WARNING: All domains on this website should be considered dangerous. If you do
not know what you are doing here, it is recommended you leave right away. This
website is a resource for security professionals and enthusiasts.
| Date (UTC) | Domain | IP | Reverse Lookup | Description | Registrant |
ASN |
| 2010/03/09_21:19 | yougoodvideo.net/forum/exe/file.exe | 122.115.63.24 | netnic.com.cn. | rootkit TDSS | Domain Admin / contact@privacyprotect.org | 9803 |
| 2010/03/09_21:19 | diaiscjdthr.com/nte/INDEPHANDLER | 66.135.37.211 | server6.randasolutions.com. | NeoSploit, payload Zeus | Jim Nelson / Nelsondwer4@yahoo.com | 13768 |
| 2010/03/09_21:19 | diaiscjdthr.com/nte/INDEPHANDLER/eU8ea8ef33Hdfd932d2V0100f070006R00000000102T944f9e0c201l0409K08d80105320 | 66.135.37.211 | server6.randasolutions.com. | zeus/wsnpoem v2 trojan | Jim Nelson / Nelsondwer4@yahoo.com | 13768 |
| 2010/03/09_21:19 | www.youporn8.net/yama.exe | 174.120.148.154 | 9a.94.78ae.static.theplanet.com. | trojan StartPage | Ahmet ERCETIN | 21844 |
| 2010/03/09_21:19 | trastlifer.hk/vmxts.exe | 91.212.220.10 | - | zeus/wsnpoem v2 trojan | domain@now.net.cn | 49365 |
| 2010/03/09_21:19 | trastlifer.hk/ribbn.tar | 91.212.220.10 | - | zeus/wsnpoem v2 config file | domain@now.net.cn | 49365 |
| 2010/03/09_21:19 | trastlifer.hk/index1.php | 91.212.220.10 | - | zeus/wsnpoem v2 drop zone | domain@now.net.cn | 49365 |
| 2010/03/09_19:08 | stroimvmeste.in/affiliate/index.php?b=b | 77.222.56.35 | caracas.sweb.ru. | YES exploit kit | Bolortseseg Nagsadorj / trf00ok@gmail.com | 44112 |
| 2010/03/09_19:08 | stroimvmeste.in/affiliate/admin | 77.222.56.35 | caracas.sweb.ru. | control panel of YES exploit kit | Bolortseseg Nagsadorj / trf00ok@gmail.com | 44112 |
| 2010/03/09_19:08 | stroimvmeste.in/affiliate/cache/PDF.php?st=Internet | 77.222.56.35 | caracas.sweb.ru. | Explorer 6.0 | Bolortseseg Nagsadorj / trf00ok@gmail.com | 44112 |
| 2010/03/09_19:08 | stroimvmeste.in/affiliate/load.php?a=a&e=4 | 77.222.56.35 | caracas.sweb.ru. | rootkit TDSS | Bolortseseg Nagsadorj / trf00ok@gmail.com | 44112 |
| 2010/03/09_19:08 | foreinternet.com/sys/index.php | 91.210.173.2 | lc-b2.lorercorp.com. | YES exploit kit | tangrongnn@163.com | 48588 |
| 2010/03/09_19:08 | foreinternet.com/sys/admin | 91.210.173.2 | lc-b2.lorercorp.com. | control panel of YES exploit kit | tangrongnn@163.com | 48588 |
| 2010/03/09_19:08 | foreinternet.com/sys/load.php?a=a&e=4 | 91.210.173.2 | lc-b2.lorercorp.com. | trojan Oficla/Sasfis | tangrongnn@163.com | 48588 |
| 2010/03/09_19:08 | antiviruspc-update.com/mavzoley/bb.php?v=200&id=554905388&b=ze-us&tm=3 | 91.210.173.25 | lc-b25.lorercorp.com. | Oficla/Sasfis C&C | Jan Winstrom / dns@antiviruspc2009.com | 48588 |
| 2010/03/09_18:32 | yes-exploit-system.ru | 91.212.198.156 | - | YES exploit kit advertisement | admin@yes-exploit-system.ru | 49314 |
| 2010/03/09_17:39 | streamlinemediaworks.com/images/space.gif | 72.167.131.22 | p3swh205.shr.phx3.secureserver.net. | zeus/wsnpoem v2 config file | Streamline Mediaworks | 26496 |
| 2010/03/09_17:39 | kokojamba.com/a/d.php?e=CollabUTIL | 79.171.22.190 | static.vitalhosting.com.tr. | trojan | kokojamba.com / magikmind13@gmail.com | 44565 |
| 2010/03/09_17:39 | kokojamba.com/a/s/files/ie.swf | 79.171.22.190 | static.vitalhosting.com.tr. | flash exploit | kokojamba.com / magikmind13@gmail.com | 44565 |
| 2010/03/09_17:39 | kokojamba.com/a/admin.php | 79.171.22.190 | static.vitalhosting.com.tr. | control panel of Liberty exploit kit | kokojamba.com / magikmind13@gmail.com | 44565 |
| 2010/03/09_17:39 | kokojamba.com/a/s/files/clb.pdf | 79.171.22.190 | static.vitalhosting.com.tr. | pdf exploit | kokojamba.com / magikmind13@gmail.com | 44565 |
| 2010/03/09_17:39 | kokojamba.com/a/s/0.php | 79.171.22.190 | static.vitalhosting.com.tr. | Liberty exploit kit | kokojamba.com / magikmind13@gmail.com | 44565 |
| 2010/03/09_17:39 | - | 98.126.17.138/g86f3cbi2.php | CUSTOMER.KRYPT.COM. | zeus/wsnpoem v2 drop zone | - | 35908 |
| 2010/03/09_17:39 | inasss.info/pt_newold.exe | 122.115.63.9 | netnic.com.cn. | zeus/wsnpoem v2 trojan | Andrey Aleksandrovich Polev / o00o.code@gmail.com | 9803 |
| 2010/03/09_17:39 | calvinkleinstuffz.com/calvinklein2/cfg.bin | 122.115.63.37 | netnic.com.cn. | zeus/wsnpoem v1 config file | JOHN DUNCAN / contact@myprivateregistration.com | 9803 |
| 2010/03/09_17:39 | calvinkleinstuffz.com/calvinklein2/logger.php | 122.115.63.37 | netnic.com.cn. | zeus/wsnpoem v1 drop zone | JOHN DUNCAN / contact@myprivateregistration.com | 9803 |
| 2010/03/09_17:39 | hourbrand.com/scn/c4f12d4be2e5a718fc0fab8ff0519a17/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d | 98.142.243.10 | - | fake online Scanner | Chris Mosh / mosh@dev.mosh.com | 30407 |
| 2010/03/09_17:39 | zannualnews.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 91.212.127.144 | - | trojan fakeSmoke | Private Whois Service efiis0c4b94e72d25553@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/09_17:39 | www.antivp.com/asvzgdwebasvzgdweb.htm?get=e0b399bd994a0556517f96487dd3ab29 | 91.212.127.142 | - | rogue installer | Private Whois Service nvu6cp14b744046930da@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/09_17:39 | antispyware-comp.com | 69.4.231.42 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Pavel Eroshkin / volt@maillife.ru | 36351 |
| 2010/03/09_17:39 | antivirus-onecare2010.com | 76.76.102.198 | generic.gogax.com. | fake av site | barley@freenetbox.ru | 21793 |
| 2010/03/09_17:39 | pc-carelive.com | 76.76.102.197 | generic.gogax.com. | fake av site | bette@bigmailbox.ru | 21793 |
| 2010/03/09_17:39 | pccare-live.com | 76.76.102.195 | generic.gogax.com. | fake av site | bette@bigmailbox.ru | 21793 |
| 2010/03/09_17:39 | pcguard2010.com | 76.76.102.197 | generic.gogax.com. | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 21793 |
| 2010/03/09_17:39 | pcguard-2010.com | 69.4.231.42 | no-rdns.ord02.hostingservicesinc.net. | fake av site | bette@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | pc-guard-2010.com | 173.192.214.194 | 173.192.214.194-static.reverse.softlayer.com. | fake av site | bette@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | pcguard20-10.com | 69.4.231.43 | no-rdns.ord02.hostingservicesinc.net. | fake av site | bette@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | pc-guard-20-10.com | 173.192.214.194 | 173.192.214.194-static.reverse.softlayer.com. | fake av site | bette@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | pcwindowslive.com | 69.4.231.40 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pc-windowslive.com | 69.4.231.43 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pcwindows-live.com | 69.4.231.41 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pc-windows-live.com | 173.192.214.192 | 173.192.214.192-static.reverse.softlayer.com. | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pcwinlive.com | 173.83.26.46 | - | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 32392 |
| 2010/03/09_17:39 | pc-winlive.com | 173.83.26.44 | - | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 32392 |
| 2010/03/09_17:39 | pcwin-live.com | 76.76.102.196 | generic.gogax.com. | fake av site | Ananoliy Kunirkin / mazda@freenetbox.ru | 21793 |
| 2010/03/09_17:39 | pc-win-live.com | 69.4.231.41 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pcwinlive2010.com | 173.192.214.193 | 173.192.214.193-static.reverse.softlayer.com. | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pc-winlive2010.com | 69.4.231.42 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | pcwinlive-2010.com | 173.83.26.44 | - | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 32392 |
| 2010/03/09_17:39 | pc-win-live-2010.com | 173.83.26.45 | - | fake av site | Yuri Vernitsky / larks@freenetbox.ru | 32392 |
| 2010/03/09_17:39 | spyware-destroyerone.com | 69.4.231.41 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Anton Nikiforov / astral@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | tragicapple.com | 76.76.98.196 | reverse-mtl-76-76-98-196.gogax.com. | fake av site | proxy1621500@1and1-private-registration.com | 21793 |
| 2010/03/09_17:39 | windef2010.com | 69.4.231.43 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Alexander Bulatov / bands@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | win-defender10.com | 69.4.231.40 | no-rdns.ord02.hostingservicesinc.net. | fake av site | skies@freenetbox.ru | 36351 |
