0 Members and 2 Guests are viewing this topic.
+---------------------+-------------+----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-25 16:20:02 | DrWeb | BAT.Hosts.41 | 1/41 (2.4%) | AS11167 | 12.229.69.217 | abuse@att.net | US | ARIN | ATT | 4db9280b1de567f093f3fbad7d18dc85 | http://www.completelogistics.com/content/spide/upd.cmd || 2011-02-25 16:47:36 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | 493d3c720be431004253125118998a5d | http://gros-gaz.com/plugins/logon.txt?? || 2011-02-25 16:47:50 | avira | PERL/IrcBot.AX | 30/40 (75%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | daa7f4952ac4910d23664b6f5993606b | http://gros-gaz.com/plugins/c.txt?? || 2011-02-25 16:53:03 | avira | PERL/Shellbot.B.3 | 30/41 (73.2%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 0612b62e1f927cd22daac5b44db623a3 | http://sekenk2.zoomshare.com/files/spred.txt?? || 2011-02-25 16:55:00 | avira | PHP/Pbot.A.6 | 31/41 (75.6%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 0aa8984d006e21e5b0e224d288971bde | http://sekenk2.zoomshare.com/files/pbot.txt??? || 2011-02-25 16:17:54 | avira | PHP/PHPInfo.E | 23/41 (56.1%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 292dbe6e7a4e9245e72ba548df5c393a | http://jaimabrownhome.com/css/pandegaid.txt? || 2011-02-25 16:18:12 | avira | PHP/Loader.9852 | 16/40 (40%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 1d5301610057f7255551f68486e557f0 | http://jaimabrownhome.com/css/ec.txt?? || 2011-02-25 17:14:58 | avira | PERL/IrcBot.AX | 30/41 (73.2%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | daa7f4952ac4910d23664b6f5993606b | http://www.gros-gaz.com/plugins/c.txt?? || 2011-02-25 17:14:58 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | 493d3c720be431004253125118998a5d | http://www.gros-gaz.com/plugins/logon.txt?? || 2011-02-25 17:36:25 | avira | TR/Script.86 | 16/41 (39%) | AS11798 | 66.147.240.174 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | 7ab5a3291410db3231141e2818e85318 | http://raedat.net/libraries/simplepie/idn/sc1?? || 2011-02-25 17:37:08 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS11798 | 66.147.240.174 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | dcc55d73dae5326abb4f00d9313a7e70 | http://raedat.net/libraries/simplepie/idn/sc2??? || 2011-02-25 17:49:25 | avira | PHP/IRCBOT.JB.1 | 24/41 (58.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 7e7a1f0f1f832953e9ef9b044267c442 | http://curl.fileave.com/TEST2.TXT???http://uaedesign.com/config/idfx.txt? || 2011-02-25 18:13:28 | avira | PHP/PHPInfo.E | 23/41 (56.1%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 292dbe6e7a4e9245e72ba548df5c393a | http://www.jaimabrownhome.com/css/pandegaid.txt? || 2011-02-25 18:14:48 | trendmicro | BKDR_PERLBOT.SMD | 16/41 (39%) | AS42755 | 91.213.214.234 | abuse@myh2oservers.com | NL | RIPE | myH2oservers | 43f35530306851d70c97905d9fd615ca | http://keihardraymond.nl//images/e107.txt?? || 2011-02-25 18:14:48 | trendmicro | BKDR_PERLBOT.SMD | 16/41 (39%) | AS42755 | 91.213.214.234 | abuse@myh2oservers.com | NL | RIPE | myH2oservers | 43f35530306851d70c97905d9fd615ca | http://keihardraymond.nl//images/e107.txt??? || 2011-02-25 19:03:30 | avira | PHP/Shellbot.7642 | 24/40 (60%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 139d9ea35d08d73456d1df457bd7645b | http://soneka.110mb.com/shellboladona.txt.txt? || 2011-02-25 19:14:50 | avira | DR/Drop.Agent.douc | 9/41 (22%) | AS36420, AS30315, AS13749, AS21844 | 74.55.207.172 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | f9b786dec8abee112d0dc2d380ccfca0 | http://7art-screensavers.com/files/fs_day_plasticine_clock.exe || 2011-02-25 19:14:55 | avira | TR/Crypt.ULPM.Gen | 14/41 (34.1%) | AS25532 | 90.156.201.19 | abuse@masterhost.ru | RU | RIPE | MASTERHOST-HOSTING | 0e72d2d937ce7d69fa248f212c71ceed | http://acmedecor.ru/js/nginx.exe || 2011-02-25 19:14:55 | AhnLab_V3 | Trojan/Win32.Renos | 14/40 (35%) | AS21793 | 76.76.116.162 | abuse@gogax.com | CA | ARIN | INTERWEB-MEDIA | df81895cd979b8441b5f1ea5c25953a9 | http://dvdtubeclipsno.co.cc/stream/Flash_Player_10.1_update_for_Win.exe || 2011-02-25 19:14:55 | avira | TR/Dldr.Renos.MJ.49 | 28/39 (71.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | da4cd6a1008eae4d2b86d7594feee00c | http://gfvbhg564k.fileave.com/ep.exe || 2011-02-25 19:14:55 | clamav | PUA.Packed.ASPack | 8/39 (20.5%) | AS32780 | 174.127.84.235 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 9f6a7b9cc761064e42e63a7e79d87e84 | http://pic.uyrubr.com/pic/21268965689.jpg || 2011-02-25 19:14:55 | avira | TR/Drop.Agent.sdf | 18/39 (46.2%) | AS26496 | 173.201.92.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 0e067e759d0b7842bc38dee3e47ebdba | http://www.facebookfriendfind.com/setup.exe || 2011-02-25 19:14:55 | ClamAV | PUA.Script.Packed-2 | 3/39 (7.7%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | a302ac7bf6dab6087dccc31d8ed6e5f0 | http://get.whitesmoke.com/WriterTools/WhiteSmokeSilent.exe?WhiteSmokeWriter.exe || 2011-02-25 19:45:10 | avira | HTML/ScrInject.4728 | 14/39 (35.9%) | AS3216 | 194.186.88.37 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 014c83aaac2314109e630ef8048e28d4 | http://www.madonna.ferfe.pochta.ru/1EwI8OZzlP.html || 2011-02-25 20:16:18 | avira | TR/Crypt.FKM.Gen | 11/38 (28.9%) | AS27715 | 187.45.241.57 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | 7556bbd3827f983795665dc25aca2b0d | http://empreedimentos.tempsite.ws/download.asp?id=9 || 2011-02-25 20:16:18 | clamav | PUA.Packed.PECompact-1 | 3/40 (7.5%) | AS13100 | 87.252.210.7 | degripeadmin@dataelec.com | IE | RIPE | IE-INFLOW-20050923 | 0aa1568752c7949b5b0a05581570e58c | http://banner.mansionpoker.com/installer/poker/SetupPoker_fc9bad.exe || 2011-02-25 20:16:18 | BitDefender | Gen:Trojan.Heur.VP.Mm3@aW9zpSji | 14/40 (35%) | AS21378 | 80.246.65.2 | aleksey@tvcom.ru | RU | RIPE | Tver-TeleNet | edd04cc79c47aedf54ed1f3d68d5edf3 | http://cool.servegame.com/distr/Mario.zip || 2011-02-25 20:16:18 | trendmicro | Possible_Otorun8 | 7/40 (17.5%) | AS33182 | 67.23.226.149 | abuse@dimenoc.com | US | ARIN | DIMECNET | 520d797bdc3813fda1fad62f5db21b4a | http://www.malwareinfo.org/Utilities/USBProtect.zip || 2011-02-25 20:16:18 | avira | TR/Spy.169472.9 | 25/40 (62.5%) | AS13238 | 213.180.199.13 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 90e25b08ecbcee4f0d042a4ddea39c33 | http://mic-hard.narod.ru/download/foldertip.rar || 2011-02-25 20:16:27 | avira | PHP/PHPInfo.F | 22/40 (55%) | AS30968 | 77.221.130.2 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | ebb4d27999fcdd617ea3fac10b97925a | http://www.gik-horeca.ru/plugins/news/id.txt?? || 2011-02-25 19:45:02 | undef | Trojan-Spy.Win32.SpyEyes.elr | | AS23352 | 75.102.22.9 | abuse@servercentral.net | US | ARIN | SCNET-75-102-20-0-22 | c813a08016f5f34ab7a16baafa2fe1ef | http://www.parks-leisure.com.au/HEC/ || 2011-02-25 19:45:03 | undef | Trojan-Spy.Win32.Zbot.bcht | 0/41 (0.0%) | AS23352 | 75.102.22.9 | abuse@servercentral.net | US | ARIN | SCNET-75-102-20-0-22 | c813a08016f5f34ab7a16baafa2fe1ef | http://parks-leisure.com.au/HEC/ || 2011-02-25 22:13:57 | avira | TR/Kazy.10838.16 | 28/40 (70%) | AS23352 | 75.102.22.9 | abuse@servercentral.net | US | ARIN | SCNET-75-102-20-0-22 | 76eea5afc4e85cf3f341f75677d1246f | http://parks-leisure.com.au/HEC/i.1.exe || 2011-02-25 22:14:33 | avira | PHP/Pbot.A | 25/40 (62.5%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 03154e8accb459f645c121956d518e1b | http://www.freewebtown.com/newroot/rfi/spreed.txt??? || 2011-02-25 22:41:37 | undef | unknown_exe | 0/41 (0.0%) | AS33182 | 66.7.199.82 | abuse@dimenoc.com | US | ARIN | DIMECNET | f3d7638e4b2578f538c07e694fd67ee8 | http://jantax1620fev.hdfree.in/images/mask.jpg || 2011-02-25 22:41:37 | avira | TR/Spy.Bancos.psa | 5/41 (12.2%) | AS33182 | 66.7.199.82 | abuse@dimenoc.com | US | ARIN | DIMECNET | c3ca40a989c9bd4af92ab43358b161f2 | http://jantax1620fev.hdfree.in/images/mu_pic.jpg || 2011-02-25 22:41:37 | avira | TR/VB.apqq | 13/40 (32.5%) | AS8167 | 200.96.187.3 | csirt@oi.net.br | BR | LACNIC | 076.535.764/0326-90 | 960464a1aff5bbe8c59229220114029c | http://www.riobranco.ac.gov.br/escoladegoverno/plugins/Uol/Boleto_Uol.php?02-2011=%EMAIL????Uol%2Fboletonet.php?cb=253a961n73nf5nd7h87b5bererg28sj7ren58fkwsdj874jfr5 || 2011-02-25 20:20:01 | undef | Trojan.Heur.kmKfrvaJR1acb | 0/40 (0.0%) | AS9918 | 61.61.138.6 | chhlan@fareastone.com.tw | TW | APNIC | KGT-TW | 09c7741beefc454a7a1a22bb229a28bf | http://www.gk99.com.tw/ || 2011-02-26 00:25:44 | undef | unknown_html_RFI | 0/41 (0.0%) | AS12337 | 213.155.91.106 | noc@noris.net | DE | RIPE | DE-NORIS-20000403 | c1b2238e99a6f34e25b43094594126ac | http://fuerstenzell.de/index.php?site=http://fuerstenzell.de/index.php?site= || 2011-02-26 01:32:41 | avira | EXP/Pidief.deo | 14/41 (34.1%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 67f848d330f9629a7fcf369e257b487b | http://brathris.cz.cc/3e9b3d.pdf || 2011-02-26 01:32:41 | avira | EXP/Pidief.deo | 13/41 (31.7%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 48a1d74dcffce53eea9b8d1cb1f4c429 | http://brathris.cz.cc/manuale.pdf || 2011-02-26 01:40:03 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.121.168.210 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 4677b027fed107133090dabccee2b4f5 | http://www.honeynet.org/misc/drupal.js || 2011-02-26 01:45:01 | trendmicro | JS_FRAMELD.SMD | 16/41 (39%) | AS3216 | 194.186.88.37 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | dd02ad6caca74016ebbb5fbf56a25d78 | http://www.pavpal.com.pochta.ru/profile/Details.html || 2011-02-26 03:02:37 | avira | ADWARE/Mostofate.do.12 | 17/39 (43.6%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 2b779a8a76b9bc32f47e440ca5084590 | http://7498.get.toolbar.co.cc/toolbar/toolbar.exe || 2011-02-26 03:02:55 | DrWeb | Adware.Siggen.11047 | 7/43 (16.3%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 031895f593bf39d6b3732f505381caf0 | http://903.uz4.org/exe/f516eb782d005aea4745097a06401e39104e0020/bundle.exe || 2011-02-26 03:02:55 | Prevx | High Risk Cloaked Malware | 0/40 (0.0%) | AS12200 | 67.23.42.178 | abuse@rackspace.com | US | ARIN | SLICE-DFW-SF | fba06833515bbc95a12b3268e2e6627b | http://s7498.7archive.co.cc/software/offer.exe || 2011-02-26 03:02:55 | trendmicro | TROJ_SPYEYE.SMEP | 7/40 (17.5%) | AS41947 | 92.241.169.14 | abuse@2x4.ru | RU | RIPE | NET-2X4 | c491da355094da4c4fa7d51612c14be3 | http://top2010movietrailers.info/rich2048.exe || 2011-02-26 03:02:55 | avira | TR/Dldr.Adload.aauq | 30/43 (69.8%) | AS41947 | 92.241.169.14 | abuse@2x4.ru | RU | RIPE | NET-2X4 | f95c289f293bbfbd361485ebd3018732 | http://top2010movietrailers.info/winupdate.exe || 2011-02-26 03:31:35 | avira | TR/Dldr.VB.agbg | 16/38 (42.1%) | AS27715 | 187.45.195.185 | regcom@locaweb.com.br | BR | LACNIC | 002.351.877/0001-52 | 95547858737a530e6921f0af232a1074 | http://www.jpmconstrutora.com/smilies/includes/languages/english/modules/shipping/functions/default/fatura_fevereiro.scr || 2011-02-26 03:40:02 | avira | BDS/Bifrose.dpkw | 33/41 (80.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 6584e9d9a71a52e091e9e7bc699ea664 | http://91.193.194.114/sv/loader.exe || 2011-02-26 03:40:02 | avira | TR/Spy.SpyEy.EB.2.B | 24/41 (58.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ffa86e407a0c0a9e93693c36d1822e9f | http://91.193.194.114/sv/cyb.exe || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen | 34/41 (82.9%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | ec73fe029d34400e46a0ad6d8b4a8650 | http://derquda.com/bl/tilly.exe || 2011-02-26 03:40:02 | avira | TR/Proxy.Gen | 18/41 (43.9%) | AS28753 | 78.159.112.106 | abuse@netdirekt.de | DE | RIPE | NETDIRECT-NET | e481c289782427f8122f393b9411a494 | http://78.159.112.106/l/anime19/23.exe || 2011-02-26 03:40:02 | avira | TR/Spy.Agent.bphw | 21/40 (52.5%) | AS50877 | 195.80.151.194 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | d659cadd857d3c8d3e2e82baf50c7ea4 | http://195.80.151.194/jjnb.exe || 2011-02-26 03:40:02 | avira | TR/Dldr.Delphi.Gen | 17/41 (41.5%) | AS4134 | 121.11.150.90 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 6912c266e034f54fb83a79e070807739 | http://121.11.150.90/qixi.exe || 2011-02-26 03:40:02 | avira | TR/Crypt.XPACK.Gen | 22/41 (53.7%) | AS4837 | 218.60.65.103 | abuse@online.ln.cn | CN | APNIC | UNICOM-LN | 9ef52372085b678dfa77323a8eedacdf | http://haojilm.com/333.exe || 2011-02-26 03:40:02 | avira | TR/Kazy.13370.10 | 17/41 (41.5%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 92c0045a95df1f5e675ebb72e5cab3c2 | http://91.193.194.114/tm/3315.exe || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen | 31/41 (75.6%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 12f3842842683ab35d9031be061bde8b | http://91.193.194.114/tm/socks.exe || 2011-02-26 03:40:02 | avira | TR/Crypt.ZPACK.Gen | 35/41 (85.4%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 653d30c696ebbbff51d90f0c86a54d19 | http://91.193.194.114/tm/crypted.exe || 2011-02-26 03:40:02 | avira | WORM/Yahos.zo | 23/41 (56.1%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 751c32670cfac4a628bd56485acea197 | http://91.193.194.114/sv/bot.exe || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen | 22/41 (53.7%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | a5b7ea0b304c6d609c462471810a3368 | http://91.193.194.114/bl/install.exe || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen | 40/41 (97.6%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 426ecca5d8beb432587e65874fc3a59a | http://derquda.com/mj14.txt || 2011-02-26 03:40:02 | avira | TR/ATRAPS.Gen2 | 25/41 (61%) | AS4134 | 122.224.48.200 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 7809955c86de69dc498f193f036d366b | http://7dnfwg.com/xx/dnfwg.exe || 2011-02-26 03:40:02 | avira | TR/Hijacker.Gen | 38/41 (92.7%) | AS26496 | 72.167.190.31 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 2d5d832e905c078ce977b6945c41440c | http://web2.xixidy.info/sla.exe || 2011-02-26 03:40:02 | avira | DR/Delphi.Gen | 26/41 (63.4%) | AS26496 | 72.167.190.31 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 444c7f7cba9450b2a27b42f71be3e2f1 | http://web2.xixidy.info/b80.exe || 2011-02-26 03:40:02 | avira | TR/PSW.272384 | 14/41 (34.1%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 02d18ed274b6009208bb9922c95bae42 | http://117.59.39.72/iema.exe || 2011-02-26 03:40:02 | avira | TR/Agent.ehnr | 14/41 (34.1%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | ee4dfe8647dcb7a896dd29957b2bc90f | http://117.59.39.72/58icon.exe || 2011-02-26 03:40:02 | AhnLab_V3 | Win-Trojan/Xema.variant | 24/41 (58.5%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 2c6b2eca153b2f4331de13528c4be8e1 | http://117.59.39.72/httpd.exe || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen4 | 10/38 (26.3%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | b4e6bb7c3c8ad21ae681f264ec772e58 | http://89.114.9.42/999.exe || 2011-02-26 03:40:02 | avira | TR/Crypt.XPACK.Gen | 33/38 (86.8%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 7e4110977ec41059e71171ee57c76bba | http://89.114.9.42/serv8.exe || 2011-02-26 03:40:02 | avira | TR/Proxy.Slenugga.A.10 | 14/38 (36.8%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | fbadb2883df2130cb39b55c723f70871 | http://89.114.9.42/dq.exe || 2011-02-26 03:40:02 | BitDefender | Trojan.Generic.KD.141870 | 5/38 (13.2%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | bf2561da3b645090783f8ca1283e27df | http://89.114.9.42/ms.exe || 2011-02-26 03:40:02 | avira | TR/Proxy.Slenugga.A.11 | 13/38 (34.2%) | AS30890 | 89.114.9.42 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | bd187a3db231914df400e7c3fe794c31 | http://89.114.9.42/bnet.exe || 2011-02-26 03:40:02 | AVG | HackTool.LNL | 10/38 (26.3%) | AS13301 | 213.202.225.65 | abuse@funpic.de | DE | RIPE | UNITEDCOLO-BERGLER-LIEMEN-NET | 2fdc33acdbaa6175a64696d08f52099f | http://toolstore2011.to.funpic.de/res/chrome.exe || 2011-02-26 03:40:02 | avira | TR/Spam.Tedroo.A.8 | 21/38 (55.3%) | AS25973, AS35937, AS15244 | 67.210.124.15 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 3468ae798aeadca3d08c7ca34f1569fb | http://sundance1rv.com/e.exe || 2011-02-26 03:40:02 | Prevx | High Risk Cloaked Malware | 0/38 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | fba06833515bbc95a12b3268e2e6627b | http://173.192.170.103/software/offer.exe || 2011-02-26 03:40:02 | DrWeb | Trojan.Click1.31895 | 6/38 (15.8%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 39382687dc09cba4837f53a16442d4a0 | http://173.192.170.103/software/ws.exe || 2011-02-26 03:40:02 | Avast | Win32:Downloader-FEY | 14/38 (36.8%) | AS26228 | 69.59.137.237 | noc@servepath.com | US | ARIN | SERVEPATH-BLK2 | 697089b3319a314f6792c8c6932b2a4f | http://pds.adncommerce.com/wttw.exe || 2011-02-26 03:40:02 | AhnLab_V3 | Backdoor/Win32.Protector | 4/38 (10.5%) | AS38478 | 117.18.64.132 | hostmaster@netfinity.com.hk | HK | APNIC | NETFINITY | 11eaf781d42fec99d2402107600eefa2 | http://onlinesspacesz.com/vip/onlinesrv.exe || 2011-02-26 03:40:02 | avira | TR/Crypt.XPACK.Gen | 5/40 (12.5%) | AS32475 | 69.175.83.204 | netops@singlehop.com | US | ARIN | SINGLEHOP | 71b1d6fab5f1a90201aa1d187a7cf8c5 | http://lestresorsduparadis.com/3.exe || 2011-02-26 03:40:02 | avira | TR/Kazy.13758.6 | 21/38 (55.3%) | AS32475 | 69.175.83.204 | netops@singlehop.com | US | ARIN | SINGLEHOP | efb621da55f546e6956e883c593b881b | http://lestresorsduparadis.com/2.exe || 2011-02-26 03:40:02 | clamav | Trojan.FakeAV.DRW | 15/40 (37.5%) | AS32475 | 69.175.83.204 | netops@singlehop.com | US | ARIN | SINGLEHOP | 6759fb4ac3e2daf8129ab911fbc25832 | http://lestresorsduparadis.com/1.exe || 2011-02-26 03:40:02 | avira | TR/Dldr.Didom.A | 27/38 (71.1%) | AS23352 | 205.234.145.229 | support@servercentral.net | US | ARIN | SCN-4 | 93a526fe795d7e8cd7310d86577e4bf8 | http://kindomi.gasbian.com/inpa.exe || 2011-02-26 03:40:02 | avira | WORM/Rbot.Gen | 35/38 (92.1%) | AS51441 | 91.217.162.178 | noc@tirexhost.com | UA | RIPE | TIREXHOST-NET | e564d42c95c6fde9c3847af4756fae11 | http://kdddaber.com/tm/bnfile.exe || 2011-02-26 03:40:02 | avira | TR/Hijacker.Gen | 30/38 (78.9%) | AS42872 | 91.193.194.98 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | eb2c861feabb371c1af5319098c78dff | http://91.193.194.98/ad2.exe || 2011-02-26 03:40:02 | avira | TR/Kazy.13758.3 | 26/40 (65%) | AS42872 | 91.193.194.98 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 8b665fff54d1ffd5f460785335fc06d3 | http://91.193.194.98/gc.exe || 2011-02-26 03:40:02 | clamav | Trojan.FakeAV.DRW | 14/38 (36.8%) | AS5577 | 212.117.189.148 | abuse@as5577.net | LU | RIPE | SERVER-NETWORK | d54a4d0b7bb9cb5461792b3f3388865e | http://212.117.189.148/ngr.exe || 2011-02-26 03:40:02 | Microsoft | Worm:Win32/Pushbot.gen | 5/38 (13.2%) | AS30890 | 89.114.9.32 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 3d96699f1f723a4949f8414718ea3e8f | http://89.114.9.32/myms.exe || 2011-02-26 03:40:02 | BitDefender | Trojan.Generic.KD.141934 | 5/40 (12.5%) | AS30890 | 89.114.9.32 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 79acaa19e40ab37d77260460c391b3cb | http://89.114.9.32/xudv.exe || 2011-02-26 03:40:02 | AVG | Proxy.AMUC | 13/40 (32.5%) | AS30890 | 89.114.9.32 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | f0668f4d7022c8dd37779b75d762b429 | http://89.114.9.32/app.exe || 2011-02-26 03:40:02 | avira | TR/Scar.dpfz | 13/38 (34.2%) | AS29873 | 66.96.133.20 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | 419cc028e1ef4d6c6de655289632d375 | http://austo.dot5hosting.com/j-or.exe || 2011-02-26 03:40:02 | avira | TR/VBKrypt.brct | 7/38 (18.4%) | AS19318 | 209.159.149.243 | network@interserver.net | US | ARIN | INTERSERVER | 5dce6708ede86950edfc8a418172a708 | http://f.anyhub.net/1Vss || 2011-02-26 03:40:02 | avira | TR/Dropper.Gen | 34/38 (89.5%) | AS17920 | 113.192.13.108 | noc@ultraserve.com.au | AU | APNIC | ULTRASERVE | a54087344c695db09afec6100a2332cc | http://alltime.vn/yo.exe || 2011-02-26 03:40:02 | avira | TR/Kazy.13720.16 | 16/38 (42.1%) | AS32475 | 173.236.29.194 | netops@singlehop.com | US | ARIN | SINGLEHOP | 3dab3f9609993749d0d6e7e28ffeb753 | http://about-fitness.info/3.exe || 2011-02-26 03:40:02 | avira | TR/Dldr.Renos.PA.6 | 25/40 (62.5%) | AS32475 | 173.236.29.194 | netops@singlehop.com | US | ARIN | SINGLEHOP | 6d707ac9e996342effabe21e5754510d | http://about-fitness.info/1.exe || 2011-02-26 03:40:02 | avira | BDS/Backdoor.Gen | 28/40 (70%) | AS29761 | 98.143.159.138 | noc@quadranet.com | US | ARIN | OC3-NETWORKS2 | 50215e8d5a3f8364c04fb2796700cbf5 | http://98.143.159.138/ss/3310.exe || 2011-02-26 03:40:02 | BitDefender | Gen:Trojan.Heur.RP.juW@a8Dxivji | 6/38 (15.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 6c8b54bbbac0d6377aff87049b83b9cf | http://64.62.181.43/java2update/go.exe || 2011-02-26 03:40:02 | avira | TR/Spy.Banker.LW.28 | 18/38 (47.4%) | AS31476 | 79.132.212.7 | samandi@morva.net | IR | RIPE | MORVA-NET | d5a68ed8b9d85f21198ccbda0304f5eb | http://tepgrp.com/images/smtp.exe || 2011-02-26 03:40:02 | avira | TR/Spy.Delf.NPF.301 | 20/40 (50%) | AS31476 | 79.132.212.7 | samandi@morva.net | IR | RIPE | MORVA-NET | 3583d9a43c2bce27eb0ede26844fb646 | http://tepgrp.com/images/wab.exe || 2011-02-26 03:40:02 | avira | BDS/IRCBot.W.1 | 23/38 (60.5%) | AS11798 | 74.220.207.197 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | bc62c4442d827227b3bfb32a898e5536 | http://wal33d.info/ixplore.exe || 2011-02-26 03:40:02 | avira | BDS/Atadommoc.B | 15/40 (37.5%) | AS36444, AS2828 | 207.45.187.74 | abuse@acenet-inc.net | US | ARIN | ACENETMI | c5bf2a7a392596a7da852d5abbb5f9a4 | http://yovel.net/13k || 2011-02-26 03:40:02 | avira | TR/Rimecud.A.332 | 9/40 (22.5%) | AS36444, AS2828 | 207.45.187.74 | abuse@acenet-inc.net | US | ARIN | ACENETMI | dce22042356cac6274205f5fbbae559d | http://yovel.net/qdbre.exe || 2011-02-26 03:40:02 | avira | TR/Agent.81920.DX | 20/38 (52.6%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | ea4ec5a74cdaee02a9ec4be0a80044c7 | http://webflotta.net/geza/pot.exe || 2011-02-26 03:40:02 | avira | TR/Crypt.XPACK.Gen3 | 16/38 (42.1%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 15d893947ad3e3754e1874e9b0bd3773 | http://webflotta.net/css/spm3.exe || 2011-02-26 03:40:02 | avira | TR/Menti.boh.1 | 26/40 (65%) | AS44209 | 193.186.9.96 | info@fin-aktive.com.ua | UA | RIPE | FIN-ACTIVE-NET | ae3ad3abc8dbabcc579283b73bf8f926 | http://193.186.9.96/auc/n.exe || 2011-02-26 03:40:02 | Comodo | Heur.Packed.Unknown | 8/40 (20%) | AS42708 | 193.105.134.111 | info@swedendedicated.com | SE | RIPE | SWEDENDEDICATED-NET | 96742442435325983fefb385174a57be | http://193.105.134.111/masterav/avmast_2004_mst8.exe || 2011-02-26 00:13:04 | undef | Trojan-Spy.Win32.SpyEyes.evg | 0/40 (0.0%) | AS41947 | 92.241.169.14 | abuse@2x4.ru | RU | RIPE | NET-2X4 | 2bb15db101c35dbddd4083d163a11ea0 | http://top2010movietrailers.info/ || 2011-02-26 02:48:20 | undef | Variant.Inject.3 | 0/38 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 65f0c52ea60064e6861134b4e858ba17 | http://7498.get.toolbar.co.cc/toolbar/ || 2011-02-26 04:02:42 | avira | PHP/Small.539 | 14/40 (35%) | AS26496 | 97.74.144.113 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 29a95762232ae989aad5cdb701a43b7b | http://www.canadianfcs.com/media/system/js/myid.jpg? || 2011-02-26 04:32:29 | undef | unknown_html | 0/39 (0.0%) | AS4837 | 61.136.59.157 | abuse@cnc-noc.net | CN | APNIC | LongChiShenZhou-LTD-TJ | 31302831c8f5f0c819165c1d32d598ee | http://58icon.58lianmeng.com/quicklnk/lnklist/filelist.dat || 2011-02-26 04:32:29 | undef | unknown_html | 0/39 (0.0%) | AS15169 | 74.125.79.141 | arin-contact@google.com | US | ARIN | GOOGLE | 0074853b73cf54a5652fdae84b215e8c | http://json-time.appspot.com/time.json?rnd=0.6557607058524306 || 2011-02-26 04:32:29 | undef | unknown_html | 0/39 (0.0%) | AS38478 | 117.18.64.132 | hostmaster@netfinity.com.hk | HK | APNIC | NETFINITY | 8db74b8be34e497ae46491b0898efae8 | http://onlinesspacesz.com/vip/online || 2011-02-26 05:32:38 | clamav | PUA.HTML.Crypt-8 | 2/40 (5%) | AS25532 | 83.222.20.157 | abuse@masterhost.ru | RU | RIPE | Seo-Servis-dot-ru | 5c1c8120d82f46ff9d813fbe3354bac5 | http://www.xzadx.by.ru/red.txt? || 2011-02-26 05:36:32 | avira | PHP/Pbot.A | 29/41 (70.7%) | AS33182 | 66.7.194.193 | abuse@dimenoc.com | US | ARIN | DIMECNET | 6e1e0faee1d67f719b78888798516070 | http://dragun7.hdfree.com.br/zito.txt || 2011-02-26 06:00:54 | avira | PHP/IRCBOT.K | 13/40 (32.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://dominicanway.com/dwi/po.txt??&modez=scannerz || 2011-02-26 06:00:59 | avira | PHP/IRCBOT.K | 13/40 (32.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://dominicanway.com/dwi/po.txt??&modez=botz || 2011-02-26 06:01:02 | avira | PHP/IRCBOT.K | 13/40 (32.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://dominicanway.com/dwi/po.txt??&modez=psybnc || 2011-02-26 05:38:09 | clamav | PUA.HTML.Crypt-8 | 4/41 (9.8%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | c13cf2b619836b7931e0ba78629acc97 | http://tentorium-product.ru/mambots/system/r57.txt???? || 2011-02-26 06:00:50 | avira | PHP/IRCBOT.K | 13/40 (32.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://dominicanway.com/dwi/po.txt??