR | 16/43 (37.2%) | AS32354 | 204.11.104.253 | abuse@unwiredltd.com | US | ARIN | UNWIRED | da790c72ca365a7762e5138e7f3b08f1 | http://shup.com/Shup/468217/Adobe-Flash.pif || 2011-02-10 19:07:17 | Avast | Win32:Buzus-ANR | 16/43 (37.2%) | AS32354 | 204.11.104.253 | abuse@unwiredltd.com | US | ARIN | UNWIRED | da790c72ca365a7762e5138e7f3b08f1 | http://stashbox.org/1066161/adobe-flash.pif || 2011-02-10 19:07:17 | avira | TR/Agent.224744 | 3/43 (7.0%) | AS18866 | 69.50.209.170 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 311f1aa5ad7d19b8d8565e2fc1c1fff9 | http://7arhive.com/setup585.exe || 2011-02-10 19:16:47 | undef | unknown_html | 0/42 (0.0%) | AS12322 | 88.190.253.247 | abuse@proxad.net | FR | RIPE | FR-PROXAD-20051003 | 5b196d1e7fdfeb0d44b6562ae021d5ed | http://www.pc-st.com/us/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/40 (0.0%) | AS6849 | 212.113.49.35 | noc@utel.net.ua | UA | RIPE | Ukrtelecom-DC-49 | bfee06e15c70ac3139db65e66fc936e7 | http://asterios.tm/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/42 (0.0%) | AS29551 | 83.141.4.122 | abuse@aixit.com | DE | RIPE | DE-HGC-20040908 | 89ac8db59a6a89595946003f0f6e6475 | http://files.spieletipps.de/cont_dl/62/7d/3d/ || 2011-02-10 19:16:47 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS48172 | 91.218.230.148 | abuse@ihc.ru | RU | RIPE | IHC-NET | eac7d6d5391047c2e84eb478583d485f | http://katrik.ru/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/41 (0.0%) | AS13335 | 199.27.134.88 | sri@cloudflare.com | US | ARIN | CLOUDFLARENET | 6146d53ff4bd93d8a68bfac94f27cb1f | http://mirrors.ih8sn0w.com/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/40 (0.0%) | AS16265 | 83.149.75.83 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20040309 | 812b8b5eb54c15582d365347ab679969 | http://www.62344.110mb.com/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/43 (0.0%) | AS31034 | 62.149.130.47 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 61944ef6234e6de290f3239223a7b7c1 | http://www.inkspot.it/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/43 (0.0%) | AS25560 | 62.216.172.68 | abuse@rh-tec.de | DE | RIPE | DE-FRA-PSWGROUP2-NET | 69dc6410f3fa957d2ecb4f2f42407a58 | http://www.steelbytes.de/ || 2011-02-10 19:16:47 | undef | unknown_html | 0/41 (0.0%) | AS41947 | 92.241.175.142 | votintsev@gameland.ru | RU | RIPE | GAMELAND | d36810f9163e3df6273589e212bda11c | http://www.xakep.ru/post/19470/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/42 (0.0%) | AS34221 | 217.199.217.10 | dn@quickline.ru | RU | RIPE | UCOZ | 8e781fa5d6c57a0d3dfddc14ef1d85e4 | http://beastx.3dn.ru/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS41947 | 195.216.243.36 | abuse@compubyte.vg | GB | RIPE | COMPUBYTE-NET | 3ba75b766b006ed908345caf9adbd3f4 | http://dmi4er.ucoz.ru/load/ || 2011-02-10 19:22:40 | avira | TR/Downloader.Gen | | AS174 | 205.196.121.150 | derek@linkrightllc.com | US | ARIN | LINKRIGHT-HOU-1 | e4de3484a27e9b8ed939b7a0c299dfc3 | http://download955.mediafire.com/c66196mhu11g/b765xt317j5dsc4/ || 2011-02-10 19:22:40 | avira | TR/Downloader.Gen | | AS174 | 205.196.121.150 | derek@linkrightllc.com | US | ARIN | LINKRIGHT-HOU-1 | e4de3484a27e9b8ed939b7a0c299dfc3 | http://download955.mediafire.com/k52y7xf2fhfg/b765xt317j5dsc4/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS16276 | 94.23.241.217 | abuse@ovh.net | FR | RIPE | OVH | 39870f7cb5ef39396a537214bff50daf | http://download.aircrack-ng.org/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/42 (0.0%) | AS12990 | 213.180.150.17 | abuse@onet.pl | PL | RIPE | PL-ONET-20000125 | 20d131e564dd94e1ecef2f8452994537 | http://fxtoolz.republika.pl/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS2503 | 202.222.30.227 | jin@ipc.akita-nct.ac.jp | JP | APNIC | JPNIC-NET-JP | c573b1ed2d679532027e5d6ac798c61c | http://game.umimi.com/tool/pokesav/bin/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS27382 | 208.118.249.61 | rfh@media3.net | US | ARIN | MEDIA3 | 28176cf6135b2a99834e286ec0c6ed8c | http://greatis.com/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS26347 | 75.119.222.39 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK8 | c13354b39b368ab8005b743d48eca387 | http://marknelson.us/attachments/1997/zlib/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/41 (0.0%) | AS32475 | 69.175.78.45 | netops@singlehop.com | US | ARIN | SINGLEHOP | 2ddfdeec782a72c12a136749b514f639 | http://raskruti.co.cc/files/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS8972 | 188.138.72.60 | abuse@plusserver.de | DE | RIPE | SERVERLOFT-1 | bc3255d609ca31fc47fbfda81fee3335 | http://rooosana.ps/uploads/ || 2011-02-10 19:22:40 | Rising | Hack.Exploit.Script.HTML.IFrame.o | 1/41 (2.4%) | AS13238 | 213.180.199.11 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 6139915c078683ddd11ac4af2741b54b | http://s0m.narod.ru/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS25973, AS35937, AS15244 | 67.210.116.230 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | a201cce3830f9b45d12a5d6873a025f7 | http://sandsprite.com/CodeStuff/ || 2011-02-10 19:22:40 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/43 (2.3%) | AS26496 | 97.74.215.78 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 5c3913983a02c8e8ec76463d4c2bf213 | http://shaggyze.hoggshobbies.com/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/41 (0.0%) | AS19066 | 96.30.58.9 | noc@wiredtree.com | US | ARIN | WIREDTREE | b8abc2240b999404aeb830485821b262 | http://swadaya.web.id/wp-content/uploads/2008/01/ || 2011-02-10 19:22:40 | avira | HIDDENEXT/Crypted | 3/43 (7.0%) | AS16265 | 95.211.94.169 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | bb826482fdff7fefb277fc56ca1ce09d | http://www858.megaupload.com/files/809c2e2e4a8d9e7bead058724f6d9b1d/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/40 (0.0%) | AS26347 | 75.119.198.35 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK8 | 51f3dbf6b6d3eb71a6a822d9735f125f | http://www.askfrank.net/seo-tools/ || 2011-02-10 19:22:40 | Rising | Hack.Exploit.Script.HTML.IFrame.o | 1/40 (2.5%) | AS13238 | 213.180.199.11 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 3870bab69ccae8490b5b55a14c05fb3c | http://www.asnas.narod.ru/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/38 (0.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.188.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d0b6512feca27741becf0ae07e3ea8b1 | http://www.cheat-project.com/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/38 (0.0%) | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | 7cf251f546457a42d7ae3703ead78914 | http://www.dreammail.eu/download/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/40 (0.0%) | AS25229 | 77.120.115.184 | abuse@volia.net | UA | RIPE | UA-VOLIA-20061124 | e6cf7c28fca3dbc679d3cb533bdeb3dc | http://www.ex.ua/load/ || 2011-02-10 19:22:40 | avira | HTML/Infected.WebPage.Gen2 | 19/43 (44.2%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | aa44c231a5e1737864c46fa9b44122f9 | http://www.freewebtown.com/citylove/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/42 (0.0%) | AS17139 | 66.117.4.196 | abuse@corporatecolo.com | US | ARIN | CORPCOLO-NET02 | 4fe47d2c9954479946c6b8949ead10ca | http://www.inputdirector.com/downloads/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/41 (0.0%) | AS14778 | 98.136.92.79 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US9 | a27d32707c423d0c93d5188ba025bc1e | http://www.kimete.com/droid/beta/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS26496 | 188.121.47.1 | support@godaddy.com | NL | RIPE | NL-GODADDYCOM-20090506 | 3abdaa8935e501411e38f5d1c76e0735 | http://www.matousec.com/downloads/ || 2011-02-10 19:22:40 | undef | Trojan.Heur.JP.amX@aOApWNe | 0/42 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.120.148.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 2764178aec97c4fe327b768739b2db6e | http://www.net-studio.org/patch/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/41 (0.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | ada43e6c3bb4c9437ae6547eb05ef621 | http://www.onionsoft.net/hsp/file/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS21385 | 95.142.77.53 | ripe@priv.de | DE | RIPE | SASG-MARKUSMUELLER-NET | 42ef36dac795544d835af899923a5e34 | http://www.priv.de/fastpush/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS2914 | 198.63.210.233 | abuse@ntt.net | US | ARIN | NTTA-198-63 | 84f5954a4babc53b96c51862a15a79fb | http://www.spyarsenal.com/telephone-spy/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS12521 | 212.85.33.210 | dserena@nova.es | ES | RIPE | NOVA-NET | def8dc837214ee287ee05bdd637796b7 | http://www.spycheck.co.uk/ |+---------------------+-------------+--------------------------------------------+---------------+------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0,00 sec)
+---------------------+------------------+----------------------------------------------+---------------+------------------------------------+-----------------+-----------------------------------+---------+--------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------------+----------------------------------------------+---------------+------------------------------------+-----------------+-----------------------------------+---------+--------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-10 19:22:40 | undef | unknown_html | 0/43 (0.0%) | AS36351 | 50.22.65.54 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | 5449a9a310d1dbea1cde4fc6357b9371 | http://www.usbuzmani.com/wp-content/2009/07/ || 2011-02-10 19:22:40 | undef | unknown_html | 0/42 (0.0%) | AS26496 | 97.74.35.254 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 868d14bbe67730727f72ff6037bd4be0 | http://www.vbwg.net/ || 2011-02-10 19:22:40 | Rising | Hack.Exploit.Script.HTML.IFrame.o | 1/43 (2.3%) | AS13238 | 213.180.199.5 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 524a7577f94f68a56e7f6b8a9477dd9c | http://www.victorsaf.narod.ru/Thinstalling/ || 2011-02-10 20:09:07 | undef | unknown_exe | 0/43 (0.0%) | AS15133 | 93.184.220.20 | phil@edgecast.com | US | RIPE | EU-EDGECASTEU-20080602 | 269f314b87e6222a20e5f745b6b89783 | http://www.immunos.net/downloads/dotnetfx35setup.exe || 2011-02-10 20:09:45 | undef | unknown_html | 0/40 (0.0%) | AS18866 | 69.50.193.102 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 081e0441e991edb6a1400930ce9f2e54 | http://B837BD30C040BE7205021B361619C7A1.info/message.php?subid=585&br=IE_6.00&os=12&flg=2&id=5F60FAF878B650F053239049F41A2EF3&ad=&ver=_if19 || 2011-02-10 20:09:45 | trendmicro | WORM_EMAIL.VTG | 14/41 (34.1%) | AS262757 | 186.224.99.20 | insidesign@insidesign.com.br | BR | LACNIC | 004.430.883/0001-20 | 9edca62584befed30d582e4b62eff07a | http://www.goldlab.com.br/imagens/Thiago || 2011-02-10 20:09:45 | trendmicro | WORM_EMAIL.VTG | 3/42 (7.1%) | AS262757 | 186.224.99.20 | insidesign@insidesign.com.br | BR | LACNIC | 004.430.883/0001-20 | 8be66c0ae1ac3c455f0cca3165e8aa0b | http://www.goldlab.com.br/imagens/XIT || 2011-02-10 20:09:45 | avira | TR/Spy.Gen | 17/43 (39.5%) | AS31034 | 62.149.140.76 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 5a74d2723c4afbda46441496f10b4aed | http://www.omeyasweb.com/highslide/graphics/outlines/facebook-pic000934519.exe || 2011-02-10 20:09:50 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS18866 | 69.50.193.129 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 3f66c08513f032affd9c924a8eb24eec | http://cloudnanoconnnection.info/neoformers/xtasks.php?1_10010_1_1b7bf5eb-b240-4dbb-a121-96026066b62d_5.1%202600%20SP2.0_ru-ru_iexplore_6.2.2011%2013:30:20_c0000157 || 2011-02-10 19:54:13 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://edanez.110mb.com/xxx/spr.txt?