| 2010/03/09_17:39 | windefender-10.com | 69.4.231.41 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Lyubov Bushmakina / boil@maillife.ru | 36351 |
| 2010/03/09_17:39 | win-defender-10.com | 69.4.231.42 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Lyubov Bushmakina / boil@maillife.ru | 36351 |
| 2010/03/09_17:39 | windowsdefender10.com | 69.4.231.40 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Igor Goev / try@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | windows-defender10.com | 69.4.231.41 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Svetlana Alyamkina / quilt@bigmailbox.ru | 36351 |
| 2010/03/09_17:39 | windowsdefender-10.com | 69.4.231.42 | no-rdns.ord02.hostingservicesinc.net. | fake av site | Dmitriy Kolobanov / bob@qx8.ru | 36351 |
| 2010/03/09_17:39 | windows-defender-10.com | 69.4.231.43 | no-rdns.ord02.hostingservicesinc.net. | fake av site | skies@freenetbox.ru | 36351 |
| 2010/03/09_15:29 | lipesnaskom.com/cgi-binn/hitss.php | 95.143.192.40 | - | zeus/wsnpoem v2 drop zone | Hilary Kneber hilarykneber@yahoo.com | 49770 |
| 2010/03/09_14:18 | 842389423478923.com/2/l.php?i=6 | 195.88.208.8 | hosted-by.antaro-hosting.ru. | zeus/wsnpoem v2 trojan | Ignat Alekseev / admin@842389423478923.com | 12695 |
| 2010/03/09_14:18 | 842389423478923.com/2/statistics.php | 195.88.208.8 | hosted-by.antaro-hosting.ru. | control panel of Phoenix exploit kit | Ignat Alekseev / admin@842389423478923.com | 12695 |
| 2010/03/09_14:18 | 842389423478923.com/2/index.php | 195.88.208.8 | hosted-by.antaro-hosting.ru. | Phoenix exploit kit | Ignat Alekseev / admin@842389423478923.com | 12695 |
| 2010/03/09_12:04 | bravetools.net/en/mytools.php | 74.54.41.82 | gator326.hostgator.com. | exploit kit | Amir Hossein Jadidi / domian@parandis.com | 21844 |
| 2010/03/09_12:04 | www.from-jucar.de/ | 81.169.145.71 | w07.rzone.de. | compromised site directs to exploit kit | hostmaster@strato.de | 6724 |
| 2010/03/09_11:50 | qnnualnews.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 212.150.147.45 | - | trojan FakeSmoke | Private Whois Service prf9am94b94e72c4a346@ahwyn0f4b73feacadaa2.privatewhois.net | 1680 |
| 2010/03/09_11:50 | checkliet.com/scn/f7293174e497c1447e298176d78e0ae1/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d | 98.142.243.10 | - | fake online Scanner | Chris Mosh / mosh@dev.mosh.com | 30407 |
| 2010/03/09_09:07 | openaskelisto.com/main1/view.php | 85.12.46.22 | - | zeus/wsnpoem v2 drop zone | Hary / admin@asusufurmeh.com | 34305 |
| 2010/03/09_08:26 | www.gaddem.net/scam/can/li.exe | 61.4.82.222 | - | zeus/wsnpoem v2 trojan | Pavel Pugachev / ya_whois@yandex.ru | 17964 |
| 2010/03/09_08:26 | ertriuanfhaeritruonceif.com/barcelona/barccfg9832789/barccfg23084292.bin | 91.212.220.68 | - | zeus/wsnpoem v2 config file | Yu MingSuo / abuseemaildhcp@gmail.com | 49365 |
| 2010/03/09_08:26 | countrtds.ru/cxd/fe.vv | 91.201.196.102 | - | zeus/wsnpoem v2 config file | thru@freenetbox.ru | 42229 |
| 2010/03/09_08:26 | iiiiiiiiiiiiii.net/games/update.set | 203.174.83.98 | 203-174-83-98.rev.ne.com.sg. | zeus/wsnpoem v2 config file | Alexander A Reva / klimckoe@yahoo.com | 38001 |
| 2010/03/09_08:24 | 777brabus777.com/tmp/404_ca.php | 94.228.220.66 | - | zeus/wsnpoem v2 drop zone | Bozvanovna L Olegovna / helukausa@yahoo.com | 47869 |
| 2010/03/09_08:24 | - | 193.105.0.71/yj6revg7.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/09_08:24 | 777brabus777.com/fu/loc.so | 94.228.220.66 | - | zeus/wsnpoem v2 config file | Bozvanovna L Olegovna / helukausa@yahoo.com | 47869 |
| 2010/03/09_08:24 | - | 193.105.0.71/j65g5hh7.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/09_08:24 | - | 193.105.0.71/allovu.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/09_01:44 | slavenkad.com/3/download.php?expid=3&fid=1 | 95.143.192.193 | - | zeus/wsnpoem v2 trojan | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | slavenkad.com/3/admin.php | 95.143.192.193 | - | control panel of Liberty exploit kit | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | slavenkad.com/3/index.php | 95.143.192.193 | - | Liberty exploit kit | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | oooowor.com/stat/load.php?spl=pdf_2012 | 122.115.63.24 | netnic.com.cn. | trojan | Alexander A Reva / klimckoe@yahoo.com | 9803 |
| 2010/03/09_01:44 | oooowor.com/stat/stat.php | 122.115.63.24 | netnic.com.cn. | control panel of Eleonore Exploits pack v1.3.2 | Alexander A Reva / klimckoe@yahoo.com | 9803 |
| 2010/03/09_01:44 | oooowor.com/stat/index.php | 122.115.63.24 | netnic.com.cn. | Eleonore Exploits pack v1.3.2 | Alexander A Reva / klimckoe@yahoo.com | 9803 |
| 2010/03/09_01:44 | kontroli.ru/s/load.php?id=&spl=4 | 95.211.4.6 | - | trojan | a.kanevskiy@mail.ru | 16265 |
| 2010/03/09_01:44 | kontroli.ru/s/index.php | 95.211.4.6 | - | exploit kit | a.kanevskiy@mail.ru | 16265 |
| 2010/03/09_01:44 | jl.chura.pl/rc/getexe.php?spl=mdac | 89.187.34.4 | host4-34.monitoring.md. | trojan Virut | - | 25129 |
| 2010/03/09_01:44 | jl.chura.pl/rc/stat.php | 89.187.34.4 | host4-34.monitoring.md. | control panel of Eleonore Exploits pack v1.2 | - | 25129 |
| 2010/03/09_01:44 | jl.chura.pl/rc/index.pjp | 89.187.34.4 | host4-34.monitoring.md. | Eleonore Exploits pack v1.2 | - | 25129 |
| 2010/03/09_01:44 | frondircass.cn/ee/imho.php | 95.143.192.193 | - | zeus/wsnpoem v2 drop zone | LiTah / tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | frondircass.cn/ee/ee.txt | 95.143.192.193 | - | zeus/wsnpoem v2 config file | LiTah / tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | brunongino.com/3/download.php?expid=3&fid=1 | 95.143.192.193 | - | zeus/wsnpoem v2 trojan | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | brunongino.com/3/admin.php | 95.143.192.193 | - | control panel of Liberty exploit kit | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | brunongino.com/3/index.php | 95.143.192.193 | - | Liberty exploit kit | Chan Su tahli@yahoo.com | 49770 |
| 2010/03/09_01:44 | test2.salefale.com/exe.exe | 67.141.185.89 | h89.185.141.67.static.ip.windstream.net. | zeus/wsnpoem v2 trojan | Vera Zaytseva, (20100301173314@antispam.alantron.com) | 7029 |
| 2010/03/09_01:44 | zxfr.salefale.com/exe.exe | 67.141.185.89 | h89.185.141.67.static.ip.windstream.net. | zeus/wsnpoem v2 trojan | Vera Zaytseva, (20100301173314@antispam.alantron.com) | 7029 |
| 2010/03/09_00:29 | superlayout.org/ws/g899.php | 61.4.82.216 | - | zeus/wsnpoem v2 drop zone | alexey pronin / vin.bond@gmail.com | 17964 |
| 2010/03/09_00:29 | superlayout.org/125/tyu7.exe | 61.4.82.216 | - | zeus/wsnpoem v2 trojan | alexey pronin / vin.bond@gmail.com | 17964 |
| 2010/03/09_00:29 | superlayout.org/125/gfy6.bin | 61.4.82.216 | - | zeus/wsnpoem v2 config file | alexey pronin / vin.bond@gmail.com | 17964 |
| 2010/03/08_20:39 | img95.lmagebucket.com/img/acomsw.jpg | 112.121.163.174 | - | trojan | hotdogs c/o Dynadot Privacy / privacy@dynadot.com | 45753 |
| 2010/03/08_19:36 | ackstone.com/.sys/?getexe=v2captcha21.exe | 12.46.124.221 | 12-46-124-221.daub.net. | Koobface | - | 7018 |
| 2010/03/08_19:36 | asiandvdtime.com/.sys/?getexe=v2captcha21.exe | 72.52.191.187 | - | Koobface | - | 32244 |
| 2010/03/08_19:36 | beautiteen.hostmaniacs.com/.sys/?getexe=v2captcha21.exe | 88.85.75.140 | - | Koobface | - | 35415 |
| 2010/03/08_19:36 | cedelevator.com/.sys/?getexe=v2captcha21.exe | 64.71.33.74 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | comunicat-de-presa.ro/.sys/?getexe=hosts2.exe | 89.42.216.60 | server32.whmpanels.com. | Koobface | - | 5606 |
| 2010/03/08_19:36 | ctsrmspos.com/.sys/?getexe=v2captcha21.exe | 216.177.193.194 | ns2.e-mailsglobal.com. | Koobface | - | 22364 |
| 2010/03/08_19:36 | daveshieldsphotography.com/.sys/?getexe=v2captcha21.exe | 64.71.33.197 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | derekmohr.com/.sys/?getexe=v2prx.exe | 207.150.212.89 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | dorothycooley.com/.sys/?getexe=v2captcha21.exe | 67.139.134.203 | o3.hostbaby.com. | Koobface | - | 7385 |
| 2010/03/08_19:36 | elenailyina.com/.sys/?getexe=v2captcha21.exe | 213.189.197.30 | axx30.distributed.zenon.net. | Koobface | - | 6903 |
| 2010/03/08_19:36 | fjdc.edu.pk/.sys/?getexe=v2bloggerjs.exe | 208.93.192.2 | www.brospeedheaders.info. | Koobface | -1 | 46562 |
| 2010/03/08_19:36 | fjdc.edu.pk/.sys/?getexe=v2captcha21.exe | 208.93.192.2 | www.brospeedheaders.info. | Koobface | -1 | 46562 |
