clean mx's daily dirt

Malware Related > Malicious Domains

<< < (605/606) > >>

cleanmx:
upto 2012-02-09 15:02:06 CET online data http://support.clean-mx.de/clean-mx/viruses.php?sort=id%20desc&response=alive
rss-feed: http://support.clean-mx.de/clean-mx/rss?scope=viruses
twitter: http://twitter.com/CleanmxMalware

--- Code: ---+---------------------+-------------+------------+-----------------------------------+---------------+---------+-----------------+--------------------------+---------+--------+-----------------+----------------------------------+--------------------------------------------------------------+
| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |
+---------------------+-------------+------------+-----------------------------------+---------------+---------+-----------------+--------------------------+---------+--------+-----------------+----------------------------------+--------------------------------------------------------------+
| 2012-02-09 14:41:19 | sub16 | undef | unknown_exe | 0/43 (0.0%) | AS40676 | 173.224.211.174 | noc@psychz.net | US | ARIN | PSYCHZ-NETWORKS | 9d07c95012a3cd9fa80faf47cc00e782 | http://www.ifreeconverter.com/download/dvdtoflvconverter.exe |
| 2012-02-09 14:41:19 | sub16 | trendmicro | TROJ_FETIBAR.B | 25/40 (62.5%) | AS8560 | 74.208.31.229 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 58a66f385e3b2cb68cd221d25157abf7 | http://www.powersearchtool.com/ie/PowerSearchTool.exe |
| 2012-02-09 15:00:05 | sub16 | undef | unknown_html_RFI_php | 0/42 (0.0%) | AS7506 | 210.172.144.27 | warita@gmo.jp | JP | APNIC | INTERQ | fafa86ef849d8dfbd5a69af2fc80995c | http://asakusa-kagetudo.com/ |
| 2012-02-09 15:00:48 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS43239 | 91.196.216.99 | abuse@specenergo2.ru | RU | RIPE | SPETSENERGO-NET | 741bcb155ba114b3329cd85205976062 | http://rbixtmlx.ninth.biz/content/adp1.php?f=16 |
| 2012-02-09 15:01:50 | sub1 | undef | unknown_exe | 3/40 (7.5%) | AS32244 | 69.167.181.201 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | 03dd31fc3faca182bd4c0dec23274254 | http://www.timansley.com/bigweb/pw.exe |
| 2012-02-09 15:02:06 | sub1 | avira | BDS/Backdoor.Gen3 | 9/40 (22.5%) | AS32613 | 70.38.98.238 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | 4768d665ed314329aea1bfbc34600e72 | http://img104.herosh.com/2012/02/08/776435609.gif |
| 2012-02-09 15:02:06 | sub1 | avira | BDS/Backdoor.Gen3 | 8/40 (20%) | AS32613 | 70.38.98.237 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | 3660f18d2e80368c33ee9b9beca2825f | http://img103.herosh.com/2012/02/08/733842456.gif |
| 2012-02-09 15:02:06 | sub1 | avira | BDS/Backdoor.Gen3 | 7/39 (17.9%) | AS32613 | 70.38.98.237 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-05 | f4e7296cdfe6770857143e250beabb97 | http://img103.herosh.com/2012/02/08/366399772.gif |
+---------------------+-------------+------------+-----------------------------------+---------------+---------+-----------------+--------------------------+---------+--------+-----------------+----------------------------------+--------------------------------------------------------------+
8 rows in set (0.03 sec)

--- End code ---

cleanmx:
upto 2012-02-09 19:02:20 CET online data http://support.clean-mx.de/clean-mx/viruses.php?sort=id%20desc&response=alive
rss-feed: http://support.clean-mx.de/clean-mx/rss?scope=viruses
twitter: http://twitter.com/CleanmxMalware

--- Code: ---+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |
+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 2012-02-09 15:20:07 | sub16 | Jiangmin | Backdoor/Bifrose.ccu | 1/40 (2.5%) | AS30496 | 207.7.88.33 | noc@privatesystems.net | US | ARIN | PRIVATE-3 | efc1147ee26de53482daf9036c105c1d | http://ecran-de-veille.org/setup-mannequin-ev-scr.exe |
| 2012-02-09 15:25:13 | sub16 | Antiy_AVL | Trojan/win32.agent | 14/43 (32.6%) | AS24469 | 202.146.212.15 | abuse@netquadrant.com | AU | APNIC | NETQ-SYD | 2dc6c2d50864cf2933b788f5e6a4c1a9 | http://www.agepensionsolutions.com.au/calculator.html |
| 2012-02-09 15:40:05 | sub10 | avira | DR/AutoRun.bevq | 31/43 (72.1%) | AS51975 | 46.151.211.5 | k@nn.com.sa | SA | RIPE | NASHIR-NET | 3f5792f96632f4ef6504f7ea8c3c93c0 | http://mozon.org/MostsharPro38Setup.exe |
| 2012-02-09 15:40:05 | sub10 | avira | BDS/Backdoor.Gen | 34/43 (79.1%) | AS47815 | 94.125.71.79 | mangold@server-ware.com | DE | RIPE | SW-MARJANOVIC-NET | 232ba2094947f7c54ab35c457c6cb670 | http://number1.pytalhost.at/admin/uploads/dc.exe |
| 2012-02-09 15:40:05 | sub15 | CAT_QuickHeal | (Suspicious) - DNAScan | 7/42 (16.7%) | AS31034 | 62.149.140.124 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 000a31a1845bc21c080793e385c71f3e | http://www.lacortigianadelre.it/cache/mod_login/upper1.exe |
| 2012-02-09 15:40:12 | sub16 | undef | unknown_html_RFI_php | 0/43 (0.0%) | AS12595 | 212.12.112.25 | hostmaster@expressmedia.de | DE | RIPE | DE-EXPRESSMEDIA-NET2 | bd6f08c2376a84b6a5ee21e1f9375fc4 | http://reishus.de/ |
| 2012-02-09 15:40:12 | sub16 | avira | HTML/Afreim.W | | AS30890 | 94.60.32.118 | abuse@evolva.ro | RO | RIPE | RO-EVOLVA-20080623 | 261530c84fe167119125473c4b826d52 | http://remorcicomerciale.ro/ |
| 2012-02-09 15:40:20 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS26921 | 74.121.225.202 | abuse@cybersharks.net | US | ARIN | CYBERSHARKS | 42751be2720742eee1c3ea031737fd0e | http://whatsupgreenville.com/ |
| 2012-02-09 15:50:07 | sub16 | undef | unknown_html_RFI_shell | | AS44652 | 93.93.116.44 | soporte@sync.es | es | RIPE | ES-SYNC-20080219 | b210ff53826d150b6639f160dcbea8fa | http://alaquasonline.es/ |
| 2012-02-09 15:50:07 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS6939 | 64.62.153.174 | hostmaster@he.net | US | ARIN | HURRICANE-4 | 8cb5d526f386db52e5710a36ec048fe1 | http://avsm.ws/ |
| 2012-02-09 15:50:08 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS15395 | 78.136.20.106 | abuse@rackspace.com | GB | RIPE | UK-RACKSPACE-20070416 | f7bf6f9bee03683fd1a915b2919511ea | http://elocumjobs.com/ |
| 2012-02-09 15:50:08 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS39369 | 93.158.114.166 | abuse@itproductions.se | SE | RIPE | SWEDENDEDICATED-NET | 5b6d74f1453e20c09d6a20d909779ad7 | http://ertelmulud.no-ip.biz/ |
| 2012-02-09 15:50:08 | sub16 | avira | TR/SMS.J2ME.Smmer.f | 27/40 (67.5%) | AS5577 | 212.117.177.23 | abuse@as5577.net | LU | RIPE | SERVER-NETWORK | cf4b479a6629e4ce6ba2e8f1430a1dcd | http://lovi-lovi.ru/lov |
| 2012-02-09 15:50:14 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS12695 | 92.38.231.78 | abuse@di-net.ru | RU | RIPE | DINETHOSTING-NEXT2 | ef3a015563a12e76c00398a6b3a7ac4b | http://rieltgarant.ru/ |
| 2012-02-09 15:50:15 | sub16 | avira | JS/iFrame.HD | 13/39 (33.3%) | AS8560 | 82.165.63.141 | abuse@1and1.com | DE | RIPE | SCHLUND-SHARED | 4ce8f87f0834be92a67c10f4bf70c92e | http://rthouses.com/ |
| 2012-02-09 15:50:16 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS53665 | 199.59.241.235 | abuse@bodis.com | CN | ARIN | BODIS-COM | 3ce6871a736d86e0f4a2a22c7f6c3b14 | http://saloongins.net/ |
| 2012-02-09 15:50:18 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS18747 | 200.26.189.20 | abuse@viafacil.com | AR | LACNIC | AR-VIAF-LACNIC | 9fa16527ca426168b94b6037aa14812b | http://sucabikes.com.ar/ |
| 2012-02-09 15:50:22 | sub16 | undef | unknown_html_RFI_eval | 0/42 (0.0%) | AS6739 | 62.42.230.17 | abuse@ono.com | ES | RIPE | ONO-SERVICIOS-ISP | 1698bc3914cad5d71bf836d7fd23fce7 | http://www.albaimtra.com/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS19237 | 216.239.138.166 | abuse@omnis.com | US | ARIN | OMNIS-NET-1 | f5724cfc898930de911bcb7c7e9bcb64 | http://www.andressolimano.com/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS11305 | 66.223.111.166 | abuse-mh@peer1.com | US | ARIN | 66-223-0-0-NET | 3f9f6a3e299d501a429cf00debf2094e | http://www.bastakigroup.com/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS51557 | 93.89.231.6 | ferhat@fbs.com.tr | TR | RIPE | TR-FBS-20100903 | ae3d1a3e0d1255242f8df662349a39e4 | http://www.bilalbabalikli.com/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS25532 | 90.156.201.108 | abuse@masterhost.ru | RU | RIPE | MASTERHOST-HOSTING | 869666bda95440e17e09fd0326b159b8 | http://www.bro100.ru/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS6830 | 212.186.220.233 | hostmaster@chello.at | AT | RIPE | AT-TELEKABEL-980716 | e0a2fce6612eb8954a29c0beb2ee8855 | http://www.foo6.com/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_RFI_eval | 4/38 (10.5%) | AS11798 | 69.89.31.122 | abuse@bluehost.com | US | ARIN | BLUEHOST-NETWORK-1 | 026b851114be2599ebd719335c523fb2 | http://www.globalexpo.co.bw/ |
| 2012-02-09 15:50:23 | sub16 | undef | unknown_html_RFI_eval | 0/38 (0.0%) | AS4766 | 118.46.233.20 | abuse@kornet.net | KR | APNIC | KORNET-KR | b9097b076dfaacc20ba1c885d6988697 | http://www.gnmbc.co.kr/ |
| 2012-02-09 15:50:23 | sub16 | avira | SPR/SpyKeylogger | 18/40 (45%) | AS13618 | 76.76.22.157 | abuse@carohosting.com | US | ARIN | CI-76-76-22-0-23 | b73c9c1d51707f17fbaeaad66f2ee7dc | http://www.spy-key-logger.com/Files/SpyKeylogger-install.exe |
| 2012-02-09 15:50:47 | sub16 | undef | unknown_html_google_malware | 1/40 (2.5%) | AS13238 | 93.158.135.4 | abuse@yandex.ru | RU | RIPE | YANDEX-135-0 | f5827709a46b5e79fdf96940c2ac10fa | http://berezutskii.narod.ru/ |
| 2012-02-09 15:50:47 | sub16 | avira | HTML/Infected.WebPage.Gen2 | 3/39 (7.7%) | AS20772 | 91.226.116.47 | webkstu@kurskstu.ru | RU | RIPE | SWSU | e86271c0e1b839fd641b79f2d68099b0 | http://bmi.kurskstu.ru/ |
| 2012-02-09 15:50:48 | sub16 | avira | JS/Redirect.AC | 15/38 (39.5%) | AS22576 | 72.232.22.242 | abuse@layeredtech.com | US | ARIN | LAYERED-TECH- | 9faff8515cac66215d035865e87e120b | http://ciadomicro.com/ |
| 2012-02-09 15:50:48 | sub16 | avira | HTML/Infected.WebPage.Gen3 | 13/42 (31%) | AS2914 | 198.65.1.232 | abuse@ntt.net | US | ARIN | NTTA-198-63 | aa548f8a762d79a3a96c501b8f00e93a | http://ftp.laughterrealty.com/ |
| 2012-02-09 15:50:48 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS31400 | 84.201.41.252 | lir@accelerated.de | DE | RIPE | DE-ACCELERATED-20070806 | e231ffaeb71c95102c482ea4f20f9920 | http://gew-vie.de/ |
| 2012-02-09 15:50:48 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS24940 | 88.198.53.104 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 844f148116e6670b8175cf425e988d82 | http://gocglesource.com/ |
| 2012-02-09 15:50:48 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS24940 | 88.198.53.104 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 844f148116e6670b8175cf425e988d82 | http://googleadcence.com/ |
| 2012-02-09 15:50:48 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS24940 | 88.198.53.104 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 844f148116e6670b8175cf425e988d82 | http://gooqleadcence.com/ |
| 2012-02-09 15:50:48 | sub16 | undef | unknown_html_google_malware | 0/37 (0.0%) | AS24940 | 88.198.53.104 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 844f148116e6670b8175cf425e988d82 | http://gooqlesource.com/ |
| 2012-02-09 15:50:49 | sub16 | undef | unknown_html_google_malware | 0/41 (0.0%) | AS8447 | 195.3.105.94 | abuse@aon.at | AT | RIPE | AT-TELEKOM-970627 | 528d50f20202291e49272722b9eb7e20 | http://inside.co.at/ |
| 2012-02-09 15:50:49 | sub16 | undef | unknown_html_RFI_shell | 0/41 (0.0%) | AS2914 | 199.238.181.158 | abuse@ntt.net | US | ARIN | NTTA-199-236 | 1d78ba1cf9efc72d775bc3e26efcb41e | http://intelinet-global.com/ |
| 2012-02-09 15:50:52 | sub16 | Avast | HTML:Script-inf | 2/40 (5%) | AS29131 | 78.129.176.147 | abuse@tophosttech.com | GB | RIPE | FUTUREHOSTING-1 | 34e7c1b392daa88d38cc13df2371c507 | http://perimetersoftware.com/ |
| 2012-02-09 15:50:52 | sub16 | undef | unknown_html_RFI_eval | 3/38 (7.9%) | AS15772 | 217.20.163.61 | lordalex@wnet.ua | UA | RIPE | WNET | 5c5f2bbd36140f660c69c88f202e19fe | http://pixwall.net/ |
