0 Members and 4 Guests are viewing this topic.
+---------------------+------------------+----------------------------------------+---------------+---------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------------+----------------------------------------+---------------+---------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-20 14:46:29 | avira | PHP/Pbot.A | 28/40 (70%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a77da1ae94fc4436f735d7ccd95a4942 | http://dedeone.fileave.com/ored.txt?? || 2011-02-20 14:29:14 | avira | PHP/Agent.DZ | 21/40 (52.5%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 63b3acc5b81308f3003f04f892495067 | http://wonaza.webs.com/rfi.txt?? || 2011-02-20 15:31:22 | avira | PERL/Shellbot.aa | 14/39 (35.9%) | AS48809 | 217.16.8.23 | noc@abconnect.net | FR | RIPE | AB_CONNECT | a319510e790e3fec7b20b32173ed6543 | http://217.16.8.23/~webmail/xpl.txt || 2011-02-20 15:31:22 | undef | unknown_html_RFI_perl | 0/39 (0.0%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | caa1ed5903eead5a6ab4b773cd6f944e | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifritscan/ifritscan.txt || 2011-02-20 15:31:22 | clamav | PUA.HTML.Crypt-8 | 1/40 (2.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 55eb4c8012b4f91cb222770f2ad47345 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifrit.txt?? || 2011-02-20 15:31:22 | avira | PERL/IrcBot.AX | 24/41 (58.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 098be5d5e9617224310e6d70c3b23ba8 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/kantin/c.txt || 2011-02-20 15:31:22 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 30eab15e6446dc4ad8c271d553486bd2 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/kantin/pbot.txt? || 2011-02-20 15:31:22 | undef | unknown_html_RFI | 0/39 (0.0%) | AS31727 | 79.170.44.111 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET-INFRA | dd5d02cc750d2855cf6f6c5bf5bea587 | http://www.girlguidingglasgow.org.uk/images/M_images/ || 2011-02-20 15:31:22 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS21844 | 74.52.119.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 940508c2000f14a2d87a952f783b3d8b | http://www.kidzter.com/contests/ || 2011-02-20 15:31:22 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS21844 | 74.52.119.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | b333b5eaccbda48b752f8579ed9f7954 | http://www.kidzter.com/kidz-jukebox/ || 2011-02-20 15:31:22 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS21844 | 74.52.119.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | a1eaeda5151311ae7caa6526c139b18a | http://www.kidzter.com/mansion/ || 2011-02-20 15:31:22 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS21844 | 74.52.119.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 6770c35fc4bfa05ec3c5a2a7bfc196a9 | http://www.kidzter.com/music-school/ || 2011-02-20 15:31:22 | avira | PERL/IrcBot.57201 | 14/41 (34.1%) | AS48809 | 217.16.8.23 | noc@abconnect.net | FR | RIPE | AB_CONNECT | 64fba46d28fd405cb03a8edd5f36d6f0 | http://217.16.8.23/~webmail/xml.txt || 2011-02-20 15:31:22 | avira | PERL/IrcBot.AW | 14/41 (34.1%) | AS47205 | 79.98.24.3 | abuse@iv.lt | LT | RIPE | SERVERIAI-LT-HOSTING | 021cc02a5dfa2db758c3e6250d72d16b | http://teachers.lt/forum/apache || 2011-02-20 15:31:22 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 55eb4c8012b4f91cb222770f2ad47345 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifrit.txt || 2011-02-20 15:31:22 | BitDefender | Trojan.Generic.KD.136348 | 5/39 (12.8%) | AS9120 | 212.97.132.132 | abuse@surftown.com | DK | RIPE | SURFTOWNDK | 7c61acbb8aefe6046f75f369bf8bc907 | http://www.kagemanden.com/images/images/UPDATE.exe || 2011-02-20 15:31:22 | eSafe | Win32.APPLAgent.Rz | 1/40 (2.5%) | AS22822 | 87.248.217.253 | guy@llnw.com | EU | RIPE | LLNW-EU-2 | a760937e97f806883da397082fce4972 | http://cdnrep.reimage.com/ReimagePackage1505.exe || 2011-02-20 15:31:22 | Symantec | WS.Reputation.1 | 1/41 (2.4%) | AS33597 | 216.137.61.134 | samm@amazon.com | US | ARIN | AMAZON-03 | 0a796da6a167694858aaedfd05dc0b4a | http://cdn.bigspeedpro.com/mirror/toolbars/layoutsexpress.exe || 2011-02-20 15:31:23 | AVG | Dropper.Generic3.SIW | 16/41 (39%) | AS42926 | 178.211.56.90 | abuse@as42926.net | TR | RIPE | TR-RADORE-20100628 | e12960ff8519ac701be8cc9d3e8446e4 | http://178.211.56.90/6.exe || 2011-02-20 15:31:23 | undef | unknown_exe | 0/41 (0.0%) | AS4134 | 58.211.84.78 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | ea837c1d20bc24c1f71252a74e7001d0 | http://download.haozip.com/haozip_v2.2.up.exe || 2011-02-20 15:32:19 | avira | EXP/PDF.Jeka.B | 23/41 (56.1%) | AS36351 | 173.193.64.83 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | d40d4efb455a708774be8d9a91a8b56b | http://gfgythygytn.com/nte/gnh11.php/xH9e9b58baV0100f060006R3d708fb1102Td3fa7977203l000c329 || 2011-02-20 15:32:23 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 74.86.146.5 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | cb21f5756d6890554d153b2f78fd88c2 | http://hiperdownloaders.com.br/Downloads/mandachuva.swf || 2011-02-20 15:32:23 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 74.86.146.5 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 746ba5443809d9c4fb99647f20ebc72f | http://hiperdownloaders.com.br/Downloads/salvador.swf || 2011-02-20 15:32:23 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 180.64.197.164 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 29615c72aa1e7472ac5b13c9fd0c91ee | http://www.raymist.com/bbs/data/guest/PHP/contador.php || 2011-02-20 15:34:25 | undef | unknown_html_RFI | 0/41 (0.0%) | AS8717 | 212.36.9.1 | support@tophost.bg | BG | RIPE | OTELNET | 003f625d244819f6254622ae22a5936b | http://plovdivrest.com//test/ || 2011-02-20 15:34:25 | clamav | PUA.Script.Packed-10 | 1/39 (2.6%) | AS8560 | 82.165.130.198 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 2aeb872163d0bd961960998f41f036da | http://www.lipstick111.com/uploaded/tmp.jpg?? || 2011-02-20 15:34:25 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS9318 | 221.143.20.237 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 460d9463dab06626b9c2e514c4fa9d3e | http://221.143.20.237/install/banner_svc.php || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS9318 | 221.143.20.237 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 7611270d7944d76c179f8155da9b12d3 | http://221.143.20.237/install/svc.php || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 122.224.6.48 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | ddcdc7c678cbad4a980d428c1c34f2fb | http://boob.perfectexe.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.2299921 || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 119.167.215.66 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 511e467dd932738e5e743e4ef87ad2ea | http://h.g1d.net/1.html?sdPg0uXTraCSqrOalrKpm5yoraGSrbOWlrWpz+XX4dSfmqiLtq2c4aaVoNOeotnHoaicmqaVlrepmqieqKGgn6iaqZa0pqaLua2cj8CioZa4pqicoKCcmamWlr2pmZyzraA= || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 119.167.215.66 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 511e467dd932738e5e743e4ef87ad2ea | http://h.g1d.net/1.html?sdPg0uXTraCSqrOalrKpmpyoraGSrbOWlrWpmZyrraDkmaaV06KlzNiWqKCdmaaLt62dm6+doaSim6uelripmZyuraCSs7OVlrypmqSVnqCanaqalr2pm5yzraA= || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 119.167.215.66 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 511e467dd932738e5e743e4ef87ad2ea | http://h.g1d.net/1.html?sdPg0uXTraCSqrOblrKpmpyordbb2+fJo6Gej7qioOicmabIoqnPy6edoKGcmZyqraGeoq6WpKaenquLtq2cj72iop6jl6aLuK2dj7+iwMDAv57V4NzV39uOz9bb2+fJo6Gej8Cilrupj8KioJa5psWwlr6pmZy0raE= || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 119.167.215.66 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 511e467dd932738e5e743e4ef87ad2ea | http://h.g1d.net/1.html?sdPg0uXTraCSqrOclrKpm5yorZawpqqclrWpm6aVlrapmqicnqCamaSWlrepmqieqKGgn6icpA== || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 222.122.45.146 | abuse@kornet.net | KR | APNIC | KORNET-KR | c51fe78d89fc5fa67b4153c1672805bc | http://neosky.net/log/.../contador.php || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS46844 | 70.39.114.210 | abuse@sharktech.net | US | ARIN | SHARKTECH | 0fb574b283dc45651484577d9c6267b2 | http://o.9cdn.com/e//update.txt || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS6849 | 93.190.42.193 | hostmaster@ukrainianhosting.com | UA | RIPE | UHC-VH2 | f8cf57ddf4f1b5f5e496d3ecbf66ed8e | http://online-viagra-tramadol.com/?sub_id=exoclick || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS41947 | 195.216.243.39 | abuse@compubyte.vg | GB | RIPE | COMPUBYTE-NET | 3f90efdc54660a81e0ca1b5719b3a25a | http://pwbot.at.ua/redy.rar || 2011-02-20 15:34:26 | undef | unknown_html | 0/40 (0.0%) | AS4134 | 121.11.80.109 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 19b9cf282b8d8c3bbb7445bc8b2df879 | http://vip.Yaqio.com:9999/submit.php?id=90&action=inst&mac=00-0C-29-EC-86-5C&lockcode=-17800 || 2011-02-20 15:34:26 | undef | unknown_html | 0/40 (0.0%) | AS14116 | 216.251.43.98 | admin@internetnamesforbusiness.com | US | ARIN | MEGA-1 | 858ad737e63bc6907098a4d1c3c9430f | http://vwdco.com/_images/go_top.jpg || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS4134 | 122.227.135.250 | anti_spam@mail.nbptt.zj.cn | CN | APNIC | CHINANET-ZJ-NB | 130c49a79d649d045fa3d03983373d6b | http://www.9978.net/txt/Text.xml || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | d4b648c5c73c87f6aa8ffc063f57d36c | http://www.qvodbo.cc/ || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/39 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | ebc8666ebd1534960099d8b0099a3f6d | http://www.qvodbo.cc/Channel1.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | 6b9b79b125ba7a746657963453c611d7 | http://www.qvodbo.cc/Channel2.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | 7e06ac6b9524c9f99e8663d6c7e0f413 | http://www.qvodbo.cc/Channel3.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | 1d90618faeeace07b2e2ed86c2f4e9d4 | http://www.qvodbo.cc/Channel4.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | b4a6aabf660bbe9659aee122a06237be | http://www.qvodbo.cc/Channel.xml || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | d4b648c5c73c87f6aa8ffc063f57d36c | http://www.qvodbo.com/ || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | ebc8666ebd1534960099d8b0099a3f6d | http://www.Qvodbo.com/Channel1.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | 6b9b79b125ba7a746657963453c611d7 | http://www.Qvodbo.com/Channel2.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | 7e06ac6b9524c9f99e8663d6c7e0f413 | http://www.Qvodbo.com/Channel3.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | 1d90618faeeace07b2e2ed86c2f4e9d4 | http://www.Qvodbo.com/Channel4.xml || 2011-02-20 15:34:26 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS40676 | 173.224.209.26 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | b4a6aabf660bbe9659aee122a06237be | http://www.Qvodbo.com/Channel.xml || 2011-02-20 15:34:26 | undef | unknown_html | 0/41 (0.0%) | AS6641 | 64.30.224.112 | domreg@sportsline.com | US | ARIN | SPORTSLINE-COM | e5abc931fb5cc3876916f77a7261ab3a | http://www.xxx.com.com/update.cfg || 2011-02-20 13:27:12 | avira | JS/Agent.psa.18 | 18/41 (43.9%) | AS23650 | 61.155.154.214 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | d4d13aa3224d007f11f7342c97afa6c7 | http://www.yiyuweiyu.com/admin/zx/ || 2011-02-20 14:47:06 | undef | Trojan-GameThief.Win32.Magania.eekc | 0/41 (0.0%) | AS42484 | 77.73.29.18 | serg@gptel.ru | RU | RIPE | GPTEL-NET | b0e7167927a9bb16ee43639747d65b04 | http://radikal-photo.ru/ || 2011-02-20 15:42:42 | avira | PHP/Small.539 | 15/41 (36.6%) | AS47205 | 79.98.24.3 | abuse@iv.lt | LT | RIPE | SERVERIAI-LT-HOSTING | eaeaef6d330f69b48c2d33613a0a6859 | http://teachers.lt/forum/idx2.txt?? || 2011-02-20 15:42:42 | undef | unknown_html_RFI | 0/41 (0.0%) | AS14618 | 184.72.221.25 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 5c9556502b4ba66ad2dc024ed99d0e4b | http://videos.kidzter.com/ || 2011-02-20 15:42:42 | avira | PHP/IRCBOT.31536 | 23/40 (57.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 09f0fd59a0902435cc6a3d971c463828 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifritscan/ddos.txt || 2011-02-20 15:42:42 | Sophos | Mal/PHPShell-A | 1/40 (2.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | ec52a3eaaed7e1b9492f1832081e82ef | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifritscan/jih.txt || 2011-02-20 15:42:42 | avira | PHP/FX29Shell | 2/40 (5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 080bbf175daabf589732a2f7d4685e3b | http://www.embajadastecnologicasextremadura.es/modules/mod_root/ifritscan/lists.txt || 2011-02-20 15:42:42 | avira | PHP/C99Shell.G.1 | 23/41 (56.1%) | AS47205 | 79.98.24.3 | abuse@iv.lt | LT | RIPE | SERVERIAI-LT-HOSTING | 7c7c9e4d37dfcf823f0a7ff21f7b12df | http://teachers.lt/forum/c99.txt || 2011-02-20 15:42:42 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS28753 | 212.7.202.114 | info@dediserv.eu | NL | RIPE | PL-DEDISERV-20100812 | 67ff21d631707972a0a273d9b50f694c | http://www.bigspeedpro.com/xml_config/layoutsexpress.xml || 2011-02-20 15:42:42 | undef | unknown_html | 0/41 (0.0%) | AS19994 | 173.203.84.9 | abuse@rackspace.com | US | ARIN | RSPC-1260562566545648481268 | 1acc3cba7aa44b9043e65fda008f1cf4 | http://www.reimage.com/events4.php?version=GUI1505&id=INSER&param=Download%20error<*>error_downloading%20ReimageRepair.exe<*>File%20Not%20Found%20(404) || 2011-02-20 15:43:27 | avira | TR/Script.75 | 22/39 (56.4%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | a05dfd7cca7771a7565a154d65f05ea2 | http://www.acquaenergy.it/agenda/tools/id1.txt?? || 2011-02-20 15:48:11 | undef | unknown_html | 0/40 (0.0%) | AS8560 | 82.165.56.17 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | 591aa76a9606ebf15495e309e98de741 | http://www.michabilbang.de/ || 2011-02-20 15:48:11 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 50.22.65.54 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | 5449a9a310d1dbea1cde4fc6357b9371 | http://www.usbuzmani.com/wp-content/2009/07 || 2011-02-20 16:00:03 | Avast | JS:ShellCode-GP | 6/41 (14.6%) | AS9318 | 114.207.245.27 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 1042e7173427e9488f7f373d95a737a6 | http://114.207.245.27/images/218/K.Js || 2011-02-20 16:03:01 | Avast | Win32:Downloader-FRQ | 14/41 (34.1%) | AS30890 | 89.114.9.32 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 3853271d0f3b0343572c57d166a2d920 | http://b.xppclapgirl.com/m96.exe || 2011-02-20 16:31:53 | NOD32 | probably a variant of Win32/Genetik | 2/39 (5.1%) | AS9318 | 221.143.20.237 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | bc3c1f5e3f2bd3f61e16e6421a7448e9 | http://221.143.20.237/install/setup/SetupHint.exe || 2011-02-20 16:31:55 | McAfee | Artemis!EDC10DB29E6E | 5/38 (13.2%) | AS4847 | 180.186.4.252 | dswu@sdht-btte.com | CN | APNIC | SDHT-NET | edc10db29e6efb3f5a10ed928c7e1529 | http://my.qvodbo.cc/QvodBoSetup.exe || 2011-02-20 17:02:35 | McAfee_GW_Editio | Heuristic.BehavesLike.PDF.Suspicious.F | 1/41 (2.4%) | AS35409 | 195.3.205.197 | abuse@uplink.net.ua | UA | RIPE | UPLINK-PI-NET-2 | d6726c4df00499a8717d6b9b1a03eeac | http://heroimda.ipq.co/1/574a353789f/73fb305c6b3.php?host=http://heroimda.ipq.co/1&key=root || 2011-02-20 17:03:01 | avira | EXP/Pidief.deo | 10/40 (25%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 50341953c59e2cdfa9d5d7fb2a60fa5c | http://mister-twister.co.cc/a72b6d.pdf || 2011-02-20 17:03:01 | avira | TR/Dropper.Gen | 19/41 (46.3%) | AS16276 | 188.165.245.114 | abuse@ovh.net | FR | RIPE | OVH | eefee5c3977da3c5c644227c439db97e | http://tibia-mc.net/patcher.rar || 2011-02-20 17:03:01 | trendmicro | JAVA_AGENT.FR | 7/41 (17.1%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 90d0ad72ed421f87aadc4aef545017f1 | http://nalmelas.cz.cc/zfnsgkjasnjkasnmzxv.jar || 2011-02-20 17:03:01 | avira | TR/Dldr.Delf.NH.2 | 21/40 (52.5%) | AS31476 | 79.132.212.2 | samandi@morva.net | IR | RIPE | MORVA-NET | 175c3b75c705f12e0135dea61a442069 | http://www.automaticyaran.com/data/telegrama0099.exe || 2011-02-20 17:03:01 | avira | TR/Dldr.Delf.NH.2 | 23/41 (56.1%) | AS31476 | 79.132.212.7 | samandi@morva.net | IR | RIPE | MORVA-NET | 175c3b75c705f12e0135dea61a442069 | http://www.tepgrp.com/files/misc/telegrama.php || 2011-02-20 17:32:08 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS35409 | 195.3.205.197 | abuse@uplink.net.ua | UA | RIPE | UPLINK-PI-NET-2 | 0e5b635dbabfa78177edcdb85a62a878 | http://heroimda.ipq.co/1/exe.php?exp=MDAC&key=fcfe7c10d4f05fa29b45456408269fdc&u=user || 2011-02-20 17:32:11 | avira | TR/Dldr.Banload.bhet.20 | 16/41 (39%) | AS31476 | 79.132.212.2 | samandi@morva.net | IR | RIPE | MORVA-NET | 7b8209108ae3408d772836c102dfc5b1 | http://www.automaticyaran.com/data/smtp.exe || 2011-02-20 17:10:02 | undef | Trojan-Downloader.Win32.Banload.bidt | 0/41 (0.0%) | AS16276 | 188.165.245.114 | abuse@ovh.net | FR | RIPE | OVH | e4ee35c787b3c760e0a5dc6c3a51c0a8 | http://tibia-mc.net/ || 2011-02-20 18:03:09 | avira | TR/Spy.231427.2 | 32/38 (84.2%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e435a8f11eccdd7aa345803e6042026d | http://skjruiiy.110mb.com/?FERNANDO_w2:01:55:52:446572069168203105 || 2011-02-20 18:03:41 | avira | TR/Cossta.mpf.2 | 20/41 (48.8%) | AS16276 | 188.165.245.114 | abuse@ovh.net | FR | RIPE | OVH | 56157f15c461ddc7b7ba800237b9f68e | http://tibia-mc.net/mc871.rar || 2011-02-20 18:03:41 | avira | TR/Cossta.mpf.2 | 18/39 (46.2%) | AS16276 | 188.165.245.114 | abuse@ovh.net | FR | RIPE | OVH | 4c1c34b26b9147028f76500bfb297365 | http://tibia-mc.net/newBlackdMC-all.rar || 2011-02-20 18:10:02 | undef | unknown_html | 0/38 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 967fa9ac3f88a5d808a491b2c8609f77 | http://hoje1602.t35.com/1/post.php || 2011-02-20 18:10:02 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 336f5dc39a960365eac242a83efbf0fd | http://hoje1602.t35.com/2/post.php || 2011-02-20 18:10:02 | undef | unknown_file_PgcEdit.exe | 0/38 (0.0%) | AS16276 | 188.165.14.160 | abuse@ovh.net | FR | RIPE | OVH | fc7cd29cfce6250981ed2de9d5acf393 | http://pf.toggle.com/s/3/8/38194-79377-pgcedit.zip || 2011-02-20 18:10:02 | undef | unknown_html | 0/41 (0.0%) | AS15201 | 200.98.197.19 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 266f444688de3de060ebd1f0a1454205 | http://www.horariodebrasilia.org/ || 2011-02-20 17:26:41 | avira | PHP/Agent.AD | 19/41 (46.3%) | AS36420, AS30315, AS13749, AS21844 | 70.86.17.226 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://fighterarcade.com/logic/id.jpg? || 2011-02-20 18:31:57 | avira | PHP/RemoteAdmi.6444 | 11/41 (26.8%) | AS30870 | 213.247.62.130 | abuse@rokscom.net | NL | RIPE | NL-NETSHARK | 73c6526d8a3825c2ac6bdbd6d2169280 | http://svgz.nl/templates/ver.txt? || 2011-02-20 18:31:57 | avira | TR/Dldr.Delphi.Gen | 12/41 (29.3%) | AS3737 | 204.186.112.99 | abuse@ptd.net | US | ARIN | PROLOG | 662accd8555e58a5fd17d068c8c7440c | http://northumberlandco.org/img.asp;.jpg?action=download&file=C:|Inetpub|www.norrycopa.net|css|Telegrama.exe || 2011-02-20 19:02:11 | avira | TR/Kazy.12031.3 | 23/40 (57.5%) | AS35409 | 195.3.206.49 | abuse@uplink.net.ua | UA | RIPE | UPLINK-PI-NET-2 | 15c6bd9fb7dc3d8952629d2c045bfa72 | http://www.metaloran.com.ua/Promoca-BBB11.exe || 2011-02-20 19:02:12 | avira | TR/Kazy.12031.3 | 23/40 (57.5%) | AS36420, AS30315, AS13749, AS21844 | 174.122.6.50 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 15c6bd9fb7dc3d8952629d2c045bfa72 | http://projectmayhemstoresg.com/js/Promoca-BBB11.exe || 2011-02-20 19:02:12 | avira | TR/Kazy.12031.3 | 22/40 (55%) | AS28226 | 189.126.193.23 | renato@livre.com.br | BR | LACNIC | 004.407.690/0001-59 | 15c6bd9fb7dc3d8952629d2c045bfa72 | http://www.oqqa.com.br/galeria/images/galeria/0998_banda_d3/section_modules.php || 2011-02-20 19:02:12 | avira | TR/Dldr.Delphi.Gen | 19/39 (48.7%) | AS23304 | 208.78.97.196 | abuse@slicehost.com | US | ARIN | SLICE-STL-SD | 2d3a0d973c161c93ef2bbd76bf13dae3 | http://smalur.com/7ab?92892 || 2011-02-20 18:42:11 | avira | PHP/Loader.9852 | 16/41 (39%) | AS30870 | 213.247.62.130 | abuse@rokscom.net | NL | RIPE | NL-NETSHARK | 914d9f854f1c43209ba0a380b6bd1b82 | http://svgz.nl/templates/ec.txt? || 2011-02-20 19:06:43 | Avast | PHP:Small-AE | 3/41 (7.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | bbd8c0315299331218b4b64e17465edc | http://sia.fileave.com/Ckrid1.txt?? || 2011-02-20 18:33:16 | avira | BDS/PHP.Agent.DW.3 | 24/41 (58.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 41401b039eb8a4005d0123f55ce90030 | http://injector.fileave.com/r57.txt? || 2011-02-20 18:39:55 | avira | PHP/Agent.AD | 17/40 (42.5%) | AS36420, AS30315, AS13749, AS21844 | 70.84.231.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://torontoyangtaichi.com/classes/log.jpg? || 2011-02-20 19:11:36 | undef | unknown_html | 0/40 (0.0%) | AS32780 | 173.244.202.250 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | ebc42253cf365413680897bea800bb0b | http://www.mapmyuser.com/online0.jpg || 2011-02-20 19:18:34 | Avast | HTML:Framer-inf | 3/40 (7.5%) | AS25847 | 207.58.177.96 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | a78afcca3e92ab84e72f44e23b09116d | http://www3.first-guardul.cz.cc || 2011-02-20 19:18:34 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | e0a3792e63cdc7ee9aa85489b5eb5528 | http://www3.incredible-protectionro.rr.nu || 2011-02-20 19:18:34 | undef | unknown_html_RFI_shell | 0/39 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 888f56c97da11aecb1ece9c3beff54d3 | http://www3.topsuitesentinel.rr.nu || 2011-02-20 19:18:34 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS22489 | 69.43.160.145 | abuse@castleaccess.com | US | ARIN | ARIN-CASTLE-ALLOC | 8e8af3f1d27cce40a9421bb5608d1bdf | http://www4.first-internetmaster.net || 2011-02-20 19:18:34 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS33597 | 67.208.74.71 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | a910a120b6aafbf434dce29dff0062ff | http://www4.goodghtsafe.rr.nu || 2011-02-20 19:18:34 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS209 | 63.231.199.143 | abuse@qwest.net | US | ARIN | QWEST-INET-114 | 146f434776c6bec96f3b94bfd41f6fd4 | http://www4.top-only-scanner.uni.cc || 2011-02-20 19:19:12 | undef | unknown_html | 0/40 (0.0%) | AS42872 | 91.193.194.110 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 95df3cbd7ac6005c2e49ce19443350ec | http://welcometotheglobalisnet.com/js.php?kk=25 || 2011-02-20 18:05:02 | undef | :Backdoor.Generic.566998 | 0/41 (0.0%) | AS35409 | 195.3.206.49 | abuse@uplink.net.ua | UA | RIPE | UPLINK-PI-NET-2 | 193043104f0484cd33a2de7cc282af38 | http://www.metaloran.com.ua/ || 2011-02-20 20:02:44 | Comodo | Heur.Suspicious | 6/40 (15%) | AS14618 | 174.129.141.50 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-5 | 9cf346aeb6246b823ebd85749c5dc0e4 | http://174.129.141.50/video-inesquecivel.scr || 2011-02-20 20:02:50 | avira | TR/Dldr.ABB | 30/41 (73.2%) | AS46216 | 216.52.115.2 | abuse@internap.com | US | ARIN | PNAP-8-98 | 9e0309855b050d8b857eeaf83e34fcd3 | http://www.freewebs.com/cheatstto/helios%20hook%204.4.exe || 2011-02-20 20:02:53 | undef | unknown_html | 0/41 (0.0%) | AS262707 | 187.109.161.22 | joaomartins2000@hotmail.com | BR | LACNIC | 007.303.646/0001-97 | 4991524d71b1dcccf7af016b1ad5c433 | http://187.109.161.22/contagem.php || 2011-02-20 19:26:15 | avira | PHP/Small.Awi.1026 | 25/41 (61%) | AS4618 | 203.150.228.108 | noc@inet.co.th | TH | APNIC | INET-TH | 524a83516010897b3c7934ca5456c930 | http://petloversclub.com/v01///fff/12/center.jpg? || 2011-02-20 20:02:39 | avira | BDS/PHP.Agent.DW.3 | 20/33 (60.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c545d5635d021aef754f1bb7e862e43a | http://dedeone.fileave.com/ossh.txt??? || 2011-02-20 20:04:17 | avira | PHP/Shellbot.7642 | 24/41 (58.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e56660720bbed6d439557ceb78e5e746 | http://soneka.110mb.com/zikadabalada.txt? || 2011-02-20 20:31:07 | avira | TR/Dldr.Delphi.Gen | 39/40 (97.5%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | b4afa1df1debb6c5a8ece7d0a4793bed | http://2b.perfectexe.com:88/cs.jpg?t=0.390774 || 2011-02-20 20:31:07 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 122.224.6.48 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 93a800ab4f6de5017541e18bef0a10f3 | http://boob.perfectexe.