&mode=id || 2011-02-10 20:40:21 | avira | TR/Crypt.ZPACK.Gen | 28/43 (65.1%) | AS31240 | 78.110.60.253 | abuse@ht-systems.ru | RU | RIPE | RU-HT-SYSTEMS-BIS | 9ca2605518e063749ed68ddcc977c869 | http://www.prodriver.ru/classes/dompdf/build.exe || 2011-02-10 20:40:21 | undef | unknown_file_$[135]/SearchToolbarUpdater.exe | 1/43 (2.3%) | AS16509 | 72.21.211.153 | noc@amazon.com | US | ARIN | AMAZON-02 | 6746e97dce204f22b087ba31f63bf039 | http://cdn.performersoft.com/download/dp/dp_genius.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | e8865136a71ecdd40809b4a428613645 | http://www.dreammail.eu/download/DreamMail4660_Setup.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | de42b267289630024089297807101358 | http://www.dreammail.eu/download/DreamMail4670_Setup.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | 2542792182446024b804095b51499785 | http://www.dreammail.eu/download/DreamMail4680_Setup.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | f10fb4505ebf3084e57446ecf161f09d | http://www.dreammail.eu/download/DreamMail4681_Setup.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | bc639e7ab87ac73beed494a98c5bb33c | http://www.dreammail.eu/download/DreamMail4682_Setup.exe || 2011-02-10 20:40:35 | undef | unknown_exe | | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | 081fc06ffca3473f77d9d87750a58012 | http://www.dreammail.eu/download/DreamMail4685_Setup.exe || 2011-02-10 20:40:35 | ClamAV | PUA.Packed.ASPack | 4/40 (10%) | AS8560 | 82.165.56.80 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | 8b6e319f422b3be1eb0e6311134621cd | http://www.dreammail.eu/download/DreamMail4686_Setup.exe || 2011-02-10 20:40:36 | McAfee | Generic.dx!lax | 2/43 (4.7%) | AS36420, AS30315, AS13749, AS21844 | 174.120.148.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | c6305ad8b591ba12360a5534438a76ac | http://www.net-studio.org/patch/EventTriggersXP.exe_Removal_Tool.zip || 2011-02-10 20:40:36 | McAfee | Generic.dx!lax | 2/43 (4.7%) | AS36420, AS30315, AS13749, AS21844 | 174.120.148.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 1c133b408a17003dbc7be1aa8a9f81bf | http://www.net-studio.org/patch/Reanti.exe_Removal_Tool.zip || 2011-02-10 20:40:36 | avira | TR/Agent.945664.A | 12/43 (27.9%) | AS36420, AS30315, AS13749, AS21844 | 174.120.148.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 333b03ded4c6138f4abea7d4af79a8d9 | http://www.net-studio.org/patch/rundll32.exe || 2011-02-10 20:40:36 | trendmicro | Mal_Otorun9 | 4/43 (9.3%) | AS36420, AS30315, AS13749, AS21844 | 174.120.148.221 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 315e5c75061c0aab4443abf6c1c4fb15 | http://www.net-studio.org/patch/Windows_System_Defender_Fix.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 1/43 (2.3%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 20b7fa2e790d1240ee1865c83bbd7cfb | http://www.onionsoft.net/hsp/file/hsp255b2.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 1/43 (2.3%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 9d4e330099a7451333ec668dbc60f2be | http://www.onionsoft.net/hsp/file/hsp255b3.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 3/42 (7.1%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 8ce65a4083c61a285c0c66d7eda66bb7 | http://www.onionsoft.net/hsp/file/hsp255.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 3/43 (7.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 3b1982a7eb485cf18b721d2d8082ef11 | http://www.onionsoft.net/hsp/file/hsp255first.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 1/41 (2.4%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 3deb97b4af115beb5ac25bf26f52de92 | http://www.onionsoft.net/hsp/file/hsp255rc1.exe || 2011-02-10 20:40:36 | AntiVir | HEUR/Malware | 1/43 (2.3%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | e48f00fbe0dcaa9bdca2d26606769f31 | http://www.onionsoft.net/hsp/file/hsp255rc2.exe || 2011-02-10 20:40:36 | eSafe | Suspicious File | 1/39 (2.6%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | cb69d94900774e7f97d4cd5afc40e0f0 | http://www.onionsoft.net/hsp/file/hsp261inst.exe || 2011-02-10 20:40:36 | undef | unknown_exe | 0/40 (0.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | c355c25f45766ed86a2f08515d6ed230 | http://www.onionsoft.net/hsp/file/hsp26inst.exe || 2011-02-10 20:40:36 | undef | unknown_exe | 0/43 (0.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 1feadad253d05d11d1bce26b5f3940bf | http://www.onionsoft.net/hsp/file/hsp26rc1.exe || 2011-02-10 20:40:36 | eSafe | suspicious Trojan/Worm | 1/30 (3.3%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | f51672660bb6179e11ed6aee08ff0e8d | http://www.onionsoft.net/hsp/file/hsp30.exe || 2011-02-10 20:40:36 | undef | unknown_exe | 0/43 (0.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 629866f2f74bcbdaa64532eac20c5965 | http://www.onionsoft.net/hsp/file/hsp30qbox.exe || 2011-02-10 20:40:36 | undef | unknown_exe | 0/43 (0.0%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 6b93a0d07819a276a71ecfba66f7e2aa | http://www.onionsoft.net/hsp/file/hsp30rc2.exe || 2011-02-10 20:40:36 | undef | unknown_exe | | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 37ce90de0c94c01859bf140f9f6894d3 | http://www.onionsoft.net/hsp/file/hsp31.exe || 2011-02-10 20:40:36 | undef | unknown_exe | | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | cb77b095d6e5601c23c11c130ac1eed4 | http://www.onionsoft.net/hsp/file/hsp321.exe || 2011-02-10 20:40:36 | avira | DR/Agent.fyln | | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 7e689e52fb21cede2367a75c8da2908a | http://www.onionsoft.net/hsp/file/hsp32.exe || 2011-02-10 20:40:36 | Rising | Suspicious | 1/41 (2.4%) | AS9370 | 202.181.97.76 | tanaka-nic@sakura.ad.jp | JP | APNIC | SAKURA-NET | 352fd1a9e84dd04cf95eee1d934aa922 | http://www.onionsoft.net/hsp/file/hsp32rc1.exe || 2011-02-10 21:41:39 | avira | HTML/Crypted.Gen | 8/40 (20%) | AS9924 | 219.87.170.27 | ting_tseng@twfn.com.tw | TW | APNIC | TFN-NET | d107eaed9fdd5ff605decce0b7770cb0 | http://bervb.com/ || 2011-02-10 21:41:45 | undef | unknown_html | 0/43 (0.0%) | AS19318 | 209.159.151.3 | network@interserver.net | US | ARIN | INTERSERVER | e0aa021e21dddbd6d8cecec71e9cf564 | http://tbtrack.zugo.com/error?pid=585&bdate=20110131T122433&bversion=1.4&os=5.1-x86-SP2&comp=MKISdl&err=HTTP%2f1%2e1%20404%20Not%20Found%20%5bget%2c%200%2c%20http%3a%2f%2ftrack%2ezugo%2ecom%2fgetCountry%2f%3fpid%3d585%26channel%3d%26bdate%3d20110131T122433%26bversion%3d1%2e4%5d || 2011-02-10 21:41:45 | undef | unknown_html | 0/43 (0.0%) | AS19318 | 209.159.151.3 | network@interserver.net | US | ARIN | INTERSERVER | e0aa021e21dddbd6d8cecec71e9cf564 | http://tbtrack.zugo.com/error?pid=585&bdate=20110131T122433&bversion=1.4&os=5.1-x86-SP2&comp=MKISdl&err=HTTP%2f1%2e1%20404%20Not%20Found%20%5bget%2c%201%2c%20http%3a%2f%2ftrack%2ezugo%2ecom%2fgetCountry%2f%3fpid%3d585%26channel%3d%26bdate%3d20110131T122433%26bversion%3d1%2e4%5d || 2011-02-10 21:45:02 | avira | PHISH/Facebook.9966 | 1/43 (2.3%) | AS19318 | 69.10.48.106 | abuse@trouble-free.net | US | ARIN | INTERSERVER | d0535ab3983fd3ee917862e7e23b8a16 | http://toptenvids.t35.com/playnumberone.html || 2011-02-10 22:08:38 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 4675e10e2946ed416c5d8d18eaf7082e | http://runescapes2011.t35.com/index2.html || 2011-02-10 22:09:15 | avira | TR/VB.Apac.2 | 8/43 (18.6%) | AS36351 | 74.86.74.96 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 6f90f85f72ee45fb3bb1ee40595bf43c | http://acpl.org.in/scan.exe || 2011-02-10 22:24:30 | avira | PHP/C99Shell.B | 29/42 (69.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c16e6eb4bd23b2fd888c7b77c6965a20 | http://avambee.bplaced.net/rfi/os/ssh.txt??? || 2011-02-10 22:25:06 | avira | PHP/C99Shell.B | 29/42 (69.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c16e6eb4bd23b2fd888c7b77c6965a20 | http://avambee.bplaced.net/rfi/os/ssh.txt? || 2011-02-10 22:25:16 | avira | PHP/C99Shell.B | 29/42 (69.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c16e6eb4bd23b2fd888c7b77c6965a20 | http://avambee.bplaced.net/rfi/os/ssh.txt?%00 || 2011-02-10 21:05:08 | undef | RiskTool.Win32.NetStud.a | 0/43 (0.0%) | AS31240 | 78.110.60.253 | abuse@ht-systems.ru | RU | RIPE | RU-HT-SYSTEMS-BIS | 498d5c61c04acedc991371e901146f7d | http://www.prodriver.ru/classes/dompdf/ || 2011-02-10 22:46:56 | avira | TR/Crypt.ASPM.Gen | 22/42 (52.4%) | AS46844 | 67.21.76.40 | abuse@comcast.net | US | ARIN | COMCAST-ADEL-67-21-64-0 | 964f4bd26f31f53a5a28fc72d077bb91 | http://picfiles.uyrubr.com/Files/6363265732.jpg || 2011-02-10 23:08:47 | avira | TR/Dropper.Gen | 32/41 (78.0%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 3623eaa97a695ad8919dd1b25db49be4 | http://h1.ripway.com/h20tim/Ghedn.exe || 2011-02-10 23:08:47 | avira | TR/Fakealert.MP | 11/41 (26.8%) | AS7366 | 199.7.177.222 | abuse@lemuriaco.com | US | ARIN | LEMURIA-COMMUNICATIONS | 78bde477e016db15939377864ea1127b | http://hotfile.com/dl/103169772/fcdcce1/gift.exe.html || 2011-02-10 23:08:47 | undef | unknown_html | 0/40 (0.0%) | AS7366 | 74.120.11.44 | abuse@lemuriaco.com | US | ARIN | LEMURIA-NET | 5bfd642cbda1d3888e48b827cb7c3d37 | http://s403.hotfile.com/get/5340ce4b3c98bbb62af458fc0b7b9c3d3ca6ed0c/4d5453f0/2/bee42bdb8a9571de/6263eec/gift.exe || 2011-02-10 23:08:47 | Ikarus | Trojan.JS.Redirector | 1/41 (2.4%) | AS16265 | 95.211.77.151 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | e27824f512ff81a00412924235f6dc7b | http://neverends.ru/?v=p2040025.jpg || 2011-02-10 23:22:48 | avira | HTML/Agent.5382 | 13/43 (30.2%) | AS2200 | 195.221.60.164 | certsvp@renater.fr | FR | RIPE | FR-RECTORAT-NANTES | 4ecedf4fc7c63c5c5bf9c1a315eadd26 | http://echange.btsati.swap.ljperrin.net/eva/images/img.gif???????????? || 2011-02-10 22:50:32 | avira | PHP/C99Shell.AB | 18/38 (47.4%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c8df874410c8760c5d6f652867e5f936 | http://avambee.bplaced.net/rfi/os/c100.txt??? || 2011-02-10 23:22:55 | avira | PHP/Pbot.A.6 | 24/41 (58.5%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | f0341e328cc2fda4b94bcaa61367136f | http://uni-dubna.ru//fotoalbum/pbot.gif???????????? || 2011-02-10 23:37:46 | avira | HTML/Agent.5382 | 12/43 (27.9%) | AS36420, AS30315, AS13749, AS21844 | 67.18.18.240 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-11 | 7162f645a6b82d790e416f5e3d484dbc | http://findsomeonespecialtoday.com//forum/includes/myid.txt???????? || 2011-02-10 23:19:37 | avira | PHP/C99Shell.E.14 | 3/41 (7.3%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 614559ced200764d08891776913cc1ca | http://avambee.bplaced.net/rfi/os/c99ud.txt??? || 2011-02-10 23:37:47 | avira | PHP/Pbot.A.6 | 24/41 (58.5%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | f0341e328cc2fda4b94bcaa61367136f | http://uni-dubna.ru//fotoalbum/pbot.gif????????? || 2011-02-10 23:20:45 | avira | PHP/C99Shell.E.14 | 3/41 (7.3%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 614559ced200764d08891776913cc1ca | http://avambee.bplaced.net/rfi/os/c99ud.txt? || 2011-02-10 22:49:58 | avira | PHP/C99Shell.AE.1 | 19/42 (45.2%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 6170019c9f8137ea502fad33e54b7ddb | http://avambee.bplaced.net/rfi/os/c100.php? || 2011-02-10 23:39:48 | avira | PHP/C99Shell.B | 29/42 (69.