&modez=shellz || 2011-02-26 07:00:03 | undef | unknown_html | 0/40 (0.0%) | AS12322 | 88.191.67.114 | abuse@support.dedibox.fr | FR | RIPE | FR-DEDIBOX | 3fc865de0b1533ba8cd1d40afe75b40a | http://www.wallinfire.net/picviz || 2011-02-26 07:02:41 | BitDefender | Trojan.Spy.Delf.NPF | 13/39 (33.3%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | bae18c45d5dc2fc520f77d60ee3863de | http://www.diariodafranca.com.br/conteudo/imagens/pega1.exe || 2011-02-26 07:02:41 | Ikarus | Trojan-Spy.Win32.Banker | 9/41 (22%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | 5cd954ce34d80c5b6bd9f3b912c2da1c | http://www.diariodafranca.com.br/conteudo/imagens/pega2.exe || 2011-02-26 06:13:42 | avira | PHP/RemoteAdmi.6444 | 13/39 (33.3%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 73c6526d8a3825c2ac6bdbd6d2169280 | http://jaimabrownhome.com/css/ver.txt?? || 2011-02-26 06:13:47 | avira | PHP/Pbot.A | 29/40 (72.5%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 0f0cc558d4d7ecb8686fcb07dd57e636 | http://jaimabrownhome.com/css/dor.txt?? || 2011-02-26 07:03:25 | avira | TR/Script.86 | 16/41 (39%) | AS31034 | 62.149.128.74 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 7ab5a3291410db3231141e2818e85318 | http://drfelettronica.it/docs/zfxid1.txt??? || 2011-02-26 07:03:30 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS31034 | 62.149.128.154 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | dcc55d73dae5326abb4f00d9313a7e70 | http://drfelettronica.it/docs/zfxid2.txt???? || 2011-02-26 07:32:27 | avira | PHP/RemoteAdmi.6444 | 5/41 (12.2%) | AS4230 | 189.22.63.3 | abuse@embratel.net.br | BR | LACNIC | 033.530.486/0001-29 | b60842470f54766140d375d25682dc42 | http://www.ponseg.com.br/img/ants.gif?? || 2011-02-26 06:47:32 | undef | TrojanSpy:Win32/Banker.LW | 0/41 (0.0%) | AS50877 | 195.80.151.194 | abuse@instant-exchanger.com | EU | RIPE | INSTANTEXCHANGER-NET | 28854bafa79a455c3ecdb40ef8b1149a | http://195.80.151.194/ || 2011-02-26 08:08:51 | clamav | PHP.Agent-14 | 4/41 (9.8%) | AS4766 | 222.122.60.115 | abuse@kornet.net | KR | APNIC | KORNET-KR | 8bc92a2e49b6670c4c9c5ab1556c07e5 | http://euronight.co.kr/bbs/e1.txt? || 2011-02-26 07:08:36 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/40 (2.5%) | AS36351 | 74.86.158.236 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 22b9b2d4daea7ee0ceabf73903b0939c | http://quadgroup.in/ || 2011-02-26 07:08:39 | undef | Worm:Win32/Rimecud.B | 0/41 (0.0%) | AS41186 | 195.114.18.148 | abuse@ispfr.net | FR | RIPE | ISPFR | 1c7b413c3fa39d0fed40556d2658ac73 | http://www.c-cultural.com/plugins/system/legacy/ || 2011-02-26 07:08:50 | undef | Trojan.Generic.KDV.140753 | 0/39 (0.0%) | AS46816 | 174.140.163.56 | noc@directspace.net | US | ARIN | DSNETWORKS-001 | 9fd8714f4fd8360d12726b2bae28d77e | http://www.mxdzj.com/ || 2011-02-26 08:46:56 | avira | PHP/PHPShell.BE | 11/39 (28.2%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 9d2552a1a912200ddbf9946717761f95 | http://cyberkobe.zoomshare.com/files/Ckrid1.txt?? || 2011-02-26 07:08:52 | undef | Backdoor.Win32.Agent.akfg | 0/41 (0.0%) | AS36351 | 50.23.137.223 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | 7534883345101b4bdf7d2af193daf08d | http://www.petcasketsandurnsinfo.com/owo/ || 2011-02-26 07:08:53 | undef | Trojan-Downloader.Win32.CodecPack.afbt | 0/40 (0.0%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 21f0bd9bea5c914017c2761f3d3fe423 | http://www.teensmagazine.net/imperio/ || 2011-02-26 07:08:55 | undef | Trojan.Heur.fm0@szNaVjliu | 0/41 (0.0%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 966269961d7959b93817d83892aed3da | http://www.webflotta.net/geza/ || 2011-02-26 09:22:39 | avira | PHP/Small.C | 24/39 (61.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 0d0c24460eab8d61935ad8b5eba9ff28 | http://dominicanway.com/dwi/jembot.txt?? || 2011-02-26 09:22:43 | avira | PHP/Small.C | 24/39 (61.5%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 0d0c24460eab8d61935ad8b5eba9ff28 | http://dominicanway.com/dwi/jembot.txt??? || 2011-02-26 09:22:47 | avira | PHP/IRCBOT.K | 11/39 (28.2%) | AS11798 | 69.89.22.112 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://dominicanway.com/dwi/po.txt?? || 2011-02-26 10:31:52 | undef | unknown_exe | 0/40 (0.0%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 1e1579dab10b134cb0aea756b156bfc1 | http://www.teensmagazine.net/imperio/NyxLauncherHack.exe || 2011-02-26 10:31:52 | Ikarus | Trojan.VB | 4/41 (9.8%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 5d5b386843c19101ca17b694ed0dba71 | http://www.teensmagazine.net/imperio/Proyecto1.exe || 2011-02-26 10:31:52 | Sophos | Mal/StartP-A | 1/39 (2.6%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 633125ff55db55eae080d50cccd05f80 | http://www.teensmagazine.net/imperio/publicidad.exe || 2011-02-26 10:31:52 | avira | TR/VB.Downloader.Gen | 22/40 (55%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 503324bc46fbb0b1b8ec180c6358b268 | http://www.teensmagazine.net/imperio/videoprohibido.exe || 2011-02-26 10:31:53 | avira | WORM/Autorun.abo.1 | 20/40 (50%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | e3f0a13c476c9a91b1940a8089ce726c | http://www.webflotta.net/geza/na.exe || 2011-02-26 10:31:53 | avira | TR/Agent.81920.DX | 21/39 (53.8%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | ea4ec5a74cdaee02a9ec4be0a80044c7 | http://www.webflotta.net/geza/pot.exe || 2011-02-26 11:02:38 | undef | unknown_html | 0/39 (0.0%) | AS15169 | 74.125.39.132 | arin-contact@google.com | US | ARIN | GOOGLE | c18090423d457579fd75293c3b94a3b0 | http://buscadooor.blogspot.com/2009/11/enlaces.html || 2011-02-26 11:02:38 | undef | unknown_html | 0/39 (0.0%) | AS15169 | 74.125.39.132 | arin-contact@google.com | US | ARIN | GOOGLE | c02d15a2700d4365fc68986a86c38771 | http://buscadooor.blogspot.com/2010/12/enlaces2.html || 2011-02-26 11:02:38 | undef | unknown_html | 0/39 (0.0%) | AS4766 | 183.110.191.22 | abuse@kornet.net | KR | APNIC | KORNET-KR | 86786c70b73e63803869960cf4a169b3 | http://launcher.softnyx.com/note_ac.asp || 2011-02-26 11:02:38 | avira | TR/VB.Downloader.Gen | 21/39 (53.8%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 503324bc46fbb0b1b8ec180c6358b268 | http://teensmagazine.net/imperio/videoprohibido.exe || 2011-02-26 11:02:38 | undef | unknown_html | 0/39 (0.0%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 037d536e3f13169cddee6b46a52108f4 | http://www.teensmagazine.net/imperio/registra.php || 2011-02-26 10:10:43 | avira | PHP/Small.C | 25/40 (62.5%) | AS26496 | 182.50.139.69 | gschwimer@godaddy.com | SG | APNIC | GODADDY-NET-SG | 0c4163a42173445eeec56ca1a43cbc5d | http://carter-tech.com.au/components/com_rokdownloads/views/folder/tmpl/setan1.txt??&modez=scannerz || 2011-02-26 10:10:49 | avira | PHP/Small.C | 27/41 (65.9%) | AS26496 | 182.50.139.69 | gschwimer@godaddy.com | SG | APNIC | GODADDY-NET-SG | 0c4163a42173445eeec56ca1a43cbc5d | http://carter-tech.com.au/components/com_rokdownloads/views/folder/tmpl/setan1.txt??&modez=botz || 2011-02-26 10:10:32 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS42927 | 94.124.1.3 | abuse@szara.net | PL | RIPE | POLSERWER-NET | e6640e12db3fec8385d8e61d0fe044b1 | http://psychologwroclaw.com/components/com_ckforms/views/ckforms/tmpl/id2.txt???? || 2011-02-26 10:10:54 | avira | PHP/Small.C | 27/41 (65.9%) | AS26496 | 182.50.139.69 | gschwimer@godaddy.com | SG | APNIC | GODADDY-NET-SG | 0c4163a42173445eeec56ca1a43cbc5d | http://carter-tech.com.au/components/com_rokdownloads/views/folder/tmpl/setan1.txt??&modez=psybnc || 2011-02-26 10:10:27 | avira | PHP/Agent.DZ | 21/39 (53.8%) | AS42927 | 94.124.1.3 | abuse@szara.net | PL | RIPE | POLSERWER-NET | 7e5928918360f3e94f0d2f84f05ce9ee | http://psychologwroclaw.com/components/com_ckforms/views/ckforms/tmpl/id1.txt??? || 2011-02-26 10:10:38 | avira | PHP/Small.C | 27/41 (65.9%) | AS26496 | 182.50.139.69 | gschwimer@godaddy.com | SG | APNIC | GODADDY-NET-SG | 0c4163a42173445eeec56ca1a43cbc5d | http://carter-tech.com.au/components/com_rokdownloads/views/folder/tmpl/setan1.txt??&modez=shellz || 2011-02-26 11:31:14 | avira | TR/Script.86 | 16/41 (39%) | AS3839 | 161.200.192.245 | chaya.l@chula.ac.th | TH | APNIC | CHULANET | 7ab5a3291410db3231141e2818e85318 | http://www.genednetwork.or.th/introduce//pic_files/id1.txt? || 2011-02-26 11:58:39 | avira | PHP/Pastie.637 | 14/40 (35%) | AS24989 | 87.238.192.101 | info@evanzo.de | DE | RIPE | DE-EVANZO-20060120 | 8640020e7254fa5fe434ce8ed181875c | http://www.ferienhaus-schaeferei-garz.de//phpMyAdmin/foot.jpg???? || 2011-02-26 11:58:39 | avira | PHP/RemoteAdmi.6444 | 13/40 (32.5%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 73c6526d8a3825c2ac6bdbd6d2169280 | http://www.jaimabrownhome.com/css/ver.txt?? || 2011-02-26 11:58:39 | undef | unknown_html | 0/38 (0.0%) | AS4808 | 117.79.89.138 | chenyue@neteon.com.cn | CN | APNIC | NETEON | 2dff763c03ce5420052be90715eacd20 | http://122.770304123.cn/ue000/38sw.e?uid=1344160012943143876086 || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS4808 | 117.79.89.138 | chenyue@neteon.com.cn | CN | APNIC | NETEON | 533559ad76e2c5e5cbe3e8a3df6bd396 | http://343.boolans.com/list/2011-02-26/ALL.y || 2011-02-26 11:58:39 | undef | unknown_html | 0/40 (0.0%) | AS4808 | 117.79.89.138 | chenyue@neteon.com.cn | CN | APNIC | NETEON | 9fee716bab7bf9c5680b77bcee36e91c | http://343.boolans.com/list/2011-02-26/ut_ALL.y || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://7498.uz4.org/application.php || 2011-02-26 11:58:39 | undef | unknown_html | 0/40 (0.0%) | AS47328 | 212.124.113.84 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | 9c4d2778ad6d0df42cab7cb729802470 | http://carsero.com/load.php?file=grabbers || 2011-02-26 11:58:39 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS4691 | 183.181.172.12 | nic-db@dti.ad.jp | JP | APNIC | DTI-NET | 4844ce9b2d137063f3d8fec6d422dd26 | http://crosty.or.tp/ || 2011-02-26 11:58:39 | undef | unknown_html | 0/40 (0.0%) | AS30058 | 204.45.122.59 | abuse@fdcservers.net | US | ARIN | FDCSERVERS | e0aa021e21dddbd6d8cecec71e9cf564 | http://idukadyzi.com/1013000112 || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS46475 | 74.63.243.194 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-3 | 1dd6f0eea4e80a6e446d1319f43fbf24 | http://meteorologica-chile.com/cl.php || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS49544 | 79.142.64.184 | abuse@nelux.net | NL | RIPE | ALTUSHOST-NET | f2b3e6853b4b8c198d4b9c9b76ae44e1 | http://newamazingfacts.com/newamazingfactsa/post_dump.php?variable4=COMPUTERNAME || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS32244 | 69.167.147.50 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | 33e271a93190ced122cb2500c35448b6 | http://onlineinstitute.com/g7/images/logo3.jpg?v1=23&tq=gHZutDyMv5rJeTXia9nrmsl6giWz%2BJZbVyA%3D || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.133.64.236 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-15 | c4ca4238a0b923820dcc509a6f75849b | http://service.piriform.com/installcheck.aspx?p=3&v=2.02.253&vx=&l=1033&b=1&o=5.1W3&g=1 || 2011-02-26 11:58:39 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | f2f3170a10945e53127b235646fd6bba | http://suaxorosx.t35.com/1/post.php || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 46368c0772b0fc138972ee347418f81f | http://suaxorosx.t35.com/2/post.php || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS13789 | 75.98.46.12 | abuse@internap.com | US | ARIN | PNAP-TOR-11-2008 | fc94fb0c3ed8a8f909dbc7630a0987ff | http://s.xp1.ru4.com/meta?_o=179638&_t=abcm || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 6a99cac8debc5b39930d66725e3b0c2b | http://wbrj2009.3322.org/ad/ad_keyword.txt || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 0aca6680a33086eb942e2fb43ea9ea20 | http://wbrj2009.3322.org/ad/ad_url.txt || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 61.136.59.52 | abuse@cnc-noc.net | CN | APNIC | LongChiShenZhou-LTD-TJ | 266fdb023cfcffbecbe4a0f763345016 | http://www.58lianmeng.com/sp/getip.aspx?u=1429 || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 209.62.107.107 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-16 | 10f2844a97f8a45daa22f91dfc85311c | http://www.piriform.com/auto?p=df&v=2.02.253&l=1033 || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 1c2b8df9b1c479edb03cea92f004539e | http://xufod3010.t35.com/1/post.php || 2011-02-26 11:58:40 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 951419701a1facab995c97985256e481 | http://xufod3010.t35.com/2/post.php || 2011-02-26 11:59:25 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS36351 | 74.86.183.197 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 16b0c65eb2f397409b3966dee9093b07 | http://utama-audio.com/temp/id/id2?? || 2011-02-26 11:59:25 | avira | PHP/Agent.H | 22/39 (56.4%) | AS24971 | 89.185.240.172 | noc@master.cz | CZ | RIPE | BRNO-HOUSING2-CZ-MAI | cf9ed7c60fcdab035ab064ec57a78ff2 | http://www.symbian-s60.net/e107_images/ideten.txt?? || 2011-02-26 12:00:03 | undef | unknown_html | 0/39 (0.0%) | AS209 | 192.155.50.108 | dcntrnoc@ubm-us.com | US | ARIN | CMP-COM42 | b9970ef6b061523bdeef48d6691091d9 | http://www.darkreading.com/management/security/intrusion-prevention/showArticle.jhtml?articleID=221901483 || 2011-02-26 12:01:49 | AVG | SHeur3.BPWG | 16/41 (39%) | AS12695 | 195.2.253.41 | abuse@madet.net | RU | RIPE | MADET-NET | 7cebcb89a9460dc2174233978d912a05 | http://perejopa.com/karp.exe || 2011-02-26 12:01:49 | avira | TR/Agent.ehnr | 18/41 (43.9%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | ee4dfe8647dcb7a896dd29957b2bc90f | http://wbrj2009.3322.org/58icon.exe || 2011-02-26 12:01:49 | avira | EXP/CVE-2008-5353.R | | AS10439 | 216.75.1.230 | complaints@cari.net | US | ARIN | CARINET-4 | 586a3aab1979e66b5693da7cb47d6bbf | http://www.metasploit.com/releases/framework-3.3.3.exe || 2011-02-26 12:33:07 | AVG | Worm/Generic2.AKTX | 13/41 (31.7%) | AS21793 | 76.76.107.68 | abuse@existhosting.com | CA | ARIN | INTERWEB-MEDIA | 264fe7d52e3f60f7167152eb8f84e8eb | http://serverxxx.ru//loading.php?spl=mdac || 2011-02-26 10:48:06 | undef | unknown_html | | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 744457ec2bceaf72f071841278913bd9 | http://teensmagazine.net/imperio/ || 2011-02-26 13:02:59 | undef | unknown_html_RFI_php | | AS3242 | 151.1.140.202 | registry@it.net | IT | RIPE | ITNET-WAN | 247bd964804c56bb8b6d3f0121dea2e4 | http://www.metalserranda.it/metal/files/ahh.txt? |+---------------------+-------------+----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------+188 rows in set (0.02 sec)
+---------------------+-------------+-----------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+-----------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-26 13:03:54 | undef | unknown_html | 0/39 (0.0%) | AS21793 | 76.76.107.68 | abuse@existhosting.com | CA | ARIN | INTERWEB-MEDIA | 9ee267182e99cef73fa24353bbca1241 | http://yostat100.ru/gate/ufr.php || 2011-02-26 12:41:10 | avira | PHP/RemoteAdmi.5398 | 16/41 (39%) | AS29953 | 69.41.197.197 | drg@bond.net | CA | ARIN | CYGNET-1BLK | ae13b423eec80db73e16d8fb4c90b4f7 | http://creativeink.ca/uploads/id.php?i=0qvxtQf6? || 2011-02-26 13:31:45 | undef | unknown_exe | 0/41 (0.0%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 1e1579dab10b134cb0aea756b156bfc1 | http://teensmagazine.net/imperio/NyxLauncherHack.exe || 2011-02-26 13:31:45 | Ikarus | Trojan.VB | 4/41 (9.8%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 5d5b386843c19101ca17b694ed0dba71 | http://teensmagazine.net/imperio/Proyecto1.exe || 2011-02-26 13:31:45 | Sophos | Mal/StartP-A | 1/41 (2.4%) | AS46475 | 69.162.116.202 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 633125ff55db55eae080d50cccd05f80 | http://teensmagazine.net/imperio/publicidad.exe || 2011-02-26 13:46:19 | clamav | PHP.Agent-14 | 4/41 (9.8%) | AS4766 | 222.122.60.115 | abuse@kornet.net | KR | APNIC | KORNET-KR | 8bc92a2e49b6670c4c9c5ab1556c07e5 | http://www.euronight.co.kr/bbs/e1.txt? || 2011-02-26 13:54:53 | Rising | Hack.Exploit.Script.HTML.IFrame.o | 1/41 (2.4%) | AS13238 | 213.180.199.11 | abuse@yandex.ru | RU | RIPE | YANDEX-199 | 6139915c078683ddd11ac4af2741b54b | http://s0m.narod.ru || 2011-02-26 13:54:53 | ClamAV | PUA.HTML.Infected.WebPage-2 | 1/39 (2.6%) | AS26496 | 97.74.215.78 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 5c3913983a02c8e8ec76463d4c2bf213 | http://shaggyze.hoggshobbies.com || 2011-02-26 13:54:53 | avira | HTML/Infected.WebPage.Gen2 | 21/41 (51.2%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | aa44c231a5e1737864c46fa9b44122f9 | http://www.freewebtown.com/citylove || 2011-02-26 14:02:38 | avira | EXP/PDF.Jeka.B | 24/41 (58.5%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | 52668677b6b87f530835cdebae9294a8 | http://ademuhmaytn.com/nte/GNH11.py/xH38e90689V0100f060006R3d708fb1102T7581f272203l000c329 || 2011-02-26 14:02:40 | avira | TR/Dldr.Bubnix.A.4 | 22/41 (53.7%) | AS15510 | 194.116.174.122 | abuse@uk.mci.com | GB | RIPE | COMPUWEB-COMMUNICATIONS | 9ccc2a593adbbca7d30bc311990c2cd1 | http://garyhughes.co.uk/ldr.exe || 2011-02-26 13:30:27 | trendmicro | BKDR_PHPBOT.SMOK | 20/40 (50%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | fec3569fbc74d37abbfc3169ff4c5f40 | http://asdsingapore.com/includes/domit/injek.txt?? || 2011-02-26 13:30:32 | Avast | PHP:Small-V | 3/40 (7.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 34c4feacf7370eb4f2d0f1bc9c5fb12e | http://asdsingapore.com/includes/domit/anak.txt??????? || 2011-02-26 13:37:06 | avira | SPR/PHP.ID | 15/39 (38.5%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | ec939cdc839f595c10191784111b00a1 | http://plongeemayenne.org/csm001//logx.txt? || 2011-02-26 13:37:21 | undef | unknown_html_RFI_shell | 0/39 (0.0%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | c9db704fcafb5249efbedfe08a89dfd1 | http://plongeemayenne.org/csm001//logz.txt? || 2011-02-26 14:22:31 | undef | unknown_html | 0/40 (0.0%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 81051bcc2cf1bedf378224b0a93e2877 | http://wbrj2009.3322.org/count/tj.php || 2011-02-26 14:31:29 | BitDefender | Gen:Heur.MSIL.Krypt.4 | 4/39 (10.3%) | AS28753 | 188.72.237.13 | abuse@netdirekt.de | DE | RIPE | NETDIRECT-NET-DEDISERV-967200 | 637b2d3faca32f6575b3c9c579175054 | http://www.uploadvillage.com/21b1e020688b4e0850c1/hehe.exe || 2011-02-26 11:04:02 | undef | Trojan.Heur.fm0@szNaVjliu | 0/41 (0.0%) | AS15510 | 194.116.174.122 | abuse@uk.mci.com | GB | RIPE | COMPUWEB-COMMUNICATIONS | f464dd705a1f5f95a1cc0fcc47435b3c | http://garyhughes.co.uk/ || 2011-02-26 15:03:03 | clamav | PUA.Packed.ASPack | 11/41 (26.8%) | AS46844 | 204.188.243.139 | support@sharktech.net | US | ARIN | SHARKTECH-3 | 87bcc0788fd988868839820fbe91afed | http://pic.mhhsrn.com/files/65326332173.Jpg || 2011-02-26 15:18:36 | avira | PERL/IrcBot.AX | 23/40 (57.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 6f8c3707939d3cfe81e41ab303f3e5a0 | http://www.asdsingapore.com/includes/domit/hanyar.txt || 2011-02-26 15:18:36 | eTrust_Vet | PHP/Shellbot.C | 2/40 (5%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | 0c3cfe9bed426ec8489f9fb8dbd8ed94 | http://www.plongeemayenne.org/csm001//black.txt || 2011-02-26 15:31:28 | undef | unknown_html | 0/40 (0.0%) | AS4837 | 61.158.167.209 | abuse@public.zz.ha.cn | CN | APNIC | UNICOM-HA | 8028662a3a05f593efc2604b7267fe56 | http://download.avgsafe.com:8080/cgi/recieve.exe || 2011-02-26 15:31:28 | Rising | Trojan.Win32.Generic.1274C698 | 2/40 (5%) | AS4837 | 60.29.248.16 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-TJ | daacda1fe251bc824577692c23d7c036 | http://www.51backup.cn/file/software/partner/2/avg.exe || 2011-02-26 15:32:30 | avira | TR/PSW.272384 | 16/41 (39%) | AS17969 | 117.59.39.72 | hewei67@sina.com | CN | APNIC | CNT | 02d18ed274b6009208bb9922c95bae42 | http://wbrj2009.3322.org/iema.exe || 2011-02-26 15:37:22 | avira | SPR/PHP.ID | 15/40 (37.5%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | ec939cdc839f595c10191784111b00a1 | http://www.plongeemayenne.org/csm001//logx.txt || 2011-02-26 15:37:22 | Antiy_AVL | Backdoor/PHP.Agent | 1/38 (2.6%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | 3ddb464cf34544a4e892482ebe655d2f | http://www.plongeemayenne.org/csm001//logy.txt || 2011-02-26 15:37:22 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | c9db704fcafb5249efbedfe08a89dfd1 | http://www.plongeemayenne.org/csm001//logz.txt || 2011-02-26 15:40:02 | Rising | Backdoor.Win32.Undef.brp | 1/40 (2.5%) | AS197145 | 91.218.38.153 | abusemail@infiumhost.com | UA | RIPE | INFIUMHOST-NET | 60f35fc278f5e7d825f6ab3f6fb7afa4 | http://91.218.38.153/images/2/GjhaOz0.exe || 2011-02-26 15:40:07 | Comodo | Heur.Packed.Unknown | 3/38 (7.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 73da1eb4eb2d409b623f25d44a30baff | http://d0s.fileave.com/gusanos.exe || 2011-02-26 15:40:07 | Comodo | Heur.Packed.Unknown | 3/38 (7.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 2c543749a79343f422c5cd1c26b165e3 | http://d0s.fileave.com/minerva.exe || 2011-02-26 15:40:07 | Comodo | Heur.Packed.Unknown | 5/38 (13.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a99a9486daceb8df5953f75b6698c8af | http://d0s.fileave.com/logos.exe || 2011-02-26 15:40:07 | Comodo | Heur.Packed.Unknown | 3/38 (7.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 28265ed7c0ed27d91bc799d4c20632cc | http://d0s.fileave.com/formosa.exe || 2011-02-26 15:40:07 | avira | TR/Dldr.Agent.fwig | 12/40 (30%) | AS40676 | 173.224.213.241 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | 09b3c90754cf4db41130de51d29a54b7 | http://cat.youhaveleads.com/w.exe || 2011-02-26 15:40:07 | avira | TR/Spy.Banker.Gen | 20/40 (50%) | AS15201 | 200.98.197.88 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 9605191afeb9c6f2aa2f5a30771bf7b2 | http://bolinacatb.dominiotemporario.com/amazerole.exe || 2011-02-26 15:40:07 | avira | TR/Dropper.Gen | 11/40 (27.5%) | AS15201 | 200.98.197.88 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 7b33e3f9173847a8a6b63dd9bf33a886 | http://bolinacatb.dominiotemporario.com/iteropatia.exe || 2011-02-26 15:40:07 | AhnLab_V3 | Trojan/Win32.Regrun | 15/39 (38.5%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 6f92fba24e6c5ac29d8e2f971c244d22 | http://aaphonecard.com/client.exe || 2011-02-26 15:40:07 | AhnLab_V3 | Downloader/Win32.Generic | 18/40 (45%) | AS9318 | 221.143.48.236 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | ddc314b952c4971acde4a978a54c7b3c | http://221.143.48.236/npsvcs.exe || 2011-02-26 14:47:29 | undef | Trojan.Spy.Delf.NPF | 0/41 (0.0%) | AS25973, AS35937, AS15244 | 67.210.124.15 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 5afae5306001f9ec97e4f3db5546ff39 | http://sundance1rv.com/ || 2011-02-26 15:46:42 | undef | unknown_html | 0/41 (0.0%) | AS4837 | 61.158.167.209 | abuse@public.zz.ha.cn | CN | APNIC | UNICOM-HA | 6b6cfb8e86f1506979d2c9b1b1963f0b | http://download.avgsafe.com/config/update000002.txt || 2011-02-26 14:47:44 | undef | Trojan.Win32.Menti.bpy | 0/38 (0.0%) | AS17920 | 113.192.13.108 | noc@ultraserve.com.au | AU | APNIC | ULTRASERVE | d03900a25adb7067c6b4c819020fe69c | http://alltime.vn/ || 2011-02-26 15:17:42 | avira | PHP/IRCBOT.AE | 14/41 (34.1%) | AS31815 | 64.13.251.247 | abuse@mediatemple.net | US | ARIN | MEDIATEMPLE-103 | fa30a308bed4e9fffeb8048000888dc0 | http://myonlinecareerspace.com/blog/seka2.txt??? || 2011-02-26 16:31:20 | undef | unknown_html | 0/40 (0.0%) | AS4766 | 220.90.213.158 | abuse@kornet.net | KR | APNIC | KORNET | 90487758a6b5a2df78b6d3446d5f2f9b | http://220.90.213.158/setup/npsvcs/npsvcs.svcn || 2011-02-26 16:31:20 | undef | unknown_html | 0/39 (0.0%) | AS40676 | 173.224.213.241 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | cd22bad976363fdd1bfbf6759fede482 | http://cat.youhaveleads.com/W.ashx?A=Get&V=2&ID=52C2F56B-7D2C-43c6-AAEB-D6E7E523F08B&.r=17090 || 2011-02-26 16:31:20 | undef | unknown_html | 0/40 (0.0%) | AS197145 | 91.218.38.153 | abusemail@infiumhost.com | UA | RIPE | INFIUMHOST-NET | 59ed0e0e989585cc64e0d62ecbb008c8 | http://omygoooood.net/images/2/HJklazA1.bin || 2011-02-26 16:31:20 | Avast | HTML:RedirBA-inf | 3/41 (7.3%) | AS4837 | 122.227.23.25 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | 7291a2aa890017ed5df429feba866b9a | http://www.qixi55.com/interface/reg_cookie.jsp?ad_id=0&from_type=1&rec_uid=6704000188&url=http://img003.com/soft/qixi55/Qixi2010Setup.exe |+---------------------+-------------+-----------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------+45 rows in set (0.01 sec)