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B3969C1DCEBCA885FFAF6DADFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.7497827 || 2011-02-20 20:31:07 | undef | unknown_html | 0/41 (0.0%) | AS16276 | 188.165.214.146 | abuse@ovh.net | FR | RIPE | OVH | b337e84de8752b27eda3a12363109e80 | http://user.mibatech.com/auth/Enabled/StatusCode || 2011-02-20 20:31:07 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 72.55.140.69 | abuse@noc.privatedns.com | CA | ARIN | IWEB-CL-T003-02SH | 47ec5318fc38f4be8d3fa6cc6289c867 | http://www.contagotas.com.br/contador.php?p=27141 || 2011-02-20 20:31:07 | avira | TR/Crypt.XPACK.Gen2 | 14/41 (34.1%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 0de3209749deafaeedc6818551ae30a2 | http://www.derquda.com/sv/setup.exe?t=0.8664209 || 2011-02-20 20:31:07 | avira | TR/Crypt.ZPACK.Gen | 21/39 (53.8%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 653d30c696ebbbff51d90f0c86a54d19 | http://www.derquda.com/tm/crypted.exe?t=0.1913111 || 2011-02-20 20:31:07 | undef | unknown_html | 0/41 (0.0%) | AS6849 | 93.190.45.3 | abuse@ukrainehosting.com | UA | RIPE | UA-UKRDOMEN-20080509 | b14e47ba2ef9a791127bb5f4f155b798 | http://www.uh174299.ukrdomen.com//cp/cfg1.bin || 2011-02-20 20:31:08 | Avast | JS:Banker-A | 4/39 (10.3%) | AS13749, AS21844, AS30315, AS36420 | 74.54.28.76 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | daec92bab5a201885f9cf19857853cbb | http://www.auc-site.com/auc.pac || 2011-02-20 19:05:03 | undef | Trojan.Win32.Oficla.hex | 0/41 (0.0%) | AS14618 | 174.129.141.50 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-5 | 21dde95d9d269cbb2fa6560309dca40c | http://174.129.141.50/ || 2011-02-20 21:04:45 | F_Prot | W32/Softomate.A.gen!Eldorado | 2/41 (4.9%) | AS2514 | 61.194.6.181 | | JP | APNIC | WENTNET06 | 4e9259eb8faa579d90b246924d861cca | http://tibee.jp/cabfiles/naoko208.cab || 2011-02-20 20:11:54 | avira | PHP/C99Shell.ck.92 | 26/41 (63.4%) | AS26496 | 97.74.23.130 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | b90ff0d1f8c7493809a2f85b3191e388 | http://katlynskornergifts.com/images/indexss.txt?? || 2011-02-20 20:11:04 | undef | Trojan.Win32.Oficla.hex | 0/41 (0.0%) | AS46216 | 216.52.115.2 | abuse@internap.com | US | ARIN | PNAP-8-98 | 1f69a5c05d3e5dd5c46bd1b85f645280 | http://www.freewebs.com/cheatstto/ || 2011-02-20 22:02:41 | avira | TR/Crypt.XPACK.Gen | 31/41 (75.6%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | af498a3b567d0e3db9ad2f6bd5595042 | http://zalil.ru/30519944/15a171f8.4d621798/aimblue.zip || 2011-02-20 22:03:10 | undef | unknown_html | 0/41 (0.0%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | 830d1046f6b1fc49802e6e520b41f038 | http://zalil.ru/30519944/44a859df.4d5cc068/aimblue.zip || 2011-02-20 22:00:27 | avira | PHP/Agent.EA | 6/22 (27.3%) | AS8708 | 81.196.20.134 | abuse@home.ro | RO | RIPE | RO-RDS-HOME-RO | 72ee4f15478ecf5ea2f419d153c77987 | http://solid.go.ro/casper/idscan4.txt? || 2011-02-20 23:02:57 | avira | TR/Crypt.XPACK.Gen | 21/41 (51.2%) | AS51441 | 91.217.162.101 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 7c987e710d3a8c910b937991e87f752f | http://two.natnatraoi.com/mix.exe || 2011-02-20 22:21:25 | avira | PHP/Shell.961.BB | 21/39 (53.8%) | AS8708 | 81.196.20.134 | abuse@home.ro | RO | RIPE | RO-RDS-HOME-RO | 9ee33a9233c5cc819a90395fbb31c08f | http://solid.go.ro/casper/idv6.txt??? || 2011-02-20 22:22:07 | avira | PHP/Shell.Q | 9/41 (22%) | AS8708 | 81.196.20.134 | abuse@home.ro | RO | RIPE | RO-RDS-HOME-RO | ad8611dd17bb4ea346b14208f0cb16b0 | http://solid.go.ro/casper/r57??? || 2011-02-20 22:21:36 | clamav | PHP.Downloader-4 | 1/41 (2.4%) | AS8708 | 81.196.20.134 | abuse@home.ro | RO | RIPE | RO-RDS-HOME-RO | f1ad047c602df6eec47197cf2197ff15 | http://solid.go.ro/so.txt?? || 2011-02-20 22:25:54 | ClamAV | PHP.C99-7 | 5/39 (12.8%) | AS9318 | 222.236.47.97 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | e409f25edc1930dbc0f3297122752ee9 | http://oi.cajamadrid.intec.es/phpmyadmin/config/9.php??? || 2011-02-20 22:27:06 | avira | PHP/Shell.Q | 9/41 (22%) | AS8708 | 81.196.20.134 | abuse@home.ro | RO | RIPE | RO-RDS-HOME-RO | ad8611dd17bb4ea346b14208f0cb16b0 | http://solid.go.ro/casper/r57 || 2011-02-20 23:44:00 | avira | PHP/Pbot.A.6 | 28/38 (73.7%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | a0de9e2d621ecd1e62d7d116db1debb5 | http://bodaooo.110mb.com/bangloko.txt || 2011-02-21 00:39:39 | clamav | PUA.HTML.Crypt-8 | 2/41 (4.9%) | AS48809 | 217.16.8.23 | noc@abconnect.net | FR | RIPE | AB_CONNECT | 2db91effbc98d35592d1690ba18ff708 | http://217.16.8.23/~webmail/log/logs || 2011-02-21 00:39:39 | avira | TR/Script.77 | 14/40 (35%) | AS32392 | 76.163.163.19 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 0be4159dc6d887ebb957f8fabf857189 | http://competitivecarpet.com/ipank/id1.txt || 2011-02-21 00:39:39 | avira | SPR/PHP.ID | 29/41 (70.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 697b357180bb855cfa2bbf11bea1af9b | http://dedeone.fileave.com/oid.txt || 2011-02-21 00:39:39 | avira | PHP/Agent.AD | 16/39 (41%) | AS36420, AS30315, AS13749, AS21844 | 70.86.17.226 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://fighterarcade.com/logic/id.jpg || 2011-02-21 00:39:39 | trendmicro | BKDR_PERLBOT.SMD | 16/41 (39%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d6ba975c8d1f0d2f3c91957c8381bd44 | http://h1.ripway.com/MacCrew/e107.txt || 2011-02-21 00:39:39 | avira | PHP/Agent.H | 24/41 (58.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | cf9ed7c60fcdab035ab064ec57a78ff2 | http://hostingan.fileave.com/ideten.txt || 2011-02-21 00:39:39 | avira | PHP/Pastie.637 | 9/41 (22%) | AS21844 | 74.52.30.129 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8640020e7254fa5fe434ce8ed181875c | http://omalihospital.com/site/id || 2011-02-21 00:39:39 | avira | TR/Script.85 | 16/41 (39%) | AS8717 | 212.36.9.1 | support@tophost.bg | BG | RIPE | OTELNET | 725add22d937622a13654a97d8c04538 | http://plovdivrest.com//test/Hosting/upload/auto1.txt || 2011-02-21 00:39:39 | avira | TR/Script.75 | 23/40 (57.5%) | AS8717 | 212.36.9.1 | support@tophost.bg | BG | RIPE | OTELNET | a05dfd7cca7771a7565a154d65f05ea2 | http://plovdivrest.com//test/Hosting/upload/fx291d1.txt || 2011-02-21 00:39:39 | avira | TR/Script.288672 | 13/41 (31.7%) | AS16629 | 200.68.10.118 | sescobar@isp.tie.cl | CL | LACNIC | CL-CLTE-LACNIC | b767ded53b164eac0ef4d15eed710749 | http://portal.maipu.cl/components/com_comprofiler/js/js || 2011-02-21 00:39:39 | avira | PHP/PHPShell.G | 6/37 (16.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 950e667d26ba6fe83dcbda123d2b1f9e | http://re6.fileave.com/id/id1.txt || 2011-02-21 00:39:39 | clamav | PHP.Id-30 | 5/38 (13.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 370a84b9e88e5b085af73cb427822545 | http://re6.fileave.com/id/zfxid1.txt || 2011-02-21 00:39:39 | avira | PHP/Zapchast.X | 18/41 (43.9%) | AS22576 | 72.232.203.106 | abuse@layeredtech.com | US | ARIN | LAYERED-TECH- | 242f049f3c0c22b2bd43a52d7b8cbfd9 | http://rodapesconchal.com.br/hotmail/sql.txt || 2011-02-21 00:39:39 | avira | PHP/Pbot.A | 27/41 (65.9%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 3ce778768f9e326f5efec60b0aa5afdf | http://soneka.110mb.com/[c4].txt || 2011-02-21 00:39:39 | avira | PHP/Shellbot.7642 | 23/40 (57.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 449282c3cc2b754584bd05305eb9ceef | http://soneka.110mb.com/cmd.txt || 2011-02-21 00:39:39 | avira | PHP/Pbot.A | 27/41 (65.9%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | c9542e481f259098d8df328840659f31 | http://soneka.110mb.com/piru.txt |+---------------------+------------------+----------------------------------------+---------------+---------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+150 rows in set (0.01 sec)
+---------------------+------------+----------------------------------+---------------+------------------------------------+-----------------+------------------------------------+---------+---------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------+----------------------------------+---------------+------------------------------------+-----------------+------------------------------------+---------+---------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-21 00:39:39 | avira | PHP/Pbot.A | 23/37 (62.2%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f81c682910ba0d10890d6748b6d241be | http://soneka.110mb.com/shell.txt || 2011-02-21 00:39:39 | avira | PHP/Shellbot.7642 | 23/40 (57.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e56660720bbed6d439557ceb78e5e746 | http://soneka.110mb.com/zikadabalada.txt || 2011-02-21 00:39:39 | avira | TR/Script.77 | 16/41 (39%) | AS29636 | 84.18.207.64 | abuse@catalyst2.com | GB | RIPE | CATALYST2-SHARED | dc7b2fd7417f4ea1917ac8b7284fecba | http://starryheartearth.com//images/rokquickcart/samples/id1.txt || 2011-02-21 00:39:39 | avira | PHP/Shellbot.7642 | 21/38 (55.3%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | b94831d6879dcacf06f0a3ba8e5e4683 | http://tibiaguildsjoined.110mb.com/irc.oceanir.txt || 2011-02-21 00:39:39 | avira | PHP/Agent.AD | 16/38 (42.1%) | AS36420, AS30315, AS13749, AS21844 | 70.84.231.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://torontoyangtaichi.com/classes/log.jpg || 2011-02-21 00:39:39 | avira | PHP/Shellbot.7642 | 18/38 (47.4%) | AS13951 | 192.41.60.10 | POC@canopy.com | US | ARIN | ICON-CNETS | 84eac98e1cc1e0388db8ea8ead01b7ec | http://upk.741.com/dvd.txt || 2011-02-21 00:39:39 | avira | PHP/Shellbot.7642 | 21/40 (52.5%) | AS13951 | 192.41.60.10 | POC@canopy.com | US | ARIN | ICON-CNETS | 0ad1ebe3c2d384d86464769b86c7dcab | http://upk.741.com/upk.txt || 2011-02-21 00:39:39 | clamav | PUA.Script.Obfus | 1/38 (2.6%) | AS13768 | 69.90.24.92 | net-admin@peer1.net | US | ARIN | PEER1-BLK-08 | fe23a738a54324c9b789c314b07a179b | http://worldsno1.bravehost.com/encoded.txt || 2011-02-21 00:39:39 | avira | TR/Script.75 | 22/38 (57.9%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | a05dfd7cca7771a7565a154d65f05ea2 | http://www.acquaenergy.it/agenda/tools/id1.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS16265 | 217.119.57.22 | abuse@dot.tk | NL | RIPE | SYNNET-VERZA | cb77fbd4a44dad23618347ed0c4abcb8 | http://www.bogdaniec.tk/778/krynica-morska-noclegi.php || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS31100 | 94.103.151.195 | arco@nedzone.nl | NL | RIPE | NL-NEDZONE-20080915 | c7b32b7e28dd6387db2fe80da3cff29b | http://www.bogdaniec.tk/8543/domki-na-mazurach.php || 2011-02-21 00:39:39 | avira | SPR/PHP.ID | 22/40 (55%) | AS6724 | 85.214.19.45 | abuse-server@strato.de | DE | RIPE | STRATO-RZG-DED2 | 06c3c2901b06b4ad36ed7775d92e29bc | http://www.erotiksafari.de/raid.txt || 2011-02-21 00:39:39 | avira | PHP/Small.Awi.1026 | 15/38 (39.5%) | AS6760 | 77.243.230.76 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | e24571c20d6061ddb60a2674be0f2896 | http://www.heuveltraining.nl/center.txt || 2011-02-21 00:39:39 | clamav | PUA.Script.Packed-10 | 9/40 (22.5%) | AS8560 | 82.165.130.198 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 3303822656f2f4a701287d5b3be4ece8 | http://www.lipstick111.com/uploaded/stun.jpg || 2011-02-21 00:39:39 | avira | TR/Script.76 | 25/41 (61%) | AS25535 | 195.208.0.29 | hosting@nic.ru | RU | RIPE | RU-NIC-HOSTING | f5c92f6912a87f4c170cb0622513e197 | http://www.meteor-kurs.ru//docs/image/fx29id1.txt || 2011-02-21 00:39:39 | avira | TR/Script.86 | 13/38 (34.2%) | AS25535 | 195.208.0.29 | hosting@nic.ru | RU | RIPE | RU-NIC-HOSTING | 7ab5a3291410db3231141e2818e85318 | http://www.meteor-kurs.ru//docs/image/id1.txt || 2011-02-21 00:39:39 | Avast | PHP:Small-V | 5/41 (12.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | e04f2798db31e14450683b75a9e72b51 | http://hostingan.fileave.com/anak.txt || 2011-02-21 00:39:39 | Avast | PHP:Small-AE | 3/40 (7.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | bbd8c0315299331218b4b64e17465edc | http://sia.fileave.com/Ckrid1.txt || 2011-02-21 00:39:39 | clamav | PHP.Downloader-4 | 1/41 (2.4%) | AS47205 | 79.98.24.3 | abuse@iv.lt | LT | RIPE | SERVERIAI-LT-HOSTING | fe57857c9455ab7790ca9f84b3c6e13a | http://teachers.lt/forum/anak.txt || 2011-02-21 00:39:39 | trendmicro | BKDR_PHPBOT.SMOK | 19/41 (46.3%) | AS47205 | 79.98.24.3 | abuse@iv.lt | LT | RIPE | SERVERIAI-LT-HOSTING | 12fa4e236ec009a3e588dd5208a5114f | http://teachers.lt/forum/id.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/chat.irchat.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/eu.bgit.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/EURO.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.austnet..txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.cre..txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.data.lt.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.deltaanime.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.gamesurge.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/39 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.gimp.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/39 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.swiftirc.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.utonet.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/irc.v-irc.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/otter.station51.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://tibiaguildsjoined.110mb.com/rc.2600.txt || 2011-02-21 00:39:39 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 653616ec2f857287ef8407879cb6b9e8 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/kantin/id_raven.txt || 2011-02-21 00:39:39 | undef | unknown_html | 0/41 (0.0%) | AS8512 | 195.199.230.225 | abuse@invitel.net | HU | RIPE | HU-DELTAV-970905 | e73e43f7895bbc278dae545221155499 | http://www.vetesi.sulinet.hu/content/irodalom/eposz.doc || 2011-02-21 01:18:36 | avira | PHP/IRCBOT.DR | 17/39 (43.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 144bc146fdf2388d92df2ca5582bcd92 | http://berryl.fileave.com/niken1.txt?? || 2011-02-21 03:02:57 | avira | TR/Kazy.11279 | 30/41 (73.2%) | AS9057 | 195.122.131.14 | abuse@Level3.com | de | RIPE | TERRASPACE-GMBH | a1efa49bf1924eae7cfbbbd4cfdaa300 | http://rapidshare.com/files/448082883/ad || 2011-02-21 03:02:57 | avira | TR/Kazy.11279 | 28/39 (71.8%) | AS3356 | 195.122.149.42 | abuse@eu.level3.net | de | RIPE | TERRASPACE-GMBH | a1efa49bf1924eae7cfbbbd4cfdaa300 | http://rs241l33.rapidshare.com/files/448082883/ad || 2011-02-21 02:17:12 | avira | PHP/Pbot.A.6 | 28/40 (70%) | AS19994 | 184.106.68.217 | abuse@rackspace.com | US | ARIN | RACKS-8-NET-4 | 05256554ad2d77a9f053ce4b176f9acb | http://184.106.68.217/root.txt?? || 2011-02-21 03:01:26 | avira | PHP/Agent.DZ | 24/41 (58.5%) | AS21844 | 74.52.30.129 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8b8380fc162e9fbc270d2c1792c4ce27 | http://omalihospital.com/site/id1.txt??? || 2011-02-21 03:31:27 | avira | PHP/Small.Awi.1026 | 22/39 (56.4%) | AS4618 | 203.150.228.108 | noc@inet.co.th | TH | APNIC | INET-TH | 524a83516010897b3c7934ca5456c930 | http://www.petloversclub.com/v01///fff/12/center.jpg? || 2011-02-21 04:00:02 | Avast | JS:ShellCode-GP | 6/41 (14.6%) | AS9318 | 114.207.245.27 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 6081240a672d5470bab53b74b70ce34f | http://114.207.245.27/images/219/K.Js || 2011-02-21 04:02:56 | avira | BOMB/ZIP.B | 17/31 (54.8%) | AS852 | 205.206.231.23 | abuse@telus.com | CA | ARIN | TELUS-205-206-0-0 | d9050d6ba1e86a0decc9262dd8f3038d | http://downloads.securityfocus.com/vulnerabilities/exploits/42.zip || 2011-02-21 03:26:44 | avira | BDS/PHP.LJ | 27/40 (67.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8a78825a44e45bc1a6f873e7c79da1fe | http://dedeone.fileave.com/tes.txt?? || 2011-02-21 03:33:02 | avira | PHP/Pbot.A.6 | 27/40 (67.5%) | AS4766 | 210.92.53.47 | abuse@kornet.net | KR | APNIC | KRNIC-KR | f0341e328cc2fda4b94bcaa61367136f | http://dsma.co.kr/bbs21//images/bp.gif??????? || 2011-02-21 04:31:32 | avira | JS/Dldr.Agent.crj | 24/41 (58.5%) | AS34224 | 87.121.165.6 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 6e34cd55794f58f0cc13da712173aefd | http://www.e-vestnik.bg//imgs/2008/scan.txt? || 2011-02-21 04:40:03 | Avast | JS:CVE-2010-0806-BL | 8/39 (20.5%) | AS9318 | 114.207.245.27 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | a36b8d8c3a9681158be6fc31a5824ca8 | http://114.207.245.27/images/219/x.htm || 2011-02-21 05:02:33 | avira | TR/Crypt.XPACK.Gen | 27/39 (69.2%) | AS16265 | 94.75.193.23 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 2ff431fd1b57c812eb1fe7fee90ca352 | http://ndsrio.com/123/fouear.php || 2011-02-21 05:02:33 | avira | TR/PSW.Dybalom.bkh.1 | 33/40 (82.5%) | AS15169 | 209.85.135.101 | arin-contact@google.com | US | ARIN | GOOGLE | b98068f632a2eea6e9da22fa412e2c30 | http://goo.gl/y0ZpM || 2011-02-21 05:02:33 | avira | TR/PSW.Dybalom.bkh.1 | 29/39 (74.4%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | b98068f632a2eea6e9da22fa412e2c30 | http://wahy.fileave.com/New%20Folder.rar || 2011-02-21 05:02:33 | avira | TR/Scar.dogh | 16/39 (41%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 524719ae72208496fff61d3eff8ee9f0 | http://enc0re.fileave.com/enc0re/zerovana.exe || 2011-02-21 05:02:33 | AVG | Generic15.AZUO | 20/39 (51.3%) | AS8560 | 74.208.224.25 | arin-role@oneandone.net | US | ARIN | 1AN1-NETWORK | eaa82e13090f73643fdfe2f41fabdd00 | http://gbw.naxpnetworks.com/files/CommandAndConquerRedAlert2v1.006NoCDPatchEng.zip || 2011-02-21 05:45:02 | avira | HTML/ScrInject.4728 | 16/41 (39%) | AS3216 | 194.186.88.37 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | fb68a855c5f84c75a3dfacb9f8bf395f | http://www.fomichenko.pochta.ru/vwoJNepJ1w.html || 2011-02-21 06:02:45 | ClamAV | PUA.HTML.Infected.WebPage-1 | 1/35 (2.9%) | AS3595, AS16626 | 72.9.251.2 | abuse@gnax.net | US | ARIN | GNAXNET | 2d47de0004ddca2045b25e020e21213a | http://www.turkiyegb.com/ || 2011-02-21 06:46:51 | undef | unknown_html_RFI | 0/41 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=/index2.php?p=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://coolergas.com/.mods/dirs.txt? || 2011-02-21 06:46:51 | undef | unknown_html_RFI | 0/40 (0.0%) | AS4713 | 219.163.200.65 | jpnic@digi-rock.com | JP | APNIC | DR-NET | e6f5cb32661620740d3bfb59d71d760c | http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=/str.php?p=http://gioia-m.jp//assets/snippets/reflect/snippet.reflect.php?reflect_base=http://coolergas.com/.mods/dirs.txt? || 2011-02-21 07:31:34 | undef | unknown_exe | 0/40 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | fba06833515bbc95a12b3268e2e6627b | http://ppi.uz4.net/software/offer.exe || 2011-02-21 07:31:35 | avira | TR/Spy.140800.295 | 26/40 (65%) | AS23352 | 216.246.13.87 | abuse@servercentral.net | US | ARIN | SCN-5 | 670959e99ce021201704e74e07467f68 | http://www.wizzelheadclub.com/.8qf20/?getexe=loader.exe || 2011-02-21 07:31:35 | avira | TR/Spy.80896.62 | 15/39 (38.5%) | AS5713 | 196.25.120.17 | pieter@saix.net | ZA | AFRINIC | SAIX | 2e7b4f4381a1b4609f245d378d82e826 | http://ianburgess-simpson.co.za/.acp9/?getexe=aol.exe || 2011-02-21 07:31:35 | avira | WORM/Koobface.hqf | 37/41 (90.2%) | AS5713 | 196.25.120.17 | pieter@saix.net | ZA | AFRINIC | SAIX | 9413dff1c80818ac46a398b287c515cb | http://ianburgess-simpson.co.za/.acp9/?getexe=ffe32.exe || 2011-02-21 07:31:35 | AhnLab_V3 | Downloader/Win32.Generic | 11/39 (28.2%) | AS9318 | 221.143.48.236 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | b680b72d834a321a5e9d9024cba58b3d | http://221.143.48.236/hpgpcom.exe || 2011-02-21 07:31:35 | avira | TR/Spy.140800.295 | 27/41 (65.9%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 670959e99ce021201704e74e07467f68 | http://scoolman22.netai.net/.pg66wz/?getexe=loader.exe || 2011-02-21 07:31:35 | trendmicro | TROJ_KRYPTK.SMEC | 10/41 (24.4%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | 4acb9bcf529e6c64385205ef112eab30 | http://sandbox01.websteps.it/.qckucw/?getexe=drk.exe || 2011-02-21 07:31:35 | avira | TR/Spy.66048.26 | 34/41 (82.9%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | c4fa4adc177a9e7cc632369521eb2ec7 | http://sandbox01.websteps.it/.qckucw/?getexe=yahoo.exe || 2011-02-21 07:31:35 | avira | TR/ATRAPS.Gen | 27/40 (67.5%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | a7c2845b066174b9f38a6934e3ede12d | http://sandbox01.websteps.it/.qckucw/?getexe=kaoi.exe || 2011-02-21 07:31:35 | NOD32 | a variant of Win32/HotSpotShield | 1/41 (2.4%) | AS18779 | 68.68.107.112 | abuse@egihosting.com | US | ARIN | EGIHOSTING-3 | 651576a11e022e664d468be2c2bd766c | http://68.68.107.112/download/hss-win/HSS-1.57-install-anchorfree-76-conduit.exe || 2011-02-21 07:31:35 | avira | WORM/Koobface.hqf | 35/40 (87.5%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | 9413dff1c80818ac46a398b287c515cb | http://sandbox01.websteps.it/.qckucw/?getexe=ffe32.exe || 2011-02-21 07:31:35 | NOD32 | a variant of Win32/HotSpotShield | 1/41 (2.4%) | AS18779, AS26642 | 74.115.4.112 | abuse@anchorfree.com | US | ARIN | NET-4-AFNCA | 651576a11e022e664d468be2c2bd766c | http://mydati.com/download/hss-win/1.exe || 2011-02-21 07:31:35 | NOD32 | a variant of Win32/HotSpotShield | 1/41 (2.4%) | AS18779 | 68.68.107.110 | abuse@egihosting.com | US | ARIN | EGIHOSTING-3 | 651576a11e022e664d468be2c2bd766c | http://getfreevpn.com/download/hss-win/1.exe || 2011-02-21 07:31:35 | NOD32 | a variant of Win32/HotSpotShield | 1/41 (2.4%) | AS18779 | 68.68.107.110 | abuse@egihosting.com | US | ARIN | EGIHOSTING-3 | 4d35bc163be5d42deb81f80f9a918f85 | http://68.68.107.110/download/hss-win/1.exe || 2011-02-21 07:35:41 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 220.90.213.158 | abuse@kornet.net | KR | APNIC | KORNET | 8513797db8358268483a4b6f79f3126a | http://220.90.213.158/setup/hp/hpgpcom.hpm || 2011-02-21 07:35:41 | undef | unknown_html | 0/40 (0.0%) | AS4766 | 220.90.213.158 | abuse@kornet.net | KR | APNIC | KORNET | 9f3d21c3f12792877c5c601196cbedd7 | http://220.90.213.158/setup/pointbag/ppcrlcon.xmi || 2011-02-21 07:35:41 | avira | TR/Dldr.Delphi.Gen | 39/40 (97.5%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | b4afa1df1debb6c5a8ece7d0a4793bed | http://2b.perfectexe.com:88/cs.jpg?t=4.810733E-02 || 2011-02-21 07:35:41 | undef | unknown_html | 0/41 (0.0%) | AS35908 | 98.126.241.83 | admin-arin@vpls.net | US | ARIN | VPLSNET | cfcd208495d565ef66e7dff9f98764da | http://aruu.info/url0214.asp?b_type=1&id=03000000000002 || 2011-02-21 07:35:41 | undef | unknown_html | 0/39 (0.0%) | AS4134 | 122.224.6.48 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 9eddc7eed2e139713f2a4c33a9717c81 | http://boob.perfectexe.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B1669F2DCEACA885FE5F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5F44320&v=2&t=0.8080255 || 2011-02-21 07:35:41 | undef | unknown_html | 0/41 (0.0%) | AS23724 | 220.181.85.253 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-IDC-BJ | 7b2f95070350859f8969ce4fb7e3f29e | http://vc01.beike.cn/update/vkiller_pctutucht/?m=78e3befcdc7379d21664050ad83a981a&v=0&p=16&c=27 || 2011-02-21 07:35:41 | undef | unknown_html | 0/40 (0.0%) | AS24940 | 46.4.33.195 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100819 | e34cf9774ee2de4019a94ca772d0e109 | http://vkbot.ru/ver.php || 2011-02-21 07:35:41 | avira | TR/Crypt.XPACK.Gen2 | 17/39 (43.6%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 0de3209749deafaeedc6818551ae30a2 | http://www.derquda.com/sv/setup.exe?t=0.8396417 || 2011-02-21 07:35:41 | avira | TR/Crypt.ZPACK.Gen | 24/39 (61.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 653d30c696ebbbff51d90f0c86a54d19 | http://www.derquda.com/tm/crypted.exe?t=0.5929071 || 2011-02-21 07:35:41 | undef | unknown_html | 0/40 (0.0%) | AS41947 | 92.241.184.190 | abuse@wahome.ru | RU | RIPE | RU-WEBALTA-20071217 | 6e9dc246b74081ee967cccfbaaf8a1fa | http://www.unibytes.com/F.F_hFkuAooB || 2011-02-21 07:38:14 | avira | PHP/Small.C | 25/40 (62.5%) | AS209 | 205.168.3.51 | abuse@qwest.net | US | ARIN | QWEST-INET-35 | 6d8bc32c456dfb2ba7de392978fbae66 | http://www.ringstaradvantage.com/images/banners/tmp.jpg?? || 2011-02-21 08:02:51 | avira | TR/Refroso.cyfr | 19/40 (47.5%) | AS38955 | 81.19.145.85 | michael.neumann-ripe@world4you.com | AT | RIPE | WORLD4YOU-COM-01 | ab25ce37b773d303a7ea4e7dc71b626f | http://www.gd-international.at/images/M_images/jpg16022011.zip || 2011-02-21 08:02:51 | avira | TR/Refroso.cyfr | 19/40 (47.5%) | AS11388 | 216.65.1.252 | abuse-mh@peer1.com | US | ARIN | 216-65-0-0-NET | ab25ce37b773d303a7ea4e7dc71b626f | http://xlsom.com/images/download/?natanael.gl:5:17:59%20PM:66446024657598018 || 2011-02-21 08:02:51 | avira | TR/Injector.53248 | 23/38 (60.5%) | AS196713 | 86.109.167.65 | abuse@tusprofesionales.es | ES | RIPE | TUSPROFESIONALES-ES-NET | a525cf1a948c8dd8c4554b08e2d71388 | http://www.yntimagen.com/images/PIC986242742133-JPG-www.facebook.com.exe || 2011-02-21 08:02:51 | Norman | W32/Zlob.gen134 | 3/39 (7.7%) | AS11955 | 76.79.77.20 | abuse@rr.com | US | ARIN | RCWE | d94630a3a04a45524049be5fb4e3f25e | http://www.techadepts.com/wp-content/uploads/2010/05/dell.exe || 2011-02-21 07:31:14 | avira | PHP/Small.C | 25/42 (59.5%) | AS32392 | 98.130.188.112 | abuse@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | a3d736d838ccdbaf976695b4a68f12e3 | http://yotaland.com/images/products/files/jembot.txt??&modez=shellz || 2011-02-21 08:14:48 | clamav | PHP.Agent-4 | 16/42 (38.1%) | AS8612 | 217.133.118.220 | abuse@tiscali.it | IT | RIPE | TISCALINET | 18c1297ae0bc5e4fa5592b107e86d31d | http://www.soraperra.com/canazeiinforma/images/open.jpg???? || 2011-02-21 08:14:49 | undef | unknown_html | 0/43 (0.0%) | AS32097 | 204.12.236.234 | abuse@wholesaleinternet.net | US | ARIN | WHOLESALEINTERNET-3 | 52d46026d485df84125e7999faf807b4 | http://exchangeadded.com/a.php?a=CD22327&b=47901&d=0&l=0&o=&p=0&c=7115&s1= || 2011-02-21 08:14:49 | undef | unknown_html | 0/43 (0.0%) | AS32097 | 204.12.236.234 | abuse@wholesaleinternet.net | US | ARIN | WHOLESALEINTERNET-3 | 52d46026d485df84125e7999faf807b4 | http://exchangeadded.com/b.php?a=CD22327&b=47901&d=0&l=0&o=&p=0&c=7115&s1=&lafhwojedt=8441613 || 2011-02-21 08:14:49 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS22356 | 200.170.93.20 | eduardop@durand.com.br | BR | LACNIC | 005.381.105/0001-51 | cf6c33084f1650f121704bd89bec8a1f | http://imobiliariacanela.com.br/imoveis/vendas/salaseescritorios/b1/arq.php || 2011-02-21 08:14:49 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://ppi.uz4.net/application.php || 2011-02-21 08:14:49 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/37 (2.7%) | AS4134 | 222.245.135.136 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-HN | 4d0f140d014124d48bedab6cf28dcf6a | http://www.99tianji.com/ |+---------------------+------------+----------------------------------+---------------+------------------------------------+-----------------+------------------------------------+---------+---------+-------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+93 rows in set (0.01 sec)