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c16e6eb4bd23b2fd888c7b77c6965a20 | http://avambee.bplaced.net/rfi/os/ssh.txt || 2011-02-10 23:21:01 | avira | PHP/C99Shell.E.14 | 3/41 (7.3%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 614559ced200764d08891776913cc1ca | http://avambee.bplaced.net/rfi/os/c99ud.txt || 2011-02-10 22:50:08 | avira | PHP/C99Shell.AE.1 | 19/42 (45.2%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | bfdc700bd2b28b718696a559076695cc | http://avambee.bplaced.net/rfi/os/c100.php??? || 2011-02-11 00:36:30 | BitDefender | Trojan.Generic.KD.128222 | 5/43 (11.6%) | AS16805, AS22576 | 64.38.27.42 | abuse@layeredtech.com | US | ARIN | LAYERED-TECH-CF | b77b7a51485b89d47726f8893322ffcb | http://rosestreet.co.za/hefymo1s/setup527598.exe || 2011-02-10 23:54:27 | avira | PHP/PHPInfo.LL | 16/43 (37.2%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 1006074320a9105b991f4c8be31a8ea3 | http://avambee.bplaced.net/rfi/os/idosyris.txt?? || 2011-02-11 00:05:14 | avira | BDS/PHP.Agent.DW.1 | 20/41 (48.8%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 227083bcc392ddf7399e4b225bce1ffe | http://avambee.bplaced.net/rfi/os/ssh2.txt? || 2011-02-11 00:07:08 | avira | BDS/PHP.Agent.DW.1 | 20/41 (48.8%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 227083bcc392ddf7399e4b225bce1ffe | http://avambee.bplaced.net/rfi/os/ssh2.txt || 2011-02-11 00:07:58 | avira | PHP/Agent.DQ | 10/41 (24.4%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 70f88e9421aead2f71e0a72505b9b565 | http://avambee.bplaced.net/rfi/os/r57.php || 2011-02-10 23:43:57 | avira | PHP/Limworm.172478 | 29/42 (69.0%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | 9848d030c053965ea1156e7df1037434 | http://uni-dubna.ru//fotoalbum/lang.gif????????????? || 2011-02-11 00:03:25 | clamav | PUA.HTML.Crypt-9 | 3/43 (7.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 65aa665dc0fa25cfc55131498f1c4b3b | http://avambee.bplaced.net/rfi/os/c99.txt? || 2011-02-11 00:02:06 | avira | PHP/Limworm.172478 | 29/42 (69.0%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | 9848d030c053965ea1156e7df1037434 | http://uni-dubna.ru//fotoalbum/lang.gif?????????? || 2011-02-11 01:37:28 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS25847 | 207.58.129.91 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | 797ec0d89853649d5554bd03fa76cc40 | http://www.livechat-facebookcam.com/msn/msn.html || 2011-02-11 01:39:15 | avira | TR/Spy.Gen | 18/43 (41.9%) | AS4837 | 125.211.221.132 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-HL | f1c0cd7bdf45af7dcabbbc9c2f6a9019 | http://www.bufenli.com/lzg.exe || 2011-02-11 01:33:39 | avira | PHP/Pbot.A.10 | 16/41 (39.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 3ef6287a738b7c4f1c26d6eefa61de0a | http://nojtle.t35.com/tr0nd1tj3.txt || 2011-02-11 01:17:29 | avira | PHP/Pastie.637 | 18/42 (42.9%) | AS32475 | 67.212.184.66 | netops@singlehop.com | US | ARIN | SINGLEHOP | 493d3c720be431004253125118998a5d | http://idahofallsmusicclub.org/biography/ID-RFI.txt?? || 2011-02-10 23:27:12 | undef | Variant.Adware.Hotbar.1 | 0/42 (0.0%) | AS16805, AS22576 | 64.38.27.42 | abuse@layeredtech.com | US | ARIN | LAYERED-TECH-CF | c8dbe60612e3a06480b9ab62fd9ea783 | http://rosestreet.co.za/hefymo1s/ || 2011-02-11 02:08:31 | avira | TR/Crypt.XPACK.Gen3 | 33/43 (76.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 53e4a655ba85bd8ee4d6165cf668bd22 | http://mrbigyo.fileave.com/Yahoo.install.2.0112.5.exe || 2011-02-11 02:21:04 | avira | TR/Script.75 | 22/41 (53.7%) | AS29671 | 77.232.69.222 | abuse@servage.net | EU | RIPE | SRVG-NET-FL1-H2 | a05dfd7cca7771a7565a154d65f05ea2 | http://linuxcostablanca.com/fx291d1.txt?? || 2011-02-11 02:22:47 | avira | PHP/BackDoor.AR | 35/43 (81.4%) | AS29671 | 77.232.69.222 | abuse@servage.net | EU | RIPE | SRVG-NET-FL1-H2 | f11a5c7810f1f715e1680b7045dda3cd | http://linuxcostablanca.com/fx291d2.txt??? || 2011-02-11 02:23:16 | undef | unknown_html_RFI_php | 0/43 (0.0%) | AS4766 | 121.188.91.69 | abuse@kornet.net | KR | APNIC | KORNET-KR | 78df38dcbb327bca2a9c8958a3f1890b | http://cjmc.or.kr//center1/data/spread.txt?&modez=shellz || 2011-02-11 03:08:59 | Microsoft | VirTool:Win32/VBInject.gen!FT | 4/43 (9.3%) | AS19318 | 64.20.55.251 | network@interserver.net | US | ARIN | NJIIX | 7492dcf738357a7a06f4f4d31401dd85 | http://anyhub.net/file/1MoF-xd.exe || 2011-02-11 03:08:59 | avira | BDS/Agent.81920.B | 32/43 (74.4%) | AS42926 | 178.211.56.90 | abuse@as42926.net | TR | RIPE | TR-RADORE-20100628 | 1b7e7985077ae29f57ec6e1ded0d3dbe | http://178.211.56.90/as3e.exe || 2011-02-11 02:52:23 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS36351 | 74.86.183.197 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 5c170eebe6e1bf37bdd43d63fbb65901 | http://utama-audio.com/temp/id/id?? || 2011-02-11 03:45:02 | avira | HTML/ScrInject.4728 | 13/41 (31.7%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | 1fb91ef6aa75281441716fdf7b3d3560 | http://bit.ly/dVQfoD || 2011-02-11 04:08:43 | eSafe | Win32.Artemis | 7/42 (16.7%) | AS36351 | 174.37.198.45 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | 48dbdb70b3c326ca26397c5c07cc551a | http://www.digi77.com/software/folder-moniter/Folder-Monitor-Setup.exe || 2011-02-11 05:15:27 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt || 2011-02-11 05:13:51 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txtcom_restaurante&task=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/fi || 2011-02-11 05:14:06 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txthttp://bofa86.t35.com/news.txt???? || 2011-02-11 05:16:49 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt/index2.php?p=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt || 2011-02-11 05:16:46 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt0&includedir=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt || 2011-02-11 05:17:33 | undef | unknown_html_RFI | 0/43 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt/str.php?p=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://h1.ripway.com/KaPPaH/Service/file.txt || 2011-02-11 05:02:13 | avira | PERL/IrcBot.GN | 12/43 (27.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 07c3ecc6946847a5c8b53abcee3cd5f2 | http://re1.fileave.com/nu.txt?? || 2011-02-11 06:06:49 | avira | PHP/Shellbot.7642 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d6500bea93a065077d2a88fc088dbe9b | http://fudantes.110mb.com/cmdpr.txt? || 2011-02-11 05:58:22 | avira | PHP/Shellbot.7642 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 60d317ca7402a0a5633d6499cfde008f | http://fudantes.110mb.com/cmdpro8.txt? || 2011-02-11 06:01:26 | avira | PHP/Shellbot.7642 | 29/42 (69.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f6e9c323ed852d7c9a7ccd2cacc8f056 | http://fudantes.110mb.com/cmdpro.txt? || 2011-02-11 05:56:25 | avira | PHP/Shellbot.7642 | 29/42 (69.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 744edd115aa4da771a97743f5b74f446 | http://fudantes.110mb.com/cmdpro7.txt? || 2011-02-11 07:00:03 | avira | HTML/ScrInject.4728 | 13/40 (32.5%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | cb3cccaa915d8e1bb0826a379e2e076b | http://bit.ly/gUnmJl || 2011-02-11 06:45:59 | avira | PHP/Shellbot.7642 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d6500bea93a065077d2a88fc088dbe9b | http://fudantes.110mb.com/cmdpr.txt || 2011-02-11 07:34:55 | trendmicro | PHP_IRCBOT.SMZ | 18/42 (42.9%) | AS29278 | 87.229.73.78 | abuse@deninet.hu | HU | RIPE | DENINET-HU | eba54d099a9a4acaf20b67c118727522 | http://pipaszovetseg.hu/portal/baru.txt???? || 2011-02-11 07:10:22 | undef | Trojan.Win32.Buzus.ejsq | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://kiemthevn.110mb.com/ || 2011-02-11 07:10:24 | undef | Monitor.Win32.Perflogger.fq | 0/42 (0.0%) | AS13238 | 93.158.134.83 | abuse@yandex.ru | RU | RIPE | YANDEX-134-0 | 798f20ef41001d11fbb5b3e7a2423fdf | http://super-pfkjgjdcrbq.narod2.ru/ || 2011-02-11 08:38:22 | undef | unknown_html | 0/43 (0.0%) | AS5577 | 91.216.190.212 | abuse@vanillacash.nu | EU | RIPE | VANILLACASH-NET | 16e74f556273f1ce443337712af89e78 | http://www.heute-traumgewicht.eu/1.html || 2011-02-11 08:01:24 | avira | PHP/Small.C | 18/41 (43.9%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | b5a56879d2310f597cc15f426696959c | http://rheno.zoomshare.com/files/ddos.txt?????????????? || 2011-02-11 08:17:05 | avira | PHP/IRCBOT.JB.1 | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 76b97bbc677d10bc3267a6ff8003c058 | http://persebo.fileave.com/boyz.txt??http://legalref.ru/cyberz/id.txt? || 2011-02-11 08:00:39 | avira | BDS/PHP.Agent.DW.3 | 21/41 (51.2%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | fb994b2f0933c88745264fe9beb92600 | http://rheno.zoomshare.com/files/c99.txt?????????????? || 2011-02-11 08:39:00 | avira | PHP/Pbot.A | 27/41 (65.9%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 6e4af28cdcc9b9a7e9faf0e036bc3d47 | http://kortech.cn/bbs/dd.txt????? || 2011-02-11 08:59:09 | avira | TR/Script.75 | 25/43 (58.1%) | AS36420, AS30315, AS13749, AS21844 | 174.123.13.77 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | a05dfd7cca7771a7565a154d65f05ea2 | http://lumani-enterprise.com/1.txt??? || 2011-02-11 08:59:16 | avira | PHP/BackDoor.AR | 35/43 (81.4%) | AS36420, AS30315, AS13749, AS21844 | 174.123.13.77 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | f11a5c7810f1f715e1680b7045dda3cd | http://lumani-enterprise.com/2.txt???? || 2011-02-11 08:59:21 | avira | PHP/IRCBOT.AN | 22/43 (51.2%) | AS36420, AS30315, AS13749, AS21844 | 174.123.13.77 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 5c9054f8f62ccc2feed65fd3cee85112 | http://lumani-enterprise.com/ver????&modez=shellz || 2011-02-11 08:59:26 | avira | PHP/IRCBOT.AN | 22/43 (51.2%) | AS36420, AS30315, AS13749, AS21844 | 174.123.13.77 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 5c9054f8f62ccc2feed65fd3cee85112 | http://lumani-enterprise.com/ver????&modez=botz || 2011-02-11 10:08:15 | Antiy_AVL | Trojan/Win32.VB.gen | 11/43 (25.6%) | AS3462 | 211.72.17.163 | network-adm@hinet.net | TW | APNIC | HINET-TW | 0c53535fbaf2e2cca1a1e2170f3dc42a | http://soft.ccn.tw/?WretchXDv || 2011-02-11 10:08:15 | Antiy_AVL | Trojan/Win32.VB.gen | 11/43 (25.6%) | AS3462 | 211.72.17.163 | network-adm@hinet.net | TW | APNIC | HINET-TW | 0c53535fbaf2e2cca1a1e2170f3dc42a | http://soft.ccn.tw/Files/WretchXDv.exe || 2011-02-11 10:34:23 | undef | unknown_html_RFI | 0/41 (0.0%) | AS24940 | 178.63.93.200 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | c8e0e31d9041dbb1a21d0a265a3f3937 | http://avambee.bplaced.net/rfi/os/ || 2011-02-11 10:34:23 | undef | unknown_html_RFI | 0/41 (0.0%) | AS6830 | 84.242.111.237 | martin.krautwurst@upc.cz | CZ | RIPE | CZ-DATTELKABEL-20040628 | e3657bf15e9f1b9676490f7635e421e1 | http://dominikerect.net/ || 2011-02-11 10:34:23 | avira | PHP/C99Shell.F | 27/43 (62.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | acfb2ec5e6e083c6ab6d55447e9402ae | http://re1.fileave.com/sh.txt?? || 2011-02-11 10:34:23 | avira | PHP/C99Shell.F | 27/43 (62.