+---------------------+---------------+-----------------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+-----------------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------+| 2011-02-26 16:40:03 | trendmicro | TROJ_CHIFRAX.BU | 13/41 (31.7%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | 5cd954ce34d80c5b6bd9f3b912c2da1c | http://diariodafranca.com.br/conteudo/imagens/pega2.exe || 2011-02-26 16:40:04 | trendmicro | TROJ_CHIFRAX.BU | 19/41 (46.3%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | bae18c45d5dc2fc520f77d60ee3863de | http://diariodafranca.com.br/conteudo/imagens/pega1.exe || 2011-02-26 16:40:04 | avira | TR/Dropper.Gen | 19/41 (46.3%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 22ef594c108002998aa83dc2a427b581 | http://91.193.194.114/tm/res.exe || 2011-02-26 16:40:04 | avira | TR/Crypt.XPACK.Gen | 11/41 (26.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 94185c787d4804cb452bc8bab43bbb22 | http://viva507.fileave.com/vv/isrv.exe || 2011-02-26 16:40:04 | avira | TR/Crypt.ZPACK.Gen | 20/40 (50%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | b15b56d200cd6052127e2dc8569620ca | http://91.193.194.114/tm/ncry.exe || 2011-02-26 16:40:04 | avira | TR/Crypt.XPACK.Gen | 20/40 (50%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | af12c1a01fc088313cf0ab576fced66c | http://viva507.fileave.com/vv/wcodecfl.exe || 2011-02-26 16:40:04 | trendmicro | TROJ_FAKEAV.SM8 | 20/41 (48.8%) | AS4134 | 222.88.205.200 | ip@hntele.com | CN | APNIC | CHINANET-HA | 3f6e728b63559867ffb61c52ce7ebdba | http://upnext.info/bs2/crlss.exe || 2011-02-26 16:40:04 | McAfee | Suspect-BA!447A6F6251D6 | 3/41 (7.3%) | AS29838 | 69.160.254.204 | abuse@atlanticmetro.net | US | ARIN | AMC-NET-4 | 447a6f6251d6de29407dec3e14d3456d | http://tufugotu.com/da/dnc.exe || 2011-02-26 16:40:04 | avira | TR/Oficla.hif | 20/40 (50%) | AS36351 | 74.86.158.236 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 35696351023ff849124c45e1711eaa80 | http://quadgroup.in/file.exe || 2011-02-26 16:06:03 | Ikarus | Exploit.HTML.IframeRef | 3/41 (7.3%) | AS15201 | 200.98.197.88 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 8e6fc7930a72c9611a52875ca91fa140 | http://bolinacatb.dominiotemporario.com/ || 2011-02-26 16:40:37 | undef | unknown_html_RFI | 0/41 (0.0%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 2175037d522fdc7dcd6a98f55e353959 | http://soneka.110mb.com/pippus.txt.txt? || 2011-02-26 17:40:02 | BitDefender | Trojan.Spy.Delf.NPF | 11/41 (26.8%) | AS32613 | 72.55.186.17 | abuse@panelboxmanager.com | CA | ARIN | PANELBOX-01 | 470570ce5a93f8b8c9c87a9563fe5e83 | http://tecnirol.com.co/arh/arh_flash/wab.exe || 2011-02-26 17:40:07 | avira | TR/Spy.32768.376 | 29/40 (72.5%) | AS25973, AS35937, AS15244 | 67.210.124.15 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 811a0d41b6ae55af15a8774839fc13d5 | http://www.hostyn.org/zlv.exe || 2011-02-26 18:02:52 | clamav | PUA.Script.Packed-10 | 1/41 (2.4%) | AS38001 | 202.150.216.211 | alan@newmediaexpress.com | SG | APNIC | NEWMEDIAEXPRESS-AP | e688193e6fb785ba968a4a735ad032be | http://202.150.216.211/~admin/rafael.jpg?? || 2011-02-26 17:48:03 | avira | PHP/Agent.AS.1 | 19/41 (46.3%) | AS11798 | 69.89.31.175 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 289fa6dfa68aea9067ffa186769ab489 | http://gaiababyboutique.com/images/id.txt?? || 2011-02-26 17:48:40 | avira | PHP/Agent.DZ | 23/40 (57.5%) | AS11798 | 69.195.100.231 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-7 | 8b8380fc162e9fbc270d2c1792c4ce27 | http://dotexe.org/.../RFI/idxx.txt??? || 2011-02-26 17:30:44 | avira | PHP/Shellbot.7642 | 26/41 (63.4%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 423b459f42d51c50f1c248773a0aba53 | http://chazinho.110mb.com/caraca.txt? || 2011-02-26 17:48:45 | avira | PHP/C99Shell.L | 22/40 (55%) | AS11798 | 69.195.100.231 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-7 | 667ffcea7d5a0ff9526456236ce449b7 | http://dotexe.org/.../RFI/id2.txt???? || 2011-02-26 17:49:23 | avira | PHP/Agent.DZ | 27/41 (65.9%) | AS11798 | 69.195.100.231 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-7 | 0c0da5a9e96717cdc6b94800f4005825 | http://dotexe.org/.../RFI/sh.txt?? || 2011-02-26 17:05:05 | undef | TrojanSpy:Win32/Banker.LW | 0/40 (0.0%) | AS25973, AS35937, AS15244 | 67.210.124.15 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | 51a032ccc73d84b3908a2a9458d1e276 | http://www.hostyn.org/ || 2011-02-26 18:14:27 | avira | PHP/Pbot.A | 27/39 (69.2%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | fe0d13dd702bc969cdfe67f16e284484 | http://gros-gaz.com/plugins/pbot.txt?? || 2011-02-26 18:40:13 | avira | PHP/Shellbot.7642 | 23/39 (59%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | abdfa147b2a49ad1fb674f12fc25e138 | http://soneka.110mb.com/mulher.txt.txt? || 2011-02-26 19:09:26 | avira | TR/Script.86 | 13/39 (33.3%) | AS32613 | 72.55.186.68 | abuse@panelboxmanager.com | CA | ARIN | PANELBOX-01 | 7ab5a3291410db3231141e2818e85318 | http://cohabitat.ca/cache/mod_data/sc1.txt??? || 2011-02-26 19:09:35 | avira | PHP/BackDoor.AR | 28/40 (70%) | AS32613 | 72.55.186.68 | abuse@panelboxmanager.com | CA | ARIN | PANELBOX-01 | dcc55d73dae5326abb4f00d9313a7e70 | http://cohabitat.ca/cache/mod_data/sc2.txt???? || 2011-02-26 18:47:48 | avira | PHP/Pbot.A | 29/41 (70.7%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | fe0d13dd702bc969cdfe67f16e284484 | http://gros-gaz.com/plugins/pbot.txt??? || 2011-02-26 20:02:50 | avira | TR/Script.86 | 16/41 (39%) | AS32613 | 72.55.186.68 | abuse@panelboxmanager.com | CA | ARIN | PANELBOX-01 | 7ab5a3291410db3231141e2818e85318 | http://www.cohabitat.ca/cache/mod_data/sc1.txt??? || 2011-02-26 19:54:46 | avira | PHP/Small.Awi.1026 | 21/40 (52.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 0a181b41a524502b50c94f405728b01e | http://asdsingapore.com/includes/domit/crewid.txt? || 2011-02-26 20:32:18 | avira | EXP/Pidief.deo | 11/39 (28.2%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | c02af7703b225e7e02e6c6185fab682a | http://mowield.cz.cc/manuale.pdf || 2011-02-26 20:40:03 | avira | HTML/Shellcode.Gen | 19/41 (46.3%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | a6969138e60a08f68c2ac0d05851c181 | http://aoq.3-a.net/99/pp.htm || 2011-02-26 20:14:57 | avira | TR/Script.75 | 22/39 (56.4%) | AS33968 | 79.171.34.31 | rob@ukgrid.net | GB | RIPE | INTERNETENGINEERING | a05dfd7cca7771a7565a154d65f05ea2 | http://j-m-designs.co.uk/files/id1.jpg?? || 2011-02-26 20:47:00 | avira | TR/Script.75 | 23/39 (59%) | AS8262 | 91.196.124.76 | sales@nexbrod.com | BG | RIPE | SUPERHOSTINGBG | a05dfd7cca7771a7565a154d65f05ea2 | http://traditionsandfuture.bg/editor/rfi/id1.txt???? || 2011-02-26 20:15:01 | avira | PHP/BackDoor.AR | 34/41 (82.9%) | AS33968 | 79.171.34.31 | rob@ukgrid.net | GB | RIPE | INTERNETENGINEERING | 8dcad47f3e32e7dc1aee59167e67c601 | http://j-m-designs.co.uk/files/id2.jpg??? || 2011-02-26 20:51:04 | avira | PHP/Small.AB | 10/39 (25.6%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 9a30d487fa483e371a94c7d5ef5d563d | http://n0b0dy.webs.com/bot/id2.txt????? || 2011-02-26 20:50:59 | avira | TR/Script.75 | 22/39 (56.4%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | a05dfd7cca7771a7565a154d65f05ea2 | http://n0b0dy.webs.com/bot/id1.txt???? || 2011-02-26 20:47:02 | avira | PHP/BackDoor.AR | 32/39 (82.1%) | AS8262 | 91.196.124.76 | sales@nexbrod.com | BG | RIPE | SUPERHOSTINGBG | 8dcad47f3e32e7dc1aee59167e67c601 | http://traditionsandfuture.bg/editor/rfi/id2.txt????? || 2011-02-26 20:54:29 | avira | PHP/Agent.DZ | 24/41 (58.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.94 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 8b8380fc162e9fbc270d2c1792c4ce27 | http://dotexe.levelonepower.com/RFI/idxx.txt?? || 2011-02-26 20:54:35 | avira | PHP/C99Shell.L | 23/41 (56.1%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.94 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 667ffcea7d5a0ff9526456236ce449b7 | http://dotexe.levelonepower.com/RFI/id2.txt???? || 2011-02-26 20:55:49 | avira | PHP/Agent.DZ | 24/39 (61.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.94 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 0c0da5a9e96717cdc6b94800f4005825 | http://dotexe.levelonepower.com/RFI/sh.txt? || 2011-02-26 21:31:35 | clamav | PHP.Id-30 | 5/39 (12.8%) | AS34011 | 109.239.61.75 | abuse@ispgateway.de | DE | RIPE | DOMAINFACTORY-20101229 | f9ebd9c869dfa634be6977155f0c65b7 | http://www.erziehungsberatung-bw.de//cms/system/.wp/1.txt?? || 2011-02-26 21:39:49 | avira | PHP/Agent.DZ | 27/41 (65.9%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.94 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 0c0da5a9e96717cdc6b94800f4005825 | http://dotexe.levelonepower.com/RFI/sh.txt || 2011-02-26 22:32:04 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS24940 | 78.47.198.57 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20070416 | 910692e2727a7be8563a8eda9f803ad2 | http://78.47.198.57:11200/pwn/ckrid.txt??? || 2011-02-26 23:02:50 | avira | TR/Crypt.ULPM.Gen | 11/40 (27.5%) | AS6724 | 85.214.72.29 | abuse-server@strato.de | DE | RIPE | STRATO-RZG-DED2 | 14dc1d145c76db165c5cf81891e4ff76 | http://www.yaoi.de/forum/avatars/exe.exe || 2011-02-26 23:31:27 | avira | EXP/PHP.E | 31/41 (75.6%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 1a418a7ea27ca26d57131df99b4527a1 | http://www.chaoshang.net/cswd/image/dmc.jpg? || 2011-02-26 23:29:20 | avira | TR/Script.77 | 17/43 (39.5%) | AS29671 | 92.61.150.19 | abuse@servage.net | EU | RIPE | SRVG-NET-HH1-H5-2 | dc7b2fd7417f4ea1917ac8b7284fecba | http://ntdesigner.cd44.co.uk/images/id1.jpg?? || 2011-02-26 23:29:24 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS29671 | 92.61.150.19 | abuse@servage.net | EU | RIPE | SRVG-NET-HH1-H5-2 | 81ca16c92e50478ca1112d1332352080 | http://ntdesigner.cd44.co.uk/images/id2.jpg??? || 2011-02-26 23:29:29 | avira | PHP/Shellbot.7642 | | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | ba7119424be8a3b0ae6ee8dcce128917 | http://tentorium-product.ru/mambots/system/tmp.jpg?? || 2011-02-27 00:45:02 | avira | HTML/ScrInject.4728 | 15/39 (38.5%) | AS3216 | 194.186.88.55 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 3edfec7304c46b64e7f77c86b520a299 | http://boleslava732.smtp.ru/ydeteba.html || 2011-02-27 01:16:06 | clamav | PUA.HTML.Crypt-8 | 4/39 (10.3%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | cae96eec9017dc6d72831b7e8dd950bd | http://kortech.cn/bbs/logs.txt??? || 2011-02-27 01:40:01 | avira | PHP/IRCBOT.JB.1 | 13/39 (33.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a2296d29de4d52c2744abbc0836e48ea | http://petok.fileave.com/atmo.txt?? || 2011-02-27 01:38:08 | avira | PHP/IRCBOT.K | 19/40 (47.5%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 8a2add85a1b15677b047731cdc47c609 | http://ihwow.zoomshare.com/files/atmo.txt?? || 2011-02-27 02:09:06 | avira | TR/Script.75 | 25/41 (61%) | AS19916 | 66.70.230.88 | abuse@support.olm.net | US | ARIN | OLM-05 | a05dfd7cca7771a7565a154d65f05ea2 | http://cepvi.com/Test/watu//id1.txt??? || 2011-02-27 02:09:09 | avira | PHP/BackDoor.AR | 32/39 (82.1%) | AS19916 | 66.70.230.88 | abuse@support.olm.net | US | ARIN | OLM-05 | f11a5c7810f1f715e1680b7045dda3cd | http://cepvi.com/Test/watu//id2.txt???? || 2011-02-27 01:39:52 | avira | EXP/PHP.E | 25/40 (62.5%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | a3056fc1c4d452c4f1a3dcae394aec5b | http://smokers-heaven.co.uk/vnc/cmd.txt? || 2011-02-27 02:35:24 | avira | EXP/PHP.E | 27/41 (65.9%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | a3056fc1c4d452c4f1a3dcae394aec5b | http://www.smokers-heaven.co.uk/vnc/cmd.txt? || 2011-02-27 02:35:24 | avira | PHP/Small.AA | 11/41 (26.8%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 57dcd054e8d57dd206f79cfe8f4ab1b4 | http://www.smokers-heaven.co.uk/vnc/r57.txt? || 2011-02-27 02:45:02 | avira | HTML/ScrInject.4728 | 17/41 (41.5%) | AS3216 | 194.186.88.49 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 4d913edfcfa69695588e5895ca383d13 | http://paramon466.pisem.su/arodihe.html || 2011-02-27 03:03:05 | avira | TR/Dropper.Gen | 38/41 (92.7%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 6d82a107b43bb00613eb4879568e460f | http://duzzle88.fileave.com/02set.exe || 2011-02-27 03:03:05 | CAT_QuickHeal | Trojan.Agent.IRC | 9/41 (22%) | AS4766 | 220.73.161.108 | abuse@kornet.net | KR | APNIC | KORNET | cb181f60e49368222d9c864b520c26b7 | http://ttvtt22.net/bsg0153/ottomouse.exe || 2011-02-27 03:03:05 | avira | TR/Crypt.ULPM.Gen | 11/41 (26.8%) | AS6724 | 85.214.72.29 | abuse-server@strato.de | DE | RIPE | STRATO-RZG-DED2 | 14dc1d145c76db165c5cf81891e4ff76 | http://yaoi.de/forum/avatars/exe.exe || 2011-02-27 02:15:25 | avira | PHP/C99Shell.L | 29/41 (70.7%) | AS32392 | 98.131.33.116 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 35457cb718ba8980fd642a6b790a5152 | http://johnlturner.com/modules/mod_poll/id2.txt?? || 2011-02-27 02:15:30 | avira | PERL/Shellbot.aa | 23/41 (56.1%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://bestofrobots.fr/downloader/skin/images/spr.txt???&modez=shellz || 2011-02-27 02:15:34 | avira | PERL/Shellbot.aa | 21/39 (53.8%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://bestofrobots.fr/downloader/skin/images/spr.txt???&modez=scannerz || 2011-02-27 02:15:38 | avira | PERL/Shellbot.aa | 23/41 (56.1%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://bestofrobots.fr/downloader/skin/images/spr.txt???&modez=botz || 2011-02-27 02:15:41 | avira | PERL/Shellbot.aa | 21/39 (53.8%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://bestofrobots.fr/downloader/skin/images/spr.txt???&modez=psybnc || 2011-02-27 02:15:22 | avira | TR/Script.76 | 25/41 (61%) | AS32392 | 98.131.33.116 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | f5c92f6912a87f4c170cb0622513e197 | http://johnlturner.com/modules/mod_poll/fx29id1.txt? || 2011-02-27 02:24:07 | avira | PHP/Pbot.A | 29/41 (70.7%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 26a8bc99068541798d26f1f0634366a9 | http://b0tsowndadores.110mb.com/vamonuka.txt? || 2011-02-27 04:02:45 | avira | PHP/PHPInfo.LL | 15/40 (37.5%) | AS26496 | 97.74.215.41 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | e93a248a520b3e023cfed096809260c1 | http://www.ajsquickcleaners.com/bbs/data/id.txt???? || 2011-02-27 03:55:09 | avira | PHP/Id.5390 | 16/41 (39%) | AS38877 | 202.191.61.215 | networkadmin@mdwebhosting.com.au | AU | APNIC | MD-WEB-HOSTING-AU | 01b0b183a6e33e2d39c8cac3c4ff52b4 | http://devinedesigns.com.au/idx2.txt? || 2011-02-27 04:03:57 | avira | PERL/IrcBot.AX | 14/40 (35%) | AS34224 | 87.121.165.6 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 0c56d41af900b79b2d2111c4a40447fd | http://e-vestnik.bg//imgs/2008/g.txt?? || 2011-02-27 04:32:11 | avira | PHP/Limworm.172478 | 31/41 (75.6%) | AS4766 | 210.92.53.47 | abuse@kornet.net | KR | APNIC | KRNIC-KR | 9848d030c053965ea1156e7df1037434 | http://www.dsma.co.kr/bbs21//images/lang.gif?????????? || 2011-02-27 04:49:40 | avira | PHP/Pbot.A | 16/39 (41%) | AS209 | 205.168.3.51 | abuse@qwest.net | US | ARIN | QWEST-INET-35 | dec2350bef8d713ddf0be48e1c744379 | http://ringstaradvantage.com/images/banners/spd.jpg?? || 2011-02-27 04:46:03 | avira | TR/Script.75 | 23/40 (57.5%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | a05dfd7cca7771a7565a154d65f05ea2 | http://vunoraa.com/bk09/fx29id1.txt?? || 2011-02-27 04:46:07 | avira | PHP/BackDoor.AR | 32/40 (80%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 8dcad47f3e32e7dc1aee59167e67c601 | http://vunoraa.com/bk09/fx29id2.txt??? || 2011-02-27 04:46:13 | clamav | PHP.Id-36 | 14/41 (34.1%) | AS31034 | 62.149.128.157 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 4f48fabbd4b83e52ac9d33407ad7b4eb | http://drfelettronica.it/docs/.logx? || 2011-02-27 04:46:23 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS31034 | 62.149.128.163 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 855d78ee443f8185c442fa5f5030d102 | http://drfelettronica.it/docs/.logz? || 2011-02-27 04:59:34 | avira | PERL/IrcBot.K.1 | 18/41 (43.9%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 4ec3b10a8663c7bbdb6c08404db2a93b | http://vunoraa.com/bk09/spread.txt?&modez=psybnc || 2011-02-27 04:46:10 | avira | PERL/IrcBot.AX | 23/41 (56.1%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 9c52d6feeaba8171bc9b1ab1aae53950 | http://vunoraa.com/bk09/ddo.txt?&modez=shellz || 2011-02-27 04:59:24 | avira | PERL/IrcBot.K.1 | 17/40 (42.5%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 4ec3b10a8663c7bbdb6c08404db2a93b | http://vunoraa.com/bk09/spread.txt?&modez=shellz || 2011-02-27 04:59:28 | avira | PERL/IrcBot.K.1 | 16/39 (41%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 4ec3b10a8663c7bbdb6c08404db2a93b | http://vunoraa.com/bk09/spread.txt?&modez=scannerz || 2011-02-27 04:59:31 | avira | PERL/IrcBot.K.1 | 17/40 (42.5%) | AS36420, AS30315, AS13749, AS21844 | 70.87.93.2 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 4ec3b10a8663c7bbdb6c08404db2a93b | http://vunoraa.com/bk09/spread.txt?&modez=botz || 2011-02-27 06:05:36 | avira | PHP/C99Shell.B | 32/39 (82.1%) | AS19318 | 69.10.48.106 | abuse@trouble-free.net | US | ARIN | INTERSERVER | 048ccc01b873b40d57ce25a4c56ea717 | http://ministeriobrasil.t35.com/c99shell.txt?? || 2011-02-27 05:22:38 | avira | PHP/Small.Awi.1026 | 24/40 (60%) | AS25653 | 69.72.232.114 | abuse@fortressitx.com | US | ARIN | FORTRESSITX | 9bc9b115a68a2cf3182f9d9702717ad8 | http://loeffler.com.mx/veterinaria/id.txt? || 2011-02-27 06:32:09 | avira | PHP/Small.ao.4121 | 7/40 (17.5%) | AS32392 | 98.131.33.116 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 9b1e1a31fd7bd7fa942665ea6c54c513 | http://johnlturner.com/images/stories/audio/gif? || 2011-02-27 02:47:55 | undef | AdWare.Win32.Agent.njr | 0/41 (0.0%) | AS28753 | 188.72.230.234 | abuse@netdirekt.de | DE | RIPE | NETDIRECT-NET | 9eed5a664392982c7a79caff903b6bda | http://188.72.230.234/ || 2011-02-27 07:00:17 | avira | HTML/ScrInject.4728 | 14/39 (35.9%) | AS3216 | 194.186.88.61 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 25a6c14f58fdc77a8d28c514a7ef2beb | http://fenomenalronaldo2.qipim.ru/ || 2011-02-27 07:00:28 | undef | Trojan.Win32.Refroso.czqg | 0/39 (0.0%) | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | 20f499396fe46e3ed4da66e4af47f3d9 | http://telsys.no/filer/ || 2011-02-27 07:00:34 | undef | Trojan.Win32.VB.aeta | 0/39 (0.0%) | AS3595, AS16626 | 63.247.69.242 | abuse@gnax.net | US | ARIN | GNAXNET | ecaa88f7fa0bf610a5a26cf545dcd3aa | http://www.alittihad.ly/media/system/css/css/ || 2011-02-27 07:00:40 | undef | Backdoor.Win32.VBbot.gt | 0/39 (0.0%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | ff76e30cfb2f61826f791a4fdda45b27 | http://www.webflotta.net/css/ || 2011-02-24 23:40:10 | avira | JS/iFrame.3654 | 1/40 (2.5%) | AS21788 | 66.96.218.37 | abuse@hostnoc.net | US | ARIN | NOC | 10e968839b26324a8749fa2a19444740 | http://santoorulhas.com/j13.html || 2011-02-27 08:31:57 | undef | unknown_exe | | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | c54beddfbffdc555f1f21d1e7ae9727a | http://telsys.no/filer/obc-win.exe || 2011-02-27 08:31:58 | undef | unknown_file_$INSTDIR/Voicepad.exe | | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | 91d252d9e4022fe361d9b4b1b6e160c8 | http://telsys.no/filer/Setup-Centile-Voicepad-7.5.61.exe || 2011-02-27 08:31:58 | undef | unknown_file_BroadWorksCommunicator.exe | 0/38 (0.0%) | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | 5344fc307183efbbf2caad84bd4d8a0e | http://telsys.no/filer/setup.exe || 2011-02-27 08:31:58 | undef | unknown_exe | 0/38 (0.0%) | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | e35489ff8a84c910c84da5be39b60dcc | http://telsys.no/filer/TelsysRemote.exe || 2011-02-27 08:31:58 | undef | unknown_exe | 0/38 (0.0%) | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | 17198fd6eeb65d7171460fbf01a0a398 | http://telsys.no/filer/update_telsys_13.0.8.45.exe || 2011-02-27 08:31:58 | undef | unknown_file_$INSTDIR/Voicepad.exe | | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | e76d2ce270ad8827174dedab3f008fe1 | http://telsys.no/filer/VoicePad_Setup.exe || 2011-02-27 08:31:58 | undef | unknown_exe | 0/33 (0.0%) | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | 4f3714abf66baca1338e4324e4462ba3 | http://telsys.no/filer/windows.exe || 2011-02-27 08:31:58 | undef | unknown_exe | | AS5381 | 195.159.29.89 | abuse@sysedata.no | NO | RIPE | SYSEDATA-NET | a6779daf3dd176553811d8c6d7ad4d4d | http://telsys.no/filer/windows-vista.exe || 2011-02-27 08:32:00 | avira | TR/Menti.boh.1 | 24/39 (61.5%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | ae3ad3abc8dbabcc579283b73bf8f926 | http://www.webflotta.net/css/n.exe || 2011-02-27 08:32:00 | avira | TR/Crypt.XPACK.Gen3 | 23/41 (56.1%) | AS11798 | 74.220.215.216 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 15d893947ad3e3754e1874e9b0bd3773 | http://www.webflotta.net/css/spm3.exe || 2011-02-27 08:40:03 | undef | unknown_html_RFI_eval | 0/39 (0.0%) | AS3491 | 209.9.239.101 | abuse.ops@pccwglobal.com | US | ARIN | BTN-CIDR4 | 2fd48d7f780743d2a0ceb682bf5b51ff | http://jsunpack.jeek.org/dec/go?list=1&search=executable || 2011-02-27 08:04:47 | avira | PHP/IRCBOT.NAA | 18/40 (45%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | fd9ebdb670c7e3a72826854a69f667fb | http://h1.ripway.com/kipas/spy.txt???http://uaedesign.com/config/idfx.txt? || 2011-02-27 08:14:16 | avira | PHP/IRCBOT.AN | 21/39 (53.8%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 98bb08d53d6ddfba85bfe9d59e3b06b0 | http://h1.ripway.com/kipas/kipas.txt???http://uaedesign.com/config/idfx.txt? || 2011-02-27 07:55:07 | avira | SPR/PHP.ID | 29/40 (72.5%) | AS11798 | 74.220.219.60 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 6f019ee9755329cfeb0aceaa700218c2 | http://pjbtechnology.com/logs/idosyris.txt???? || 2011-02-27 07:55:34 | avira | PERL/Shellbot.aa | 21/39 (53.8%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://bestofrobots.fr/downloader/skin/images/spr.txt?? || 2011-02-27 09:03:56 | avira | PERL/Shellbot.aa | 21/40 (52.5%) | AS16276 | 87.98.170.31 | abuse@ovh.net | FR | RIPE | OVH | bbb3d5f70039771ea015aceb0831a019 | http://www.bestofrobots.fr/downloader/skin/images/spr.txt?? || 2011-02-27 09:03:56 | avira | SPR/PHP.ID | 29/40 (72.5%) | AS11798 | 74.220.219.60 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 6f019ee9755329cfeb0aceaa700218c2 | http://www.pjbtechnology.com/logs/idosyris.txt???? || 2011-02-27 09:37:32 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS15600 | 81.18.30.143 | abuse@netrics.ch | CH | RIPE | NETRICS | 04370228f1ee76ed7db5c04fa65ba17f | http://shop.exchange.ch/images/oscommerce/tmp.jpg?? || 2011-02-27 08:51:47 | avira | PHP/C99Shell.C | 19/40 (47.5%) | AS27229 | 64.187.109.136 | abuse@acceleratebiz.com | US | ARIN | ACCELERATEBIZ-3-20 | 7e1c8bfa7f858ddbca7bb737722f1e94 | http://healthbeyond2000.co.nz/shop/pma/themes/original/css/r57.txt??? || 2011-02-27 10:02:51 | avira | PHP/Spy.Bull | 18/40 (45%) | AS17877 | 211.232.85.247 | abuse@nexg.net | KR | APNIC | VAAN-KR | f9e40b8a6db4c17961a57f7bc44b3b09 | http://www.dong69.co.kr//xe/ganyot/response?? || 2011-02-27 10:36:07 | avira | PHP/Zapchast.C | 16/41 (39%) | AS7479 | 202.177.22.66 | admin2@kddi.com.hk | HK | APNIC | KDD-HK | 38a6bfafb18883f9d1c58fed9939f50c | http://916t.com///images/.bash/id.txt? || 2011-02-27 10:13:44 | avira | PHP/IRCBOT.AN | 16/41 (39%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 43706f5e109e42c41f925632e55da1b9 | http://nurul1989.fileave.com/ping.txt??http://legalref.ru/cyberz/id.txt? || 2011-02-27 10:14:14 | avira | PHP/IRCBOT.AN | 14/39 (35.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 43706f5e109e42c41f925632e55da1b9 | http://nurul1989.fileave.com/ping.txt?http://legalref.ru/cyberz/id.txt? || 2011-02-27 10:36:19 | avira | PHP/IRCBOT.EV | 19/39 (48.7%) | AS24940 | 78.46.92.147 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 1b3fb589b751081053d56f06130d1f8c | http://starhosting.altervista.org/spread.txt??? || 2011-02-27 11:03:38 | clamav | PUA.Packed.ASPack | 8/39 (20.5%) | AS20495 | 213.163.91.245 | | NL | RIPE | DataTranSystems | db4ace64bd68a5dd2216f8ca434fca9a | http://flash260-pics.3utilities.com/download-id47493/flash_player_installer.exe || 2011-02-27 11:03:38 | clamav | PUA.Packed.ASPack | 6/38 (15.8%) | AS25190 | 46.252.131.53 | reliktbvk@gmail.com | LV | RIPE | Sagade | f2ec988747a02b7b53a98b9fda0609fb | http://zqrfphdu.co.cc/scan3/53/freesystemscan.exe || 2011-02-27 11:03:38 | avira | SPR/PHP.ID | 15/41 (36.6%) | AS7479 | 202.177.22.66 | admin2@kddi.com.hk | HK | APNIC | KDD-HK | 11992aff7b815508980a2741504ad5bc | http://www.916t.com//images/.bash/km.txt??? || 2011-02-27 11:03:38 | BitDefender | Trojan.Generic.KD.142798 | 7/41 (17.1%) | AS21793 | 76.76.107.68 | abuse@existhosting.com | CA | ARIN | INTERWEB-MEDIA | 95b96a0e23d86952915ac28f1346bb3b | http://serverxxx.ru/loading.php?spl=mdac |+---------------------+---------------+-----------------------------------------+---------------+------------------------------------+-----------------+----------------------------------+---------+--------+-------------------------+----------------------------------+---------------------------------------------------------------------------------+117 rows in set (0,01 sec)
+---------------------+-------------+-------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+-------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-27 11:16:48 | avira | PERL/Shellbot.P | 16/39 (41%) | AS36420, AS30315, AS13749, AS21844 | 70.86.180.184 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 220ee156bbe6e331935c28ea16811797 | http://pajura.net/bt.txt || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS48709 | 91.200.242.230 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 5c9097fe86e42d07212df426d4a29d02 | http://91.200.242.230/spm/s_alive.php?id=54549995082221850647390042244861&tick=127281&ver=545&smtp=ok&sl=1&fw=0&pn=0&psr=0 || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS19318 | 66.45.237.212 | network@interserver.net | US | ARIN | INTERSERVER | 7555c54d6975bfc18dcfce9f717c3a28 | http://eurodino.t35.com/2/post.php || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS16265 | 95.211.109.214 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 268e0b50f4e79a5491a59ce91c8617ee | http://itshowsyouall.com/up/?f=3&a=3280 || 2011-02-27 11:16:49 | undef | unknown_html | 0/39 (0.0%) | AS16265 | 95.211.109.214 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 54f5d2006d00ba935ab19675d3619159 | http://itshowsyouall.com/up/out/3280/lang.xml || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS16265 | 95.211.109.214 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | bf35e1991be75624047c9cfd19771c93 | http://itshowsyouall.com/up/out/3280/msn.ico || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS3356 | 8.12.226.190 | abuse@level3.com | US | ARIN | LVLT-ORG-8-8 | 597a463a424e1d127d5a8aedb55f9e06 | http://kmdl101.com/omni/prom/?f=lpl || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 58.120.226.69 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 881cc4157ed641a365a86452f27ed745 | http://ktqooksearch.co.kr/log/count_1.asp?step=boot&com=kos || 2011-02-27 11:16:49 | undef | unknown_html | 0/39 (0.0%) | AS9318 | 58.120.226.69 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | d2bcc286168bf8e040885c5cb7b6df13 | http://ktqooksearch.co.kr/log/count_1.asp?step=del&com=kos || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 58.120.226.69 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | cdf1e220d89c2dcd2e000c3d105bf93e | http://ktqooksearch.co.kr/log/count_1.asp?step=ins&com=kos || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 58.120.226.69 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 6838f181322327ae01f764c3220e2d0e | http://ktqooksearch.co.kr/program2_0/version.html || 2011-02-27 11:16:49 | undef | unknown_html | 0/40 (0.0%) | AS29838 | 69.160.254.204 | abuse@atlanticmetro.net | US | ARIN | AMC-NET-4 | 1c679020796bde59511a6ce99f8f0af3 | http://tufugotu.com/da/g.php || 2011-02-27 11:16:49 | undef | unknown_html | 0/41 (0.0%) | AS24940 | 178.63.83.131 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20100302 | f2c2a77fef34bac4dcd45759dfe95f0c | http://update.cdburnerxp.se/ || 2011-02-27 11:16:49 | clamav | PUA.HTML.Crypt-8 | 4/39 (10.3%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | cae96eec9017dc6d72831b7e8dd950bd | http://kortech.cn/bbs/logs.txt????? || 2011-02-27 11:31:41 | Norman | W32/Malware | 1/39 (2.6%) | AS38676 | 175.111.16.41 | | KR | APNIC | WIZCDN-KR | 814b529630bbc7f07568aa689a1e2c7a | http://download.keysearch.co.kr/setup/app_wss/a/Setup_WSSat.exe || 2011-02-27 11:01:06 | AntiVir | PHP/Shellbot.7642 | 23/41 (56.1%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | d118afa3539cee1d8b37803b2b553d5f | http://renero.zoomshare.com/files/school.jpg? || 2011-02-27 08:43:04 | undef | Backdoor.Win32.VBbot.gt | 0/41 (0.0%) | AS44209 | 193.186.9.96 | info@fin-aktive.com.ua | UA | RIPE | FIN-ACTIVE-NET | 1d54210392cf78a3ca17e5121f5225e2 | http://193.186.9.96/auc/ || 2011-02-27 13:38:21 | BitDefender | Trojan.Downloader.Java.C | 2/38 (5.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 0521c911e442cd9eec927d8439731a76 | http://updatesjava.fileave.com/Client.jar || 2011-02-27 13:38:21 | avira | PHP/Pbot.A | 25/38 (65.8%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | fe0d13dd702bc969cdfe67f16e284484 | http://www.gros-gaz.com/plugins/pbot.txt?? || 2011-02-27 13:12:34 | avira | PHP/Agent.AD | 15/38 (39.5%) | AS21844 | 74.52.59.98 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d91040b015c1a85b6ab305be6dc20730 | http://aaronslayouts.com//_theme/images/.logx? || 2011-02-27 14:11:02 | avira | TR/Dropper.Gen | 16/41 (39%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | b816403624074d745d0c51dbbc85504e | http://jeanse.fileave.com/SunDofuxLauncher.exe || 2011-02-27 14:40:13 | avira | BDS/Backdoor.Gen | 27/39 (69.