| 2010/03/08_19:36 | fjdc.edu.pk/.sys/?getexe=v2newblogger.exe | 208.93.192.2 | www.brospeedheaders.info. | Koobface | -1 | 46562 |
| 2010/03/08_19:36 | frigologistics.nl/.sys/?getexe=pp.14.exe | 193.93.174.152 | wswww21.uwwebhostingprovider.nl. | Koobface | - | 39700 |
| 2010/03/08_19:36 | frigologistics.nl/.sys/?getexe=v2captcha21.exe | 193.93.174.152 | wswww21.uwwebhostingprovider.nl. | Koobface | - | 39700 |
| 2010/03/08_19:36 | goldmaniac.com/.sys/?getexe=v2bloggerjs.exe | 65.36.242.101 | grollfamily.com | Koobface | - | 20021 |
| 2010/03/08_19:36 | goldmaniac.com/.sys/?getexe=v2captcha21.exe | 65.36.242.101 | grollfamily.com | Koobface | - | 20021 |
| 2010/03/08_19:36 | goldmaniac.com/.sys/?getexe=v2newblogger.exe | 65.36.242.101 | grollfamily.com | Koobface | - | 20021 |
| 2010/03/08_19:36 | goninja.fastlearningbrain.com/.sys/?getexe=v2captcha21.exe | 174.137.158.10 | - | Koobface | - | 27257 |
| 2010/03/08_19:36 | greystoneofellijay.com/.sys/?getexe=v2captcha21.exe | 198.92.147.210 | host24.ihostnetworks.com. host27.ihostnetworks.com. | Koobface | - | 3356 |
| 2010/03/08_19:36 | inartdesigns.com/.sys/?getexe=v2captcha21.exe | 67.227.177.47 | - | Koobface | - | 32244 |
| 2010/03/08_19:36 | internethosting.sg/.sys/?getexe=v2captcha21.exe | 203.211.140.165 | 165.203-211-140.static.qala.com.sg. | Koobface | - | 17547 |
| 2010/03/08_19:36 | keeplan.com/.sys/?getexe=v2captcha21.exe | 64.71.33.35 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | leonardandself.com/.sys/?getexe=v2captcha21.exe | 216.180.225.10 | flexo.routesys.com. | Koobface | - | 3595 |
| 2010/03/08_19:36 | leonardandself.com/.sys/?getexe=v2captcha21.exe | 216.180.225.10 | flexo.routesys.com. | Koobface | - | 3595 |
| 2010/03/08_19:36 | mad-i-bevaegelse.dk/.sys/?getexe=pp.14.exe | 194.192.14.146 | serv29.wannafind.dk. | Koobface | - | 3292 |
| 2010/03/08_19:36 | mad-i-bevaegelse.dk/.sys/?getexe=v2bloggerjs.exe | 194.192.14.146 | serv29.wannafind.dk. | Koobface | - | 3292 |
| 2010/03/08_19:36 | mad-i-bevaegelse.dk/.sys/?getexe=v2captcha21.exe | 194.192.14.146 | serv29.wannafind.dk. | Koobface | - | 3292 |
| 2010/03/08_19:36 | mad-i-bevaegelse.dk/.sys/?getexe=v2newblogger.exe | 194.192.14.146 | serv29.wannafind.dk. | Koobface | - | 3292 |
| 2010/03/08_19:36 | mahjongmuseum.com/.sys/?getexe=v2captcha21.exe | 207.217.125.50 | webhost.earthlink.net. | Koobface | - | 4355 |
| 2010/03/08_19:36 | mkmohanty.com/.sys/?getexe=v2captcha21.exe | 174.37.216.1 | linux11.znetindia.net. | Koobface | - | 36351 |
| 2010/03/08_19:36 | mohammedistechnologies.com/.sys/?getexe=v2captcha21.exe | 91.186.25.40 | - | Koobface | - | 29550 |
| 2010/03/08_19:36 | musthaveitjewelry.com.mytempweb.com/.sys/?getexe=v2captcha21.exe | 66.252.239.235 | web08.appliedi.net. | Koobface | - | 14519 |
| 2010/03/08_19:36 | mycleveridea.co.za/.sys/?getexe=v2captcha21.exe | 72.9.250.162 | win1.nswebhost.com. | Koobface | - | 3595 |
| 2010/03/08_19:36 | qatar-business-guide.net/.sys/?getexe=v2captcha21.exe | 94.102.219.71 | - | Koobface | - | 41078 |
| 2010/03/08_19:36 | reishus.de/.sys/?getexe=loader.exe | 212.12.112.25 | web-ve-gamma.domainmedia.net. | Koobface | - | 12595 |
| 2010/03/08_19:36 | reishus.de/.sys/?getexe=v2captcha21.exe | 212.12.112.25 | web-ve-gamma.domainmedia.net. | Koobface | - | 12595 |
| 2010/03/08_19:36 | ritmotours.com.tr/.sys/?getexe=v2captcha21.exe | 89.106.12.55 | web6.turkticaret.net. | Koobface | - | 39582 |
| 2010/03/08_19:36 | roomservicedesign.com.au/.sys/?getexe=pp.14.exe | 122.201.80.95 | stradale.turboservers.com.au. | Koobface | - | 9512 |
| 2010/03/08_19:36 | roomservicedesign.com.au/.sys/?getexe=pp.14.exe | 122.201.80.95 | stradale.turboservers.com.au. | Koobface | - | 9512 |
| 2010/03/08_19:36 | roomservicedesign.com.au/.sys/?getexe=v2captcha21.exe | 122.201.80.95 | stradale.turboservers.com.au. | Koobface | - | 9512 |
| 2010/03/08_19:36 | skybluephoto.com/.sys/?getexe=loader.exe | 8.21.33.134 | cwpro1.crosswinds.net. | Koobface | - | 14112 |
| 2010/03/08_19:36 | skybluephoto.com/.sys/?getexe=v2captcha21.exe | 8.21.33.134 | cwpro1.crosswinds.net. | Koobface | - | 14112 |
| 2010/03/08_19:36 | skybluephoto.com/.sys/?getexe=v2captcha21.exe | 8.21.33.134 | cwpro1.crosswinds.net. | Koobface | - | 14112 |
| 2010/03/08_19:36 | strictlydetail.co.uk/.sys/?getexe=pp.14.exe | 88.208.252.192 | - | Koobface | - | 15418 |
| 2010/03/08_19:36 | strictlydetail.co.uk/.sys/?getexe=v2captcha21.exe | 88.208.252.192 | - | Koobface | - | 15418 |
| 2010/03/08_19:36 | tinytanks.net/.sys/?getexe=pp.14.exe | 66.7.206.75 | server.petfish.net. | Koobface | - | 33182 |
| 2010/03/08_19:36 | tinytanks.net/.sys/?getexe=v2captcha21.exe | 66.7.206.75 | server.petfish.net. | Koobface | - | 33182 |
| 2010/03/08_19:36 | tinytanks.net/.sys/?getexe=v2prx.exe | 66.7.206.75 | server.petfish.net. | Koobface | - | 33182 |
| 2010/03/08_19:36 | troytabor.com/.sys/?getexe=v2captcha21.exe | 66.96.146.81 | 81.146.96.66.static.eigbox.net. | Koobface | - | 29873 |
| 2010/03/08_19:36 | troytabor.com/.sys/?getexe=v2prx.exe | 66.96.146.81 | 81.146.96.66.static.eigbox.net. | Koobface | - | 29873 |
| 2010/03/08_19:36 | undercoversquilting.com/.sys/?getexe=pp.14.exe | 209.132.201.41 | cp287.mysite4now.com. | Koobface | - | 36066 |
| 2010/03/08_19:36 | undercoversquilting.com/.sys/?getexe=v2bloggerjs.exe | 209.132.201.41 | cp287.mysite4now.com. | Koobface | - | 36066 |
| 2010/03/08_19:36 | undercoversquilting.com/.sys/?getexe=v2captcha21.exe | 209.132.201.41 | cp287.mysite4now.com. | Koobface | - | 36066 |
| 2010/03/08_19:36 | undercoversquilting.com/.sys/?getexe=v2newblogger.exe | 209.132.201.41 | cp287.mysite4now.com. | Koobface | - | 36066 |
| 2010/03/08_19:36 | vivicohen.com.ar/.sys/?getexe=v2captcha21.exe | 200.62.54.122 | us22.toservers.com. | Koobface | -1 | 18747 |
| 2010/03/08_19:36 | whyviral.com/.sys/?getexe=v2captcha21.exe | 12.68.140.207 | - | Koobface | - | 46549 |
| 2010/03/08_19:36 | www.bastakigroup.com/.sys/?getexe=v2captcha21.exe | 66.223.111.166 | ns.thewoodexplorer.com. | Koobface | - | 11305 |
| 2010/03/08_19:36 | www.chateaudecoisse.com/.sys/?getexe=v2captcha21.exe | 207.150.212.12 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | www.comunicat-de-presa.ro/.sys/?getexe=v2captcha21.exe | 89.42.216.60 | server32.whmpanels.com. | Koobface | - | 5606 |
| 2010/03/08_19:36 | www.derekmohr.com/.sys/?getexe=v2captcha21.exe | 207.150.212.89 | - | Koobface | - | 20401 |
| 2010/03/08_19:36 | www.eom.it/.sys/?getexe=v2captcha21.exe | 195.225.236.90 | - | Koobface | - | 31239 |
| 2010/03/08_19:36 | www.fivestar.ch/.sys/?getexe=v2captcha21.exe | 77.72.71.43 | 043.lognet.ch. | Koobface | | 8404 |
| 2010/03/08_19:36 | www.its-email.co.uk/.sys/?getexe=v2bloggerjs.exe | 81.201.129.126 | 81.201.129.126.srvlist.ukfast.net. | Koobface | - | 8553 |
| 2010/03/08_19:36 | www.its-email.co.uk/.sys/?getexe=v2captcha21.exe | 81.201.129.126 | 81.201.129.126.srvlist.ukfast.net. | Koobface | - | 8553 |
| 2010/03/08_19:36 | www.nautiqa.com.sg/.sys/?getexe=v2bloggerjs.exe | 203.116.95.196 | - | Koobface | - | 4657 |
| 2010/03/08_19:36 | www.nautiqa.com.sg/.sys/?getexe=v2captcha21.exe | 203.116.95.196 | - | Koobface | - | 4657 |
| 2010/03/08_19:36 | www.pwsd1pc.org/.sys/?getexe=v2captcha21.exe | 207.192.234.27 | www.nemr.net. | Koobface | - | 33165 |
| 2010/03/08_19:36 | www.vallesina.tv/.sys/?getexe=v2captcha21.exe | 195.225.168.238 | - | Koobface | - | 31034 |
| 2010/03/08_19:36 | zihabit.com/.sys/?getexe=v2captcha21.exe | 208.87.242.66 | ant.unixbsd.info. | Koobface | - | 40676 |
| 2010/03/08_19:03 | dogshowonline.info/ldr/mdply3d.exe | 94.228.219.189 | - | trojan | Marek Mazur / Marek.Mazur@ymail.com | 47869 |
| 2010/03/08_19:03 | dogshowonline.info/ldr/pod.exe | 94.228.219.189 | - | trojan | Marek Mazur / Marek.Mazur@ymail.com | 47869 |
| 2010/03/08_19:03 | skyfleck.com/perfmonss.bin | 218.8.245.123 | - | trojan Refpron | Alexander Heuwinkel / wnje589@yahoo.com | 4837 |
| 2010/03/08_19:03 | catsshow2online.info/cln/?i_date=08-03-2010&aff_id=1&downloaded=&build_ver=2&os_ver=WIN_XP&debug=&fetches=0&cid=0xA594B3E11767F21050DE03DCB481E088 | 94.228.219.189 | - | malware calls home | Marek Mazur / Marek.Mazur@ymail.com | 47869 |
| 2010/03/08_19:03 | www.cfdnf.com/md.exe | 61.147.99.83 | - | trojan | Zhao Haibo / zihui8@vip.qq.com | 4134 |
| 2010/03/08_19:03 | dwlmorss.dw.funpic.de/probot.exe | 213.202.225.53 | 213.202.225.53.rdns.funpic.de. | trojan Killav | abuse@funpic.de | 13301 |