+---------------------+---------------+-------------------------------+---------------+----------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+-------------------------------+---------------+----------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------+| 2011-02-21 09:00:03 | AVG | Exploit | 3/41 (7.3%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 33ae8cf39b6074c11b6e0fdf5dc02446 | http://anq.3-a.net/88/ie.jpg || 2011-02-21 09:00:03 | ClamAV | PUA.Script.Packed | 4/41 (9.8%) | AS46844 | 204.188.243.134 | support@sharktech.net | US | ARIN | SHARKTECH-3 | c08d17877c98625eda1375e8d3d380fb | http://204.188.243.134/retkl.htm || 2011-02-21 09:01:46 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/41 (2.4%) | AS4134 | 222.245.135.136 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-HN | 398d4ff742e482edfd436c4c02376aab | http://99tianji.com/index.php? || 2011-02-21 09:19:43 | avira | PHP/Small.Awi.1026 | 24/41 (58.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 9bc9b115a68a2cf3182f9d9702717ad8 | http://marcoskiller.110mb.com/id.txt || 2011-02-21 09:19:43 | avira | SPR/PHP.ID | 25/39 (64.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2da4648a781d447f68734584a540fb24 | http://marcoskiller.110mb.com/id-v6.txt || 2011-02-21 09:19:43 | avira | PHP/Small.C | 22/41 (53.7%) | AS21844 | 74.53.24.242 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8074074fa55da2a6d2b8f649219ffd48 | http://profitboom.net/forum/Themes/classic/readme.txt || 2011-02-21 09:19:43 | avira | PHP/PHPInfo.F | 17/41 (41.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 3b544c034908dee52f2922e7d910be6a | http://sia.fileave.com/id.txt || 2011-02-21 09:19:43 | undef | unknown_html | 0/41 (0.0%) | AS11798 | 67.222.33.44 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-3 | 1f98a274d68064fbdb0ca394adf6f4fe | http://www.pinnacleforum.com/arizona/june2005/js || 2011-02-21 09:32:55 | AhnLab_V3 | Trojan/Win32.FakeAV | 12/41 (29.3%) | AS19318 | 64.20.37.37 | network@interserver.net | US | ARIN | NJIIX | 58ee26ea2939fce5b9fcdf2febd68fea | http://comscoremedia.in/New-Video-Addon.48563.exe || 2011-02-21 09:32:55 | trendmicro | TROJ_PIDIEF.SMZB | 5/41 (12.2%) | AS35592 | 87.236.195.121 | abuse@coolhousing.net | CZ | RIPE | COOLHOUSING-NET | ba93d2536912b73617e29627818bc3bd | http://cortyew.cz.cc/ewvqu/files/lib.pdf || 2011-02-21 09:32:55 | clamav | PUA.Packed.ASPack | 7/40 (17.5%) | AS25190 | 46.252.131.53 | reliktbvk@gmail.com | LV | RIPE | Sagade | 01c2c7be1e32993e65b0161d643a2ccc | http://nlavdvyd.co.cc/scan3/53/freesystemscan.exe || 2011-02-21 09:32:55 | avira | TR/Fake.Rean.8 | 19/41 (46.3%) | AS21219 | 80.91.176.192 | abuse@ip.datagroup.ua | UA | RIPE | HC-DATAGROUP | d083c8a59a063cfc81ccebd52a34cb56 | http://qigipemoiola.publicvm.com/maindirectory/get.php?name=Hardcore_Porn_Movie_82.mpeg || 2011-02-21 09:40:02 | Avast | JS:FakeAV-GF | 9/39 (23.1%) | AS21793 | 76.76.116.171 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | ced078bc5398b212597b353df5a960e2 | http://virginantivirus.com/?id=06abQDY3 || 2011-02-21 07:37:03 | Kaspersky | Backdoor.PHP.Agent.aj | 3/41 (7.3%) | AS196713 | 86.109.167.65 | abuse@tusprofesionales.es | ES | RIPE | TUSPROFESIONALES-ES-NET | dc1489a1178d919c54958a6d3b8ed59b | http://www.yntimagen.com/images/ || 2011-02-21 10:02:44 | trendmicro | TROJ_SPYEYE.SMEP | 18/39 (46.2%) | AS35592 | 87.236.195.121 | abuse@coolhousing.net | CZ | RIPE | COOLHOUSING-NET | 67278fd166581202058eb00ec8cc32c0 | http://cortyew.cz.cc/ewvqu/nnuav.php?rgmrmo=mdac || 2011-02-21 10:08:32 | avira | TR/VBKrypt.12.10 | 30/40 (75%) | AS9057 | 195.122.131.15 | abuse@Level3.com | de | RIPE | TERRASPACE-GMBH | ff289383c133eebae168e001dfaac71c | http://rapidshare.com/files/448006101/ch2k || 2011-02-21 10:08:32 | avira | TR/VBKrypt.12.10 | 28/38 (73.7%) | AS1299 | 80.239.236.93 | abuse@telia.com | DE | RIPE | DE-TERASPACE | ff289383c133eebae168e001dfaac71c | http://rs92tl2.rapidshare.com/files/448006101/ch2k || 2011-02-21 09:05:03 | undef | W32/Damaged_File.gen!Eldorado | 0/40 (0.0%) | AS25190 | 46.252.131.53 | reliktbvk@gmail.com | LV | RIPE | Sagade | 68b329da9893e34099c7d8ad5cb9c940 | http://nlavdvyd.co.cc/scan3/53/ || 2011-02-21 11:02:30 | avira | EXP/Pidief.deo | 9/39 (23.1%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 5f1652774a420afd533a46f9c0f0184c | http://agamakus.vv.cc/manuale.pdf || 2011-02-21 10:17:42 | avira | PHP/Agent.AD | 17/40 (42.5%) | AS24940 | 78.46.51.229 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 87e29f93ca0ee7961cbd2ae369494ae3 | http://osppilawa.vot.pl/tmp/v2/0x3a/1337/h4x0r/thama/log? || 2011-02-21 10:31:18 | avira | PHP/BackDoor.AR | 29/40 (72.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | cf1868d53ebaff2219511089f9eacd88 | http://mexxshi.fileave.com/2.jpg???? || 2011-02-21 10:31:22 | avira | PHP/RemoteAdmin.3 | 12/40 (30%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a0c3b00c44d447532ef835dbd64bbdd6 | http://mexxshi.fileave.com/injek.jpg??? || 2011-02-21 10:50:21 | avira | PHP/Spy.Bull | 14/38 (36.8%) | AS3595 | 209.217.228.85 | greg@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | f9e40b8a6db4c17961a57f7bc44b3b09 | http://toki.k12.tr/media/system/images/response.txt??? || 2011-02-21 10:31:26 | avira | PHP/IRCBOT.30850 | 17/40 (42.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 3b8084b7d42cf36562fbabdf38cc149d | http://h1.ripway.com/mexxshi/by.jpg??? || 2011-02-21 10:31:31 | avira | PHP/IRCBOT.30850 | 22/40 (55%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 61771c608b859a09676368dba2ee5c9e | http://mexxshi.fileave.com/kencuz.jpg??? || 2011-02-21 10:57:17 | avira | BDS/PHP.ali.1 | 31/40 (77.5%) | AS3595 | 209.217.228.85 | greg@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | f1a9b4e4b207cd38641061e1b72d4775 | http://toki.k12.tr/media/system/images/test.txt??? || 2011-02-21 10:35:30 | avira | PHP/IRCBOT.DR | 19/40 (47.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 144bc146fdf2388d92df2ca5582bcd92 | http://berryl.fileave.com/niken1.txt??? || 2011-02-21 12:02:44 | avira | EXP/PDF.Jeka.B | 23/41 (56.1%) | AS36351 | 50.23.212.154 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | 6339a0b50c9b6412ff0cd8d09d569d16 | http://sabeekesytn.com/nte/gnh11.html/xH8cefcaedV0100f060006R3d708fb1102Tc18d8eb7203l000c329 || 2011-02-21 12:38:13 | avira | PHP/Small.Awi.1026 | 25/40 (62.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 524a83516010897b3c7934ca5456c930 | http://asdsingapore.com/includes/domit/center.jpg?? || 2011-02-21 12:38:30 | avira | PHP/Pbot.A.8 | 23/40 (57.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | c3cbc72d240443aa40a0fb28c25cd7f5 | http://asdsingapore.com/includes/domit/pb.jpg??? || 2011-02-21 13:31:16 | avira | PHP/Zapchast.X | 16/40 (40%) | AS22576 | 72.232.203.106 | abuse@layeredtech.com | US | ARIN | LAYERED-TECH- | 242f049f3c0c22b2bd43a52d7b8cbfd9 | http://rodapesconchal.com.br/hotmail/sql.txt? || 2011-02-21 14:02:51 | avira | TR/Keylog.2.4E616339 | 7/40 (17.5%) | AS43260 | 109.235.249.179 | bilgi@dgn.net.tr | TR | RIPE | TR-DGN-20100201 | 7491ed7e1de34c6eedcf815802c83192 | http://reversing-now.org/download/file.php?id=30 || 2011-02-21 14:02:51 | avira | TR/Spy.Gen | 38/41 (92.7%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 3ee7b1a942107f38af3a3b3d8ce0c62a | http://h1.ripway.com/M203x/server.exe || 2011-02-21 14:02:53 | avira | PHP/Shellbot.7642 | 26/39 (66.7%) | AS32475 | 184.154.47.77 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 5db0d233c3bec927f8d5f949ce6afce0 | http://184.154.47.77/pbot.txt || 2011-02-21 14:02:53 | avira | PHP/Shellbot.7642 | 23/40 (57.5%) | AS13951 | 192.41.60.10 | POC@canopy.com | US | ARIN | ICON-CNETS | 2271001e08ea0bf9a57a7538f4bd28bf | http://bilenukandotudoee.741.com/bot.txt || 2011-02-21 14:02:53 | avira | PHP/Pbot.A.6 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 9a5e2c757ccb48f3389c908ff7028c5f | http://bodaooo.110mb.com/cmdthomas.txt || 2011-02-21 14:02:53 | avira | PHP/Agent.AS.1 | 16/39 (41%) | AS18779 | 64.92.125.18 | admin@name-serve.net | US | ARIN | NETFRONTS-BLK-1 | 289fa6dfa68aea9067ffa186769ab489 | http://matharugroup.com/plugins/id.txt || 2011-02-21 14:02:53 | avira | PHP/Agent.DZ | 24/41 (58.5%) | AS21844 | 74.52.30.129 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8b8380fc162e9fbc270d2c1792c4ce27 | http://omalihospital.com/site/id1.txt || 2011-02-21 14:02:53 | avira | PHP/Shellbot.7642 | 25/41 (61%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6327236f8381a2b1f82d1e2fb3505e4e | http://papbpmbx.110mb.com/pbe.txt || 2011-02-21 14:02:53 | avira | PHP/Shellbot.185 | 12/40 (30%) | AS15201 | 200.98.197.84 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 922587e6359a4678504e707e917c2dbf | http://progressoc3.dominiotemporario.com/all/c99.txt || 2011-02-21 14:02:53 | avira | PHP/R57Shell.B | 11/39 (28.2%) | AS36351 | 74.86.183.197 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 482f1823d5a52935774245cd0d73e72c | http://utama-audio.com/temp/ipays || 2011-02-21 14:02:53 | avira | PHP/C99Shell.C | 28/40 (70%) | AS28221 | 189.126.10.65 | abuse@widc.com.br | BR | LACNIC | 009.010.509/0001-90 | 6e0f9670e495e9dd2b0d1220761851b3 | http://www.dielo.com.br/r57s.txt || 2011-02-21 14:02:53 | avira | TR/Script.76 | 22/39 (56.4%) | AS3839 | 161.200.192.245 | chaya.l@chula.ac.th | TH | APNIC | CHULANET | f5c92f6912a87f4c170cb0622513e197 | http://www.genednetwork.or.th/introduce//pic_files/fx29id1.txt || 2011-02-21 14:02:53 | avira | PHP/Small.C | 24/39 (61.5%) | AS209 | 205.168.3.51 | abuse@qwest.net | US | ARIN | QWEST-INET-35 | 6d8bc32c456dfb2ba7de392978fbae66 | http://www.ringstaradvantage.com/images/banners/tmp.jpg || 2011-02-21 14:02:53 | avira | TR/Ircbrute.A.138 | 22/40 (55%) | AS42926 | 178.211.56.90 | abuse@as42926.net | TR | RIPE | TR-RADORE-20100628 | bb3d3e82270cb0bcaf0c5cc258d5b87d | http://178.211.56.90/a1.exe || 2011-02-21 14:02:53 | BitDefender | Trojan.Generic.KD.136605 | 4/40 (10%) | AS50877 | 195.80.151.99 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 987174c65043f444d5850f533796e761 | http://dfe3.co.cc/news.php?f=57%26e=0 || 2011-02-21 14:02:53 | undef | unknown_html | 0/40 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://skjruiiy.110mb.com/index.html?FERNANDO_w2:01:55:52:446572069168203105 || 2011-02-21 14:02:53 | undef | unknown_exe | 0/41 (0.0%) | AS35368 | 86.109.114.31 | info@datahouse.es | ES | RIPE | CENTRODEDATOS | 829e4805b0e12b383ee09abdc9e2dc3c | http://egandthe.com/sdfggxs/3126 || 2011-02-21 13:26:34 | avira | PHP/IRCBOT.ET | 6/41 (14.6%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 75a3a67bf3a6790dd6f3c79855dc5b8b | http://t3chn1cal.webs.com/index11.txt??? || 2011-02-21 13:38:56 | avira | PHP/Pbot.A | 19/40 (47.5%) | AS16805 | 74.200.208.10 | abuse@fastservers.net | US | ARIN | FASTSERVERS-CHI | 57949449b3555f80e7a49dadcce9753b | http://crazy-crafts.com/images/yahoo/tmp.jpg?? || 2011-02-21 14:32:49 | CAT_QuickHeal | (Suspicious) - DNAScan | 6/40 (15%) | AS30890 | 94.63.246.102 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 3486eea57567dbb0bdfc6831c873af43 | http://porohh.net/gruz/load.php?file=0 || 2011-02-21 14:32:49 | undef | unknown_html | 0/41 (0.0%) | AS30890 | 94.63.246.102 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 1011dd6279e48f6cb413d2ba5f76d434 | http://porohh.net/gruz/load.php?file=grabbers || 2011-02-21 15:03:30 | avira | DR/Delphi.Gen | 24/41 (58.5%) | AS14618 | 184.72.65.235 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 5f1023af793de07128113d3909e0f735 | http://184.72.65.235/vtlg/Arquivo919987217.exe || 2011-02-21 15:03:30 | avira | TR/Agent.98304.ET | 35/41 (85.4%) | AS19318 | 66.45.253.130 | network@interserver.net | US | ARIN | INTERSERVER | 82b6533d38c3afde9be0c5714266c42f | http://66.45.253.130/setup45512.exe || 2011-02-21 15:03:30 | undef | unknown_html | 0/41 (0.0%) | AS3737 | 204.186.112.99 | abuse@ptd.net | US | ARIN | PROLOG | e220c3a07a8d6728f7cbc7e6c242acc8 | http://northumberlandco.org/img.asp;.jpg?action=download%26file=C:|Inetpub|www.norrycopa.net|css|Telegrama.exe || 2011-02-21 15:03:30 | avira | TR/Oficla.hex | 28/39 (71.8%) | AS6849 | 93.190.45.3 | abuse@ukrainehosting.com | UA | RIPE | UA-UKRDOMEN-20080509 | 49b48579285583b22158d6db640a1152 | http://uh174299.ukrdomen.com/cp/bot.exe || 2011-02-21 15:03:30 | avira | TR/Dropper.Gen | 36/41 (87.8%) | AS25761 | 72.8.128.96 | mmahvi@staminus.net | US | ARIN | STAMINUS-COMMUNICATIONS | 1826fbeaf26fc1453d5239b60c395251 | http://www.habajuva.net/al.exe || 2011-02-21 15:03:30 | AhnLab_V3 | Trojan/Win32.Renos | 13/38 (34.2%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | 6c3b088f83283cb274cb9ce4842c3a12 | http://media-move.in/ins_media122.45047.exe || 2011-02-21 15:01:26 | avira | PHP/IRCBOT.NAA | 14/39 (35.9%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 053153ad15a8cd55bd8bc7188c616a25 | http://h1.ripway.com/busuk/luck.txt?http://uaedesign.com/config/idfx.txt? || 2011-02-21 14:22:34 | avira | PHP/Agent.DZ | 18/41 (43.9%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | dd36cbab93a1e4029d00c662ad7d4a7e | http://acquaenergy.it/agenda/tools/list/idxx.txt???? || 2011-02-21 14:22:38 | avira | PHP/BackDoor.AR | 34/41 (82.9%) | AS12363 | 195.110.124.133 | abuse@dada.net | IT | RIPE | register-it | f11a5c7810f1f715e1680b7045dda3cd | http://acquaenergy.it/agenda/tools/list/id2.txt???? |+---------------------+---------------+-------------------------------+---------------+----------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------+61 rows in set (0.00 sec)
+---------------------+------------+--------------------------------+---------------+---------------------------------------------+-----------------+------------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------+--------------------------------+---------------+---------------------------------------------+-----------------+------------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-21 14:47:37 | undef | Trojan-Downloader.Win32.VB.yow | 0/41 (0.0%) | AS14618 | 184.72.65.235 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 8ad74ac8c1df81dbb765f4a36ae08728 | http://184.72.65.235/vtlg/ || 2011-02-21 16:03:19 | avira | TR/Dropper.Gen | 19/39 (48.7%) | AS19844 | 68.67.68.250 | abuse@support.gorack.net | US | ARIN | GORACK | cb3628aeac3d3916fce313a9770d5d05 | http://exp0se.us/legit.exe || 2011-02-21 16:13:09 | undef | unknown_html | 0/41 (0.0%) | AS14618 | 50.18.53.186 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-8 | ff9e2fd7e84188d07437ac71043a6e34 | http://www.systemupdate.org/v9r1/59B928BD5C812AAF4DF937CD.php?op=48A50B947A8221AA365D3E || 2011-02-21 16:13:09 | undef | unknown_html | 0/39 (0.0%) | AS14618 | 50.18.53.186 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-8 | 5cfa561849eaf8019ceaaa42adb4d2e3 | http://www.systemupdate.org/v9r1/59B928BD5C812AAF4DF937CD.php?op=4EB3109D69A90ABE5F965CAE3E || 2011-02-21 16:13:09 | undef | unknown_html | 0/39 (0.0%) | AS14618 | 50.18.53.186 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-8 | 5cfa561849eaf8019ceaaa42adb4d2e3 | http://www.systemupdate.org/v9r1/59B928BD5C812AAF4DF937CD.php?op=59A11699598433C55D3E || 2011-02-21 16:32:14 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/41 (2.4%) | AS4134 | 222.245.135.136 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-HN | 613d64b4e2b4dee32ff9503095787c88 | http://www.99tianji.com/index.php? || 2011-02-21 16:40:02 | undef | unknown_html | 0/41 (0.0%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 5acfd314f5d0a6e1e9a2c051ae90d55a | http://anq.3-a.net/88/av.htm || 2011-02-21 17:04:05 | avira | WORM/Slenfbot.akd.12 | 21/38 (55.3%) | AS36752 | 67.195.145.141 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US8 | 36f942263b289885730ac8529009ee18 | http://ndawestbr.com/facebook-pic00320123561.exe || 2011-02-21 17:32:01 | avira | PHP/PHPInfo.E | 19/41 (46.3%) | AS28836 | 213.214.105.89 | info@ic-s.nl | NL | RIPE | IC-S-COLO-HOSTING-LAN1 | 292dbe6e7a4e9245e72ba548df5c393a | http://www.consilience.nl/dmdocuments/pandegaid.txt? || 2011-02-21 15:27:06 | undef | Variant.Adware.Hotbar.1 | 0/40 (0.0%) | AS19844 | 68.67.68.250 | abuse@support.gorack.net | US | ARIN | GORACK | 687b09b03d0b2b3ee08da77e5a058934 | http://exp0se.us/ || 2011-02-21 16:27:06 | undef | Trojan.Generic.KD.134092 | 0/39 (0.0%) | AS36752 | 67.195.145.142 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US8 | 5ee06e19a4c2fc1df0978cd227a5362b | http://ndawestbr.com/ || 2011-02-21 17:45:02 | avira | PHISH/Bradesco.D | 8/41 (19.5%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | 792d833f2d5c5de2522765fe4efc4c5e | http://bit.ly/fegWq4 || 2011-02-21 17:15:25 | avira | HTML/Agent.5382 | 13/40 (32.5%) | AS9318 | 118.218.219.178 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | faa012fb3556f895310eaf24f368636a | http://howtolisten.kr/parti/data/good2773/tools/id.txt || 2011-02-21 17:33:11 | avira | PHP/Small.C | 27/40 (67.5%) | AS209 | 205.168.3.51 | abuse@qwest.net | US | ARIN | QWEST-INET-35 | 6d8bc32c456dfb2ba7de392978fbae66 | http://ringstaradvantage.com/images/banners/tmp.jpg?? || 2011-02-21 18:12:39 | AVG | Generic21.GUN | 17/41 (41.5%) | AS2914 | 168.143.172.53 | abuse@ntt.net | US | ARIN | NTTA-168-143 | 99ae213ffba3c57c25e7f6386094b9d9 | http://j.mp/rsglitches || 2011-02-21 18:12:39 | AVG | Generic21.GUN | 16/41 (39%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 99ae213ffba3c57c25e7f6386094b9d9 | http://runescape.fileave.com/stekast.exe || 2011-02-21 18:12:41 | avira | PHP/Pbot.A.8 | 26/40 (65%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 24bb2795d0b5b354e0a0ae09a0c36e9e | http://dvdkrl.atspace.com/bo.txt || 2011-02-21 18:12:41 | avira | PHP/Pbot.A | 28/41 (68.3%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 3de4d77b65d5439d9dd4e2f27a1da763 | http://passarinho.110mb.com/cemde.txt || 2011-02-21 18:12:41 | avira | PHP/Small.Awi.1026 | 25/40 (62.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 524a83516010897b3c7934ca5456c930 | http://www.asdsingapore.com/includes/domit/center.jpg || 2011-02-21 18:12:41 | avira | PHP/PHPInfo.E | 19/41 (46.3%) | AS28836 | 213.214.105.89 | info@ic-s.nl | NL | RIPE | IC-S-COLO-HOSTING-LAN1 | 292dbe6e7a4e9245e72ba548df5c393a | http://www.consilience.nl/dmdocuments/pandegaid.txt || 2011-02-21 18:12:41 | avira | PHP/RemoteAdmi.6444 | 11/41 (26.8%) | AS28836 | 213.214.105.89 | info@ic-s.nl | NL | RIPE | IC-S-COLO-HOSTING-LAN1 | 73c6526d8a3825c2ac6bdbd6d2169280 | http://www.consilience.nl/dmdocuments/ver.txt || 2011-02-21 18:12:41 | avira | PHP/Pbot.A | 19/40 (47.5%) | AS16805 | 74.200.208.10 | abuse@fastservers.net | US | ARIN | FASTSERVERS-CHI | 57949449b3555f80e7a49dadcce9753b | http://www.crazy-crafts.com/images/yahoo/tmp.jpg || 2011-02-21 18:12:41 | avira | TR/Script.86 | 13/39 (33.3%) | AS3839 | 161.200.192.245 | chaya.l@chula.ac.th | TH | APNIC | CHULANET | 7ab5a3291410db3231141e2818e85318 | http://www.genednetwork.or.th/introduce//pic_files/id1.txt || 2011-02-21 18:12:41 | clamav | PHP.Downloader | 4/41 (9.8%) | AS28842 | 89.17.220.221 | abuse@veloxia.com | ES | RIPE | MIARROBA-NET | 1bf2eaaf3f83355e33d618b597a6a761 | http://www.paintball33.webcindario.com/bb1.txt || 2011-02-21 18:38:35 | AVG | Dropper.Small.JPW | 4/41 (9.8%) | AS19844 | 68.67.68.250 | abuse@support.gorack.net | US | ARIN | GORACK | 19c620f6b810841a1304eb7442119645 | http://www.exp0se.us/fghgfjghkhjkhjk.exe || 2011-02-21 19:00:03 | avira | HTML/Shellcode.Gen | 17/41 (41.5%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 935e260af7728d8da306d41afd744e1f | http://anq.3-a.net/88/6.htm || 2011-02-21 19:02:43 | avira | SPR/TrojanSimulat.2 | 28/39 (71.8%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 207.44.154.77 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-9 | 6a1ac6675073bab8ec61839e1d1434d6 | http://www.misec.net/products/TrojanSimulator.zip || 2011-02-21 19:25:55 | undef | unknown_html_RFI | 0/40 (0.