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | acfb2ec5e6e083c6ab6d55447e9402ae | http://re1.fileave.com/sh.txt || 2011-02-11 10:34:23 | trendmicro | BKDR_PERLBOT.SMD | 11/41 (26.8%) | AS33968 | 79.171.34.31 | rob@ukgrid.net | GB | RIPE | INTERNETENGINEERING | cddd3ef44c76c8a132cc19bc7d7dc32e | http://the3gracescoltd.hostinguk.org/templates/sys/dozer.ico?? || 2011-02-11 10:34:23 | avira | PHP/BackDoor.AR | 32/41 (78.0%) | AS41186 | 195.114.18.144 | abuse@ispfr.net | FR | RIPE | ISPFR | 8dcad47f3e32e7dc1aee59167e67c601 | http://www.guerville-78.fr/1.txt? || 2011-02-11 10:34:23 | trendmicro | BKDR_PERLBOT.SMD | 12/41 (29.3%) | AS29671 | 77.232.83.39 | abuse@servage.net | EU | RIPE | SRVG-NET-FL1-H7 | e79d2b013c657a19e38391a644f124e8 | http://www.noble-works.net/e107_plugins/dozerz.txt?? || 2011-02-11 10:34:23 | avira | PHP/ShellP.1235 | 19/42 (45.2%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 33c5f31358cb73fec1aa409ce5ba207e | http://www.terre-de-mistral.com/plugins/xmlrpc/myid.jpg? || 2011-02-11 10:34:23 | avira | BDS/PHP.ali.1 | 33/43 (76.7%) | AS29422 | 83.145.232.202 | abuse@nebula.fi | FI | RIPE | NBLHOSTING | f1a9b4e4b207cd38641061e1b72d4775 | http://www.toimistotarvikejuntunen.fi/kauppa/images/test.txt??? || 2011-02-11 10:18:10 | undef | unknown_html_RFI_eval | 0/43 (0.0%) | AS8990 | 212.92.23.38 | abuse@deninet.hu | HU | RIPE | Deninet-HU | 4a58b2df0de9a61462025790cac9ae91 | http://szoszi-madi.hu/versek/blacksis.txt?? || 2011-02-11 11:20:24 | AntiVir | HEUR/Crypted.E | 8/43 (18.6%) | AS29873 | 209.59.218.240 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC02 | f42e835ad96c78b0d37a830921ccfda4 | http://209.59.218.240/XAvisos.jpg || 2011-02-11 11:20:24 | AVG | Crypt_c.FGF | 1/43 (2.3%) | AS42708 | 193.105.134.49 | info@swedendedicated.com | SE | RIPE | SWEDENDEDICATED-NET | 3f372f1b6a4b089012292d8c40123d50 | http://digi-updates.com/download/svchost.dat || 2011-02-11 11:20:24 | undef | unknown_exe | | AS14618 | 184.72.226.9 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | b79c98e67a265cbc175eb88a11e2060a | http://dl.dropbox.com/u/20236353/games.gif || 2011-02-11 11:20:24 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS14618 | 184.72.237.225 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 7b4e5388c786b1777d6c62e150960663 | http://dl.dropbox.com/u/20476171/arquivo.txt || 2011-02-11 11:20:24 | undef | unknown_html | 0/43 (0.0%) | AS51441 | 91.217.162.97 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 151b270f0e3ba074b6254e0cf15fbfc1 | http://justnewleft.ru/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F44337&v=2&t=4.468936E-02 || 2011-02-11 11:20:24 | avira | TR/Crypt.ZPACK.Gen | 34/43 (79.1%) | AS51441 | 91.217.162.178 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 65d2da11ff8d3f3aa550baab4fb5a56b | http://kdddaber.com/tm/cry.exe?t=0.531109 || 2011-02-11 11:20:24 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 60.28.206.85 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-TJ | 5c16b98de8cfd01c40bf0194edfd5e0d | http://my.qqhe.com//space.php?do=pcdoing || 2011-02-11 11:20:24 | undef | unknown_html | 0/42 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 70.86.108.199 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 054cb8eb75a9ed5f9039a6daf8bafc5f | http://registryeasy.com/images/feature/systemtools.jpg?tq=gJ4WK%2FSUh7TFlUR8oY%2BQtMWTUj26kJH7yZVUK%2B%2FbxWq1SfkIYUBM || 2011-02-11 11:20:24 | McAfee_GW_Editio | Heuristic.BehavesLike.JS.CodeUnfolding.C | 1/41 (2.4%) | AS4134 | 115.238.252.106 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | 35b2063d2b71e9f4866de8bf538b8971 | http://www.70cf.com/?bat=201101 || 2011-02-11 11:20:24 | McAfee_GW_Editio | Heuristic.BehavesLike.JS.CodeUnfolding.C | 1/43 (2.3%) | AS4134 | 115.238.252.106 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | 5379d9e48399ded354875fd16299c1d9 | http://www.70cf.com/?bat=201101&jdfwkey=8boai2 || 2011-02-11 11:20:24 | undef | unknown_html | 1/43 (2.3%) | AS10990 | 208.79.154.35 | gb@tulix.com | US | ARIN | TULIX-SYSTEMS | 61beaf9a98bd688cd11c90c28dcd9f60 | http://www.homecom.com/ || 2011-02-11 11:20:24 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 60.217.232.137 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 6fad263035a4524ec599ff75f9f91210 | http://www.qqhe.com//data/js.php?id=31 || 2011-02-11 11:20:24 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 60.217.232.137 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 66f9468b388e66bc136cb16a8bf66f53 | http://www.qqhe.com/images/scroll.css || 2011-02-11 11:20:24 | eSafe | JS.Small.au | 1/42 (2.4%) | AS4837 | 123.134.95.190 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 719e33ed0ab753bc364a08a8f2213fc1 | http://xiazai.dnf521.org/?pemwg || 2011-02-11 11:20:24 | avira | PHP/Pbot.A.6 | 30/43 (69.8%) | AS6245 | 206.188.192.193 | ipadmin@monstercommerce.com | US | ARIN | MONSTERCOMMERCE | a5d1a7aeac39390605c1c994d6f42b78 | http://0314ea7.netsolhost.com/images/pacote.txt || 2011-02-11 11:20:24 | avira | TR/Script.75 | 25/43 (58.1%) | AS3462 | 122.116.169.59 | network-adm@hinet.net | TW | APNIC | HINET-NET | a05dfd7cca7771a7565a154d65f05ea2 | http://122.116.169.59/a.txt || 2011-02-11 11:20:24 | avira | PHP/Pbot.GA | 20/43 (46.5%) | AS7738 | 187.76.4.246 | csirt@oi.net.br | BR | LACNIC | 002.558.134/0001-58 | 7fdbd8efcda35c1cc356298adbc6098b | http://187.76.4.246/pbe.txt || 2011-02-11 11:20:24 | avira | PHP/Pbot.GA | 20/43 (46.5%) | AS7738 | 200.216.214.109 | csirt@oi.net.br | BR | LACNIC | 002.558.134/0001-58 | 7fdbd8efcda35c1cc356298adbc6098b | http://200.216.214.109/webmail/pbe.txt || 2011-02-11 11:20:24 | avira | PHP/C99Shell.C | 23/41 (56.1%) | AS8972 | 62.75.152.79 | abuse@plusserver.de | DE | RIPE | VSERVER-1 | 2b714b261f0bfd0554bd868282c4e54e | http://62.75.152.79/1.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 20/41 (48.8%) | AS46475 | 69.162.121.34 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | fd6d9400539ef85245289641e8a9bc74 | http://69.162.121.34/aabjects.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 22/43 (51.2%) | AS46475 | 69.162.83.211 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | ff9e4e8bd5034fc867a8571349937df3 | http://69.162.83.211/appserv/irc.eu.abjects.net.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 22/43 (51.2%) | AS46475 | 69.162.83.211 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | ff9e4e8bd5034fc867a8571349937df3 | http://69.162.83.211/irc.eu.abjects.net.txt || 2011-02-11 11:20:24 | avira | PHP/A.AK | 13/43 (30.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 4f97dc585ce08514f3d89ae5eef2693e | http://dendang.fileave.com/bovsp.txt || 2011-02-11 11:20:24 | avira | PHP/Pbot.A | 25/42 (59.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2bf2d28c36450588e14346984b63befc | http://fudantes.110mb.com/cmdok30.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 27/42 (64.3%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 65629c26c39004fc7f17c267ddf60e61 | http://fudantes.110mb.com/cmdpro1.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 29/42 (69.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 744edd115aa4da771a97743f5b74f446 | http://fudantes.110mb.com/cmdpro7.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 60d317ca7402a0a5633d6499cfde008f | http://fudantes.110mb.com/cmdpro8.txt || 2011-02-11 11:20:24 | avira | PHP/Shellbot.7642 | 29/42 (69.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f6e9c323ed852d7c9a7ccd2cacc8f056 | http://fudantes.110mb.com/cmdpro.txt || 2011-02-11 11:20:24 | avira | PHP/Pastie.637 | 19/43 (44.2%) | AS32475 | 67.212.184.66 | netops@singlehop.com | US | ARIN | SINGLEHOP | 493d3c720be431004253125118998a5d | http://idahofallsmusicclub.org/biography/ID-RFI.txt || 2011-02-11 11:20:24 | avira | PERL/IrcBot.GN | 12/43 (27.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 07c3ecc6946847a5c8b53abcee3cd5f2 | http://re1.fileave.com/nu.txt || 2011-02-11 11:20:24 | avira | PHP/Small.539 | 22/43 (51.2%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 0c0dc830a122a16b9b41f85a788103ed | http://sekenk2.zoomshare.com/files/rfiid.txt || 2011-02-11 11:20:24 | clamav | PHP.Id-36 | 7/38 (18.4%) | AS4837 | 221.206.178.49 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-HL | 4f48fabbd4b83e52ac9d33407ad7b4eb | http://www.syforest.com/.logx || 2011-02-11 11:20:25 | trendmicro | TROJ_BANKER.SMSV | 19/41 (46.3%) | AS3549 | 208.51.78.252 | abuse@gblx.net | US | ARIN | GBLX-6D | 50b5f2e6a778b12a4adcababcb153093 | http://ftiap-up.servehalflife.com/components/com_content/open_acrobat_adobe.com??Deposito%2FComprovante%2Fabuse@clean-mx.de || 2011-02-11 11:20:25 | avira | TR/Spy.128512.28 | 37/41 (90.2%) | AS4134 | 122.224.6.164 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 8809b6417c1fef1d74dabe79b0ca2556 | http://hn.yigeyuming.com:82/hn.gif?t=0.804455 || 2011-02-11 11:22:46 | undef | unknown_html | 0/43 (0.0%) | AS24778 | 77.246.37.8 | hostmaster@datapipe.com | GB | RIPE | UK-DATAPIPE-20070509 | dc3c13d0459c9271e477485f1d85a79e | http://10.xg4ken.com/media/general.js || 2011-02-11 11:22:46 | undef | unknown_html | 0/43 (0.0%) | AS24778 | 77.246.37.8 | hostmaster@datapipe.com | GB | RIPE | UK-DATAPIPE-20070509 | dc3c13d0459c9271e477485f1d85a79e | http://10.xg4ken.com/media/getpx.php?cid=f6dc9dab-5743-4529-861e-77e5d43d86be || 2011-02-11 11:31:16 | avira | TR/Dropper.Gen | 26/41 (63.4%) | AS4134 | 121.12.109.75 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 40b37cb5544789794397ad9fb852312e | http://121.12.109.75:8990/360.exe || 2011-02-11 11:31:16 | avira | TR/Crypt.XPACK.Gen3 | 5/43 (11.6%) | AS29802 | 206.51.232.217 | abuse@noc4hosts.com | US | ARIN | NOC4HOSTS | 01b98c8167624de74cf88480a73feca2 | http://sgtbcollege.org/.0jojp7/?getexe=drk.exe || 2011-02-11 11:31:16 | avira | WORM/Koobface.hqf | 25/43 (58.1%) | AS29802 | 206.51.232.217 | abuse@noc4hosts.com | US | ARIN | NOC4HOSTS | 9413dff1c80818ac46a398b287c515cb | http://sgtbcollege.org/.0jojp7/?getexe=ffe32.exe || 2011-02-11 11:31:16 | avira | TR/Spy.66048.26 | 29/42 (69.0%) | AS29802 | 206.51.232.217 | abuse@noc4hosts.com | US | ARIN | NOC4HOSTS | c4fa4adc177a9e7cc632369521eb2ec7 | http://sgtbcollege.org/.0jojp7/?getexe=yahoo.exe || 2011-02-11 11:31:16 | avira | TR/Crypt.XPACK.Gen3 | 5/43 (11.6%) | AS44565 | 188.124.20.82 | abuse@vit.com.tr | TR | RIPE | TR-VITAL-20090619 | 01b98c8167624de74cf88480a73feca2 | http://twtsappolimer.com/.65rx2ok/?getexe=drk.exe || 2011-02-11 11:31:16 | avira | WORM/Koobface.hqf | 25/43 (58.1%) | AS44565 | 188.124.20.82 | abuse@vit.com.tr | TR | RIPE | TR-VITAL-20090619 | 9413dff1c80818ac46a398b287c515cb | http://twtsappolimer.com/.65rx2ok/?getexe=ffe32.exe || 2011-02-11 11:31:16 | avira | TR/Crypt.ZPACK.Gen | 22/43 (51.2%) | AS44565 | 188.124.20.82 | abuse@vit.com.tr | TR | RIPE | TR-VITAL-20090619 | dfbdf34bb19659f56a3877f84c375922 | http://twtsappolimer.com/.65rx2ok/?getexe=yahblog.exe || 2011-02-11 10:56:31 | undef | unknown_html_RFI_perl | 0/43 (0.0%) | AS41947 | 195.216.243.41 | abuse@compubyte.vg | GB | RIPE | COMPUBYTE-NET | c374b37583e47a7ee1aea0cd38798137 | http://cmdinject.ucoz.com/x.txt? || 2011-02-11 11:11:30 | undef | unknown_html_RFI | 0/43 (0.0%) | AS38197 | 121.127.250.204 | sunhk.idc@gmail.com | HK | APNIC | SUN-NETWORK | 990bc3e586b0a9e74dca0f0665fbe819 | http://marketedchina.com/cache/mod_cblogin/index2.txt? || 