| 2010/03/08_19:03 | saleotu.com/get.php?id=1 | 62.122.75.42 | - | trojan | Private Whois Service h9ig5ay4b743bf796461@ahwyn0f4b73feacadaa2.privatewhois.net | 5577 |
| 2010/03/08_19:03 | www.978cf.com/fkz/yuyanzhe.exe | 61.155.170.30 | - | backdoor | caobaoqiao / 172626510@qq.com | 4134 |
| 2010/03/08_19:03 | www.scanerwhatever.cn/page2/setup01 | 91.212.132.8 | - | trojan TDSS | DuntonKristin / KristinDunton@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crcmds/main | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/knock.php | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/srcr.dat | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crcmds/install | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crfiles/serf | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crcmds/builds/bbr | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crfiles/bbr | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_19:03 | gotsick.cn/css/_void/crcmds/extra | 91.212.132.7 | - | malware calls home | LEMPENAUGEORGE / georgelem@xhotmail.net | 49091 |
| 2010/03/08_18:21 | gerbalaif.com/account | 91.213.174.9 | - | control panel of botnet C&C | goodys / abuseemaildhcp@gmail.com | 29106 |
| 2010/03/08_18:21 | arriviertes.com/rihBeufAQU917Xa.php?id=1&magic=405940736 | 91.213.174.3 | - | malware calls home | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/08_18:21 | whydaddy.biz/ | 91.213.174.9 | - | redirects to botnet control panel | Hillery Harris / refaerdomain@gmail.com | 29106 |
| 2010/03/08_18:21 | gerbalaif.com/knok.php?id=SYSTEM!82536A52D9654DB!083C3353&ver=3&up=2732& | 91.213.174.9 | - | botnet C&C | goodys / abuseemaildhcp@gmail.com | 29106 |
| 2010/03/08_15:21 | podmena.us/1100_0005.exe | 69.65.40.26 | cp05.buyhttp.com. | fake av | Alex Tramp / sh-kesha@ya.ru | 32181 |
| 2010/03/08_14:33 | openaskelisto.com/main1/open.gif | 85.12.46.22 | - | zeus/wsnpoem v2 config file | Hary / admin@asusufurmeh.com | 34305 |
| 2010/03/08_11:38 | - | 195.242.161.111/~chetir/chet/n.php | - | zeus/wsnpoem v2 drop zone | - | 47434 |
| 2010/03/08_11:38 | - | 95.143.192.35/~clients/version.php | - | zeus/wsnpoem v2 drop zone | - | 49770 |
| 2010/03/08_10:25 | papindos.info/checkVersions/database.dat | 85.12.46.7 | - | zeus/wsnpoem v2 config file | Shoen Overns / ovenersbox@yahoo.com | 34305 |
| 2010/03/08_10:25 | papindos.info/expertAds/FileMirror.php | 85.12.46.7 | - | zeus/wsnpoem v2 drop zone | Shoen Overns / ovenersbox@yahoo.com | 34305 |
| 2010/03/08_10:25 | bestreportwas142.in/urrla/c1.bin | 188.124.3.225 | static.vitalhosting.com.tr. | zeus/wsnpoem v2 config file | valeriy / rikollenis@gmail.com | 44565 |
| 2010/03/08_10:25 | bestreportwas142.in/urrla/hey.php | 188.124.3.225 | static.vitalhosting.com.tr. | zeus/wsnpoem v2 drop zone | valeriy / rikollenis@gmail.com | 44565 |
| 2010/03/08_10:25 | - | 193.105.0.211/royalkingston.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/08_10:25 | - | 193.105.0.211/rtr89i7uyt.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/08_10:25 | - | 193.105.0.211/njtrefg67i7.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/08_10:25 | usworldcast.com/100/cfg33.bin | 188.124.5.106 | static.vitalhosting.com.tr. | zeus/wsnpoem v2 config file | rekon / vin345686866664444@gmail.com | 44565 |
| 2010/03/08_10:25 | manyafa.com/m0933/stat1.php | 188.124.5.118 | static.vitalhosting.com.tr. | zeus/wsnpoem v2 drop zone | vin.bond@gmail.com | 44565 |
| 2010/03/08_10:25 | salebogs.com/scn/022e0c0781be117a248ab0dd5002e7bd/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d | 213.163.65.2 | hosted-by.i3d.net. | fake online Scanner | Fitah Ulaf / f.ulaf@hush.com | 49544 |
| 2010/03/08_10:25 | chephall.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 91.212.127.144 | - | trojan FakeSmoke | czw06nc4b90e8f4704a6@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/08_08:17 | milzvortex.info/gate.php | 69.175.66.34 | cl67.justhost.com. | zeus/wsnpoem v2 drop zone | Jonathan Kaufman / admin@naqzo.com | 32475 |
| 2010/03/08_08:11 | milzvortex.info/config.bin | 69.175.66.34 | cl67.justhost.com. | zeus/wsnpoem v2 config file | Jonathan Kaufman / admin@naqzo.com | 32475 |
| 2010/03/08_08:11 | milzvortex.info/bot.exe | 69.175.66.34 | cl67.justhost.com. | zeus/wsnpoem v2 trojan | Jonathan Kaufman / admin@naqzo.com | 32475 |
| 2010/03/07_21:37 | tieos.com/new/show.php | 85.17.90.206 | hosted-by.leaseweb.com. | NULLED/Fragus exploit kit | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_21:37 | tieos.com/new/admin.php | 85.17.90.206 | hosted-by.leaseweb.com. | control panel of NULLED/Fragus exploit kit | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_21:37 | tieos.com/new/post.php | 85.17.90.206 | hosted-by.leaseweb.com. | zeus/wsnpoem v2 trojan | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_20:58 | - | 193.105.0.101/hgbvfe5yju.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/07_20:58 | - | 193.105.0.101/kaspers.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/07_20:58 | - | 193.105.0.101/dfghnybtvj.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/07_20:58 | www.iiiiiiiiiiiiii.net/games/update.set | 203.174.83.98 | 203-174-83-98.rev.ne.com.sg. | zeus/wsnpoem v2 config file | Alexander A Reva / klimckoe@yahoo.com | 38001 |
| 2010/03/07_20:58 | www.iiiiiiiiiiiiii.net//games/update.php | 203.174.83.98 | 203-174-83-98.rev.ne.com.sg. | zeus/wsnpoem v2 drop zone | Alexander A Reva / klimckoe@yahoo.com | 38001 |
| 2010/03/07_20:58 | cpaos.com/new/viewtopic.php?s=7b5c3dff46 | 85.17.90.206 | hosted-by.leaseweb.com. | NULLED/Fragus exploit kit | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_20:58 | cpaos.com/new/admin.php | 85.17.90.206 | hosted-by.leaseweb.com. | control panel of NULLED/Fragus exploit kit | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_20:58 | cpaos.com/new/post.php | 85.17.90.206 | hosted-by.leaseweb.com. | trojan Oficla/Sasfis | Kabinkova Kristina / Kristina (kabinkovakristina@yahoo.com) | 16265 |
| 2010/03/07_20:58 | aafoocgv.cn/el2/index.php | 91.212.41.87 | - | Eleonore Exploits pack v1.3.3 | wang9619@163.com | 29371 |
| 2010/03/07_20:58 | aafoocgv.cn/el2/stat.php | 91.212.41.87 | - | control panel of Eleonore Exploits pack v1.3.3 | wang9619@163.com | 29371 |
| 2010/03/07_20:58 | aafoocgv.cn/el2/load/load.exe | 91.212.41.87 | - | trojan | wang9619@163.com | 29371 |
| 2010/03/07_20:58 | autotradersuk.net/arc/bb.php?v=200&id=554905388&b=0306les&tm=3 | 85.17.90.206 | hosted-by.leaseweb.com. | Oficla/Sasfis C&C | edininskovvaleriy@mail.com | 16265 |
| 2010/03/07_20:58 | topesuna.com/v2/out/flash_10_10.exe | 85.17.87.159 | - | trojan downloader | Kokovin Vladimir / Vladimir (kokovinvladimir@gmail.com) | 16265 |
| 2010/03/07_20:58 | rlosswe.com/win32.exe | 61.4.82.216 | - | trojan Kobcka | w8231058@163.com | 17964 |
| 2010/03/07_19:11 | ad0ra8ili7y.com/index.php?s=3e5cf2bce9808386868aa6270d6a7877 | 91.213.174.22 | - | Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | ad0ra8ili7y.com/stat.php | 91.213.174.22 | - | control panel of Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | ad0ra8ili7y.com/UT1Wf-l.php/2aaaa5cb544cf49656cb609d48407c88?spl=pdf_2022 | 91.213.174.22 | - | bot, C&C at volosanka.cn | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | aciraee.com/index.php?s=5ca68bcfbc2ecbdef4c1890bf1711876 | 91.213.174.14 | - | Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | aciraee.com/stat.php | 91.213.174.14 | - | Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | adidasmikey.com/index.php?s=3e5cf2bce9808386868aa6270d6a7877 | 91.213.174.22 | - | - | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | adidasmikey.com/stat.php | 91.213.174.22 | - | control panel of Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | www.ucheba.ru | 85.192.36.173 | 173.160-191.36.192.85.in-addr.arpa. | iframe directs to exploit kit | administrator@rdw.ru | 12695 |
| 2010/03/07_19:11 | aylmershotgun.com/index.php?s=1b9e7bf762c6f459848ec04d4390a33a | 91.213.174.22 | - | Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_19:11 | aylmershotgun.com/stat.php | 91.213.174.22 | - | control panel of Eleonore Exploits pack v1.3.2 | Nini Lee / ninilee@yahoo.com | 29106 |