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.152.37 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | dc068dc11ba00da84afb814966693666 | http://quized.net/?fp=IVGQinckv1a53tno5xv%2B5vPkpW8TvK0V8tFO2ys8e6APCv8ONJcdpw%2BIlm1FRQWkFOv2%2Fe1vVP9wDomgJ%2B00iQ%3D%3D&prvtof=F7qvVnOlOKY098nOdI3jI1ssMItrj9VVsYJUlYFDWqI%3D&poru=d09DM1X15A9ScHtyrXUIwOguDCy%2BlhPLrvPwRmijS%2Fv3ZMK40q6ChNcQRyU7jTHK77kXpiO22X7Ls%2B6dOcggaA%3D%3D&cifr=1& || 2011-02-21 19:25:55 | undef | unknown_html_RFI_perl | 0/41 (0.0%) | AS19873 | 200.187.64.90 | info@infolink.com.br | BR | LACNIC | 000.801.786/0001-46 | d5eb6ec3786e845e9ec779a515cd829f | http://madeforyou.com.br/lfi.txt || 2011-02-21 19:25:55 | undef | unknown_html | 0/39 (0.0%) | AS3595 | 209.217.225.93 | greg@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | f29c21d4897f78948b91f03172341b7b | http://impex.maaraj.com/images/total_visitas.php || 2011-02-21 19:25:55 | undef | unknown_html | 0/39 (0.0%) | AS20773 | 178.77.100.98 | net-abuse@hosteurope.de | DE | RIPE | DE-HE-LVPS-CGN3-NET | aa7c22739b3493e74941b9aa168d36f8 | http://masterbootrecord.de/files/ariversion.php || 2011-02-21 19:25:55 | undef | unknown_html | 0/39 (0.0%) | AS6760 | 77.79.10.33 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 96710272fe040d20e0c40c0d0be52f9f | http://sotrshop.net/addl1.jpg || 2011-02-21 19:25:55 | undef | unknown_html | 0/39 (0.0%) | AS6760 | 77.79.10.33 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 0fc30646d5cf22910283967bf24ebf66 | http://sotrshop.net/grb.php || 2011-02-21 19:34:33 | avira | PHP/R57Shell.B | 11/39 (28.2%) | AS17746 | 60.234.41.25 | abuse@orcon.net.nz | NZ | APNIC | ORCONNET | 5c2965ff6dc7b685f03eaaec941a0a52 | http://coi.inspiremestore.co.nz/logs || 2011-02-21 20:02:46 | undef | unknown_html | 0/40 (0.0%) | AS4741 | 210.246.85.4 | narumols@samtel.com | TH | APNIC | SIF | a16912ebcc71bb17215f693a45320caf | http://dike.dpt.go.th/ag/securessl/www.craigslist.org/login.htm || 2011-02-21 20:03:07 | NOD32 | a variant of MSIL/Injector.DH | 4/41 (9.8%) | AS14618 | 184.72.236.250 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 99dfbd770efb40ef8625ae9ffe6d849f | http://dl.dropbox.com/u/20445234/DDOSER/RuneScape%20DDOSER.exe || 2011-02-21 20:03:07 | NOD32 | a variant of Win32/Kryptik.KXN | 4/39 (10.3%) | AS21793 | 76.76.116.171 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 69b3a1b71e2990bb09542a6482ddfa16 | http://virginantivirus.com/?do=getexe&id=lee_03 || 2011-02-21 19:53:02 | avira | TR/Script.77 | 16/39 (41%) | AS29636 | 84.18.207.64 | abuse@catalyst2.com | GB | RIPE | CATALYST2-SHARED | dc7b2fd7417f4ea1917ac8b7284fecba | http://starryheartearth.com/images/rokquickcart/samples/id1.gif?? || 2011-02-21 19:53:03 | avira | PHP/BackDoor.AR | 27/39 (69.2%) | AS29636 | 84.18.207.64 | abuse@catalyst2.com | GB | RIPE | CATALYST2-SHARED | dcc55d73dae5326abb4f00d9313a7e70 | http://starryheartearth.com/images/rokquickcart/samples/id2.gif??? || 2011-02-21 19:53:05 | avira | PHP/Pbot.G | 20/39 (51.3%) | AS16245 | 193.202.110.93 | abuse@one.com | DK | RIPE | B-ONE-NET | 3acb96f6b600fb06d7f96e87f186ba0a | http://aeonguard.com/wow/e107_images/emotes/default/mac.gif?? || 2011-02-21 20:32:13 | avira | EXP/Pidief.deo | 11/41 (26.8%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 3c359fa67b2e52609dfd6aa44fe0e2b7 | http://admin-fedmin.co.cc/c4644d.pdf || 2011-02-21 20:40:05 | avira | HTML/Shellcode.Gen | 11/41 (26.8%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 88214da5f089c3148750cdd49ef92f62 | http://anq.3-a.net/88/7.htm || 2011-02-21 21:09:41 | Antiy_AVL | Worm/Win32.Sohanad.gen | 4/41 (9.8%) | AS38955 | 81.19.145.99 | michael.neumann-ripe@world4you.com | AT | RIPE | WORLD4YOU-COM-01 | 1459192f09608b3098d0a8844531ea12 | http://www.nemesis2.org/dschin/Spenden%20Botter%20V2_x86_1.1.exe || 2011-02-21 21:09:41 | undef | unknown_html | 0/41 (0.0%) | AS35415 | 88.85.92.12 | ripe@webazilla.com | NL | RIPE | NL-WEBAZILLA-20060208 | 6b9060ae37e1acdb3161d8db75360539 | http://fatpornpictures.com || 2011-02-21 20:19:09 | avira | PHP/IRCBOT.ET | 7/39 (17.9%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 75a3a67bf3a6790dd6f3c79855dc5b8b | http://t3chn1cal.webs.com/index11.txt?? || 2011-02-21 21:38:34 | AVG | RelevantKnowledge | 1/36 (2.8%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.246.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | f222da54a140eea7f19be124521d7f91 | http://www.audioshareware.com/download/asmx.exe || 2011-02-21 21:38:34 | AVG | RelevantKnowledge | 3/40 (7.5%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.246.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 4a2da1c2f0a42b67c21f58da94d13186 | http://www.audioshareware.com/download/asrb.exe || 2011-02-21 21:39:02 | trendmicro | TROJ_PIDIEF.SMZB | 4/39 (10.3%) | AS35592 | 87.236.195.121 | abuse@coolhousing.net | CZ | RIPE | COOLHOUSING-NET | 67299b72b8d2ad19aaf926f9aa0d9a64 | http://goertyw.cz.cc/slmk/files/lib.pdf || 2011-02-21 21:39:02 | avira | TR/Bamital.I.11 | 25/39 (64.1%) | AS35592 | 87.236.195.121 | abuse@coolhousing.net | CZ | RIPE | COOLHOUSING-NET | 67278fd166581202058eb00ec8cc32c0 | http://goertyw.cz.cc/slmk/ropfg.php?sanmu=mdac || 2011-02-21 21:39:05 | undef | unknown_html | 0/39 (0.0%) | AS38955 | 81.19.145.99 | michael.neumann-ripe@world4you.com | AT | RIPE | WORLD4YOU-COM-01 | e687a8863b630223cca747208b764020 | http://www.nemesis2.org/dschin/update.txt || 2011-02-21 22:02:32 | undef | unknown_html | 0/39 (0.0%) | AS2914 | 213.198.76.43 | abuse@us.ntt.net | DE | RIPE | EU-NTTEUROPE-991029 | a852f87715cb28525bf18d73a9d2a31f | http://www.infineon.com/cms/en/corporate/company/contact/ccc.html || 2011-02-21 22:02:55 | trendmicro | TROJ_HILOTI.SMAE | 19/41 (46.3%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 317207a3ee5d8bca90be9b3f0efbb3ae | http://www.ukhotelforum.co.uk/img/tlp.exe || 2011-02-21 21:32:36 | avira | PHP/IRCBOT.K | 14/38 (36.8%) | AS7819 | 67.210.244.65 | abuse@gipnetworks.com | US | ARIN | GIP-NET-2 | 2903edf0ccb8e23180f407f15758e1bc | http://cormacarena.com.co/2011/media/system/images/php2.txt?? || 2011-02-21 20:33:01 | undef | JS:Trojan.PDF.2 | 0/41 (0.0%) | AS38955 | 81.19.145.99 | michael.neumann-ripe@world4you.com | AT | RIPE | WORLD4YOU-COM-01 | 3cf000c255441d52a45da79bd3c68c85 | http://www.nemesis2.org/dschin/ || 2011-02-21 22:05:02 | undef | Variant.Kazy.3274 | 0/40 (0.0%) | AS24940 | 188.40.140.203 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20090423 | 1c7b413c3fa39d0fed40556d2658ac73 | http://newkvartira.od.ua/plugins/ || 2011-02-21 22:59:58 | clamav | PHP.Agent-15 | 4/39 (10.3%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 1299becb87c40015afd7a5f5417c7ea4 | http://h1.ripway.com/ganten9/one.txt?? || 2011-02-21 23:36:35 | Avast | PHP:Agent-BF | 7/40 (17.5%) | AS38930 | 87.255.55.12 | abuse@fiberring.com | NL | RIPE | NL-FIBERRING-20051107 | 70c958dbd2b50b8cef452e5c25358504 | http://www.basisberaad.nl/imguploads/temp.txt?? || 2011-02-21 23:36:55 | trendmicro | TROJ_HILOTI.SMAE | 19/40 (47.5%) | AS32475 | 65.60.4.82 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 317207a3ee5d8bca90be9b3f0efbb3ae | http://ukhotelforum.co.uk/img/tlp.exe || 2011-02-21 23:45:03 | avira | HTML/ScrInject.4728 | 17/40 (42.5%) | AS3216 | 194.186.88.37 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 6582156fb8491b75303614043d0a7450 | http://www.rty.vthb.pochta.ru/hbuV2qbvzT.html || 2011-02-21 23:38:10 | avira | PHP/Pbot.A.10 | 20/40 (50%) | AS18450 | 67.220.217.230 | NOC@webnx.com | US | ARIN | WEBNX | 8456e875b3fbf1a833e777b7da7a24f2 | http://melzit69.99k.org/index.txt??? || 2011-02-22 00:37:27 | AhnLab_V3 | Trojan/Win32.Renos | 12/40 (30%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | c799d1d3181d3f5c89c5a39e8ab1e36d | http://softput.in/Crack.BacklinkSpeed_2.3.45303.exe || 2011-02-22 00:37:27 | AhnLab_V3 | Trojan/Win32.Renos | 12/41 (29.3%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | 095e98aff968f2e2b1ba5e83bd620271 | http://softput.in/Keygen.BacklinkSpeed_2.3.45303.exe || 2011-02-22 00:37:27 | AhnLab_V3 | Trojan/Win32.Renos | 12/40 (30%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | 017f873dafcb0c19ffb468665d33dc66 | http://softput.in/Serial.BacklinkSpeed_2.3.45303.exe || 2011-02-22 00:37:28 | AhnLab_V3 | Trojan/Win32.Renos | 12/40 (30%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | 557d1b37d5767463e3c638f8995c9656 | http://thesoftplace.in/New-Video-Addon.48563.exe || 2011-02-22 00:38:15 | avira | TR/FakeAV.NF | 24/38 (63.2%) | AS7366 | 199.7.177.242 | abuse@lemuriaco.com | US | ARIN | LEMURIA-COMMUNICATIONS | 07e3795b72311f67314d228e0fc2d8df | http://hotfile.com/dl/104368157/8d60acb/net2011.exe.html || 2011-02-22 00:38:15 | avira | DR/Delphi.Gen | 12/37 (32.4%) | AS24940 | 213.239.197.243 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET2 | c7211553d9a30b88e4f44d0a83ae9fb1 | http://u0d.de/edbff6/crypted.exe || 2011-02-22 01:39:48 | undef | unknown_html | 0/40 (0.0%) | AS9120 | 212.97.132.165 | abuse@surftown.com | DK | RIPE | SURFTOWNDK | 8416bfd99cda1fe65291fb989df9ef14 | http://ver4.vietstudoslo.org/e107_themes/templates//lol/lol.html || 2011-02-22 01:41:35 | undef | unknown_html | 0/40 (0.0%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 48f6026b0b8bd44e145bd66254fc7c69 | http://h1.ripway.com/allkindsgoodies/buy/ || 2011-02-22 02:04:40 | Kaspersky | Heur.Downloader | 1/41 (2.4%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 57b95c6210e11011aaa4c1aee7943aff | http://www.lesyeuxcarres.com/js/thickbox/TerraMexico.exe || 2011-02-22 02:33:34 | Kaspersky | Trojan.Win32.Scar.docp | 2/40 (5%) | AS33182 | 66.7.214.232 | abuse@dimenoc.com | US | ARIN | DIMECNET | d649d43b4d44cefe42c36bd407b691d3 | http://coves.mx/images/setap.exe || 2011-02-22 02:33:34 | Kaspersky | Trojan.Win32.Scar.docp | 1/25 (4%) | AS33182 | 66.7.205.107 | abuse@dimenoc.com | US | ARIN | DIMECNET | d649d43b4d44cefe42c36bd407b691d3 | http://implantes-pachuca.com/Media/setap.exe || 2011-02-22 02:33:34 | Kaspersky | Trojan.Win32.Scar.docp | 1/38 (2.6%) | AS33182 | 72.29.77.180 | abuse@dimenoc.com | US | ARIN | HOSTDIME-PI-1 | d649d43b4d44cefe42c36bd407b691d3 | http://piensaingles.com/cgibin_vz/setap.exe || 2011-02-22 03:00:04 | undef | unknown_html_RFI_eval | 0/40 (0.0%) | AS15301 | 74.121.28.151 | ioit@iovation.com | US | ARIN | IOVATION-NET | 88739908227323b21d9f6d30ede1be2d | http://mpsnare.iesnare.com/snare.js || 2011-02-22 03:00:04 | undef | unknown_html | 0/38 (0.0%) | AS9808 | 221.181.73.220 | hostmaster@chinamobile.com | CN | APNIC | CMNET | 8f512e7f354d63c99d1aa9016397f3c5 | http://count4.51yes.com/click.aspx?id=47763032&amp;amp;logo=1 || 2011-02-22 02:06:01 | undef | Heur.Downloader | 0/42 (0.0%) | AS33182 | 72.29.77.180 | abuse@dimenoc.com | US | ARIN | HOSTDIME-PI-1 | 61cf1d14d4bcede2b41c9f1902844956 | http://piensaingles.com/cgibin_vz/ || 2011-02-22 02:35:02 | undef | Trojan.Win32.Scar.docp | 0/41 (0.0%) | AS33182 | 66.7.205.107 | abuse@dimenoc.com | US | ARIN | DIMECNET | 8058b94f1b2194b389a0e5379ed80f0f | http://implantes-pachuca.com/Media/ || 2011-02-22 02:35:02 | undef | Trojan.Win32.Scar.docp | 0/42 (0.0%) | AS33182 | 66.7.214.232 | abuse@dimenoc.com | US | ARIN | DIMECNET | 6da1af44263b0ea6445b06444489b5f6 | http://coves.mx/images/ || 2011-02-22 04:00:03 | undef | unknown_html | 0/43 (0.0%) | AS15301 | 74.121.28.151 | ioit@iovation.com | US | ARIN | IOVATION-NET | 9673439ffbc57aa5ca78d45a47b51580 | http://mpsnare.iesnare.com/script/logo.js || 2011-02-22 04:04:02 | AVG | RelevantKnowledge | 3/42 (7.1%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | 0e3efa2293533801372650486a95b5ce | http://falcogames.com/DissolutePairSetup.exe || 2011-02-22 04:04:02 | AVG | RelevantKnowledge | 4/43 (9.3%) | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | 27f8ce13e9be87ff1aefa75527032ff4 | http://falcogames.com/RGBFlowSetup.exe || 2011-02-22 04:04:48 | avira | SPR/PHP.ID | 27/41 (65.9%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 6f019ee9755329cfeb0aceaa700218c2 | http://www.persiawow.co.cc/s/idosyris.txt?? || 2011-02-22 04:04:48 | avira | BDS/PHP.Agent.DW.3 | 31/41 (75.6%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 010729de903d3d9fcd979bc677b8500d | http://www.persiawow.co.cc/s/ssh.txt?? || 2011-02-22 03:16:18 | avira | SPR/PHP.ID | 26/38 (68.4%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 6f019ee9755329cfeb0aceaa700218c2 | http://persiawow.co.cc/s/idosyris.txt?? || 2011-02-22 03:14:22 | avira | BDS/PHP.Agent.DW.3 | 31/41 (75.6%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 010729de903d3d9fcd979bc677b8500d | http://persiawow.co.cc/s/ssh.txt?? || 2011-02-22 03:34:05 | avira | SPR/PHP.ID | 26/38 (68.4%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 6f019ee9755329cfeb0aceaa700218c2 | http://persiawow.co.cc/s/idosyris.txt || 2011-02-22 03:56:24 | avira | PHP/RemoteAdmi.5470 | 13/40 (32.5%) | AS42831 | 78.110.174.12 | abuse@ukservers.com | GB | RIPE | NAMEHOG-LTD-IP-1 | b11ffca8437a1ecf9a6b6c19838e4bec | http://baader-planetarium.uk.com/en/pdf/hyperion.pdf?? || 2011-02-22 03:33:36 | avira | BDS/PHP.Agent.DW.3 | 30/40 (75%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 010729de903d3d9fcd979bc677b8500d | http://persiawow.co.cc/s/ssh.txt || 2011-02-22 04:33:43 | avira | TR/Script.76 | 24/38 (63.2%) | AS3839 | 161.200.192.245 | chaya.l@chula.ac.th | TH | APNIC | CHULANET | f5c92f6912a87f4c170cb0622513e197 | http://www.genednetwork.or.th/introduce//pic_files/fx29id1.txt? || 2011-02-22 04:34:40 | avira | PHP/RemoteAdmi.5470 | 11/38 (28.9%) | AS42831 | 78.110.174.12 | abuse@ukservers.com | GB | RIPE | NAMEHOG-LTD-IP-1 | b11ffca8437a1ecf9a6b6c19838e4bec | http://www.baader-planetarium.uk.com/en/pdf/hyperion.pdf?? || 2011-02-22 05:03:48 | avira | PHP/PHPInfo.E | 19/41 (46.3%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 292dbe6e7a4e9245e72ba548df5c393a | http://lescontesdemapina.com/logs/pandegaid.txt? || 2011-02-22 05:03:48 | avira | PHP/RemoteAdmi.6444 | 11/41 (26.8%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 73c6526d8a3825c2ac6bdbd6d2169280 | http://lescontesdemapina.com/logs/ver.txt? || 2011-02-22 05:03:48 | avira | PHP/RemoteAdmi.6444 | 9/39 (23.1%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 73c6526d8a3825c2ac6bdbd6d2169280 | http://lescontesdemapina.com/logs/ver.txt?? || 2011-02-22 04:11:45 | avira | PHP/Loader.9852 | 12/39 (30.8%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | f912ba9d520f103b3ec423af4b0fa80e | http://lescontesdemapina.com/logs/ec.txt? || 2011-02-22 04:39:39 | avira | PHP/Agent.AD | 19/40 (47.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.92 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://anak-kecil.com/v1/02/03/04/05/06/07/08/files/log? || 2011-02-22 04:15:15 | avira | PHP/Pbot.A | 28/39 (71.8%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 0f0cc558d4d7ecb8686fcb07dd57e636 | http://lescontesdemapina.com/logs/dor.txt?? || 2011-02-22 05:33:16 | avira | PHP/Loader.9852 | 7/40 (17.5%) | AS27229 | 64.187.109.136 | abuse@acceleratebiz.com | US | ARIN | ACCELERATEBIZ-3-20 | c21b53c4d40bec2c0491f67815489b79 | http://www.healthbeyond2000.co.nz/shop/pma/themes/original/css/spreadd.txt??? || 2011-02-22 05:33:16 | avira | BDS/PHP.Agent.DW.3 | 29/41 (70.7%) | AS27229 | 64.187.109.136 | abuse@acceleratebiz.com | US | ARIN | ACCELERATEBIZ-3-20 | e6efd274dfdcedb8955c361dac846821 | http://www.healthbeyond2000.co.nz/shop/pma/lang/path.txt??? || 2011-02-22 06:03:28 | undef | unknown_exe | 0/41 (0.0%) | AS4837 | 218.60.14.65 | abuse@online.ln.cn | CN | APNIC | UNICOM-LN | c75c28bf35537278b7ea113d6fc40372 | http://www.xunlei100.com/msn/software/partner/d2/YoudaoDict_jieku.exe1 || 2011-02-22 06:04:08 | avira | PHP/Pbot.C | 11/40 (27.5%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | de602ad1fa754efb1c90370e398b722f | http://www.alles-aus-rlp.de/admin/inside/sc/rfi.txt???? || 2011-02-22 05:23:16 | avira | PHP/Pbot.C | 11/40 (27.5%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | de602ad1fa754efb1c90370e398b722f | http://alles-aus-rlp.de/admin/inside/sc/rfi.txt???? || 2011-02-22 05:43:12 | avira | PHP/Small.C | 27/40 (67.5%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | 6a6ebf1f119ccc0623bb821a2b5be383 | http://alles-aus-rlp.de/admin/inside/sc/pbot.txt????? || 2011-02-22 05:43:18 | avira | PHP/IRCBOT.31536 | 25/41 (61%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | fdfae138bcdc8ba20aca70fd7e5c2da8 | http://alles-aus-rlp.de/admin/inside/sc/sikat.txt? || 2011-02-22 06:35:45 | avira | PHP/BackDoor.AR | 32/40 (80%) | AS23352 | 205.234.253.14 | support@servercentral.net | US | ARIN | SCN-4 | f11a5c7810f1f715e1680b7045dda3cd | http://jus-promo.net/MC/images/id1.txt? || 2011-02-22 07:04:55 | Ikarus | Trojan.Win32.Zmunik | 4/40 (10%) | AS38320 | 119.110.76.23 | adi@arsen.co.id | ID | APNIC | MMS-ID | e61fb532a2e9a9b1df6a00d65f271015 | http://www.nyit-nyit.net/dokumentasi/ARTAV_Installer-nyit-nyit.net.zip || 2011-02-22 07:05:05 | avira | TR/Agent.psa.42 | 32/41 (78%) | AS40676 | 199.71.214.157 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | b69afe4827bac0a73370bbf6fd0dd8bf | http://199.71.214.157/3.exe |+---------------------+------------+--------------------------------+---------------+---------------------------------------------+-----------------+------------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+105 rows in set (0.01 sec)
+---------------------+---------------+--------------------------------------------+---------------+---------------------------------------+-----------------+------------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+--------------------------------------------+---------------+---------------------------------------+-----------------+------------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-22 07:11:30 | avira | PHP/Pbot.C | 11/41 (26.8%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | de602ad1fa754efb1c90370e398b722f | http://www.alles-aus-rlp.de/admin/inside/sc/rfi.txt?? || 2011-02-22 07:11:30 | avira | PHP/IRCBOT.31536 | 22/37 (59.5%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | fdfae138bcdc8ba20aca70fd7e5c2da8 | http://www.alles-aus-rlp.de/admin/inside/sc/sikat.txt? || 2011-02-22 07:11:30 | avira | BDS/PHP.Agent.DW.3 | 25/41 (61%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | e1efda4bdb59a2f0aa75a641fd301a8f | http://www.alles-aus-rlp.de/admin/inside/sc/ssh.txt?? || 2011-02-22 07:11:30 | undef | unknown_html | 0/39 (0.0%) | AS16276 | 94.23.225.196 | abuse@ovh.net | FR | RIPE | OVH | 5072dbd2d8459456a684b4b8740f59b3 | http://94.23.225.196/widget.php?wid=1kk7hjqw&ref=&os=Windows%20XP&res=640x480&nav=Internet%20Explorer || 2011-02-22 07:11:30 | undef | unknown_html | 0/39 (0.0%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 81051bcc2cf1bedf378224b0a93e2877 | http://ad79.co.kr/statinsert.php?mac=00-0C-29-37-B5-96&ip=192.168.160.128&pid=ad79&install=3 || 2011-02-22 07:11:30 | undef | unknown_html | 0/40 (0.0%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | c72ea9e01de8bd0ebd7e42e946e72071 | http://ad79.co.kr/whrtengdown/sufiad79.ini || 2011-02-22 07:11:30 | undef | unknown_html | 0/39 (0.0%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | abda628590c51542a487e3cf9b26a740 | http://ad79.co.kr/whrtengdown/whrtengad79.ini || 2011-02-22 07:11:30 | undef | unknown_html | 0/37 (0.0%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | d643cbedf43e705ebd3c562fdea88e8b | http://ad79.co.kr/wmcdown/fbgdad797.ini || 2011-02-22 07:11:30 | undef | unknown_html | 0/41 (0.0%) | AS20940 | 63.80.4.19 | abuse-mail@verizonbusiness.com | US | ARIN | UUNET63 | 82728f47721c899aeace3b6204199c36 | http://c0019986.cdn1.cloudfiles.rackspacecloud.com/dlls || 2011-02-22 07:11:30 | undef | unknown_html | 0/40 (0.0%) | AS20940 | 63.80.4.57 | abuse-mail@verizonbusiness.com | US | ARIN | UUNET63 | 8cc481c2998806b15043deda89cb718d | http://c0019986.cdn1.cloudfiles.rackspacecloud.com/vidxden_ilivid || 2011-02-22 07:11:30 | undef | unknown_html_RFI_php | 0/39 (0.0%) | AS20940 | 95.100.249.106 | | EU | RIPE | EU-AKAMAI-20090202 | 7830b11190b685f2a193c77e4ccce2e0 | http://c0019986.cdn1.cloudfiles.rackspacecloud.com/vlc || 2011-02-22 07:11:30 | undef | unknown_arch_rar | 0/41 (0.0%) | AS16509 | 72.21.203.146 | noc@amazon.com | US | ARIN | AMAZON-02 | 2def35349cca4e191d83d81e8abba73d | http://downloads.ilivid.com/sample.part1.rar || 2011-02-22 07:11:30 | undef | unknown_html | 0/38 (0.0%) | AS19318 | 69.10.48.106 | abuse@trouble-free.net | US | ARIN | INTERSERVER | 1bd57cdbd5cf26bfd5dc3994b6b48115 | http://poco2202.t35.com/2/post.php || 2011-02-22 07:11:30 | undef | unknown_html | 0/40 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 5c22f308382224a97441bb500911a4b3 | http://ppi.uz4.net/toolbar/kernel.php || 2011-02-22 07:11:30 | undef | unknown_html | 0/40 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | ed6f5e2ba4d0977befdacd1f809dd17f | http://ppi.uz4.net/toolbar/version.txt || 2011-02-22 07:11:30 | undef | unknown_html | 0/37 (0.0%) | AS14618 | 184.73.230.44 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | cd22bad976363fdd1bfbf6759fede482 | http://rp.programmersupply.com/vc.psc?pcrc=1213840738 || 2011-02-22 07:11:30 | undef | unknown_html | 0/41 (0.0%) | AS17964 | 115.47.5.104 | donglin@xrnet.cn | CN | APNIC | XRNET | 2b5af1726635c0cb5a69d44669e6f5d4 | http://zszc.sro5.com/sro_wizard/connection.ashx?user=test&data=FA80359A&r=34400658 || 2011-02-22 07:11:30 | undef | unknown_html | 0/41 (0.0%) | AS17964 | 115.47.5.104 | donglin@xrnet.cn | CN | APNIC | XRNET | 2b5af1726635c0cb5a69d44669e6f5d4 | http://zszc.sro5.com/sro_wizard/connection.ashx?user=test&r=9343903 || 2011-02-22 07:12:08 | avira | PHP/Pastie.637 | 17/39 (43.6%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 493d3c720be431004253125118998a5d | http://lescontesdemapina.com//administrator/ID-RFI.txt?? || 2011-02-22 07:12:08 | avira | BDS/PHP.ali.1 | 32/41 (78%) | AS3595 | 209.217.228.85 | greg@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | f1a9b4e4b207cd38641061e1b72d4775 | http://www.toki.k12.tr/media/system/images/test.txt??? || 2011-02-22 07:36:04 | avira | TR/Crypt.XPACK.Gen | 5/39 (12.8%) | AS13749, AS21844, AS30315, AS36420 | 74.54.176.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 0152781e7aadb3aae0677d841980f1d5 | http://www.micirugiaencolombia.com/FEBRERO_21_02_11.JPG.exe || 2011-02-22 07:36:04 | undef | unknown_html | 0/40 (0.0%) | AS31708 | 85.13.235.186 | abuse@coreix.net | GB | RIPE | COREIX-DS | 874a727b10a59be772950fa370300e75 | http://eddierichardson.co.uk/com/cssadmin9/safe.ssl.confirm.onlinebankingofamerica.com/index2.html || 2011-02-22 07:36:04 | Fortinet | W32/Refroso.AGEA!tr | 3/39 (7.7%) | AS32748 | 67.202.108.217 | noc@steadfast.net | US | ARIN | STEADFAST-3 | 40cd3fad7a9202c6484f1f7f670389dd | http://67.202.108.217/uploads/s-lexis.exe || 2011-02-22 07:36:04 | avira | TR/Crypt.ZPACK.Gen | 20/41 (48.8%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 5f9add11ec36e92c4b8b7f6ca7eba584 | http://scoolman22.netai.net/.pg66wz/?getexe=blogredir.exe || 2011-02-22 07:36:04 | avira | TR/Crypt.ZPACK.Gen | 20/38 (52.6%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 7d91e62fde77df63fd995caa48cb6260 | http://scoolman22.netai.net/.pg66wz/?getexe=kwt.exe || 2011-02-22 07:36:04 | clamav | PUA.Packed.PECompact-1 | 15/41 (36.6%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 5bcafc11a87fb5abe0af383eae0e696c | http://scoolman22.netai.net/.pg66wz/?getexe=kaoi.exe || 2011-02-22 07:36:04 | avira | WORM/Koobface.hqf | 37/41 (90.2%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 9413dff1c80818ac46a398b287c515cb | http://scoolman22.netai.net/.pg66wz/?getexe=ffe32.exe || 2011-02-22 07:36:04 | Avast | Win32:Alureon-SZ | 7/41 (17.1%) | AS21788 | 64.191.5.102 | abuse@hostnoc.net | US | ARIN | HOSTNOC-3BLK | 1d4c72f21a2f64637d015e30d9d9a812 | http://scoolman22.netai.net/.pg66wz/?getexe=drk.exe || 2011-02-22 07:36:04 | clamav | Trojan.FakeAV-737 | 12/37 (32.4%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 2e90350580b08a649727b30270d37ef3 | http://ppi.uz4.net/toolbar/toolbar.exe || 2011-02-22 07:36:04 | DrWeb | Trojan.DownLoad1.53394 | 10/41 (24.4%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | c530b8ba0257659bd4066e357496fb77 | http://ad79.co.kr/wmcdown/setup_bondisk_barcon_babacc3.exe || 2011-02-22 07:36:04 | undef | unknown_exe | 0/39 (0.0%) | AS9318 | 114.203.87.213 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 0244f6d552167867c389b91f356df899 | http://ad79.co.kr/whrtengdown/whrteng.exe || 2011-02-22 02:35:02 | undef | Trojan.Win32.Scar.docp | 0/39 (0.0%) | AS40676 | 199.71.214.157 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | c8c491395ac6a8c57c90bf82578893f3 | http://199.71.214.157/ || 2011-02-22 07:38:21 | undef | unknown_html_RFI | 0/41 (0.0%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://bodaooo.110mb.com/bangloko.txthttp://bodaooo.110mb.com/bangloko.txt || 2011-02-22 07:42:04 | avira | PHP/IRCBOT.E.29297 | 15/41 (36.6%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c23aef381d7df4acb2d0bd2149c74183 | http://h1.ripway.com/ganten9/casper.txt?? || 2011-02-22 07:39:31 | avira | PHP/BackDoor.AR | 24/41 (58.