| 2012-02-09 15:51:01 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS29290 | 86.109.8.237 | abuse@alphamegahosting.com | NL | RIPE | ALPHAMEGA-NL | cac1760a2a4f58e49ff0cbb3a80a7f57 | http://watvindteindhoven.nl/ |
| 2012-02-09 15:51:01 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS44546 | 93.170.52.30 | abuse@dot.tk | NL | RIPE | DOT-TK-NET | 3a8d25cb965df58c358416ba769ea134 | http://web-domain.tk/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS31727 | 79.170.44.90 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET-INFRA | 1b528913e25f87a2a8597867cc070f16 | http://www.its-email.co.uk/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_RFI_eval | 0/41 (0.0%) | AS31034 | 62.149.131.111 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 16b46146b4a29fb075c708558b9b457b | http://www.lavalledellupo.it/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_RFI_shell | 0/38 (0.0%) | AS26347 | 173.236.235.103 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK10 | 49b1b772be9283962e8d2f91a5897099 | http://www.marques.pro.br/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS15146 | 208.87.35.103 | abuse@securehost.com | BS | ARIN | SECUREHOST | 4072a139523929bc0d5426ac47ae245b | http://www.mtxa.net/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS30968 | 77.221.130.39 | abuse@infobox.ru | RU | RIPE | INFOBOX-NET1 | 7745a674c5031b38aa19bb873f011646 | http://www.prava-servise.ru/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS2914 | 213.198.45.118 | abuse@us.ntt.net | DE | RIPE | WWW-SERVICE | e30bf62eddd256c6e60a1337a34cbdfd | http://www.queseriavallesdeloso.com/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS6855 | 213.81.152.60 | abuse@telecom.sk | SK | RIPE | ST-CLUSTERBA152-NET | 0705a9b6788395c91e6430d1204648cc | http://www.rempko.sk/ |
| 2012-02-09 15:51:03 | sub16 | Avast | HTML:Iframe-inf | 5/38 (13.2%) | AS13213 | 77.92.79.11 | ripe@uk2.net | GB | RIPE | UK2-NET | 33ceb222400d7ed016ffea132e3afb3b | http://www.saddles.co.uk/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS57442 | 91.232.21.102 | admin@nbc.ua | UA | RIPE | NBC-UA | 2992102b51408d2e8e56a2aa84c8b1ce | http://www.sharma.com.ua/ |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS39700 | 193.93.174.51 | administratie@webstekker.nl | NL | RIPE | Webstekker | 578513ecbf9e42e8dec02f63776e855e | http://www.tienerweek.nl/ |
| 2012-02-09 15:51:03 | sub16 | DrWeb | Trojan.KillProc.13765 | 1/41 (2.4%) | AS21844 | 74.52.18.28 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | d7f3206fdbceed63d4323cf1d7981aa4 | http://www.triplebunkbeds.org/software/triplebunkbedspuzzle.exe |
| 2012-02-09 15:51:03 | sub16 | undef | unknown_html_RFI_eval | 0/40 (0.0%) | AS4765 | 203.121.165.16 | hoou@pacific.net.sg | TH | APNIC | PI-TH | a030c7d904a5f527d7c7f25c51eca27b | http://www.tuk-tuk.com/ |
| 2012-02-09 16:20:03 | sub10 | avira | WORM/Rbot.Gen | 22/40 (55%) | AS4134 | 113.105.170.24 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 1014a7ebb6089a1bdb7589e46bb35bfb | http://113.105.170.24/1.exe |
| 2012-02-09 16:20:29 | sub16 | avira | ADSPY/NaviPromo.J | 13/40 (32.5%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 870590e98299d6c2e08815792a3ece2d | http://www.toptenreport.com/sdownload/puzzle_games.exe |
| 2012-02-09 16:30:08 | sub10 | Fortinet | W32/Refroso.BLC!tr | 8/40 (20%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | f4d405135765456dc74052b85ebb5264 | http://cineplanet.info/css/form_LCD.exe |
| 2012-02-09 16:32:25 | sub16 | avira | ADWARE/Agent.B.11 | 4/39 (10.3%) | AS23650 | 61.147.115.210 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | 528d3f2ad8d53e635901da63ef285f0d | http://61.147.115.210/ftp_doyo/1.exe |
| 2012-02-09 16:32:27 | sub16 | avira | TR/Crypt.CFI.Gen | 27/39 (69.2%) | AS32475 | 69.175.104.34 | netops@singlehop.com | US | ARIN | SINGLEHOP | 1312aa1104096f752e013dbabf4cf9c3 | http://aimsfinanceiro.x10.mx/avsys.jpg |
| 2012-02-09 16:32:31 | sub16 | avira | TR/Offend.KD.501118 | 11/39 (28.2%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 12fe694c9d4dd7797f8cdddba4fb0bd2 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBRen.exe |
| 2012-02-09 16:32:37 | sub16 | avira | ADWARE/Adware.1499508 | 16/42 (38.1%) | AS19318 | 209.159.146.144 | network@interserver.net | US | ARIN | INTERSERVER | 3293cace2ac355676329424e5b71725c | http://download.xvidcodec.org/dm-ddd-xvid.exe?filename=XvidSetup.ex&ampamp&ampltbr%2F&ampamp&ampgt&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&ampamp&a |
| 2012-02-09 16:32:37 | sub16 | avira | ADWARE/Adware.1499508 | 15/40 (37.5%) | AS19318 | 209.159.146.144 | network@interserver.net | US | ARIN | INTERSERVER | 3293cace2ac355676329424e5b71725c | http://download.xvidcodec.org/dm-ddd-xvid.exe?filename=xvidsetup.ex&ampampltbr/&ampampgte&ampampamp&ampampampchannel=addirect&ampampamp&ampampampdddno=dmxv1ddd |
| 2012-02-09 16:32:51 | sub16 | avira | TR/Dldr.cred.B.79 | 17/38 (44.7%) | AS11798 | 67.20.91.205 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-6 | 93626b3911b54c19acabe06c64e57a16 | http://livingreed.com/ccs2278/setup.exe |
| 2012-02-09 16:32:52 | sub16 | avira | TR/Dldr.Delphi.Gen | 32/40 (80%) | AS33182 | 199.168.184.154 | abuse@dimenoc.com | US | ARIN | DIMENOC | d38b4d34864008996ad65b56a7d06ab5 | http://mauriciosantiago.com/system/sv/f1.exe |
| 2012-02-09 16:33:37 | sub16 | avira | TR/PSW.37888.A | 20/43 (46.5%) | AS4538 | 202.117.35.252 | dzhang@xjtu.edu.cn | CN | APNIC | XJTU-CN | 626aaedb2fd3cbeabfdc5b8f7a6855c5 | http://sd.xjtu.edu.cn/soft/winrar3.2.exe?POSTNUKESID=a7834fea55aead&ltbr/&gt&amp&amp&amp&ampltbr%2F&amp&amp&amp&ampgt&amp&amp&amp&amp&amp&amp&amp&amp&amp&amp&amp&amp&amp&amp& |
| 2012-02-09 16:33:41 | sub16 | undef | unknown_file_$INSTDIR/Jnc.exe | 0/43 (0.0%) | AS47781 | 91.206.200.85 | rudenko@delta-x.ua | UA | RIPE | Delta-X | 15c4a38f61272765972f3963809a1851 | http://smartsniff.com/downloads/JncSetup_1.0.0.4.exe |
| 2012-02-09 16:33:45 | sub16 | avira | DR/NavExcel.A | 22/40 (55%) | AS8358 | 195.70.43.90 | abuse@interware.hu | HU | RIPE | IW-KABELSAT-NET | 79fa49b7f7f978dcd1a917143972761d | http://static.lhp.hu/letoltokozpont.hu/programok/d/dvdrnb40.exe |
| 2012-02-09 16:33:45 | sub16 | avira | TR/Dldr.Delphi.Gen | 35/40 (87.5%) | AS51659 | 46.17.40.94 | noc@baxet.ru | RU | RIPE | BX-NETWORK | 913b52a524ade29b080c06df6fdd923f | http://stats.svcl.ru/CS_UPDATER.exe |
| 2012-02-09 16:34:10 | sub16 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS33182 | 199.168.189.168 | abuse@dimenoc.com | US | ARIN | DIMENOC | de6c8173afaa5cf496b8755e5e8bfee7 | http://www.bestnzb.com/download/freepspmovies.exe |
| 2012-02-09 16:34:12 | sub16 | avira | JS/iFrame.aar | 20/40 (50%) | AS31034 | 62.149.140.88 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 24769ddfb0f7e83b4bbc8d7f543e39aa | http://www.haemotronic.it/ |
| 2012-02-09 16:34:12 | sub16 | avira | TR/Sasfis.azlm | 15/40 (37.5%) | AS12824 | 89.161.151.201 | abuse@home.pl | PL | RIPE | HOMEPL | eac31c34f340755bde406716c7ea2e5f | http://www.mobicert.pl/protektor/ProtektorSetup.exe |
| 2012-02-09 16:34:15 | sub16 | avira | TR/Dropper.Gen | 37/40 (92.5%) | AS30058 | 76.73.72.98 | abuse@fdcservers.net | US | ARIN | FDCSERVERS | e5871adb818bad139af5549eedb6bf91 | http://x.erewx.info/down/x9.exe???????????????????????????????????5&ampamp&ampamp&ampamp&ampamp |
| 2012-02-09 16:34:17 | sub16 | avira | HTML/Rce.Gen | 25/38 (65.8%) | AS32613 | 174.142.167.35 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | 92f3243d3e7d0f327fb71df68841bd97 | http://yayoiglobal.com/about.html |
| 2012-02-09 16:40:09 | sub20 | undef | unknown_exe | 0/38 (0.0%) | AS47856 | 91.206.144.41 | wayne.mitchell@derivco.com | GB | RIPE | DELTA-PRODUCTIONS-NET1-PI-LON-GB | d0df8d8ff989a22bbc799f6cc79a6782 | http://roxypalace.mgsmup.com/mupp/roxypalace/roxypalace.cab |
| 2012-02-09 15:47:43 | sub8 | undef | Trojan-Downloader.Win32.Adload.cgik | 0/38 (0.0%) | AS16276 | 188.165.245.114 | abuse@ovh.net | FR | RIPE | OVH | ce5ae3620678288a1e76c515a0c3dab2 | http://hxv.me/ |
| 2012-02-09 15:49:56 | sub8 | undef | Trojan.MSIL.Agent.lnr | 0/38 (0.0%) | AS28271 | 201.33.26.83 | contato@datacorpore.com.br | BR | LACNIC | 008.210.265/0001-26 | 4016236e0e3e5f2c58896fefdb156592 | http://201.33.26.83/ |
| 2012-02-09 16:50:16 | sub10 | avira | TR/ADH.A.1757 | 15/38 (39.5%) | AS31727 | 93.174.140.10 | abuse@node4.co.uk | GB | RIPE | N4-UK-FREEOLA | 041446924f9462d185ce680cfe40b1cd | http://pagan-heart.co.uk/invosetup.exe |
| 2012-02-09 17:00:44 | sub14 | avira | TR/PSW.37888.A | 19/40 (47.5%) | AS4538 | 202.117.35.252 | dzhang@xjtu.edu.cn | CN | APNIC | XJTU-CN | 626aaedb2fd3cbeabfdc5b8f7a6855c5 | http://sd.xjtu.edu.cn/soft/winrar3.2.exe?POSTNUKESID=3D3D3Da7834fea55aead= |
| 2012-02-09 17:00:44 | sub14 | Jiangmin | TrojanDropper.Injector.ich | 8/39 (20.5%) | AS38661 | 114.141.14.19 | luvyong@hclc.co.kr | KR | APNIC | HCLC-KR | f1985d1913d99cabaa6988fc44f96362 | http://www.aceinfosys.co.kr/bbs/data/update/35upjmrlzz.exe |
| 2012-02-09 17:00:44 | sub14 | avira | TR/Drop.FakeAler.LR | 21/42 (50%) | AS33070, AS19994, AS10532, AS27357 | 69.20.64.49 | abuse@rackspace.com | US | ARIN | RSPC-NET-4 | de840b6768053f1ed8e6ea47f817f971 | http://www.antivirusarmor.com/setup.exe |
| 2012-02-09 17:20:22 | sub16 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS15146 | 208.87.35.103 | abuse@securehost.com | BS | ARIN | SECUREHOST | 5b96ea0c8a27362d6c99a8c75ffad298 | http://virgilguard2.com/ |
| 2012-02-09 17:20:23 | sub16 | avira | DR/Delphi.Gen | 11/40 (27.5%) | AS26496 | 97.74.27.105 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 5cd7841a46caaededde902fd34b5710e | http://www.drmsoft.com/encryption-tool/word-to-exe-converter.zip |
| 2012-02-09 17:05:50 | sub5 | avira | PHP/Shellbot.7642 | 29/38 (76.3%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 407fbf8098fdd5ca3c3ae8ee314b925e | http://fileden.com/files/2012/2/4/3259779//g3m.txt? |
| 2012-02-09 17:30:07 | sub10 | Kaspersky | HEUR:Trojan.Win32.Generic | 4/41 (9.8%) | AS10297 | 209.190.61.44 | abuse@ee.net | US | ARIN | ENET-XLHOST | 862ecd4b303a0468ac15dc36f2444e20 | http://ismeretterjesztes.info/1/micro.exe |
| 2012-02-09 17:30:21 | sub16 | Avast | JS:Redirector-NU [Trj] | 11/41 (26.8%) | AS24564 | 202.148.142.241 | helpdesk@apnic.net | AU | APNIC | APNIC-AP | bb4a3b73fb130ee0aa8d96925fd71e21 | http://wintringham.org.au/ |
| 2012-02-09 17:40:10 | sub15 | avira | TR/Proxy.Gen | 22/38 (57.9%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | ee8a64bd3b758e634fb7f2ac10049d72 | http://184.82.227.217/files/49 |
| 2012-02-09 17:40:10 | sub15 | AhnLab_V3 | Trojan/Win32.Gimemo | 3/38 (7.9%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | b284fba87715a2e83dfc52b2e1758832 | http://184.82.227.217/files/48 |
| 2012-02-09 17:40:10 | sub15 | McAfee | Generic FakeAlert.bz | 1/43 (2.3%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | d28f830021297aa47b61ef6644ee79d2 | http://184.82.227.217/files/47 |
| 2012-02-09 17:40:11 | sub15 | McAfee | Generic FakeAlert.bz | 1/38 (2.6%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 05432df945b098d2d1cead20a1c7537d | http://184.82.227.217/files/46 |
| 2012-02-09 17:40:11 | sub15 | McAfee | Generic FakeAlert.bz | 1/40 (2.5%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 84491ab325259433474fc779768a00ef | http://184.82.227.217/files/45 |
| 2012-02-09 17:40:11 | sub15 | BitDefender | Gen:Variant.Kazy.55125 | 5/40 (12.5%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | e2aa52616430895f3e30d792d0b60c73 | http://184.82.227.217/files/37 |
| 2012-02-09 17:40:11 | sub15 | McAfee_GW_Editio | Heuristic.BehavesLike.Win32.ModifiedUPX.C | 1/39 (2.6%) | AS21788 | 184.82.227.217 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | d865d52e258fbf3933d9b7f5d1c34d41 | http://184.82.227.217/files/17 |