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 520aea86d06cc7629797227de80797d4 | http://jezuzstatus2.fileave.com/WinDefender.exe || 2011-02-27 13:56:12 | clamav | PUA.Script.Packed-10 | 1/40 (2.5%) | AS17547 | 203.211.129.97 | noc@qala.com.sg | SG | APNIC | FLEXIESOL-SG | 6c1dca9bdc00f8963b5e62aa60d335cb | http://spamming-tools.com/alatperang/php/r57gonz.txt?? || 2011-02-27 13:56:32 | avira | PHP/C99Shell.F | 23/40 (57.5%) | AS17547 | 203.211.129.97 | noc@qala.com.sg | SG | APNIC | FLEXIESOL-SG | 66acd7b10eba1ab8e6df3b97052261bd | http://spamming-tools.com/alatperang/php/c99.txt?? || 2011-02-27 14:36:36 | clamav | PUA.HTML.Crypt-8 | 4/40 (10%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 9777262a80113334edbfea4978b1b74f | http://tentorium-product.ru/mambots/system/stun.jpg???? || 2011-02-27 13:57:02 | clamav | PUA.HTML.Crypt-8 | 1/40 (2.5%) | AS17547 | 203.211.129.97 | noc@qala.com.sg | SG | APNIC | FLEXIESOL-SG | 2ff49ec4348dd6963a21d6469154eec3 | http://spamming-tools.com/alatperang/php/smc.txt?? || 2011-02-27 14:17:32 | avira | PHP/IRCBOT.ES.1 | 19/40 (47.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 74ab054188325df5fb961a22624c5254 | http://tum0.fileave.com/peng.txt??? || 2011-02-27 14:40:55 | AntiVir | EXP/Pidief.deo | 12/40 (30%) | AS25190 | 207.58.177.96 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | 6594f3d8cd50669db3ce28a4bafbe18e | http://nalmeron.cz.cc/manuale.pdf || 2011-02-27 14:40:56 | avira | TR/Crypt.ZPACK.Gen | 17/40 (42.5%) | AS26496 | 184.168.234.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 9308b67aa750d9a363529bf6bb2b7ba2 | http://great-film-tvs.info/download/setup.exe || 2011-02-27 15:04:39 | clamav | PUA.HTML.Crypt-8 | 4/41 (9.8%) | AS30968 | 77.221.130.34 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 9777262a80113334edbfea4978b1b74f | http://www.tentorium-product.ru/mambots/system/stun.jpg???? || 2011-02-27 15:04:39 | undef | unknown_html_RFI_eval | 0/39 (0.0%) | AS32181 | 69.65.58.193 | ip-admin@coloquest.com | US | ARIN | IPNAP | faeb2545ba0a37a7d4aa2bf0ebee352c | http://redtube.soccer-total.com/ads.php?a=User&b=SANDBOX0 || 2011-02-27 14:45:25 | avira | PHP/Pbot.A | 20/39 (51.3%) | AS16629 | 200.54.148.71 | sescobar@ISP.TIE.CL | CL | LACNIC | | c718bc77eb0063fffa19e36809a4f72b | http://valparaiso.universidadarcis.cl/v2.0/administrator/modules/.bash/spread.txt??? || 2011-02-27 15:06:58 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS3595, AS16626 | 207.210.64.84 | abuse@gnax.net | US | ARIN | GNAXNET | 6ccfe315f28b9fd27afd6115d72ce12b | http://phamsight.com/crut.txt?? || 2011-02-27 14:41:59 | clamav | PUA.HTML.Crypt-8 | 1/39 (2.6%) | AS3595, AS16626 | 207.210.64.84 | abuse@gnax.net | US | ARIN | GNAXNET | 6ccfe315f28b9fd27afd6115d72ce12b | http://phamsight.com/crut.txt || 2011-02-27 15:11:15 | avira | TR/Script.75 | 25/41 (61%) | AS31727 | 79.170.40.162 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET | a05dfd7cca7771a7565a154d65f05ea2 | http://cintel.fr/id1.txt??? || 2011-02-27 15:11:19 | avira | PHP/BackDoor.AR | 34/41 (82.9%) | AS31727 | 79.170.40.162 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET | 8dcad47f3e32e7dc1aee59167e67c601 | http://cintel.fr/id2.txt???? || 2011-02-27 10:48:02 | undef | unknown_html_RFI_shell | 0/39 (0.0%) | AS26496 | 97.74.46.230 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 036896974fb2198ce17954c2cfd7f270 | http://www.sexonlineaovivo.com.br/ || 2011-02-27 16:03:19 | avira | EXP/PDF.Jeka.B | 22/39 (56.4%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | 0c66ab4944a4a6b822b7fd92f1f1756c | http://jabtivtjytn.com/nte/GNH11.asp/xHff72c743V0100f060006Red3e0da1102Tb218a35c203l000c329 || 2011-02-27 16:03:19 | avira | EXP/PDF.Jeka.B | 24/41 (58.5%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | 4f1ae1e262deb6c27a35474a1d5c5569 | http://jabtivtjytn.com/nte/gnh11.html/xHff72c743V0100f060006Red3e0da1102Tb218a261203l000c329 || 2011-02-27 15:46:13 | avira | PHP/IRCBOT.K | 11/39 (28.2%) | AS11798 | 74.220.207.149 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-2 | 7e44ec19f998d64fbe3c9ba3d6d65770 | http://tropicallandings.com///cache/po.txt??? || 2011-02-27 17:31:43 | undef | unknown_exe | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 64.246.52.78 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-7 | 87500353aaf014f965ff1e98db8b9137 | http://www.keronsoft.com/ipodpsm.exe || 2011-02-27 17:00:05 | avira | PHP/IRCBOT.K | 19/41 (46.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 9100e5d1f606dd0abee28f4bcfe95dc4 | http://mastin.fileave.com/bot.txt???http://uaedesign.com/config/idfx.txt? || 2011-02-27 17:37:35 | avira | PHP/Pbot.A.9 | 24/41 (58.5%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | 53976b273f4069e0c9ca766f4ac9df03 | http://201.245.129.42/dav/x/spread.txt? || 2011-02-27 17:36:32 | clamav | PUA.HTML.Crypt-9 | 4/39 (10.3%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | be8479cd7ea59567b605a560477f241a | http://201.245.129.42/dav/x/r57.txt? || 2011-02-27 17:36:53 | clamav | PUA.HTML.Crypt-9 | 4/40 (10%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | be8479cd7ea59567b605a560477f241a | http://201.245.129.42/dav/x/r57.txt?? || 2011-02-27 17:34:54 | clamav | PUA.HTML.Crypt-9 | 6/41 (14.6%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | 65aa665dc0fa25cfc55131498f1c4b3b | http://201.245.129.42/dav/x/c99.txt? || 2011-02-27 18:31:27 | avira | PHP/Sendmail.373 | 11/41 (26.8%) | AS8342 | 81.176.228.4 | abuse@rtcomm.ru | RU | RIPE | RU-RTCOMM-20030115 | e2ac2ee7a9274c01d3e6e27c0a0ece66 | http://tester2302.1gb.ru/tester.txt? || 2011-02-27 18:32:07 | avira | PHP/Pbot.A.9 | 24/41 (58.5%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | 53976b273f4069e0c9ca766f4ac9df03 | http://201.245.129.42/dav/x/spread.txt?? || 2011-02-27 19:32:09 | avira | PHP/Pbot.A | 21/40 (52.5%) | AS16629 | 200.54.148.71 | sescobar@ISP.TIE.CL | CL | LACNIC | | c718bc77eb0063fffa19e36809a4f72b | http://valparaiso.universidadarcis.cl/v2.0/administrator/modules/.bash/spread.txt? || 2011-02-27 20:11:57 | avira | TR/Dropper.Gen | 11/41 (26.8%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 33939bb49da31e7685750bc41e39fd98 | http://h1.ripway.com/mandy91/1211.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 3/41 (7.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 75abe067816dc05b942e52d90825c9e4 | http://www.speedapps.com/Builds/AlbumDownloaderSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 6/41 (14.6%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d513e6ab06f3f9ab84d774f00e64133c | http://www.speedapps.com/Builds/BatchImageConverterSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 3/41 (7.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 7d52b3e8ea640be42e0837050be09af7 | http://www.speedapps.com/Builds/FreeDVDRipperSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 3/41 (7.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | ba144f3f78e5c0ccf6e6703c030b9300 | http://www.speedapps.com/Builds/FreeDVDToiPodSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 2/38 (5.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | ff247c446afa566d7ceb5961cf5803c3 | http://www.speedapps.com/Builds/FreeDVDToMP3Setup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 2/40 (5%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 31c7ed4f7f0b8d1d00764bed0daf2993 | http://www.speedapps.com/Builds/FreeSwiftAntiVirusSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 3/40 (7.5%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 6bc1c32c84eaefb2bf9cebae07e4bbc9 | http://www.speedapps.com/Builds/iPodAggregatorSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 3/41 (7.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | a148326c95a79bfe3adebbc4e46d8aad | http://www.speedapps.com/Builds/iTunesExportWizardSetup.exe || 2011-02-27 21:02:45 | eSafe | Win32.APPLAgent.Rz | 4/39 (10.3%) | AS21844 | 74.52.132.196 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 83a7d41be71b4c8543487d081bca08f2 | http://www.speedapps.com/Builds/MovieEditorWhizSetup.exe || 2011-02-27 21:52:55 | avira | PHP/IRCBOT.DL | 12/41 (29.3%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 2792aa0625aa6d1d241d724a03c66457 | http://teen-37.net/bismi.txt? || 2011-02-27 21:52:38 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 493d3c720be431004253125118998a5d | http://teen-37.net/ID-RFI.txt?? || 2011-02-27 21:52:51 | avira | PHP/Loader.9852 | 7/41 (17.1%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 67f63fe5281a860fe74ed8f2c225d490 | http://teen-37.net/c0x.txt??? || 2011-02-27 23:00:24 | AntiVir | PHP/Shellbot.7642 | 23/41 (56.1%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | d118afa3539cee1d8b37803b2b553d5f | http://renero.zoomshare.com/files/school.jpg?&modez=shellz || 2011-02-27 23:00:28 | AntiVir | PHP/Shellbot.7642 | 23/41 (56.1%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | d118afa3539cee1d8b37803b2b553d5f | http://renero.zoomshare.com/files/school.jpg?&modez=scannerz || 2011-02-27 22:54:49 | AntiVir | PHP/Agent.DZ | 27/41 (65.9%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.94 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 0c0da5a9e96717cdc6b94800f4005825 | http://dotexe.levelonepower.com/RFI/sh.txt?%20] || 2011-02-27 23:00:31 | AntiVir | PHP/Shellbot.7642 | 21/40 (52.5%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | d118afa3539cee1d8b37803b2b553d5f | http://renero.zoomshare.com/files/school.jpg?&modez=botz || 2011-02-27 23:41:30 | AntiVir | PHP/Pbot.A | 25/39 (64.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 6c612570e0a9c428aefc5154142ae414 | http://fritzen.110mb.com/dallas.txt? || 2011-02-28 00:32:30 | avira | PHP/Shellbot.7642 | 22/39 (56.4%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | bc8e6f8d290c2b33576a62ff81829b50 | http://chazinho.110mb.com/shellchazinho.txt.txt? || 2011-02-28 01:23:44 | AntiVir | PHP/Shellbot.7642 | 25/41 (61%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | fe7c1646e7d512ef802204418c3e616a | http://chazinho.110mb.com/chazinhoshell.txt.txt? || 2011-02-28 02:47:07 | undef | unknown_exe | | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | 2b1e7e39a161a51abb5a85f64866c43c | http://falcogames.com/ZombieMurderSetup.exe || 2011-02-28 02:47:34 | avira | DR/Delphi.Gen | 20/41 (48.8%) | AS41947 | 92.241.191.206 | abuse@wahome.ru | RU | RIPE | WAHOME-DEDIC | d2ea299f178f114ca09957ccd4c6fdb9 | http://rottentraff.net/hacked/sx2009.exe || 2011-02-28 02:41:30 | avira | PERL/Shellbot.a.6 | 27/41 (65.9%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | 89e09ce7b372dd5b4420ac6ee205b8bf | http://plongeemayenne.org/csm001//black.txt?? || 2011-02-28 02:54:29 | undef | unknown_html_RFI | 0/41 (0.0%) | AS36167 | 208.91.133.50 | abuse@netriplex.com | US | ARIN | NETR-AVL-1 | 3ce8e1c8f09e3f707c6752d72c216cd5 | http://zimmers.net/commie/telbbsdr.txt? || 2011-02-28 03:00:04 | avira | EXP/Pdfka.auo | 27/39 (69.2%) | AS3491 | 209.9.239.101 | abuse.ops@pccwglobal.com | US | ARIN | BTN-CIDR4 | 90a3db5f7e85a8ec17320d7228f46c7b | http://jsunpack.jeek.org/jsunpack-n.tgz || 2011-02-28 03:33:50 | Ikarus | Trojan-Banker.Win32.Banker2 | 3/41 (7.3%) | AS8167 | 201.67.154.234 | csirt@oi.net.br | BR | LACNIC | 076.535.764/0326-90 | 10521bec82432d57cd1af259507cbbef | http://201.67.154.234/socio/ClienteSantander.exe || 2011-02-28 03:33:50 | undef | unknown_html_google_blacklist | 0/40 (0.0%) | AS30968 | 77.221.130.40 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 815ae00ab93f114c25e096d47643dfee | http://www.guis-lefortovo.ru/modules/portals/onlinebanking/alerts/index2.html || 2011-02-28 03:34:34 | avira | PERL/Shellbot.a.6 | 26/40 (65%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | 89e09ce7b372dd5b4420ac6ee205b8bf | http://www.plongeemayenne.org/csm001//black.txt?? || 2011-02-28 03:28:07 | avira | PHP/IRCBOT.K | 19/41 (46.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | fd4dd2a18563679840516acc8b00cdee | http://mastin.fileave.com/tamanhati.txt???http://uaedesign.com/config/idfx.txt? || 2011-02-28 03:33:42 | avira | PERL/Shellbot.a.6 | 27/41 (65.9%) | AS16276 | 213.186.33.4 | abuse@ovh.net | FR | RIPE | OVH | 89e09ce7b372dd5b4420ac6ee205b8bf | http://plongeemayenne.org/csm001//black.txt? || 2011-02-28 04:00:03 | avira | JS/Dldr.Agent.wsh | 15/41 (36.6%) | AS4766 | 222.122.235.2 | abuse@kornet.net | KR | APNIC | KORNET-KR | ad39f2aab66624cbcdda88405e25464e | http://222.122.235.2/click.asp || 2011-02-28 04:32:33 | undef | unknown_html | 0/41 (0.0%) | AS6407 | 64.26.174.76 | registrar@magma.ca | CA | ARIN | MAGMA-BLK3 | 9c6180df4993247d942889250eb4ff52 | http://www.lifesaving.ca/2011/new/Number/index.php || 2011-02-28 05:55:02 | avira | PERL/Shellbot.a.6 | 29/40 (72.5%) | AS16276 | 213.186.33.16 | abuse@ovh.net | FR | RIPE | OVH | 6b10141881abfefefde82d540055a75d | http://colmarie-torfou.net/edt/classes/atrix?? || 2011-02-28 05:56:12 | avira | BDS/PHP.Small.O.12 | 0/40 (0.0%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 84411dfa51faf420efd24c25a300fe34 | http://incyan.com.tw/id.txt || 2011-02-28 06:42:56 | avira | PHP/IRCBOT.DL | 14/40 (35%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 2792aa0625aa6d1d241d724a03c66457 | http://teen-37.net/bismi.txt || 2011-02-28 06:42:56 | avira | PHP/Loader.9852 | 7/40 (17.5%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 67f63fe5281a860fe74ed8f2c225d490 | http://teen-37.net/c0x.txt?? || 2011-02-28 06:42:56 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 493d3c720be431004253125118998a5d | http://teen-37.net/ID-RFI.txt? || 2011-02-28 06:42:56 | avira | PHP/WebShell.56267 | 8/41 (19.5%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 840372e5f4f9a44efa8f4c0608a3b4de | http://teen-37.net/itile.txt || 2011-02-28 06:42:57 | avira | PERL/IrcBot.AW | 22/41 (53.7%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | b212c35475ffb8fcc80e1a4aa777ec18 | http://www.asdsingapore.com/includes/domit/ph.jpg || 2011-02-28 06:42:57 | clamav | PHP.Id-36 | 14/41 (34.1%) | AS31034 | 62.149.140.34 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 4f48fabbd4b83e52ac9d33407ad7b4eb | http://www.drfelettronica.it/docs/.logx? || 2011-02-28 06:42:57 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS31034 | 62.149.140.34 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 855d78ee443f8185c442fa5f5030d102 | http://www.drfelettronica.it/docs/.logz? || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS29761 | 96.44.173.220 | noc@quadranet.com | US | ARIN | OC3-NETWORKS2 | eadcca26d967c7e48dcf547959470c09 | http://96.44.173.220:61688/img/img.txt || 2011-02-28 06:50:59 | undef | unknown_html_google_malware | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | dbf9843fe5e69fe1ed4b714b10c6ec58 | http://childhe.com/pas/apstpldr.dll.html?affid=171593&uid=&guid=7D7516A16F7742AEB60204997E375E7E || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | f069c12ec6a25285ee78a64b6ccbc68e | http://daporch.com/dimqlweyg/nezgb.php?adv=adv447 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 0ef8eaeb1482d0218f28e6e5a5e1ceb0 | http://daporch.com/dimqlweyg/qhysq.php?adv=adv447 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 4ae34e9ee2052290cdbcc2b1a9ed2c8d | http://daporch.com/dimqlweyg/ridxsdls.php?adv=adv447 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 2729fbb9b4f8cfa0db0b263de7aaaa8b | http://daporch.com/dimqlweyg/vadyjelgez.php?adv=adv447&code1=GP00&code2=0300&id=13441600&p=1 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 8b702c3d0620df6c6847faa8838bcf0d | http://ddk2200.com/ab14/setup.php?act=fb_get || 2011-02-28 06:50:59 | undef | unknown_html | 0/38 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 0d08e10682f0474613b1e9da8299cf58 | http://ddk2200.com/ab14/setup.php?act=filters&id=3PJciwu2FHXOx5tmRhvJuJEC&ver=2 || 2011-02-28 06:50:59 | undef | unknown_html | 0/40 (0.0%) | AS33694 | 208.71.123.133 | operations@247realmedia.com | US | ARIN | 247REALMEDIA | a12623465a6aa9e71dbd24b4283978de | http://dm.de.mookie1.com/2/B3DM/2010DM/11852738320@x23?USNetwork/CapellaU_2011Q1_Adt_RON2_728 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS33694 | 208.71.123.133 | operations@247realmedia.com | US | ARIN | 247REALMEDIA | a9fc88c781f9baab58aca934c911f98e | http://dm.de.mookie1.com/2/B3DM/DLX/@x94 || 2011-02-28 06:50:59 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS6760 | 77.67.111.188 | abuse@ripe.net | EU | RIPE | EU-ZZ-80-93 | 4f0fafcecd1642b4499bfb7daef0dca7 | http://driveragent.com/0/driveragent_results?hwid=9de1be633b14bf3293d1062dd6c4eca6&PHPSESSID=iugkqkd3papu5o53645hqam0f7&referral=1 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 5f7381a36ea380618c743644e6c791d1 | http://insurance-tree.com/ || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://insurance-tree.com/hb.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 5f7381a36ea380618c743644e6c791d1 | http://insurance-tree.com/hc3.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://minitol.co.uk/hb.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | aa3b7bbdb174dadb5879181c538c6eda | http://minitol.co.uk/hc3.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 58.225.75.212 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 19e4e5ad8959e3f5110e28abe9c4fd9d | http://plustab.co.kr/install.asp?version=1.0.0.3&id=PT39&mac=000C2937B596 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 58.225.75.212 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | b32fb9ece95314f369f14e364944afc6 | http://plustab.co.kr/update/PT39/PlusTab.ini || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://raisingtips.com/hb.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | e47f28c547bf62f3715bd49318722b3b | http://raisingtips.com/hc3.asp || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 114.203.84.233 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | ad9b299f2c3e081350faad8c6c5f3bb6 | http://windv.infotab.co.kr/install.asp?version=1.0.0.1&id=WD03&mac=000C29CB1871 || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 68.178.232.77 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8f6a2ee5f31c3b04a9f1fb98a7f00e09 | http://www.app-zilla.com/register_imageconverter.php? || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 68.178.232.77 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 28d065a3aa4b2063b5deb7a81e5eb62e | http://www.app-zilla.com/register_imageconverter_y.php? || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 68.178.232.77 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 25b9ddbfded8b6c30a88f7a0959a6867 | http://www.app-zilla.com/register_itunesexport_yz.php? || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 68.178.232.77 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 7a568e78517ba94f84ef35e5d06adc92 | http://www.app-zilla.com/register_itunesexport_z.php? || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.13.247 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 27541a51320becb2b7f8ebe84eaa4299 | http://www.ezsearch.kr/app/except.php || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.13.182 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 11bbb00d1e4e7d2b9da78c74031c1ca5 | http://www.ezsearch.kr/app/proset.php?pid=tree || 2011-02-28 06:50:59 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.13.181 | network@smileserv.com | KR | APNIC | SMILESERV-KR | b427318a66ba46488ae547dd26a3702b | http://www.ezsearch.kr/app/searchurl.php || 2011-02-28 06:51:15 | avira | PHP/RemoteAdmi.6444 | 16/41 (39%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 73c6526d8a3825c2ac6bdbd6d2169280 | http://www.jaimabrownhome.com/css/ver.txt? || 2011-02-28 07:02:43 | avira | TR/Crypt.XPACK.Gen | 35/41 (85.4%) | AS26228 | 69.59.138.150 | noc@servepath.com | US | ARIN | SERVEPATH-BLK2 | 8ec4e7dc49108c519c505fa95b73bcdd | http://info.collectionerrorreport.com/varw.exe || 2011-02-28 07:06:25 | undef | unknown_html | 0/40 (0.0%) | AS48709 | 91.200.242.230 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 5c9097fe86e42d07212df426d4a29d02 | http://91.200.242.230/spm/s_alive.php?id=52239535040470479002246139156054&tick=109671&ver=522&smtp=ok&sl=1&fw=0&pn=0&psr=0 || 2011-02-28 07:06:25 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://insurancenewcar.net/hb.asp || 2011-02-28 07:06:25 | undef | unknown_html | 0/39 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 55785a34600b4712458551850ef82968 | http://insurancenewcar.net/hc3.asp || 2011-02-28 07:06:25 | avira | TR/BHO.DS.1 | 3/41 (7.3%) | AS4766 | 218.146.255.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | 41b73c392ce6bb87da8411a75e2ac9c9 | http://open-shop.kr/pgm/osbwbar.dll || 2011-02-28 07:06:25 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 218.146.255.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | 4b9b0e084c6b427fb9a78b5300bb0e1b | http://open-shop.kr/pgm/oslist.dat || 2011-02-28 07:06:25 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://popit.in/hb.asp || 2011-02-28 07:06:25 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 00ace007147b9820891861b1ce68541f | http://popit.in/hc3.asp || 2011-02-28 07:06:25 | undef | unknown_html | 0/40 (0.0%) | AS9318 | 222.234.2.58 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 47c2dfc4495b5971267bf0a3029eeaa5 | http://webside.kr/link/rand/runexe2.php || 2011-02-28 07:06:25 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 222.234.2.58 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 47c2dfc4495b5971267bf0a3029eeaa5 | http://webside.kr/link/rand/runexe2.php?kind=i&pid=sangdns || 2011-02-28 07:06:25 | undef | unknown_html | 0/40 (0.0%) | AS38700 | 115.68.17.59 | network@smileserv.com | KR | APNIC | SMILESERV-KR | f7c16eb47606601b00dded34e421b756 | http://www.codedoctor.co.kr/app/ip.php || 2011-02-28 07:06:25 | undef | unknown_html | 0/40 (0.0%) | AS38700 | 115.68.17.59 | network@smileserv.com | KR | APNIC | SMILESERV-KR | f6263fabb8704946c4a28185685e5078 | http://www.codedoctor.co.kr/app/update/list.html || 2011-02-28 07:06:25 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 218.146.255.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | 81051bcc2cf1bedf378224b0a93e2877 | http://www.open-shop.kr/counter/app_boot.php || 2011-02-28 07:31:59 | avira | TR/OpenShop.A | 13/39 (33.3%) | AS4766 | 218.146.255.156 | abuse@kornet.net | KR | APNIC | KORNET-KR | 2c638b19193cadca91ed1f665342f6cd | http://open-shop.kr/pgm/osbwbarupd.exe || 2011-02-28 07:37:37 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | dcc55d73dae5326abb4f00d9313a7e70 | http://honda2.fileave.com/zfxid2.txt???? || 2011-02-28 07:37:59 | avira | PHP/IRCBOT.EW | 19/41 (46.3%) | AS36351 | 67.228.108.34 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | ff268348cf709968eddd6a0cd910dc1c | http://cameraclinic.com.au/modules/mod_sections/asu.txt????????????? || 2011-02-27 14:43:02 | undef | Trojan.Win32.Menti.boh | 0/41 (0.0%) | AS4323 | 216.120.252.8 | abuse@hostrocket.com | US | ARIN | HRWEBSERVICES | fc3fc7917b8084146cfed76855bce5b9 | http://216.120.252.8/~bonnjoed/up/ || 2011-02-28 06:29:24 | Ikarus | Exploit.HTML.IframeRef | 2/40 (5%) | AS15201 | 200.98.197.86 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 8e6fc7930a72c9611a52875ca91fa140 | http://standartte.dominiotemporario.com/ || 2011-02-28 06:29:26 | undef | W32/Trojan-Gypikon-based.DE!Maximus | 0/40 (0.0%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | c715259684be7681f32597072efac416 | http://www.freewebtown.com/flast/ || 2011-02-28 06:29:30 | undef | Trojan-Downloader.Win32.Delf.avxl | 0/40 (0.0%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | b63772909ad3a8869461ac3ce1481e69 | http://www.freewebtown.com/manuelasilva/ || 2011-02-28 08:55:00 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://insuranceresume.com/hb.asp || 2011-02-28 08:55:00 | undef | unknown_html | 0/38 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 21852e7161d7cea86f08bad5e338136d | http://insuranceresume.com/hc3.asp || 2011-02-28 08:55:00 | undef | unknown_html | 0/41 (0.0%) | AS33070, AS10532, AS19994, AS27357 | 174.143.89.156 | abuse@rackspace.com | US | ARIN | RSCP-NET-4 | caf4dba264f41554563edb85ab09bef9 | http://ourbbbonline2.bbb.org/Boston/BBBOnlineSeal/44404/H2/0/seal.png || 2011-02-28 08:55:01 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://smoothiestores.com/hb.asp || 2011-02-28 08:55:01 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 55da51288a0aa8ed9204cb4e7a1be81a | http://smoothiestores.com/hc3.asp || 2011-02-28 08:56:08 | avira | PHP/Small.Awi.1026 | 23/41 (56.1%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 0a181b41a524502b50c94f405728b01e | http://www.asdsingapore.com/includes/domit/crewid.txt? || 2011-02-28 08:56:08 | avira | PHP/Small.ao.4121 | 8/40 (20%) | AS32392 | 98.131.33.116 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 9b1e1a31fd7bd7fa942665ea6c54c513 | http://www.johnlturner.com/images/stories/audio/gif? || 2011-02-28 06:29:39 | undef | Worm.Win32.VBNA.b | 0/40 (0.0%) | AS17920 | 113.192.13.99 | noc@ultraserve.com.au | AU | APNIC | ULTRASERVE | 7b8311efadc542200f21373f5b4fb22c | http://clocks.net.au/ || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://bdonk.com/hb.asp || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | be8e127dbf63b072f6d60425c6577468 | http://bdonk.com/hc3.asp || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS38700 | 115.68.13.181 | network@smileserv.com | KR | APNIC | SMILESERV-KR | b525411b6f68550b187565516e04fc5a | http://down.ezsearch.kr/app/keylist.php || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://insurancekentucky.net/hb.asp || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 71a36ff355bf828a336789ca19034eeb | http://insurancekentucky.net/hc3.asp || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://jakartalotto.info/hb.asp || 2011-02-28 09:24:53 | undef | unknown_html | 0/40 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 5b3344d432a6672b19682272921482ef | http://jakartalotto.info/hc3.asp || 2011-02-28 09:30:27 | AVG | Generic21.AAZW | 7/41 (17.1%) | AS30890 | 89.114.9.34 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | c938ff4ecf846b3f8185664a9fa39ef4 | http://g3u4g.net/xxudv.exe || 2011-02-28 09:31:56 | undef | unknown_exe | | AS41550 | 91.196.0.161 | abuse@hostbizua.com | UA | RIPE | HOSTBIZUA-NET | 2b1e7e39a161a51abb5a85f64866c43c | http://www.falcogames.com/ZombieMurderSetup.exe || 2011-02-28 10:32:34 | avira | EXP/PDF.Jeka.B | 23/39 (59%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | c4a5b873dac9b83416e6bf83432e5551 | http://ofgoynooytn.com/nte/GNH11.asp/xHff9c1ceaV0100f060006R3d708fb1102Tb2f77921203l000c329 || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS1668 | 205.188.95.226 | domains@aol.net | US | ARIN | AOL-DTC | 56398e76be6355ad5999b262208a17c9 | http://anrtx.tacoda.net/rtx/r.gif?cmd=RES&si=18252&pi=H&xs=3 || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.17.59 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 878c6a8f69cf707f8608c056881765ee | http://codedoctor.co.kr/app/update/update_app.html || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://drugs-cards.info/hb.asp || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 54bbaff800ddcf4db5ea99b0e36c3c77 | http://drugs-cards.info/hc3.asp || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://philosopherlists.com/hb.asp || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | f11f3cc7f854f06093f4f192ac2596ed | http://philosopherlists.com/hc3.asp || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | cb187e8cbe4cdd15ae5ee8d2bc7daefb | http://wholesomediets.com/hb.asp || 2011-02-28 10:39:23 | undef | unknown_html | 0/41 (0.0%) | AS8001 | 66.246.235.42 | abuse@nac.net | US | ARIN | NAC-NETBLK06 | 0150efc10695bb58ccc9bde635bb1ec9 | http://wholesomediets.com/hc3.asp || 2011-02-28 10:40:03 | undef | unknown_html | 0/41 (0.0%) | AS4766 | 222.122.235.2 | abuse@kornet.net | KR | APNIC | KORNET-KR | 15340fd85ab49a2bd5408ad5cc9076cd | http://222.122.235.2/index.htm || 2011-02-28 11:02:54 | avira | PHP/Pbot.A | 28/41 (68.3%) | AS6147 | 200.60.112.174 | sysadm@unired.net.pe | PE | LACNIC | PE-TPSA-LACNIC | 3951914bc6b3ea4322c7015026b97f50 | http://200.60.112.174/~soporte/fuck.