| 2010/03/07_18:18 | horovod.in/soft/load.php?id=CNwdYyWTfvsmxDY&src=&requestID=sHVSkgmfwI | 188.124.16.18 | static.vit.com.tr. | trojan Hiloti | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:18 | horovod.in/soft/load.php?id=CNwdYyWTfvsmxDY&src=&requestID=tzrLKzfWDY | 188.124.16.18 | static.vit.com.tr. | fake av downloader | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:18 | horovod.in/soft/load.php?id=CNwdYyWTfvsmxDY&src=&requestID=fdJhxQSJOF | 188.124.16.18 | static.vit.com.tr. | trojan TDSS | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/ | 188.124.16.18 | static.vit.com.tr. | exploit kit | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/jar.jar | 188.124.16.18 | static.vit.com.tr. | java exploit | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/exe.php?src=&x=jas | 188.124.16.18 | static.vit.com.tr. | trojan | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/pdf.php?src= | 188.124.16.18 | static.vit.com.tr. | pdf exploit | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/exe.php?src=&x=mdac | 188.124.16.18 | static.vit.com.tr. | trojan | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_18:00 | kornoval.in/counter/exe.php?src=&x=snap | 188.124.16.18 | static.vit.com.tr. | trojan | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/ | 188.124.9.69 | static.vitalhosting.com.tr. | SEO Sploit kit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/stat.php | 188.124.9.69 | static.vitalhosting.com.tr. | control panel of SEO Sploit kit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/mdac.php | 188.124.9.69 | static.vitalhosting.com.tr. | mdac exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/newload.php?ids=MDAC | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/pdfadmnplay.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to pdf exploits | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/files/itisnogoclear.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/files/hardworkbreasts.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/loadpdf.php | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/konec.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/files/common.jar | 188.124.9.69 | static.vitalhosting.com.tr. | java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | mioanali.com/loadjavad.php?page=1 | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/ | 188.124.9.69 | static.vitalhosting.com.tr. | SEO Sploit kit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/stat.php | 188.124.9.69 | static.vitalhosting.com.tr. | control panel of SEO Sploit kit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/mdac.php | 188.124.9.69 | static.vitalhosting.com.tr. | mdac exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/newload.php?ids=MDAC | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/pdfadmnplay.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to pdf exploits | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/files/heardthatpolice.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/files/goofybeautiful.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/loadpdf.php | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/konec.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/files/common.jar | 188.124.9.69 | static.vitalhosting.com.tr. | java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:45 | arraysaw.net/loadjavad.php?page=1 | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_17:19 | solaruploader.com/46.exe | 188.124.9.56 | static.vitalhosting.com.tr. | trojan dropper | Nicole Kidman / bei978097804@gmail.com | 44565 |
| 2010/03/07_17:00 | fhjslk21.org/b/cfg275.bin | 61.61.20.134 | - | zeus/wsnpoem v2 config file | Hilary Kneber / hilarykneber@yahoo.com | 9918 |
| 2010/03/07_17:00 | fhjslk21.org/75/e.php | 61.61.20.134 | - | zeus/wsnpoem v2 drop zone | Hilary Kneber / hilarykneber@yahoo.com | 9918 |
| 2010/03/07_17:00 | salebotw.com/scn/7a3f4f13e300335dd0260efc4514fb1c/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d | 194.54.83.163 | 163.83.54.194.static.server.ua. | fake online Scanner | Fitah Ulaf / Pf.ulaf@hush.com | 41671 |
| 2010/03/07_17:00 | ottalfight.com/scn/0e65e06120d6c118331cbb7a896e7e5a/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d | 194.54.83.163 | 163.83.54.194.static.server.ua. | fake online Scanner | Martin Sterling / Martin.sterling@mail.com | 41671 |
| 2010/03/07_17:00 | cheaphgall.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 91.212.127.144 | - | trojan FakeSmoke | Private Whois Service jdjzh7v4b90e8ec9e775@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/07_17:00 | lettsoiol.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 91.212.127.144 | - | trojan FakeSmoke | Private Whois Service v4ubvba4b8fb9ea37c67@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/07_17:00 | trstcam.com/download/0540f0d2bb566d0ed0d80150e2b728ef/f85b7b377112c272bc87f3e73f10508d/4 | 91.212.127.144 | - | trojan FakeSmoke | Private Whois Service vfc9nzp4b7e775d3ef93@ahwyn0f4b73feacadaa2.privatewhois.net | 49087 |
| 2010/03/07_17:00 | www.antivpc.com/agaz17mgxagaz17mgx.htm?get=e0b399bd994a0556517f96487dd3ab29 | 212.150.147.46 | - | rogue av | Private Whois Service ie6re764b7440466e32b@ahwyn0f4b73feacadaa2.privatewhois.net | 1680 |
| 2010/03/07_17:00 | www.pcs-av.com/asvzgdwebasvzgdweb.htm?get=e0b399bd994a0556517f96487dd3ab29 | 212.150.147.46 | - | rogue av | acbu0he4b7440463f178@ahwyn0f4b73feacadaa2.privatewhois.net | 1680 |
| 2010/03/07_16:06 | www.scanerwhatever.cn/page2/setup | 91.212.132.8 | - | fake av | DuntonKristin / KristinDunton@xhotmail.net | 49091 |
| 2010/03/07_15:58 | n1ews.hermison.com/ | 200.63.44.247 | - | exploit kit | Jeff Anderson / skeletor71@comcast.net | 27716 |
| 2010/03/07_15:58 | n1ews.hermison.com/pdf.php | 200.63.44.247 | - | pdf exploit | Jeff Anderson / skeletor71@comcast.net | 27716 |
| 2010/03/07_15:58 | n1ews.hermison.com/nc.jar | 200.63.44.247 | - | java exploit | Jeff Anderson / skeletor71@comcast.net | 27716 |
| 2010/03/07_15:58 | n1ews.hermison.com/exe.php?spl=MDAC | 200.63.44.247 | - | trojan downloader | Jeff Anderson / skeletor71@comcast.net | 27716 |
| 2010/03/07_15:58 | n1ews.hermison.com/exe.php?spl=java | 200.63.44.247 | - | trojan downloader | Jeff Anderson / skeletor71@comcast.net | 27716 |
| 2010/03/07_15:58 | greatarray.com/ | 188.124.9.69 | static.vitalhosting.com.tr. | SEO Sploit pack | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/mdac.php | 188.124.9.69 | static.vitalhosting.com.tr. | MDAC exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/newload.php?ids=MDAC | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/pdfadmnplay.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/files/grindgrub.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/files/contrivenotconvergefusty.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/loadpdf.php | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/konec.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/files/gsb50.jar | 188.124.9.69 | static.vitalhosting.com.tr. | java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/files/common.jar | 188.124.9.69 | static.vitalhosting.com.tr. | java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:58 | greatarray.com/loadjavad.php | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/ | 188.124.9.69 | static.vitalhosting.com.tr. | SEO Sploit pack | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/admin.php | 188.124.9.69 | static.vitalhosting.com.tr. | control panel of SEO Sploit pack | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/mdac.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to mdac exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/newload.php?ids=MDAC | 188.124.9.69 | static.vitalhosting.com.tr. | dropper for several malware, e.g. Zeus | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/pdfadmnplay.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to pdf exploits | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/files/jivegood.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/files/suckcat.pdf | 188.124.9.69 | static.vitalhosting.com.tr. | pdf exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/konec.php | 188.124.9.69 | static.vitalhosting.com.tr. | directs to java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_15:34 | analitocs.com/files/common.jar | 188.124.9.69 | static.vitalhosting.com.tr. | java exploit | vin.bond@gmail.com | 44565 |