2011-02-11 12:17:58 | undef | unknown_html | 0/42 (0.0%) | AS28666 | 189.1.164.55 | abuse@hospedagemdesite.com | BR | LACNIC | 006.943.198/0001-23 | 7f0baecb5bf899df2229a8f8ab95cfcc | http://trooperhcblivegdim.adm.br/log.php?tipo=./infe/&nome=00CD1A40.txt || 2011-02-11 12:02:35 | avira | TR/Script.76 | 25/43 (58.1%) | AS27715 | 200.234.220.59 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | f5c92f6912a87f4c170cb0622513e197 | http://chicopneus.com.br/v1/fotos/fx291.txt?? || 2011-02-11 12:04:05 | avira | PHP/BackDoor.AR | 8/41 (19.5%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | c922626ccf64739d2d1aa798142a9122 | http://soloteam.zoomshare.com/files/mIRC/readme.txt???? || 2011-02-11 12:02:48 | avira | PHP/BackDoor.AR | 35/43 (81.4%) | AS27715 | 200.234.220.59 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | f11a5c7810f1f715e1680b7045dda3cd | http://chicopneus.com.br/v1/fotos/fx292.txt??? || 2011-02-11 12:05:35 | avira | PHP/Pbot.A | 25/43 (58.1%) | AS11798 | 69.89.31.161 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 40d94f5ecc2d03c12ba61d9fef730329 | http://acadianacfm.org/components/com_search/views/search/tmpl/list.txt?? || 2011-02-11 11:42:21 | avira | PHP/BackDoor.AR | 22/42 (52.4%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f9c9037c6d7b8a1ebba73778946ab3ba | http://rayzz.110mb.com/id/id2.txt????? || 2011-02-11 12:19:39 | avira | PHP/RemoteAdmi.5398 | 13/41 (31.7%) | AS16138 | 217.74.66.183 | ripe@firma.interia.pl | PL | RIPE | INTERIAPL-NET1 | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://rtv.sabaj.pl/pl/myid.jpg? || 2011-02-11 12:19:43 | avira | PHP/Loader.9852 | 6/43 (14.0%) | AS16138 | 217.74.66.183 | ripe@firma.interia.pl | PL | RIPE | INTERIAPL-NET1 | c7720150ca8dd62a309c9a0a367de3c2 | http://rtv.sabaj.pl/pl/c0x.txt? || 2011-02-11 11:42:52 | avira | PHP/IRCBOT.JB.1 | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 76b97bbc677d10bc3267a6ff8003c058 | http://persebo.fileave.com/boyz.txt? || 2011-02-11 13:08:01 | clamav | PUA.Packed.ASPack | 10/43 (23.3%) | AS12741 | 81.210.27.150 | abuse@inetia.pl | PL | RIPE | PL-NETIA-20021023 | 12ddf9f1927845df2b16c105508a7101 | http://www.panmoskwa.pl/images/M_images/img10022011.exe || 2011-02-11 13:08:38 | AhnLab_V3 | Worm/Win32.VBNA | 21/43 (48.8%) | AS31034 | 62.149.236.161 | abuse@staff.aruba.it | IT | RIPE | ARUBA-NET | e4a79f92b3554d876e070d13d15548a8 | http://www.scatolesumisura.it/VideoTVN24.exe || 2011-02-11 13:08:38 | AhnLab_V3 | Worm/Win32.VBNA | 21/43 (48.8%) | AS21740 | 98.124.199.1 | dmnoc@demandmedia.com | US | ARIN | DEMANDMEDIA-2 | e4a79f92b3554d876e070d13d15548a8 | http://www.tvn24noticias.com/ || 2011-02-11 13:08:38 | avira | TR/Crypt.ZPACK.Gen | 31/41 (75.6%) | AS16265 | 85.17.199.95 | abuse@leaseweb.com | NL | RIPE | LEASEWEB | 2bf247117782798b4186aebcf76c7486 | http://bontekoewielersport.nl/facebook/bot.exe || 2011-02-11 13:08:38 | avira | JAVA/SMSSend.M | 3/40 (7.5%) | as44050 | 91.201.66.38 | admin@donecoserv.ru | RU | RIPE | Donekoserv | e25e36c67bb38148bceaa20b1d5d85c8 | http://mms-portal.ru/mms169.jar || 2011-02-11 13:27:12 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/41 (2.4%) | AS4134 | 121.10.105.25 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 5e4c0203541e75f0affefd8e632491aa | http://bbs.3996.com/index.php?u=29415 || 2011-02-11 13:27:12 | Ikarus | IM-Worm.Win32.Zeroll | 4/43 (9.3%) | AS1299 | 80.239.151.63 | abuse@telia.com | DE | RIPE | DE-TERASPACE | 040f71054e38044987642dab4bd1daca | http://rs62tl.rapidshare.com/files/447229210/check || 2011-02-11 13:27:12 | avira | TR/Dldr.Agent.fuiq | 27/40 (67.5%) | AS1299 | 80.239.250.2 | abuse@telia.com | DE | RIPE | DE-TERASPACE | ae25fb150a881295ad0ddc0469696dc6 | http://rs801tl.rapidshare.com/files/446492925/iconush1 || 2011-02-11 13:27:12 | undef | unknown_html | 0/43 (0.0%) | AS30058 | 76.73.12.228 | abuse@fdcservers.net | US | ARIN | FDCSERVERS | 3fc7538e202db26e6fc3695e3f0e73a6 | http://www.csol.cc/ || 2011-02-11 13:27:12 | undef | unknown_html_RFI_php | 0/43 (0.0%) | AS32181 | 69.65.41.218 | ip-admin@coloquest.com | US | ARIN | IPNAP | da49795596ac9a53f6a883a5126919f2 | http://www.startskins.com/startpage/6500748843/ || 2011-02-11 13:27:13 | undef | unknown_html | 0/43 (0.0%) | AS16265 | 85.17.199.95 | abuse@leaseweb.com | NL | RIPE | LEASEWEB | 73e0342ad03529f48c946d756210222a | http://bontekoewielersport.nl/facebook/cfg2.bin || 2011-02-11 13:12:03 | undef | Trojan-Spy.Win32.Zbot.gen | 0/43 (0.0%) | AS31034 | 62.149.236.161 | abuse@staff.aruba.it | IT | RIPE | ARUBA-NET | 5727ff88a4f5305391304f68480d0ebe | http://www.scatolesumisura.it/ || 2011-02-11 13:12:03 | undef | Worm.Win32.VBNA.b | 0/43 (0.0%) | AS12741 | 81.210.27.150 | abuse@inetia.pl | PL | RIPE | PL-NETIA-20021023 | 98c32a306cf7bcf97a95e2d2285562d3 | http://www.panmoskwa.pl/images/M_images/ || 2011-02-11 14:00:02 | Antiy_AVL | Exploit/JS.Agent | 10/43 (23.3%) | AS13601 | 66.33.44.201 | abuse-mh@peer1.com | US | ARIN | 66-33-0-0-NET | 667452dc4a92abd5405aa2448f34a4c5 | http://14.playwow.us/L.js || 2011-02-11 14:08:07 | avira | TR/Hijacker.Gen | 38/43 (88.4%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | 1e31a40eab90b99c9cd6e5eedea6d2c7 | http://up.iranblog.com/images/0yr3032z1qryfsfu528.rar || 2011-02-11 14:08:10 | avira | TR/Dropper.Gen | 20/43 (46.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 0c6c0cd8759ee464a196847ec0076832 | http://cgk.fileave.com/HostBooter!.exe || 2011-02-11 14:08:10 | avira | TR/Crypt.TPM.Gen | 13/41 (31.7%) | AS14141 | 98.142.215.180 | wnoc@wiresix.com | US | ARIN | WIRESIX | 53a2016700f1b601e86c2cbd7e4eb0c6 | http://premium.fileden.com/premium/2010/4/20/2834631/Activity.png || 2011-02-11 14:08:10 | avira | TR/Crypt.TPM.Gen | 17/42 (40.5%) | AS14141 | 98.142.215.180 | wnoc@wiresix.com | US | ARIN | WIRESIX | 71107f4ef4006c4eace0908feae5dbee | http://premium.fileden.com/premium/2010/4/20/2834631/Contador.png || 2011-02-11 14:08:10 | avira | TR/Crypt.TPM.Gen | 20/40 (50.0%) | AS14141 | 98.142.215.180 | wnoc@wiresix.com | US | ARIN | WIRESIX | ec61251f016614e502addaa02dba5cdf | http://premium.fileden.com/premium/2010/4/20/2834631/look.png || 2011-02-11 14:08:10 | avira | TR/Crypt.TPM.Gen | 20/40 (50.0%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | ec61251f016614e502addaa02dba5cdf | http://www.fileden.com/files/2010/4/20/2834631/look.png || 2011-02-04 06:27:22 | undef | Trojan-Spy.Win32.VB.dgs | 0/41 (0.0%) | AS18101 | 220.226.178.160 | Antiabuse.support@relianceada.com | IN | APNIC | RCOM | 68b329da9893e34099c7d8ad5cb9c940 | http://220.226.178.160/cache/ || 2011-02-11 15:08:25 | avira | TR/Dropper.Gen | 31/43 (72.1%) | AS8972 | 85.25.73.110 | abuse@plusserver.de | DE | RIPE | SERVERLOFT-1 | 78bb4420aa2ff8de46f91bd6f529b740 | http://www.tbn.ms/forum/download/file/12%26act%3ddown |+---------------------+------------------+----------------------------------------------+---------------+------------------------------------+-----------------+-----------------------------------+---------+--------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0,00 sec)
+---------------------+---------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-11 15:08:25 | avira | TR/Dropper.Gen | 31/43 (72.1%) | AS8972 | 85.25.73.110 | abuse@plusserver.de | DE | RIPE | SERVERLOFT-1 | 78bb4420aa2ff8de46f91bd6f529b740 | http://www.tbn.ms/forum/download/file/12%26act%3Ddown/ || 2011-02-11 15:08:25 | clamav | PUA.Packed.ASPack | 6/40 (15.0%) | AS15685 | 109.123.210.42 | abuse@casablanca.cz | CZ | RIPE | Nethost-CZ | 892b66a07e64ba223d0ca479db1ac778 | http://files.enferreonline.webnode.com.br/200000001-7c9fd7d99e/00003473647631ma6ens.exe?flmcarvalho:01:23:54:71263516151316260366 || 2011-02-11 15:08:25 | avira | TR/VB.Downloader.Gen | 19/43 (44.2%) | AS14026 | 187.45.182.215 | blkadm@NIC.BR | BR | LACNIC | | 657896bf80f1b3fb94d0ece631f4fbe7 | http://tikk.in/comunychifrelynet || 2011-02-11 15:08:29 | avira | WORM/IrcBot.78336.1 | 22/42 (52.4%) | AS16265 | 85.17.159.77 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20050311 | f58a9ca2dce71e01c7a2459756ad66b8 | http://85.17.159.77/~yutubeeu/school/390612963.exe || 2011-02-11 14:51:04 | avira | PHP/Small.C | 18/41 (43.9%) | AS24940 | 78.46.104.41 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 7a78057973efc06ed81b82acb62bfd51 | http://gathel.co.de/pb.jpg??? || 2011-02-11 14:12:03 | undef | Trojan-Downloader.Win32.VB.ykv | 0/41 (0.0%) | AS16265 | 85.17.159.77 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20050311 | d7206c246b7ac1075d0d0ce7327edc5f | http://85.17.159.77/~yutubeeu/school/ || 2011-02-11 16:09:00 | trendmicro | BKDR_PERLBOT.SMD | 14/43 (32.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d0113a423fcd9624a00725a55c0d863a | http://pnt.fileave.com/scanners.txt || 2011-02-11 16:09:00 | avira | PHP/RemoteAdmi.5398 | 12/40 (30.0%) | AS16138 | 217.74.66.183 | ripe@firma.interia.pl | PL | RIPE | INTERIAPL-NET1 | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://rtv.sabaj.pl/pl/myid.jpg || 2011-02-11 16:09:00 | avira | PHP/Pbot.A.2 | 21/42 (50.0%) | AS46475 | 69.162.65.139 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 408bfaa41a6b6f48dd62a7fec09dd91f | http://x00b.solidwebhost.com/waseem.txt || 2011-02-11 15:50:40 | avira | PHP/PHPInfo.E | 19/43 (44.2%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 292dbe6e7a4e9245e72ba548df5c393a | http://azvoad.org/includes/phpmailer/pandegaid.txt? || 2011-02-11 16:05:08 | Avast | PHP:Shell-AS | 3/41 (7.3%) | AS29671 | 77.232.69.222 | abuse@servage.net | EU | RIPE | SRVG-NET-FL1-H2 | eae3cf9f4e20b1204cce10f47ea38149 | http://linuxcostablanca.com/hacker.txt?&modez=shellz || 2011-02-11 16:09:12 | undef | unknown_html_RFI_php | 0/42 (0.0%) | AS38520 | 116.199.203.158 | abuse@infratel.net.id | ID | APNIC | INFRATEL-ID | 33b96fa5d6062756ce829e9be9c680e1 | http://posbisnis.com/uploadedimages/kerinci.txt? || 2011-02-11 15:50:45 | avira | PHP/Loader.9852 | 10/41 (24.4%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 866bbfff4613bad5ec0624144d254ca7 | http://azvoad.org/includes/phpmailer/ec.txt?? || 2011-02-11 16:12:00 | avira | TR/Script.75 | 22/42 (52.4%) | AS13749, AS21844, AS30315, AS36420 | 74.54.56.204 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | a05dfd7cca7771a7565a154d65f05ea2 | http://pkkpekalongankota.org/templates/dprd/idx.txt?? || 2011-02-11 16:12:05 | avira | PHP/BackDoor.AR | 35/43 (81.4%) | AS13749, AS21844, AS30315, AS36420 | 74.54.56.204 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8dcad47f3e32e7dc1aee59167e67c601 | http://pkkpekalongankota.org/templates/dprd/idxx.txt??? || 2011-02-11 16:23:32 | avira | EXP/PHP.E | 29/41 (70.7%) | AS7465 | 200.198.128.220 | everton@via-rs.net | BR | LACNIC | 087.124.582/0001-04 | f700c53b88b5814542781a464499047b | http://www.saude.rs.gov.br/dados/1292257779020yc.php? || 2011-02-11 16:23:32 | avira | HTML/Infected.WebPage.Gen | 23/41 (56.1%) | AS49699 | 91.215.216.5 | abuse@icn.bg | BG | RIPE | ICN-BG | 641ca948994444a301de5900b6311569 | http://moni.dupnitsa.net/id/googlerz.php? || 2011-02-11 16:23:33 | undef | unknown_html | 0/41 (0.0%) | AS13213 | 109.123.98.161 | ripe@uk2.net | GB | RIPE | UK-UK2NET-20091012 | cbcb58ac2e496207586df2854b17995f | http://109.123.98.161/b/PHPS/total_visitas.php || 2011-02-11 16:23:33 | undef | unknown_html | 0/42 (0.0%) | AS17428 | 