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | ffc934bf545300365839b1e4ec4b6732 | http://h1.ripway.com/ganten9/two.txt??? || 2011-02-22 08:10:35 | avira | TR/VB.Downloader.Gen | 20/41 (48.8%) | AS15201 | 187.17.98.51 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | ff4cc4cc8b97b6d2f1898f03bbebf069 | http://permutanoi.dominiotemporario.com/get/anexo.zip || 2011-02-22 08:10:35 | avira | TR/VB.Downloader.Gen | 20/41 (48.8%) | AS15201 | 187.17.98.51 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | ff4cc4cc8b97b6d2f1898f03bbebf069 | http://permutanoi.dominiotemporario.com/get/anexo.zip?0.3282 || 2011-02-22 08:41:05 | avira | TR/Dropper.Gen | 39/41 (95.1%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | 77bd0ce28a2e9d474aaea65d150e1d95 | http://2b.perfectexe.com:88/cool.jpg?t=0.2024347 || 2011-02-22 08:41:06 | avira | TR/Dldr.Delphi.Gen | 37/38 (97.4%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | b4afa1df1debb6c5a8ece7d0a4793bed | http://2b.perfectexe.com:88/cs.jpg?t=0.5236322 || 2011-02-22 08:41:06 | avira | TR/Crypt.ZPACK.Gen | 15/41 (36.6%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 10cfb98431cb5d7fbb953d4998e38d07 | http://94.63.244.50/b.exe?t=0.4827997 || 2011-02-22 08:41:06 | undef | unknown_html | 0/38 (0.0%) | AS4837 | 218.10.17.178 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-HL | bfa6c8933c1b7ff3cb8054ffd6ed9f6a | http://boob.perfectexe.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2869F1DCE8CA835FF2F6D9DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.5548822 || 2011-02-22 08:41:06 | undef | unknown_html | 0/41 (0.0%) | AS51441 | 91.217.162.46 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 96710272fe040d20e0c40c0d0be52f9f | http://clodshop.com/addl1.jpg || 2011-02-22 08:41:06 | undef | unknown_html | 0/40 (0.0%) | AS51441 | 91.217.162.46 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | 0fc30646d5cf22910283967bf24ebf66 | http://clodshop.com/grb.php || 2011-02-22 08:41:06 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 6e9c74212f876b574401942c2d9a757b | http://gamesandnews.net/ || 2011-02-22 08:41:06 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://gamesandnews.net/hb.asp || 2011-02-22 08:41:06 | undef | unknown_html | 0/39 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 6e9c74212f876b574401942c2d9a757b | http://gamesandnews.net/hc3.asp || 2011-02-22 08:41:06 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 2067c8599de654e6fba8f7d3dfd243ec | http://gamesandnews.net/include/lib.js || 2011-02-22 08:41:06 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 7991be809693f2d3cae450e38bc62f38 | http://gamesandnews.net/onexit.asp || 2011-02-22 08:41:06 | avira | TR/Dropper.Gen | 21/41 (51.2%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ec73fe029d34400e46a0ad6d8b4a8650 | http://www.derquda.com/bl/tilly.exe?t=0.506283 || 2011-02-22 08:41:06 | avira | TR/Spy.SpyEy.EB.2.B | 4/39 (10.3%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ffa86e407a0c0a9e93693c36d1822e9f | http://www.derquda.com/sv/cyb.exe?t=7.654971E-02 || 2011-02-22 08:41:06 | avira | TR/Crypt.XPACK.Gen2 | 24/41 (58.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 0de3209749deafaeedc6818551ae30a2 | http://www.derquda.com/sv/setup.exe?t=0.2199213 || 2011-02-22 08:41:06 | avira | TR/Crypt.ZPACK.Gen | 29/39 (74.4%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 653d30c696ebbbff51d90f0c86a54d19 | http://www.derquda.com/tm/crypted.exe?t=0.5480463 || 2011-02-22 07:55:34 | avira | TR/Script.75 | 24/40 (60%) | AS36351 | 174.36.82.196 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | a05dfd7cca7771a7565a154d65f05ea2 | http://pawanaholdings.com/components/com_poll/rfi/id1.txt????? || 2011-02-22 07:55:31 | avira | TR/Script.75 | 25/41 (61%) | AS36351 | 174.36.82.196 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | a05dfd7cca7771a7565a154d65f05ea2 | http://pawanaholdings.com/components/com_poll/rfi/id1.txt???? || 2011-02-22 08:21:49 | avira | PHP/Pbot.G | 20/41 (48.8%) | AS29278 | 87.229.40.187 | abuse@deninet.hu | HU | RIPE | STARJAN-NET | dbac6acf8db5434fff7490d4f27b6258 | http://szeszam.hu/e107_images/mac.gif?? || 2011-02-22 09:11:51 | avira | TR/Script.75 | 22/39 (56.4%) | AS42005 | 92.240.253.31 | abuse@exohosting.sk | SK | RIPE | SK-LSC-EXOTECHNOLOGIES | a05dfd7cca7771a7565a154d65f05ea2 | http://fajnstudio.sk//images/icons/id1.txt? || 2011-02-22 09:26:27 | avira | TR/Crypt.ZPACK.Gen | 15/41 (36.6%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 10cfb98431cb5d7fbb953d4998e38d07 | http://94.63.244.50/b.exe?t=6.461734E-02 || 2011-02-22 09:26:27 | undef | unknown_html | 0/40 (0.0%) | AS4837 | 218.10.17.178 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-HL | bfa6c8933c1b7ff3cb8054ffd6ed9f6a | http://boob.perfectexe.com:888/list.php?c=B4AC885F94224AE64DAAC6EE0346C213D049B58E0B2469C2DCEFCA9C5FF8F6C1DFE10E13F3845D3386FFC45E0D4897B5778D4CBB9FE6A5FF432C&v=2&t=0.9023706 || 2011-02-22 09:26:27 | undef | unknown_exe | 0/40 (0.0%) | AS38676 | 175.111.16.41 | | KR | APNIC | WIZCDN-KR | 4bc54795bcb9497df5f20067af877ffa | http://download.keysearch.co.kr/update/safe/a/az/winsscore.dll || 2011-02-22 09:26:27 | undef | unknown_html | 0/40 (0.0%) | AS3561 | 208.48.81.134 | b.vanderent@au.darkbluesea.com | AU | ARIN | SAVV-S231205-5 | 2571424ff3a192b2559d38e943162b60 | http://loangas.com/common/imagelib/index.htm/1634_295_180_crop_7bf83.jpg || 2011-02-22 09:26:27 | undef | unknown_html | 0/41 (0.0%) | AS3561 | 64.15.205.101 | b.vanderent@au.darkbluesea.com | AU | ARIN | SAVV-S231205-10 | fda13ae327b2e7a197d30a0e941d6033 | http://loangas.com/common/imagelib/index.htm/2906_225_180_crop_ec621.jpg || 2011-02-22 09:26:27 | undef | unknown_html | 0/41 (0.0%) | AS38676 | 175.111.16.41 | | KR | APNIC | WIZCDN-KR | 297f72673184d3e129177011bbf2f928 | http://update.keysearch.co.kr/app_winss/a/az/efver.ini || 2011-02-22 09:26:27 | undef | unknown_html | 0/41 (0.0%) | AS28753 | 85.17.254.178 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20050311 | c388f20118e93c9e649915d9e52b8b90 | http://www.bigseekpro.com/facesmooch3/{801B3B35-5632-4367-A654-B9437EC79E5E} || 2011-02-22 09:26:27 | avira | TR/Dropper.Gen | 19/40 (47.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ec73fe029d34400e46a0ad6d8b4a8650 | http://www.derquda.com/bl/tilly.exe?t=0.4357111 || 2011-02-22 09:26:27 | avira | TR/Spy.SpyEy.EB.2.B | 4/39 (10.3%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ffa86e407a0c0a9e93693c36d1822e9f | http://www.derquda.com/sv/cyb.exe?t=0.6605799 || 2011-02-22 09:26:27 | avira | TR/Crypt.XPACK.Gen2 | 24/41 (58.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 0de3209749deafaeedc6818551ae30a2 | http://www.derquda.com/sv/setup.exe?t=0.4141352 || 2011-02-22 09:26:27 | avira | TR/Crypt.ZPACK.Gen | 29/40 (72.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 653d30c696ebbbff51d90f0c86a54d19 | http://www.derquda.com/tm/crypted.exe?t=0.1455347 || 2011-02-22 09:26:27 | undef | unknown_html | 0/40 (0.0%) | AS9286 | 121.78.83.8 | kwlee@actela.com | KR | APNIC | KINXINC-KR | 62412dc9b13812f0b5a322b1251362f4 | http://www.keysearch.co.kr/div/pdiv.html || 2011-02-22 09:40:03 | Norman | W32/Malware | 1/40 (2.5%) | AS38676 | 175.111.16.41 | | KR | APNIC | WIZCDN-KR | bff54d19a5832fa44a3501e14069dd0e | http://download.keysearch.co.kr/update/safe/a/az/winssearch.exe || 2011-02-22 08:51:17 | avira | BDS/PHP.Agent.EI | 23/41 (56.1%) | AS46475 | 208.115.232.125 | noc@limestonenetworks.com | US | ARIN | LSN-DLLSTX-5 | e450e5d005080ae385ec5d60b6da787b | http://208.115.232.125/id? || 2011-02-22 09:41:10 | avira | EXP/Pidief.deo | 11/41 (26.8%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | ca832f75e8e96bb0b12e41e267ea6612 | http://thordiril.vv.cc/manuale.pdf || 2011-02-22 10:11:45 | undef | unknown_html | 0/41 (0.0%) | AS43146 | 89.108.67.77 | abuse@agava.com | RU | RIPE | AGAVA-DATACENTER-NET | abf55872c741e89ce76c71299070e73e | http://www.ppin.ru/about.html || 2011-02-22 10:12:39 | CAT_QuickHeal | (Suspicious) - DNAScan | 3/40 (7.5%) | AS558 | 204.197.252.36 | noc@privatesystems.net | US | ARIN | PRIVATE-4 | b41cca3f5c7809024324f36e62037b41 | http://www.aussiemuslims.com/apatch/A-Patch143b16.zip || 2011-02-22 10:12:39 | avira | TR/Dropper.Gen | 25/38 (65.8%) | AS9924 | 219.87.170.3 | ting_tseng@twfn.com.tw | TW | APNIC | TFN-NET | 0aaf7dc7bc70749506f91c79f6059dbd | http://www.28bxg.com/20110208.exe || 2011-02-22 10:12:39 | avira | TR/Dldr.Agent.eixf | 20/39 (51.3%) | AS3216 | 194.186.88.57 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 9ad5e1af79a62e164124c22ca3c7b7b8 | http://personne.newmail.ru/PPJoystick/PPJoySetup-0.8.4.6(Windows%20XP%2CVista%2C7).exe || 2011-02-22 10:12:42 | avira | PHP/Small.C | 27/40 (67.5%) | AS8972 | 85.25.91.20 | abuse@plusserver.de | DE | RIPE | DE-INTERGENIA-20050301 | 6a6ebf1f119ccc0623bb821a2b5be383 | http://www.alles-aus-rlp.de/admin/inside/sc/pbot.txt????? || 2011-02-22 10:12:43 | Fortinet | W32/Refroso.AGEA!tr | 3/41 (7.3%) | AS32613 | 70.38.98.236 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | b1308b6f2febff32d32185f13fecd794 | http://img102.herosh.com/2011/02/21/839552720.gif || 2011-02-22 10:26:35 | undef | unknown_html | 0/38 (0.0%) | AS32209 | 69.172.216.55 | net-admin@peer1.net | US | ARIN | PEER1-BLK-14 | 325472601571f31e1bf00674c368d335 | http://audit.303br.net/?anId=126&pubId=215202&vURL=http%3A%2F%2Fbusco%2Ein%2F || 2011-02-22 10:01:05 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 653616ec2f857287ef8407879cb6b9e8 | http://embajadastecnologicasextremadura.es/modules/mod_root/kantin/id_raven.txt || 2011-02-22 09:46:19 | avira | PHP/C99Shell.C | 24/41 (58.5%) | AS27229 | 64.187.109.136 | abuse@acceleratebiz.com | US | ARIN | ACCELERATEBIZ-3-20 | 64011c372863a85d0a6b427605102984 | http://healthbeyond2000.co.nz/shop/pma/themes/original/css/dosha.txt??? || 2011-02-22 10:13:04 | undef | Trojan-Spy.Win32.SpyEyes.ezl | 0/39 (0.0%) | AS21793 | 76.76.96.234 | abuse@existhosting.com | CA | ARIN | INTERWEB-MEDIA | 3f4769b9596931b9dae88f7c97dbd1f8 | http://pacificcashonline.com/Y3BmaXg/bin/ || 2011-02-22 10:13:07 | undef | Trojan-Spy.Win32.SpyEyes.ezl | 0/41 (0.0%) | AS6760 | 77.79.15.11 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 84e933be5f43d757f3fa5d4025968fb4 | http://bighecks.com/auth/bin/ || 2011-02-22 10:13:08 | undef | Trojan.Heur.RP.myW@aiVT0lnG | 0/41 (0.0%) | AS197424 | 91.220.163.12 | grey@xentime.com | UA | RIPE | XENTIME | 042f5e8f2683f0925e859490ea7e55a0 | http://91.220.163.12/main/bin/ || 2011-02-22 10:42:11 | avira | TR/Spy.ZBot.aqzk | 34/41 (82.9%) | AS24940 | 188.40.140.203 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20090423 | fcc18a5e4d6a8ec001424ade4b206ad7 | http://newkvartira.od.ua/plugins/ss.exe || 2011-02-22 11:13:42 | avira | TR/Meredrop.A.3060 | 12/41 (29.3%) | AS197424 | 91.220.163.12 | grey@xentime.com | UA | RIPE | XENTIME | 09002ee122ebd7ba2529eb58ae3e0720 | http://91.220.163.12/main/bin/java.exe || 2011-02-22 11:13:42 | avira | TR/Dropper.Gen | 16/41 (39%) | AS6760 | 77.79.15.11 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 386e6eac3b23f1c86d9d36c8f8af1156 | http://bighecks.com/auth/bin/seye.exe || 2011-02-22 11:13:44 | McAfee | PWS-Spyeye.e | 4/39 (10.3%) | AS21793 | 76.76.96.234 | abuse@existhosting.com | CA | ARIN | INTERWEB-MEDIA | 0b73eb837479f7488fdd88ba2e7522a5 | http://pacificcashonline.com/Y3BmaXg/bin/svvhosts.exe || 2011-02-22 11:14:24 | Avast | Win32:VB-DIP | 10/40 (25%) | AS32613 | 67.205.103.113 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-04 | de25ef5728be6214daf9ee61903c95e2 | http://www.02-1.org/uploads/1306838259.zip || 2011-02-22 11:14:24 | Comodo | UnclassifiedMalware | 8/41 (19.5%) | AS43391 | 77.223.141.137 | | TR | RIPE | NETDIREKT-1 | 6a67f682be9c7ca397d3a84bb3cdc180 | http://www.kelebekfinal.com/kelebek.exe || 2011-02-22 11:14:24 | AhnLab_V3 | Win-Dropper/Shortcut.262192 | 5/41 (12.2%) | AS4809 | 122.226.240.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | e6aa50a4c37a14164c76723aca721326 | http://cdn-down.7pk.com/fgcn_508.exe || 2011-02-22 11:14:24 | Antiy_AVL | Trojan/Win32.AutoHK.gen | 4/39 (10.3%) | AS46940 | 95.100.249.129 | abuse-mail@verizonbusiness.com | EU | RIPE | EU-AKAMAI-20090202 | c8fe5d290124df06f2dec3e3809fffbd | http://download.pcwelt.de/area_release/files/56/09/56092A03FE140016A3BDA87BF613E647/prey-0.5.3-win.exe || 2011-02-22 11:14:27 | clamav | PHP.Id-4 | 7/40 (17.5%) | AS27715 | 200.234.200.124 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | e7c173d274dc9f960122f10c678fff77 | http://acxiom.com.br/vullteste.xml || 2011-02-22 11:14:27 | avira | PHP/Pbot.A.8 | 26/41 (63.4%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 24bb2795d0b5b354e0a0ae09a0c36e9e | http://dvdshell1.atspace.com/bo.txt || 2011-02-22 11:14:27 | avira | PHP/RemoteAdmi.5470 | 11/38 (28.9%) | AS42831 | 78.110.174.12 | abuse@ukservers.com | GB | RIPE | NAMEHOG-LTD-IP-1 | b11ffca8437a1ecf9a6b6c19838e4bec | http://www.baader-planetarium.uk.com/en/pdf/hyperion.pdf || 2011-02-22 11:14:27 | clamav | PHP.Id-4 | 5/40 (12.5%) | AS46475 | 69.162.65.122 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 3bc9f3c10f067eac493f00cee7343d94 | http://www.deusproverar.acessodireto.info/images/god.txt || 2011-02-22 11:14:27 | clamav | PHP.Id-30 | 11/41 (26.8%) | AS3595, AS16626 | 63.247.82.66 | abuse@gnax.net | US | ARIN | GNAXNET | 411878cbe4ad6badc4126a8867cc1e9a | http://www.myfannyserrano.com/media/a.gif || 2011-02-22 11:14:27 | avira | SPR/PHP.ID | 25/38 (65.8%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 6f019ee9755329cfeb0aceaa700218c2 | http://www.persiawow.co.cc/s/idosyris.txt || 2011-02-22 11:14:27 | clamav | PHP.Agent-15 | 4/41 (9.8%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 1299becb87c40015afd7a5f5417c7ea4 | http://h1.ripway.com/ganten9/one.txt || 2011-02-22 11:14:27 | avira | PHP/Shellbot.7642 | 23/41 (56.1%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 3249135fdfb5ebcb06e184d885ce9fba | http://jointibiaguildacept.110mb.com/rc.friend.td.txt || 2011-02-22 11:14:27 | trendmicro | PHP_HTMAILHCK.SM | 11/39 (28.2%) | AS7643 | 123.30.34.187 | abuse@vnn.vn | vn | APNIC | VDC-NET | 0faf4bf03d8b36ba3d293ac54c73ad1c | http://mech.tnut.edu.vn//templates/beez/images/inbox.txt || 2011-02-22 11:14:27 | avira | PHP/Pbot.A.10 | 19/39 (48.7%) | AS18450 | 67.220.217.230 | NOC@webnx.com | US | ARIN | WEBNX | 8456e875b3fbf1a833e777b7da7a24f2 | http://melzit69.99k.org/index.txt || 2011-02-22 11:14:28 | avira | PHP/PHPShell.BE | 14/41 (34.1%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 624927fd425c98840fbfda3018162ef9 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/pendosa/id1.txt?? || 2011-02-22 11:39:33 | clamav | PUA.Script.Packed-10 | 1/41 (2.4%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 8568dbf2f5b61ddc0d4d257bf62169a9 | http://kortech.cn/bbs/tmp.jpg?? || 2011-02-22 11:13:06 | undef | Trojan.Generic.KDV.136921 | 0/39 (0.0%) | AS43391 | 77.223.141.137 | | TR | RIPE | NETDIREKT-1 | 8272fe58ad9a817021fe3d330d5b2302 | http://www.kelebekfinal.com/ || 2011-02-22 11:42:53 | undef | unknown_html | 0/41 (0.0%) | AS4808 | 117.79.93.27 | chenyue@neteon.com.cn | CN | APNIC | NETEON | 3bdae54fb5a04b9a9067a64f4b09807f | http://bc.qushimeiti.com/config/new_online_setup_req.php?qid=508&module=flashget3&tick=148437 || 2011-02-22 12:12:06 | avira | TR/Banker.Banbra.aest | 27/39 (69.2%) | AS42612 | 82.98.160.93 | ripe@dinahosting.com | ES | RIPE | DH-J3-NET | c53443d307623905cb46e421f3846565 | http://www.aedci.es/images/stories/processo.php?cod= || 2011-02-22 12:35:27 | avira | TR/Spy.Agent.bpfu | 21/41 (51.2%) | AS19066 | 96.30.46.216 | noc@wiredtree.com | US | ARIN | WIREDTREE | 2c20f8f92f51e41e31f40ab3fb71594b | http://currentnewsstore.com/down/up/calc.exe || 2011-02-22 12:35:50 | clamav | PUA.Packed.PECompact-1 | 15/41 (36.6%) | AS7015 | 71.235.85.177 | abuse@comcast.net | US | ARIN | CONNECTICUT-18 | 7f762325512e08ca7c6c0ec5cab18050 | http://71.235.85.177/images/xc.gif || 2011-02-22 11:57:05 | Avast | PHP:C99Shell-G | 19/40 (47.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 4e436461145702cab4d8b2fd88084fa6 | http://embajadastecnologicasextremadura.es/modules/mod_root/mass/id.txt??? || 2011-02-22 12:29:41 | avira | PHP/Small.C | 27/42 (64.3%) | AS36420, AS30315, AS13749, AS21844 | 174.122.53.131 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fa93984bb29b416fd9eae563389c4e00 | http://myitaliancenter.com/images/upload.png????&modez=psybnc || 2011-02-22 12:29:36 | avira | PHP/Small.C | 27/42 (64.3%) | AS36420, AS30315, AS13749, AS21844 | 174.122.53.131 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fa93984bb29b416fd9eae563389c4e00 | http://myitaliancenter.com/images/upload.png????&modez=botz || 2011-02-22 12:29:17 | avira | TR/Script.75 | 24/42 (57.1%) | AS11798 | 66.147.240.176 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | a05dfd7cca7771a7565a154d65f05ea2 | http://freemarketwarrior.com/images/1.png???? || 2011-02-22 12:29:22 | avira | PHP/BackDoor.AR | 34/41 (82.9%) | AS11798 | 66.147.240.176 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | 8dcad47f3e32e7dc1aee59167e67c601 | http://freemarketwarrior.com/images/2.png????? || 2011-02-22 12:29:26 | avira | PHP/Small.C | 25/40 (62.5%) | AS36420, AS30315, AS13749, AS21844 | 174.122.53.131 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fa93984bb29b416fd9eae563389c4e00 | http://myitaliancenter.com/images/upload.png????&modez=shellz || 2011-02-22 12:29:31 | avira | PHP/Small.C | 27/42 (64.3%) | AS36420, AS30315, AS13749, AS21844 | 174.122.53.131 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fa93984bb29b416fd9eae563389c4e00 | http://myitaliancenter.com/images/upload.png????&modez=scannerz || 2011-02-22 12:42:46 | clamav | PUA.Script.Packed-10 | 1/41 (2.4%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 8568dbf2f5b61ddc0d4d257bf62169a9 | http://kortech.cn/bbs/tmp.jpg || 2011-02-22 12:42:46 | avira | PHP/Small.Awi.1026 | 26/41 (63.4%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 524a83516010897b3c7934ca5456c930 | http://www.asdsingapore.com/includes/domit/center.jpg?? || 2011-02-22 13:28:54 | avira | PHP/Small.Awi.1026 | 22/41 (53.7%) | AS6849 | 194.33.180.50 | vitaliy@hostpro.com.ua | UA | RIPE | HOSTPRO-NET | 4cba1db379dbe0c0e894f6e47065ac4e | http://ukrlaw.net/i/id.jpg? || 2011-02-22 13:28:59 | avira | PHP/Small.C | 19/40 (47.5%) | AS31708 | 85.13.221.202 | abuse@coreix.net | GB | RIPE | COREIX-DS | 48e85288be9e92cc5a47eadcf2ed663a | http://npbmedia.com/clients2/php.jpg??? || 2011-02-22 12:44:17 | avira | PHP/C99Shell.G.1 | 18/39 (46.2%) | AS11167 | 12.132.193.71 | abuse@att.net | US | ARIN | ATT | d4899f6478baa5b50a3ce2b6b401fdda | http://t00ls.org/fx.txt?? || 2011-02-22 12:49:31 | avira | PHP/Shell.163910 | 25/39 (64.1%) | AS32475 | 184.154.150.17 | abuse@singlehop.com | US | ARIN | SINGLEHOP | f1dbe5f20f05a1b90db5cba370f66edf | http://persiawow.co.cc/s/fx.txt?? || 2011-02-22 13:46:27 | AhnLab_V3 | Trojan/Win32.FakeAV | 7/39 (17.9%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | 532eeb1ca7c1a2503963bd91e95ee008 | http://filesonlinecentral.in/New-Video-Addon.48563.exe || 2011-02-22 13:46:27 | Avast | BV:Agent-DR | 13/39 (33.3%) | AS4837 | 218.60.14.65 | abuse@online.ln.cn | CN | APNIC | UNICOM-LN | 27ad39f6cc4b339a655298359801ab9a | http://download.youbak.com/youbak/software/partner/18/CloudEx_onlinebackup_1_0.exe || 2011-02-22 13:46:27 | avira | TR/Alexmo.A1 | 27/39 (69.2%) | AS5598 | 194.44.18.83 | hostmaster@netlux.org | UA | RIPE | NETLUX | 75e5e7be4617f364fd8626ceec7c975c | http://vx.org.ua/dl/vir/Trojan-Mailfinder.Win32.Alexmo.a.zip || 2011-02-22 13:46:33 | avira | PHP/Pbot.A.6 | 25/39 (64.1%) | AS4766 | 210.92.53.47 | abuse@kornet.net | KR | APNIC | KRNIC-KR | f0341e328cc2fda4b94bcaa61367136f | http://www.dsma.co.kr/bbs21//images/bp.gif?????? || 2011-02-22 13:46:35 | avira | TR/Spy.128512.28 | 38/41 (92.7%) | AS4134 | 122.224.6.164 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 8809b6417c1fef1d74dabe79b0ca2556 | http://hn.yigeyuming.com:82/hn.gif?t=0.1058924 || 2011-02-22 13:46:35 | trendmicro | TROJ_DLOADR.AABF | 4/41 (9.8%) | AS9057 | 195.122.131.15 | abuse@Level3.com | de | RIPE | TERRASPACE-GMBH | 2d568e907ade9881e6d0febbbcee181e | http://rapidshare.com/files/449131149/lodicon || 2011-02-22 14:40:05 | Avast | JS:FakeAV-GF | 10/41 (24.4%) | AS21793 | 76.76.116.171 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 78bc357175e6a4a7167c6f5ebc007f1b | http://antivirfreesite.com/ || 2011-02-22 14:09:45 | clamav | PHP.Id-30 | 5/41 (12.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | dfc8db2d94bcdbd5a63424fb766c4f4d | http://re5.fileave.com/id/zfxid1.txt?? || 2011-02-22 14:09:48 | avira | PHP/BackDoor.AR | 25/38 (65.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | bc052d76f12e5e21c1f3b1e9efe24cd9 | http://re5.fileave.com/id/zfxid2.txt??? || 2011-02-22 14:09:52 | avira | PHP/IRCBOT.ES.1 | 20/40 (50%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 63e0edb468702d57685d90b0f83c780d | http://re5.fileave.com/a/pa.txt?? || 2011-02-22 14:09:55 | avira | PHP/IRCBOT.E | 10/39 (25.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 2bef9f095273db17acb2c40a8f806c73 | http://re5.fileave.com/a/ma1.txt?? || 2011-02-22 14:09:58 | avira | PHP/IRCBOT.E | 13/41 (31.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d2d111ce13d88c8e446bbcae3e54cda5 | http://re5.fileave.com/a/ma2.txt?? || 2011-02-22 14:20:18 | avira | TR/Script.75 | 23/39 (59%) | AS31727 | 79.170.40.52 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET | a05dfd7cca7771a7565a154d65f05ea2 | http://m.g-keys.com//logs/rfi/id1.txt???? || 2011-02-22 14:23:16 | avira | PHP/Small.C | 25/39 (64.1%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d360b70946117d09e407ec1487eb5618 | http://susilo.fileave.com/botasi.txt?? || 2011-02-22 13:50:03 | Avast | JS:FakeAV-M | 3/41 (7.3%) | AS6939 | 216.218.192.170 | hostmaster@he.net | US | ARIN | HURRICANE-1 | 418396e3c88a2b3fe68ced23f915fd44 | http://10daymember.co.cc/ || 2011-02-22 14:44:59 | avira | PHP/Small.Awi.1026 | 19/39 (48.7%) | AS6849 | 194.33.180.50 | vitaliy@hostpro.com.ua | UA | RIPE | HOSTPRO-NET | 4cba1db379dbe0c0e894f6e47065ac4e | http://www.ukrlaw.net/i/id.jpg? || 2011-02-22 14:45:05 | avira | HTML/ScrInject.4728 | 18/41 (43.9%) | AS3216 | 194.186.88.56 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 8e83efbf72a07f32e13769eda28004d3 | http://zimovets884.nm.ru/eqaxaboh.html || 2011-02-22 14:46:16 | avira | TR/Banker.Itau.H.2 | 17/39 (43.6%) | AS32392 | 98.131.6.1 | abuse@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | ea24f24a5c490427c01a470e89ac79af | http://agedcarefoundation.org/images/atualizar.php || 2011-02-22 14:46:16 | avira | TR/Banker.Itau.H.2 | 17/41 (41.5%) | AS31476 | 79.132.212.7 | samandi@morva.net | IR | RIPE | MORVA-NET | ea24f24a5c490427c01a470e89ac79af | http://www.tepgrp.com/files/iToken.exe || 2011-02-22 14:46:16 | trendmicro | TROJ_FAKEAV.ZIT | 4/39 (10.3%) | AS24940 | 85.10.198.70 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 530fcca3d112b2abd896ffe2b9410731 | http://westyle.ru/download/AveIconifier2.exe || 2011-02-22 14:46:16 | avira | TR/Spy.705536.7 | 26/40 (65%) | AS38700 | 115.68.15.84 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 3792925d827807c59dc6c5d3edfff062 | http://update.dr-info.co.kr/setup/setup_dr-info.exe || 2011-02-22 14:46:16 | Avast | HTML:Framer-inf | 3/40 (7.5%) | AS25847 | 207.58.177.96 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | 680fe723cd437cb7462f89bb6db5fb91 | http://dalarana.cz.cc/zfnsgkjasnjkasnmzxv.jar || 2011-02-22 14:46:24 | clamav | PUA.HTML.Crypt-8 | 1/39 (2.6%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | edcb37390f476674d180eadec5ad3f20 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/fxshell.txt?? || 2011-02-22 14:46:25 | avira | WORM/Slenfbot.akd.12 | 24/40 (60%) | AS23352 | 66.225.201.49 | abuse@servercentral.net | US | ARIN | SCN-2 | 36f942263b289885730ac8529009ee18 | http://sportskagalaksija.com/images/facebook-pic00320123561.exe || 2011-02-22 14:46:25 | avira | TR/Dldr.Code.lkz | 26/41 (63.4%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 6b525cca022c9d084fa7a14512112836 | http://tmi8.co.cc/view.php?f=49%26e=0 || 2011-02-22 14:46:25 | avira | TR/Agent.98304.ET | 36/41 (87.8%) | AS19318 | 69.10.36.178 | abuse@trouble-free.net | US | ARIN | INTERSERVER | 82b6533d38c3afde9be0c5714266c42f | http://69.10.36.178/setup45512.exe || 2011-02-22 14:46:25 | clamav | Trojan.Agent-26905 | 11/40 (27.5%) | AS11798 | 74.220.207.117 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 6f41129eb1c779bf1a00c3315e124664 | http://mynetfree.com/m/13/177/chr.exe || 2011-02-22 14:46:25 | avira | TR/FakeAV.NK.1 | 16/41 (39%) | AS21219 | 80.91.176.192 | abuse@ip.datagroup.ua | UA | RIPE | HC-DATAGROUP | 67db23e10f3a0334724546b679c0d2f4 | http://lifamyminaylio.linkpc.net/land/maindirectory/adobeflashplayerv10.0.32.20.exe || 2011-02-22 15:25:35 | avira | BDS/PHP.Agent.EI | 23/41 (56.1%) | AS46475 | 208.115.232.125 | noc@limestonenetworks.com | US | ARIN | LSN-DLLSTX-5 | e450e5d005080ae385ec5d60b6da787b | http://208.115.232.125/id || 2011-02-22 15:25:35 | avira | PHP/Pbot.A.8 | 24/39 (61.5%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 24bb2795d0b5b354e0a0ae09a0c36e9e | http://dvdshell2.atspace.com/bo.txt || 2011-02-22 15:25:35 | clamav | PHP.Id-30 | 5/41 (12.