| 2010/03/07_12:32 | - | 193.105.0.23/gairichi.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.23/juytrert5h6.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.23/ynbhgbj65r.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.202/sandyx.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.202/ryjhtr78u.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.202/23iuyt.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.96/olimp.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.96/dfgerg46hh.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/07_12:32 | - | 193.105.0.96/rth4554ght.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/07_12:32 | - | 92.60.177.232/crypt_Rapport.exe | grusha-92-60-177-232.hostinghutor.com. | trojan | - | 15772 |
| 2010/03/07_11:36 | www.google-statistics-uk.com/jhtcd6u52nmTGHNQ25MUAym23GSajt2835JMhgsHJ735he.php | 61.4.82.216 | - | zeus/wsnpoem v2 drop zone | jeff anderson / skeletor71@comcast.net | 17964 |
| 2010/03/07_11:36 | aaa419.com/vv12218/mmmi1871.php | 61.4.82.249 | - | zeus/wsnpoem v2 drop zone | jeff anderson / skeletor71@comcast.net | 17964 |
| 2010/03/07_11:36 | socks5.real-host.ru/admins/index1.php | 92.60.176.41 | real-host.ru. | zeus/wsnpoem v2 drop zone | support@real-host.ru | 15772 |
| 2010/03/07_11:36 | www.gaddem.net/scam/gat.php | 61.4.82.222 | - | zeus/wsnpoem v2 drop zone | Pavel Pugachev / ya_whois@yandex.ru | 17964 |
| 2010/03/07_11:36 | logislat.com/zs/gate.php | 115.100.250.105 | - | zeus/wsnpoem v2 drop zone | Yu MingSuo / abuseemaildhcp@gmail.com | 9803 |
| 2010/03/07_11:36 | nordrilskre.com/cgi-binn/hitss.php | 124.217.239.158 | - | zeus/wsnpoem v2 drop zone | Alina Mazuka karlshening@yahoo.com | 45420 |
| 2010/03/07_11:36 | blacktraf.su/zevs/gate.php | 122.115.63.24 | netnic.com.cn. | zeus/wsnpoem v2 drop zone | dinontt@gmail.com | 9803 |
| 2010/03/07_11:36 | cam.rubberduck.ws/z28/access.php | 188.124.15.180 | static.vit.com.tr. | zeus/wsnpoem v2 drop zone | Rupert Dobre | 44565 |
| 2010/03/07_11:36 | centryfag.com/error/404.php | 216.12.207.250 | saturn.phpwebhosting.com. | zeus/wsnpoem v2 drop zone | Shane Betrue | 21844 |
| 2010/03/07_11:36 | narkyl.com/404/error.php | 198.66.210.22 | narkyl.com. | zeus/wsnpoem v2 drop zone | James Lonergan / nesquick01@safe-mail.net | 2914 |
| 2010/03/07_11:36 | ddknet.biz/hi/grate.php | 61.4.82.249 | - | zeus/wsnpoem v2 drop zone | contact@privacyprotect.org | 17964 |
| 2010/03/07_11:36 | olypoos.com/123/cgi-bin/gate.php | 115.100.250.105 | - | zeus/wsnpoem v2 drop zone | Real Host / abuseemaildhcp@gmail.com | 9803 |
| 2010/03/07_11:32 | tagbuckets.com/qwerty.exe | 91.201.28.58 | - | trojan | pusto-pusto@hotmail.com | 44107 |
| 2010/03/07_11:32 | unlockers122.info/ata.exe | 74.208.210.240 | perfora.net. | zeus/wsnpoem v2 trojan | elizabeth ch / allanos.bortos79@yahoo.com | 8560 |
| 2010/03/07_11:24 | ceffincf.com/fuama/show.php | 93.186.127.211 | static.vitalhosting.com.tr. | Fragus exploit kit | Albert Zeveritch / albertxxl@gmail.com | 44565 |
| 2010/03/07_11:24 | ceffincf.com/fuama/admin.php | 93.186.127.211 | static.vitalhosting.com.tr. | control panel of Fragus exploit kit | Albert Zeveritch / albertxxl@gmail.com | 44565 |
| 2010/03/07_11:24 | ceffincf.com/fuama/load.php?e=1 | 93.186.127.211 | static.vitalhosting.com.tr. | bot | Albert Zeveritch / albertxxl@gmail.com | 44565 |
| 2010/03/07_11:24 | mennlyndy.com/mendus/gate.php?magic=103410350001&ox=2-5-1-2600&tm=5&id=55167822&cache=2835167791&N=0 | 93.186.127.238 | static.vitalhosting.com.tr. | malware calls home | Albert Zeveritch / albertxxl@gmail.com | 44565 |
| 2010/03/07_11:24 | adpool-3.com/cgi-bin/npr/web/t_new.cgi?magic=103457470000;ox=2-5-1-2600;tm=60&id=-1&cache=1334208256 | 93.190.137.98 | - | malware calls home | Michael Voronin / info@wtsexp.com | 49981 |
| 2010/03/07_11:24 | globalhead.net/besvchst.exe | 74.127.7.8 | manashosting.biz. | trojan | none / nawaz.rahman@gmail.com | 7393 |
| 2010/03/07_11:24 | clipplaces.com/file.exe | 91.201.28.58 | - | trojan | pusto-pusto@hotmail.com | 44107 |
| 2010/03/07_11:24 | horovod.in/soft/exe/severa.exe | 188.124.16.18 | static.vit.com.tr. | fake av downloader | Sofia Grekova / sofiagrekova@yahoo.com | 44565 |
| 2010/03/07_11:24 | - | 95.143.192.161/phpen_hfkqkepaa.exe | - | fake av | - | 49770 |
| 2010/03/07_11:24 | i-want-u.ru/cgi-bin/click | 68.232.188.180 | 68.232.188.180.choopa.net. | NeoSploit | info@i-want-u.ru | 20473 |
| 2010/03/07_11:24 | rezervzv.ru/ele/index.php | 193.200.255.10 | s10.x-host.net.ua. | Eleonore Exploits pack v1.2 | fofkmh@mail.ru | 25456 |
| 2010/03/07_11:24 | rezervzv.ru/ele/stat.php | 193.200.255.10 | s10.x-host.net.ua. | control panel of Eleonore Exploits pack v1.2 | fofkmh@mail.ru | 25456 |
| 2010/03/07_11:24 | rezervzv.ru/ele/getexe.php?spl=mdac | 193.200.255.10 | s10.x-host.net.ua. | zeus/wsnpoem v2 trojan | fofkmh@mail.ru | 25456 |
| 2010/03/07_10:12 | www.grahamscaner.cn/page2/setup01 | 193.169.234.31 | - | trojan TDSS | RaymondiRick / RickRaymondi@xhotmail.net | 32181 |
| 2010/03/07_10:12 | www.grahamscaner.cn/page2/setup | 193.169.234.31 | - | trojan TDSS | RaymondiRick / RickRaymondi@xhotmail.net | 32181 |
| 2010/03/07_10:12 | www.stationsecurity.com/page2/setup01 | 91.212.127.86 | - | trojan TDSS | Markus Shishkas / MarkusShishkas@gmail.com | 49087 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crcmds/main | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | www.stationsecurity.com/page2/setup | 91.212.127.86 | - | trojan TDSS | Markus Shishkas / MarkusShishkas@gmail.com | 49087 |
| 2010/03/07_10:12 | findreliable.org/css/_void/knock.php | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/srcr.dat | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crcmds/install | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crfiles/serf | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crcmds/builds/bbr | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crfiles/bbr | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | findreliable.org/css/_void/crcmds/extra | 92.48.91.147 | 92-48-91-147.static.as29550.net. | malware calls home | Lee Majmin / leemajmin@xhotmail.net | 29550 |
| 2010/03/07_10:12 | - | 188.124.15.228/sw/8654/03010/0/4b9b3fc6-c42b-3fc6-3fc6-36710fa08b69/e6bb2271-a00e-4d35-b148-2c503fd58837/x.dat | static.vit.com.tr. | - | - | 44565 |
| 2010/03/07_10:12 | abc.ispesk.com/a3.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | Adware Cinmus | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a4.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | Adware Cinmus | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a5.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a7.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan downloader Saffle | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a8.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan OnlinesGames | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a9.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | Adware Rugo | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a10.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a11.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan OnlinesGames | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/a12.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | trojan downloader | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | abc.ispesk.com/tjn/2.exe | 98.126.132.252 | ALBANIAMIX.NET.132.126.98.in-addr.arpa. | backdoor | ming li / hetao160@163.com | 4213 |
| 2010/03/07_10:12 | dd6s.zhuhc.cn:62518/jqk8.exe | 219.235.3.13 | host-219-235-3-13.iphost.gotonets.com. | trojan dropper Wansrog | 8026151@qq.com | 4812 |
| 2010/03/07_10:12 | dd6s.zhuhc.cn:62518/ken12.exe | 219.235.3.13 | host-219-235-3-13.iphost.gotonets.com. | trojan downloader Liwak | 8026151@qq.com | 4812 |
| 2010/03/07_09:53 | aa419.ru/doc2.doc | 85.12.24.16 | - | zeus/wsnpoem v2 config file | aa419.ru@r01-service.ru | 34305 |
| 2010/03/07_09:53 | austinme.com/media/23/cfg.bin | 74.208.10.2 | s171042742.onlinehome.us. | zeus/wsnpoem v2 config file | proxy804103@1and1-private-registration.com | 8560 |
| 2010/03/07_09:53 | greatuk.org/tt/cfg/config.bin | 193.104.22.100 | - | zeus/wsnpoem v2 config file | Hilary Kneber / hilarykneber@yahoo.com | 34305 |
| 2010/03/07_09:28 | - | 195.242.161.111/~chetir/chet/bm.png | - | zeus/wsnpoem v2 config file | - | 47434 |