211.151.66.113 | ipmaster@21vianet.com | CN | APNIC | CHINA-ABITCOOL | 777f58a96ce572a63f0bdebf33527da5 | http://1.67ku.com/ || 2011-02-11 16:23:33 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 121.14.151.42 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 445f5b2b3f66e6ececf396222f3cb8b7 | http://dh1.765321.info/?1 || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 121.14.151.42 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 5f707ae8af01d3858c27f4e183b2700c | http://dh1.765321.info/?1&jdfwkey=cxjli1 || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS4837 | 60.28.206.85 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-TJ | 66f9468b388e66bc136cb16a8bf66f53 | http://games.jiaoyousns.cn/images/scroll.css || 2011-02-11 16:23:33 | avira | TR/Scar.dhbx | 31/43 (72.1%) | AS3216 | 194.186.88.47 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | c8932c5c61a07c8aacd78f2d87b2bf13 | http://hosp09.land.ru/protela.jpg || 2011-02-11 16:23:33 | avira | TR/Spy.Banker.Gen | 31/42 (73.8%) | AS3216 | 194.186.88.34 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 8062287c7e5fc27baa003a9a24f95b07 | http://hosp10.newmail.ru/bandit.jpg || 2011-02-11 16:23:33 | avira | TR/Dldr.Delphi.Gen | 36/42 (85.7%) | AS3216 | 194.186.88.45 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | eeda116948d713d7bea96676c2a3e58e | http://hosp15.front.ru/ork_scrap2.jpg || 2011-02-11 16:23:33 | avira | TR/ATRAPS.Gen | 35/43 (81.4%) | AS3216 | 194.186.88.36 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 01fcd203ea59bbc97491a835f7179a1f | http://hospnova11.pop3.ru/del.jpg || 2011-02-11 16:23:33 | avira | TR/Spy.Banker.Gen | 12/40 (30.0%) | AS3216 | 194.186.88.36 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | cb0536fa18566f6da07127c1e6faa3a4 | http://hospnova11.pop3.ru/npro.jpg || 2011-02-11 16:23:33 | undef | unknown_html | 0/42 (0.0%) | AS4134 | 121.12.174.246 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | c11e91dfeee55fc2d6110c65e6d168c0 | http://jj.765321.info:3218/sms/do.php?userid=000C29CB1871&time=2011-2-11_7:57:36&msg=01704800531226&pauid=1&fy=1 || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 121.12.174.246 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 766aad18411be011f9e9175e35ddf615 | http://jj.765321.info:3218/sms/lock.ini || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 121.12.174.246 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | c733c4ef8756813c8ab69fe27bf1a2d4 | http://jj.765321.info:3218/sms/xxx02.ini || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 69e8c98e767fe36a7cb16d3ef72c28ca | http://rolademacaca.110mb.com/listaaut.jpg || 2011-02-11 16:23:33 | undef | unknown_html | 0/43 (0.0%) | AS30277 | 72.9.152.54 | contact@dfw-datacenter.com | US | ARIN | TAILORMADESERVERS | cfcd208495d565ef66e7dff9f98764da | http://update.host-evolution.com/enero2011.txt || 2011-02-11 16:37:49 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS4809 | 122.227.23.25 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | b8dc2851b805271fa3b85ef8f3fdeafb | http://www.guagua.com.cn/interface/reg_page.jsp?ad_id=0&from_type=1&rec_uid=6048000024&url=http://img003.com/soft/GuaGua2010Beta2SetupGW_tg.exe || 2011-02-11 17:13:13 | avira | PHP/IRCBOT.ET | 6/41 (14.6%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 606b2ac660d85741b303d3742f03bc3a | http://zerma.webs.com/shqip.txt??? || 2011-02-11 17:04:50 | trendmicro | PHP_SHELL.SM | 11/43 (25.6%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 220121b7c3342e82ca35d9333cf88cdc | http://rayzz.110mb.com/script/cy.txt???? || 2011-02-11 17:10:15 | clamav | PHP.Downloader-4 | 1/43 (2.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c7875eb8696cdfc99bfdc23f37a0b176 | http://plugins1.fileave.com/sp.txt?? || 2011-02-11 17:00:07 | avira | PHP/IRCBOT.JB.1 | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 76b97bbc677d10bc3267a6ff8003c058 | http://camat.fileave.com/boyz.txt?http://legalref.ru/cyberz/id.txt? || 2011-02-11 17:00:16 | avira | PHP/IRCBOT.JB.1 | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 76b97bbc677d10bc3267a6ff8003c058 | http://camat.fileave.com/boyz.txt??http://legalref.ru/cyberz/id.txt? || 2011-02-11 17:38:23 | CAT_QuickHeal | (Suspicious) - DNAScan | 6/43 (14.0%) | AS10297 | 209.190.85.251 | abuse@ee.net | US | ARIN | ENET-XLHOST | 408ed5abafdc73f8954a3e519bcc0948 | http://attachlivemail.66ghz.com/comissoes.zip || 2011-02-11 17:38:27 | undef | unknown_html | 0/42 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 578918a478019b7da4d341841935ab61 | http://logfotos.110mb.com/sist.jpg || 2011-02-11 17:38:27 | undef | unknown_html | 0/42 (0.0%) | AS18450 | 67.220.217.230 | NOC@webnx.com | US | ARIN | WEBNX | 578918a478019b7da4d341841935ab61 | http://logfotos.zxq.net/sist.jpg || 2011-02-11 17:38:27 | undef | unknown_html | 0/42 (0.0%) | AS174 | 38.100.19.122 | abuse@cogentco.com | US | ARIN | PSINETA | 578918a478019b7da4d341841935ab61 | http://pirnicipica.webng.com/sist.jpg || 2011-02-06 01:27:17 | undef | Variant.Adware.Hotbar.1 | 0/41 (0.0%) | AS38719 | 27.54.82.89 | admin@syra.com.au | AU | APNIC | AUSTDOM | 52dbc0912921e9a185d3353bc01bbf21 | http://www.medivet.net.au/pdf/ || 2011-02-11 17:46:33 | avira | PERL/IrcBot.BA | 18/41 (43.9%) | AS24940 | 78.46.102.43 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 7f56e336dc295704d7dbfd50954c71ec | http://selingkuh.eu.nu/pab.txt || 2011-02-11 17:46:33 | avira | PERL/IrcBot.BA | 18/43 (41.9%) | AS24940 | 78.46.102.43 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | f23bcf38f3a786fae357ffc025ab4aff | http://selingkuh.eu.nu/pal.txt || 2011-01-28 10:27:23 | undef | IM-Worm.Win32.Yahos.mg | 0/43 (0.0%) | AS46433 | 216.14.120.139 | hostmaster@eboundhost.com | US | ARIN | EBOUNDHOST | 9499d0fe5263f6872004949591707433 | http://www.emmymid-america.org/UserFiles/Image/ || 2011-02-11 18:08:33 | CAT_QuickHeal | (Suspicious) - DNAScan | 6/43 (14.0%) | AS10297 | 209.190.85.251 | abuse@ee.net | US | ARIN | ENET-XLHOST | 408ed5abafdc73f8954a3e519bcc0948 | http://attachlivemail.66ghz.com/ || 2011-02-11 18:55:57 | avira | PHP/C99Shell.F | 31/43 (72.1%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 7320922ca5d097e3a16acecbae868eae | http://smokers-heaven.co.uk/vnc/Fx29SheLL.txt? || 2011-02-11 18:56:14 | avira | PHP/Small.AA | 10/41 (24.4%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 57dcd054e8d57dd206f79cfe8f4ab1b4 | http://smokers-heaven.co.uk/vnc/r57.txt? || 2011-02-11 19:22:53 | undef | unknown_html | 0/43 (0.0%) | AS50877 | 195.80.151.58 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | c8085f0cb2b9edb894e449ebc75c88ec | http://2A18E009D8492336DDCD52B72D2A260B.info/message.php?subid=2480&br=IE_6.00&os=12&flg=2&id=5F60FAF878B650F053239049F41A2EF3&ad=&ver=_if19 || 2011-02-11 19:22:53 | undef | unknown_html | 0/43 (0.0%) | AS50877 | 195.80.151.58 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | c8085f0cb2b9edb894e449ebc75c88ec | http://2A18E009D8492336DDCD52B72D2A260B.info/message.php?subid=598&br=IE_6.00&os=12&flg=2&id=5F60FAF878B650F053239049F41A2EF3&ad=&ver=_if19 || 2011-02-11 19:23:08 | avira | PHP/Pastie.637 | 16/40 (40.0%) | AS31178 | 194.165.49.22 | yann.szkolnik@celeonet.fr | FR | RIPE | CELEONET-2 | 493d3c720be431004253125118998a5d | http://www.aporteedailes.com/images/ID-RFI.txt???? || 2011-02-11 19:23:08 | avira | TR/Script.86 | 14/43 (32.6%) | AS31034 | 62.149.140.17 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 7ab5a3291410db3231141e2818e85318 | http://www.didaonline.it/docenti/zfxid1.txt?? || 2011-02-11 19:23:08 | avira | TR/Script.75 | 22/42 (52.4%) | AS7011, AS5650, AS30064, AS26127, AS3593 | 74.39.191.201 | abuse@frontiernet.net | US | ARIN | FRONTIER-COMMUNICATIONS | a05dfd7cca7771a7565a154d65f05ea2 | http://www.oikka.com//store/IDC/fx29id1.txt??? || 2011-02-11 20:00:03 | undef | unknown_html | | AS46844 | 204.188.243.131 | support@sharktech.net | US | ARIN | SHARKTECH-3 | 32fbd8b93c7ae0e0124f47e74182519b | http://204.188.243.131/count.html || 2011-02-11 20:08:21 | avira | TR/Spy.SpyEyes.AJ | 13/41 (31.7%) | AS28907 | 89.184.73.111 | noc@mirohost.net | UA | RIPE | MIROHOST | ac8684ca02b5aa6c9adb76490177e51c | http://pardokkate.com/main/bin/build___Pedagog.exe || 2011-02-11 20:40:02 | undef | unknown_html_RFI_eval | | AS46844 | 204.188.243.131 | support@sharktech.net | US | ARIN | SHARKTECH-3 | 3a59984cda756872ea4923e5d486700d | http://204.188.243.131/retkl.htm || 2011-02-11 20:24:47 | avira | PHP/Pastie.637 | 16/40 (40.0%) | AS31178 | 194.165.49.22 | yann.szkolnik@celeonet.fr | FR | RIPE | CELEONET-2 | 493d3c720be431004253125118998a5d | http://aporteedailes.com/images/ID-RFI.txt???? || 2011-02-11 20:25:00 | avira | PHP/Pbot.A | 28/43 (65.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | ffe8e1ac8c430f5427df793bd918262a | http://edanez.110mb.com/xxx/siexz.txt????? || 2011-02-11 20:25:06 | avira | PERL/Shellbot.a.6 | 19/40 (47.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 7fdc48a097f9760c35f2e7bb16fcd16c | http://edanez.110mb.com/xxx/chost.png? || 2011-02-11 21:04:49 | Norman | Doc/Exploit.B | 1/42 (2.4%) | AS32181 | 69.65.43.153 | ip-admin@coloquest.com | US | ARIN | IPNAP | 66c492f0433d1e1224deca0cc22c28f4 | http://novonetbanking.com/cmd.doc? || 2011-02-11 21:06:50 | avira | PHP/Small.539 | 15/43 (34.9%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 189c4297765af3de872305f806b8ea2f | http://terre-de-mistral.com/plugins/xmlrpc/rfiid.txt?? || 2011-02-12 00:05:45 | avira | TR/Script.86 | 13/42 (31.0%) | AS16629 | 200.68.10.118 | sescobar@isp.tie.cl | CL | LACNIC | CL-CLTE-LACNIC | 7ab5a3291410db3231141e2818e85318 | http://portal.maipu.cl/components/com_akobook/images/img/sc1?? || 2011-02-11 23:16:06 | avira | PHP/Limworm.172478 | 29/42 (69.0%) | AS2875 | 159.93.167.33 | noc@jinr.ru | RU | RIPE | JINR-NET | 9848d030c053965ea1156e7df1037434 | http://uni-dubna.ru//fotoalbum/lang.gif???????????? || 2011-02-11 23:27:10 | undef | Trojan-Spy.MSIL.Zbot.avz | | AS24940 | 46.4.236.151 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100819 | c2cca260c1a50ec7c75e554802ce7813 | http://topfarsi.com/upload/program/ || 2011-02-11 23:27:10 | undef | Trojan.Heur.jq3@fvyDMRai | | AS42926 | 213.128.65.98 | kubilay@rh.com.tr | TR | RIPE | TR-RADORE-20090520 | 3a9fd598fc7aba8fbeef141d7f042022 | http://darkorbit-hilesi.com/ || 2011-02-12 00:46:39 | avira | PHP/Shellbot.7642 | | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 3d5268a9e408b0a17016e11b4a896f88 | http://shelldown.110mb.com/nopslide.ableNET.org.txt || 2011-02-11 23:27:11 | undef | Trojan.Generic.KDV.119633 | 0/43 (0.0%) | AS50877 | 195.80.151.59 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | e1bfd762321e409cee4ac0b6e841963c | http://cepepeler28.co.cc/7box/ || 2011-02-12 03:27:12 | undef | RemoteAdmin.Win32.WinVNC-based.c | | AS46475 | 74.63.243.229 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-3 | 13cb579798380b1891a4326200454575 | http://meteo-chile.com/videos/ || 2011-02-12 03:27:12 | Ikarus | Trojan-Downloader.VB | 5/43 (11.6%) | AS7713 | 203.130.198.40 | abuse@telkom.net.id | ID | APNIC | TELKOMNET | ccd527c15e6da73e9c6a821f0db52de0 | http://karya-prima.com/plugins/componente_c/ || 2011-02-12 04:27:18 | avira | PHP/Shellbot.7642 | | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | b0028099868d833f91f83a9831b55bc9 | http://fudantes.110mb.com/cmdpr1.txt? || 