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | dfc8db2d94bcdbd5a63424fb766c4f4d | http://re5.fileave.com/id/zfxid1.txt || 2011-02-22 15:25:35 | avira | TR/Script.76 | 24/41 (58.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.188.175 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fc9a685b4cd66241b2a62e9aaa113bf7 | http://tipstravel.com.mx/administrator/components/com_users/views/users/.ganyot/open.txt || 2011-02-22 15:25:35 | undef | unknown_html | 0/39 (0.0%) | AS47328 | 83.222.126.242 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | 8028119e1c43e24ca3c9c91335a6568e | http://www.2shared.com/file/3173902/9016df42/__online.html || 2011-02-22 15:25:35 | Avast | PHP:Agent-BF | 7/41 (17.1%) | AS38930 | 87.255.55.12 | abuse@fiberring.com | NL | RIPE | NL-FIBERRING-20051107 | 70c958dbd2b50b8cef452e5c25358504 | http://www.basisberaad.nl/imguploads/temp.txt || 2011-02-22 15:25:35 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS3209 | 188.111.6.50 | abuse@arcor-ip.de | DE | RIPE | DE-ARCOR-20090120 | 493d3c720be431004253125118998a5d | http://www.ikm-network.de/kbmpro/ID-RFI.txt || 2011-02-22 15:25:35 | avira | PHP/PHPInfo.E | 20/41 (48.8%) | AS3209 | 188.111.6.50 | abuse@arcor-ip.de | DE | RIPE | DE-ARCOR-20090120 | 292dbe6e7a4e9245e72ba548df5c393a | http://www.ikm-network.de/kbmpro/pandegaid.txt || 2011-02-22 15:25:35 | avira | PHP/RemoteAdmi.6444 | 11/41 (26.8%) | AS3209 | 188.111.6.50 | abuse@arcor-ip.de | DE | RIPE | DE-ARCOR-20090120 | 73c6526d8a3825c2ac6bdbd6d2169280 | http://www.ikm-network.de/kbmpro/ver.txt || 2011-02-22 15:25:35 | avira | PHP/Small.Awi.1026 | 20/39 (51.3%) | AS6849 | 194.33.180.50 | vitaliy@hostpro.com.ua | UA | RIPE | HOSTPRO-NET | 4cba1db379dbe0c0e894f6e47065ac4e | http://www.ukrlaw.net/i/id.jpg || 2011-02-22 15:25:35 | avira | PERL/Shellbot.B.3 | 24/41 (58.5%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 0a1230ade8ed7aa2d714d685d21cf318 | http://www.tentorium-product.ru/mambots/system/ter.txt? || 2011-02-22 15:25:35 | avira | PHP/Shellbot.7642 | 28/39 (71.8%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 050aa61b080e52643680a4917e999f38 | http://www.tentorium-product.ru/mambots/system/tmp.jpg????? || 2010-12-16 08:51:02 | undef | Trojan.Win32.VBKrypt.aepf | 0/39 (0.0%) | AS11798 | 66.147.240.195 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | d3d42c8fd9e3cd4d55e47c9168996ae7 | http://www.ticketcumbia.com/ticket/ || 2011-01-19 21:27:18 | undef | Trojan-Downloader.Win32.Genome.byrk | 0/41 (0.0%) | AS36351 | 173.193.100.144 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 7e41bd80c08ec1f28334ef0529dc2a88 | http://www.directelectricalsolutions.com.au/scripts/https/new/ || 2011-02-03 16:27:15 | undef | Trojan.Heur.RP.puW@aOTQt8ci | 0/41 (0.0%) | AS29873 | 66.96.146.201 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | 95c36b46299ed92a28471c0d15fcfad6 | http://goldennumber.net/ || 2011-02-19 15:27:07 | undef | W32/Poison.A.gen!Eldorado | 0/40 (0.0%) | AS3462 | 61.220.104.123 | network-adm@hinet.net | TW | APNIC | HINET-NET | ecaa88f7fa0bf610a5a26cf545dcd3aa | http://www.matsuura5211.com/mgmt/contact/ || 2011-02-22 14:27:11 | undef | Trojan-Downloader/W32.Adload_Packed.705536 | 0/41 (0.0%) | AS23352 | 66.225.201.49 | abuse@servercentral.net | US | ARIN | SCN-2 | e1593ae2da6327b9ac683cf0d3738921 | http://sportskagalaksija.com/images/ || 2011-02-22 14:47:22 | Avast | JS:FakeAV-M | 3/41 (7.3%) | AS24940 | 188.40.135.18 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ10 | 2dc9331c512dce04e7e63b278693f0a5 | http://securityscan.square7.ch/scan/53aefec08170b2ebed981a0a86d0dbe0/ || 2011-02-22 14:47:23 | undef | Trojan.Win32.Llac.qea | 0/40 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 65f0c52ea60064e6861134b4e858ba17 | http://ppi.uz4.net/toolbar/ || 2011-02-22 14:47:50 | undef | Trojan-Downloader.Win32.VB.yow | 0/40 (0.0%) | AS32748 | 67.202.108.217 | noc@steadfast.net | US | ARIN | STEADFAST-3 | 3fa57afe14aa7e31f1fef977567a07aa | http://67.202.108.217/uploads/ || 2011-02-22 14:47:50 | undef | Trojan.Win32.Scar.dovw | 0/41 (0.0%) | AS21219 | 80.91.176.192 | abuse@ip.datagroup.ua | UA | RIPE | HC-DATAGROUP | e90017d147ba67a7277f2f7c6f063f19 | http://lifamyminaylio.linkpc.net/land/maindirectory/ || 2011-02-22 15:43:24 | Avast | Win32:Alureon-SZ | 8/39 (20.5%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | 4a2154ad9c08a3d0c94a3481cea819ac | http://ff-moedring.at/.jln6i/?getexe=drk.exe || 2011-02-22 15:43:24 | avira | TR/Crypt.ZPACK.Gen | 22/41 (53.7%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | 5f9add11ec36e92c4b8b7f6ca7eba584 | http://ff-moedring.at/.jln6i/?getexe=blogredir.exe || 2011-02-22 15:43:24 | avira | TR/Crypt.ZPACK.Gen | 21/40 (52.5%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | 7d91e62fde77df63fd995caa48cb6260 | http://ff-moedring.at/.jln6i/?getexe=kwt.exe || 2011-02-22 15:43:24 | clamav | PUA.Packed.PECompact-1 | 5/40 (12.5%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | 51ac99b7a29903cdf819a16a8b551eac | http://ff-moedring.at/.jln6i/?getexe=kaoi.exe || 2011-02-22 15:43:24 | avira | WORM/Koobface.hqf | 37/41 (90.2%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | 9413dff1c80818ac46a398b287c515cb | http://ff-moedring.at/.jln6i/?getexe=ffe32.exe || 2011-02-22 15:44:16 | trendmicro | WORM_RUCTO.SMI | 18/41 (43.9%) | AS8075 | 65.54.191.43 | abuse@msn.com | US | ARIN | MICROSOFT-1BLK | 8bd508f2c0dcbf66d3249a4a0e46dc76 | http://o640tq.bay.livefilestore.com/y1pcehwnms-j5WlG_EXFWFt1HehSwLenXL-JPftU-fWxhjdjqtKz6xvt0sVQpaS6PXcesgafk_pEEtNPIaI48GNRRmizAFO2nRQ/VIDEO9FLV82VC.scr || 2011-02-22 15:44:16 | avira | SPR/Hoax.Spycar.A.8 | 36/40 (90%) | AS2044 | 198.145.26.134 | abuse@iinet.com | US | ARIN | NET-198-145-0-0-1 | 595411611fe6b1789b91754f3365882e | http://spycar.org/Spycar_files/IE-HomePageLock.exe || 2011-02-22 15:44:16 | avira | SPR/Hoax.Spycar.A.14 | 38/41 (92.7%) | AS2044 | 198.145.26.134 | abuse@iinet.com | US | ARIN | NET-198-145-0-0-1 | e52b29f18feb37cdbafb0d5ae1b1c818 | http://www.spycar.org/Spycar_files/IE-KillProgramsTab.exe || 2011-02-22 15:44:16 | avira | SPR/Hoax.Spycar.A.10 | 35/39 (89.7%) | AS2044 | 198.145.26.134 | abuse@iinet.com | US | ARIN | NET-198-145-0-0-1 | 59853082047070e000ddbe0fa276487b | http://www.spycar.org/Spycar_files/IE-KillConnectionsTab.exe || 2011-02-22 15:44:16 | avira | TR/Crypt.FKM.Gen | 26/41 (63.4%) | AS3216 | 194.186.88.47 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | b5e37afb711a8bd39088b9af7b3d5966 | http://flashplayer.msn.land.ru/application.exe || 2011-02-22 15:44:16 | avira | TR/VB.Downloader.Gen | 20/41 (48.8%) | AS15201 | 187.17.98.51 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | ff4cc4cc8b97b6d2f1898f03bbebf069 | http://unixcomp.dominiotemporario.com/lord/anexo.zip || 2011-02-22 15:44:16 | clamav | PUA.Packed.ASPack | 11/41 (26.8%) | AS38955 | 81.19.145.85 | michael.neumann-ripe@world4you.com | AT | RIPE | WORLD4YOU-COM-01 | cefcacf0fe9b5bbc4eaf41d9eb081ba0 | http://www.gd-international.at/images/img19022011.exe || 2011-02-22 15:44:16 | clamav | PUA.Packed.ASPack | 11/41 (26.8%) | AS11388 | 216.65.1.252 | abuse-mh@peer1.com | US | ARIN | 216-65-0-0-NET | cefcacf0fe9b5bbc4eaf41d9eb081ba0 | http://xlsom.com/images/download.php?paullanoronha:08:04:22:38184337415842285 || 2011-02-22 15:44:16 | avira | TR/Drop.Agent.DK.1 | 19/41 (46.3%) | AS6939 | 216.218.192.170 | hostmaster@he.net | US | ARIN | HURRICANE-1 | eb667e8b206c45132ac9e32b0a5b6f8b | http://captainshoko.co.cc/wuauclt.exe || 2011-02-22 15:44:16 | trendmicro | WORM_RUCTO.SMI | 16/38 (42.1%) | AS27715 | 187.45.193.98 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | 8bd508f2c0dcbf66d3249a4a0e46dc76 | http://revistapublica.tempsite.ws/index.php?ID=18voce=major.grubert@hotmail.comEnviado=patricyagatagp@hotmail.com || 2011-02-22 15:44:16 | Ikarus | Email-Worm.Win32.Freetrip | 3/41 (7.3%) | AS43391 | 93.187.204.199 | | TR | RIPE | NETDIREKT-4 | 4df9daf822bdf3eca95ce0926ccf890c | http://www.oyunsitesi.com/ftp/hileler/spacecolony-OS.zip || 2011-02-22 15:44:16 | avira | TR/Crypt.XPACK.Gen | 8/39 (20.5%) | AS5483 | 195.228.254.178 | abuse@t-online.hu | HU | RIPE | SERVER-HOSTING | cfc6278a3f47aaedbcd5ef755a66779d | http://www.magyaritasok.hu/downloads/hu/commandosmission/ComBCD.exe || 2011-02-22 15:44:19 | avira | PHP/BackDoor.AR | 19/41 (46.3%) | AS4618 | 203.150.228.108 | noc@inet.co.th | TH | APNIC | INET-TH | 6e9086e921d47079d5e706f1c013449c | http://www.petloversclub.com/v01///fff/12/Ckrid2.txt??? || 2011-02-22 15:44:19 | avira | PHP/Small.C | 19/38 (50%) | AS4618 | 203.150.228.108 | noc@inet.co.th | TH | APNIC | INET-TH | 80b8d5806fa28e60a0798d5b3a24fe2e | http://www.petloversclub.com/v01///fff/12/pb.jpg?? || 2011-02-22 15:44:20 | AhnLab_V3 | Trojan/Win32.FakeAV | 8/41 (19.5%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | f465467a4857d835945a919308387121 | http://filesretail.in/crack.12345.exe || 2011-02-22 16:43:17 | undef | unknown_html | | AS25459 | 91.215.158.57 | abuse@infinitetech.eu | NL | RIPE | INFINITE-TECH-PI | d22fcb9c57052e28f42f2bcc1eae0af9 | http://www.kellycam.tk/ || 2011-02-22 16:43:17 | undef | unknown_file_MapHackTw.exe | | AS35908 | 174.139.245.194 | admin-arin@vpls.net | US | ARIN | VPLSNET | f905ef7141f3180004f1ab5a13a97b28 | http://maphack.tw/maphacktw.rar || 2011-02-22 16:43:17 | avira | JAVA/Dldr.Agent.cas | | AS29873 | 209.59.218.138 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC02 | 438e976f638991fc3965cde1ec3f71dd | http://209.59.218.138/ss.jar || 2011-02-22 16:43:17 | avira | TR/Agent.236080.A | | AS8402 | 95.31.6.185 | abuse@corbina.net | RU | RIPE | RU-CORBINA-20081010 | 4bb685db89f256ae7073e2c73e829fd6 | http://re-tracker.ru/TorrentPatcher.exe || 2011-02-22 16:43:17 | avira | TR/Crypt.CFI.Gen | | AS24940 | 78.46.102.40 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | ebf45d34b301f7c8f48fc65b200ec841 | http://nonstop.kilu.info/iBot%20Auto%20Clientless%20v8%20By%20NoN_Stop.rar || 2011-02-22 16:43:17 | undef | unknown_exe | | AS3265 | 194.109.6.92 | abuse@xs4all.nl | NL | RIPE | XS4ALL | 3b659e1ef1e544856a716433a17da61f | http://www.heijnen1.demon.nl/CheatEngine561.exe || 2011-02-22 16:43:17 | avira | TR/Dldr.Bancos.L | | AS17633 | 222.173.194.35 | ipreport@sdtele.com | CN | APNIC | CHINANET-SD | cca9b9955aa9c7ed0e75fd5206de4fce | http://222.173.194.35/fatura-janeiro.exe || 2011-02-22 16:43:17 | undef | unknown_html_RFI_shell | | AS3595 | 75.127.98.153 | abuse@gnax.net | US | ARIN | GNAXNET | 01125594c5957a7cd72a8f9b08fb29aa | http://makeupgeek.com/ || 2011-02-22 16:43:17 | avira | TR/Bifrose.njr | | AS32613 | 174.142.41.253 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 30961cd597c835b8f0a8f1796e06e428 | http://www.filetolink.com/8db76239 || 2011-02-22 16:43:17 | undef | unknown_html | | AS32613 | 174.142.41.253 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | cdf85f2dfa8458c4c12ecb5949d588ea | http://www.filetolink.com/download/?h=f0670210d93d33bb17a04c436feb0b4b&t=1298381006&f=8db76239 || 2011-02-22 16:43:17 | undef | unknown_file_UltraISO.exe | | AS4134 | 61.143.198.90 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-GD | fb721b69a9f6a8b825e185d852cdf74b | http://www.119.xdowns.com/uploadFile/2010-2/UltraISO.rar || 2011-02-22 16:43:17 | undef | unknown_file_UltraISO.exe | | AS23650 | 218.93.127.235 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 28fc3cdacb8253a0369ebaf8eb57d04c | http://www.xdowns.com/soft/xdowns2009.asp?softid=54865&downid=21&id=57703 || 2011-02-22 16:43:17 | Avast | HTML:Framer-inf | 3/41 (7.3%) | AS25847 | 207.58.177.96 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | 680fe723cd437cb7462f89bb6db5fb91 | http://gawghc.cz.cc/a/drkmjnatxzipi.jar || 2011-02-22 16:43:17 | eSafe | Win32.Banker | 3/40 (7.5%) | AS36351 | 173.192.200.194 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 222d83125d37488cb311e6c64fc8713c | http://vitalyk.com/Spider_Player_2.5.3.zip || 2011-02-22 16:43:19 | avira | SPR/PHP.ID | 17/41 (41.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.92 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | c0fbb1f43b2e68f03c3c0273b5155b63 | http://cyberpersib.net/my/.logx? || 2011-02-22 16:43:19 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.92 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 9fab793d0b3394244620c9f828071132 | http://cyberpersib.net/my/.logz? |+---------------------+---------------+--------------------------------------------+---------------+---------------------------------------+-----------------+------------------------------------+---------+--------+-------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+206 rows in set (0.02 sec)
+---------------------+------------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+---------------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+---------------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-22 17:28:00 | Panda | Suspicious file | 1/39 (2.6%) | AS6760 | 77.79.9.191 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 6a14b6cdebc17a653d1f9ed09f87496e | http://77.79.9.191/service/scripts/files/aff_50029.dll || 2011-02-22 17:28:00 | undef | unknown_html | 0/38 (0.0%) | AS47328 | 212.124.113.83 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | bbb2fa323ebb73a6f94b5b2d2d6ff25f | http://acholer.com/load.php?file=grabbers || 2011-02-22 16:56:06 | avira | PHP/Pastie.637 | 14/41 (34.1%) | AS21844 | 74.52.30.129 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8640020e7254fa5fe434ce8ed181875c | http://omalihospital.com/site/files/bbcode/id????????? || 2011-02-22 16:56:03 | avira | PHP/Shellbot.7642 | 30/41 (73.2%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 050aa61b080e52643680a4917e999f38 | http://tentorium-product.ru/mambots/system/tmp.jpg? || 2011-02-22 17:42:54 | BitDefender | Gen:Heur.MSIL.Krypt.2 | 3/41 (7.3%) | AS6939 | 216.218.192.170 | hostmaster@he.net | US | ARIN | HURRICANE-1 | f5fb23878341099a3eed877d51e2b580 | http://captainshoko.co.cc/csrss.exe || 2011-02-22 17:42:54 | Antiy_AVL | Backdoor/Win32.BotNet.gen | 9/40 (22.5%) | AS6939 | 216.218.192.170 | hostmaster@he.net | US | ARIN | HURRICANE-1 | b7e1e38097d8c5e028284278963772da | http://captainshoko.co.cc/ctfmon.exe || 2011-02-22 17:43:36 | clamav | PUA.Packed.PECompact-1 | 10/40 (25%) | AS9318 | 211.110.206.123 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 3c52f84e41901d6a366ffa94b0f2343e | http://hanaro.minisearch.co.kr/Update22/Setup.exe || 2011-02-22 17:43:36 | avira | TR/ATRAPS.Gen | 21/40 (52.5%) | AS24940 | 78.46.81.70 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | b21c6448f7f5765ad007ee8c94d6a4bc | http://kejora2u.com/sudaneseonline.scr || 2011-02-22 17:43:36 | avira | TR/Drop.JavDrop.dr | 18/41 (43.9%) | AS174 | 205.196.123.23 | derek@linkrightllc.com | US | ARIN | LINKRIGHT-HOU-1 | 0df3aedb564e53490dab140316b34f1a | http://download1335.mediafire.com/6rr8gid74gog/5o2or57z4oosm6a/Host.exe || 2011-02-22 17:43:36 | avira | TR/Drop.JavDrop.dr | 18/41 (43.9%) | AS174 | 205.196.120.8 | derek@linkrightllc.com | US | ARIN | LINKRIGHT-HOU-1 | 0df3aedb564e53490dab140316b34f1a | http://www.mediafire.com/?5o2or57z4oosm6a || 2011-02-22 17:43:36 | avira | TR/Dldr.Adload.rrq | 24/38 (63.2%) | AS12314 | 212.42.63.218 | root@ropnet.ru | RU | RIPE | RU-ROPNET-990301 | 6b84b887a561af5bcddc93b635ed83d6 | http://dl.playground.ru/DB4/4/1/Russificator_Devil_May_Cry_3_-_Special_Edition.exe || 2011-02-22 17:43:36 | Norman | AutoIt.GC | 3/41 (7.3%) | AS44066 | 212.224.124.162 | abuse@first-colo.de | DE | RIPE | DE-FIRSTCOLO-20071105 | c575abf6a5281129e3feb846ff4439e8 | http://free.piroxbots.com/downloads2/full/PiroX.Bot.beta.7.2.8v4.rar || 2011-02-22 17:43:36 | AVG | VB.AQGK | 10/40 (25%) | AS4766 | 218.145.31.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | a17b1ef04b0eafe9792eaae3c54fe859 | http://218.145.31.156/~byc/joeunclass/provisoup.exe || 2011-02-22 17:43:36 | Ikarus | Trojan-Downloader.Java.OpenConnection | 3/40 (7.5%) | AS26496 | 72.167.232.229 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | a4d6bd98ab53599a7b9c2a8665459f4c | http://www.highviewepc.com/config.jar || 2011-02-22 18:15:39 | avira | PHP/PHPShell.G | 7/40 (17.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 950e667d26ba6fe83dcbda123d2b1f9e | http://re5.fileave.com/id/id1.txt?? || 2011-02-22 18:14:32 | avira | TR/Script.76 | 24/41 (58.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.188.175 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | fc9a685b4cd66241b2a62e9aaa113bf7 | http://tipstravel.com.mx/administrator/components/com_users/views/users/.ganyot/open.txt? || 2011-02-22 18:14:36 | avira | PHP/BackDoor.AR | 33/40 (82.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.188.175 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 7b8c7f86c4b932222675de24b5c41657 | http://tipstravel.com.mx/administrator/components/com_users/views/users/.ganyot/close.txt?? || 2010-12-15 22:06:02 | undef | W32/MalwareF.IRXZ | 0/40 (0.0%) | AS2914 | 198.170.119.119 | abuse@ntt.net | US | ARIN | NTTA-198-170 | 0636b3a5a0936dc1abc756e13f938cb6 | http://www.compuphase.nl/pawn/ || 2010-12-21 10:15:45 | undef | Trojan.Agent/Gen-NumTemp | 0/41 (0.0%) | AS13768 | 76.74.154.7 | ipadmin@serverbeach.com | US | ARIN | PEER1-SERVERBEACH-07A | 7a3e30a6fda3882d5f19357d9788a823 | http://www.any-sound-recorder.com/ || 2011-02-22 15:27:23 | undef | W32/Trojan2.KAYX | 0/40 (0.0%) | AS21844 | 74.53.39.103 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d298fa0c0649b17e070be90bb9aa9bbd | http://akindustries.org/test/ || 2011-02-22 16:27:08 | undef | Trojan.Heur.PT.tmZ@ba!dB4ei | 0/41 (0.0%) | AS35908 | 174.139.245.194 | admin-arin@vpls.net | US | ARIN | VPLSNET | d0bb30992b2764b8d4aea486905e18f3 | http://maphack.tw/ || 2011-02-22 16:27:09 | undef | W32/SuspPack.BB.gen!Eldorado | 0/38 (0.0%) | AS8402 | 95.31.6.185 | abuse@corbina.net | RU | RIPE | RU-CORBINA-20081010 | 13f1c78d9bbcbf586f074cbbc3868546 | http://re-tracker.ru/ || 2011-02-22 18:44:03 | avira | PHP/PHPInfo.E | 20/41 (48.8%) | AS3209 | 188.111.6.50 | abuse@arcor-ip.de | DE | RIPE | DE-ARCOR-20090120 | 292dbe6e7a4e9245e72ba548df5c393a | http://www.ikm-network.de/kbmpro/pandegaid.txt? || 2011-02-22 18:45:21 | avira | SPR/MySS.A.4 | 6/40 (15%) | AS32392 | 96.0.146.92 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING-2009 | 86f485786a5fe02c5d62970ca4e27324 | http://www.download-drivers.org/download/driverdetective.exe || 2011-02-22 18:45:21 | ClamAV | Trojan.Downloader-96680 | 11/41 (26.8%) | AS4134 | 61.153.183.99 | anti_spam@mail.huptt.zj.cn | CN | APNIC | SHANGHAI-TIANYOU-LTD | 5ce4d36261712fb536012ae8a7694798 | http://patch7.ali213.net/2010/ultraiso9.3.6.2750.rar || 2011-02-22 18:45:21 | avira | TR/PSW.Agent.tpl | 30/41 (73.2%) | AS38640 | 175.28.48.11 | tech-sales@crust.co.jp | JP | APNIC | CRUST-AS | 443a1c50720fb43b3af9c2c9536601b9 | http://www9.uploda.tv/v/uptv0006775.rar || 2011-02-22 18:45:21 | AVG | Worm/Generic2.AJQN | 23/39 (59%) | AS15435 | 217.23.14.56 | abuse@customerpanel.nl | NL | RIPE | NL-WORLDSTREAM-20090204 | a6c215ed11970ac6d95a2a566ff0679b | http://piracylovers.co.cc/ready.exe || 2011-02-22 18:45:27 | trendmicro | TROJ_DLOADR.AABF | 10/41 (24.4%) | AS3356 | 62.67.4.106 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 2d568e907ade9881e6d0febbbcee181e | http://rs905l32.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/39 (25.6%) | AS3356 | 62.67.5.106 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 2d568e907ade9881e6d0febbbcee181e | http://rs905l33.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/39 (25.6%) | AS3356 | 62.67.6.106 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 2d568e907ade9881e6d0febbbcee181e | http://rs905l34.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/39 (25.6%) | AS6453 | 80.231.211.106 | hamzaoui@seri-net.com | DZ | RIPE | SERI-NET-TGB | 2d568e907ade9881e6d0febbbcee181e | http://rs905tg.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/39 (25.6%) | AS1299 | 80.239.251.106 | abuse@telia.com | DE | RIPE | DE-TERASPACE | 2d568e907ade9881e6d0febbbcee181e | http://rs905tl2.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/41 (24.4%) | AS1299 | 80.239.246.106 | abuse@telia.com | DE | RIPE | DE-TERASPACE | 2d568e907ade9881e6d0febbbcee181e | http://rs905tl3.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 9/41 (22%) | AS1299 | 80.239.177.106 | abuse@telia.com | DE | RIPE | DE-TERASPACE | 2d568e907ade9881e6d0febbbcee181e | http://rs905tl4.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:45:28 | trendmicro | TROJ_DLOADR.AABF | 10/39 (25.6%) | AS1299 | 80.239.250.106 | abuse@telia.com | DE | RIPE | DE-TERASPACE | 2d568e907ade9881e6d0febbbcee181e | http://rs905tl.rapidshare.com/files/449131149/lodicon || 2011-02-22 18:56:52 | avira | PHP/IRCBOT.JB.1 | 17/39 (43.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d18f222331429e6fa385e3befa6485cc | http://barner.fileave.com/kuncung.txt??? || 2011-02-22 18:27:09 | trendmicro | Possible_SCRDL | 13/41 (31.7%) | AS15435 | 217.23.14.56 | abuse@customerpanel.nl | NL | RIPE | NL-WORLDSTREAM-20090204 | 4021c095c9fb12b019c38679a06a62e0 | http://piracylovers.co.cc/ || 2011-02-22 18:27:10 | undef | Adware.Agent/Gen-KRPEC-Gen | 0/41 (0.0%) | AS24940 | 78.46.81.70 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 7e68b6c70f470c6bb21b9488d3854106 | http://kejora2u.com/ || 2011-02-22 18:27:10 | avira | TR/Drop.JavDrop.dr | 15/39 (38.5%) | AS174 | 205.196.123.23 | derek@linkrightllc.com | US | ARIN | LINKRIGHT-HOU-1 | 0df3aedb564e53490dab140316b34f1a | http://download1335.mediafire.com/6rr8gid74gog/5o2or57z4oosm6a/ || 2011-02-22 18:27:11 | undef | Trojan-Dropper.Win32.JavDrop.dr | 0/39 (0.0%) | AS12314 | 212.42.63.218 | root@ropnet.ru | RU | RIPE | RU-ROPNET-990301 | 53c2ff9d6385be56db92c33c7ba7c4d2 | http://dl.playground.ru/DB4/4/1/ || 2011-02-22 18:27:12 | undef | Adware:W32/Adsubscribe.A | 0/39 (0.0%) | AS4766 | 218.145.31.