| 2012-02-09 17:40:11 | sub15 | AVG | Crypt.APTB | 10/39 (25.6%) | AS13213 | 109.123.88.131 | ripe@uk2.net | GB | RIPE | UK-UK2NET-20091012 | 91d38ff34f7873e73bcc3860dcfebb61 | http://www.tamarinnorwood.co.uk/wp-admin/albums.php? |
| 2012-02-09 17:40:14 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 3/38 (7.9%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 02bda74e8341b752fca97ee64b03eb3f | http://chrisqueen.com/dp/distr/app-ezitraffic/site-00ab0c4cbcf/lng-eng/ezitraffic.exe |
| 2012-02-09 17:40:28 | sub16 | avira | TR/Spy.Vlogger.AB.12 | 29/39 (74.4%) | AS41897 | 91.102.225.20 | abuse@sattrakt.net | RS | RIPE | SATTRAKT-NET | a8b80164687c3fe7445142d7d6bacc3b | http://personal.stcable.net/~gooles/Keylogger.zip |
| 2012-02-09 17:40:53 | sub16 | avira | SPR/Tool.ThemeXP.26 | 6/40 (15%) | AS36024 | 65.99.250.115 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | e749f811f8fe8d4e4eb22f85f3690f71 | http://www.themexp.org/site_tempfiles/04/184885.exe |
| 2012-02-09 15:49:58 | sub8 | undef | HEUR:Trojan-Downloader.Win32.Generic | 0/39 (0.0%) | AS32244 | 69.167.162.69 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | c08ea1aff0b8445b27df89c66f705d62 | http://medicable.com.mx/domit/ |
| 2012-02-09 18:10:09 | sub16 | clamav | Trojan.Clicker-86 | 15/37 (40.5%) | AS36420, AS30315, AS13749, AS21844 | 174.120.240.73 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | 46ddfbb69ee2b8770e5405739261e21d | http://100thingstodobeforeyoudie.org/twindvd/target.exe |
| 2012-02-09 18:10:52 | sub16 | DrWeb | Adware.Searcher.1222 | 2/37 (5.4%) | AS32475 | 184.154.215.242 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 978796bc890edbab88b7fd1b1e7319e6 | http://www.polaris-software.com/media/video2mp3.exe |
| 2012-02-09 18:10:52 | sub16 | avira | ADSPY/Advantage.A.28 | 23/41 (56.1%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 64.246.3.226 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-7 | 27867435a1b6b3f35daf13faac6f77b7 | http://www.space-screensavers.com/files/free/freemoonscreensaver.exe |
| 2012-02-09 18:11:00 | sub16 | avira | JAVA/SMS.J2ME.AD | 21/38 (55.3%) | AS42655 | 194.28.172.166 | abuse@besthosting.com.ua | UA | RIPE | BESTHOSTING-NET2 | 0a0bf2c43d2c4bc2440ba54027a56f2c | http://fotoobmen.ws/smile. |
| 2012-02-09 18:11:37 | sub16 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 184.173.195.219 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | 2e0c7824439c8d3bd26c1722fe59e6d2 | http://www.nuscreensavers.com/screensaver_Jessica-Simpson.zip |
| 2012-02-09 17:43:28 | sub5 | avira | PHP/Shellbot.7642 | 29/38 (76.3%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 01c211bb3aad72d291d55785e9f38af2 | http://fileden.com/files/2012/2/4/3259779//okmfnfj5j5hf8fhs8hdhhdhdhdh.txt? |
| 2012-02-09 18:13:34 | sub5 | avira | PHP/Small.C | 28/38 (73.7%) | AS5413 | 81.21.75.95 | abuse@gxn.net | GB | RIPE | UK-PIPEX-LEEDS-DCO-1 | ad6ffdc378b8336cf5a3de8c09be287b | http://nesodden.historielag.org/thumbs.txt? |
| 2012-02-09 18:31:08 | sub16 | avira | ADSPY/NaviPromo.J | 14/38 (36.8%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 573597bee498c8f02c9da26b7261c985 | http://www.bulldogftp.com/download/bdftp5200.exe |
| 2012-02-09 18:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 0e6ce5c41418a678dfbde9953ee6f2da | http://190.94.197.195/content/adp1.php?f=0 |
| 2012-02-09 18:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 13/38 (34.2%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | b2b1f5c64af7b6f3b5d47be85de70631 | http://190.94.197.195/content/adp1.php?f=26 |
| 2012-02-09 18:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 15/42 (35.7%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 76443a4251a9084cfcfedbe9ac9d7467 | http://190.94.197.195/content/adp1.php?f=32 |
| 2012-02-09 18:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/41 (34.1%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | f88d921340f047ec4de09e53c0fed40e | http://190.94.197.195/content/adp1.php?f=61 |
| 2012-02-09 18:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | bc629e874b47ae6b180c684f1be27f7a | http://190.94.197.195/content/adp1.php?f=97 |
| 2012-02-09 18:40:08 | sub24 | clamav | Exploit.PDF-28745 | 11/40 (27.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8a5d8255136f281c085f83b233eaf780 | http://79.137.237.66/content/adfp2.php?f=300 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 13/38 (34.2%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 08daf6650903d6713b1c2b9d9518b9e2 | http://190.94.197.195/content/adp1.php?f=71 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 13/38 (34.2%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | f8bf122103497eff76ff7b90e26839e7 | http://79.137.237.66/content/adfp1.php?f=42 |
| 2012-02-09 18:40:08 | sub24 | clamav | Exploit.PDF-28745 | 11/40 (27.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 62ce46501c5a7b61ff98c1f87c9f2f74 | http://79.137.237.66/content/adfp2.php?f=297 |
| 2012-02-09 18:40:08 | sub24 | clamav | Exploit.PDF-28745 | 12/41 (29.3%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 51355015016bdf3fac55ea58b761a629 | http://79.137.237.66/content/adfp2.php?f=44 |
| 2012-02-09 18:40:08 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 1e90f0d8a8798da07f8121823374b7c6 | http://79.137.237.66/content/fdp2.php?f=194 |
| 2012-02-09 18:40:08 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 6b4d32fb14b0d6d919f57c1bc41b7e6a | http://79.137.237.66/content/fdp2.php?f=41 |
| 2012-02-09 18:40:08 | sub24 | avira | JAVA/SMSSend.BA | 3/38 (7.9%) | AS48235 | 94.127.68.200 | ripe-lir@serversnab.ru | RU | RIPE | RU-SERVERSNAB-20081008 | 2ad10ba9a22941ad3fe1a03304d6e0c1 | http://w-wap.ru/porno_player.jar |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 13/38 (34.2%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 6eba327fda94b516aab6719401b9c3dd | http://190.94.197.195/content/adp1.php?f=36 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 15/42 (35.7%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 637e0a395fa9118d5c911863663d4604 | http://190.94.197.195/content/adp1.php?f=60 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 13/37 (35.1%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 2ed1daf7a57b023310bad74f7c8e0430 | http://190.94.197.195/content/adp1.php?f=98 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | b22ed476ea73d1fbf97d10faee57ae25 | http://190.94.197.195/content/adp1.php?f=24 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 0b308e2cd0c6fb52ff9299efb3741a9b | http://190.94.197.195/content/adp1.php?f=51 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | a8927eef0f1bbd47d60ce75f298baebe | http://190.94.197.195/content/adp1.php?f=87 |
| 2012-02-09 18:40:08 | sub24 | clamav | Exploit.PDF-28745 | 11/40 (27.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 67a08637c943cae100f28a7f9459da53 | http://79.137.237.66/content/adfp2.php?f=289 |
| 2012-02-09 18:40:08 | sub24 | clamav | Exploit.PDF-28745 | 11/40 (27.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 294c84a5f1b4ae282854dbfc0f4aa1af | http://79.137.237.66/content/adfp2.php?f=72 |
| 2012-02-09 18:40:08 | sub24 | AhnLab_V3 | Trojan/Win32.PornoAsset | 4/38 (10.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a361f5075d845ae3a8f4e692a2af2f40 | http://os8128.ru/files/1267 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 15/42 (35.7%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 5506253efa8cd970a76208a6dded1c4e | http://190.94.197.195/content/adp1.php?f=50 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 15/42 (35.7%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | 19692b7ebaa66773de7fb55b8d90bf74 | http://190.94.197.195/content/adp1.php?f=73 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS18747 | 190.94.197.195 | jcrespo@ifxnw.com.ve | VE | LACNIC | VE-EMCA-LACNIC | fb6538c493ebaf6bb5e50da7fb929037 | http://190.94.197.195/content/adp1.php?f=99 |
| 2012-02-09 18:40:08 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 842b84e55106363e1478d255cbc0ba78 | http://79.137.237.66/content/adfp1.php?f=71 |
| 2012-02-09 17:47:03 | sub8 | undef | TrojanDropper:Win32/Dunik!rts | 0/40 (0.0%) | AS24557 | 113.20.9.89 | abuse@aussiehq.com | AU | APNIC | AUSSIEHQ | d5313025b44745b6dff3cffb76867547 | http://torfma.soundscience.com.au/ |
| 2012-02-09 17:47:32 | sub8 | undef | Trojan-Dropper.Win32.Injector.cpli | 0/40 (0.0%) | AS16265 | 77.235.51.111 | security@eurovps.com | NL | RIPE | GR-EUROVPS-20070116 | ca1ddd07e065e176042b724c15f600bd | http://realhosting.gr/ |
| 2012-02-09 17:47:55 | sub8 | undef | NetTool.Win32.Portscan.c | 0/43 (0.0%) | AS39743 | 109.163.229.2 | admin@protectivehost.net | RO | RIPE | Protectivehost | 6209a3042e94bee22de99883ef65272d | http://hostwithmagic.info/ |
| 2012-02-09 18:43:29 | sub16 | AhnLab_V3 | Trojan/Win32.HDC | 14/41 (34.1%) | AS15201 | 200.98.135.81 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 0e2468bb70683bb1d5ce64d82c144f0f | http://200.98.135.81/0/correios-com-telegrama-online-97023640185215.exe |
| 2012-02-09 18:43:31 | sub16 | avira | SPR/KeyLogger.P.2 | 32/39 (82.1%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=56& |
| 2012-02-09 18:43:41 | sub16 | avira | ADWARE/Agent.1835095.1 | 14/38 (36.8%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 17c9994b8ccb66df281ba0e63b465a65 | http://www.toptenreport.com/BrandThunder/how2restoreoutlook.exe |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/IRCBOT.21970 | 29/39 (74.4%) | AS15201 | 200.98.135.178 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 0166e17c08ea245dfd376568120cbe95 | http://200.98.135.178/allnet.bmp |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/C99Shell.F | 28/40 (70%) | AS15201 | 200.98.135.178 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | befd971dd688cdcc1f37dc2b325273da | http://200.98.135.178/byroe.bmp |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/IRCBOT.F.1 | 28/38 (73.7%) | AS11798 | 70.40.223.231 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-5 | e3ddd193cd4665bfa1b128bf82bb1150 | http://70.40.223.231/includes/functions/byroe.jpg |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/PBot.A.9 | 23/39 (59%) | AS19181 | 184.95.33.58 | abuse@securedservers.com | US | ARIN | SECUREDSERVERS | dad5bf6380d18758658bc386677a2aba | http://adao.ninfas.info/pbati.txt |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/BackDoor.AR | 29/39 (74.4%) | AS3269 | 87.19.42.90 | abuse@business.telecomitalia.it | IT | RIPE | TELECOM-ADSL-8 | da20e1d3327c3da8c683cc316f13af96 | http://blogger.com.55.lt/id.jpg |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/RemoteAdmi.5398 | 19/39 (48.7%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 216.12.221.110 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-2 | 9c997e6467b400f4cd1a857003d45884 | http://bothwell-furniture.com/cyber-tech.txt |
| 2012-02-09 19:00:07 | sub11 | avira | PHP/RemoteAdmi.5398 | 29/41 (70.7%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 216.12.221.110 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-2 | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://bothwell-furniture.com/myid.flv |
| 2012-02-09 19:00:07 | sub11 | avira | PERL/IrcBot.AX | 32/38 (84.2%) | AS20771 | 212.58.116.73 | zzurashvili@ibasis.net | GE | RIPE | GE-BOOM | 04923271d64a27921f93d5ff24ab0194 | http://build.ge/js/c.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/PBot.A | 32/39 (82.1%) | AS20771 | 212.58.116.73 | zzurashvili@ibasis.net | GE | RIPE | GE-BOOM | 5ec74c62c5029bed40c95e95b0b68201 | http://build.ge/js/read.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/C99Shell.F | 27/38 (71.1%) | AS36351 | 67.228.42.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-5 | ebf06d3d45f35c3b304814d927f3f076 | http://cinemovie.tv/cinemovie_fresh/components/com_weblinks/views/weblink/tmpl/link.jpg |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 957d47e14c54da2ea168dfcd4bc6a152 | http://fileden.com/files/2012/2/1/3258462/migmodnukadero.txt |