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 29/41 (70.7%) | AS46475 | 208.115.212.157 | noc@limestonenetworks.com | US | ARIN | LSN-DLLSTX-5 | 04bb34cff536959e09fb64da7486b16b | http://208.115.212.157:8090/donate/pbot.txt || 2011-02-28 11:02:54 | AntiVir | PHP/BackDoor.AR | 18/41 (43.9%) | AS24940 | 78.47.198.57 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20070416 | 77060464b7f11b8d1eb4ab5a84c9bb03 | http://78.47.198.57:11200/pwn/ckrid2.txt || 2011-02-28 11:02:54 | AntiVir | PHP/Pbot.A | 14/41 (34.1%) | AS24940 | 78.47.198.57 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20070416 | 1462858e6c944c03733f76fa82515d2d | http://78.47.198.57:11200/pwn/logo.jpg || 2011-02-28 11:02:54 | avira | PHP/Agent.AD | 21/41 (51.2%) | AS21844 | 74.52.59.98 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 87e29f93ca0ee7961cbd2ae369494ae3 | http://aaronslayouts.com//_theme/images/.logx || 2011-02-28 11:02:54 | avira | PHP/Pbot.A | 29/41 (70.7%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 78449a57d70505a2c252b20aa862b13c | http://b0tsowndadores.110mb.com/stk.txt || 2011-02-28 11:02:54 | avira | PHP/Pbot.A | 28/41 (68.3%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 26a8bc99068541798d26f1f0634366a9 | http://b0tsowndadores.110mb.com/vamonuka.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 26/41 (63.4%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 423b459f42d51c50f1c248773a0aba53 | http://chazinho.110mb.com/caraca.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 25/41 (61%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | fe7c1646e7d512ef802204418c3e616a | http://chazinho.110mb.com/chazinhoshell.txt.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 25/41 (61%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | bc8e6f8d290c2b33576a62ff81829b50 | http://chazinho.110mb.com/shellchazinho.txt.txt || 2011-02-28 11:02:54 | avira | PERL/Shellbot.a.6 | 29/41 (70.7%) | AS16276 | 213.186.33.16 | abuse@ovh.net | FR | RIPE | OVH | 6b10141881abfefefde82d540055a75d | http://colmarie-torfou.net/edt/classes/atrix || 2011-02-28 11:02:54 | AhnLab_V3 | PHP/Phpshell | 12/41 (29.3%) | AS174 | 38.124.38.68 | abuse@cogentco.com | US | ARIN | PSINETA | 9d2552a1a912200ddbf9946717761f95 | http://cyberkobe.zoomshare.com/files/Ckrid1.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 24/41 (58.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | a8a34f518111f167ea971070eb083bca | http://ddoszer.110mb.com/vircio.org.txt || 2011-02-28 11:02:54 | avira | EXP/PHP.E | 26/40 (65%) | AS15201 | 187.61.61.187 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 067fc2ab65ddd40645e6e0b91570de9e | http://fotoleandro.com.br/plugins/system/list/cmd.txt || 2011-02-28 11:02:54 | AntiVir | PHP/Pbot.A | 28/40 (70%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | c2fe203bc30b6da92870073c31f90239 | http://gugato00.110mb.com/pbott.txt || 2011-02-28 11:02:54 | clamav | PHP.Mailer-4 | 7/41 (17.1%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 9a4a3b0de99ee6e9b30bc2c1ee79357f | http://icorpus.110mb.com/chove.txt || 2011-02-28 11:02:54 | avira | PHP/Small.C | 27/41 (65.9%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | 69e9154453f8f922937a8f66e77082d8 | http://isengabis.webs.com/decode.txt || 2011-02-28 11:02:54 | avira | TR/Script.75 | 25/41 (61%) | AS33968 | 79.171.34.31 | rob@ukgrid.net | GB | RIPE | INTERNETENGINEERING | a05dfd7cca7771a7565a154d65f05ea2 | http://j-m-designs.co.uk/files/id1.jpg || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 22/41 (53.7%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 74849166f8670bcef2cb1f65a7b2e422 | http://kakakaxd.110mb.com/dumdum.txt || 2011-02-28 11:02:54 | avira | PHP/Pbot.A | 29/41 (70.7%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | a91729d9ccf6c4bcb1db178f5bf73a49 | http://kortech.cn/bbs/dd.txt || 2011-02-28 11:02:54 | avira | PHP/IRCBOT.e.73440 | 19/40 (47.5%) | AS4134 | 218.5.74.92 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-FJ | 4ac0564c05bd0f35e267a5781c253f8f | http://kortech.cn/bbs/spread.txt || 2011-02-28 11:02:54 | avira | PHP/Limworm.172478 | 31/40 (77.5%) | AS24989 | 88.84.137.235 | abuse@1blu.de | DE | RIPE | IXEUROPE-1BLU-2 | 131199f32da6c9b698677efc7299cd43 | http://kristall-edelstein.de/images/images/stun.jpg || 2011-02-28 11:02:54 | avira | PHP/Pbot.A.6 | 29/41 (70.7%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 4e40e3b142c01d9f58a01fd3305f00fd | http://marisouza.110mb.com/bot.txt || 2011-02-28 11:02:54 | avira | PHP/PHPShell.BE | 15/41 (36.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 624927fd425c98840fbfda3018162ef9 | http://mexxshi.fileave.com/Ckrid1.jpg || 2011-02-28 11:02:54 | avira | TR/Script.77 | 17/40 (42.5%) | AS29671 | 92.61.150.19 | abuse@servage.net | EU | RIPE | SRVG-NET-HH1-H5-2 | dc7b2fd7417f4ea1917ac8b7284fecba | http://ntdesigner.cd44.co.uk/images/id1.jpg || 2011-02-28 11:02:54 | AntiVir | PHP/C99Shell.C | 26/41 (63.4%) | AS10297 | 209.190.24.4 | abuse@ee.net | US | ARIN | ENET-XLHOST | 92f5b6cfa737406a44e0ad615e671115 | http://photoshop.iran50.com/r57.txt || 2011-02-28 11:02:54 | avira | PHP/Shellbot.7642 | 25/41 (61%) | AS36420, AS30315, AS13749, AS21844 | 174.123.132.122 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | e180da95c5228caa0b0e24268d62fd8e | http://pigsfood.com/pbot.txt || 2011-02-28 11:02:55 | avira | PHP/Rst.F | 27/41 (65.9%) | AS31333 | 80.244.246.126 | abuse@vollmar.net | DE | RIPE | vollmarnet-dedicated-net1 | da3357aea1489e5fa6111366410bce87 | http://scan.nruns.com/c100.txt || 2011-02-28 11:02:55 | avira | PHP/Rst.H.95982 | 26/41 (63.4%) | AS23352 | 204.93.163.59 | abuse@servercentral.net | US | ARIN | SCN-6 | d4607eca6d3adb34fdf4661668018c67 | http://shellmerkezi.net/r57.txt || 2011-02-28 11:02:55 | avira | PHP/Shellbot.7642 | 25/41 (61%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e679edb89cf1054441e9a82a61ea4639 | http://soneka.110mb.com/shell%20doszs.txt || 2011-02-28 11:02:55 | avira | PHP/Pastie.637 | 20/40 (50%) | AS7643 | 123.30.181.39 | abuse@vnn.vn | vn | APNIC | VDC-NET | 493d3c720be431004253125118998a5d | http://teen-37.net/ID-RFI.txt || 2011-02-28 11:02:55 | avira | PHP/Sendmail.373 | 11/41 (26.8%) | AS8342 | 81.176.228.4 | abuse@rtcomm.ru | RU | RIPE | RU-RTCOMM-20030115 | e2ac2ee7a9274c01d3e6e27c0a0ece66 | http://tester2302.1gb.ru/tester.txt || 2011-02-28 11:02:55 | avira | PHP/Shellbot.7642 | 21/40 (52.5%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.46.19 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 40df123b6ef337905d3a9822120d6c8f | http://uploader.ws/upload/200904/iai1.txt || 2011-02-28 11:02:55 | avira | PHP/Small.Awi.1026 | 23/40 (57.5%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 0a181b41a524502b50c94f405728b01e | http://www.asdsingapore.com/includes/domit/crewid.txt |+---------------------+-------------+-------------------------------------+---------------+---------------------------------------------+-----------------+----------------------------------+---------+--------+-----------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0.02 sec)
+---------------------+-------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+--------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+-------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+--------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-02-28 11:02:55 | avira | PHP/Agent.H | 20/41 (48.8%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | fec3569fbc74d37abbfc3169ff4c5f40 | http://www.asdsingapore.com/includes/domit/injek.txt || 2011-02-28 11:02:55 | avira | PHP/Small.Awi.1026 | 19/39 (48.7%) | AS16276 | 87.98.170.31 | abuse@ovh.net | FR | RIPE | OVH | 3592dc4621546a9ff14f2d4018c6c366 | http://www.bestofrobots.fr/downloader/skin/images/id.txt || 2011-02-28 11:02:55 | avira | PHP/C99Shell.B | 33/40 (82.5%) | AS4134 | 121.9.227.50 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | f603a59f0fd4f2401c40ec28ddc0391f | http://www.cnscut.cn/data/home.jpg || 2011-02-28 11:02:55 | clamav | PHP.Id-36 | 12/37 (32.4%) | AS31034 | 62.149.140.34 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 4f48fabbd4b83e52ac9d33407ad7b4eb | http://www.drfelettronica.it/docs/.logx || 2011-02-28 11:02:55 | avira | TR/Script.86 | 16/41 (39%) | AS31034 | 62.149.140.34 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 7ab5a3291410db3231141e2818e85318 | http://www.drfelettronica.it/docs/zfxid1.txt || 2011-02-28 11:02:55 | avira | PHP/PHPShell.BE | 15/41 (36.6%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 624927fd425c98840fbfda3018162ef9 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/pendosa/id1.txt || 2011-02-28 11:02:55 | avira | PERL/IrcBot.AX | 17/41 (41.5%) | AS34224 | 87.121.165.6 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 0c56d41af900b79b2d2111c4a40447fd | http://www.e-vestnik.bg//imgs/2008/g.txt || 2011-02-28 11:02:55 | avira | PHP/Pbot.A | 16/39 (41%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 67c45b2266bac4d9fe8740365d1eeacc | http://www.freewebtown.com/karitop/BOT.txt || 2011-02-28 11:02:55 | avira | PHP/Pbot.A | 25/41 (61%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | cef6786c553fabc5657a5b6348486f7c | http://www.freewebtown.com/karitop/b.txt || 2011-02-28 11:02:55 | avira | PERL/IrcBot.AX | 27/39 (69.2%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | daa7f4952ac4910d23664b6f5993606b | http://www.gros-gaz.com/plugins/c.txt || 2011-02-28 11:02:55 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS28907 | 89.184.73.139 | noc@mirohost.net | UA | RIPE | MIROHOST | 493d3c720be431004253125118998a5d | http://www.gros-gaz.com/plugins/logon.txt || 2011-02-28 11:02:55 | avira | PHP/PHPInfo.E | 20/39 (51.3%) | AS7132 | 76.230.181.122 | abuse@att.net | US | ARIN | SBCIS-SBIS-6BLK | 292dbe6e7a4e9245e72ba548df5c393a | http://www.jaimabrownhome.com/css/pandegaid.txt || 2011-02-28 11:02:55 | avira | PHP/Massma.M.5262 | 17/41 (41.5%) | AS35540 | 87.98.231.19 | abuse@ovh.net | ES | RIPE | ES-OVH | 668856454c6110dab5597433f9e94d35 | http://www.nrdleague.es/pub07/include/p.jpg || 2011-02-28 11:02:55 | avira | TR/Script.77 | 17/41 (41.5%) | AS19994 | 184.106.232.243 | abuse@rackspace.com | US | ARIN | RACKS-8-1274710565702854 | dc7b2fd7417f4ea1917ac8b7284fecba | http://www.pioneerafrica.com/images/flash/id1.gif || 2011-02-28 11:02:55 | avira | PHP/Pbot.A.6 | 29/41 (70.7%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | e227fc14a60fd4e27129a626da7da352 | http://www.smokers-heaven.co.uk/vnc/pbot.txt || 2011-02-28 11:02:55 | avira | TR/Script.76 | 24/41 (58.5%) | AS21844 | 74.53.189.178 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | fc9a685b4cd66241b2a62e9aaa113bf7 | http://www.visitingargentina.com/weblog/wp-cache/pro/id1.txt || 2011-02-28 11:02:55 | avira | PHP/C99Shell.B | 27/40 (67.5%) | AS29629 | 82.196.5.223 | abuse@ieurop.net | FR | RIPE | INETWORK-IEUROP | 8346844849676b4e14ea3fd48983c432 | http://zouldik-x.ifrance.com/x1.txt || 2011-02-28 11:11:42 | avira | PERL/Shellbot.aa | 17/39 (43.6%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | aefb193f0f1f38c28b3ff25b6d00a8a1 | http://www.freewebtown.com/karitop/bit.txt || 2011-02-28 11:11:43 | undef | unknown_html | 0/39 (0.0%) | AS38700 | 115.68.13.247 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 11bbb00d1e4e7d2b9da78c74031c1ca5 | http://www.ezsearch.kr/app/proset3.php?pid=coffee || 2011-02-28 11:11:43 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.13.182 | network@smileserv.com | KR | APNIC | SMILESERV-KR | b427318a66ba46488ae547dd26a3702b | http://www.ezsearch.kr/app/searchurl3.php || 2011-02-28 11:11:43 | undef | unknown_html | 0/40 (0.0%) | AS4134 | 113.107.42.140 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 08defe33c8ca34881c151b25734894aa | http://www.kusila.com/?mt30 || 2011-02-28 11:11:43 | Avast | PHP:Pbot-P | 4/40 (10%) | AS46216 | 216.52.115.51 | abuse@internap.com | US | ARIN | PNAP-8-98 | c3f0945fd7ba90b827cf254eb9a2380c | http://rayzz.webs.com/bot/sprd.txt?? || 2011-02-28 12:00:02 | undef | unknown_html | 0/41 (0.0%) | AS17633 | 222.173.188.52 | ipreport@sdtele.com | CN | APNIC | CHINANET-SD | b756c193989fc23b59b92f1e7c9e66cb | http://count30.51yes.com/click.aspx?id=306731552&logo=1 || 2011-02-28 12:16:52 | avira | PHP/Pbot.A | 18/41 (43.9%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 67c45b2266bac4d9fe8740365d1eeacc | http://www.freewebtown.com/karitop/BOT.txt? || 2011-02-28 12:18:28 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS16276 | 213.251.168.166 | abuse@ovh.net | FR | RIPE | OVH | adb5da38a9e9dc3aa4be8af16de887b2 | http://ns33921.ovh.net/~ovh/phpMyAdmin-2.8.0.4/scripts/mootools.js || 2011-02-28 12:18:28 | undef | unknown_html | 0/39 (0.0%) | AS16276 | 213.251.168.166 | abuse@ovh.net | FR | RIPE | OVH | 1778d9de48f148d88e18585c0c03d9d0 | http://ns33921.ovh.net/~ovh/phpMyAdmin-2.8.0.4/scripts/toolbar.admin_back.txt || 2011-02-28 12:18:28 | undef | unknown_html | 0/41 (0.0%) | AS1668 | 207.200.81.11 | domains@aol.net | US | ARIN | NETSCAPE-CIDR | 56398e76be6355ad5999b262208a17c9 | http://tacoda.at.atwola.com/rtx/r.gif?cmd=RES&si=18252&pi=H&xs=3 || 2011-02-28 12:18:28 | undef | unknown_html | 0/39 (0.0%) | AS1668 | 207.200.81.11 | domains@aol.net | US | ARIN | NETSCAPE-CIDR | 56398e76be6355ad5999b262208a17c9 | http://tacoda.at.atwola.com/rtx/r.gif?cmd=RES&si=18252&pi=H&xs=3&tid= || 2011-02-28 12:18:28 | undef | unknown_html | 0/39 (0.0%) | AS9318 | 116.127.121.37 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 7a815a83400cffdea9a66e44859a6c5b | http://violetsoft.net/counter/insert.php?dbserver=db1&c_pcode=100&c_pid=aviranum&c_kind=1&c_mac=00-0C-29-18-AB-11 || 2011-02-28 12:18:28 | undef | unknown_html | 0/39 (0.0%) | AS4134 | 60.191.221.80 | anti_spam@mail.jhptt.zj.cn | CN | APNIC | JINHUA-TELECOM-LTD | c4483d5356b7fb769d6ca0fb9514fd5e | http://vv1.114jk.com/qingdao.asp?s=wt10060 || 2011-02-28 12:40:02 | avira | TR/BrowserKiller.A | 9/40 (22.5%) | AS3267 | 82.179.198.35 | abuse@plus.ru | RU | RIPE | PLUSINFO | b2fdeb5a4ab0339c67f6a941132a11da | http://air-snark.ru/includes/domit/srchost.exe || 2011-02-28 12:40:02 | AntiVir | TR/Crypt.XPACK.Gen3 | 8/41 (19.5%) | AS6746 | 78.96.99.135 | abuse@upc.ro | RO | RIPE | ASTRAL | b37fb5257cdd5ca75151cedf5a57f87c | http://78.96.99.135/client1.exe || 2011-02-28 12:40:02 | avira | TR/Dldr.CodecPack.AJSZ.10 | 22/40 (55%) | AS41828 | 91.185.206.187 | abuse@tusmobil.si | SI | RIPE | SI-TUSMOBIL-20061031 | 08ad147dcb9dcf3dd3ca2ba243f8c7b5 | http://91.185.206.187/pse.exe || 2011-02-28 12:40:02 | avira | TR/Meredrop.A.4393 | 6/40 (15%) | AS32780 | 216.119.149.229 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | f9f6af1ba7a33d63c240c3593fcc32ce | http://216.119.149.229/fid37.exe || 2011-02-28 12:40:02 | avira | TR/VB.aoyh | 25/40 (62.5%) | AS4134 | 121.11.150.90 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 76510148b9d0274067d45ceea60308eb | http://121.11.150.90/kele55.exe || 2011-02-28 12:40:02 | avira | TR/Dropper.Gen | 26/39 (66.7%) | AS23352 | 64.202.124.139 | support@servercentral.net | US | ARIN | SCNET-64-202-124-0 | 3c62c54ff04ae4af8262ae4d5e2683c7 | http://jeanie.ws/new.exe || 2011-02-28 12:40:02 | avira | TR/Crypt.XPACK.Gen | 4/40 (10%) | AS42872 | 91.193.192.90 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 3d2b0bf3a933f43fa1b55b57ed42fe25 | http://91.193.192.90/exe/10064-1.exe || 2011-02-28 12:22:28 | avira | SPR/PHP.ID | 29/41 (70.7%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 6f019ee9755329cfeb0aceaa700218c2 | http://incyan.com.tw/idosyris.txt???? || 2011-02-28 12:26:59 | avira | PHP/Pbot.A | 29/40 (72.5%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | bb4cdc2a5ed917ed653753c12ba31645 | http://incyan.com.tw//red.txt?? || 2011-02-28 12:27:32 | avira | BDS/PHP.Agent.DW.3 | 31/41 (75.6%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 010729de903d3d9fcd979bc677b8500d | http://incyan.com.tw/ssh.txt??? || 2011-02-28 12:29:52 | clamav | PHP.Agent-15 | 5/40 (12.5%) | AS19237 | 216.239.138.207 | abuse@omnis.com | US | ARIN | OMNIS-NET-1 | 471f932f6c9a945d8429fb4f14bee522 | http://nannies-canada.com/one.txt??? || 2011-02-28 12:29:56 | avira | PHP/BackDoor.AR | 21/40 (52.5%) | AS19237 | 216.239.138.207 | abuse@omnis.com | US | ARIN | OMNIS-NET-1 | b4d01dbfdf3992b136c4b7ab17c5412b | http://nannies-canada.com/two.txt???? || 2011-02-28 13:00:03 | avira | TR/Spy.Gen | 20/41 (48.8%) | AS38700 | 115.68.13.118 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 84354fa92774808e7b096142a0beb73b | http://dn.digshop.co.kr/alpon.exe || 2011-02-28 13:00:03 | BitDefender | Trojan.Generic.KD.144672 | 0/40 (0.0%) | AS16265 | 95.211.14.140 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 1b5b96da89711de37d966b21a787690c | http://95.211.14.140/quick/svchost.exe || 2011-02-28 13:00:03 | avira | TR/Dropper.Gen | 30/40 (75%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 645ede5ddf81c8f1b98e38c372a5c52a | http://bren57845.fileave.com/ghtyjutyu5.exe || 2011-02-28 13:00:03 | avira | TR/Dropper.Gen | 22/38 (57.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | e38f2c0453c57dc6aa0b5ee9f9b5ba45 | http://bren57845.fileave.com/jyu6756.exe || 2011-02-28 13:00:03 | avira | TR/Downloader.Gen | 24/41 (58.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | e7b19125fc027d1f5ed1c952b2ec9464 | http://bren57845.fileave.com/aspergillus.exe || 2011-02-28 13:00:03 | avira | TR/Dropper.Gen | 31/40 (77.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 389c0260706d688a9863cdf48f48945c | http://bren57845.fileave.com/8uyji.exe || 2011-02-28 13:32:59 | undef | unknown_html | 0/39 (0.0%) | AS27716 | 200.63.44.225 | abuse@panamaserver.com | PA | LACNIC | PA-PANA2-LACNIC | 68934a3e9455fa72420237eb05902327 | http://americangrantaccess.com/webpanel/d.php || 2011-02-28 13:32:59 | undef | unknown_html | 0/41 (0.0%) | AS27716 | 200.63.44.225 | abuse@panamaserver.com | PA | LACNIC | PA-PANA2-LACNIC | fe6a68ee38341f7054035083eadf4999 | http://americangrantaccess.com/webpanel/get.php || 2011-02-28 13:32:59 | undef | unknown_html | 0/39 (0.0%) | AS50877 | 91.193.194.69 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 75df81c02e7fe3383f73b0e7aff7728d | http://updateconnection.com/version/xtasks.php?1_10064_1_1b7bf5eb-b240-4dbb-a121-96026066b62d_5.1%202600%20SP2.0_ru-ru_iexplore_27.2.2011%209:41:10_9d || 2011-02-28 13:40:03 | F_Prot | W32/Trojan-Gypikon-based.DM2!Maximus | 4/40 (10%) | AS35908 | 98.126.189.210 | admin-arin@vpls.net | US | ARIN | VPLSNET | 6270505f6106c9c1663afcc22d5e26bb | http://vampiremoli.com/kernel/th.exe || 2011-02-28 13:40:03 | avira | TR/Dropper.Gen2 | 31/39 (79.5%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | bb14348b99e7ac96b3153556d52a2a83 | http://115.47.197.62/cq2.exe || 2011-02-28 13:40:03 | avira | TR/ATRAPS.Gen | 27/39 (69.2%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | a071c852842992a22ba075fd853e9c78 | http://115.47.197.62/cc1.exe || 2011-02-28 13:40:03 | avira | TR/Crypt.XPACK.Gen | 23/41 (56.1%) | AS4134 | 222.88.205.200 | ip@hntele.com | CN | APNIC | CHINANET-HA | 1ea88ec96ef461f0475c261711b190a0 | http://vidquick.info/cgi/icpcom.exe || 2011-02-28 13:40:03 | AhnLab_V3 | Win32/Autorun.worm.20992.K | 25/39 (64.1%) | AS30890 | 89.114.9.44 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 44d8920d4fd0feaf59e1e506fcd9ae86 | http://89.114.9.44/bnet.exe || 2011-02-28 13:40:03 | avira | TR/Kazy.3274.128 | 27/41 (65.9%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 3e107227544ab24cf5a8a0c8f5e456f1 | http://starclub.fileave.com/Google_toolbar_setup.exe || 2011-02-28 13:40:03 | undef | unknown_exe | 0/41 (0.0%) | AS20248 | 74.82.178.35 | ops@take2hosting.com | US | ARIN | T2H-NET4-2 | 68500fb5b0a371116a58717a72aa9b71 | http://ssh.tl//update/tllink.exe || 2011-02-28 13:40:03 | undef | unknown_exe | 0/41 (0.0%) | AS20248 | 74.82.178.35 | ops@take2hosting.com | US | ARIN | T2H-NET4-2 | 0780178e6001509c855f0149f8b97135 | http://ssh.tl//update/polipo.exe || 2011-02-28 13:40:03 | avira | TR/Agent.49152 | 23/41 (56.1%) | AS4837 | 60.217.234.138 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SD | 6d1f706fe3c6351f6ef675b3184060f2 | http://60.217.234.138/88.exe || 2011-02-28 13:30:55 | avira | TR/Script.75 | 25/41 (61%) | AS36420, AS30315, AS13749, AS21844 | 74.55.136.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | a05dfd7cca7771a7565a154d65f05ea2 | http://jamaicajazzandblues.com/media/.../scan/id1.txt???? || 2011-02-28 13:30:58 | avira | PHP/BackDoor.AR | 31/39 (79.5%) | AS36420, AS30315, AS13749, AS21844 | 74.55.136.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 8dcad47f3e32e7dc1aee59167e67c601 | http://jamaicajazzandblues.com/media/.../scan/id2.txt????? || 2011-02-28 13:49:17 | undef | unknown_html | 0/41 (0.0%) | AS38700 | 115.68.4.189 | network@smileserv.com | KR | APNIC | SMILESERV-KR | bedf95fcf9befd064db08d51b3507f77 | http://www.ezlinker.net/update.php || 2011-02-28 13:49:18 | avira | TR/Dldr.Renos.OY.41 | 29/41 (70.7%) | AS36351 | 50.23.137.223 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | f2ce21057aee1aaf90d764249345bb65 | http://www.petcasketsandurnsinfo.com/owo/klcodec-2010.exe || 2011-02-28 13:49:18 | clamav | Trojan.FakeAV.DRW | 7/39 (17.9%) | AS36351 | 50.23.137.223 | ipadmin@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK-4-9 | 9506bd16e0ca44530d4372c46b610a1e | http://www.petcasketsandurnsinfo.com/owo/plays.php || 2011-02-28 14:04:26 | undef | unknown_html | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.120.151.130 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 3a52f3c22ed6fcde5bf696a6c02c9e73 | http://messenger-plugins.com/geo/geoloc.php || 2011-02-28 14:34:07 | AhnLab_V3 | Worm/Win32.Small | 14/40 (35%) | AS30890 | 89.114.9.32 | amabusemail4@gmail.com | RO | RIPE | ENTER-NET-TEAM | 2b077e73fcdd7af326b668a6a7bd3e44 | http://b.mjntravel.biz/zapp.exe || 2011-02-28 14:35:16 | undef | unknown_html | 0/39 (0.0%) | AS36351 | 67.228.220.118 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | 352450bbb66e368af8bd629126d28792 | http://www.atscript.net/lv/ || 2011-02-28 14:03:53 | clamav | PUA.HTML.Crypt-8 | 4/41 (9.8%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 107bbdc76557ab9fbd816db88136435a | http://incyan.com.tw//spread.txt?? || 2011-02-28 14:04:42 | AntiVir | HTML/Zones.Gen | 26/41 (63.4%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 9cd0070eff4c98575e297efe8e08d608 | http://incyan.com.tw/shell.txt??? || 2011-02-28 13:09:05 | undef | AdWare.Win32.UBar.nq | 0/41 (0.0%) | AS23352 | 64.202.124.139 | support@servercentral.net | US | ARIN | SCNET-64-202-124-0 | 042e2b195695d27f03762443db41091d | http://jeanie.ws/ || 2011-02-28 14:48:42 | avira | TR/Dldr.Delphi.Gen | 38/41 (92.7%) | AS13768, AS13601, AS11305, AS11216, AS11388 | 209.25.137.150 | dhswip2@propersupport.com | US | ARIN | P1-LIQUIDNET-03 | 0c1a1e295ff37488826244e793595571 | http://ukstyle.50webs.com/UpdateEngine.html || 2011-02-28 14:48:42 | avira | TR/Agent.hnos.1 | 0/41 (0.0%) | AS11798 | 67.222.50.104 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-3 | 08f01b5a8e8bebff03f3f8358e38bf44 | http://www.batchimageconverter.com/download/AnyPicImageResizer.exe || 2011-02-28 14:48:42 | avira | TR/Agent.hnos | 0/41 (0.0%) | AS11798 | 67.222.50.104 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-3 | 7750a63260ce1661391639fe5eef6b15 | http://www.batchimageconverter.com/download/AnyPicJPGtoPDFConverter.exe || 2011-02-28 13:09:08 | undef | Trojan.Win32.Buzus.gzzw | 0/40 (0.0%) | AS41828 | 91.185.206.187 | abuse@tusmobil.si | SI | RIPE | SI-TUSMOBIL-20061031 | e1bbd5d87ff1b57387a5c81c67c6929f | http://91.185.206.187/ || 2011-02-28 13:09:09 | trendmicro | Mal_Hifrm | 4/41 (9.8%) | AS3267 | 82.179.198.35 | abuse@plus.ru | RU | RIPE | PLUSINFO | d5318d1b03e27ab62c82163e9c6cf00a | http://air-snark.ru/includes/domit/ || 2011-02-28 15:03:48 | avira | EXP/PDF.Jeka.B | 24/40 (60%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | a2aa4ac952e8fba7a57b22d0130bf953 | http://ofgoynooytn.com/nte/gnh11.exe/xH2b7627aeV0100f060006Red3e0da1102T661dbafd203l000c329 || 2011-02-28 15:35:37 | AntiVir | Adware/Zwangi.2.284 | 15/38 (39.5%) | AS40634 | 208.87.149.236 | allan@firstlook.com | US | ARIN | FIRSTLOOK-INC-NET | cb6bba2779bade34232d5eb0131665c5 | http://upgrade.questurl.com/download/questbrowse/1_26/questbrowse-setup.exe || 2011-02-28 15:35:37 | avira | PHP/Sendmail.373 | 8/40 (20%) | AS15201 | 200.98.197.84 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 261b16f8fb3244545f9e146e9260c9bf | http://progressoc3.dominiotemporario.com/all/inbox.txt || 2011-02-28 15:35:37 | avira | PHP/C99Shell.B | 25/39 (64.1%) | AS36351 | 208.43.160.112 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-6 | 32809deb93638d0df1ae2f9bb92c70c6 | http://www.easycashemail.com/x2.txt || 2011-02-28 15:35:37 | avira | PHP/C99Shell.C | 14/39 (35.9%) | AS11167 | 12.132.193.71 | abuse@att.net | US | ARIN | ATT | aa0480008ab390382e317c3a0d9fd0c8 | http://www.t00ls.org/r57.txt?? || 2011-02-28 15:40:03 | avira | TR/Drop.Delf.IO | 32/38 (84.2%) | AS4837 | 218.60.65.103 | abuse@online.ln.cn | CN | APNIC | UNICOM-LN | 7f31bec5d9e038283c501c4c43d3391e | http://haojilm.com/654.exe || 2011-02-28 15:40:03 | avira | TR/Dldr.Agent.adk | 19/41 (46.3%) | AS6724 | 81.169.129.180 | abuse@strato.de | DE | RIPE | STRATO-RZG-DED | 9a9a23906ab2bc3e71e355f6f3ac1ad9 | http://bellisimoperros.nl/5.exe || 2011-02-28 15:40:03 | avira | TR/Crypt.XPACK.Gen | 14/40 (35%) | AS6724 | 81.169.129.180 | abuse@strato.de | DE | RIPE | STRATO-RZG-DED | 62f12564cfbe5a3a194fae3737c1fe06 | http://bellisimoperros.nl/3.exe || 2011-02-28 15:40:03 | trendmicro | TROJ_FAKEAV.SM8 | 18/41 (43.9%) | AS6724 | 81.169.129.180 | abuse@strato.de | DE | RIPE | STRATO-RZG-DED | da70acf0472047b901b0b2a1c9d4c579 | http://bellisimoperros.nl/2.exe || 2011-02-28 15:40:03 | clamav | Trojan.FakeAV.DRW | 16/40 (40%) | AS6724 | 81.169.129.180 | abuse@strato.de | DE | RIPE | STRATO-RZG-DED | f26c09c7f4a3cb261fea6b856bf9e275 | http://bellisimoperros.nl/1.exe || 2011-02-28 15:07:30 | AntiVir | PERL/Shellbot.B.3 | 22/40 (55%) | AS9680 | 220.130.9.116 | network-adm@hinet.net | TW | APNIC | HINET-NET | 03e279ee9ad4ca1c65503e463ee6b85a | http://incyan.com.tw/lol.txt???? || 2011-02-28 15:40:03 | Kaspersky | Heur.StartPage | 1/41 (2.4%) | AS4134 | 222.81.35.201 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-XJ | e9bb0bce76032d9f87f1712167144fa9 | http://www.521mg.com/exe/ok.exe || 2011-02-28 15:40:03 | avira | TR/Qhost.HU.1 | 35/40 (87.5%) | AS26496 | 184.168.137.100 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 12a49d67078c292aceadf73a4e2d9d29 | http://web6.xixidy.info/dd.exe || 2011-02-28 15:40:03 | avira | TR/Crypt.XPACK.Gen | 28/39 (71.8%) | AS4134 | 124.237.121.118 | hostmaster@hbtele.com | CN | APNIC | CHINANET-HE | 6f5aef9d4ef0ce045bc9305133c1a42b | http://124.237.121.118:8080/exe/2207.exe || 2011-02-28 15:02:31 | avira | PHP/Pbot.A | 16/40 (40%) | AS9318 | 221.141.3.92 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 9b5c9eb853c44ba0a0b2d0f449f153cf | http://isoda.co.kr/_logs/tmp.jpg?? || 2011-02-28 15:40:03 | AhnLab_V3 | Malware/Win32.Generic | 16/38 (42.1%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a854c8d9a1d859b9fe20342daa5f1b7c | http://h1.ripway.com/sweet/11117777.exe || 2011-02-28 15:40:03 | avira | TR/Dldr.Parkchicers.A.93 | 24/40 (60%) | AS9318 | 221.143.48.236 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | f95ca1b416c8142db5d7338f83bbfb2c | http://221.143.48.236/DWMC.exe || 2011-02-28 15:40:03 | avira | TR/Dldr.VB.acda.48 | 17/41 (41.5%) | AS4134 | 183.61.3.42 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 2359d5435e2d32d1a0601b836d44d818 | http://183.61.3.42/gua.exe || 2011-02-28 15:40:03 | avira | TR/Crypt.XDR.Gen | 14/40 (35%) | AS4134 | 183.61.3.42 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 0f4ec74851147d74e0fbe2e419de6fa2 | http://183.61.3.42/1274.exe || 2011-02-28 16:33:10 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 222.186.31.93 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 9a337946fb5b27c5104d14e39716a7e2 | http://www.52pjwg.com/dnf/zj.txt || 2011-02-28 16:33:10 | undef | unknown_html | 0/39 (0.0%) | AS20248 | 204.74.216.138 | ops@take2hosting.com | US | ARIN | T2H-NET4-1 | 70cea40335591f32a225b44bef654841 | http://www.7xiwg.com/2213.html || 2011-02-28 16:36:58 | undef | unknown_html_RFI | 0/40 (0.0%) | AS17964 | 115.47.86.167 | donglin@xrnet.cn | CN | APNIC | XRNET | ec3feecf34f799a028fe9fc32595efb9 | http://www.bbrx.cn/lxydh || 2011-02-28 16:36:59 | undef | unknown_html_RFI | 0/39 (0.0%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | 484dfa53ffef6b6ccfd9aa2d067bd73f | http://www.liaoxiuyang.com/templets/style/img/index/flash/1.jpg || 2011-02-28 16:36:59 | undef | unknown_html_RFI | 0/41 (0.0%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | f3cbbeadc4fa173933108cf289772981 | http://www.liaoxiuyang.com//templets/style/img/index/flash/2.jpg || 2011-02-28 16:36:59 | undef | unknown_html_RFI | 0/40 (0.0%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | 70d4d228e3fce43d6b5fbeb28e7ee680 | http://www.liaoxiuyang.com//templets/style/img/index/flash/3.jpg || 2011-02-28 16:36:59 | undef | unknown_html_RFI | 0/40 (0.0%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | 2184cd22f03a3948361da828a0c669a8 | http://www.liaoxiuyang.com//templets/style/img/index/flash/4.jpg || 2011-02-28 16:36:59 | undef | unknown_html_RFI | 0/40 (0.0%) | AS17964 | 115.47.197.62 | donglin@xrnet.cn | CN | APNIC | XRNET | f9beb681aaf5ac22add3b47a183af611 | http://www.liaoxiuyang.com//templets/style/img/index/flash/5.jpg || 2011-02-28 16:36:59 | undef | unknown_html | 0/39 (0.0%) | AS20773 | 87.230.4.191 | net-abuse@hosteurope.de | DE | RIPE | HER-DE-VPS-CGN2 | 8b95e80e6b0153b89145814425662b9f | http://platindate.de/_files/yahoo/redirect/quick_home.html || 2011-02-28 16:36:59 | undef | unknown_html | 0/41 (0.0%) | AS20773 | 87.230.4.191 | net-abuse@hosteurope.de | DE | RIPE | HER-DE-VPS-CGN2 | 2396685ca82ce16c2ca9dbbfa5a55608 | http://platindate.de/_files/yahoo/redirect/quick_index.html || 2011-02-28 16:36:59 | AVG | Hosts | 2/41 (4.9%) | AS15201 | 200.98.197.90 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 71598b6afe0a91547ad32c65dbedcdf4 | http://www.poderseducao.com.br/hosts.txt || 2011-02-28 16:36:59 | undef | unknown_html | 0/41 (0.0%) | AS15201 | 200.98.197.90 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 358caaf21e7a0ae711fa56d986c33011 | http://www.poderseducao.com.br/timer.txt || 2011-02-28 16:09:04 | undef | Trojan.Generic.KDV.141491 | 0/41 (0.0%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | c845aa5ce7b8751366e6dc2f24f823ef | http://h1.ripway.com/sweet/ || 2011-02-28 17:02:02 | eTrust_Vet | Win32/ASuspect.HGABT | 4/39 (10.3%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | f899e1eb6c6fd9e5572cc8d7f7240822 | http://5583.uz4.org/exe/a320a4c18036dff03eb369b085e4006061c4c1a2/bundle.exe || 2011-02-28 16:46:43 | avira | PHP/IRCBOT.A | 20/41 (48.8%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 9dd06744896614ab90a35311d14d301d | http://mayans2.fileave.com/mayans2.txt? || 2011-02-28 17:04:52 | avira | PHP/PHPShell.BE | 12/41 (29.3%) | AS4808 | 220.194.62.53 | zhouxm@chinaunicom.cn | CN | APNIC | UNICOM | aab1a9268b7c50e5f04d86d68618c773 | http://all3c.com//images/mono/20100907/app/functions/Ckrid1.txt?? || 2011-02-28 16:41:18 | clamav | PHP.Agent-14 | 4/39 (10.3%) | AS38700 | 115.68.4.85 | network@smileserv.com | KR | APNIC | SMILESERV-KR | 8bc92a2e49b6670c4c9c5ab1556c07e5 | http://trumpeter.co.kr/e1.txt?? || 2011-02-28 16:46:24 | avira | PHP/IRCBOT.A | 19/41 (46.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | d0b11a9332564f8ca30cac6cda1f3c1d | http://mayans1.fileave.com/mayans1.txt? || 2011-02-28 16:09:05 | undef | Trojan.Win32.Agent.hkop | 0/40 (0.0%) | AS6724 | 81.169.129.180 | abuse@strato.de | DE | RIPE | STRATO-RZG-DED | 27622cdec99ed85d04d8f9f309b40c7c | http://bellisimoperros.nl/ || 2011-02-28 16:09:07 | undef | Trojan-GameThief.Win32.OnLineGames.boaq | 1/41 (2.4%) | AS4837 | 218.60.65.103 | abuse@online.ln.cn | CN | APNIC | UNICOM-LN | 10f7193eb37c3fb1b32e2c36db82c08f | http://haojilm.com/ || 2011-02-28 18:56:34 | avira | TR/Script.75 | 25/41 (61%) | AS16276 | 213.186.33.19 | abuse@ovh.net | FR | RIPE | OVH | a05dfd7cca7771a7565a154d65f05ea2 | http://akouavie.com/libraries/pear/a? || 2011-02-28 18:56:40 | avira | PHP/BackDoor.AR | 25/40 (62.5%) | AS16276 | 213.186.33.19 | abuse@ovh.net | FR | RIPE | OVH | 83917879fd44405f132687db2741d793 | http://akouavie.com/libraries/pear/b?? || 2011-02-28 18:56:58 | avira | PHP/Shellbot.7642 | 23/41 (56.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | c569865daa25aae18061ede7bd69a047 | http://renero.110mb.com/lol.jpg?&modez=scannerz || 2011-02-28 18:56:49 | avira | PHP/Shellbot.7642 | 21/40 (52.5%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | c569865daa25aae18061ede7bd69a047 | http://renero.110mb.com/lol.jpg?&modez=shellz || 2011-02-28 18:57:08 | avira | PHP/Shellbot.7642 | 23/41 (56.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | c569865daa25aae18061ede7bd69a047 | http://renero.110mb.com/lol.jpg?&modez=botz || 2011-02-28 18:51:19 | avira | PHP/Pbot.A.6 | 25/38 (65.8%) | AS7713 | 203.130.196.225 | ip-admin@telkom.net.id | ID | APNIC | TLKM_D2_IDC_HOST_SM2 | d95a49803c330eea453c7297bba595f6 | http://kjg.co.id/post.gif??? || 2011-02-28 18:53:27 | avira | PHP/Pbot.A.6 | 28/41 (68.3%) | AS7713 | 203.130.196.225 | ip-admin@telkom.net.id | ID | APNIC | TLKM_D2_IDC_HOST_SM2 | d95a49803c330eea453c7297bba595f6 | http://kjg.co.id/post.gif?? || 2011-02-28 19:31:29 | AhnLab_V3 | Trojan/Win32.Gen | 20/41 (48.8%) | AS48689 | 212.57.32.36 | koller@webglobe.sk | SK | RIPE | SK-WEBGLOBE1-20100415 | 1e244b302092f727eca0d693985708aa | http://www.yourshop.sk/images/aplication/version/Foto-9370.exe || 2011-02-28 19:31:29 | avira | TR/Dldr.Bancos.L | 9/41 (22%) | AS9683 | 211.172.232.183 | ipabuse@samsung.com | KR | APNIC | KRNIC-KR | 920e50eaf625ee5675e933791f105bcb | http://healthmk.com/ComponenteVisa.exe || 2011-02-28 19:40:02 | avira | JS/Agent.psa.18 | 18/40 (45%) | AS4134 | 124.172.156.3 | jiangzhi@gzidc.com | CN | APNIC | NGNNET | 1680ae40b4e97caca27cf2ed6ce97ab2 | http://www.feiyoung.com/config/mh/index.html || 2011-02-28 20:03:35 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 97.74.215.60 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | c1cea17d2f52a2988a1f620078d83f9f | http://www.ruedaaltos.com//.sys/files || 2011-02-28 20:03:35 | undef | unknown_html | 0/40 (0.0%) | AS16685 | 200.185.33.218 | abuse@optiglobe.com.br | BR | LACNIC | 003.461.300/0001-66 | 0a0afe70f9b2da6bf50759d1eab032bd | http://www.visa.com.br/ || 2011-02-28 20:03:35 | undef | unknown_html | 0/40 (0.0%) | AS44497 | 92.43.17.11 | abuse@redcoruna.com | ES | RIPE | ES-REDCORUNA-20080103 | c1cea17d2f52a2988a1f620078d83f9f | http://www.zarcolloret.com//.sys/files || 2011-02-28 19:52:49 | clamav | PHP.Id-30 | 7/40 (17.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 370a84b9e88e5b085af73cb427822545 | http://re9.fileave.com/id/zfxid1.txt?? || 2011-02-28 19:52:58 | avira | PHP/BackDoor.AR | 28/41 (68.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | e568fbfe9956ad2159118eb37d178b78 | http://re9.fileave.com/id/zfxid2.txt??? || 2011-02-28 19:53:08 | avira | PHP/IRCBOT.JB.1 | 23/41 (56.1%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a91d6dfaf0135135be2e5515a7f866cb | http://re9.fileave.com/ca.txt?? || 2011-02-28 19:53:17 | avira | PHP/IRCBOT.E | 15/41 (36.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 7baeed1e4e2b98d2df38a23802063c42 | http://re9.fileave.com/m1.txt?? || 2011-02-28 19:53:26 | avira | PHP/IRCBOT.E | 15/41 (36.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 9b515628abfb119e70c6e210cf21a1e0 | http://re9.fileave.com/m2.txt?? || 2011-02-28 19:42:55 | avira | PHP/IRCBOT.JB.1 | 21/41 (51.2%) | AS35206 | 194.150.248.32 | abuse@novatrend.ch | CH | RIPE | NOVATREND-NET | b7553dd72089f56aaa5ee53bb7464aad | http://superdoggy.ch/sss.txt????? || 2011-02-28 20:22:03 | avira | PHP/Pbot.A.6 | 29/41 (70.7%) | AS3595, AS16626 | 209.51.136.67 | abuse@gnax.net | US | ARIN | GNAXNET | a88c73667a94fc1b9bb1ecb1c822a432 | http://momok.org/tools//on.txt? || 2011-02-28 20:25:35 | avira | PHP/IRCBOT.EF | 15/41 (36.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 09b78a15c8e0c4404754eeb6a4a07f09 | http://ebby.fileave.com/aid.txt?? || 2011-02-28 21:40:25 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS15360 | 213.158.72.68 | networkadm@interfree.it | IT | RIPE | IFREE-NET1 | f81c027cc25a9b25df1814561b826251 | http://czzc.interfree.it/Ckrid1.txt?? || 2011-02-28 21:40:29 | avira | PHP/BackDoor.AR | 19/41 (46.3%) | AS15360 | 213.158.72.68 | networkadm@interfree.it | IT | RIPE | IFREE-NET1 | 6e9086e921d47079d5e706f1c013449c | http://czzc.interfree.it/Ckrid2.txt??? || 2011-02-28 21:40:39 | avira | PHP/Pbot.G | 21/39 (53.8%) | AS15360 | 213.158.72.68 | networkadm@interfree.it | IT | RIPE | IFREE-NET1 | 33614dca48aa4b2864381b32285c69a7 | http://czzc.interfree.it/dark.jpg?? || 2011-02-28 21:25:48 | avira | PHP/C99Shell.B | 29/39 (74.4%) | AS11167 | 12.132.193.71 | abuse@att.net | US | ARIN | ATT | ffa1e4022ac5bdec4b9c5adb8302f484 | http://t00ls.org/c99.txt?? || 2011-02-28 22:31:56 | Avast | Perl:Shellbot-K | 5/39 (12.8%) | AS16276 | 213.186.33.5 | abuse@ovh.net | FR | RIPE | OVH | 05bdf754c83697781f5b928d9584bd68 | http://bestofrobots.fr/downloader/skin/images/girl.txt?? || 2011-03-01 03:03:41 | undef | unknown_exe | 0/40 (0.0%) | AS20248 | 74.82.178.35 | ops@take2hosting.com | US | ARIN | T2H-NET4-2 | 0780178e6001509c855f0149f8b97135 | http://ssh.tl/update/polipo.exe || 2011-03-01 03:03:41 | undef | unknown_exe | 0/41 (0.0%) | AS20248 | 74.82.178.35 | ops@take2hosting.com | US | ARIN | T2H-NET4-2 | 68500fb5b0a371116a58717a72aa9b71 | http://ssh.tl/update/tllink.exe || 2011-03-01 02:34:50 | avira | PHP/Pbot.A.6 | 30/41 (73.2%) | AS18881 | 189.115.218.87 | abuse@gvt.com.br | BR | LACNIC | 003.420.926/0002-05 | 426b859b2a48dd0f667df99cb444453a | http://189.115.218.87/bot.txt || 2011-03-01 04:35:10 | avira | PHP/Shellbot.7642 | 27/40 (67.5%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 967b5cc1872d6110e6287e47c19721a3 | http://chazinho.110mb.com/nome.txt? || 2011-03-01 04:57:20 | avira | PHP/PHPShell.G | 9/41 (22%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 950e667d26ba6fe83dcbda123d2b1f9e | http://re9.fileave.com/id/id1.txt?? || 2011-03-01 06:32:54 | avira | PHP/Pbot.A.6 | 28/41 (68.3%) | AS7713 | 203.130.196.225 | ip-admin@telkom.net.id | ID | APNIC | TLKM_D2_IDC_HOST_SM2 | d95a49803c330eea453c7297bba595f6 | http://www.kjg.co.id/post.gif??? || 2011-03-01 07:03:07 | avira | TR/Dropper.Gen | 25/41 (61%) | AS4134 | 124.172.156.3 | jiangzhi@gzidc.com | CN | APNIC | NGNNET | 9ae6394fa85f8458af978a51f3ead93f | http://www.feiyoung.com/config/mh/mh.exe || 2011-03-01 06:30:20 | avira | PHP/RemoteAdmi.5398 | 14/38 (36.8%) | AS29131 | 78.129.233.52 | abuse@rapidswitch.com | GB | RIPE | RapidSwitch_29 | ae13b423eec80db73e16d8fb4c90b4f7 | http://jjpublicity.es/images/id.php?i=0qvxtQf6? || 2011-03-01 06:55:31 | avira | SPR/PHP.ID | 24/40 (60%) | AS7552 | 203.113.137.183 | tiennd@viettel.com.vn | vn | APNIC | Leasedlineservice-Net | cec588425493d6bf7ab233d84815646f | http://tranhtheuviet.com/images/id.txt??? || 2011-03-01 08:03:38 | avira | BDS/PHP.ali.13 | 28/40 (70%) | AS6910 | 81.180.117.113 | abuse@digitalcable.ro | ro | RIPE | DIALTELECOMRO | f23ecb236c6ec22c4930df921d74f558 | http://www.magicland.ro//images/smilies/test.gif?? || 2011-03-01 07:22:20 | avira | PHP/IRCBOT.K | 19/41 (46.3%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 9414c7b9865bdbe56068cf5e62c72380 | http://tumo.fileave.com/a.txt???http://uaedesign.com/config/idfx.txt? || 2011-03-01 07:40:44 | avira | SPR/PHP.ID | 24/41 (58.5%) | AS29131 | 78.129.233.52 | abuse@rapidswitch.com | GB | RIPE | RapidSwitch_29 | cec588425493d6bf7ab233d84815646f | http://jjpublicity.es/images/id.txt??? || 2011-03-01 08:32:15 | AhnLab_V3 | Trojan/Win32.Jorik | 11/38 (28.9%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | a33422028510cbe1381f556208fb46b2 | http://www.freewebtown.com/newlow/photo.exe || 2011-03-01 09:03:01 | clamav | Trojan.FakeAV.DRW | 12/37 (32.4%) | AS21788 | 66.96.214.215 | abuse@hostnoc.net | US | ARIN | NOC | 02741c5b36da61901860a16ade489bdb | http://codekraft.in/New-Video-Addon.48563.exe || 2011-03-01 09:03:01 | trendmicro | TSPY_SPYEYE.SMAE | 7/37 (18.9%) | AS36351 | 74.86.136.156 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 73cb8fa92dcfff38752d76529d8c744d | http://ebanzi.com//loading.php?spl=mdac || 2011-03-01 09:03:01 | avira | EXP/Pidief.deo | 11/37 (29.7%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | c7eadc6f22b443f8619d072bb27a639b | http://sirallador.cz.cc/manuale.pdf || 2011-03-01 09:03:01 | AhnLab_V3 | Trojan/Win32.Jorik | 12/37 (32.4%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 41f244b1d65b0aa6139fa2d9214951de | http://www.freewebtown.com/newlow/im.exe || 2011-03-01 09:08:58 | avira | PHP/Agent.78 | 17/43 (39.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.20.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 703bd2c5e25ef36a96d253499611b8e6 | http://jokam.com/id1.txt? || 2011-03-01 09:31:25 | avira | SPR/PHP.ID | 24/43 (55.8%) | AS42612 | 82.98.132.208 | rbouso@dinahosting.com | ES | RIPE | DINA-HOSTING1 | cec588425493d6bf7ab233d84815646f | http://www.jjpublicity.es/images/id.txt??? || 2011-03-01 09:32:22 | avira | PHP/Shellbot.7642 | 29/41 (70.7%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 967b5cc1872d6110e6287e47c19721a3 | http://chazinho.110mb.com/nome.txt || 2011-03-01 09:32:22 | clamav | PHP.Id-4 | 8/41 (19.5%) | AS15201 | 200.98.255.216 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | a941182fe3dd38fae845ebb7164b7878 | http://haylandervip.com/tester.txt || 2011-03-01 09:32:22 | avira | SPR/PHP.ID | 24/41 (58.5%) | AS7552 | 203.113.137.183 | tiennd@viettel.com.vn | vn | APNIC | Leasedlineservice-Net | cec588425493d6bf7ab233d84815646f | http://tranhtheuviet.com/images/id.txt || 2011-03-01 09:32:22 | trendmicro | PHP_HTMAILHCK.SM | 11/41 (26.8%) | AS15685 | 77.78.126.24 | abuse@casablanca.cz | CZ | RIPE | biz4world-CZ | d0006972f7b513e10daded9dc824a5e2 | http://www.garpzlintichu.cz//fotky/editinbx.txt || 2011-03-01 09:32:22 | avira | PHP/Pastie.637 | 16/41 (39%) | AS9782 | 220.69.222.155 | lily@wst.ac.kr | KR | APNIC | KREN-KR | 8640020e7254fa5fe434ce8ed181875c | http://www.healthycity-andong.or.kr/data/sc/id.txt || 2011-03-01 09:32:22 | avira | SPR/PHP.ID | 24/41 (58.5%) | AS29131 | 82.98.132.208 | rbouso@dinahosting.com | ES | RIPE | DINA-HOSTING1 | cec588425493d6bf7ab233d84815646f | http://www.jjpublicity.es/images/id.txt || 2011-03-01 10:03:05 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS28685 | 89.146.5.236 | ncc@routit.net | NL | RIPE | NL-ROUTIT-20060202 | 6a43b023cf5ccc7d09c7701763dd3895 | http://www.clippingmart.com/monacoevent/index2.html || 2011-03-01 10:03:06 | avira | EXP/PDF.Jeka.B | 23/40 (57.5%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | 8752038f59903bb8ba5ab9acb6d06eb3 | http://ofgoyuooytn.com/nte/gnh11.php/xH5cc9aa9dV0100f060006R3d708fb1102T11a518a4203l000c329 || 2011-03-01 10:03:06 | ClamAV | Exploit.E107 | 4/40 (10%) | AS19318 | 66.45.255.83 | network@interserver.net | US | ARIN | INTERSERVER | dbe858de289d3f0f781a301037570d2a | http://technorabits.com/Arta/log.txt?? || 2011-03-01 10:07:08 | Avast | PHP:C99Shell-G | 18/41 (43.9%) | AS10297 | 209.190.85.12 | abuse@ee.net | US | ARIN | ENET-XLHOST | c1b11a6220f24591696fc31dc410b3ee | http://sicklast.hostddl.tk/b0t/test.txt?? || 2011-03-01 09:32:30 | avira | PHP/Pbot.A | 15/40 (37.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.119.132 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 7f8316f691cba9c2df582beba754a9d2 | http://ecogamer.com.au/banners/.log/tmp.jpg?? || 2011-03-01 11:03:40 | avira | SPR/PHP.ID | 29/41 (70.7%) | AS32181 | 69.65.23.121 | ip-admin@coloquest.com | US | ARIN | IPNAP | 6f019ee9755329cfeb0aceaa700218c2 | http://osc2.template-help.com/kere/idosyris.txt???? || 2011-03-01 11:04:12 | avira | PERL/Shellbot.B.3 | 23/41 (56.1%) | AS32181 | 69.65.23.121 | ip-admin@coloquest.com | US | ARIN | IPNAP | c29a7eed566c5e9833587b021a6d5bd2 | http://osc2.template-help.com/kere/lol.txt???? || 2011-03-01 11:04:12 | avira | PHP/Spy.Bull | 22/39 (56.4%) | AS6910 | 81.180.117.113 | abuse@digitalcable.ro | ro | RIPE | DIALTELECOMRO | 328d2c14b223169f7229feef0a1d626b | http://www.magicland.ro//images/smilies/res.gif?? || 2011-03-01 10:20:17 | avira | PHP/C99Shell.149816 | 24/40 (60%) | AS32181 | 69.65.23.121 | ip-admin@coloquest.com | US | ARIN | IPNAP | 3943cd8ba4de1c94afb60486c46a0bb9 | http://osc2.template-help.com/kere/shell.txt??? || 2011-03-01 13:02:08 | clamav | BC.Heuristic.Trojan.SusPacked.BF-6.A | 12/40 (30%) | AS17820 | 61.16.173.104 | abuse@primus-india.com | IN | APNIC | TCISL-IN | 6fbf53f0e40b835d0c383eb25ee73474 | http://61.16.173.104/images/Formulario.exe || 2011-03-01 13:07:25 | avira | TR/Script.86 | 16/41 (39%) | AS31034 | 62.149.128.151 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 7ab5a3291410db3231141e2818e85318 | http://drfelettronica.it/docs/zfxid1.txt?? || 2011-03-01 12:15:59 | avira | SPR/PHP.ID | 24/40 (60%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | cec588425493d6bf7ab233d84815646f | http://pengecute.fileave.com/id_mantaf.txt??? || 2011-03-01 14:03:47 | avira | TR/Yoddos.B | 32/40 (80%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | e1a6bbb3162ca924a96469052799d379 | http://2b.mainpage.cc:88/r.jpg?t=0.0315668 || 2011-03-01 14:03:47 | avira | TR/Crypt.XDR.Gen | 20/41 (48.8%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | e4240d79585e8fd6b2603458edaff8e0 | http://2b.mainpage.cc:88/s5.jpg?t=2.790469E-02 || 2011-03-01 14:03:47 | AntiVir | BDS/IRCBot.A.351 | 10/40 (25%) | AS29873 | 66.96.133.20 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | 5db6f6352450b63c94e8fa14463e3313 | http://austo.dot5hosting.com/y-ir.exe || 2011-03-01 14:03:47 | avira | TR/Kazy.10934 | 34/40 (85%) | AS24881 | 195.214.238.241 | ip-reg@iphone.net.ua | UA | RIPE | INTERPHONE | 507eb421fa86c46221042115203e15bc | http://bluedisk.ru/de.exe || 2011-03-01 14:03:47 | DrWeb | Trojan.Searcher.225 | 5/41 (12.2%) | AS40634 | 208.87.149.236 | allan@firstlook.com | US | ARIN | FIRSTLOOK-INC-NET | 264b2742c6618c0c76760d3c39871497 | http://upgrade.questurl.com/install.aspx?b=questbrowse || 2011-03-01 14:03:47 | AhnLab_V3 | Malware/Win32.Generic | 10/41 (24.4%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 3277033ccfc11af6ce5e1614056daf14 | http://www.derquda.com/tm/3316.exe?t=6.364077E-02 || 2011-03-01 14:03:47 | avira | TR/Crypt.ZPACK.Gen | 20/41 (48.8%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 53ab8b46bc9bfdbc5bd2d9c7755ca30a | http://www.derquda.com/tm/crypt.exe?t=0.2109186 || 2011-03-01 14:03:47 | avira | TR/Dropper.Gen | 16/39 (41%) | AS42872 | 91.193.194.114 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | a352cb05f9d4d82d61e0c63f116f6bc9 | http://www.derquda.com/tm/socks.exe?t=0.4359552 || 2011-03-01 14:03:47 | avira | TR/Spy.128512.28 | 37/41 (90.2%) | AS4134 | 122.224.6.164 | anti-spam@mail.sxptt.zj.cn | CN | APNIC | NINBO-LANZHONG-LTD | 8809b6417c1fef1d74dabe79b0ca2556 | http://hn.yigeyuming.com:82/hn.gif?t=0.8866693 || 2011-03-01 14:03:47 | NOD32 | probably a variant of Win32/Spy.Banker.VKE | 1/41 (2.4%) | AS26592 | 187.33.0.199 | abuse@alog.com.br | BR | LACNIC | 003.654.219/0001-00 | 78676a37dc311b4c5040647436da3d97 | http://187.33.0.199/img/msconfig.jpg || 2011-03-01 14:03:30 | avira | PHP/Small.C | 22/41 (53.7%) | AS19318 | 66.45.255.83 | network@interserver.net | US | ARIN | INTERSERVER | 80b8d5806fa28e60a0798d5b3a24fe2e | http://technorabits.com/Arta/xml.txt? || 2011-03-01 14:32:36 | undef | unknown_html | 0/41 (0.0%) | AS19916 | 69.94.125.29 | abuse@support.olm.net | US | ARIN | TRUM-0001 | 4319f2a0e15f4a92f5cdad429daef638 | http://sandarac.com.au/hartz/graphics/send.txt || 2011-03-01 15:03:19 | avira | TR/Dldr.CodecPack.akyv | 21/40 (52.5%) | AS4134 | 222.88.205.200 | ip@hntele.com | CN | APNIC | CHINANET-HA | b1bb69983a0251ae935b7485abe3565f | http://inline477.info/hpld/ldls.exe || 2011-03-01 15:03:19 | clamav | Trojan.FakeAV.DRW | 5/40 (12.5%) | AS21788 | 66.96.214.215 | abuse@hostnoc.net | US | ARIN | NOC | 46e52aa86d4106d9cb2b8ab1b37889fd | http://softwarekraft.in/ins_media122.45047.exe || 2011-03-01 14:41:01 | undef | unknown_html_RFI | 0/41 (0.0%) | AS29278 | 79.172.211.185 | abuse@deninet.hu | HU | RIPE | DENINET-HU | 1d0a4959816d2efc66850fdd777ca9fc | http://egressyfitness.hu/ida.txt?? || 2011-03-01 14:41:07 | undef | unknown_html_RFI | 0/40 (0.0%) | AS29278 | 79.172.211.185 | abuse@deninet.hu | HU | RIPE | DENINET-HU | 1d0a4959816d2efc66850fdd777ca9fc | http://egressyfitness.hu/ida.txt?????? || 2011-03-01 15:32:37 | avira | EXP/PDF.Jeka.B | 24/41 (58.5%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | e67de298788e6428206e46917858f1c8 | http://gefxrsxgytn.com/nte/gnh11.asp/xH5cc9aa9dV0100f060006Red3e0da1102T11a5543f203l000c329 || 2011-03-01 16:08:36 | avira | PHP/Loader.9852 | 18/41 (43.9%) | AS16276 | 213.186.33.2 | abuse@ovh.net | FR | RIPE | OVH | fd697a7440d13ff0cc5c3ae3d1cc1038 | http://terre-de-mistral.com/plugins/xmlrpc/ec.txt? || 2011-03-01 15:36:41 | clamav | PUA.HTML.Crypt-8 | 8/41 (19.5%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 4a9066aae5bfb40766afd726915f2674 | http://powers.fileave.com/index.txt?? || 2011-03-01 15:26:45 | clamav | Exploit.E107 | 4/41 (9.8%) | AS24532 | 119.235.18.66 | abuse@inet.net.id | ID | APNIC | INET-ISP-ID | 08e683e105975d683837b15be8cfbfdc | http://lsp-to.or.id/network/tools/log.txt?? || 2011-03-01 16:32:18 | trendmicro | TROJ_PIDIEF.SMZB | 5/41 (12.2%) | AS30890 | 94.63.246.254 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | bf7e4b6edbd086dc88e7b70fb363ac1f | http://asfrets.vv.cc/rhjvyvug/files/lib.pdf || 2011-03-01 16:32:18 | avira | PERL/Agent.A | 5/41 (12.2%) | AS14571 | 200.226.246.224 | abuse@ig.com.br | BR | LACNIC | 003.368.522/0001-39 | 2f6679654b50ab93d8b79530f700c97e | http://infocomm.com.br/teste.txt |+---------------------+-------------+--------------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+--------------------------+----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0.06 sec)