| 2010/03/07_09:28 | - | 91.201.196.37/ahGi5E.weoG3e | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.37/mai9Oo.exe | - | zeus/wsnpoem v2 trojan | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.38/ahGi5E.weoG3e | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/eiH8zi.Nai9ee | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/Hoo0Ae.exe | - | zeus/wsnpoem v2 trojan | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/Iet4uh.exe | - | zeus/wsnpoem v2 trojan | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/IWool8.OoN7ze | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/kee3aC.aey5Ch | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.76/Kohke1.exe | - | zeus/wsnpoem v2 trojan | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.77/eiH8zi.Nai9ee | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.77/IWool8.OoN7ze | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 91.201.196.77/kee3aC.aey5Ch | - | zeus/wsnpoem v2 config file | - | 42229 |
| 2010/03/07_09:28 | - | 95.143.192.35/~clients/c/o/compliteOS.bin | - | zeus/wsnpoem v2 config file | - | 49770 |
| 2010/03/07_09:28 | - | 95.143.192.35/~clients/m/s/msi32.exe | - | zeus/wsnpoem v2 trojan | - | 49770 |
| 2010/03/07_09:28 | aaa419.com/vv12218/calc.exe | 61.4.82.249 | - | zeus/wsnpoem v2 trojan | jeff anderson / skeletor71@comcast.net | 17964 |
| 2010/03/07_09:28 | blacktraf.su/zevs/bot.exe | 122.115.63.24 | netnic.com.cn. | zeus/wsnpoem v2 trojan | dinontt@gmail.com | 9803 |
| 2010/03/07_09:28 | blacktraf.su/zevs/cfg.bin | 122.115.63.24 | netnic.com.cn. | zeus/wsnpoem v2 config file | dinontt@gmail.com | 9803 |
| 2010/03/07_09:28 | cargounioninc.com/digit_alianse/ttt_makkopolo/GXzinExUBZDA8.bin | 59.53.91.102 | - | zeus/wsnpoem v2 config file | rouse@freemailbox.ru | 4134 |
| 2010/03/07_09:28 | centryfag.com/error/header.png | 216.12.207.250 | saturn.phpwebhosting.com. | zeus/wsnpoem v2 config file | Shane Betrue | 21844 |
| 2010/03/07_09:28 | ioretiop.com/oy/o/vs.bin | 122.115.63.30 | netnic.com.cn. | zeus/wsnpoem v2 config file | Todd Echols moonbeam@konocti.net | 9803 |
| 2010/03/07_09:28 | logislat.com/zs/bot.exe | 115.100.250.105 | - | zeus/wsnpoem v2 trojan | Yu MingSuo / abuseemaildhcp@gmail.com | 9803 |
| 2010/03/07_09:28 | lopokerasandco.hk/files/a.out | 91.212.41.89 | - | zeus/wsnpoem v2 config file | domain@now.net.cn | 29371 |
| 2010/03/07_09:28 | narkyl.com/404/db_arch_01.exe | 198.66.210.22 | narkyl.com. | zeus/wsnpoem v2 trojan | James Lonergan / nesquick01@safe-mail.net | 2914 |
| 2010/03/07_09:28 | narkyl.com/404/header.png | 198.66.210.22 | narkyl.com. | zeus/wsnpoem v2 config file | James Lonergan / nesquick01@safe-mail.net | 2914 |
| 2010/03/07_09:28 | olypoos.com/123/cgi-bin/config.bin | 115.100.250.105 | - | zeus/wsnpoem v2 config file | Real Host / abuseemaildhcp@gmail.com | 9803 |
| 2010/03/07_09:28 | socks5.real-host.ru/admins/535345345435535.bin | 92.60.176.41 | real-host.ru. | zeus/wsnpoem v2 config file | support@real-host.ru | 15772 |
| 2010/03/07_09:28 | socks5.real-host.ru/admins/update.exe | 92.60.176.41 | real-host.ru. | zeus/wsnpoem v2 trojan | support@real-host.ru | 15772 |
| 2010/03/07_09:28 | umor.sumy.ua/lx.cfg | 66.197.160.245 | 66-197-160-245.hostnoc.net. | zeus/wsnpoem v2 config file | shumov.sergey@gmail.com | 21788 |
| 2010/03/07_09:28 | www.google-statistics-uk.com/Y5v20t6Fdw7t3uT.bin | 61.4.82.216 | - | zeus/wsnpoem v2 config file | jeff anderson / skeletor71@comcast.net | 17964 |
| 2010/03/07_09:28 | z.sunbon.net/gate.php | 119.42.150.43 | 43.1-255.150.42.119.in-addr.arpa. | zeus/wsnpoem v2 drop zone | china com / 123@34.com | 45753 |
| 2010/03/07_09:28 | z.sunbon.net/z.exe | 119.42.150.43 | 43.1-255.150.42.119.in-addr.arpa. | zeus/wsnpoem v2 trojan | china com / 123@34.com | 45753 |
| 2010/03/07_09:28 | z.sunbon.net/z/cfg.bin | 119.42.150.43 | 43.1-255.150.42.119.in-addr.arpa. | zeus/wsnpoem v2 config file | china com / 123@34.com | 45753 |
| 2010/03/07_09:23 | thundhack7.ref-host.com/cfg.bin | 93.174.93.11 | hosting1.nl.santrex.net. | zeus/wsnpoem v2 config file | ref-host.com@protecteddomainservices.com | 29073 |
| 2010/03/07_09:23 | thundhack7.ref-host.com/gate.php | 93.174.93.11 | hosting1.nl.santrex.net. | zeus/wsnpoem v2 drop zone | ref-host.com@protecteddomainservices.com | 29073 |
| 2010/03/07_09:23 | thundhack7.ref-host.com/bt.exe | 93.174.93.11 | hosting1.nl.santrex.net. | zeus/wsnpoem v2 trojan | ref-host.com@protecteddomainservices.com | 29073 |
| 2010/03/06_23:05 | tttbbbttt.ru/z/config.bin | 95.31.234.3 | 95-31-234-3.broadband.corbina.ru. | zeus/wsnpoem v2 config file | shurikmailru@mail.ru | 8402 |
| 2010/03/06_23:05 | tttbbbttt.ru/z/svhost.exe | 95.31.234.3 | 95-31-234-3.broadband.corbina.ru. | zeus/wsnpoem v2 trojan | shurikmailru@mail.ru | 8402 |
| 2010/03/06_23:05 | tttbbbttt.ru/z/gate.php | 95.31.234.3 | 95-31-234-3.broadband.corbina.ru. | zeus/wsnpoem v2 drop zone | shurikmailru@mail.ru | 8402 |
| 2010/03/06_23:05 | www.austinme.com/media/23/cfg.bin | 74.208.10.2 | s171042742.onlinehome.us. | zeus/wsnpoem v2 config file | proxy804103@1and1-private-registration.com | 8560 |
| 2010/03/06_23:05 | www.austinme.com/media/23/setup.exe | 74.208.10.2 | s171042742.onlinehome.us. | zeus/wsnpoem v2 trojan | proxy804103@1and1-private-registration.com | 8560 |
| 2010/03/06_23:05 | www.freedose.info/webbinder/binder2.bin | 88.191.17.26 | sd-2179.dedibox.fr. | zeus/wsnpoem v2 config file | anthony fiore / janekobywad@gmail.com | 12322 |
| 2010/03/06_23:05 | www.sicha-linna.com/brigus_saloma/prts.exe | 61.235.117.77 | - | zeus/wsnpoem v1 trojan | Alexey Vinyaev / stay@bigmailbox.ru | 9394 |
| 2010/03/06_23:05 | www.sicha-linna.com/brigus_saloma/s.php | 61.235.117.77 | - | zeus/wsnpoem v1 drop zone | Alexey Vinyaev / stay@bigmailbox.ru | 9394 |
| 2010/03/06_23:05 | ygyg.net/cc/cfg.bin | 70.84.62.194 | gator15.hostgator.com. | zeus/wsnpoem v1 config file | 5375b2ddb4b85d7a6120bb7dea1336f3-353092@contact.gandi.net | 21844 |
| 2010/03/06_22:13 | fiwzv.net/cms/cfg2.bin | 89.187.37.30 | host30-37.monitoring.md. | zeus/wsnpoem v2 config file | Oleg Lojko oleg.loyko@yahoo.com | 25129 |
| 2010/03/06_22:13 | fiwzv.net/cms/gate.php | 89.187.37.30 | host30-37.monitoring.md. | zeus/wsnpoem v2 drop zone | Oleg Lojko oleg.loyko@yahoo.com | 25129 |
| 2010/03/06_20:42 | bombozzz.com/bugaga/buga.exe | 122.115.63.8 | netnic.com.cn. | zeus/wsnpoem v2 trojan | abuseemaildhcp@gmail.com | 9803 |
| 2010/03/06_20:42 | bombozzz.com/newstart/botopriem.php | 122.115.63.8 | netnic.com.cn. | zeus/wsnpoem v2 drop zone | abuseemaildhcp@gmail.com | 9803 |
| 2010/03/06_20:42 | bombozzz.com/bugaga/bugaga.bin | 122.115.63.8 | netnic.com.cn. | zeus/wsnpoem v2 config file | abuseemaildhcp@gmail.com | 9803 |
| 2010/03/06_20:04 | motoavto.limewebs.com/serv/web/cn/config.bin | 64.90.182.181 | hfree001.limedomains.com. | zeus/wsnpoem v2 config file | zeus@limedomains.com | 11403 |
| 2010/03/06_20:04 | motoavto.limewebs.com/serv/web/gate.php | 64.90.182.181 | hfree001.limedomains.com. | zeus/wsnpoem v2 drop zone | zeus@limedomains.com | 11403 |
| 2010/03/06_20:04 | zeussave.comuv.com/cn/config.bin | 216.108.235.169 | serverpoint.com. | zeus/wsnpoem v2 config file | - | 26277 |
| 2010/03/06_20:04 | eurosport.ueuo.com/web/cn/config.bin | 216.245.218.246 | users.u.hosting.free. | zeus/wsnpoem v2 config file | FreeWebHostingArea.com / FreeWebHostingArea.com (support@freewha.com) | 46475 |
| 2010/03/06_13:08 | nordrilskre.com/cgi-binn/kisme.bin | 124.217.239.158 | - | zeus/wsnpoem v2 config file | Alina Mazuka karlshening@yahoo.com | 45420 |
| 2010/03/06_11:47 | romms.in/2/load/player_update.exe | 188.124.9.38 | static.vitalhosting.com.tr. | rootkit TDSS | James J Trump / jessica357ass@gmail.com | 44565 |
| 2010/03/06_11:31 | gamevery1.ru/s3/ | 217.23.8.72 | - | exploit kit | gfhe4556h@yahoo.com | 49981 |
| 2010/03/06_11:31 | gamevery1.ru/s3/file.php?spl=00md | 217.23.8.72 | - | bot, C&C located on volosanka.cn | gfhe4556h@yahoo.com | 49981 |
| 2010/03/06_11:31 | gamevery1.ru/s2/ | 217.23.8.72 | - | exploit kit | gfhe4556h@yahoo.com | 49981 |
| 2010/03/06_11:31 | gamevery1.ru/s2/file.php?spl=00md | 217.23.8.72 | - | bot, C&C located on volosanka.cn | gfhe4556h@yahoo.com | 49981 |
| 2010/03/06_11:11 | ioretiop.com/eet/eoeo/o.php | 122.115.63.30 | netnic.com.cn. | zeus/wsnpoem v2 drop zone | Todd Echols moonbeam@konocti.net | 9803 |
| 2010/03/06_11:02 | ioretiop.com/r/a/upd5.bin | 122.115.63.30 | netnic.com.cn. | zeus/wsnpoem v2 config file | Todd Echols moonbeam@konocti.net | 9803 |