| 2012-02-09 19:00:08 | sub11 | undef | unknown_html_RFI_php | 6/40 (15%) | AS32613 | 174.142.68.231 | abuse@noc.privatedns.com | CA | ARIN | IWEB-BLK-06 | dcdec3e39b5d617458e7d01d13f03416 | http://infecteur.servebeer.com//timezoro/link.php |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/PBot.A | 28/38 (73.7%) | AS19181 | 184.95.33.58 | abuse@securedservers.com | US | ARIN | SECUREDSERVERS | b94ee61bbace6bf653a112c6288b204a | http://malvadeza.ninfas.info/bot.txt |
| 2012-02-09 19:00:08 | sub11 | avira | BDS/IRC.Zapchast | 7/39 (17.9%) | AS19181 | 184.95.33.58 | abuse@securedservers.com | US | ARIN | SECUREDSERVERS | a152453dc395065e3f11a249635b1857 | http://malvadeza.ninfas.info/haha.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 31/41 (75.6%) | AS30083 | 173.224.123.99 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | aa728d83ea9055d546e4f3e613334245 | http://negociol.com/file/f1805/pbot.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 29/38 (76.3%) | AS30083 | 173.224.123.99 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | aa728d83ea9055d546e4f3e613334245 | http://negociol.com/file/f1805/pbot.txt. |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS30083 | 173.224.123.99 | abuse@hostingsolutionsint.com | US | ARIN | S4Y-3 | f851867ab60f1d5b02e9bf02937cd091 | http://negociol.com/file/f1806/pbot.txt. |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/PBot.A.6 | 32/40 (80%) | AS26496 | 64.202.166.212 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 3ce4563e46f7b5ba68811566215c6a72 | http://okcardoso.com/phpbb2/images/avatars/AB.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Small.C | 30/40 (75%) | AS33597 | 67.208.91.118 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | b0c590689fc3e3d7fa4adc3ecb4aacd7 | http://users9.jabry.com/udpsilksterr/cone.png |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 33/43 (76.7%) | AS14141 | 98.142.215.182 | wnoc@wiresix.com | US | ARIN | WIRESIX | a4968e4f4fb2c0c97858f5e29ece9035 | http://www.fileden.com/files/2012/2/1/3258462/abc.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS14141 | 98.142.215.182 | wnoc@wiresix.com | US | ARIN | WIRESIX | a4968e4f4fb2c0c97858f5e29ece9035 | http://www.fileden.com/files/2012/2/1/3258462/DIANOVE.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 30/39 (76.9%) | AS14141 | 98.142.215.182 | wnoc@wiresix.com | US | ARIN | WIRESIX | 957d47e14c54da2ea168dfcd4bc6a152 | http://www.fileden.com/files/2012/2/1/3258462/migmodnukadero.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Shellbot.7642 | 28/37 (75.7%) | AS14141 | 98.142.215.182 | wnoc@wiresix.com | US | ARIN | WIRESIX | ed8ca551e48d3c1152158f2e41d63796 | http://www.fileden.com/files/2012/2/4/3259779//cmdjuniororiginal.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/PBot.A | 29/38 (76.3%) | AS10318 | 201.235.255.37 | noc@fibertel.com.ar | AR | LACNIC | AR-CASA10-LACNIC | 74cff2d376097b4172be5ea67d1666e1 | http://www.kravmagamendoza.com.ar/cmd2.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Pastie.637 | 25/39 (64.1%) | AS12327 | 31.222.203.82 | abuses@idear4business.net | GB | RIPE | IDEAR4BUSINESS-UK | 493d3c720be431004253125118998a5d | http://www.ralphlaurenukonlineshop.com/list.txt |
| 2012-02-09 19:00:08 | sub11 | avira | PHP/Small.C | 25/37 (67.6%) | AS15244 | 216.227.218.220 | hostmaster@lunarpages.com | US | ARIN | ADDD2NET-DOT-COM | 142540e58d7f26c533d57006dff774ba | http://www.wizbeautyequipment.com/xpl/biz.jpg |
| 2012-02-09 19:00:08 | sub11 | avira | PERL/IrcBot.AX | 25/43 (58.1%) | AS15244 | 216.227.218.220 | hostmaster@lunarpages.com | US | ARIN | ADDD2NET-DOT-COM | 4c76f638746958424fd0f237a150f54f | http://www.wizbeautyequipment.com/xpl/dal.jpg |
| 2012-02-09 19:02:20 | sub1 | avira | TR/ATRAPS.Gen | 17/39 (43.6%) | AS8560 | 74.208.26.97 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 4d7b66232ee9fe172787de31ccd12be1 | http://www.kronopio.tv/modules/TAM-Viagens.exe |
| 2012-02-09 19:02:20 | sub1 | Avast | Win32:Banker-JAP [Trj] | 14/40 (35%) | AS32244 | 69.167.162.69 | abuse@liquidweb.com | US | ARIN | LIQUIDWEB-9 | a023d940451bca57fde649432a6fa8ac | http://medicable.com.mx/domit/sincronizar.exe |
+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+--------+----------------------------------+----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
165 rows in set (0.20 sec)

--- End code ---

cleanmx:
upto 2012-02-10 01:40:05 CET online data http://support.clean-mx.de/clean-mx/viruses.php?sort=id%20desc&response=alive
rss-feed: http://support.clean-mx.de/clean-mx/rss?scope=viruses
twitter: http://twitter.com/CleanmxMalware

--- Code: ---+---------------------+-------------+---------------+--------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+---------+--------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |
+---------------------+-------------+---------------+--------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+---------+--------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 2012-02-09 19:04:45 | sub1 | Ikarus | Trojan.JS.Ransom | 2/43 (4.7%) | AS41018 | 195.189.227.37 | abuse@server.ua | UA | RIPE | DC-SERVER-UKRAINE | ac31b1f2f9489db39c1516b65955b220 | http://195.189.227.37/ |
| 2012-02-09 19:10:53 | sub16 | avira | ADSPY/NaviPromo.J | 11/38 (28.9%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | ea571e15e033fc427c189801cb0c460f | http://www.toptenreport.com/SecurityXploded/gacview.exe |
| 2012-02-09 19:10:53 | sub16 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS33182 | 66.7.221.218 | abuse@dimenoc.com | US | ARIN | DIMECNET | b90163230820f67eb0f10789a731407f | http://www.w0uk.net/w0uk/Activities.html |
| 2012-02-09 18:26:44 | sub5 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS14141 | 98.142.215.182 | wnoc@wiresix.com | US | ARIN | WIRESIX | 407fbf8098fdd5ca3c3ae8ee314b925e | http://fileden.com/files/2012/2/4/3259779//kdjh4hufdij4jflkddddddfdcc.txt? |
| 2012-02-09 19:40:04 | sub10 | Antiy_AVL | Trojan/Win32.Agent.gen | 10/39 (25.6%) | AS4134 | 117.41.228.137 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JX | b08da78283241ffd0030324e90d7205f | http://117.41.228.137:33698/h.exe |
| 2012-02-09 19:40:04 | sub10 | avira | TR/Rootkit.Gen | 19/40 (47.5%) | AS9286 | 121.78.79.127 | kwlee@actela.com | KR | APNIC | KINXINC-KR | 60e9071cf79fda929db13bdd54481450 | http://121.78.79.127/mm/m24.exe |
| 2012-02-09 19:40:06 | sub24 | clamav | Exploit.PDF-28745 | 12/40 (30%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 7a9f09e11febacfc6e6fa2d499d16a6b | http://79.137.237.66/content/adfp2.php?f=250 |
| 2012-02-09 19:40:06 | sub24 | clamav | Exploit.PDF-28745 | 12/38 (31.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 82b57647bd9c5dbc7eee7df9086c2395 | http://79.137.237.66/content/adfp2.php?f=279 |
| 2012-02-09 19:40:06 | sub24 | avira | EXP/Pidief.atm | 18/38 (47.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 04572d43c469cebced01cc4738282c66 | http://79.137.237.66/content/fdp2.php?f=198 |
| 2012-02-09 19:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 9a5dba6b4d736ee321b8c92df74d5fa7 | http://79.137.237.66/content/fdp2.php?f=58 |
| 2012-02-09 19:40:06 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | a69d3577c9c571b14391f6437f7d2aeb | http://79.137.237.66/content/fdp2.php?f=97 |
| 2012-02-09 19:40:07 | sub16 | Antiy_AVL | Trojan/Win32.Agent.gen | 5/43 (11.6%) | AS36420, AS30315, AS13749, AS21844 | 174.120.202.34 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | ee76163331a37f4c1b2ef92f1b0db9c0 | http://www.orchidstoresecrets.com/Caring_for_Orchids_calcu.exe |
| 2012-02-09 19:40:24 | sub20 | BitDefender | Gen:Variant.TDss.66 | 9/41 (22%) | AS16626 | 74.81.65.178 | abuse@gnax.net | US | ARIN | GNAXNET | b2e5cb62283ce6ee3e930dfa74a1366f | http://clickbankdiary.com/rub.exe |
| 2012-02-09 19:50:03 | sub10 | AhnLab_V3 | Dropper/Win32.Injector | 9/40 (22.5%) | AS28753 | 188.72.248.146 | abuse@leaseweb.de | DE | RIPE | DE-NETDIRECT-20090709 | 4b50035e5a84214a84dcadc61d1e75af | http://188.72.248.146/2020.exe |
| 2012-02-09 19:50:03 | sub10 | avira | TR/Offend.kdv.529185 | 11/38 (28.9%) | AS2860 | 195.23.154.196 | abuse@isp.novis.pt | PT | RIPE | IP-NOVIS | 6cf83fc2546bc6a40c66bbee2a75fe22 | http://195.23.154.196/images/getwriter_bo.dll |
| 2012-02-09 19:50:03 | sub10 | Comodo | UnclassifiedMalware | 6/41 (14.6%) | AS4766 | 220.95.232.44 | abuse@kornet.net | KR | APNIC | KORNET-KR | 9d9a67e39be110e8ce59250fa1fc0234 | http://220.95.232.44/~serviceitem/down/iclbacon.exe |
| 2012-02-09 19:50:03 | sub10 | avira | TR/Dropper.Gen | 28/40 (70%) | AS56042 | 221.180.22.194 | hostmaster@chinamobile.com | CN | APNIC | CMNET | 97cbd7376efcfa826fd04f903e65723b | http://221.180.22.194:82/down/0912271310e41f728980dfbefc.zip |
| 2012-02-09 19:50:03 | sub10 | avira | TR/Drop.Binder.esa | 24/40 (60%) | AS56042 | 221.180.22.194 | hostmaster@chinamobile.com | CN | APNIC | CMNET | 26850ea1e83d6b9eaae476fbdcf82e57 | http://221.180.22.194:82/down/10121031023.zip |
| 2012-02-09 19:50:03 | sub10 | avira | ADSPY/BaiduBar.DD | 5/40 (12.5%) | AS56042 | 221.180.22.194 | hostmaster@chinamobile.com | CN | APNIC | CMNET | 4f2391f80c2c4766521794e950bfea1e | http://221.180.22.194:82/down/777106.zip |
| 2012-02-09 19:50:03 | sub10 | avira | TR/Agent.849920 | 22/39 (56.4%) | AS56042 | 221.180.22.194 | hostmaster@chinamobile.com | CN | APNIC | CMNET | 8650d937a19ec012437ed7e0814f94ae | http://221.180.22.194:82/down/88rss.niunian.zip |
| 2012-02-09 19:50:05 | sub16 | avira | TR/Agent.VB.2602 | 14/39 (35.9%) | AS4766 | 220.81.162.198 | abuse@kornet.net | KR | APNIC | KORNET | 205c339625828b1089850ce56c8d2561 | http://www.imslow.kr/ghost/index.html |
| 2012-02-09 20:00:03 | sub1 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS4906 | 63.250.48.84 | abuse@frontline.net | US | ARIN | SINEP-BLOCK-3 | d855e7c7d33d98bb9576245f70a3d66f | http://darrellwebb.net/astarte.html |
| 2012-02-09 20:00:05 | sub10 | avira | W32/Parite | 34/37 (91.9%) | AS4134 | 115.238.255.165 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | 19652d967103ad9295efa88868c89c96 | http://abc.cngr.cn/2011/PDX16-upanxiuf.exe |
| 2012-02-09 20:00:05 | sub10 | avira | WORM/Gamarue.F.22 | 12/41 (29.3%) | AS29873 | 66.96.147.102 | bnbrock@maileig.com | US | ARIN | BIZLAND-FC01 | 220b3d6ab1ab2140a1270d23fdfac866 | http://andrewwright.nl/AccountStatistics/Information.zip |
| 2012-02-09 20:00:06 | sub15 | BitDefender | Trojan.Generic.KD.529365 | 4/41 (9.8%) | AS42484 | 91.227.18.20 | admin@host-food.ru | RU | RIPE | Eximius-net | 3442357b01f93eb35605161e1745f06b | http://91.227.18.20/files/37 |
| 2012-02-09 20:00:17 | sub20 | ClamAV | PUA.Packed.UPack | 1/40 (2.5%) | AS4837 | 122.228.199.72 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-ZJ | f6764eac6547dcdc29478b9530193db3 | http://download.pplive.com/PPTV(pplive)_forqd574.exe |
| 2012-02-09 20:00:17 | sub20 | clamav | PUA.Packed.PECompact-1 | 5/38 (13.2%) | AS4812 | 101.226.1.223 | wengwq@online.sh.cn | CN | APNIC | CHINANET-SH | cb1a571868f81e6bfd0d89e98c675080 | http://light.wiseie.com/tools/SnapShot.exe |
| 2012-02-09 20:04:03 | sub10 | trendmicro | Mal_Bero | 15/40 (37.5%) | AS3248 | 86.59.118.153 | abuse@sil.at | AT | RIPE | AT-SIL-20050502 | 5a57784fd3722711900c142f727b8131 | http://breakpoint.deb.at/2006/Console_Real_Wild/fr051.zip |
| 2012-02-09 20:04:03 | sub10 | CAT_QuickHeal | (Suspicious) - DNAScan | 11/40 (27.5%) | AS3248 | 86.59.118.153 | abuse@sil.at | AT | RIPE | AT-SIL-20050502 | 2fddfa22a2bb019b34f0bebc5c5c9c9d | http://breakpoint.deb.at/2006/PC_4k_Intro/gaia_release.ZIP |
| 2012-02-09 20:04:03 | sub10 | avira | TR/Spy.63488.E | 21/40 (52.5%) | AS3248 | 86.59.118.153 | abuse@sil.at | AT | RIPE | AT-SIL-20050502 | 14257c8d54d46e88c3e861612832aee1 | http://breakpoint.deb.at/2006/PC_64k_Intro/bc_imr_party.zip |