2011-02-12 04:51:34 | avira | PHP/Pbot.A | | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6d9246d6f3cfac9312073f2da82648f9 | http://otto1.110mb.com/[soneka].txt || 2011-02-12 04:59:33 | avira | PHP/Pbot.A | | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6d9246d6f3cfac9312073f2da82648f9 | http://otto1.110mb.com/[soneka].txt? || 2011-02-12 04:49:49 | avira | PHP/Pbot.A | | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6d9246d6f3cfac9312073f2da82648f9 | http://otto1.110mb.com/%5Bsoneka%5D.txt || 2011-02-12 03:27:13 | undef | Trojan.Agent/Gen-BancoSpy | 0/41 (0.0%) | AS13618 | 76.76.3.45 | abuse@carohosting.com | US | ARIN | CARO-NET-ARIN-2 | d12481791b897661e5d43ea70019eb8e | http://www.r7l3.net/movi.wmv/ || 2011-02-12 06:40:02 | undef | unknown_html | 0/43 (0.0%) | AS9057 | 217.163.21.37 | abuse@eu.level3.net | GB | RIPE | YAHOO-IE | 785178ce2e95c8d03e178db3605272a1 | http://ad.tlvmedia.com/imp?Z=300x250&s=1681866&_salt=808882408&B=10&u=undefined&r=1 || 2011-02-12 05:51:10 | avira | PERL/Shellbot.B.3 | 19/40 (47.5%) | AS16629 | 200.68.10.118 | sescobar@isp.tie.cl | CL | LACNIC | CL-CLTE-LACNIC | d978c31ee932d3e54648155673af075c | http://portal.maipu.cl/components/com_akobook/images/img/spr.txt?? || 2011-02-12 05:51:38 | avira | PHP/BackDoor.AR | 31/43 (72.1%) | AS16629 | 200.68.10.118 | sescobar@isp.tie.cl | CL | LACNIC | CL-CLTE-LACNIC | dcc55d73dae5326abb4f00d9313a7e70 | http://portal.maipu.cl/components/com_akobook/images/img/sc2??? || 2011-02-12 05:51:48 | avira | PHP/IRCBOT.E.1 | | AS16629 | 200.68.10.118 | sescobar@isp.tie.cl | CL | LACNIC | CL-CLTE-LACNIC | 2e7d3cd9c4d37105593bb350ec7c5c06 | http://portal.maipu.cl/components/com_akobook/images/img/girl.txt?? || 2011-02-12 06:39:30 | avira | PHP/C99Shell.B | | AS15589 | 83.211.240.146 | abuse@eutelia.it | IT | RIPE | SEVENHOST-EDT | 3a8df23a989069a9fae19b5ff1f49a98 | http://free.7host06.com/7evendurden/craziness.txt? || 2011-02-12 06:39:32 | avira | PHP/C99Shell.546575 | | AS15589 | 83.211.240.146 | abuse@eutelia.it | IT | RIPE | SEVENHOST-EDT | e483c77bf6975e8dae9ca16691f49780 | http://free.7host06.com/seveneleven711/strom.txt?? || 2011-02-12 06:39:43 | avira | PHP/C99Shell.546575 | | AS15589 | 83.211.240.146 | abuse@eutelia.it | IT | RIPE | SEVENHOST-EDT | e483c77bf6975e8dae9ca16691f49780 | http://free.7host06.com/seveneleven711/strom.txt? || 2011-02-12 06:39:13 | avira | SPR/PHP.ID | 22/43 (51.2%) | AS15589 | 83.211.240.146 | abuse@eutelia.it | IT | RIPE | SEVENHOST-EDT | d4a06373a5cc3d3e1da67420ae46c75f | http://free.7host06.com/7evendurden/idosyris.txt??? || 2011-02-12 07:00:02 | undef | unknown_html_RFI_eval | | AS4847 | 221.122.60.135 | ipmaster@cect-chinacomm.com | CN | APNIC | CHINACOMM | f4250cfecfba2470aca743d37a9935fc | http://www.zhqycm.com/inc/W0RD7O89632311/restr.html || 2011-02-12 07:25:13 | avira | PHP/IRCBOT.A | | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d2639829c6b91325ecd27acbf158b2f3 | http://rayzz.110mb.com/script/sp.txt???&modez=scannerz || 2011-02-12 07:23:07 | avira | PHP/IRCBOT.A | | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d2639829c6b91325ecd27acbf158b2f3 | http://rayzz.110mb.com/script/sp.txt???&modez=botz || 2011-02-12 07:25:19 | avira | PHP/IRCBOT.A | | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d2639829c6b91325ecd27acbf158b2f3 | http://rayzz.110mb.com/script/sp.txt???&modez=psybnc || 2011-02-12 07:22:59 | avira | PHP/IRCBOT.A | | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | d2639829c6b91325ecd27acbf158b2f3 | http://rayzz.110mb.com/script/sp.txt???&modez=shellz || 2011-02-12 09:00:02 | avira | TR/Crypt.ULPM.Gen | 23/41 (56.1%) | AS4134 | 222.186.13.89 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 59a3030aac389980f7b8ef1b529bc11a | http://www.xh2009.com/uploadfiles/zx/zx.exe || 2011-02-12 09:19:13 | avira | PHP/Pbot.M | | AS16265 | 212.7.201.48 | info@dediserv.eu | NL | RIPE | PL-DEDISERV-20100812 | 3bb7c64161afb33598875e48794d3fd1 | http://jkehgrg.co.cc/RFI1.txt???m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://jkehgrg.co.cc/RFI1.txt??? || 2011-02-12 08:50:54 | avira | PHP/IRCBOT.JB.1 | 18/41 (43.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 76b97bbc677d10bc3267a6ff8003c058 | http://camat.fileave.com/boyz.txt?? || 2011-02-12 07:45:43 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/43 (2.3%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 3a2427747a4f44ee4bfee3aeb0ef670c | http://msnvideos1400.110mb.com/ || 2011-02-12 07:45:54 | undef | Trojan-Downloader.Win32.Delf.aexd | | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 396b19949c8e154ca7b1b07f900facf5 | http://nineninenine.fileave.com/ || 2011-02-12 07:45:59 | undef | Trojan.Win32.Hrup.bos | 0/43 (0.0%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 81051bcc2cf1bedf378224b0a93e2877 | http://sharo.fileave.com/xx1/ || 2011-02-12 07:45:59 | avira | HTML/ScrInject.4728 | | AS3216 | 194.186.88.37 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 077470442637512d8e9203b2aef40b9a | http://systema2013.pochta.ru/ || 2011-02-12 11:33:50 | avira | PHP/IRCBOT.AE | | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 4168b5b485252525bba591272f8df76a | http://polombuo.fileave.com/mahakam.txt?? || 2011-02-12 11:56:09 | Norman | Doc/Exploit.B | 1/42 (2.4%) | AS32181 | 69.65.43.153 | ip-admin@coloquest.com | US | ARIN | IPNAP | 66c492f0433d1e1224deca0cc22c28f4 | http://www.novonetbanking.com/cmd.doc? || 2011-02-12 11:56:09 | avira | PHP/Pastie.637 | 16/40 (40.0%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 493d3c720be431004253125118998a5d | http://azvoad.org/includes/phpmailer/ID-RFI.txt?? || 2011-02-12 11:56:09 | avira | TR/Script.75 | 25/42 (59.5%) | AS8560 | 74.208.178.118 | arin-role@oneandone.net | US | ARIN | 1AN1-NETWORK | a05dfd7cca7771a7565a154d65f05ea2 | http://intrastage.com//satu.txt??? || 2011-02-12 11:56:10 | avira | TR/Dropper.Gen | 38/41 (92.7%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | 77bd0ce28a2e9d474aaea65d150e1d95 | http://2b.perfectexe.com:88/cool.jpg?t=0.2901575 || 2011-02-12 11:56:10 | avira | TR/Dldr.Delphi.Gen | 41/43 (95.3%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | b4afa1df1debb6c5a8ece7d0a4793bed | http://2b.perfectexe.com:88/cs.jpg?t=0.8081476 || 2011-02-12 11:56:10 | undef | unknown_html | 0/43 (0.0%) | AS14359 | 75.119.79.178 | abuse@cavtel.net | US | ARIN | ITEC | 11e1a98646444367ddb6e4696fb73bab | http://75.119.79.178/ || 2011-02-12 11:56:10 | undef | unknown_html | 0/43 (0.0%) | AS50877 | 195.80.151.58 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | c8085f0cb2b9edb894e449ebc75c88ec | http://843D2BC60827F8AA6D3CA9CDFD22E87F.info/message.php?subid=2480&br=IE_6.00&os=12&flg=2&id=5F60FAF878B650F053239049F41A2EF3&ad=&ver=_if19 || 2011-02-12 11:56:10 | undef | unknown_html | 0/43 (0.0%) | AS50877 | 195.80.151.58 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | c8085f0cb2b9edb894e449ebc75c88ec | http://843D2BC60827F8AA6D3CA9CDFD22E87F.info/message.php?subid=585&br=IE_6.00&os=12&flg=2&id=5F60FAF878B650F053239049F41A2EF3&ad=&ver=_if19 || 2011-02-12 11:56:10 | avira | TR/Crypt.ZPACK.Gen | 10/43 (23.3%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | e841fa84e5b8c721040c6a2d23a0cfd9 | http://94.63.244.50/a.exe?t=0.4381525 || 2011-02-12 11:56:10 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 122.224.6.48 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 118a5c8986790f5f14ff7ae524040aca | http://config.perfectexe.com:88/g.txt?t=0.488704 || 2011-02-12 11:56:10 | undef | unknown_html | 0/42 (0.0%) | AS16097 | 94.101.38.100 | hostmaster@hlkomm.de | DE | RIPE | HL-REVIDO | d674c841b4187423a47f6ed90c6ad8b2 | http://flav0r.team-unforgiven.de/live/updater/filelist.txt || 2011-02-12 11:56:10 | undef | unknown_html | 0/43 (0.0%) | AS4134 | 61.143.251.212 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-GD | cfcd208495d565ef66e7dff9f98764da | http://myonline.kugou.com/ads/isbjorsh.aspx?ver=2&homepage=http%3A%2F%2Fwww.dh004.com%2F%3Fmy%3D1026 || 2011-02-12 11:56:10 | avira | HTML/Dldr.Barf.A | | AS51441 | 91.217.162.176 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | fabdb05a41ee2323299d1149ef3d3705 | http://solution-global-network.com/signup.php?did=20112112044241_XP_ENU_abs_03 || 2011-02-12 12:02:54 | avira | PHP/C99Shell.C | 28/41 (68.3%) | AS8972 | 62.75.152.79 | abuse@plusserver.de | DE | RIPE | VSERVER-1 | 2b714b261f0bfd0554bd868282c4e54e | http://62.75.152.79/1.txt? || 2011-02-12 12:03:00 | undef | unknown_html_RFI | 0/42 (0.0%) | AS13184 | 85.183.249.138 | abuse@hansenet.com | DE | RIPE | DE-HANSENET-20041029 | bf7fa2a2c333884ee09b5c84ef7482d8 | http://code.etracker.com/t.js?et=http://62.75.152.79/1.txt? || 2011-02-12 12:03:00 | avira | TR/Script.75 | 25/42 (59.5%) | AS9318 | 211.206.120.196 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | a05dfd7cca7771a7565a154d65f05ea2 | http://www.yeshouse.net/education/downs/fx29id1.txt???? || 2011-02-12 12:11:22 | Sophos | Sus/Uddo-B | 2/42 (4.8%) | AS9318 | 121.125.74.82 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 66ef28bdb061873f4b40e7b3dd94fb81 | http://down.easyfavo.com/easyfavo.zip || 2011-02-12 12:11:22 | avira | TR/Dropper.Gen | 31/41 (75.6%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 33407676a2e33acfbc0c7f19fbded9b3 | http://www.derquda.com/go.txt?t=0.3301886 || 2011-02-12 12:11:22 | avira | TR/Crypt.ZPACK.Gen | 34/43 (79.1%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 65d2da11ff8d3f3aa550baab4fb5a56b | http://www.derquda.com/tm/cry.exe?t=0.2803614 || 2011-02-12 12:11:22 | avira | TR/Spy.236570.1 | 16/42 (38.1%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ab0ecd080717b2b9f4358f1af89f8ca9 | http://www.derquda.com/tm/res.exe?t=0.2890589 || 2011-02-12 12:11:22 | undef | unknown_html | 0/43 (0.0%) | AS25973, AS35937, AS15244 | 67.210.126.80 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 1cac655f9a453ffea71e6a75d954e892 | http://www.xneat.com/windows-manager/register/index2.php?ver=2.5.0.85&usr=FREE@XNEAT.COM&sn=00CD1A40 || 2011-02-12 12:11:22 | undef | unknown_html | | AS16265 | 85.17.154.159 | abuse@leaseweb.com | NL | RIPE | LEASEWEB | d0ea35aa78da6127f0caaa7ab6f285ef | http://zindrat.com/dup/page.php?query=a6&article=a3&page=a4&n=rnd&uid=5FB19F1E379C188F&lr=0 || 2011-02-12 12:18:05 | undef | unknown_html_google_malware | | AS10796 | 24.172.36.67 | abuse@rr.com | US | ARIN | RR-COMM-MIDSOUTH-2 | 1a8a71e0ef9273fd771a5b9ca3a0957a | http://1.wellcomedowqa.co.cc/1/pdf.php || 2011-02-12 12:18:05 | avira | EXP/PDF.Jeka.B | | AS36351 | 67.228.199.179 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | 773f4fb1aec52a464f78c8d5e3a5e508 | http://mjirfqrmytn.com/nte/gnh11.php/xH8b56073bV0100f060006R3d708fb1102Tc6005d1a203l000c329 || 2011-02-12 12:18:05 | Avast | JS:Pdfka-gen | 4/42 (9.5%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 299413c11606af2eb5f0ce500869a86c | http://tygradar.cz.cc/fb2b6d.pdf || 2011-02-12 12:18:05 | Avast | JS:Pdfka-gen | 4/42 (9.5%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 8426eeca4d5ad9db64296dcdae4e357e | http://tygradar.cz.cc/manuale.pdf || 2011-02-12 12:18:05 | Comodo | Heur.Suspicious | 3/42 (7.1%) | AS6760 | 77.67.111.188 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 43bd33d033dbb29bc753fa558eaca01a | http://biosagentplus.com/biosagentplus_568.exe || 2011-02-12 