+---------------------+---------------+-------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+---------------+-------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-03-01 16:32:18 | avira | PHP/Agent.78 | 14/41 (34.1%) | AS36420, AS30315, AS13749, AS21844 | 174.121.20.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 703bd2c5e25ef36a96d253499611b8e6 | http://jokam.com/id1.txt || 2011-03-01 16:32:18 | avira | PERL/Shellbot.B.3 | 23/41 (56.1%) | AS36420, AS30315, AS13749, AS21844 | 174.120.188.58 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 79d55e867149075635a416322b7e93f2 | http://kcbschicago.com//bbs/indoshell.log || 2011-03-01 16:32:18 | avira | SPR/PHP.ID | 29/41 (70.7%) | AS32181 | 69.65.23.121 | ip-admin@coloquest.com | US | ARIN | IPNAP | 6f019ee9755329cfeb0aceaa700218c2 | http://osc2.template-help.com/kere/idosyris.txt || 2011-03-01 16:32:18 | avira | SPR/PHP.ID | 16/41 (39%) | AS12322 | 212.27.63.149 | abuse@proxad.net | FR | RIPE | FR-PROXAD | b6826cabb72064d55bf0d7a9b537d4e4 | http://ressources.tice.free.fr/eva/images/id.gif || 2011-03-01 16:32:18 | clamav | PUA.Script.Packed-10 | 12/41 (29.3%) | AS12322 | 212.27.63.149 | abuse@proxad.net | FR | RIPE | FR-PROXAD | 3303822656f2f4a701287d5b3be4ece8 | http://ressources.tice.free.fr/eva/images/st.gif || 2011-03-01 16:32:18 | avira | PHP/Agent.G | 24/40 (60%) | AS43711 | 87.229.111.192 | abuse@deninet.hu | HU | RIPE | SZERVERNET | 5cd7a8b426c2f87fa0cd352f2f682160 | http://sciennet.clanbazis.com/e107_docs/help/English/bego.gif || 2011-03-01 16:32:18 | avira | PHP/Small.C | 22/41 (53.7%) | AS19318 | 66.45.255.83 | network@interserver.net | US | ARIN | INTERSERVER | 80b8d5806fa28e60a0798d5b3a24fe2e | http://technorabits.com/Arta/xml.txt || 2011-03-01 16:32:18 | undef | unknown_html | 0/41 (0.0%) | AS47328 | 83.222.126.242 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | dbc16ac112ffda1a73eec6db88dc6fac | http://www.2shared.com/file/4695566/8ac2aa32/KingoOo_Backup_BookMarks.html || 2011-03-01 16:32:18 | avira | PHP/Pbot.A | 18/41 (43.9%) | AS36420, AS30315, AS13749, AS21844 | 174.121.119.132 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 7f8316f691cba9c2df582beba754a9d2 | http://www.ecogamer.com.au/banners/.log/tmp.jpg || 2011-03-01 16:32:18 | clamav | PHP.Id-30 | 16/41 (39%) | AS21385 | 81.92.160.158 | noc@tnib.de | DE | RIPE | DE-TRUSTED-20020731 | 552bfdc62f9d0fe1e3ee6861698f6b00 | http://www.internationalservicecheck.com/zfxid1.txt || 2011-03-01 17:02:42 | undef | unknown_html | 0/41 (0.0%) | AS47328 | 83.222.126.242 | abuse@digitalone.com | US | RIPE | DIGITALONE-NET | e0b53b42e1e2b0a2c6ffcb67ff7d67b1 | http://www.2shared.com/file/4695566/8ac2aa32/KingoOo_Backup_BookMarks.exe || 2011-03-01 17:03:18 | avira | EXP/Pidief.deo | 14/41 (34.1%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | 684861dfa01ebd19245a0f3646b5ac11 | http://kaghma.cz.cc/manuale.pdf || 2011-03-01 17:03:18 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | c443bdd740fcdac88c00fa9670d2a5a9 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/fxshell.txt????? || 2011-03-01 16:18:58 | avira | TR/Script.77 | 16/41 (39%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 0be4159dc6d887ebb957f8fabf857189 | http://yuken.fileave.com/id1.txt?? || 2011-03-01 16:36:41 | avira | PHP/Agent.78 | 14/41 (34.1%) | AS36420, AS30315, AS13749, AS21844 | 174.121.20.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 703bd2c5e25ef36a96d253499611b8e6 | http://jokam.com/id1.txt??? || 2011-03-01 16:13:52 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | c443bdd740fcdac88c00fa9670d2a5a9 | http://embajadastecnologicasextremadura.es/modules/mod_root/fxshell.txt??? || 2011-03-01 17:01:33 | avira | PHP/Small.C | 27/41 (65.9%) | AS8972 | 217.172.165.121 | t.urbas@glowfish.de | DE | RIPE | GLOWFISH1 | cb5b7b00fd514f3ecfe904f55411157a | http://ld.vfl-damp-vogelsang.de/modules/mod_poll/tmpl/jembot.txt??? || 2011-03-01 17:05:34 | clamav | PUA.HTML.Crypt-8 | 1/39 (2.6%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | c443bdd740fcdac88c00fa9670d2a5a9 | http://embajadastecnologicasextremadura.es/modules/mod_root/fxshell.txt???? || 2011-03-01 17:54:07 | avira | SPR/PHP.ID | 14/40 (35%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | f29547969c2cd1a8a5efb777fdf7d5e1 | http://smokers-heaven.co.uk/vnc/logx.txt? || 2011-03-01 17:54:18 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | ca3d04d5f9458a4086ab10f9a97a43f6 | http://smokers-heaven.co.uk/vnc/logz.txt? || 2011-03-01 18:02:45 | eTrust_Vet | Win32/ASuspect.HGABT | 2/40 (5%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 40afdac713b0b6f1df55ec2daa2a8504 | http://2630.uz4.org/exe/ebed86789326ee11495d3376395fc0a5bce7ab08/bundle.exe || 2011-03-01 18:02:45 | eTrust_Vet | Win32/ASuspect.HGABT | 2/39 (5.1%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 374a3db7a9f176c228d1772a2448b57b | http://449.uz4.org/exe/f516eb782d005aea4745097a06401e39104e0020/bundle.exe || 2011-03-01 18:02:45 | avira | TR/Dldr.Bubnix.A.13 | 24/41 (58.5%) | AS49097 | 91.212.135.169 | alexander@yabadaba.ru | RU | RIPE | YABA-NET | 11fd7f65f091d7d2c1d624295477dcaa | http://91.212.135.169/ld.exe || 2011-03-01 18:02:45 | undef | unknown_exe | 0/40 (0.0%) | AS22822 | 95.140.225.56 | guy@llnw.com | GB | RIPE | LLNW-EU-3 | 890dcf709a594657ee17ee7dcab12b8f | http://dl2.cdndownload.com/lm/lmdisc/jenkatarcade.exe || 2011-03-01 18:02:45 | avira | TR/ATRAPS.Gen | 9/39 (23.1%) | AS3216 | 194.186.88.58 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 8048f9624331ce5c3b3fd872f638b8e5 | http://gatasexy18.hotmail.ru/gata.jpg || 2011-03-01 18:02:45 | Comodo | Heur.Suspicious | 1/41 (2.4%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | b061408b6c5932c694842d88515aa757 | http://get.whitesmoke.com/dl/tools/ddd.exe || 2011-03-01 18:02:45 | undef | unknown_exe | 0/39 (0.0%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | 015b023939283a781ff42e95896c7bfb | http://get.whitesmoke.com/dl/tools/YontooSetup-DropDownDeals-SilentInstaller.exe || 2011-03-01 18:02:45 | avira | ADSPY/AdSpy.Gen2 | 23/41 (56.1%) | AS10912 | 66.150.14.87 | abuse@internap.com | US | ARIN | PNAP-06-2001 | 7286cdf6c2118e046a07b9a65299705a | http://origin-ics.hotbar.com/IC/GPLHBLite40/14488/0/be1c91f3-d3da-41f8-b966-817a17fc1d9d/eMuleSetup.exe?rnd=125187 || 2011-03-01 18:02:45 | eTrust_Vet | Win32/ASuspect.HGABT | 2/39 (5.1%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 40afdac713b0b6f1df55ec2daa2a8504 | http://ppi.uz4.net/exe/ebed86789326ee11495d3376395fc0a5bce7ab08/bundle.exe || 2011-03-01 18:02:45 | avira | TR/Dropper.Gen | 19/41 (46.3%) | AS32475 | 173.236.45.90 | netops@singlehop.com | US | ARIN | SINGLEHOP | a0da3a6347ed54a807a115114bc76bfa | http://tracyrealestateagents.com/app/facebook-pic0009696904901.exe || 2011-03-01 18:02:45 | Symantec | WS.Reputation.1 | 1/40 (2.5%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | 744dcc4cbbfbb18fe3878c4e769ec48f | http://www.freewebtown.com/fileshost/sqlite3.dll || 2011-03-01 18:02:45 | avira | TR/Ircbrute.A.284 | 13/40 (32.5%) | AS36820 | 208.75.230.43 | abuse@tshost.com | US | ARIN | TULIP-SYSTEMS | a17afe591aacf71c038d38a3eb7efbfd | http://www.freewebtown.com/newlow/newbin.exe || 2011-03-01 18:32:24 | undef | unknown_html | 0/40 (0.0%) | AS209 | 66.77.96.107 | abuse@qwest.net | US | ARIN | QWEST-INET-12 | 61a16454af72cc1937d647fb5a5ba77c | http://dl.installiq.com/api/detectionrequest.aspx?keyid=1&shortname=jenkatarcade&langid=0x0409 || 2011-03-01 18:32:24 | Prevx | High Risk Cloaked Malware | 0/40 (0.0%) | AS12200 | 67.23.42.178 | abuse@rackspace.com | US | ARIN | SLICE-DFW-SF | fba06833515bbc95a12b3268e2e6627b | http://s5004.7archives.co.cc/software/offer.exe || 2011-03-01 18:32:24 | Prevx | High Risk Cloaked Malware | 1/41 (2.4%) | AS12200 | 67.23.42.178 | abuse@rackspace.com | US | ARIN | SLICE-DFW-SF | fba06833515bbc95a12b3268e2e6627b | http://s694.7archives.co.cc/software/offer.exe || 2011-03-01 18:32:24 | undef | unknown_html | 0/41 (0.0%) | AS3320 | 95.100.249.112 | abuse@akamai.com | EU | RIPE | EU-AKAMAI-20090202 | 5e36941b3d856737e81516acd45edc50 | http://tattooyou.freelandmedia.com/downloads/hh/hh/hh.htm || 2011-03-01 18:34:19 | avira | PERL/IrcBot.GN | 13/41 (31.7%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 5e3a1db942aaf722c76b27ce94d78e79 | http://embajadastecnologicasextremadura.es/modules/mod_root/sp/scan.txt?? || 2011-03-01 18:39:07 | clamav | PHP.Id-30 | 11/35 (31.4%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 552bfdc62f9d0fe1e3ee6861698f6b00 | http://recky.facebookdoom.com/bogel/zfxid1.txt????? || 2011-03-01 18:39:12 | avira | PHP/BackDoor.AR | 30/41 (73.2%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | dcc55d73dae5326abb4f00d9313a7e70 | http://recky.facebookdoom.com/bogel/zfxid2.txt?????? || 2011-03-01 18:39:17 | avira | PHP/Small.C | 26/41 (63.4%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 5b4355fc278e8d9c9f3f250cafdf65c1 | http://recky.facebookdoom.com/bogel/decode.txt???? || 2011-03-01 18:39:22 | avira | PERL/IrcBot.AR | 12/39 (30.8%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 799cb54753fda1f6e429bf73b971e3d4 | http://recky.facebookdoom.com/bogel/auto.txt??? || 2011-03-01 18:10:43 | avira | PHP/Small.AA | 9/39 (23.1%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | 57dcd054e8d57dd206f79cfe8f4ab1b4 | http://smokers-heaven.co.uk/vnc/r57.txt?? || 2011-03-01 19:31:18 | undef | unknown_html_RFI | 0/38 (0.0%) | AS4787 | 202.158.92.204 | hostmaster@cbn.net.id | ID | APNIC | CBN-JKTADMIN-NETBLOCK | 8ccd32116c80a14c1788be1514bc534d | http://www.aminef.or.id/images/google.php?? || 2011-03-01 19:32:02 | clamav | PUA.HTML.Crypt-8 | 1/40 (2.5%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 30eab15e6446dc4ad8c271d553486bd2 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/kantin/pbot.txt?? || 2011-02-26 16:06:03 | undef | Heur.Trojan.Generic | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 0df88263e802c9b9bd8df03fcba8d651 | http://aaphonecard.com/ || 2011-03-01 18:52:03 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | d15797e2265a10e6353730beadbfcd0d | http://recky.facebookdoom.com/bogel/c99.txt????? || 2011-03-01 20:31:26 | AhnLab_V3 | Dropper/Win32.VB | 21/41 (51.2%) | AS32392 | 98.131.48.2 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 85980e5e67e9e79bc1b9e4c23af8a5e5 | http://new-international.com/images/W-2form.exe || 2011-03-01 20:31:26 | trendmicro | Possible_Virus | 17/41 (41.5%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | 61ae072b56cc5a4c2c1e6e2e27ad2778 | http://www.diariodafranca.com.br/conteudo/imagens/aimg/cheque28022011.exe || 2011-03-01 20:31:26 | trendmicro | Possible_Virus | 14/37 (37.8%) | AS31476 | 79.132.212.7 | samandi@morva.net | IR | RIPE | MORVA-NET | 61ae072b56cc5a4c2c1e6e2e27ad2778 | http://www.tepgrp.com/files/visualizar.php || 2011-03-01 20:05:40 | avira | TR/Script.75 | 24/41 (58.5%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | a05dfd7cca7771a7565a154d65f05ea2 | http://201.245.129.42/dav/x/x/id1.txt?? || 2011-03-01 20:09:44 | avira | PHP/C99Shell.L | 30/41 (73.2%) | AS19429 | 201.245.129.42 | ipadmin@etb.net.co | CO | LACNIC | CO-ETBE-LACNIC | 1dc65625eee713a548e5171e229ad133 | http://201.245.129.42/dav/x/x/id2.txt??? || 2011-03-01 20:03:24 | avira | BDS/PHP.Agent.EI | 23/41 (56.1%) | AS32613 | 174.142.109.139 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | e450e5d005080ae385ec5d60b6da787b | http://angganopella.110mb.com/id.txt? || 2011-03-01 20:15:32 | Ikarus | Exploit.PHP.Myegallery | 5/41 (12.2%) | AS21788 | 66.96.195.82 | abuse@hostnoc.net | US | ARIN | NOC | 711950de8f1b1d2a40848c05dc9799db | http://isnadi.co.cc/files/cmd.jpg || 2011-03-01 20:15:42 | Ikarus | Exploit.PHP.Myegallery | 5/41 (12.2%) | AS21788 | 66.96.195.82 | abuse@hostnoc.net | US | ARIN | NOC | 711950de8f1b1d2a40848c05dc9799db | http://isnadi.co.cc/files/cmd.jpg? || 2011-03-01 20:45:03 | avira | HTML/IFrame.pso | 14/39 (35.9%) | AS14618 | 184.72.246.159 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 6a3c30b5142ecfb569787470b2a360f2 | http://ow.ly/45uqf || 2011-03-01 20:45:02 | avira | HTML/IFrame.pso | 13/35 (37.1%) | AS14618 | 184.72.246.159 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 958e95dcf4a69688fa6cb68f4a3d5a48 | http://ow.ly/45tP3 || 2011-03-01 20:45:02 | avira | HTML/IFrame.pso | 16/41 (39%) | AS14618 | 184.72.246.159 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-7 | 310545b2a874ace2b6e4f30f875fe2b2 | http://ow.ly/45tuC || 2011-03-01 21:10:19 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS46844 | 70.39.109.200 | abuse@sharktech.net | US | ARIN | SHARKTECH | 2701fe3e5f88c07de8c8e37a297f8c76 | http://70.39.109.200/demdot/log/logz.jpg? || 2011-03-01 21:09:56 | avira | SPR/PHP.ID | 16/41 (39%) | AS46844 | 70.39.109.200 | abuse@sharktech.net | US | ARIN | SHARKTECH | c0fbb1f43b2e68f03c3c0273b5155b63 | http://70.39.109.200/demdot/log/logx.jpg? || 2011-03-01 21:16:36 | eTrust_Vet | PHP/Shellbot.C | 2/41 (4.9%) | AS46844 | 70.39.109.200 | abuse@sharktech.net | US | ARIN | SHARKTECH | 3462b3bdab88697818383e1272ad0790 | http://70.39.109.200/demdot/blackmetal.jpg? || 2011-03-01 21:17:17 | clamav | PUA.Script.Packed-10 | 3/41 (7.3%) | AS46844 | 70.39.109.200 | abuse@sharktech.net | US | ARIN | SHARKTECH | 6df0b7fbfd397c567e58132861a61660 | http://70.39.109.200/demdot/log/logy.jpg? || 2011-03-01 17:47:42 | undef | Trojan-Downloader.Win32.Agent.fxew | 0/41 (0.0%) | AS4355 | 207.217.125.50 | abuse@abuse.earthlink.net | US | ARIN | EARTHLINK-CIDR | 1bd86227c3a24bb441f4f26b360844b7 | http://www.nyspirit.com/advertising/ || 2011-03-02 01:09:21 | avira | PHP/Agent.G | 23/41 (56.1%) | AS35415 | 178.208.83.24 | abuse@mchost.ru | RU | RIPE | MCHOST-NET | 5cd7a8b426c2f87fa0cd352f2f682160 | http://motion-climate.ru/language/ru-RU/goodid.txt? || 2011-03-02 02:07:23 | avira | PHP/Agent.AS.1 | 18/41 (43.9%) | AS11798 | 66.147.242.173 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | 289fa6dfa68aea9067ffa186769ab489 | http://linkserve.maldicore.com//plugins/id.txt? || 2011-03-02 02:07:24 | avira | PERL/Shellbot.a.6 | 27/41 (65.9%) | AS11798 | 66.147.242.173 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | bf9ed001332283f0b91581d84c68cc60 | http://linkserve.maldicore.com//plugins/black.txt? || 2011-03-02 02:18:40 | avira | PHP/BackDoor.AR | 29/41 (70.7%) | AS31034 | 62.149.128.157 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | dcc55d73dae5326abb4f00d9313a7e70 | http://drfelettronica.it/docs/zfxid2.txt??? || 2011-03-02 02:18:46 | clamav | PHP.Downloader-4 | 1/41 (2.4%) | AS9318 | 221.141.3.92 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 4c8570006386a4b3055bf15f56c859bf | http://isoda.co.kr/_logs/my/sp.txt?? || 2011-03-02 04:46:28 | clamav | PHP.Id-30 | 5/40 (12.5%) | AS4766 | 210.115.183.149 | abuse@kornet.net | KR | APNIC | KRNIC-KR | f9ebd9c869dfa634be6977155f0c65b7 | http://food.chungbuk.ac.kr/upload/aisha.jpg?? || 2011-03-02 05:35:04 | avira | PHP/Loader.9852 | 14/41 (34.1%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 1fe8c15d97ae0e0fad9181befb4f9936 | http://civicpower.de/fileadmin/ec.txt? || 2011-03-02 05:38:56 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 493d3c720be431004253125118998a5d | http://civicpower.de/fileadmin/ID-RFI.txt?? || 2011-03-02 05:41:57 | avira | PHP/RemoteAdmi.6444 | 15/40 (37.5%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 73c6526d8a3825c2ac6bdbd6d2169280 | http://civicpower.de/fileadmin/ver.txt? || 2011-03-02 05:38:59 | avira | PHP/Pbot.A | 30/40 (75%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 0f0cc558d4d7ecb8686fcb07dd57e636 | http://civicpower.de/fileadmin/dor.txt??? || 2011-03-02 05:39:05 | avira | PERL/IrcBot.AX | 32/41 (78%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 8fa37209e871d0d17198cf5a58635caa | http://civicpower.de/fileadmin/c.txt?? || 2011-03-02 05:10:50 | avira | PHP/BackDoor.AR | 27/41 (65.9%) | AS36420, AS30315, AS13749, AS21844 | 174.121.20.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 50adde8fc39c7edd8b9b5b08fa1a6f8b | http://jokam.com/id2.txt???? || 2011-03-02 05:10:56 | avira | PHP/IRCBOT.A | 15/40 (37.5%) | AS36420, AS30315, AS13749, AS21844 | 174.121.20.226 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | d63418362c3c85e421206d691b8b3338 | http://jokam.com/spread.txt??&modez=botz || 2011-03-02 05:34:42 | avira | PHP/RemoteAdmi.6444 | 15/40 (37.5%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 73c6526d8a3825c2ac6bdbd6d2169280 | http://civicpower.de/fileadmin/ver.txt?? || 2011-03-02 05:34:46 | avira | PHP/Pbot.A | 30/41 (73.2%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 0f0cc558d4d7ecb8686fcb07dd57e636 | http://civicpower.de/fileadmin/dor.txt?? || 2011-03-02 05:34:50 | avira | PHP/PHPInfo.E | 22/41 (53.7%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 292dbe6e7a4e9245e72ba548df5c393a | http://civicpower.de/fileadmin/pandegaid.txt? || 2011-03-02 05:53:24 | avira | PHP/Pastie.637 | 15/40 (37.5%) | AS24989 | 87.238.192.101 | info@evanzo.de | DE | RIPE | DE-EVANZO-20060120 | 8640020e7254fa5fe434ce8ed181875c | http://ferienhaus-schaeferei-garz.de//phpMyAdmin/foot.jpg?? || 2011-03-02 06:21:17 | avira | PHP/Small.C | 26/40 (65%) | AS11798 | 66.147.242.83 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | cb5b7b00fd514f3ecfe904f55411157a | http://craigcody.com/logs/jembot.txt??? || 2011-03-02 05:53:26 | avira | PHP/IRCBOT.E | 17/41 (41.5%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | a762f72778e1698f400fc9c9806d733a | http://h1.ripway.com/run0/msg.txt????? || 2011-03-02 06:21:13 | avira | PHP/Small.C | 26/41 (63.4%) | AS11798 | 66.147.242.83 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | cb5b7b00fd514f3ecfe904f55411157a | http://craigcody.com/logs/jembot.txt?? || 2011-03-02 07:10:29 | clamav | PHP.Downloader | 1/41 (2.4%) | AS6245 | 206.188.193.248 | ipadmin@monstercommerce.com | US | ARIN | MONSTERCOMMERCE | 0917bb0f116d3021e7adaa640976bb76 | http://emenegon.com/brd/sprd.gif?? || 2011-03-02 07:07:06 | Avast | PHP:Agent-AR | 10/41 (24.4%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.92 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 17e4236f0ff0e41b73ee47a260bdc1f1 | http://cyberpersib.net/local/center.jpg?? || 2011-03-02 07:07:10 | avira | PHP/Small.C | 20/41 (48.8%) | AS36420, AS30315, AS13749, AS21844 | 174.120.243.92 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 481474fa6dc353da249f580e48f83fc2 | http://cyberpersib.net/local/pb.jpg??? || 2011-03-02 07:29:35 | avira | PHP/Agent.G | 24/41 (58.5%) | AS43711 | 87.229.111.192 | abuse@deninet.hu | HU | RIPE | SZERVERNET | 5cd7a8b426c2f87fa0cd352f2f682160 | http://sciennet.clanbazis.com/e107_docs/help/English/bego.gif?? || 2011-03-02 07:29:45 | avira | PHP/Pbot.G | 20/41 (48.8%) | AS43711 | 87.229.111.192 | abuse@deninet.hu | HU | RIPE | SZERVERNET | 3acb96f6b600fb06d7f96e87f186ba0a | http://sciennet.clanbazis.com/e107_docs/help/English/mac.gif?? || 2011-03-02 06:36:16 | undef | Variant.Downloader.1 | 0/41 (0.0%) | AS42926 | 79.98.129.200 | kubilay@rh.com.tr | tr | RIPE | TR-RADORE-20071102 | fd3e0842c20249483acd893413e4c7a1 | http://sapsup.com/ || 2011-03-02 07:49:43 | clamav | PHP.Downloader | 1/41 (2.4%) | AS6245 | 206.188.193.248 | ipadmin@monstercommerce.com | US | ARIN | MONSTERCOMMERCE | 0917bb0f116d3021e7adaa640976bb76 | http://emenegon.com/brd/sprd.gif? || 2011-03-02 07:45:22 | avira | PHP/Pbot.A | 27/41 (65.9%) | AS33182 | 66.7.194.193 | abuse@dimenoc.com | US | ARIN | DIMECNET | 0d24249b11468fc6b700423bd1ff8eb3 | http://massivenuke.hdfree.com.br/vamonuka.txt? || 2011-03-02 06:36:16 | undef | Trojan-Downloader.Win32.Genome.aoar | 0/41 (0.0%) | AS16276 | 213.186.33.87 | abuse@ovh.net | FR | RIPE | OVH | 97fabc19eefde14422822bffeee817e5 | http://www.share-finder.com/files/ || 2011-03-02 06:36:24 | undef | Trojan.Win32.Diple.exi | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 67.19.58.194 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-11 | 792f7e18fd35964df385d7bb4d5d7aa6 | http://www.tiedyetuesday.com/img/ordering/ || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/41 (0.0%) | AS32392 | 98.131.33.116 | ipadmin@ecommerce.com | US | ARIN | ECOMMERCE-HOSTING | 1c7b413c3fa39d0fed40556d2658ac73 | http://johnlturner.com/modules/mod_poll/ || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/40 (0.0%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 95c9efc13299f1858880749e8e6e4c24 | http://recky.facebookdoom.com/bogel/ || 2011-03-02 09:39:41 | avira | PERL/IrcBot.AR | 13/41 (31.7%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 799cb54753fda1f6e429bf73b971e3d4 | http://recky.facebookdoom.com/bogel/auto.txt? || 2011-03-02 09:39:41 | avira | PERL/IrcBot.AR | 13/41 (31.7%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 799cb54753fda1f6e429bf73b971e3d4 | http://recky.facebookdoom.com/bogel/auto.txt?? || 2011-03-02 09:39:41 | clamav | PUA.HTML.Crypt-8 | 1/41 (2.4%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | d15797e2265a10e6353730beadbfcd0d | http://recky.facebookdoom.com/bogel/c99.txt???? || 2011-03-02 09:39:41 | clamav | PHP.Id-30 | 16/41 (39%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 552bfdc62f9d0fe1e3ee6861698f6b00 | http://recky.facebookdoom.com/bogel/zfxid1.txt???? || 2011-03-02 09:39:41 | avira | PHP/BackDoor.AR | 29/41 (70.7%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | dcc55d73dae5326abb4f00d9313a7e70 | http://recky.facebookdoom.com/bogel/zfxid2.txt???? || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 78292b872de663757d2287d039909fef | http://www.aaphonecard.com/images/lady1.jpg || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/41 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | a6f771db0aea7a82df129d5e5d845aca | http://www.aaphonecard.com/images/lady2.jpg || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/40 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | b68777b44b4a6dbcade7a5f1dee6a697 | http://www.aaphonecard.com/images/lady3.jpg || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/40 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 2af462fa5b1975d209c281ec357431df | http://www.aaphonecard.com/images/lady4.jpg || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/40 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.122.134.178 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | a567b43c66e4840aff3aafda56f45dee | http://www.aaphonecard.com/images/lady5.jpg || 2011-03-02 09:39:41 | Avast | Perl:Shellbot-K | 8/41 (19.5%) | AS16276 | 87.98.170.31 | abuse@ovh.net | FR | RIPE | OVH | 05bdf754c83697781f5b928d9584bd68 | http://www.bestofrobots.fr/downloader/skin/images/girl.txt? || 2011-03-02 09:39:41 | undef | unknown_html_RFI | 0/41 (0.0%) | AS11305 | 64.225.158.116 | dhswip@peer1.com | US | ARIN | 64-224-0-0-NET | f3cde50db8a812cbfa0513ce664e77ae | http://www.experienceparkroyalresorts.com/cancunTravel.php || 2011-03-02 09:39:41 | clamav | Exploit.E107 | 4/41 (9.8%) | AS24532 | 119.235.18.66 | abuse@inet.net.id | ID | APNIC | INET-ISP-ID | 08e683e105975d683837b15be8cfbfdc | http://www.lsp-to.or.id/network/tools/log.txt || 2011-03-02 09:39:41 | undef | unknown_html_RFI_perl | 0/41 (0.0%) | AS24532 | 119.235.18.66 | abuse@inet.net.id | ID | APNIC | INET-ISP-ID | 173643cf00b099dba1bb33ec77c6dfb8 | http://www.lsp-to.or.id/network/tools/ntah.jpg || 2011-03-02 09:39:41 | avira | PHP/Shell.163910 | 28/41 (68.3%) | AS21844 | 74.52.141.162 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | f21029b72cd3e5bc0c1a02c213363318 | http://www.asdsingapore.com/includes/domit/xml.txt || 2011-03-02 09:39:41 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://1352.uz4.org/application.php || 2011-03-02 09:39:41 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://5748.uz4.org/application.php || 2011-03-02 09:39:41 | avira | PHP/Shellbot.7642 | 30/41 (73.2%) | AS40676 | 173.224.209.158 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | cc91fd7cad49574fe8f470ef71f7dba0 | http://173.224.209.158/ahh.txt || 2011-03-02 09:39:41 | avira | TR/Script.77 | 15/41 (36.6%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 0be4159dc6d887ebb957f8fabf857189 | http://yuken.fileave.com/id1.txt || 2011-03-02 09:39:41 | avira | PHP/Pastie.637 | 20/41 (48.8%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 493d3c720be431004253125118998a5d | http://civicpower.de/fileadmin/ID-RFI.txt || 2011-03-02 09:39:41 | avira | PHP/PHPInfo.E | 22/41 (53.7%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 292dbe6e7a4e9245e72ba548df5c393a | http://civicpower.de/fileadmin/pandegaid.txt || 2011-03-02 09:39:41 | avira | PHP/RemoteAdmi.6444 | 15/41 (36.6%) | AS8560 | 87.106.84.16 | abuse@oneandone.net | DE | RIPE | SCHLUND-CUSTOMERS | 73c6526d8a3825c2ac6bdbd6d2169280 | http://civicpower.de/fileadmin/ver.txt || 2011-03-02 09:39:41 | avira | PHP/Pbot.G | 21/41 (51.2%) | AS15360 | 213.158.72.68 | networkadm@interfree.it | IT | RIPE | IFREE-NET1 | 33614dca48aa4b2864381b32285c69a7 | http://czzc.interfree.it/dark.jpg || 2011-03-02 09:39:41 | clamav | PHP.Downloader | 1/41 (2.4%) | AS6245 | 206.188.193.248 | ipadmin@monstercommerce.com | US | ARIN | MONSTERCOMMERCE | 0917bb0f116d3021e7adaa640976bb76 | http://emenegon.com/brd/sprd.gif || 2011-03-02 09:39:41 | avira | PHP/Pbot.A | 28/41 (68.3%) | AS32613 | 174.142.79.85 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | fe2e315aedfbebf2a5ab0b34eb090c51 | http://gugato00.110mb.com/root.txt || 2011-03-02 09:39:41 | Avast | PHP:MassMail-A | 4/41 (9.8%) | AS15201 | 200.98.255.216 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | c89121ab02e8cff1387e5308c5ef6907 | http://haylandervip.com/imagine.txt || 2011-03-02 09:39:41 | avira | PHP/Shellbot.7642 | 23/41 (56.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | ea33cc01efd387fbe76df0e9e75abb1d | http://jointibiaguildacept.110mb.com/irc.hapesira..txt || 2011-03-02 09:39:41 | avira | PHP/Shellbot.7642 | 23/41 (56.1%) | AS32613 | 174.142.79.83 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 12c2c3ab1382548a1561045d83c9ce8b | http://jointibiaguildacept.110mb.com/wup.txt || 2011-03-02 09:39:41 | avira | PHP/Agent.AS.1 | 18/41 (43.9%) | AS11798 | 66.147.242.173 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | 289fa6dfa68aea9067ffa186769ab489 | http://linkserve.maldicore.com//plugins/id.txt || 2011-03-02 09:39:41 | avira | PHP/Agent.G | 24/41 (58.5%) | AS35415 | 178.208.83.24 | abuse@mchost.ru | RU | RIPE | MCHOST-NET | 5cd7a8b426c2f87fa0cd352f2f682160 | http://motion-climate.ru/language/ru-RU/goodid.txt || 2011-03-02 09:39:41 | avira | PHP/PHPShell.G | 9/41 (22%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 950e667d26ba6fe83dcbda123d2b1f9e | http://re9.fileave.com/id/id1.txt || 2011-03-02 09:39:41 | clamav | PHP.Id-30 | 7/41 (17.1%) | AS6939 | 64.62.181.43 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 370a84b9e88e5b085af73cb427822545 | http://re9.fileave.com/id/zfxid1.txt || 2011-03-02 09:39:41 | clamav | PHP.Id-30 | 16/41 (39%) | AS35732 | 195.62.28.236 | abuse@ukwebhosting.ltd.uk | GB | RIPE | UKWEBHOSTING | 552bfdc62f9d0fe1e3ee6861698f6b00 | http://recky.facebookdoom.com/bogel/zfxid1.txt || 2011-03-02 09:39:41 | avira | PHP/Pbot.A | 17/41 (41.5%) | AS209 | 205.168.3.51 | abuse@qwest.net | US | ARIN | QWEST-INET-35 | 45c006a22b93e1de05f72a421a4252ff | http://ringstaradvantage.com/images/banners/spd.jpg || 2011-03-02 09:39:41 | avira | PHP/Pbot.A.8 | 26/40 (65%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 9444cc2ef9baa7b9acb880a344933333 | http://shelldvd1.atspace.com/alex.txt || 2011-03-02 09:39:41 | avira | PHP/Pbot.A.8 | 26/41 (63.4%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 0decd14ed7fb2ab49d9dea8b6c6d3745 | http://shelldvd1.atspace.com/Black.txt || 2011-03-02 09:39:41 | avira | PHP/Pbot.A.8 | 26/41 (63.4%) | AS13237 | 82.197.131.109 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | 813b7ecf3d5753e4cf9e30f31d6506e4 | http://shelldvd1.atspace.com/mrs.txt || 2011-03-02 09:39:41 | avira | PERL/IrcBot.GN | 12/40 (30%) | AS16276 | 188.165.129.