| 2012-02-09 20:04:03 | sub10 | avira | TR/Buzus.dncn | 23/39 (59%) | AS34788 | 85.13.136.229 | ip@all-inkl.com | DE | RIPE | DE-ALL-INKL-20050405 | 3ab91539fa62c6d6d7606d3c5312332b | http://cheatscorner.de/files/farcry2v1-02_plus13trainer.zip |
| 2012-02-09 20:04:03 | sub10 | avira | BDS/Sub7-22.A.04 | 35/40 (87.5%) | AS1267 | 195.210.93.152 | abuse@iol.it | IT | RIPE | IOL-2 | abadd67415aa6c802dba79bbf6a2d4d7 | http://digidownload.libero.it/superabbronzato/ss22.zip |
| 2012-02-09 20:04:04 | sub16 | Antiy_AVL | Trojan/Win32.Genome.gen | 2/40 (5%) | AS32209 | 69.172.200.70 | net-admin@peer1.net | US | ARIN | PEER1-BLK-14 | 2490c5a925fb9969a747f969a530147c | http://freeinstaller.net/bundle.php?m=i&b=13&br=iexplore |
| 2012-02-09 20:04:04 | sub16 | avira | ADSPY/NaviPromo.J | 13/38 (34.2%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | acfe2fd2039256eb9801b4890c3e32d6 | http://www.toptenreport.com/nirsoft/odbxio.exe |
| 2012-02-09 20:20:04 | sub10 | avira | SPR/Inst.Tool.Webcrack | 17/42 (40.5%) | AS1267 | 195.210.93.152 | abuse@iol.it | IT | RIPE | IOL-2 | b889d199deb50847f2c7271a6bfcd78e | http://digidownload.libero.it/superabbronzato/webcrack40.zip |
| 2012-02-09 20:20:04 | sub10 | avira | WM/Agent | 34/40 (85%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 2b52cd471c891ad140a14bbd66de0729 | http://digilander.libero.it/superabbronzato/agent.zip |
| 2012-02-09 20:20:04 | sub10 | avira | VGEN/2121.3 | 32/39 (82.1%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 07b0329a8db4715503f86e3e4348055c | http://digilander.libero.it/superabbronzato/anticaro.zip |
| 2012-02-09 20:20:04 | sub10 | avira | TR/Bionet | 13/39 (33.3%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 9c75bf535c89dcce2d1d9d6cf41a4b57 | http://digilander.libero.it/superabbronzato/bat2com.zip |
| 2012-02-09 20:20:04 | sub10 | trendmicro | JOKE_MELT.A | 30/40 (75%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 7e719fcdd7fba18bf4af779aff353522 | http://digilander.libero.it/superabbronzato/cera.zip |
| 2012-02-09 20:20:04 | sub10 | AntiVir | JOKE/ScrnFly | 17/40 (42.5%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | b104b8b6dacc6c02a7d6b751bb2ebf8d | http://digilander.libero.it/superabbronzato/mosca.exe |
| 2012-02-09 20:20:04 | sub10 | avira | TR/NetBus | 33/38 (86.8%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | d985b844474c199f55543509b34dfc09 | http://digilander.libero.it/superabbronzato/netbus17.zip |
| 2012-02-09 20:20:04 | sub10 | avira | VKIT/NRLG | 32/39 (82.1%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 97b7e5319ad40f26252cfa45c375b46c | http://digilander.libero.it/superabbronzato/nrlg.zip |
| 2012-02-09 20:20:04 | sub10 | avira | TR/Hunter.15.Hack | 31/40 (77.5%) | AS1267 | 195.210.93.172 | abuse@iol.it | IT | RIPE | IOL-2 | 7746af929182401d50d3173638c05b8a | http://digilander.libero.it/superabbronzato/troj2.1.zip |
| 2012-02-09 20:20:04 | sub10 | avira | TR/StartPage.SQ.5 | 25/37 (67.6%) | AS3786 | 211.115.80.37 | ip@kidc.net | KR | APNIC | KIDC-KR | 07a28c3a6adb755967ffcf63f90041ba | http://diskmania.co.kr/program/yahoo_1225.exe |
| 2012-02-09 20:20:04 | sub10 | AntiVir | GAME/Casino.Gen2 | 16/40 (40%) | AS11754 | 216.59.154.18 | noc@orangeisp.com | US | ARIN | GUS-NET | 8aac478bb8ba38a3b03a3d30cda9b510 | http://divkoxbky.casino-to-win.eu/CasinoTitan_En.exe |
| 2012-02-09 20:20:04 | sub10 | AntiVir | GAME/Casino.Gen2 | 15/37 (40.5%) | AS11754 | 216.59.154.18 | noc@orangeisp.com | US | ARIN | GUS-NET | 6d9cf851750e51735a57dc5c7dbd5f35 | http://divkoxbky.casino-to-win.eu/CasinoTitan_Fr.exe |
| 2012-02-09 20:30:04 | sub10 | avira | WORM/Gamarue.F.22 | 14/40 (35%) | AS33182 | 66.7.212.221 | abuse@dimenoc.com | US | ARIN | DIMECNET | 4a304abce37427cffe5a54ea6319370f | http://dreamzz.eu/PaymentInformation/AccountStatistics.zip |
| 2012-02-09 20:30:04 | sub10 | AhnLab_V3 | Win-PUP/Helper.SearchStar.244224.B | 7/40 (17.5%) | AS9318 | 118.217.183.155 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 1bac2ea213173ca8d3f1fd9179f93c60 | http://ds.searchstar.co.kr/paran/20111216_w/searchstar.dll |
| 2012-02-09 20:30:04 | sub10 | avira | TR/Gendal.KD.380781 | 27/40 (67.5%) | AS9318 | 118.217.183.155 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 8d8b133e416de650bfa163c330ec4cd4 | http://ds.searchstar.co.kr/paran/20111216_w/uninstall.exe |
| 2012-02-09 20:30:04 | sub10 | avira | TR/Kazy.54682.1 | 13/40 (32.5%) | AS16276 | 46.105.232.103 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 4be669de5823a3427646b64043ecf5e4 | http://facebookcam.info/taskmgm.exe |
| 2012-02-09 20:40:06 | sub10 | trendmicro | TROJ_SPNR.03E011 | 20/40 (50%) | AS31727 | 79.170.40.53 | abuse@heartinternet.co.uk | GB | RIPE | HEART-INTERNET | 14c3f6fb6f3c59358e8997b66f3dbec5 | http://freefordradiocode.co.uk/content/fordaclseries.zip |
| 2012-02-09 20:40:06 | sub10 | avira | TR/SkynetRef.u | 33/40 (82.5%) | AS39743 | 188.211.239.213 | maria.mirabela1980@gmail.com | ro | RIPE | PF-DEACONU-VASILE | ca9adac5b59021d6e1ae4f845709ded3 | http://fvsn.org/!install/install-15309.exe |
| 2012-02-09 20:40:06 | sub10 | avira | TR/Kazy.54682.2 | 12/39 (30.8%) | AS16276 | 46.105.232.103 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 8395d999be80ca2d1809339b6a12f658 | http://getflashplayer.info/skhost.exe |
| 2012-02-09 20:40:06 | sub10 | AntiVir | PCK/Enigma | 11/38 (28.9%) | AS13301 | 213.202.225.57 | abuse@funpic.de | DE | RIPE | UNITEDCOLO-BERGLER-LIEMEN-NET | 1eb88bae879c5e2ef701615945637aea | http://hbzkssal.hb.funpic.de/asd/Update/Dr.Bob_v6.3.1.dll |
| 2012-02-09 20:40:06 | sub10 | AntiVir | JOKE/Delf.AG | 26/38 (68.4%) | AS16276 | 178.33.114.70 | abuse@ovh.net | FR | RIPE | FR-OVH-20100119 | f17f8ddfdfe7c5b3e307616931ad8778 | http://hormiga.org/ficheros/saltos.zip |
| 2012-02-09 20:40:06 | sub10 | avira | ADWARE/BonusCash.B | 31/38 (81.6%) | AS9318 | 114.203.84.233 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 0beefe4854aa29e19be797654b797311 | http://infotab.co.kr/update/IF50/IFU1013.exe |
| 2012-02-09 20:40:06 | sub10 | avira | TR/Dropper.Gen | 24/38 (63.2%) | AS4134 | 121.12.172.169 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 1a5f3cd6eca692d7be07dfd2ffe14130 | http://j0.hujj120000.info:888/gengxin/31.exe |
| 2012-02-09 20:40:06 | sub10 | avira | TR/PSW.OnlineGames.ZFP.3 | 33/42 (78.6%) | AS4134 | 121.12.122.175 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 46410d2ce7537ad7ff362607ee94e9b7 | http://j0.nnjj12000.info:888/gengxin/33.exe |
| 2012-02-09 20:40:06 | sub10 | avira | SPR/Tool.Mailpassview.187 | 23/37 (62.2%) | AS16245 | 193.202.110.18 | abuse@one.com | DK | RIPE | B-ONE-NET | e4e05d3819547b2a0c0cb073067f151a | http://kanoholdet.dk/Safe-tech/mailpv.exe |
| 2012-02-09 20:40:06 | sub10 | Comodo | UnclassifiedMalware | 9/38 (23.7%) | AS16245 | 193.202.110.18 | abuse@one.com | DK | RIPE | B-ONE-NET | 355c07c2eb69288edcb304bd4dfd5ebb | http://kanoholdet.dk/Safe-tech/Utilities/vnc-4_1-x86_win32.exe |
| 2012-02-09 20:40:07 | sub16 | clamav | PUA.Game.Casino-2 | 16/41 (39%) | AS17036, AS22653 | 69.61.74.188 | abuse@cyberwurx.com | US | ARIN | NET-GLOBAL-COMPASS | c7b2d3eaa46e275b17197dc7f230fb2f | http://www.casinoschule.com/downloads/32redcasino.exe |
| 2012-02-09 20:50:06 | sub10 | avira | ADSPY/SaveNo.AR.1.A | 22/37 (59.5%) | AS1659 | 140.126.3.110 | abuse@hcrc.edu.tw | TW | APNIC | T-HCRC.EDU.TW-NET | d109895d314619545815682d8e3a155a | http://people.chu.edu.tw/~m9002006/Softwares/rl3r5.exe |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Gendal.1376863 | 15/40 (37.5%) | AS24940 | 78.46.62.14 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | b4a6702c3c58c9f04c8ec70ab69b33f7 | http://pietrozola.altervista.org/bit_che_1_0_60.exe |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Agent.gywl | 25/41 (61%) | AS24940 | 176.9.53.106 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | 0f29c3ced8dc16d5615a566c7da5bdca | http://reconstructer.org/code/Superkill-V1.0.zip |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Spy.Gen | 24/40 (60%) | AS13237 | 83.125.22.186 | abuse@attractsoft.com | DE | RIPE | LNC-ATTRACTSOFT-GMBH | f090520fa71c536c133759a4db0eef4b | http://rsbotting.eu.pn/Rs_Account_Hacker.EXE |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Offend.KD.444675 | 11/39 (28.2%) | AS21788 | 184.82.49.44 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | 3fa956175d2ce4367cb950501b54b724 | http://sdb.dlcloud.info/svc/comms.dll |
| 2012-02-09 20:50:06 | sub10 | BitDefender | Gen:Variant.Kazy.48999 | 7/39 (17.9%) | AS21788 | 184.82.49.44 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | dc4aca8158b0c047e5e335bb91b0897b | http://sdb.dlcloud.info/svc/monitor.exe |
| 2012-02-09 20:50:06 | sub10 | avira | ADSPY/Craagle.18 | 27/39 (69.2%) | AS24940 | 78.46.37.186 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 767d54f875bc1a99feeff520878d75d5 | http://seriko.pl/pobierz/craagle18.rar |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Hijacker.Gen | 26/38 (68.4%) | AS23650 | 61.147.99.80 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | 2173a555b028af62dde545ecf602d765 | http://sogouhh.2288.org:568/imger/xe.exe |
| 2012-02-09 20:50:06 | sub10 | avira | TR/Hijacker.Gen | 28/39 (71.8%) | AS23650 | 61.147.99.80 | abuse@jsinfo.net | CN | APNIC | CHINANET-JS | 038b35f52afedfb80d493b2786f8a34d | http://sogouhh.2288.org:568/imger/xt.exe |
| 2012-02-09 20:50:06 | sub10 | avira | ADWARE/OpenShop.ajy | 7/40 (17.5%) | AS4766 | 221.161.196.98 | abuse@kornet.net | KR | APNIC | KORNET-KR | 9e31031a6e3eacb52df436ea8a22b2df | http://sub.smarttip.co.kr/opapp/tomfile/STSetup.exe |
| 2012-02-09 20:50:06 | sub10 | clamav | Adware.Openshopper-3 | 6/40 (15%) | AS4766 | 221.161.196.98 | abuse@kornet.net | KR | APNIC | KORNET-KR | f7d1aca068cc2f727a151026d8c17593 | http://sub.smarttip.co.kr/opapp/tomfile/STUpdate.exe |
| 2012-02-09 20:50:06 | sub10 | Avast | NSIS:Relevant-D [PUP] | 5/43 (11.6%) | AS36024 | 65.99.250.115 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | 64c04ad7422c9231bb580bf3450fe01b | http://themexp.org/dlfile.php?themexp.org+themexp+184615.zip |
| 2012-02-09 20:50:06 | sub10 | avira | RKIT/Ressdt.PJ | 35/39 (89.7%) | AS4134 | 118.122.188.103 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-SC | 06c6660d4fd004b01023b32364c1082c | http://118.122.188.103/server.exe |
| 2012-02-09 20:50:09 | sub10 | avira | ADWARE/BHO.WUH | 20/40 (50%) | AS38676 | 111.67.216.41 | post@clunet.co.kr | KR | APNIC | WIZCDN | b70fffbb490d9a94d14dc0f520347342 | http://u1.websuprt.co.kr/NewSidebar/Choco/ChocoSupporter.exe |
| 2012-02-09 20:50:09 | sub10 | avira | ADWARE/BHO.WUG | 16/40 (40%) | AS38676 | 111.67.216.41 | post@clunet.co.kr | KR | APNIC | WIZCDN | ac12c1658741ca9890d95e9762df751a | http://u1.websuprt.co.kr/NewSidebar/Choco/ChocoSupporterh.dll |
| 2012-02-09 20:50:09 | sub10 | avira | TR/BHO.FB | 28/37 (75.7%) | AS38676 | 111.67.216.41 | post@clunet.co.kr | KR | APNIC | WIZCDN | 819c7e12d238db970c6e868cb6ef8d47 | http://u1.websuprt.co.kr/NewSidebar/Choco/keywordTab.dll |
| 2012-02-09 20:50:09 | sub10 | avira | TR/Offend.KD.429152.1 | 17/38 (44.7%) | AS38676 | 111.67.216.41 | post@clunet.co.kr | KR | APNIC | WIZCDN | 688e7bac74d7a501fd791eb2d0d6a7d9 | http://u1.websuprt.co.kr/NewSidebar/Choco/KeywordTab.exe |
| 2012-02-09 20:50:09 | sub10 | clamav | PUA.Packed.PECompact-1 | 17/38 (44.7%) | AS38676 | 111.67.216.42 | post@clunet.co.kr | KR | APNIC | WIZCDN | 5b1c5f2547628a212d403abd3f62cc9b | http://u2.websuprt.co.kr/NewSidebar/webSupporter/webSurt.exe |
| 2012-02-09 20:50:09 | sub10 | AVG | Skodna.Generic_r.A | 6/39 (15.4%) | AS16276 | 188.165.134.109 | abuse@ovh.net | ES | RIPE | ES-OVH | 68797e554036ad5618886701a7f48aab | http://utorrent.es/installer_utorrent.exe |
| 2012-02-09 20:50:09 | sub10 | avira | SPR/Tool.BitCoinMiner.a.6 | 26/39 (66.7%) | AS197145 | 91.229.248.48 | abuse@epiohost.net | UA | RIPE | EPIOHOST-NET | 404fba79dc22aef44914498bfe3ba04f | http://video2k.uk.to/bitcoin/bitcoin-miner.exe |