12:18:05 | Comodo | Heur.Suspicious | 3/42 (7.1%) | AS6760 | 77.67.111.188 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 43bd33d033dbb29bc753fa558eaca01a | http://biosagentplus.com/biosagentplus_568.exe?ct=1297362753 || 2011-02-12 12:18:05 | avira | TR/Downloader.Gen | 23/43 (53.5%) | AS16138 | 217.74.65.162 | ripe@firma.interia.pl | PL | RIPE | INTERIAPL-NET1 | b8d72263ff113cbaf4b6aceeba7a69d4 | http://trojan14teen.w.interia.pl/pliki/troj4.zip || 2011-02-12 12:18:05 | ClamAV | PUA.Packed.PECompact-1 | 7/42 (16.7%) | AS41947 | 195.216.243.31 | abuse@compubyte.vg | GB | RIPE | COMPUBYTE-NET | e6e5f653af8879c5f512e50cbe8762af | http://www.playgig.ru/_ld/7/762_Dead_Space_2_v1.rar || 2011-02-12 12:18:05 | ClamAV | PUA.Packed.PECompact-1 | 7/42 (16.7%) | AS41947 | 195.216.243.31 | abuse@compubyte.vg | GB | RIPE | COMPUBYTE-NET | e6e5f653af8879c5f512e50cbe8762af | http://www.playgig.ru/load/0-0-0-762-20 || 2011-02-12 12:18:05 | BitDefender | Gen:Trojan.Heur.qn0@f1OxP7ei | 6/41 (14.6%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | 9b4b55e5cd16ffa0ceea332f52e8ef6d | http://www.up.iranblog.com/images/h4qrs2xr6ahsc8jkrka.zip || 2011-02-12 12:18:05 | trendmicro | JAVA_AGENT.TEH | 10/42 (23.8%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 9fe875e3c0b916142c9bda21d8b79d34 | http://w5ev.co.cc/games/javaobe.jar || 2011-02-12 12:18:05 | clamav | PUA.Packed.ASPack | 10/42 (23.8%) | AS28842 | 89.17.220.221 | abuse@veloxia.com | ES | RIPE | MIARROBA-NET | 5d1dd2eedf7d7a0c1113ddb65f639ebc | http://smsrecado.webcindario.com/sb/cartao.php || 2011-02-12 12:18:05 | avira | TR/Spy.757760.5 | 29/43 (67.4%) | AS13618 | 76.76.3.45 | abuse@carohosting.com | US | ARIN | CARO-NET-ARIN-2 | 4743b3452a89257adeb430476b061eaa | http://www.r7l3.net/movi.wmv/flashplayer_square_p2_32bit_plugin_092712.exe || 2011-02-12 12:18:05 | clamav | PUA.Packed.ASPack | 9/43 (20.9%) | AS15685 | 109.123.210.42 | abuse@casablanca.cz | CZ | RIPE | Nethost-CZ | 892b66a07e64ba223d0ca479db1ac778 | http://files.enferreonline.webnode.com.br/200000001-7c9fd7d99e/00003473647631ma6ens.exe?georgiabundrich:14:19:07:551139032261068082 || 2011-02-12 12:18:05 | Antiy_AVL | RemoteAdmin/Win32.WinVNC-based.gen | 4/42 (9.5%) | AS6724 | 81.169.145.66 | abuse@strato.de | DE | RIPE | STRATO-RZG-KA | c9386c967767ebfa5a4cf919f2a0452f | http://businessedv.de/download/BusinessEDV.exe || 2011-02-12 12:18:05 | avira | TR/Kazy.7317.2 | 13/41 (31.7%) | AS46475 | 74.63.243.229 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-3 | c7dddcd581d1b603a3b542d0d1869491 | http://meteo-chile.com/videos/Alerta_Nacional.exe || 2011-02-12 12:18:05 | Ikarus | Trojan-Downloader.VB | 5/43 (11.6%) | AS7713 | 203.130.198.40 | abuse@telkom.net.id | ID | APNIC | TELKOMNET | ccd527c15e6da73e9c6a821f0db52de0 | http://karya-prima.com/plugins/componente_c/Componente_C.exe || 2011-02-12 12:18:05 | Ikarus | Trojan-Downloader.VB | 5/43 (11.6%) | AS7713 | 203.130.198.40 | abuse@telkom.net.id | ID | APNIC | TELKOMNET | ccd527c15e6da73e9c6a821f0db52de0 | http://karya-prima.com/plugins/componente_c/index.php || 2011-02-12 12:18:05 | ClamAV | PUA.Packed.ASPack | 4/43 (9.3%) | AS26496 | 208.109.78.35 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 3e5c0b3a473898952fb951b99e663aaa | http://jackpotspin.com/gin/SneakyTiki.exe || 2011-02-12 12:18:05 | avira | SPR/Fraud.IdBoan.C | 10/41 (24.4%) | AS38661 | 124.217.218.6 | noc@hclc.co.kr | KR | APNIC | HCLC-KR | ec40adf0d59b5143a3f7c031f65fd2a2 | http://down.privacygreen.com/install/home/PrivacyGreen_setup.exe || 2011-02-12 12:18:05 | avira | TR/Dropper.Gen | 19/42 (45.2%) | AS8586 | 84.252.224.178 | ipadministration@opal-solutions.com | GB | RIPE | SOU106_TI-80588 | 6d7527d31acb52b3ef358f064a83cfc6 | http://84.252.224.178/images/Cliente_Personnalite.exe || 2011-02-12 12:18:05 | trendmicro | TROJ_PIDIEF.SMZB | 16/43 (37.2%) | AS50877 | 195.80.151.59 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 40a575560e9500c4e8e89658b5f83341 | http://cepepeler28.co.cc/7box/htxwdrdnirimcwx.pdf || 2011-02-12 12:18:05 | CAT_QuickHeal | Trojan.Agent.IRC | 6/42 (14.3%) | AS10439 | 71.6.196.237 | complaints@cari.net | US | ARIN | CARINET-5 | 13736bbadbf39f8c250749ef3c20f488 | http://www.woodmann.com/collaborative/tools/images/Bin_DiE_(Detect_it_Easy)_2008-1-6_2.6_die_0.64.zip || 2011-02-12 12:18:05 | clamav | PUA.IRC-Client.mIRC-37 | 3/43 (7.0%) | AS6857 | 195.19.225.243 | viz@ptc.spbu.ru | RU | RIPE | SPBU-PETERHOFF-NET | 2955cef00b0a3b737e7babd4499dfe52 | http://hep.niif.spbu.ru/progr_lect/courses.exe || 2011-02-12 12:18:05 | avira | TR/Spy.153088.23 | 21/40 (52.5%) | ASNA | 64.79.84.50 | abuse@ee.net | US | ARIN | MICHCOM-BLK-1 | 5ea55d18dc4991549eaf8c8407db168b | http://dl5.p30vel.ir/files/Multi%20Blog%20Spammer%20Cracked%20BY%20BLaCkViRuS.rar || 2011-02-12 12:18:05 | avira | TR/Kazy.217600 | 33/42 (78.6%) | AS14618 | 184.72.227.239 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | d049c66b439adeb70a5b9ccb5d809d26 | http://dl.dropbox.com/u/17057131/rss.exe || 2011-02-12 12:18:05 | avira | TR/Spy.153088.23 | 21/42 (50.0%) | AS24940 | 46.4.236.151 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100819 | 8d7c2d30eac32e8095bc7e5ef3d71610 | http://topfarsi.com/upload/program/Multi%20Blog%20Spammer.exe || 2011-02-12 12:18:05 | avira | TR/Dropper.Gen | 29/43 (67.4%) | AS42926 | 213.128.65.98 | kubilay@rh.com.tr | TR | RIPE | TR-RADORE-20090520 | 0bcd2a67ed9057b04238df798188f797 | http://darkorbit-hilesi.com/vuruspro.rar || 2011-02-12 12:18:05 | NOD32 | a variant of Win32/HackTool.CheatEngine.AB | 5/43 (11.6%) | AS26496 | 68.178.254.106 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 225c66f2f86848d1eb367629e82c66de | http://www.thps-mods.com/upload/files/DS2Money%20trainer.rar || 2011-02-12 12:18:05 | avira | TR/Dldr.Delphi.Gen | 35/43 (81.4%) | AS15201 | 187.17.98.39 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | a319b1c92323d60ee892e2c0ae7b7de2 | http://www.murier.dominiotemporario.com/index3.php?doc-phanilha.PDF || 2011-02-12 12:33:46 | avira | TR/Drop.Agent.dsgf | 26/43 (60.5%) | AS28753 | 188.72.237.143 | abuse@netdirekt.de | DE | RIPE | NETDIRECT-NET-DEDISERV-967200 | d251d5b8dbe3e085bd9f494a4c12b76e | http://www.wishingbooter.co.cc/nullcrypt.exe || 2011-02-12 12:33:46 | undef | unknown_html | 0/41 (0.0%) | AS46475 | 74.63.243.212 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-3 | 93a633a6201e9676bd5585d800cc9b62 | http://www.muamey.com/cl.php || 2011-02-12 12:33:46 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 97.74.215.21 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 1c383cd30b7c298ab50293adfecb7b18 | http://www.rigel222.com/BadgeHelp/SneakyTiki_Ver.html || 2011-02-12 12:38:30 | Norman | PHP/Backdoor.F | 1/43 (2.3%) | AS28604 | 201.7.184.2 | fapesp@corp.globo.com | BR | LACNIC | 033.252.156/0024-05 | 1f291f2f4794368a7e6844b4d7cfff59 | http://webzenxd.kit.net/tool25.txt?&cmd=uname%20-a;%20idhttp://dhqcgb.com/albania.txt???http://dhqcgb.com/albania.txt??? || 2011-02-12 12:38:33 | avira | PHP/Loader.9852 | 10/41 (24.4%) | AS26277 | 64.235.56.225 | noc@premianet.com | US | ARIN | APH-LAS-NV1 | 866bbfff4613bad5ec0624144d254ca7 | http://azvoad.org/includes/phpmailer/ec.txt? || 2011-02-12 13:07:41 | avira | TR/Dropper.Gen | 29/43 (67.4%) | AS42926 | 213.128.65.98 | kubilay@rh.com.tr | TR | RIPE | TR-RADORE-20090520 | 63e6cb38fa76bad7bdcccc6b112b5e1f | http://darkorbit-hilesi.com/2.exe || 2011-02-12 13:07:41 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://edanez.110mb.com/xxx/cmd.exe || 2011-02-12 13:08:12 | DrWeb | Trojan.DownLoader2.4532 | 7/41 (17.1%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | 473f967c3da2a8afe276ff421605ba31 | http://get.whitesmoke.com/dl/WSZugoBI.exe || 2011-02-12 13:08:12 | undef | unknown_html | 0/42 (0.0%) | AS16265 | 217.119.57.22 | abuse@dot.tk | NL | RIPE | SYNNET-VERZA | eb17ff1b1c839121de0d4764c218f1e6 | http://www.pacman-power.tk/ || 2011-02-12 13:08:12 | Ikarus | Trojan-Spy.Win32.KeyLogger | 3/41 (7.3%) | AS24940 | 85.10.209.30 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | f4870e662bb4df87c4584479ae786241 | http://up.top4top.net/uploadtool.exe || 2011-02-12 13:08:12 | trendmicro | TROJ_DROPPER.PFI | 10/43 (23.3%) | AS15756 | 62.213.65.5 | abuse@caravan.ru | RU | RIPE | RU-CARAVAN-20011109 | b922321189535a79db01c4e2a8fb945e | http://st.free-lance.ru/users/yelaburg/contacts/f_4d5430e566351.zip || 2011-02-12 12:53:59 | Norman | PHP/Backdoor.F | 1/43 (2.3%) | AS28604 | 201.7.184.2 | fapesp@corp.globo.com | BR | LACNIC | 033.252.156/0024-05 | 1f291f2f4794368a7e6844b4d7cfff59 | http://webzenxd.kit.net/tool25.txt?&cmd=uname%20-a;%20idhttp://dhqcgb.com/albania.txt???http://dhqcgb.com/albania.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt???http:// || 2011-02-12 12:46:38 | Norman | PHP/Backdoor.F | 1/43 (2.3%) | AS28604 | 201.7.184.2 | fapesp@corp.globo.com | BR | LACNIC | 033.252.156/0024-05 | 1f291f2f4794368a7e6844b4d7cfff59 | http://webzenxd.kit.net/tool25.txt?&cmd=uname%20-a;%20idhttp://dhqcgb.com/albania.txt???http://dhqcgb.com/albania.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt??? || 2011-02-12 12:48:39 | Norman | PHP/Backdoor.F | 1/43 (2.3%) | AS28604 | 201.7.184.2 | fapesp@corp.globo.com | BR | LACNIC | 033.252.156/0024-05 | 1f291f2f4794368a7e6844b4d7cfff59 | http://webzenxd.kit.net/tool25.txt?&cmd=uname%20-a;%20idhttp://dhqcgb.com/albania.txt???http://dhqcgb.com/albania.txt???http://demo.t35.com/nardi.txt???http://demo.t35.com/nardi.txt??? || 2011-02-12 14:02:49 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS17501 | 202.166.193.67 | abuse@wlink.com.np | NP | APNIC | WLINK | 342963a9f4f4ef01f9100882b3356bd0 | http://cybernepal.com.np || 2011-02-12 14:02:52 | BitDefender | Gen:Variant.Kazy.11852 | 5/42 (11.9%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | ae1fded716096ae79ac7c467a341380f | http://koikit.co.cc/daxewuh/load.php?e=2 || 2011-02-12 14:02:52 | avira | HTML/Dldr.Barf.A | | AS51441 | 91.217.162.176 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 446fb6e8dc91988f0cb0941ac90c08b8 | http://global-network-solution.com/signup.php?did=2011281456213_XP_ENU_minor_08 || 2011-02-12 14:02:52 | avira | ADWARE/Adware.Gen2 | 4/43 (9.3%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 64.246.3.226 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-7 | 7ea0dbf249ea76f0da9f2f21ace99ba5 | http://www.desktop-xp.com/files/freeanime.exe || 2011-02-12 14:02:52 | avira | TR/VB.Downloader.Gen | 33/43 (76.7%) | AS36351 | 174.37.164.10 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | 91e819228e7c6fddf18aec466fdb0a61 | http://especialfurniture.com/cadastro/Correios_Sedex.exe || 2011-02-12 14:02:57 | avira | WORM/Hamweq.A.25 | 29/43 (67.4%) | AS32613 | 70.38.98.237 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | d84dc747bd50b03e3a18ab271f518210 | http://img103.herosh.com/2011/02/09/666929080.gif || 2011-02-12 14:02:57 | avira | TR/Inject.192512.1 | 25/43 (58.1%) | AS32613 | 70.38.98.238 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | 43f73d7556334ce713715144f6116e89 | http://img104.herosh.com/2011/02/08/547715969.gif || 2011-02-12 14:02:57 | avira | TR/Downloader.Gen | 17/43 (39.5%) | AS14141 | 98.142.215.179 | wnoc@wiresix.com | US | ARIN | WIRESIX | 2fc3bf803005405dc6eecf9659a963b6 | http://premium.fileden.com/premium/2010/9/29/2982100/o.jpg