| 2010/03/06_11:02 | www.doctormiler.com/imagesflash/index.php | 91.212.41.14 | - | zeus/wsnpoem v2 drop zone | Kris Miller cheburaskogro@yahoo.com | 29371 |
| 2010/03/06_10:54 | www.greatuk.org/tt/cfg/config.bin | 193.104.22.100 | - | zeus/wsnpoem v2 config file | Hilary Kneber / hilarykneber@yahoo.com | 34305 |
| 2010/03/06_10:54 | www.greatuk.org/tt/bot/bot.exe | 193.104.22.100 | - | zeus/wsnpoem v2 trojan | Hilary Kneber / hilarykneber@yahoo.com | 34305 |
| 2010/03/06_10:54 | www.greatuk.org/tt/gt.php | 193.104.22.100 | - | zeus/wsnpoem v2 drop zone | Hilary Kneber / hilarykneber@yahoo.com | 34305 |
| 2010/03/06_10:54 | - | 122.115.63.32/gus/td | netnic.com.cn. | zeus/wsnpoem v2 config file | - | 9803 |
| 2010/03/06_10:54 | - | 122.115.63.32/gus/windir.exe | netnic.com.cn. | zeus/wsnpoem v2 trojan | - | 9803 |
| 2010/03/06_10:54 | - | 124.217.230.39/~ddusa/7tImddbTH8HY.php | - | zeus/wsnpoem v2 drop zone | - | 45839 |
| 2010/03/06_10:54 | abouttraffic.net/news/dim.exe | 95.143.192.59 | - | zeus/wsnpoem v2 trojan | Vladislav Grenich / fob@freemailbox.ru | 49770 |
| 2010/03/06_09:34 | video-info.info/show.php | 91.212.41.88 | - | directs to trojan | Johoske George / videinfo@gmail.com | 29371 |
| 2010/03/06_09:34 | tubetechltd.com/xplay.php?id=40018 | 66.45.255.226 | reverse255-226.reserver.ru. | directs to trojan | Ralph L Furr / furr@chemist.com | 19318 |
| 2010/03/06_09:34 | greatmultimediaservices.com/video-plugin.40018.exe | 1.1.1.1 | - | trojan | James Yeung / yeung@counsellor.com | 36561 |
| 2010/03/06_09:18 | cargoworldexchange.com/trendi_duglas/iojfiowejfio/tytorials.bin | 91.212.41.88 | - | zeus/wsnpoem v2 config file | Valeriy Dmitrievich Konstan / admin@cargoworldexchange.com | 29371 |
| 2010/03/06_00:44 | herewereytinj.com/tera/sv777/ | 58.23.64.240 | - | Eleonore Exploits pack v1.3.2 | contact@privacyprotect.org | 4837 |
| 2010/03/06_00:44 | herewereytinj.com/tera/sv777/stat.php | 58.23.64.240 | - | control panel of Eleonore Exploits pack v1.3.2 | contact@privacyprotect.org | 4837 |
| 2010/03/06_00:44 | herewereytinj.com/tera/sv777/load.php?spl=pdf_pack | 58.23.64.240 | - | backdoor Hodprot | contact@privacyprotect.org | 4837 |
| 2010/03/06_00:44 | tomorrrrow.cn/loader/bb.php?v=200&id=636608811&b=0196019827&tm=2 | 122.115.63.57 | netnic.com.cn. | Oficla/Sasfis C&C | Real Host / abuseemaildhcp@gmail.com | 9803 |
| 2010/03/06_00:19 | vcipo.info/cgi-bin/login.htm | 74.118.192.166 | - | NeoSploit, payload fake av | a05e0d353ba24a34a899eefb9882f932.protect@whoisguard.com | 46664 |
| 2010/03/05_21:56 | av-guru.net | 79.135.152.5 | 5.152.135.79.microlines.lv. | Rogue AV | Semen Orokov / admin@av-guru.net | 2588 |
| 2010/03/05_21:56 | avcommand.net | 79.135.152.5 | 5.152.135.79.microlines.lv. | Rogue AV | Tatjana Lozova / admin@avcommand.net | 2588 |
| 2010/03/05_21:56 | softcoregroup.com | 79.135.152.5 | 5.152.135.79.microlines.lv. | Rogue AV | Vitaliy Rozov / admin@softcoregroup.com | 2588 |
| 2010/03/05_21:20 | ablegang.com/master/bb.php?id=465538349&v=200&tm=2&b=ruslann | 91.207.192.23 | - | Oficla/Sasfis C&C | contact@privacyprotect.org | 9269 |
| 2010/03/05_21:09 | cargounioninc.com/digit_alianse/gigager/morstils.php | 59.53.91.102 | - | zeus/wsnpoem v2 drop zone | rouse@freemailbox.ru | 4134 |
| 2010/03/05_21:09 | cargounioninc.com/digit_alianse/ttt_makkopolo/yJaILxquGyq3jeP.exe | 59.53.91.102 | - | zeus/wsnpoem v2 trojan | rouse@freemailbox.ru | 4134 |
| 2010/03/05_21:09 | cargoworldexchange.com/trendi_duglas/mama_geras/babilon.php | 91.212.41.88 | - | zeus/wsnpoem v2 drop zone | Valeriy Dmitrievich Konstan / admin@cargoworldexchange.com | 29371 |
| 2010/03/05_21:00 | - | 193.105.0.85/uj65vrev.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/05_21:00 | - | 193.105.0.85/scratkey.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/05_21:00 | - | 193.105.0.85/dfh7445.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/05_20:25 | inroyal.info/fps/bb.php?v=200&id=482651473&b=semen&tm=5 | 122.115.63.35 | netnic.com.cn. | Oficla/Sasfis C&C | Andrey Aleksandrovich Polev / o00o.code@gmail.com | 9803 |
| 2010/03/05_20:20 | puthere.info/fps/bb.php?v=200&id=482651443&b=semen&tm=5 | 122.115.63.35 | netnic.com.cn. | Oficla/Sasfis C&C | Bozvanovna L Olegovna / helukausa@yahoo.com | 9803 |
| 2010/03/05_19:17 | grepsync.com/ | 86.57.246.177 | by104.activeby.net. | ftp drop zone for stolen documents | NOSPAM ASSOCIATION / domains@atservers.com | 6697 |
| 2010/03/05_16:53 | castellanasportsclub.com/modules/mod_poll/5/in.php | 74.55.38.242 | svr96.edns1.com. | exploit kit | CASTELLANASPORTSCLUB.COM / fvm@castellanasportsclub.com | 21844 |
| 2010/03/05_16:53 | castellanasportsclub.com/modules/mod_poll/5/pdfNode.php | 74.55.38.242 | svr96.edns1.com. | pdf exploit | CASTELLANASPORTSCLUB.COM / fvm@castellanasportsclub.com | 21844 |
| 2010/03/05_16:53 | castellanasportsclub.com/modules/mod_poll/5/load.php?id=1 | 74.55.38.242 | svr96.edns1.com. | zeus/wsnpoem v2 trojan | CASTELLANASPORTSCLUB.COM / fvm@castellanasportsclub.com | 21844 |
| 2010/03/05_16:23 | adobeserverupdate.com/ezik.bin | 64.20.52.218 | - | zeus/wsnpoem v2 config file | Gary Cowan | 19318 |
| 2010/03/05_16:23 | adobeserverupdate.com/gate.php | 64.20.52.218 | - | zeus/wsnpoem v2 drop zone | Gary Cowan | 19318 |
| 2010/03/05_13:03 | samsonite-shop.cz/photos/images/0.exe | 88.146.119.130 | archie.thinline.cz. | zeus/wsnpoem v2 trojan | info@etasky.cz | 6706 |
| 2010/03/05_13:02 | antiviruspc-update.com/setup1.exe | 91.210.173.25 | lc-b25.lorercorp.com. | fake av | - | 48588 |
| 2010/03/05_13:02 | mydevnet.ca/zTw6Q50392.exe | 216.157.148.192 | hsphere.cc. | trojan Hiloti | - | 16557 |
| 2010/03/05_13:02 | yougoodvideo.net/exe/change.exe | 122.115.63.24 | netnic.com.cn. | trojan Alureon | contact@privacyprotect.org | 9803 |
| 2010/03/05_13:02 | - | 92.60.177.238/file.exe | grusha-92-60-177-238.hostinghutor.com. | trojan Oficla/Sasfis | - | 15772 |
| 2010/03/05_12:28 | - | 89.149.254.182/cache/anime6/cl.exe | 89-149-254-182.local. | backdoor Hupigon, C&C 89.149.244.208/wm.php | - | 28753 |
| 2010/03/05_11:39 | nsboxdownblodmids.com/s/gate.php?magic=105910600001&ox=2-5-1-2600&tm=1&id=91723646&cache=1971623625&N=0 | 188.124.7.243 | static.vitalhosting.com.tr. | malware calls home | shilovvladimir77@gmail.com | 44565 |
| 2010/03/05_11:39 | updatesupportsystem.com/update/gate.php?magic=103310350001&ox=2-5-1-2600&tm=2&id=1907106991&cache=&N=0 | 188.124.5.10 | static.vitalhosting.com.tr. | malware calls home | Daria Inozemtseva / ouch@maillife.ru | 44565 |
| 2010/03/05_09:28 | - | 193.105.0.210/revoltver.bin | - | zeus/wsnpoem v2 config file | - | 50390 |
| 2010/03/05_09:28 | - | 193.105.0.210/antweprer.exe | - | zeus/wsnpoem v2 trojan | - | 50390 |
| 2010/03/05_09:28 | - | 193.105.0.210/huizhu.php | - | zeus/wsnpoem v2 drop zone | - | 50390 |
| 2010/03/05_09:11 | aeroninc.com/tytorials.bin | 115.100.250.105 | - | zeus/wsnpoem v2 config file | Oksana Boyko / sperm@corporatemail.ru | 9803 |
| 2010/03/05_09:11 | secline999.net/999.exe | 195.78.108.70 | - | zeus/wsnpoem v2 trojan | jeff anderson / skeletor71@comcast.net | 49544 |
| 2010/03/05_09:11 | inasss.info/_etc/pt.php | 122.115.63.9 | netnic.com.cn. | zeus/wsnpoem v2 drop zone | Andrey Aleksandrovich Polev / o00o.code@gmail.com | 9803 |
| 2010/03/05_09:11 | www.whoismak.net/whois/index.php | 91.212.41.13 | - | zeus/wsnpoem v2 drop zone | Steve Park stvpark1970@yahoo.com | 29371 |
| 2010/03/05_09:11 | shop.ccomp.cz/images/zs/brama.php | 80.95.108.218 | smtp.poslimail.cz. | zeus/wsnpoem v2 drop zone | CRACK Computers, s.r.o. / info@crackcomputers.com | 21435 |
| 2010/03/05_09:07 | usworldcast.com/100/cfg3.bin | 188.124.5.106 | static.vitalhosting.com.tr. | zeus/wsnpoem v2 config file | rekon / vin345686866664444@gmail.com | 44565 |
| 2010/03/05_09:07 | promolistings.net/nulled/help.txt | 61.4.82.249 | - | zeus/wsnpoem v2 config file | jeff anderson / williamashley40@yahoo.com | 17964 |
| 2010/03/05_09:07 | promolistings.net/nulled/game.exe | 61.4.82.249 | - | zeus/wsnpoem v2 trojan | jeff anderson / williamashley40@yahoo.com | 17964 |
| 2010/03/05_09:07 | promolistings.net/nulled/gate.php | 61.4.82.249 | - | zeus/wsnpoem v2 drop zone | jeff anderson / williamashley40@yahoo.com | 17964 |
| 2010/03/05_01:39 | wrapp.info/setup_build13401.php?cmd=getFile&counter=1&data=MigHWF5yDVUgETFIU6Rtbzdd8x9KMFBwb01vAlh7UyVyUyOxpUHX3gPSaD4AMfk%3D | 193.169.235.5 | - | fake av | Vitalij Tiaskevic / stormpayclicker@gmail.com | 32181 |