| 2012-02-09 20:50:09 | sub10 | avira | TR/Agent.cada.1464 | 19/40 (47.5%) | AS32475 | 184.154.165.130 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 45d25631f85ee612f0eae7f38c615582 | http://web.base10.org/files/Civ3Complete%20Steam%20+8.v4.exe |
| 2012-02-09 20:50:09 | sub10 | Avast | Win32:Trojan-gen | 15/39 (38.5%) | AS1267 | 151.9.135.4 | backboneinternet@mail.wind.it | IT | RIPE | IUNET-BNET9 | 6d5ecb7036ba00714b557e7ecb870e8a | http://xin.it//aspnet_client/system_web/4_0_30319/zuu.exe |
| 2012-02-09 20:50:09 | sub10 | avira | TR/Spy.Gen2 | 36/40 (90%) | AS29131 | 78.129.205.2 | abuse_rs@altervista.it | IT | RIPE | AlterVista_1 | 7197473c179f3c6ad3b159889e8982e2 | http://youstoremedia.altervista.org/0/testtttttt.exe |
| 2012-02-09 20:50:10 | sub16 | Symantec | WS.Reputation.1 | 0/39 (0.0%) | AS26347 | 69.163.162.87 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK9 | e5e0ddc438a01fceb667189fc7a7cbee | http://www.the-best-soft.com/softwares/getmyfilesback/GetMyFilesBackSetup.zip |
| 2012-02-09 21:00:13 | sub10 | avira | JS/Infected.B | 26/39 (66.7%) | AS24940 | 188.40.129.211 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ10 | 979a0e65ce637e8bc992fd8d70e13bc9 | http://bko-kreyer.de/wp-includes/js/jquery/jquery.js?ver=1.6.1 |
| 2012-02-09 21:00:13 | sub10 | avira | JS/Infected.B | 23/39 (59%) | AS24940 | 188.40.129.211 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ10 | 211a91c12d0b8d4a1b05309e1e716038 | http://bko-kreyer.de/wp-includes/js/scriptaculous/effects.js |
| 2012-02-09 21:00:15 | sub14 | undef | unknown_exe | 0/39 (0.0%) | AS14135 | 168.75.225.44 | abuse@navisite.com | US | ARIN | NAVI-A84B0000-16-0 | 6ace502556f89723858e32f492b67ca7 | http://na.ntrsupport.com/inquiero/mod/mod.asp?m=ntrsm&v=&h=1&f=0&60796 |
| 2012-02-09 21:07:51 | sub1 | Ikarus | Trojan.Crypt.Ransom | 2/43 (4.7%) | AS41947 | 193.107.16.213 | abuse@ideal-solution.org | SC | RIPE | IDEALSOLUTION | f7120522b79cb07337744990afbf14d5 | http://193.107.16.213/images.rar |
| 2012-02-09 21:07:51 | sub1 | Ikarus | Trojan.Crypt.Ransom | 2/40 (5%) | AS47434 | 194.28.132.131 | support@vds64.com | UA | RIPE | FORTUNE-UA-NET2 | f7120522b79cb07337744990afbf14d5 | http://194.28.132.131/images.rar |
| 2012-02-09 21:07:52 | sub1 | undef | unknown_exe | 0/39 (0.0%) | AS43006 | 77.91.204.48 | abuse@cgest.com | PT | RIPE | PT-CGEST-20070523 | f3d7638e4b2578f538c07e694fd67ee8 | http://images.comunidades.net/jiu/jiukay06fev/supor.jpg |
| 2012-02-09 21:20:04 | sub10 | avira | JS/iFrame.HI | 22/43 (51.2%) | AS27823 | 200.58.112.5 | ipmaster@hostmar.com | AR | LACNIC | AR-DATT-LACNIC | c6d5ecd0c1cb86dd56356f96cf259d39 | http://caminosantiagoencadiz.org/ |
| 2012-02-09 21:20:10 | sub10 | avira | JS/Infected.C | 22/42 (52.4%) | AS8560 | 82.165.50.138 | abuse@1and1.com | DE | RIPE | SCHLUND-SHARED | 28f96d137bb87404c9ab57bbce14cde9 | http://academy-of-leadership.de/scripts/carousel.js |
| 2012-02-09 21:20:10 | sub10 | avira | EXP/JS.Blacole.AB | 22/42 (52.4%) | AS16637 | 196.7.147.29 | abuse@mtnbusiness.co.za | ZA | AFRINIC | MTNBUSINESS-196-7-147-0-24 | ba2def3aa548879afbb3f1cc5a7972f8 | http://cyberco.co.za/ |
| 2012-02-09 21:20:10 | sub10 | avira | JS/Agent.ffl | 25/42 (59.5%) | AS53628 | 173.0.133.225 | abuse@jdnextgen.com | US | ARIN | APYLI-AS | 8c562659e5520a6e1b94b320779809e4 | http://desertmoontours.co.za/blog/buzuluk-seks-znakomstva.html |
| 2012-02-09 21:30:12 | sub10 | avira | HTML/Rce.Gen | 12/42 (28.6%) | AS13124 | 143.53.238.2 | bitbucket@ripe.net | EU | AFRINIC | IANA-BLK | f7d9cd737d3a0c266bd0edd9339af77f | http://brad.ac.uk/acad/biomed/homepage.html |
| 2012-02-09 21:30:13 | sub10 | avira | JS/Obfuscated.ZX | 21/42 (50%) | AS3320 | 80.150.6.143 | abuse@t-online.de | DE | RIPE | TOIAG-ULM-001 | 1e948fc271430f3433da086d757b117f | http://hotel-schleicher-kuckuck.de/ |
| 2012-02-09 21:30:13 | sub10 | avira | WORM/Rbot.Gen | 36/42 (85.7%) | AS4134 | 121.12.122.177 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 7b33fc1ad1aee66179ea3755e303c224 | http://j0.dxjj120000.info:888/auauau/37.ico |
| 2012-02-09 21:30:13 | sub10 | avira | JS/Infected.C | 23/43 (53.5%) | AS15467 | 77.111.66.2 | registry@enternet.hu | HU | RIPE | HU-ENTERNET-20070207 | d7326d88ce4e379eaad055e81cdbb178 | http://kalorcenter.hu/media/system/js/mootools.js |
| 2012-02-09 21:30:13 | sub10 | avira | JS/Infected.C | 21/38 (55.3%) | AS15467 | 77.111.66.2 | registry@enternet.hu | HU | RIPE | HU-ENTERNET-20070207 | 4be117757845bb6d7002ab784778c8dc | http://kalorcenter.hu/modules/mod_flipphoto_pro/swfobject.js |
| 2012-02-09 21:30:20 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 14/40 (35%) | AS26105 | 200.46.204.8 | ipadmin@NET2NET.COM.PA | PA | LACNIC | PA-SINF-LACNIC | 9b56cbf9eb2f2413f1692baae6192b83 | http://as.handbless.com/content/adp1.php?f=16 |
| 2012-02-09 21:30:22 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 16/40 (40%) | AS9143 | 83.81.165.237 | abuse@as9143.net | NL | RIPE | NL-CASEMA-20031128 | a47548283509e3c72d51365dc1c8a462 | http://oriecsokbop.com/content/adp1.php?f=26 |
| 2012-02-09 21:30:22 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 16/39 (41%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | accb1b88bcfb12e2f1f78cd2820f1967 | http://www.arcot.biz/content/adp1.php?f=221 |
| 2012-02-09 21:30:22 | sub9 | avira | JS/Agent.cja.3 | 23/39 (59%) | AS28753 | 178.162.184.176 | abuse@leaseweb.de | DE | RIPE | DE-NETDIRECT-20100205 | 6d0bc521f337cb2c447c6c80ebe9e7cf | http://www.astalavista.im/bognxvawdteqfsx.pdf |
| 2012-02-09 21:30:22 | sub9 | avira | EXP/Pidief.aik.1 | 27/42 (64.3%) | AS28753 | 178.162.184.176 | abuse@leaseweb.de | DE | RIPE | DE-NETDIRECT-20100205 | 3750bf96cd8d796205b85a073879a609 | http://www.astalavista.im/etcwcujocsjla.pdf |
| 2012-02-09 21:30:28 | sub16 | avira | TR/Spy.Gen | 1/39 (2.6%) | AS26347 | 173.236.163.61 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK10 | d9c70253ba4f76c3df3c75ad575e9405 | http://www.feeplay.com/download/make-money-easy.exe |
| 2012-02-09 21:30:03 | sub17 | avira | TR/Graftor.2531.4 | 11/40 (27.5%) | AS15201 | 200.98.131.46 | l-registrobr-uol@corp.uol.com.br | BR | LACNIC | 001.109.184/0001-95 | 0e5d7d857c8e33e976b114e079f80f82 | http://migre.me/7QDdM?/marconacessoria.com.br/boleto.php?Boleto_Impres.PDFsala_14 |
| 2012-02-09 21:40:04 | sub24 | clamav | Exploit.PDF-28745 | 12/38 (31.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | d7594c30d3e5270b45e09f58e496039f | http://79.137.237.66/content/adfp2.php?f=165 |
| 2012-02-09 21:40:04 | sub24 | clamav | Exploit.PDF-28745 | 12/38 (31.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | df597a837c8f61a7e8f27d312c9b55e7 | http://79.137.237.66/content/adfp2.php?f=269 |
| 2012-02-09 21:40:09 | sub10 | avira | TR/Gendal.kdv.373552.1 | 12/39 (30.8%) | AS6849 | 91.219.29.15 | hostmaster@uadomen.com | UA | RIPE | UKRSERVERS-NET | f66277a234055d3b1dd391b70a30bfaa | http://mega-shara.com.ua/uploads/files/TNODUP1.4.1b4.rar |
| 2012-02-09 21:40:09 | sub10 | avira | JS/Obfuscated.ZX | 24/40 (60%) | AS12306 | 213.83.63.51 | abuse@1blu.de | DE | RIPE | IXEUROPE-NETWORK | 741a43c272fcbab7297e53f314b4c93f | http://rn-ts.de/ |
| 2012-02-09 21:50:22 | sub10 | avira | EXP/Pidief.atm | 21/42 (50%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 4c5917443ec0f01fb3ffb42e03d1c650 | http://flyingsohigh.com.tw/content/fdp2.php?f=45::44 |
| 2012-02-09 21:50:23 | sub10 | Avast | HTML:Iframe-inf | 15/42 (35.7%) | AS33070, AS19994, AS10532, AS27357 | 72.3.247.225 | abuse@rackspace.com | US | ARIN | RSCP-NET-4 | dbe2ff119e06b65b91930360f4b40cf4 | http://hiray.org.in/AdmissionProcessDED.htm |
| 2012-02-09 21:50:23 | sub10 | Avast | SWF:Downloader-AK Expl | 12/40 (30%) | AS29182 | 78.24.223.35 | abuse@ispsystem.net | RU | RIPE | ISPSYSTEM | eea4d90dd3c2305248031c1de6294a53 | http://htccorporation.info/job/hryvhrkmbwjsko.swf |
| 2012-02-09 21:50:23 | sub10 | clamav | XF.Sic.E | 27/43 (62.8%) | AS4837 | 221.10.252.39 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-SC | 19f8eb2607c8d8f889745e45e98089b6 | http://scgh.org/admin/upload/20120201170454661.xls |
| 2012-02-09 21:50:23 | sub10 | avira | HTML/IFrame.AP | 28/39 (71.8%) | AS9803 | 211.100.61.87 | zhengym@bjtelecom.net | CN | APNIC | BJTEL | f0a7577b4664672b62872e1838cb6f43 | http://thermoflow.com.cn/ |
| 2012-02-09 21:50:23 | sub20 | undef | unknown_exe | 0/39 (0.0%) | AS8426 | 212.188.185.238 | abuse@clara.net | GB | RIPE | CLARA-I-WAY-CUSTOMER-PARTITION | 808f76d30db69c05ef64dd05dc84f11a | http://32red.mgsmup.com/mupp/32red/32red.cab |
| 2012-02-09 22:00:31 | sub10 | avira | HTML/Crypted.Gen | 25/42 (59.5%) | AS12716 | 213.226.29.202 | abuse@mtel.net | BG | RIPE | MTELNET | 6f74f9b430a85419056034b9d5ea5f0f | http://libragroup.org/gb/templates/image/news1874.html |
| 2012-02-09 22:00:31 | sub10 | avira | JS/Decdec.psc | 26/42 (61.9%) | AS16265 | 193.239.4.136 | abuse@kolido.de | EU | RIPE | VCN-PI-1 | d609c28f17160bc7b93034cb4b5146f3 | http://troedel-stube.info/ |
| 2012-02-09 22:00:31 | sub10 | avira | JS/Infected.C | 23/39 (59%) | AS32475 | 69.175.71.50 | netops@singlehop.com | US | ARIN | SINGLEHOP | e990ca163d15aab20aa518d2121acdba | http://trustats.org/wp-includes/js/l10n.js?ver=20101110 |
| 2012-02-09 22:00:31 | sub10 | avira | W97M/Marker.BR | 38/42 (90.5%) | AS8643 | 195.134.100.68 | abuse@uoa.gr | GR | RIPE | ATHENA-NET | 17b48c91af3f201d3b6d392e736caba5 | http://users.uoa.gr/~pjioannou/exam.feb.01.doc |
| 2012-02-09 22:00:31 | sub10 | avira | HTML/Infected.WebPage.Gen | 28/39 (71.8%) | AS8517 | 193.140.142.6 | csirt@ulakbim.gov.tr | TR | RIPE | INONU-NET | 850a634f71b8ac5216a48f2e0826d3fa | http://web.inonu.edu.tr/~tgozukara/ |
| 2012-02-09 22:00:31 | sub14 | F_Prot | File is damaged | 2/40 (5%) | AS30099 | 64.34.179.136 | abuse@serverbeach.com | US | ARIN | PEER1-SERVERBEACH-02A | 6fe59d33704ca0a3f7a6794c722b2106 | http://audiobloc.com/apps/PEI/Charlottetown-PEI.exe |
| 2012-02-09 22:00:31 | sub14 | avira | ADSPY/KuaisoToolb.3 | 25/39 (64.1%) | AS33182 | 72.29.80.241 | abuse@dimenoc.com | US | ARIN | HOSTDIME-PI-1 | 56dee57c4a6eab5341179eff0a43d96f | http://canadiandreamjob.com/toolbar/toolbar.exe |
| 2012-02-09 22:00:31 | sub14 | Avast | Win32:MediaGet-B [PUP] | 8/43 (18.6%) | AS41947 | 92.241.182.191 | abuse@wahome.ru | RU | RIPE | WAHOME-COLO | ed408a827bf1ea03f5978e235160bfbf | http://mediaget.com/torrent.php?r=h33t&&u=http:%2F%2Fh33t.com%2Fdetails.php?id=bb8b33389cdff962326b1ad0452f43f91627d348&&f=cFosSpeed+6.61+beta+x32x64+ASRock_mod-madeinheaven |
| 2012-02-09 22:00:31 | sub14 | avira | TR/Spy.Bancos.afw.2 | 32/40 (80%) | AS16660 | 208.71.211.171 | arin@febox.com | US | ARIN | FEBOX-1 | f5ba2283ebda95630635687aefd9dfdd | http://www.dialtotalk.com/home/plugins/system/AtualizacaoSantanderJuridica/Empresarial2.01.php |
| 2012-02-09 22:00:31 | sub20 | undef | unknown_html_RFI_php | 0/42 (0.0%) | AS30170, AS11739 | 208.85.148.122 | hostmaster@bluebox.net | US | ARIN | BLUE-BOX-GRP | 30ca67319f932dde9a75cf8faf114356 | http://cotssl.crossrider.com/plugin/apps/manifest/2258.xml |
| 2012-02-09 21:02:06 | sub8 | undef | Adware.SaveNow.FN | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 174.120.240.73 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-16 | ca593899911dfe8cf49f291379c2f8b9 | http://100thingstodobeforeyoudie.org/twindvd/ |
| 2012-02-09 21:02:09 | sub8 | undef | SoftwareBundler:Win32/ThemeXP | 0/42 (0.0%) | AS10297 | 209.190.61.44 | abuse@ee.net | US | ARIN | ENET-XLHOST | 3a7df3a6b242ee9db6becaa507906065 | http://ismeretterjesztes.info/1/ |
| 2012-02-09 21:30:14 | sub5 | undef | unknown_html_RFI_php | 0/42 (0.0%) | AS19318 | 66.45.238.251 | network@interserver.net | US | ARIN | INTERSERVER | b97bc28bcddee819b48bb7e605b70bd6 | http://ganhardinheironainternet.my3gb.com/c100? |
| 2012-02-09 22:20:03 | sub10 | avira | HTML/Rce.Gen | 29/43 (67.4%) | AS9931 | 122.155.18.54 | abuse@idc.cattelecom.com | TH | APNIC | CAT-IDC-Service | a7cc753c5ef7330a057a74bcbf289383 | http://pho.ac.th/ |