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | c78cfc07fb942e4ce15f2504ef609add | http://218.145.31.156/~byc/joeunclass/ || 2011-02-22 19:41:38 | Microsoft | Adware:Win32/OpenCandy | 1/40 (2.5%) | AS24940 | 178.63.83.131 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | 6bb172ef7dd31ec30d7bdc9aed22d40d | http://www.cdburnerxp.se/downloadsetup.exe || 2011-02-22 19:41:39 | Microsoft | Adware:Win32/OpenCandy | 1/41 (2.4%) | AS36351 | 174.37.194.130 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-7 | 6bb172ef7dd31ec30d7bdc9aed22d40d | http://ember.cdburnerxp.se/cdbxp_setup_4.3.8.2474.exe || 2011-02-22 19:42:00 | avira | TR/Dropper.Gen | 14/39 (35.9%) | AS21844 | 74.53.39.103 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 48c7c09dba15d9f8e4fdc076b43b1263 | http://akindustries.org/test/36.exe || 2011-02-22 19:42:00 | avira | TR/Dropper.Gen | 14/38 (36.8%) | AS21844 | 74.53.39.103 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 7cec81446c408b3bf558acc546adea83 | http://akindustries.org/test/78.exe || 2011-02-22 19:42:00 | Ikarus | Hoax.Win32.VB | 3/41 (7.3%) | AS21844 | 74.53.39.103 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 7f8a8b8281f8d48284435b82b0e5920f | http://akindustries.org/test/a.exe || 2011-02-22 19:42:04 | undef | unknown_exe | 0/41 (0.0%) | AS13768 | 76.74.154.7 | ipadmin@serverbeach.com | US | ARIN | PEER1-SERVERBEACH-07A | 75e39b31720aa1644b27157b469d4810 | http://www.any-sound-recorder.com/anycapturescreen.exe || 2011-02-22 19:42:05 | undef | unknown_exe | 0/41 (0.0%) | AS13768 | 76.74.154.7 | ipadmin@serverbeach.com | US | ARIN | PEER1-SERVERBEACH-07A | 146048d1f700b6c84b14f01894d031d9 | http://www.tuneclone.com/tuneclone_setup.exe || 2011-02-22 19:42:40 | avira | DR/Genome.kpn.2 | 14/40 (35%) | AS4134 | 59.60.21.163 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 4044907f1d9b4b03898350da3694b80d | http://www.pzz.cn/soft/flashboot.rar || 2011-02-22 19:42:40 | Avast | HTML:Downloader-W | 6/39 (15.4%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | afe30add0e8772bf0b6ac3c4113b3b8c | http://www.freewebtown.com/bjalalay/KKKKK.htm || 2011-02-22 19:42:40 | Antiy_AVL | Worm/Win32.Polip.gen | 3/40 (7.5%) | AS17908 | 59.160.230.137 | ip.admin@vsnl.co.in | IN | APNIC | TATACOMM-IN | f3aa5c1132e1e091d21e3bc83ed69cf1 | http://depository.religare.in/fortissecurities/Server31Diet.exe || 2011-02-22 20:43:17 | AhnLab_V3 | Trojan/Win32.Refroso | 18/38 (47.4%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 447406268f96cc141aee0ade2df55ecf | http://www.freewebtown.com/bjalalay/DDDD.exe || 2011-02-22 20:43:45 | trendmicro | WORM_RUCTO.SMI | 21/41 (51.2%) | AS27715 | 187.45.195.33 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | 8bd508f2c0dcbf66d3249a4a0e46dc76 | http://videosflagrantes.tempsite.ws/index.php?ID=1voce=gravetotk8@hotmail.comEnviado=biancasoletti@hotmail.com || 2011-02-22 20:43:45 | avira | TR/Generic.1743900 | 24/41 (58.5%) | AS7643 | 123.30.54.55 | abuse@vnn.vn | vn | APNIC | VDC-NET | 8bfa325db24cd8b3ad11d3d26585d591 | http://dl2.softvnn.net:88/11/playboy6006/software/Keygen-Patch/WinRar_3.90_Keygen_Softvnn.com.rar || 2011-02-22 20:43:45 | avira | TR/Dropper.Gen | 3/37 (8.1%) | AS34788 | 85.13.132.170 | ip@all-inkl.com | DE | RIPE | DE-ALL-INKL-20050405 | ddf52dd764dab5d6a9d9458259a6a363 | http://zerael.de/files/kraeutersuche.zip || 2011-02-22 20:43:45 | AntiVir | HEUR/Malware | 11/41 (26.8%) | AS15201 | 200.98.197.68 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | ed0dc2cb3e6a871bd190b109c932978d | http://manamaus.dominiotemporario.com/new/anexo.zip || 2011-02-22 20:43:45 | AVG | VB.AQJM | 5/37 (13.5%) | AS174 | 38.100.19.105 | abuse@cogentco.com | US | ARIN | PSINETA | ca02ec12a0bb922b386e20b793b78fb7 | http://dowmloadsx01.webng.com/ || 2011-02-22 20:43:45 | AVG | VB.AQJM | 5/41 (12.2%) | AS9931 | 61.19.248.20 | abuse@idc.cattelecom.com | TH | APNIC | CAT-IDC-Service | ca02ec12a0bb922b386e20b793b78fb7 | http://strek.co.th/sitebuilder/Photos1702E.zip || 2011-02-22 20:43:45 | avira | BDS/Small.AC | 31/38 (81.6%) | AS10439 | 216.75.1.230 | complaints@cari.net | US | ARIN | CARINET-4 | 323b372de2ee3998a9d0ee4e33184279 | http://www.metasploit.com/data/shellcode/win32_reverse.exe || 2011-02-22 20:43:45 | BitDefender | Gen:Trojan.Heur.UT.fq1@b8WMWIbk | 5/41 (12.2%) | AS13238 | 93.158.134.83 | abuse@yandex.ru | RU | RIPE | YANDEX-134-0 | 9765a70fdbf546f84e35926ed8064041 | http://issa-agent.narod.ru/dl/exe/3.0/issa-agent-setup.exe || 2011-02-22 20:47:04 | undef | Trojan.Generic.1801886 | 0/40 (0.0%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | a4cd46eed166d813c61240374e3aa76a | http://www.freewebtown.com/bjalalay/ || 2011-02-22 21:43:20 | AhnLab_V3 | Spyware/Win32.Suspicious | 15/41 (36.6%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 127f70f162d850296798d85095d6b87d | http://www.cresotech.com/ftp/t-rec.exe || 2011-02-22 21:43:20 | avira | BDS/Small.jxt | 12/40 (30%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 209.85.106.36 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-15 | f676673deb062f742238a5f754a2faa0 | http://www.jaedernaub.com/JaederNaub2.2.4g_Experimental.zip || 2011-02-22 21:43:20 | Avast | Win32:Dropper-gen | 6/41 (14.6%) | AS24940 | 78.46.69.51 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 43d1d88c81170440e07d7fe96ef0ab91 | http://www.darkgalaxygates.ru/Dark_AutoLoginer_Setup.exe || 2011-02-22 21:43:23 | clamav | Trojan.FakeAV.DRW | 10/41 (24.4%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | a86a810c28205d48e99a9e54ff553dbe | http://66.96.205.136/New-Video-Addon.48134.exe || 2011-02-22 21:43:23 | AVG | Generic21.STI | 5/38 (13.2%) | AS174 | 82.129.33.152 | abuse@cogentco.com | DE | RIPE | PA-TERASPACE-COGENT-4 | 6e6697d911a09f3482691ac5df95716a | http://rs551cg.rapidshare.com/files/449240711/jicon || 2011-02-22 21:43:23 | AVG | Generic21.STI | 5/41 (12.2%) | AS3356 | 195.122.151.152 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 6e6697d911a09f3482691ac5df95716a | http://rs551l32.rapidshare.com/files/449240711/jicon || 2011-02-22 21:43:23 | AVG | Generic21.STI | 5/41 (12.2%) | AS3356 | 195.122.152.152 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 6e6697d911a09f3482691ac5df95716a | http://rs551l33.rapidshare.com/files/449240711/jicon || 2011-02-22 21:43:23 | AVG | Generic21.STI | 5/40 (12.5%) | AS6453 | 80.231.24.152 | bchang@teraspace.de | DE | RIPE | TERASPACE-TATAC | 6e6697d911a09f3482691ac5df95716a | http://rs551tg.rapidshare.com/files/449240711/jicon || 2011-02-22 21:43:23 | trendmicro | TROJ_DLOADR.AABF | 7/41 (17.1%) | AS3356 | 62.67.3.106 | abuse@eu.level3.net | de | RIPE | TERASPACE-GMBH | 2d568e907ade9881e6d0febbbcee181e | http://rs905l3.rapidshare.com/files/449131149/lodicon || 2011-02-22 21:43:24 | avira | TR/Dldr.Renos.MJ.43 | 33/41 (80.5%) | AS36351 | 74.86.149.112 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 339f1387cb6006eed0fe04b8a3d24df6 | http://www.expireddomaingains.com/paa/flash2010-to-play.exe || 2011-02-22 21:47:56 | avira | PHP/IRCBOT.A | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 604201307adeab3f40a06b31bff68083 | http://anak2.fileave.com/php.txt?? || 2011-02-22 20:47:06 | undef | Trojan.Win32.Buzus.gwud | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | e1e217f00556ff060a5cbae093a2d799 | http://www.cresotech.com/ftp/ || 2011-02-22 21:27:07 | undef | W32/MalwareF.LZJM | 0/41 (0.0%) | AS13749, AS21844, AS30315, AS36420 | 74.54.176.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 1ea1a99f4845caef48fd7710de254c41 | http://www.micirugiaencolombia.com/ || 2011-02-22 21:47:07 | undef | Trojan.Win32.VBKrypt.bons | 0/41 (0.0%) | AS36351 | 74.86.149.112 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 7534883345101b4bdf7d2af193daf08d | http://www.expireddomaingains.com/paa/ || 2011-02-22 22:44:10 | avira | TR/MonaGray.BH | 11/41 (26.8%) | AS7643 | 222.255.28.220 | abuse@vnn.vn | vn | APNIC | VDC-NET | e036ada9c1c1b1a188b23af3b76d0e18 | http://www.download.com.vn/Data/Soft/2009/09/09/HKS_Download.com.vn.zip || 2011-02-22 22:44:10 | AntiVir | HEUR/Malware | 4/39 (10.3%) | AS46475 | 74.63.243.194 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-3 | 6e96487b9b6240d76bf0ed65e1c9e33d | http://www.videos-donwloads.com/Videos-Cable.exe || 2011-02-22 22:44:10 | Antiy_AVL | Trojan/Win32.Zbot.gen | 13/41 (31.7%) | AS19916 | 69.94.113.220 | abuse@support.olm.net | US | ARIN | TRUM-0001 | 25ef9cca69cf1cfb34f017edb29a58f2 | http://www.gammadyne.com/rwg.exe || 2011-02-22 22:44:10 | Antiy_AVL | AdWare/Win32.MyWay.gen | 8/41 (19.5%) | AS22822 | 87.248.217.254 | guy@llnw.com | EU | RIPE | LLNW-EU-2 | a36b6f38586775565bac0fbc1cc61be5 | http://cdn1.sourcemirror.info/binstallers/puredef/PureDefMusicToolbarSetup.exe || 2011-02-22 22:44:10 | avira | TR/Dropper.Gen | 26/41 (63.4%) | AS15201 | 200.98.197.74 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 4a80b2eef4e8bd5011bc1323f3eba460 | http://langeness.com/download/flashplayer10_2_p2_plugin_011011.exe || 2011-02-22 22:44:10 | avira | TR/Dldr.Agent.fvtg | 7/40 (17.5%) | AS16276 | 188.165.242.192 | abuse@ovh.net | FR | RIPE | OVH | 4bef95c0bfccf7c9efe84fb5a056fc8d | http://download.toggle.com/installers/out/en/37/www.toggle.com/en/28/c4/233c6b0ad6869278a16272415060/installer_sas_zombie_assault_2_-_insane_asylum_sas_zombie_assault_2__insane_English.exe || 2011-02-22 22:44:10 | avira | TR/Agent.gxzq | 30/41 (73.2%) | AS45753 | 111.68.9.252 | network@apacserver.com | HK | APNIC | APACSERVER-HK | f5d12cb3260fc93cae1d9d67aa6b5865 | http://www.yunkaisoft.co.cc/down/hosts.rar || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | e7712c04494735f4f70ec0befb057c27 | http://www.cresotech.com/ftp/cloudland.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 7276b4c280aa73a999b76c09b2a71f6d | http://www.cresotech.com/ftp/colorland.exe || 2011-02-22 23:12:43 | Symantec | Suspicious.Insight | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 2bc397934d5c0024502269662fef4302 | http://www.cresotech.com/ftp/convert-it-de.exe || 2011-02-22 23:12:43 | Symantec | Suspicious.Insight | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 2bc397934d5c0024502269662fef4302 | http://www.cresotech.com/ftp/convert-it.exe || 2011-02-22 23:12:43 | Rising | Suspicious | 1/40 (2.5%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | af50a3400fe39c6c05a002f8f7da2822 | http://www.cresotech.com/ftp/convert-it-palmrus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | db44124114204d6806f6c81d5ce40242 | http://www.cresotech.com/ftp/convert-itrus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 36bfdb76aac339fe33b18d1e6be8cacd | http://www.cresotech.com/ftp/desktopsafe.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 1d06e5bc0421701861b8d207fbdd6503 | http://www.cresotech.com/ftp/easystart.exe || 2011-02-22 23:12:43 | Comodo | TrojWare.Win32.Trojan.StartPage.dcr2 | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 5d1985f6fbf12561675d206cc5467680 | http://www.cresotech.com/ftp/euroconv-de.exe || 2011-02-22 23:12:43 | Symantec | Suspicious.Insight | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | c55d516bc8a7936c62e3631578c8df86 | http://www.cresotech.com/ftp/fairytaleparade11.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | b99a67ff0895d68151b553ea6db06be6 | http://www.cresotech.com/ftp/fairytaleparade22.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 637f3cc1ac6fd74d7bdb876c9fbda160 | http://www.cresotech.com/ftp/flowermoods1.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | e03972fb8ad83e51714a6983825edaad | http://www.cresotech.com/ftp/flowermoods2.exe || 2011-02-22 23:12:43 | Sophos | Sus/Behav-1005 | 1/41 (2.4%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 3797b36848045c5716d8bee65944d520 | http://www.cresotech.com/ftp/imagetree.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 608d4c432dce2358037fe54c5bb90abf | http://www.cresotech.com/ftp/kolobok.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 7c8be62b99bb190e0df6879ab41e3c65 | http://www.cresotech.com/ftp/kolobokplayer.exe || 2011-02-22 23:12:43 | Symantec | Suspicious.Insight | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | ff433952fb7df59d85090dc7648b1b39 | http://www.cresotech.com/ftp/mugsgame.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | b80df462f7a946fd4cbea03a74d33cc6 | http://www.cresotech.com/ftp/natureland.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 7de92111ad3a9a0d2d859bd98534ec2f | http://www.cresotech.com/ftp/nightmystery1.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 7262281314337e711bf6dc9b3d5fe593 | http://www.cresotech.com/ftp/nightmystery2.exe || 2011-02-22 23:12:43 | Symantec | Suspicious.Insight | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 32b43d9739f9dfc1801728f1d3edacae | http://www.cresotech.com/ftp/photopoint.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 3898fe182b6c32a58dee5ee5759db41c | http://www.cresotech.com/ftp/photopointskins.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 6e22efdd2cd2b4413300686ceae4a15d | http://www.cresotech.com/ftp/photoscreen_altname.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 6e22efdd2cd2b4413300686ceae4a15d | http://www.cresotech.com/ftp/photoscreen.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | d3a72ee51ad480b2af7dc6cdf314aa39 | http://www.cresotech.com/ftp/pocketlance.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 6a126c85913d75b9e2fe9f3ca417e44c | http://www.cresotech.com/ftp/pocketlancerus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 1c8ef2f01ebb9d177d2d761afaaf099d | http://www.cresotech.com/ftp/pocketlance_sdk.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 2707208abcb89fd6790346db072360fa | http://www.cresotech.com/ftp/pocketpoint-de.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 2707208abcb89fd6790346db072360fa | http://www.cresotech.com/ftp/pocketpoint.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/40 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | c479bec9fa02fdeba203dc3ef68efcc9 | http://www.cresotech.com/ftp/pocketpointrus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 50097eca0f37cee91e5dcc493d32bf47 | http://www.cresotech.com/ftp/pocketsafe-de.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 50097eca0f37cee91e5dcc493d32bf47 | http://www.cresotech.com/ftp/pocketsafe.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | f83fa7c34ae7828edfd19cb04d799028 | http://www.cresotech.com/ftp/pocketsaferus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 73848d8b4614157bdf4c192483eb34ac | http://www.cresotech.com/ftp/reportgen.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 7564b1c1a830744aad909261b349fd70 | http://www.cresotech.com/ftp/setupbasepartners.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | b6637b3cb316940a395e4ecafdc1657c | http://www.cresotech.com/ftp/setupbasepartners_withoutbde.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 75ec169c18b5dc4344f43c4bda585535 | http://www.cresotech.com/ftp/setupbuhblank.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | da632d02bda9f0c0aaff14d7ef9ea238 | http://www.cresotech.com/ftp/setupbuhblank_withoutbde.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | d96e0551e39a99775d3393022adeb788 | http://www.cresotech.com/ftp/setup_net.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/38 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 756def4903299915206a6bad275ef1be | http://www.cresotech.com/ftp/setup_net_rus.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 6462d48c34b1828348a093d0dfe7ce8a | http://www.cresotech.com/ftp/setuptimetable.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/41 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | fda10c4c1cd75751c1b96fe5d68ce3fe | http://www.cresotech.com/ftp/timetable.exe || 2011-02-22 23:12:43 | undef | unknown_exe | 0/39 (0.0%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | 4a73bb2fdf27a7b0b2f42477dbbf4552 | http://www.cresotech.com/ftp/townfaces.exe || 2011-02-22 23:12:43 | Comodo | TrojWare.Win32.TrojanDropper.Microjoin.ghq | 10/41 (24.4%) | AS15497 | 62.149.16.91 | abuse@colocall.net | UA | RIPE | COLO-CC4 | e621669e391c611bab4f78580b5291ac | http://www.cresotech.com/ftp/undercover.exe || 2011-02-22 23:13:07 | avira | TR/FakeAV.twk | 33/40 (82.5%) | AS32181 | 69.65.40.26 | ip-admin@coloquest.com | US | ARIN | IPNAP | aa7777e47fdd54343d6fb3df9df1814c | http://www.bigtitzsarena.com/ftp123.exe || 2011-02-22 23:13:07 | avira | BDS/Bifrose.ZXE | 33/41 (80.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8de0bd79ba5217919259147043233eab | http://h1.ripway.com/LoginSpoofer/Login%20Spoofer.rar || 2011-02-22 23:13:07 | avira | TR/Dropper.Gen | 37/41 (90.2%) | AS14778 | 68.180.151.76 | network-abuse@cc.yahoo-inc.com | US | ARIN | A-YAHOO-US6 | cc4153345ff1eb1f5ae5a69c20ad19df | http://onlmg.com/photos.php?=c.gerke84@hotmail.de || 2011-02-22 23:13:07 | avira | TR/Dldr.Agent.foyu | 25/41 (61%) | AS32244 | 67.43.13.244 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-1 | e8dac77acc463464600d638cb9dcc62c | http://download.kyrion.in/Cactus.exe || 2011-02-22 23:13:07 | avira | TR/Dropper.Gen | 16/41 (39%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | 6a86c3b54a52fb15e20aa9443d8f0ed6 | http://zalil.ru/30530820/45d0d27c.4d64c330/GetIcons.exe || 2011-02-22 23:13:07 | undef | unknown_html | 0/41 (0.0%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | c550a6bc3e6dc0a368234c0cc9c0aa53 | http://zalil.ru/30530820 || 2011-02-22 23:40:02 | Avast | Win32:Buzus-ANT | 6/41 (14.6%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 782141f1cb8e2915df4ef5bddbf6caae | http://tmi8.co.cc/files/51 || 2011-02-22 23:40:03 | avira | WORM/Yahos.xr | 17/41 (41.5%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | bd549d121deb4008f19ffcb051939500 | http://tmi8.co.cc/files/50 || 2011-02-22 23:40:03 | Microsoft | VirTool:Win32/Obfuscator.JL | 5/41 (12.2%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 6d0280e992c9eaacec6606e921c23794 | http://tmi8.co.cc/files/49 || 2011-02-22 23:40:03 | Kaspersky | Trojan-Downloader.Win32.Agent.fwel | 3/41 (7.3%) | AS50877 | 195.80.151.93 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 7faf37749487ba20a2d16794bfa409b2 | http://tmi8.co.cc/files/48 || 2011-02-22 23:40:03 | avira | TR/FakeAV.LO | 20/39 (51.3%) | AS42708 | 193.105.134.49 | info@swedendedicated.com | SE | RIPE | SWEDENDEDICATED-NET | 5416cca04f2ef1f7fcd55686a7c79545 | http://topwinupdates.com/download/test.exe || 2011-02-22 23:40:03 | avira | WORM/Autorun.cbwh | 31/41 (75.6%) | AS24730 | 81.173.18.21 | abuse@netholding.nl | NL | RIPE | NL-KYRA | b244aab8ef932593c19a5034e4f186bb | http://dickolsthoorn.nl/dn.exe || 2011-02-22 23:40:03 | avira | TR/Crypt.XPACK.Gen2 | 5/39 (12.8%) | AS21793 | 76.76.116.174 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 2d57375a772de757dce9c925d2c30a3b | http://76.76.116.174/?do=getexe || 2011-02-22 23:40:03 | clamav | Trojan.FakeAV.DRW | 12/41 (29.3%) | AS36351 | 74.86.149.112 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | ada00833688f8dfc7112d9006d07b1c3 | http://expireddomaingains.com/paa/flash2010-to-play.exe || 2011-02-22 23:40:03 | BitDefender | Gen:Variant.Kazy.13336 | 4/38 (10.5%) | AS51441 | 91.217.162.113 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | e5b535f99935ad0a72b2b3b02f9bdc00 | http://r-promofile.info/1-1.exe || 2011-02-22 23:40:03 | clamav | Trojan.FakeAV.DRW | 12/41 (29.3%) | AS19318 | 64.20.37.37 | network@interserver.net | US | ARIN | NJIIX | 6ae4d66eb1d75c22bc0ee1cbbfaa7c21 | http://64.20.37.37/video-plugin.1337.exe || 2011-02-22 22:27:10 | undef | W32/MyWeb.D | 0/39 (0.0%) | AS15201 | 200.98.197.74 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 72043bc2d30b9147218e061c6c5fb6f9 | http://langeness.com/download/ || 2011-02-22 22:27:12 | undef | Trojan.Win32.Agent.gxzq | 0/41 (0.0%) | AS31122 | 80.93.26.13 | abuse@digiweb.ie | IE | RIPE | WEBCORE-HOSTING | 9a776161089762c6f3a2266f26627056 | http://lifestyle.ie/ || 2011-02-23 00:35:21 | trendmicro | TROJ_PIDIEF.SMZB | 16/41 (39%) | AS30083 | 69.64.63.220 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | 67babef43d4bcf6c74e64b65a8c40f3a | http://dwnsft189.co.cc/eoblhqklxzizfzj.pdf || 2011-02-23 00:35:21 | McAfee_GW_Editio | Heuristic.BehavesLike.JS.Infected.D | 1/39 (2.6%) | AS24940 | 88.198.248.105 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20051227 | b2428b58249d764e1bd438baa81045ec | http://www.searchcurve.com/ || 2011-02-23 00:35:21 | undef | unknown_html | 0/39 (0.0%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 03d3150c22c10a1d86d65623abcaa20a | http://h1.ripway.com/Kell || 2011-02-23 00:35:21 | AVG | Delf.VEZ | 10/41 (24.4%) | AS30266 | 64.6.106.194 | poc@a1colo.com | US | ARIN | A1COLO | 857a46fab04c6a9f34f08d7a38d87c11 | http://www.gamescheatdirectory.com/downloads/trainers/Call%20of%20Duty%20Black%20Ops/Call%20of%20Duty%20-%20BlackOps%20v1.1%20%2B%207%20Trainer.rar || 2011-02-23 00:35:21 | avira | TR/Crypt.XPACK.Gen | 26/39 (66.7%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | fb76f1207130ae0826c36a44add03900 | http://two.natnatraoi.com/lmq.exe || 2011-02-23 00:35:21 | Antiy_AVL | Backdoor/Win32.IRCBot.gen | 3/40 (7.5%) | AS8551 | 62.219.69.246 | abuse@bezeqint.net | IL | RIPE | IL-BEZEQ-INTERNATIONAL-20001229 | 69c6df3184e261acf9e4481764fca04f | http://reichmanit.com/FBML%20Editor%20Setup.exe || 2011-02-23 00:35:21 | trendmicro | JAVA_AGENT.FR | 7/39 (17.9%) | AS50877 | 195.80.151.92 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 90d0ad72ed421f87aadc4aef545017f1 | http://mlhv.co.cc/games/tetris.jar || 2011-02-23 00:35:21 | avira | TR/Crypt.CFI.Gen | 29/41 (70.7%) | AS32475 | 184.154.7.2 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 6cd55e18ee09c48bda48eed12f67b5d0 | http://www.dream.ps/win7.exe || 2011-02-23 00:35:21 | avira | TR/Fakealert.59.136 | 18/41 (43.9%) | AS5577 | 212.117.177.18 | abuse@as5577.net | LU | RIPE | SERVER-NETWORK | 9557c35b1d02fb27cb5646d945c66103 | http://up-programs.info/archive20110218.exe || 2011-02-23 00:35:21 | AVG | Java/Downloader | 1/40 (2.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | bd3edb5fbd591ff102427c8b43d4d245 | http://natasha007.fileave.com/index.html || 2011-02-23 00:40:01 | Avast | Win32:VB-RJG | 14/40 (35%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 239c9caff111c6f94098d4786ff9ed8b | http://76.76.116.118/files/27 || 2011-02-23 00:40:02 | avira | DR/Delphi.Gen | 11/39 (28.2%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 83dbf03ba30011286193edb33cc537e1 | http://76.76.116.118/files/26 || 2011-02-23 00:40:02 | avira | TR/Dropper.Gen | 21/40 (52.5%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 725865fc92624a427357da6152035f47 | http://76.76.116.118/files/25 || 2011-02-23 00:40:02 | avira | TR/Dropper.Gen | 21/40 (52.5%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | a22101e078f9b4aee549e7243b020b49 | http://76.76.116.118/files/23 || 2011-02-23 00:40:02 | avira | TR/Agent.hizd.8 | 17/39 (43.6%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | fc40ea466f5b0b7bf4b9e9be718434c7 | http://76.76.116.118/files/21 || 2011-02-23 00:40:02 | Avast | Win32:Rootkit-gen | 15/40 (37.5%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | a569e18fbfe8ea4f1cb3db73baf62b86 | http://76.76.116.118/files/20 || 2011-02-23 00:40:02 | avira | TR/Kazy.10101 | 19/39 (48.7%) | AS21793 | 76.76.116.118 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | 3c1ddec24143b27fb02db82ef00124b1 | http://76.76.116.118/files/16 || 2011-02-23 00:40:02 | Kaspersky | Trojan.Win32.Jorik.Shiz.ic | 2/40 (5%) | AS50877 | 195.80.151.27 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 33264470235c54e5cca1960f880b39a0 | http://195.80.151.27/files/17 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen | 7/40 (17.5%) | AS50877 | 195.80.151.34 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 6a0b749136caa6798e3cb665704ed7ff | http://195.80.151.34/files/39 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen | 4/40 (10%) | AS50877 | 195.80.151.34 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | f8be11c686af4147f3ba7fb3a5df2312 | http://195.80.151.34/files/38 || 2011-02-23 00:40:02 | DrWeb | Trojan.Packed.1883 | 3/39 (7.7%) | AS50877 | 195.80.151.36 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | ae7f5603f4d1f0e40e2a433ae0b147ec | http://195.80.151.36/files/37 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen | 9/39 (23.1%) | AS50877 | 195.80.151.36 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 579b37fbf081a6781e593095d68fcc55 | http://195.80.151.36/files/36 || 2011-02-23 00:40:02 | avira | TR/Agent.368640.G | 5/41 (12.2%) | AS50877 | 195.80.151.35 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 50e2486d5920cee9e136133b961d4ddf | http://195.80.151.35/files/35 || 2011-02-23 00:40:02 | avira | TR/Dropper.Gen | 11/41 (26.8%) | AS50877 | 195.80.151.35 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | f3c01460a308a5435e1bf20cc59f0933 | http://195.80.151.35/files/34 || 2011-02-23 00:40:02 | AhnLab_V3 | Trojan/Win32.Zbot | 13/41 (31.7%) | AS50877 | 195.80.151.37 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 6375005bfa7221a49bb3e27ecb127ba7 | http://195.80.151.37/files/33 || 2011-02-23 00:40:02 | avira | TR/Ransom.Gimemo.pk | 24/41 (58.5%) | AS50877 | 195.80.151.37 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 2317e514d96687f0b7c46630543a9b60 | http://195.80.151.37/files/32 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen2 | 5/39 (12.8%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 36a8208ae8728e21f2e5459d95cd1c88 | http://195.80.151.43/files/20 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen2 | 5/41 (12.2%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 0b52cd71e051a7fe21d799f4977b4741 | http://195.80.151.43/files/21 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen2 | 5/41 (12.2%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | dd1695e4416ab8bd7884ee772831f60e | http://195.80.151.43/files/22 || 2011-02-23 00:40:02 | avira | TR/Crypt.XPACK.Gen2 | 5/41 (12.2%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | e78a84e4e94d4fd899f8cbd86c361321 | http://195.80.151.43/files/19 || 2011-02-23 00:40:02 | Microsoft | VirTool:Win32/Obfuscator.JL | 4/41 (9.8%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | a69b4f5f3294362a4193a4040f2cb4b0 | http://195.80.151.43/files/18 || 2011-02-23 00:40:02 | Microsoft | VirTool:Win32/Obfuscator.JL | 4/39 (10.3%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | cff747cc65f287e0054cf77fe92c1cf5 | http://195.80.151.43/files/17 || 2011-02-23 00:40:02 | avira | TR/Kazy.9654.AK | 33/40 (82.5%) | AS50877 | 195.80.151.43 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 88064660b86982acbeae4c82f2159380 | http://195.80.151.43/files/16 || 2011-02-23 00:40:02 | clamav | Trojan.FakeAV.DRW | 11/40 (27.5%) | AS21788 | 66.96.205.136 | abuse@hostnoc.net | US | ARIN | NOC | eeca2530e2e4947735f8574f33a12a84 | http://streammoviesreview.in/video-plugin.1337.exe || 2011-02-22 22:49:05 | undef | Variant.FakeAlert.40 | 0/41 (0.0%) | AS32244 | 67.43.13.244 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-1 | f944ed4c0874ec0e5906c16e5871e380 | http://download.kyrion.in/ || 2011-02-23 01:01:54 | undef | unknown_html_RFI | 0/39 (0.0%) | AS20773 | 94.199.242.207 | hostmaster@alfahosting.de | DE | RIPE | ALFAHOSTING-VPS-NET | 9db2fbfd3ad11c7a116028351f177187 | http://www.bonus-welt.eu || 2011-02-23 01:02:21 | Avast | Win32:AutoIt-QX | 5/41 (12.2%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 0117ce84d2d6c620f2c12cb332f20fe0 | http://h1.ripway.com/Kell/test.exe || 2011-02-23 01:02:22 | avira | TR/Spy.Gen2 | 17/41 (41.