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 5e3a1db942aaf722c76b27ce94d78e79 | http://www.embajadastecnologicasextremadura.es/modules/mod_root/sp/scan.txt || 2011-03-02 09:39:41 | avira | PHP/RemoteAdmi.6444 | 14/41 (34.1%) | AS30568, AS11434, AS14383 | 74.200.89.220 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | ae1a706a31fb12cddbd8a20e9f557e64 | http://www.games-galaxy.net/image/u_image/rs.txt || 2011-03-02 09:39:41 | avira | PHP/RemoteAdmi.6444 | 5/41 (12.2%) | AS30568, AS11434, AS14383 | 74.200.89.220 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | 11f35e5bcdfa332633cda4d59a85b18c | http://www.games-galaxy.net/image/u_image/vero.txt || 2011-03-02 09:39:41 | avira | SPR/PHP.ID | 15/41 (36.6%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | f29547969c2cd1a8a5efb777fdf7d5e1 | http://www.smokers-heaven.co.uk/vnc/logx.txt || 2011-03-02 09:39:45 | avira | PHP/C99Shell.CG | 14/41 (34.1%) | AS36420, AS30315, AS13749, AS21844 | 174.123.219.202 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 8d7ab0063ac76d17817fb216576e9547 | http://www.oldfields.co.za/danger.txt???? || 2011-03-02 09:39:50 | avira | PHP/IRCBOT.E | 18/41 (43.9%) | AS6939 | 64.62.181.46 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 93c666db3cc5615dd99d3225e9d32f7a | http://h1.ripway.com/run0/msgc.txt?? || 2011-03-02 09:39:51 | avira | PHP/Shell.qek | 14/41 (34.1%) | AS11798 | 66.147.244.162 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-4 | 54cdf794144d00dec96edb8a3d3c0e08 | http://www.treska.com/img/just.txt???? || 2011-03-02 09:39:52 | avira | PHP/RemoteAdmi.6444 | 5/41 (12.2%) | AS30568, AS11434, AS14383 | 74.200.89.220 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | 11f35e5bcdfa332633cda4d59a85b18c | http://www.games-galaxy.net/image/u_image/vero.txt? || 2011-03-02 09:39:52 | clamav | PUA.HTML.Crypt-9 | 4/41 (9.8%) | AS3292 | 89.221.244.218 | abuse@tdcsong.no | NO | RIPE | ISPHOUSE-NO-N1 | a587947823af13919bafa1c668a2c1b1 | http://www.gloi.org/r57.txt?? || 2011-03-02 09:39:52 | avira | SPR/PHP.ID | 15/41 (36.6%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | f29547969c2cd1a8a5efb777fdf7d5e1 | http://www.smokers-heaven.co.uk/vnc/logx.txt? || 2011-03-02 09:39:52 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS34224 | 87.120.13.118 | nmt-ip@neterra.net | BG | RIPE | BG-NETERRAIP-20050712 | ca3d04d5f9458a4086ab10f9a97a43f6 | http://www.smokers-heaven.co.uk/vnc/logz.txt? || 2011-03-02 09:39:54 | trendmicro | TSPY_SPYEYE.SMAE | 22/41 (53.7%) | AS36351 | 74.86.136.156 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-4 | 5f3d845cf0a8c3eb19c6db7bd4ed7f17 | http://ebanzi.com/loading.php?spl=mdac || 2011-03-02 09:39:54 | CAT_QuickHeal | (Suspicious) - DNAScan | 4/41 (9.8%) | AS9318 | 218.50.55.103 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | e801beace3a5b0f3e67d522107b69afd | http://pcotp.motp.co.kr/pcotp/update/PCOTP.exe || 2011-03-02 09:39:54 | avira | TR/Crypt.ZPACK.Gen | 32/41 (78%) | AS4134 | 117.41.228.115 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JX | 0266c2a6e71c455a0a6d4c071691278c | http://ajg.htmi2.com:6668/Down/ziwu/qqxy.exe || 2011-03-02 09:39:54 | avira | TR/Dropper.Gen | 33/41 (80.5%) | AS4134 | 117.41.228.115 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JX | 64055bd646dc2502bcf2b7193413f96d | http://ajg.htmi2.com:6668/Down/ziwu/wow.exe || 2011-03-02 09:39:54 | Fortinet | W32/Refroso.DZP!tr | 9/41 (22%) | AS29873 | 66.96.133.20 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | c5b4c5a5183318f620155c52731b39dd | http://austo.dot5hosting.com/y-or.exe || 2011-03-02 09:39:54 | undef | unknown_exe | 0/41 (0.0%) | AS4766 | 218.154.193.212 | abuse@kornet.net | KR | APNIC | KORNET-KR | f27ad3c47fe6771b161dee02ed3ece85 | http://visual-search.co.kr/app/ver_file/site/202/DelLog.exe || 2011-03-02 09:39:54 | undef | unknown_exe | 0/41 (0.0%) | AS4766 | 218.154.193.215 | abuse@kornet.net | KR | APNIC | KORNET-KR | 3835801e1f65574839f2c8d64c592824 | http://visual-search.co.kr/app/ver_file/site/202/updater.exe || 2011-03-02 09:39:54 | undef | unknown_exe | 0/40 (0.0%) | AS4766 | 218.154.193.213 | abuse@kornet.net | KR | APNIC | KORNET-KR | 2d53bfdb3341336c898790b9d3f7f6ba | http://visual-search.co.kr/app/ver_file/site/202/vsearch.dll || 2011-03-02 09:39:54 | undef | unknown_exe | 0/41 (0.0%) | AS4766 | 218.154.193.212 | abuse@kornet.net | KR | APNIC | KORNET-KR | 37504000e6a5879337acaf8af82eea42 | http://visual-search.co.kr/app/ver_file/site/202/vsearch.exe || 2011-03-02 09:39:54 | AhnLab_V3 | Malware/Win32.Generic | 16/41 (39%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | 164593a343e4b60a40553af11ee353a0 | http://www.diariodafranca.com.br/conteudo/imagens/aimg/pega1.exe || 2011-03-02 09:39:54 | Ikarus | Trojan-Spy.Win32.Banker | 9/41 (22%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | 523bebdc08db4c207dca12dd08455944 | http://www.diariodafranca.com.br/conteudo/imagens/aimg/pega2.exe || 2011-03-02 10:13:06 | avira | TR/Banker.Itau.H.2 | 7/41 (17.1%) | AS28307 | 189.39.80.102 | noc@wideway.com.br | BR | LACNIC | 005.481.637/0001-60 | fdbc2b2276390c87f2adffca8b253c00 | http://www.diariodafranca.com.br/conteudo/imagens/aimg/iToken.exe || 2011-03-02 10:13:21 | avira | TR/Crypt.XPACK.Gen | 5/41 (12.2%) | AS42872 | 91.193.192.90 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | eaa63bb6ad9c3117362f59fe3f5a8d42 | http://91.193.192.90/exe/100064-1.exe || 2011-03-02 10:13:25 | ClamAV | PUA.HTML.Crypt | 1/41 (2.4%) | AS15169 | 74.125.77.121 | arin-contact@google.com | US | ARIN | GOOGLE | d097b3d0935201387e7533ce907d9b89 | http://www.exercitouniversal.com.br/2011/02/papa-americano-parodia.html || 2011-03-02 10:13:25 | ClamAV | PUA.HTML.Crypt | 1/41 (2.4%) | AS15169 | 74.125.77.121 | arin-contact@google.com | US | ARIN | GOOGLE | c022425bc22a0edc0cfb476d78545126 | http://www.exercitouniversal.com.br/2011/02/rituais-com-criancas.html || 2011-03-02 10:13:25 | ClamAV | PUA.HTML.Crypt | 1/41 (2.4%) | AS15169 | 74.125.77.121 | arin-contact@google.com | US | ARIN | GOOGLE | e2243b2ceff2bfa5cde9a5388d56e83e | http://www.exercitouniversal.com.br/2011/02/video-mostra-suposto-cavaleiro-do.html || 2011-03-02 10:13:26 | Antiy_AVL | Trojan/Win32.Buzus.gen | 4/41 (9.8%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.246.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 9fda6658aba4c0b632313b92245ba0ef | http://www.flashpile.com/download/fpix.exe || 2011-03-02 10:13:26 | DrWeb | Adware.Relevant.67 | 2/39 (5.1%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.246.34 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | 8dc4b251f205ac4775c70cf3b740d00d | http://www.flashpile.com/download/fpmx.exe || 2011-03-02 10:13:26 | clamav | PUA.Packed.PECompact-1 | 2/41 (4.9%) | AS41550 | 91.207.44.29 | abuse@hostbizua.com | UA | RIPE | FUIR-MNT | 1763c5ac9a65b469b6de9afc1d6c8a97 | http://www.kumaser.com/files/Book-90201-Kovalenko.exe || 2011-03-02 10:13:59 | BitDefender | Trojan.Generic.KD.144672 | 10/41 (24.4%) | AS16265 | 95.211.14.140 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | 1b5b96da89711de37d966b21a787690c | http://cupidomeet.com/quick/svchost.exe || 2011-03-02 10:14:00 | GData | JS:Pdfka-gen | 2/41 (4.9%) | AS13237 | 83.133.126.92 | abuse@greatnet.de | DE | RIPE | LNCDE-GREATNET-NEWMEDIA | 8d4ef2608566dba90f4e96414e6657c8 | http://eluxa.cz.cc/es/chat.php || 2011-03-02 10:14:00 | AhnLab_V3 | Trojan/Win32.Zbot | 15/41 (36.6%) | AS13237 | 83.133.126.92 | abuse@greatnet.de | DE | RIPE | LNCDE-GREATNET-NEWMEDIA | 2690895b78f3974ed14b8dfe845b7554 | http://eluxa.cz.cc/es/viewforum.php/b64e7b9717d4911422fdeac2b2714eef?spl=mdac || 2011-03-02 10:07:04 | avira | PHP/RemoteAdmi.6444 | 15/41 (36.6%) | AS30568, AS11434, AS14383 | 74.200.89.220 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | ae1a706a31fb12cddbd8a20e9f557e64 | http://games-galaxy.net/image/u_image/rs.txt? || 2011-03-02 10:45:02 | avira | HTML/IFrame.pso | 15/41 (36.6%) | AS3216 | 194.186.88.58 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 987c3b6fe5eef6bf051c1c4c92927b53 | http://igrohit.hotmail.ru/ || 2011-03-02 11:11:43 | Norman | W32/Killav.NCT | 3/41 (7.3%) | AS38661 | 124.217.218.5 | noc@hclc.co.kr | KR | APNIC | HCLC-KR | 5c658758e0717275337465b678e256fc | http://down.ancamera.co.kr/update/AnCamera_20101028_update.exe || 2011-03-02 11:11:43 | trendmicro | TSPY_SPYEYE.SMAE | 10/41 (24.4%) | AS4134 | 219.147.255.39 | network@hljtele.com | CN | APNIC | CHINANET-HL | ff07394036050ce7b1a987dc5e77c570 | http://oneant.ru/stopelko.exe || 2011-03-02 11:11:43 | avira | TR/Spy.Malintent.81 | 18/41 (43.9%) | AS17920 | 113.192.13.120 | noc@ultraserve.com.au | AU | APNIC | ULTRASERVE | a926396dbd689270fe05dc5116bb0cfd | http://deagonshop.com.au/mani.exe || 2011-03-02 11:11:43 | avira | TR/Agent.bq.233 | 15/41 (36.6%) | AS29761 | 96.44.169.5 | noc@quadranet.com | US | ARIN | OC3-NETWORKS2 | 61239dc8966b73cbb0f409a91376df26 | http://96.44.169.5:35678/tomatosoo/hklives.exe || 2011-03-02 11:11:43 | avira | TR/Spy.Malintent.81 | 19/41 (46.3%) | AS22781 | 216.131.88.185 | abuse@reliablehosting.com | US | ARIN | RBLHST | a926396dbd689270fe05dc5116bb0cfd | http://clearlightcorp.com/mani.exe || 2011-03-02 11:11:43 | clamav | PUA.Packed.ASPack | 2/41 (4.9%) | as44050 | 91.201.66.19 | admin@donecoserv.ru | RU | RIPE | Donekoserv | 798a52dbc20799ff5e7b1b79b7f0b020 | http://traffichere.dyndns-blog.com/install.exe || 2011-03-02 11:11:44 | avira | TR/PSW.Zbot.Y.192 | 17/41 (41.5%) | AS4134 | 219.147.255.39 | network@hljtele.com | CN | APNIC | CHINANET-HL | 91aa0f07c6d96fca088c57305e993cae | http://strategiesrecruiting.com/stopelko.exe || 2011-03-02 11:11:44 | Ikarus | AdWare.WhiteSmoke | 3/41 (7.3%) | AS209 | 63.236.35.30 | abuse@qwest.net | US | ARIN | QWEST-INET-9 | ec6be3daad790617ab4b167832e30d3f | http://get.whitesmoke.com/dl/WSCond.exe || 2011-03-02 11:11:44 | eTrust_Vet | Win32/ASuspect.HGABT | 2/41 (4.9%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 2baaba2d28bb2f336d7dcf2629f7e7b8 | http://349.uz4.org/exe/4875bf3fb328a5d96a398ec29699097618eb2dd3/bundle.exe || 2011-03-02 11:12:02 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS15169 | 74.125.43.121 | arin-contact@google.com | US | ARIN | GOOGLE | 16e3bd746bca438ccadc656769c7c771 | http://www.exercitouniversal.com.br/feeds/3094592221120455892/comments/default || 2011-03-02 11:12:02 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS15169 | 74.125.43.121 | arin-contact@google.com | US | ARIN | GOOGLE | a60aad224a8a5e59182357fa7e121f59 | http://www.exercitouniversal.com.br/feeds/7446651289137098042/comments/default || 2011-03-02 11:12:02 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS15169 | 74.125.43.121 | arin-contact@google.com | US | ARIN | GOOGLE | b1eb6b75c757dee781d93c9c54b54cd3 | http://www.exercitouniversal.com.br/feeds/8793780774858024300/comments/default || 2011-03-02 11:12:02 | ClamAV | PUA.HTML.Crypt | 1/41 (2.4%) | AS15169 | 74.125.43.121 | arin-contact@google.com | US | ARIN | GOOGLE | 846f209c8b9f5a2d02ded8e897149b49 | http://www.exercitouniversal.com.br/p/rede-aleluia.html || 2011-03-02 11:12:04 | avira | TR/Spy.258048.33 | 22/41 (53.7%) | AS36420, AS30315, AS13749, AS21844 | 67.19.58.194 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-11 | 4e04a86dbf426823bb6d8ec7f00ce267 | http://www.tiedyetuesday.com/img/ordering/Amor-Para-Ti.swf.exe || 2011-03-02 11:12:36 | avira | EXP/PDF.Jeka.B | 23/41 (56.1%) | AS33182 | 67.23.229.71 | abuse@dimenoc.com | US | ARIN | DIMECNET | 07d404c32d46ac58637dcec535fac82f | http://ebckqxkeytn.com/nte/GNH11.py/xH069eabc0V0100f060006R3d708fb1102T4bf0a79f203l000c329 || 2011-03-02 11:12:36 | avira | EXP/Pidief.deo | 15/41 (36.6%) | AS25190 | 46.252.131.22 | reliktbvk@gmail.com | LV | RIPE | Sagade | df950351a68c7c20f8fd89cac04a21bd | http://zahuginn.cz.cc/ca26fd.pdf || 2011-03-02 11:12:36 | avira | PHP/RemoteAdmi.6444 | 14/41 (34.1%) | AS30568, AS11434, AS14383 | 74.200.89.220 | abuse@virtacore.com | US | ARIN | VCS-NET-4 | ae1a706a31fb12cddbd8a20e9f557e64 | http://www.games-galaxy.net/image/u_image/rs.txt? || 2011-03-02 11:12:37 | avira | TR/Agent.30720.55 | 24/41 (58.5%) | AS4812 | 61.152.243.96 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SH | 143ce3ccadb2300eb61dd552df3932c0 | http://apm.3-a.net/o/ew.exe || 2011-03-02 11:12:37 | undef | unknown_html | 0/41 (0.0%) | AS3216 | 194.186.88.56 | abuse@gldn.net | RU | RIPE | RU-SOVINTEL-951205 | 75a93d581a96d834c2619de9275853c1 | http://krasotkabest.nm.ru/php5.ini || 2011-03-02 11:12:38 | undef | unknown_html | 0/41 (0.0%) | AS35908 | 98.126.208.84 | admin-arin@vpls.net | US | ARIN | VPLSNET | 7d87332c068d95a42a38103c71b2e105 | http://98.126.208.84/se1.txt || 2011-03-02 11:12:38 | undef | unknown_html | 0/41 (0.0%) | AS42872 | 91.193.194.69 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 75df81c02e7fe3383f73b0e7aff7728d | http://updateconnection.com/version/xtasks.php?0_100064_1_5.1%202600%20SP2.0_1.3.2011%2017:15:16_7 || 2011-03-02 11:12:38 | undef | unknown_html | 0/41 (0.0%) | AS42872 | 91.193.194.69 | noc@odhosting.com.ua | UA | RIPE | OD-HOSTING-NETWORK | 75df81c02e7fe3383f73b0e7aff7728d | http://updateconnection.com/version/xtasks.php?1_100064_1_1b7bf5eb-b240-4dbb-a121-96026066b62d_5.1%202600%20SP2.0_ru-ru_iexplore_1.3.2011%2017:15:16_9d || 2011-03-02 11:29:56 | undef | unknown_html | 0/40 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://1135.uz4.org/application.php || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS3491 | 206.161.121.100 | probinson@pccwglobal.com | US | ARIN | BTN-CIDR2 | 21d275f18851cfa975129e91b063d842 | http://206.161.121.100/d/a2w6h2wvip/af0cd4daa6bb7be6aee4636c74b1f08e/M1/0 || 2011-03-02 11:29:56 | DrWeb | Adware.Zugo.3 | 7/41 (17.1%) | AS32780 | 216.119.149.6 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 983c6e9de1928a65ae69fd1686f4df9f | http://216.119.149.6/sd43.exe?t=0.1607019 || 2011-03-02 11:29:56 | DrWeb | Adware.Zugo.3 | 7/41 (17.1%) | AS32780 | 216.119.149.6 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 983c6e9de1928a65ae69fd1686f4df9f | http://216.119.149.6/sd43.exe?t=0.913006 || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://2414.uz4.org/application.php || 2011-03-02 11:29:56 | avira | TR/Yoddos.B | 38/41 (92.7%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | e1a6bbb3162ca924a96469052799d379 | http://2b.mainpage.cc:88/r.jpg?t=0.7939569 || 2011-03-02 11:29:56 | avira | TR/Yoddos.B | 38/41 (92.7%) | AS4134 | 222.170.127.203 | network@hljtele.com | CN | APNIC | CHINANET-HL | e1a6bbb3162ca924a96469052799d379 | http://2b.mainpage.cc:88/r.jpg?t=9.331912E-02 || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://3009.uz4.org/application.php || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://6670.uz4.org/application.php || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS36351 | 173.192.170.103 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 26934eb377001f66e37289a5c93fe284 | http://6716.uz4.org/application.php || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS48709 | 91.200.242.230 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 5c9097fe86e42d07212df426d4a29d02 | http://91.200.242.230/spm/s_alive.php?id=52243711849242928320881084764875&tick=154484&ver=522&smtp=ok&sl=1&fw=0&pn=0&psr=0 || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS48709 | 91.200.242.230 | abuse@digief.eu | EU | RIPE | DIGIEF-NET | 5c9097fe86e42d07212df426d4a29d02 | http://91.200.242.230/spm/s_alive.php?id=54572280038389131016635961043007&tick=129437&ver=545&smtp=ok&sl=1&fw=0&pn=0&psr=0 |+---------------------+---------------+-------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------------+---------+--------+-----------------------------+----------------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------+200 rows in set (0.02 sec)
+---------------------+------------+-----------------------------+---------------+---------------------------------------+-----------------+-------------------------------------+---------+---------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| date | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |+---------------------+------------+-----------------------------+---------------+---------------------------------------+-----------------+-------------------------------------+---------+---------+-------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+| 2011-03-02 11:29:56 | Fortinet | W32/Krypt.N!tr | 6/41 (14.6%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | a08c4f921980241365c4ca627586a4db | http://94.63.244.50/a.exe?t=0.4254114 || 2011-03-02 11:29:56 | Fortinet | W32/Krypt.N!tr | 6/41 (14.6%) | AS30890 | 94.63.244.50 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | a08c4f921980241365c4ca627586a4db | http://94.63.244.50/a.exe?t=6.588382E-02 || 2011-03-02 11:29:56 | Avast | HTML:Framer-inf | 3/41 (7.3%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 2ae4bfd72f0cbac43b123ebc26c6a6ef | http://adbaucus.com/tdfpmmn/bhanx.php?adv=adv570&code1=LUR0&code2=9805&id=13441600&p=1 || 2011-03-02 11:29:56 | Avast | HTML:Framer-inf | 3/41 (7.3%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | a0936946a944c73d4ccf783594749036 | http://adbaucus.com/tdfpmmn/hnkppz.php?adv=adv570 || 2011-03-02 11:29:56 | Avast | HTML:Framer-inf | 3/41 (7.3%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 869604730658e043e8a2db54bffb9cb9 | http://adbaucus.com/tdfpmmn/hohhveswgc.php?adv=adv570 || 2011-03-02 11:29:56 | Avast | HTML:Framer-inf | 3/40 (7.5%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | b4eab490d064c58f01ad4ab3197c760c | http://adbaucus.com/tdfpmmn/wtqanbo.php?adv=adv570 || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS33182 | 72.29.65.241 | abuse@dimenoc.com | US | ARIN | HOSTDIME-PI-1 | e16750a49e1390aeb4bb6a9101761d61 | http://arquivos2011.net/ieplore.jpg || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS33182 | 72.29.65.241 | abuse@dimenoc.com | US | ARIN | HOSTDIME-PI-1 | 9ef981354df1d8a357e3efe44e222513 | http://arquivos2011.net/ieplorer.jpg || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS13301 | 213.202.225.40 | abuse@funpic.de | DE | RIPE | UNITEDCOLO-BERGLER-LIEMEN-NET | 58e29674aade7fcf65c3d66eb3557b6d | http://bbcrypter.bb.ohost.de/anouncment.txt || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS28297 | 187.16.23.136 | network@digirati.com.br | BR | LACNIC | 004.371.843/0001-55 | 1bb33b453ecd324a86bed821631fe2ca | http://beatrizx2010.web46.f1.k8.com.br/modulo1.zip || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS28297 | 187.16.23.136 | network@digirati.com.br | BR | LACNIC | 004.371.843/0001-55 | c9d4226bdb7c0f6ab66e4e503364950c | http://beatrizx2010.web46.f1.k8.com.br/modulo2.zip || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS32780 | 98.158.183.168 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC-VPSNET | 00cd42118ab04b6eebf92a36578aefcf | http://colegiometas.com.br/chinelov2.php || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS19066 | 209.188.86.208 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 2ff29ad93f974aed1282a6614cc7344f | http://crazyleafdesign.com/blog/images/share/facebook.png?v34=82&tq=gJ4WK%2FSUh7TFk0R8oY%2BQtMWTUj26kJH7yZRSK%2B%2FbxWq1SfkIYUBM || 2011-03-02 11:29:56 | undef | unknown_html | 0/41 (0.0%) | AS16265 | 95.211.14.140 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20080724 | dbf366212302833cf4c371c00a511100 | http://cupidomeet.com/quick/memoIp.php || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS25190 | 46.252.131.7 | reliktbvk@gmail.com | LV | RIPE | Sagade | 0d08e10682f0474613b1e9da8299cf58 | http://ddk2200.com/ab14/setup.php?act=filters&id=zhqkihkIqTbZYfE6RdyNGJ4D&ver=2 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS3216 | 194.186.208.6 | support@centre.ru | RU | RIPE | WCENTRE | 2d680c5e45a643d46896dea3e42d8520 | http://dimani.aiq.ru/down.php?id=1 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS32780 | 173.244.217.38 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | eaca77e7a06dce7e9d27c17c686cb64f | http://eighteenpix.com/cgi-bin/at3/out.cgi?id=681&l=toplist2&21&trade=http://killlme111.com || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS32780 | 173.244.217.38 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 0a9b46a9bf6864bb00565e632a21008c | http://eighteenpix.com/cgi-bin/at3/out.cgi?id=704&l=toplist2&287&trade=http://gunter2011sc.com || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS32780 | 173.244.217.38 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | 4d13a0e70e5c32904fac35086336cc79 | http://eighteenpix.com/st/stt.php?aid=224&from=cnhjb3VudGVyb25saW5lLmlu&39783 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS32780 | 173.244.217.38 | arin-contact@hostingservicesinc.net | US | ARIN | HOSTINGSERVICES-INC | ae12c3abec7c54d7fd190f31bce638e3 | http://eighteenpix.com/st/stt.php?aid=224&from=cnhjb3VudGVyb25saW5lLmlu&72179 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 117.41.228.115 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JX | 0ed2bc8303a0add6ae87540b95db9992 | http://f.abcd1123.info:6668/Down/list.txt || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS4134 | 117.41.228.115 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JX | 19b9cf282b8d8c3bbb7445bc8b2df879 | http://f.abcd1123.info:882/admin/count.php?id=142&isInst=1&lockcode=-8153&pc=00000000000000000001/000C2937B596&PcType=HomePc&AvName=OtherOrNone&ProCount=26 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.190.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | cf709698ab89dc428d3960fc2b13e2bc | http://f-cf.net/c.f-cf.net/ads1.3.htm || 2011-03-02 11:29:57 | undef | unknown_html_RFI_php | 0/41 (0.0%) | AS26496 | 184.168.190.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 628a69d8a90bc15144e3bcd8dce204b0 | http://f-cf.net/c.f-cf.net/CFVN.xml || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS29182 | 62.109.3.134 | abuse@ispsystem.net | RU | RIPE | ISPSYSTEM | 7ba20244c7b2913ded411b6093c7b083 | http://freehostingservice.ru/osnova/dor_de/dorlom.php || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 0a9b46a9bf6864bb00565e632a21008c | http://gunter2011sc.com/ || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | d692a05292f8ea680dc3e51ecaa5fb3c | http://gunter2011sc.com/logs/img/0003.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 21166f890994d176c0641ceae4874cc7 | http://gunter2011sc.com/logs/img/0004001.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 7963bff407d1089582aaa15bcc977994 | http://gunter2011sc.com/logs/img/0006001.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | c31dd58445b57255988f9d158ce2261e | http://gunter2011sc.com/logs/img/0008001.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 0eef1f5e2f610203395f9514ed341d2e | http://gunter2011sc.com/logs/img/0011.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 4ccab800a3cc1a919d400bf0a4a849d3 | http://gunter2011sc.com/logs/img/0012.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8035efeb516c316e171a3dfb6098ef3c | http://gunter2011sc.com/logs/img/0014.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 6decdab4993e6001ba7f5811260b20e3 | http://gunter2011sc.com/logs/img/0015.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | eda3686d98e7f0b312aec7e69829b13d | http://gunter2011sc.com/logs/img/0016.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 4f8ff9a228b0044ec16e2ca830554859 | http://gunter2011sc.com/logs/img/0020.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 2224ab27ea101a3dd36ca415ad85077d | http://gunter2011sc.com/logs/img/0031001.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/40 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | e7876b305d81add06dee08f553c5ef2c | http://gunter2011sc.com/logs/img/0033.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | f603655eb1c3cdcd690b681f67760d92 | http://gunter2011sc.com/logs/img/0042.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/40 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 746dc139d288958aa28cf5e878f8b4f1 | http://gunter2011sc.com/logs/img/0043.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/40 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | e371ccaa4a6af0f08246dfd9585d4530 | http://gunter2011sc.com/logs/img/0047.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | b0daffbe249245057929f7b6fc4585b1 | http://gunter2011sc.com/logs/img/0048.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | daf4a28015b9f0d57f10877ec27d0a5d | http://gunter2011sc.com/logs/rek/2.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | c9be7bdb917b388cb2e18032e186611e | http://gunter2011sc.com/logs/rek/3.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS26496 | 184.168.230.128 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 5e5791c2769d99fe223c7527a7544ceb | http://gunter2011sc.com/logs/rek/5.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS49699 | 91.215.218.176 | abuse@icn.bg | BG | RIPE | ICN-BG | 72f5cc7389fc1f12340dcd443fe0aab2 | http://hotlove.bg/_files/yahoo/quick/quick_home.html || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS49699 | 91.215.218.176 | abuse@icn.bg | BG | RIPE | ICN-BG | 2396685ca82ce16c2ca9dbbfa5a55608 | http://hotlove.bg/_files/yahoo/quick/quick_index.html || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS6327 | 209.167.6.16 | canada-abuse@verizonbusiness.com | US | ARIN | UUNETCA5-A | 983d88150a2f22337facfdde79c34a34 | http://i.azjmp.com/?o=10220&a=16015&t=13&p=1 || 2011-03-02 11:29:57 | undef | unknown_html | 0/40 (0.0%) | AS29873 | 209.59.194.20 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC02 | d2a6d2a1d2693b5bba8c71c43f73ad13 | http://landing.trafficz.com/css.php?id=78 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS29873 | 209.59.194.20 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC02 | 0512a0843ece1724118df4787f9c138a | http://landing.trafficz.com/index.php?domain=eyesighttest.net || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS33626 | 208.73.210.29 | abuse@oversee.net | US | ARIN | OVERSEE-NET-2 | 063928dae2364f0261b0563996e43d5b | http://leongkaiyoung.com/asdz/update.jpg || 2011-03-02 11:29:57 | undef | unknown_html | 0/40 (0.0%) | AS4134 | 113.107.43.67 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | eecdd6ca6d1d4aabbcf3ed996113a30c | http://lovechina.bmw444.com/China520.ashx?Mac=&UserId=79&Bate=4.60 || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS13768 | 70.42.26.234 | abuse@internap.com | US | ARIN | PNAP-09-2005 | 41d63a9c252127eefdc31caf026a7cd2 | http://lwken.com/click/?s=139483&c=86558&subid=1535_440_1741338978440110228 || 2011-03-02 11:29:57 | Sophos | Sus/BanHosts-A | 1/41 (2.4%) | AS29650 | 84.51.233.8 | lir@hosting365.ie | IE | RIPE | IE-HOST365-20051107 | 3f22a4c2356987584099be31c6d93f9e | http://m2grid.com/tmp/images/http.config || 2011-03-02 11:29:57 | undef | unknown_html | 0/41 (0.0%) | AS9318 | 218.50.55.103 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | b3cf8c36b36e7b5ddf7a95cc79f57d46 | http://pcotp.motp.co.kr/pcotp/update/pcotp.hlp