| 2012-02-09 22:20:03 | sub10 | avira | JS/iFrame.CN | 28/40 (70%) | AS18866 | 69.50.220.205 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 546725a251f4604d9a4f62197ff26481 | http://pmrtechnologies.in/itdevelopment.html |
| 2012-02-09 22:20:03 | sub16 | avira | ADWARE/Relevant.AY.14 | | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 151af6be295ff80b4bc163f1894d22ff | http://softwaredepo.com/download/sdve.exe |
| 2012-02-09 22:20:09 | sub10 | Avast | JS:Redirector-NH [Trj] | 15/40 (37.5%) | AS18779 | 64.92.125.28 | admin@name-serve.net | US | ARIN | NETFRONTS-BLK-1 | e066324d023dbe752915770b0842b0c9 | http://sathvic.in |
| 2012-02-09 22:20:09 | sub10 | avira | JS/Decdec.psc | 24/39 (61.5%) | AS1659 | 140.128.59.4 | abuse@tcrc.edu.tw | TW | APNIC | T-TCRC.EDU.TW-NET | baf1ee86f7afd096c4fb057754d8e89a | http://society.cmsh.tc.edu.tw/senior/ |
| 2012-02-09 22:20:09 | sub10 | avira | TR/FakeAV.CFI | 27/39 (69.2%) | AS9318 | 115.68.13.118 | network@smileserv.com | KR | APNIC | SMILESERV-KR | dc8524cd56559260bb0039755095fc50 | http://update.infoguard.kr/infoguard.zip |
| 2012-02-09 22:30:04 | sub16 | avira | TR/Agent.gtw.16 | 16/42 (38.1%) | AS24940 | 213.133.104.82 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 2b06f5b544267637dd4d93f1e5d8d08d | http://sl5.de/short-link-5_32bit.exe |
| 2012-02-09 22:30:05 | sub16 | avira | JS/Infected.C | 22/40 (55%) | AS32475 | 184.154.146.162 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 347f762e6be0282fc60b8bebd58d577d | http://www.thearticlespoint.com/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.05 |
| 2012-02-09 22:30:18 | sub10 | avira | PHP/PBot.A | 31/40 (77.5%) | AS10318 | 201.235.255.37 | noc@fibertel.com.ar | AR | LACNIC | AR-CASA10-LACNIC | 74cff2d376097b4172be5ea67d1666e1 | http://kravmagamendoza.com.ar/cmd2.txt |
| 2012-02-09 22:30:27 | sub16 | undef | unknown_html_RFI_eval | 0/38 (0.0%) | AS4765 | 203.121.165.16 | hoou@pacific.net.sg | TH | APNIC | PI-TH | e85c46e00dc08b6069424e13c9674412 | http://tuk-tuk.com/ |
| 2012-02-09 22:30:27 | sub16 | avira | SPR/Tool.WPAkill.B.10 | 20/38 (52.6%) | AS36351 | 50.22.131.196 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-9 | 54559f86fb740f558d36b16e811057f3 | http://zone-sharing.info/download/RemoveWAT-2.2.6_ZONE-SHARING.INFO.rar |
| 2012-02-09 22:40:05 | sub24 | clamav | Exploit.PDF-28745 | 14/43 (32.6%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 2595868d2acf603f754c68f1333b4884 | http://79.137.237.66/content/adfp2.php?f=257 |
| 2012-02-09 22:40:05 | sub24 | clamav | Exploit.PDF-28745 | 13/40 (32.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 77b957be5f536ec17ab15e93da242f00 | http://79.137.237.66/content/adfp2.php?f=327 |
| 2012-02-09 22:40:05 | sub24 | clamav | Exploit.PDF-28745 | 13/41 (31.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | f53dac562650e14b650af5a69390716f | http://79.137.237.66/content/adfp2.php?f=355 |
| 2012-02-09 22:40:05 | sub24 | clamav | Exploit.PDF-28745 | 13/41 (31.7%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 6d01dabdd21ade1cfce00a3cff7cad6c | http://79.137.237.66/content/adfp2.php?f=379 |
| 2012-02-09 22:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/41 (78%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=0 |
| 2012-02-09 22:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/41 (78%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=38 |
| 2012-02-09 22:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/41 (78%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=56 |
| 2012-02-09 22:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/41 (78%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=63 |
| 2012-02-09 22:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 29/37 (78.4%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=98 |
| 2012-02-09 21:02:24 | sub8 | undef | HEUR:Trojan.Win32.Generic | 0/37 (0.0%) | AS11798 | 67.20.91.205 | support@bluehost.com | US | ARIN | BLUEHOST-NETWORK-6 | 9f3a328480a90dc1e1ed3f756e13fd6a | http://livingreed.com/ccs2278/ |
| 2012-02-09 21:02:25 | sub8 | undef | HEUR:Trojan.Win32.Generic | 0/37 (0.0%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 62e8b7e20717dfedada6d67ec94102b0 | http://cabledr.cjhellovision.com/cabletb/634/update/ |
| 2012-02-09 21:02:26 | sub8 | undef | Trojan.Generic.KD.501118 | 0/37 (0.0%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | c1106a5b1575dc1a3df79d327321e0b0 | http://cineplanet.info/css/ |
| 2012-02-09 21:02:29 | sub8 | undef | WebToolbar.Win32.RK.cr | 0/40 (0.0%) | AS4134 | 113.105.170.24 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 0f05504685bb36b934ba4cad93990454 | http://113.105.170.24/ |
| 2012-02-09 21:02:30 | sub8 | undef | HEUR:Trojan.Win32.Generic | 0/40 (0.0%) | AS31034 | 62.149.140.124 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 1c7b413c3fa39d0fed40556d2658ac73 | http://www.lacortigianadelre.it/cache/mod_login/ |
| 2012-02-09 21:02:32 | sub8 | undef | Backdoor.Win32.Finlosky.b | 0/40 (0.0%) | AS51975 | 46.151.211.5 | k@nn.com.sa | SA | RIPE | NASHIR-NET | 560769c527665db0201957eee79b2222 | http://mozon.org/ |
| 2012-02-09 22:50:03 | sub16 | Avast | Win32:Malware-gen | 2/43 (4.7%) | AS12851 | 91.203.213.147 | contact@alvotech.de | NL | RIPE | DE-ALVOTECH-PI03 | 16b74a677dc096da1dd9d547493b3879 | http://www.mircturk.gen.tr/zurna.exe |
| 2012-02-09 23:00:10 | sub16 | Avast | Win32:Malware-gen | 2/39 (5.1%) | AS12851 | 91.203.213.147 | contact@alvotech.de | NL | RIPE | DE-ALVOTECH-PI03 | 16b74a677dc096da1dd9d547493b3879 | http://www.mircturk.gen.tr/kardelen.exe |
| 2012-02-09 23:00:10 | sub16 | Kaspersky | not-a-virus:Client-IRC.Win32.mIRC.62 | 1/40 (2.5%) | AS12851 | 91.203.213.147 | contact@alvotech.de | NL | RIPE | DE-ALVOTECH-PI03 | de88b0f7f8062b59c25fa9ef63b9fa2d | http://www.mircturk.gen.tr/oyun.exe |
| 2012-02-09 23:00:35 | sub16 | BitDefender | Script.SWF.Cxx | 4/43 (9.3%) | AS40595 | 64.247.177.81 | hostmaster@ediasoft.net | US | ARIN | DIASOFT-NET | 454076d0fe792883b3b1546b068bc7fa | http://64.247.177.81/Home/content/field.swf |
| 2012-02-09 23:10:11 | sub10 | DrWeb | Trojan.VbCrypt.66 | 7/41 (17.1%) | AS46433 | 216.14.124.128 | hostmaster@eboundhost.com | US | ARIN | EBOUNDHOST | 24e3da41454dcbe517037d306c644245 | http://emprender.edu.co/media/system/js/war.exe |
| 2012-02-09 22:32:31 | sub17 | trendmicro | Mal_Hifrm | 6/42 (14.3%) | AS40034 | 208.91.198.47 | abuse@confluence-networks.com | VG | ARIN | CONFLUENCE-NETWORK-INC | d2b44cf3e4f163c5777eaf78a654ff6b | http://shishou.net |
| 2012-02-09 22:32:31 | sub17 | trendmicro | Mal_Hifrm | 6/42 (14.3%) | AS40034 | 208.91.198.47 | abuse@confluence-networks.com | VG | ARIN | CONFLUENCE-NETWORK-INC | d2b44cf3e4f163c5777eaf78a654ff6b | http://sgmaternity.com |
| 2012-02-09 23:20:05 | sub16 | Antiy_AVL | AdWare/Win32.Rabio.gen | 2/37 (5.4%) | AS10316 | 68.168.100.46 | abuse@codero.com | US | ARIN | CODERO2010A | 2a6d96d0c136f30bff720d5e61dc10f2 | http://www.filesrecovery.org/downloads/PocketPCForensicDemo.exe |
| 2012-02-09 22:32:27 | sub17 | trendmicro | Mal_Hifrm | 6/39 (15.4%) | AS40034 | 208.91.198.47 | abuse@confluence-networks.com | VG | ARIN | CONFLUENCE-NETWORK-INC | d2b44cf3e4f163c5777eaf78a654ff6b | http://mudbuilder.com |
| 2012-02-09 23:30:06 | sub16 | Kaspersky | not-a-virus:Client-IRC.Win32.mIRC.62 | 1/39 (2.6%) | AS12851 | 91.203.213.147 | contact@alvotech.de | NL | RIPE | DE-ALVOTECH-PI03 | de88b0f7f8062b59c25fa9ef63b9fa2d | http://www.mircturk.gen.tr/canisi.exe |
| 2012-02-09 23:30:07 | sub16 | Avast | Win32:Malware-gen | 2/39 (5.1%) | AS12851 | 91.203.213.147 | contact@alvotech.de | NL | RIPE | DE-ALVOTECH-PI03 | 16b74a677dc096da1dd9d547493b3879 | http://www.mircturk.gen.tr/mokoko.exe |
| 2012-02-09 22:11:03 | sub8 | undef | PWS:Win32/Zbot.gen!AF | 0/43 (0.0%) | AS27823 | 200.58.119.60 | ipmaster@hostmar.com | AR | LACNIC | AR-DATT-LACNIC | 852781056de5cf349047f8f52166c137 | http://alfanetsalta.com.ar/ |
| 2012-02-09 22:11:04 | sub8 | undef | PWS:Win32/Zbot.gen!AF | 0/40 (0.0%) | AS14670 | 66.187.96.218 | hostmaster@solarvps.com | US | ARIN | SOLAR-VPS | 3c70f79d7659b9dded93a0b86f80d04a | http://spirit-adv.com/ |
| 2012-02-10 00:00:07 | sub16 | clamav | Trojan.Dropper-19718 | 21/40 (52.5%) | AS19318 | 66.45.241.242 | network@interserver.net | US | ARIN | INTERSERVER | b0a05db8d1d231ec5148a00d7ba395c9 | http://f.anyhub.net/4Vad |
| 2012-02-10 00:00:34 | sub16 | avira | HTML/Script.Inf.4069 | 8/39 (20.5%) | AS2914 | 207.57.109.119 | abuse@ntt.net | US | ARIN | NTTA-207-56 | 3bad273d4958ee77d40f800e45ac199f | http://daveshumakplumbing.com.au/ |
| 2012-02-10 00:20:06 | sub1 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS41691 | 193.37.145.27 | serveur@lws.fr | FR | RIPE | LWS-NET | f72c420d2fe81056fd084204247ce115 | http://conseils-forme.com/lynched.html |
| 2012-02-10 00:20:58 | sub10 | avira | TR/Drop.Injector.cpvi | 19/40 (47.5%) | AS38661 | 114.141.14.19 | luvyong@hclc.co.kr | KR | APNIC | HCLC-KR | f1985d1913d99cabaa6988fc44f96362 | http://aceinfosys.co.kr//bbs/data/update/35upjmrlzz.exe |
| 2012-02-09 23:09:03 | sub8 | undef | Client-IRC.Win32.mIRC.62 | 0/40 (0.0%) | AS46433 | 216.14.124.128 | hostmaster@eboundhost.com | US | ARIN | EBOUNDHOST | 1c7b413c3fa39d0fed40556d2658ac73 | http://emprender.edu.co/media/system/js/ |
| 2012-02-10 00:50:05 | sub16 | avira | TR/Bumat.A.6159 | 28/43 (65.1%) | AS26496 | 72.167.232.33 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | aaed2e9468fa4a4c3bc524eb936ba100 | http://www.aboutpanicattacks.net/agoraphobiapanicattacks.exe |
| 2012-02-10 01:00:05 | sub1 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS38661 | 124.217.216.42 | noc@hclc.co.kr | KR | APNIC | HCLC-KR | 450ce145bd11af4b744fa55e8af0eacd | http://eudriving.mireene.com/iiinamen.php?bjkain=4 |
| 2012-02-10 01:00:10 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS16531 | 200.52.138.231 | network@inext.net.mx | MX | LACNIC | MX-PINS-LACNIC | 450ce145bd11af4b744fa55e8af0eacd | http://urei.edu.mx/easywork.php?daFriendID=57b5 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 310f1cb4b9a9dea6f158477d88a52e23 | http://79.137.237.66/content/adfp2.php?f=122 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 47b579848a92a9894aedf42694bd7097 | http://79.137.237.66/content/adfp2.php?f=150 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 4f0bdf1e8c534cb7f393f9c91cd2aa61 | http://79.137.237.66/content/adfp2.php?f=236 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | f257700cecbec55012d29c1fb70d1db0 | http://79.137.237.66/content/adfp2.php?f=365 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | d40cae93e62f075a7311b30e843776d0 | http://79.137.237.66/content/adfp2.php?f=389 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 1ad8f292dcb337fe6be550c3375ba303 | http://79.137.237.66/content/fdp2.php?f=61 |
| 2012-02-10 01:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=29 |
| 2012-02-10 01:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=86 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/40 (47.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 0ed829012822f49eb801f3e66ef182af | http://www.arcot.biz/content/adp1.php?f=200 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/40 (47.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 190de3c5198f056e04d47816aadfd692 | http://www.arcot.biz/content/adp1.php?f=243 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/40 (47.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | df416f613a11f02a7f7899fb94a2b210 | http://www.arcot.biz/content/adp1.php?f=281 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Java.Blacole.K | 30/40 (75%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | c69fcaa876e809a61d74e6a1d7fe822d | http://www.arcot.biz/content/worms.jar |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8124cf058f75cfd0111f68bf8151b4ec | http://79.137.237.66/content/adfp2.php?f=323 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | feaa7be59250e1fc2b31578c7d704ed9 | http://79.137.237.66/content/adfp2.php?f=357 |