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | ceedfed12dbbaeb81416bc927c7cdd73 | http://natasha007.fileave.com/SunJavaSystems.exe || 2011-02-23 01:03:04 | undef | unknown_html | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 64.246.60.138 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-7 | bb20555eac6feb4d9bfbe7f68189bb9c | http://www.bestshareware.net/downloading/free-auto-blogger.htm || 2011-02-23 01:03:04 | Ikarus | not-a-virus:Monitor.Win32.Myss | 5/39 (12.8%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | bd7416ec670278173708a8ccb4280ef3 | http://bestshareware.biz/utilities/freeautobolgger.exe || 2011-02-23 01:03:04 | avira | TR/Crypt.CFI.Gen | 32/41 (78%) | AS32613 | 174.142.41.253 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 334def158085100790a45caef932aa0e | http://www.filetolink.com/478d2265 || 2011-02-23 01:03:04 | undef | unknown_html | 0/41 (0.0%) | AS32613 | 174.142.41.253 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | f246cfc9db435f6f754ace36ecbc8f53 | http://www.filetolink.com/download/?h=1dbc23c8a8b13121b3a40440fd2d26e9&t=1298416280&f=478d2265 || 2011-02-23 01:03:04 | avira | TR/Hijacker.Gen | 40/41 (97.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 5101fda305358388ad0f01dadc6caf2c | http://gleeperz.fileave.com/taco.exe || 2011-02-23 01:03:04 | avira | TR/Buzus.cbdu | 25/41 (61%) | AS22773 | 70.182.176.240 | abuse@cox.net | US | ARIN | NETBLK-COX-ATLANTA-10 | c7cab8624a1cfa31532f38e0aef4f750 | http://www.cheathappens.com/~ziph4x0rshead/bulliesarecoolio12-ch.zip || 2011-02-23 01:03:04 | eSafe | Virus in password protected archive | 4/41 (9.8%) | AS16276 | 188.165.223.134 | abuse@ovh.net | FR | RIPE | OVH | b7cff4e6849877c15c77be148ea500b4 | http://download.phpnuke.org/installers/out/en/37/downloads.phpnuke.org/en/d3/0b/5ff230312cea29975706a48676bf/installer_vcd_cutter_1_0_English.exe || 2011-02-23 01:03:04 | avira | DR/Popguide.138986 | 28/41 (68.3%) | AS9318 | 222.239.255.57 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 44f8fe8bd456fac5170bb2f1b4b0b70c | http://cfteam.net/EBiz/E1GuideUpdate/E1PopGuide_20080611_Update.exe || 2011-02-23 01:03:04 | avira | DR/BHO.aeiz | 25/41 (61%) | AS9318 | 222.239.255.57 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 4255f5a60affc74b54a070da850054db | http://cfteam.net/zerogame/update/zerogameupdate_20080619.exe || 2011-02-23 01:03:04 | AhnLab_V3 | Trojan/Win64.Gen | 18/41 (43.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c90f4b106a13c7028e15869135732d95 | http://gabe714.fileave.com/ccc.exe || 2011-02-23 01:03:13 | undef | unknown_html | 0/41 (0.0%) | AS28917 | 93.191.13.148 | devnull@fiord.ru | RU | RIPE | FIORD-COLO | d41449530804491d9c79e88457e9b3c2 | http://cashmagnat.com/api/open.php?aid=1774772&v=3 || 2011-02-23 01:03:13 | undef | unknown_html | 0/39 (0.0%) | AS42872 | 91.193.194.69 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 6723334850b924473205aba632036c3d | http://updateconnection.com/version/xtasks.php?1_1_1_1b7bf5eb-b240-4dbb-a121-96026066b62d_5.1%202600%20SP2.0_ru-ru_iexplore_22.2.2011%200:58:46_9d || 2011-02-23 00:23:24 | clamav | PHP.Downloader-4 | 1/41 (2.4%) | AS11798 | 74.220.207.133 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 332bdd0d9c820334ab8e92f27a246c55 | http://longmonttwinpeaksrotary.org/_htm/sp.txt?? || 2011-02-23 01:33:02 | undef | unknown_html | 0/40 (0.0%) | AS47781 | 91.206.200.131 | hostmaster@ans.mk.ua | UA | RIPE | ANSMK-UA | 4b2369d3822ae9c63eb06546a87f5956 | http://91.206.200.131/config.bin || 2011-02-22 23:26:03 | undef | Trojan-Dropper/W32.MicroJoin.1521753 | 0/39 (0.0%) | AS41947 | 92.241.169.14 | abuse@2x4.ru | RU | RIPE | NET-2X4 | 2bb15db101c35dbddd4083d163a11ea0 | http://haidu.u2m.ru/ || 2011-02-22 23:27:12 | undef | Backdoor.Win32.Bifrose.ahfs | 0/41 (0.0%) | AS30083 | 69.64.63.220 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | e1bfd762321e409cee4ac0b6e841963c | http://dwnsft189.co.cc/ || 2011-02-23 00:27:14 | undef | Trojan-Downloader.Win32.Adload.aauq | 0/41 (0.0%) | AS32475 | 184.154.7.2 | abuse@singlehop.com | US | ARIN | SINGLEHOP | dadbf33432a1de984675c71d2115f9c5 | http://www.dream.ps/ || 2011-02-23 00:41:05 | undef | Variant.Kazy.13336 | 0/40 (0.0%) | AS36351 | 74.86.149.112 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 7534883345101b4bdf7d2af193daf08d | http://expireddomaingains.com/paa/ |+---------------------+------------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+---------------------------------+----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0.02 sec)
+---------------------+---------------+-------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+-------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-23 00:41:06 | undef | Trojan.Generic.KD.138578 | 0/41 (0.0%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 5388f60d7695cb57b87c799ee62d20b2 | http://94.63.244.50/ || 2011-02-23 02:02:39 | F_Prot | W32/MalwareF.CEIG | 2/41 (4.9%) | AS8560 | 82.165.99.125 | abuse@oneandone.net | DE | RIPE | SCHLUND-SHARED | ffc81c80127b36c7a4d221e1b18c1764 | http://www.achim-b.de/progs/wallpaper.exe || 2011-02-23 02:02:43 | Antiy_AVL | Worm/Win32.Mabezat.gen | 3/41 (7.3%) | AS21788 | 173.212.249.74 | nic@hostnoc.net | US | ARIN | HOSTNOC-7BLK | f1c2e6f02d879aeb4cb2575a748cb0fb | http://www.hak0.com/no-ip.zip || 2011-02-23 01:16:01 | avira | PHP/RemoteAdmin.3 | 18/41 (43.9%) | AS23352 | 66.225.213.124 | abuse@servercentral.net | US | ARIN | SCN-2 | 4f34182aceae9bc27d9f5a4f95b0728a | http://skyunlimited.net/social/ahh.txt? || 2011-02-23 00:41:07 | undef | Trojan-Downloader:W32/FakeAlert.PU | 0/39 (0.0%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 52b0df377f44f590d5e2d46eb5af23ab | http://bestshareware.biz/utilities/ || 2011-02-23 01:27:19 | undef | Adware:Win32/OpenCandy | 0/40 (0.0%) | AS9318 | 222.239.255.57 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | c13cf96eb1478dff9c969eec47d9d2f1 | http://cfteam.net/EBiz/E1GuideUpdate/ || 2011-02-23 01:27:20 | undef | :Trojan.Generic.5360692 | 0/41 (0.0%) | AS9318 | 222.239.255.57 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | f6f49561c3de02554ee92e23cf8e019e | http://cfteam.net/zerogame/update/ || 2011-02-23 03:06:54 | Comodo | UnclassifiedMalware | 5/41 (12.2%) | AS19066 | 209.188.86.88 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 7f910cdac47f710173cd7f7def2b5f11 | http://www.panicware.com/downloads/MouseAround10.exe || 2011-02-23 03:06:55 | avira | TR/Midgare.EBU | 34/40 (85%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 21e070169c7b2c3b02b4808dc4cd0a36 | http://h1.ripway.com/shankooty/W.E.B.xcam.v1.5.exe || 2011-02-23 03:06:55 | avira | SPR/RevealerKeyLog.A | 29/41 (70.7%) | AS16276 | 178.32.100.87 | abuse@ovh.net | FR | RIPE | OVH | d732c96765300f59c6d62920fc70b553 | http://ftp1.toocharger.com/loea1nn/revealer-keylogger-free-edition_1_18151.exe || 2011-02-23 03:06:55 | clamav | PUA.Packed.PECompact-1 | 13/38 (34.2%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.205.146 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 11979d5e54ef0f2d411710f3a5377ea5 | http://www.onlinexpos.com/serasa/visualizar.php?arquivo=Extrato_de_pedencias_Serasa.pdf&PessoaFisica=fernandohf.hd@gmail.com || 2011-02-23 03:06:55 | clamav | PUA.Packed.PECompact-1 | 15/41 (36.6%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.205.146 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 11979d5e54ef0f2d411710f3a5377ea5 | http://www.onlinexpos.com/serasa/visualizar.php?arquivo=Extrato_de_pedencias_Serasa.pdf&PessoaFisica=ericgagulich@hotmail.com || 2011-02-23 03:06:55 | avira | TR/Injector.DB | 19/40 (47.5%) | AS21788 | 173.212.249.74 | nic@hostnoc.net | US | ARIN | HOSTNOC-7BLK | 9aea2f10f08896f946e84aec56ed7e56 | http://www.hak0.com/drs/4/change%20icon.rar || 2011-02-23 03:06:55 | undef | unknown_html | 0/41 (0.0%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | 384306cf8f7345d9c5a5125b1448d12e | http://zalil.ru/30522661 || 2011-02-23 03:06:55 | avira | SPR/Winjector.A | 20/38 (52.6%) | AS13749, AS21844, AS30315, AS36420 | 74.54.188.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 7da7d4c7315c49ab5aa93f5243b38582 | http://www.cheat-project.com/download.php?id=1382 || 2011-02-23 03:06:55 | undef | unknown_html | 0/41 (0.0%) | AS21011 | 194.63.142.66 | tech@mirotel.net | UA | RIPE | MIROTEL2 | ad905c073db4d25c168a36a235e922b8 | http://zalil.ru/30440102/5985bcf3.4d6071b8/soft.exe || 2011-02-23 03:06:55 | eSafe | Virus in password protected archive | 2/41 (4.9%) | AS16276 | 188.165.223.134 | abuse@ovh.net | FR | RIPE | OVH | 60de5c394821ec93667af226614e7e56 | http://download.phpnuke.org/installers/out/en/37/downloads.phpnuke.org/en/4b/17/de72464d8ce88f1119344fe97b1b/installer_adobe_illustrator_cs5_15_0_2_English.exe || 2011-02-23 03:06:55 | Avast | Win32:Adware-SL | 5/41 (12.2%) | AS4766 | 222.122.237.239 | abuse@kornet.net | KR | APNIC | KORNET-KR | 0ed22091999bbc316304d9c38f572947 | http://jungbabo08.springnote.com/pages/7199833/attachments/4590371 || 2011-02-23 03:06:55 | trendmicro | TROJ_Generic.ADV | 13/41 (31.7%) | AS10439 | 71.6.196.237 | complaints@cari.net | US | ARIN | CARINET-5 | 388edd1411a1148b115166bc8ab111e9 | http://www.woodmann.com/crackz/Tools/Unpckarc.zip || 2011-02-23 03:06:55 | ClamAV | Worm.Autorun-1793 | 4/41 (9.8%) | AS9683 | 121.254.192.211 | ip@kidc.net | KR | APNIC | KIDC-KR | 33ff9e882c3b19b72d94d6266c238889 | http://dakuo.tistory.com/attachment/cfile27.uf@175AA8224B99915859AD24.zip || 2011-02-23 03:06:55 | avira | TR/Agent.44116.A | 19/38 (50%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.42.154 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | b4d655e0e3ebeef89a7c97f88e780f99 | http://tuts4you.com/request.php?1887 || 2011-02-23 03:06:55 | avira | TR/SCKeylog.H | 40/41 (97.6%) | AS43541 | 93.185.104.28 | lir@vshosting.cz | CZ | RIPE | PIPNI-NET | f3cddea35c5da1db950406677de78182 | http://2duaminh.tv/files/bugsungcf1.exe || 2011-02-23 03:06:55 | avira | TR/Crypt.XPACK.Gen2 | 21/40 (52.5%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | 11d44ed351a3f16a85a872267971a89d | http://up.iranblog.com/images/6pofoofxrb10o72pd7sb.rar || 2011-02-23 03:06:55 | avira | TR/Crypt.XPACK.Gen | 28/39 (71.8%) | AS15756 | 62.213.65.5 | abuse@caravan.ru | RU | RIPE | RU-CARAVAN-20011109 | f597cb806c3ee319f22de00ac30bf2e9 | http://st.free-lance.ru/users/ex-el/contacts/f_4d47ae6f29933.zip || 2011-02-23 03:06:55 | avira | TR/PSW.Codtree.22 | 22/39 (56.4%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | ba1ef39d0bdf41d58987ffe1b104adb7 | http://up.iranblog.com/images/k9z1i2ydur0itwpnvit.rar || 2011-02-23 03:06:55 | avira | DR/Zlob.Gen | 19/41 (46.3%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | 3f94c2badd8fb2efd3b41b17bacd5605 | http://up.iranblog.com/images/32bkvnax9ar0nsuzg68.rar || 2011-02-23 03:06:55 | avira | TR/StartPage.nxc | 19/41 (46.3%) | AS19318 | 66.23.237.189 | network@interserver.net | US | ARIN | INTERSERVER | f43024f6a4f6413ef95c5765a9e40151 | http://up.iranblog.com/images/80jx9egnpyjgdr3q0ilb.rar || 2011-02-23 03:06:55 | undef | unknown_html | 0/38 (0.0%) | AS12843 | 84.38.65.236 | abuse@ispone-business.de | DE | RIPE | DE-ISPONE-BUSINESS | 0b177672cee416203afaeb2dd8522705 | http://0l3.de/Jessy || 2011-02-23 03:06:55 | clamav | PUA.Packed.PECompact-1 | 14/40 (35%) | AS33182 | 64.37.48.209 | abuse@dimenoc.com | US | ARIN | DIMENOC-NETWORK | 11979d5e54ef0f2d411710f3a5377ea5 | http://64.37.48.209/Visualizar_Pedencias_Serasa.exe || 2011-02-23 03:06:55 | avira | TR/Bifrose.Const.A | 36/41 (87.8%) | AS21788 | 173.212.249.74 | nic@hostnoc.net | US | ARIN | HOSTNOC-7BLK | 952a72e03255507182a38a0931d50b3b | http://www.hak0.com/Bifrost.zip || 2011-02-23 03:06:55 | avira | JS/Dldr.Psyme.GX.3 | 28/39 (71.8%) | AS23650 | 61.155.154.214 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | 1a134ed0b9ae44057076ff708bcdfe5e | http://www.yiyuweiyu.com/admin/zx/zx.htm || 2011-02-23 02:50:06 | AntiVir | HEUR/HTML.Malware | 8/40 (20%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 96ad4c33453adecf4ca0743a510737d9 | http://cunat.webs.com/shkb/boti.txt??? || 2011-02-23 03:05:12 | AntiVir | HEUR/HTML.Malware | 8/40 (20%) | AS12586 | 94.249.139.5 | ripe@ghostnet.de | DE | RIPE | DE-GHOSTNET-20080918 | e59373e33534e15faa63cb8acac44720 | http://cunat.clod5.com/shkb/shkb.txt?? || 2011-02-23 02:29:16 | avira | PHP/Agent.AS.1 | 16/40 (40%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 289fa6dfa68aea9067ffa186769ab489 | http://faisbattretoncoeur.org/vaidevisa/govisa/visa/id.txt?? || 2011-02-23 02:16:57 | AntiVir | HEUR/HTML.Malware | 9/41 (22%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 96ad4c33453adecf4ca0743a510737d9 | http://cunat.webs.com/shkb/boti.txt?? || 2011-02-23 02:55:48 | clamav | PUA.Script.Obfus | 1/41 (2.4%) | AS4766 | 210.113.203.6 | abuse@kornet.net | KR | APNIC | KORNET-KR | 4a4c76da7284e49bd30d3f06af4adcf7 | http://210.113.203.6/~med/post.txt? || 2011-02-23 02:30:57 | avira | PHP/BackDoor.AR | 32/40 (80%) | AS26496 | 97.74.144.134 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8dcad47f3e32e7dc1aee59167e67c601 | http://caninesportscenter.com/id2.txt??? || 2011-02-23 02:31:00 | avira | PHP/Pbot.A | 25/40 (62.5%) | AS26496 | 97.74.144.134 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | eedac92685151cf49143f4b7f74358cf | http://caninesportscenter.com/spread.txt??? || 2011-02-23 02:31:09 | avira | PHP/Pbot.A | 27/41 (65.9%) | AS26496 | 97.74.144.134 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | eedac92685151cf49143f4b7f74358cf | http://caninesportscenter.com/spread.txt??%20? || 2011-02-23 02:28:23 | avira | PHP/RemoteAdmin.3 | 11/39 (28.2%) | AS46216 | 216.52.115.2 | abuse@internap.com | US | ARIN | PNAP-8-98 | 6fa5f5b6092e730644ae425a875b29f5 | http://freewebs.com/batu88/whatthehell.txt? || 2011-02-23 03:07:14 | avira | PHP/C99Shell.B | 29/40 (72.5%) | AS23352 | 66.225.213.124 | abuse@servercentral.net | US | ARIN | SCN-2 | 65348ea0b0fa0f38dd3702684acdbc35 | http://skyunlimited.net/social/a.txt? || 2011-02-23 03:08:49 | clamav | PUA.HTML.Crypt-8 | 2/41 (4.9%) | AS48809 | 217.16.8.23 | noc@abconnect.net | FR | RIPE | AB_CONNECT | 2db91effbc98d35592d1690ba18ff708 | http://217.16.8.23/~webmail/log/logs???? || 2011-02-23 03:31:24 | avira | PHP/Agent.AS.1 | 18/41 (43.9%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | 289fa6dfa68aea9067ffa186769ab489 | http://www.faisbattretoncoeur.org/vaidevisa/govisa/visa/id.txt?? || 2011-02-23 03:31:24 | BitDefender | Trojan.Generic.KD.139138 | 8/40 (20%) | AS28753 | 89.149.226.195 | abuse@netdirekt.de | DE | RIPE | NETDIRECT-NET | 774f5f45883728e1b5eb533800603306 | http://89.149.226.195/css/video-ex-escriva-de-policia-e-despida-em-delegacia-cai-na-internet-AVI.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | b6257a69fd7e522fd5c76f6799e83c0a | http://bestshareware.biz/utilities/1click-fixer-plus.exe || 2011-02-23 03:31:39 | CAT_QuickHeal | Trojan.Agent.IRC | 3/41 (7.3%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 5237ddfe90f1962d36e6063ef289014a | http://bestshareware.biz/utilities/AddRemovePlus2006.exe || 2011-02-23 03:31:39 | undef | unknown_exe | 0/39 (0.0%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | e426e8651691f424636beb220485ba25 | http://bestshareware.biz/utilities/AdvancedFontViewerSetup46442.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 401745cb4a767460d14837ed6e0beb53 | http://bestshareware.biz/utilities/ALZip55Eng.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | f43f98f2c528feaca138d31572a837d9 | http://bestshareware.biz/utilities/Amust_Registry_Cleaner.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | fd3aad8b853295f67e21614d7eb19f28 | http://bestshareware.biz/utilities/available-domains-pro.exe || 2011-02-23 03:31:39 | CAT_QuickHeal | Trojan.Agent.IRC | 4/40 (10%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 882a7079b6c8f9433ef0dd68b473a756 | http://bestshareware.biz/utilities/CaptainTrayPro.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | e940f0399cc986704bf08347a9281260 | http://bestshareware.biz/utilities/ciantextreplacer.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.KeyLogger.cqsj | 1/40 (2.5%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 41c5356c4dfb1bb3fe3fe65494823aab | http://bestshareware.biz/utilities/convertmonkey.exe || 2011-02-23 03:31:39 | Jiangmin | Backdoor/IRC.aj | 1/41 (2.4%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | b829c3ad4ee0e18fd61eb8791cdce18d | http://bestshareware.biz/utilities/DefaultPrinter.exe || 2011-02-23 03:31:39 | Jiangmin | Trojan/Agent.ctkj | 2/41 (4.9%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 90dede0541b70216b1a97d354d9f7305 | http://bestshareware.biz/utilities/DesktopCloset.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 05974f3ce7e0e764fd10fbb83d21f1f3 | http://bestshareware.biz/utilities/dhtmlmenu.exe || 2011-02-23 03:31:39 | ClamAV | PUA.Packed.EXECryptor | 3/41 (7.3%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 7e9f6d55964738fe10434c0a3bc28e3b | http://bestshareware.biz/utilities/DiskInternals_Flash_Recovery.exe || 2011-02-23 03:31:39 | ClamAV | PUA.Packed.EXECryptor | 3/40 (7.5%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 1f191853ab493976d1b14ec9fdf0261b | http://bestshareware.biz/utilities/DiskInternals-Uneraser.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | de69681916eee61f870e6af08a2a7727 | http://bestshareware.biz/utilities/disk-space-clean-clear.exe || 2011-02-23 03:31:39 | Jiangmin | Trojan/Agent.ctkj | 2/41 (4.9%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 9c69a9bd7d52baa68487282e20ce880d | http://bestshareware.biz/utilities/DriverDetective.exe || 2011-02-23 03:31:39 | undef | unknown_exe | 0/41 (0.0%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 283486d6754d6b19005f5fdd8c8b4d80 | http://bestshareware.biz/utilities/DriverMagician328.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 5be9974491113659a51241c0e1b2b486 | http://bestshareware.biz/utilities/EventLogManager.exe || 2011-02-23 03:31:39 | eSafe | Suspicious File | 1/41 (2.4%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | f8f45f0737e1abf821e4cc4dfba7c33d | http://bestshareware.biz/utilities/filemanager1.exe || 2011-02-23 03:31:39 | CAT_QuickHeal | Trojan.Agent.IRC | 2/38 (5.3%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 669f6831e80cdbe3d866ddd37d972fa8 | http://bestshareware.biz/utilities/fixregistryerror_trial.exe || 2011-02-23 03:31:39 | undef | unknown_exe | 0/41 (0.0%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | adeb6bc54432e8179819c5db2fe57e9b | http://bestshareware.biz/utilities/GBMHome8.exe || 2011-02-23 03:31:39 | Norman | Suspicious_Gen.JOHX | 2/40 (5%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 849cbb8a76fa0fed3e0ed89f6b06d442 | http://bestshareware.biz/utilities/GiantDiskCleaner.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.KeyLogger.cqsj | 1/39 (2.6%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | b3c48633017fcf6af6b39334652e69c1 | http://bestshareware.biz/utilities/handyrecovery.exe || 2011-02-23 03:31:39 | VBA32 | Trojan.VB.ajcl | 1/41 (2.4%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 34624080f94e812245f7ac270efe3ec3 | http://bestshareware.biz/utilities/hb40.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/40 (2.5%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 433293d879495defac3a6961a65685f5 | http://bestshareware.biz/utilities/htmlprotector.exe || 2011-02-23 03:31:39 | Sophos | Sus/Behav-113 | 1/41 (2.4%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | e830ea2a676d1f42f66ff7b126301960 | http://bestshareware.biz/utilities/incredi-mail-backup.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 5878f71531836bce1491a7a3fc14eac1 | http://bestshareware.biz/utilities/invisible-secrets4.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | eaae17b40528964425eb69785aafe11b | http://bestshareware.biz/utilities/lifeguard.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.KeyLogger.cqsj | 1/41 (2.4%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | c2977647258f4ce5bedb6558f13a01d5 | http://bestshareware.biz/utilities/Magic-Utilities.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.KeyLogger.cqsj | 2/41 (4.9%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 17061c072c21fae1b232ed253184a48c | http://bestshareware.biz/utilities/mgtweak_331.exe || 2011-02-23 03:31:39 | VBA32 | Trojan.VB.ajcl | 1/39 (2.6%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | d2b0393052a992bd8db5a105cfd84079 | http://bestshareware.biz/utilities/MonkeyMerge.exe || 2011-02-23 03:31:39 | Rising | Suspicious | 2/38 (5.3%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | a3ad1bfe4514d71ddd20d640b5472d11 | http://bestshareware.biz/utilities/outlook-express-backup.exe || 2011-02-23 03:31:39 | undef | unknown_exe | 0/41 (0.0%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 73aac2dff373ea94d41f0f42e124b204 | http://bestshareware.biz/utilities/PhotoRecovery.exe || 2011-02-23 03:31:39 | Jiangmin | Trojan/Agent.ctkj | 1/41 (2.4%) | AS14779 | 216.39.58.132 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | d0ced5d6767affb00cfffc6f05e24428 | http://bestshareware.biz/utilities/photorecoverywizard.exe || 2011-02-23 03:31:39 | Jiangmin | TrojanSpy.SpyAnyTime.n | 1/41 (2.4%) | AS14779 | 216.39.58.131 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | f1704a606b15d133ce42fa9482e335e0 | http://bestshareware.biz/utilities/PowerGREP.exe || 2011-02-23 03:31:39 | CAT_QuickHeal | Trojan.Agent.IRC | 2/41 (4.9%) | AS14779 | 216.39.58.130 | network-abuse@cc.yahoo-inc.com | US | ARIN | NETBLK-INTERNET-BLK-1-AV | 176d614539