| 2012-02-10 01:40:05 | sub24 | clamav | Exploit.PDF-28745 | 14/33 (42.4%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | ea26c05d325b13231411eef4f9930049 | http://79.137.237.66/content/adfp2.php?f=391 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 18/40 (45%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | e7fa057edf54ce0efe5cd15b08ea26bf | http://91.189.123.122/content/fdp2.php?f=0 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | f28417761cb54e0cd6836e19fc30e7a5 | http://91.189.123.122/content/fdp2.php?f=37 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | b2a85cd0050c41e2919aaf41c7184ae9 | http://91.189.123.122/content/fdp2.php?f=45 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 4d9a3913c8a4de885fb000062c0b3b17 | http://91.189.123.122/content/fdp2.php?f=59 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 9d9b30e040eb67bd7ea21a53141dccdc | http://91.189.123.122/content/fdp2.php?f=85 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 6ebdfeb8dcc6dd2bb72f829789e6da7f | http://flyingsohigh.com.tw/content/fdp2.php?f=0 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 879316021368e2c48c62f80d3b688123 | http://flyingsohigh.com.tw/content/fdp2.php?f=36 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 4f474bf278840c8dd173fd492ca821c9 | http://flyingsohigh.com.tw/content/fdp2.php?f=45 |
+---------------------+-------------+---------------+--------------------------------------+---------------+------------------------------------------------------+-----------------+----------------------------------+---------+---------+--------------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
200 rows in set (0.02 sec)

--- End code ---

cleanmx:
upto 2012-02-10 10:10:37 CET online data http://support.clean-mx.de/clean-mx/viruses.php?sort=id%20desc&response=alive
rss-feed: http://support.clean-mx.de/clean-mx/rss?scope=viruses
twitter: http://twitter.com/CleanmxMalware

--- Code: ---+---------------------+-------------+---------------+-----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |
+---------------------+-------------+---------------+-----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | ca0efca2ed6e98af232098169d4a1b26 | http://flyingsohigh.com.tw/content/fdp2.php?f=70 |
| 2012-02-10 01:40:05 | sub24 | avira | EXP/Pidief.atm | 20/42 (47.6%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 87dff3e0c6bb453ba0a501d6131364cb | http://flyingsohigh.com.tw/content/fdp2.php?f=91 |
| 2012-02-10 01:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=23 |
| 2012-02-10 01:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=54 |
| 2012-02-10 01:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=82 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 18/40 (45%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 4b68296e3127d7510f1faeaa431c8896 | http://www.arcot.biz/content/adp1.php?f=224 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 18/40 (45%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 7a5c47ccb3cfb0ce44df4c1d346a007a | http://www.arcot.biz/content/adp1.php?f=253 |
| 2012-02-10 01:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/40 (47.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | ead38f0be7bae0da64ca934ba111a74d | http://www.arcot.biz/content/adp1.php?f=274 |
| 2012-02-10 01:45:33 | sub5 | avira | PHP/Small.C | 27/43 (62.8%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://us |
| 2012-02-10 01:02:03 | sub5 | avira | PHP/PBot.A | 27/40 (67.5%) | AS10318 | 201.235.255.37 | noc@fibertel.com.ar | AR | LACNIC | AR-CASA10-LACNIC | 09e68c159a225b01216c528916c1eb72 | http://kravmagamendoza.com.ar/vox.txt? |
| 2012-02-10 01:19:11 | sub5 | avira | PHP/Small.C | 27/43 (62.8%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 01:41:52 | sub5 | avira | PHP/Small.C | 26/40 (65%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 01:44:44 | sub5 | avira | PHP/Small.C | 26/40 (65%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 01:45:21 | sub5 | avira | PHP/Small.C | 26/40 (65%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 01:41:35 | sub5 | avira | PHP/Small.C | 27/43 (62.8%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 02:10:30 | sub10 | AhnLab_V3 | Trojan/Win32.Agent | 18/40 (45%) | AS32475 | 69.175.67.106 | netops@singlehop.com | US | ARIN | SINGLEHOP | 02ca8c9aa3bc48ef21a99a58765cfd84 | http://imovelrio.net.br/Boleto.exe |
| 2012-02-10 02:10:31 | sub16 | avira | JS/Obfuscated.CF | 25/43 (58.1%) | AS46549 | 97.79.237.133 | abuse@rr.com | US | ARIN | RCSW | bd0e3190b4fbe5c6fa6bf9c3da9457d2 | http://www.robertmillion.com/ |
| 2012-02-10 02:50:05 | sub16 | avira | ADWARE/Cicoh.A.1 | 25/40 (62.5%) | AS4788 | 58.26.185.19 | abuse@tm.net.my | MY | APNIC | TMNET-MY | 2644c0163b04672f9c4df02e440c3ea8 | http://ics.fivemillionfriends.com/Software/Lhoot01/834/LhootInstaller.exe?rnd=57791000 |
| 2012-02-10 02:51:24 | sub16 | avira | TR/Pameseg.X.150 | | AS24940 | 85.10.204.15 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | 213a374de9b669e137bd8f0e9427fefb | http://becoming.ru/biz-plan.exe |
| 2012-02-10 02:51:24 | sub16 | avira | TR/PSW.Zbot.520 | 26/40 (65%) | AS24446 | 117.58.251.7 | abuse@netregistry.com.au | AU | APNIC | NETREGISTRY | 8ee61ac475c42beef0165fca2d61194d | http://www.agradealuminium.com.au/report.pdf.exe |
| 2012-02-10 02:19:48 | sub5 | avira | PHP/PHPShell.BE | 18/40 (45%) | AS23352 | 205.234.134.154 | support@servercentral.net | US | ARIN | SCN-4 | aab1a9268b7c50e5f04d86d68618c773 | http://fradiacono.it/mambots/system/Ckrid1.txt??? |
| 2012-02-10 02:04:10 | sub5 | avira | PHP/Shellbot.7642 | 31/40 (77.5%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 22f468b2d7c7b05a60a3d4ab1db3f6d8 | http://fileden.com/files/2012/2/4/3259779//fkfkdjjfh4h4h5h5hfff.txt? |
| 2012-02-10 03:10:06 | sub10 | AhnLab_V3 | Win-Trojan/Zbot.291336 | 15/40 (37.5%) | AS27645, AS30496 | 67.222.19.136 | noc@privatesystems.net | US | ARIN | PRIVATE-1 | 53fb01c93921639271d527287bd112ec | http://67.222.19.136/jRWp2M6.exe |
| 2012-02-10 03:10:40 | sub10 | AhnLab_V3 | Win-Trojan/Zbot.291336 | 15/43 (34.9%) | AS13284 | 62.48.52.114 | abuse@playnet.it | IT | RIPE | IT-BRT-20000515 | 53fb01c93921639271d527287bd112ec | http://ftp.mobilibadano.it/kV7bb.exe |
| 2012-02-10 03:40:07 | sub16 | AntiVir | GAME/Casino.Gen | 12/39 (30.8%) | AS17036, AS22653 | 69.61.74.189 | abuse@cyberwurx.com | US | ARIN | NET-GLOBAL-COMPASS | 4bfeedc3ceada16cd2ebe8b260965596 | http://www.onlinecasinoextra.com/downloads/vipslots.exe |
| 2012-02-10 04:20:04 | sub10 | CAT_QuickHeal | (Suspicious) - DNAScan | 8/40 (20%) | AS31034 | 62.149.128.160 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 4ce6021b41a51c1758e6bf2bdced7b82 | http://lacortigianadelre.it/cache/mod_login/perup.exe |
| 2012-02-10 04:20:05 | sub16 | avira | HTML/Afreim.W | 29/40 (72.5%) | AS36420, AS30315, AS13749, AS21844, AS13884 | 75.125.146.146 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-EV1-17 | fbb35b9199e3b54cf0c24d5b3e17180f | http://gurucentre.com/ |
| 2012-02-10 04:30:04 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 3/40 (7.5%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 5b035ef95823bf6caca1a6e2ec65b041 | http://chrisqueen.com/dp/distr/app-cncrtpitch/site-0062101e758/lng-eng/cncrtpitch.exe |
| 2012-02-10 04:30:06 | sub16 | avira | ADSPY/NaviPromo.J | 11/40 (27.5%) | AS41550 | 91.207.44.10 | abuse@hostbizua.com | UA | RIPE | FUIR-MNT | 97abbf7366aa19c94b6600a07ad6a989 | http://www.falcoware.com/FalcoRegistryDoctorSetup.exe |
| 2012-02-10 04:40:05 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | fe5f9ef176604ad371c77aa791852b1f | http://79.137.237.66/content/adfp2.php?f=187 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | ed5ca9290652465750b760843898e58a | http://79.137.237.66/content/adfp2.php?f=336 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 09266726ec7fbd77175c029a6d28f748 | http://79.137.237.66/content/adfp2.php?f=367 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 16/40 (40%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | bb12f4d5c588f92f29903b05bf03def0 | http://79.137.237.66/content/adfp2.php?f=400 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | e2e7ac266bdfb02c654241072d19e686 | http://79.137.237.66/content/fdp2.php?f=150 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 95f8c0ad06fe194486e170f97a827cb6 | http://91.189.123.122/content/fdp2.php?f=29 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 1c987e2d64dc67a96fc2a6fb348299a8 | http://91.189.123.122/content/fdp2.php?f=60 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 01d5b6be12c5e7f4b24acaead5d4e109 | http://91.189.123.122/content/fdp2.php?f=82 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 418ba641f3d9ed89612910d7ebe03ea2 | http://flyingsohigh.com.tw/content/fdp2.php?f=29 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | df52e37f831404a04c84922328d7e1e5 | http://flyingsohigh.com.tw/content/fdp2.php?f=55 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | d1980d9c725db6f781a54ac2eb1faca1 | http://flyingsohigh.com.tw/content/fdp2.php?f=79 |
| 2012-02-10 04:40:06 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=27 |
| 2012-02-10 04:40:06 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=60 |
| 2012-02-10 04:40:06 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=91 |
| 2012-02-10 04:40:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 18/40 (45%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 05f6642a189340dfe9cfd79904576cac | http://www.arcot.biz/content/adp1.php?f=233 |
| 2012-02-10 04:40:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 20/43 (46.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | d4f7e4a0fa495449ae333027929eb0b0 | http://www.arcot.biz/content/adp1.php?f=270 |
| 2012-02-10 04:40:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 18/40 (45%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 80644c1b501e62da37a0443e0b449037 | http://www.arcot.biz/content/adp1.php?f=295 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 17/43 (39.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 8a2d8a3abd1e9a638863a3e5d592dd6e | http://79.137.237.66/content/adfp2.php?f=267 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 17/43 (39.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 5f44174f252503c667c41facea911b02 | http://79.137.237.66/content/adfp2.php?f=330 |
| 2012-02-10 04:40:06 | sub24 | clamav | Exploit.PDF-28745 | 15/40 (37.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 36537c0efbb768a868d7f27e3f5f0cfd | http://79.137.237.66/content/adfp2.php?f=369 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 4dcae4bd1d63e44d3332fddcfacc5599 | http://91.189.123.122/content/fdp2.php?f=25 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 09c9dda8d27260007e70289927a08b26 | http://91.189.123.122/content/fdp2.php?f=50 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 4db461ccad7d8268454476f055c87cdb | http://91.189.123.122/content/fdp2.php?f=89 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | db16f40d0cc0ac29e91e5045b04e043a | http://flyingsohigh.com.tw/content/fdp2.php?f=30 |
| 2012-02-10 04:40:06 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | a450e680403dd5f216772c1e748882ed | http://flyingsohigh.com.tw/content/fdp2.php?f=68 |
| 2012-02-10 04:40:06 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=87 |
| 2012-02-10 04:40:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/40 (47.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | d72725c707fa3a555e28763e56112ed5 | http://www.arcot.biz/content/adp1.php?f=259 |
| 2012-02-10 04:40:06 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 18/40 (45%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 70192cca94f3a7f3d131b2a910546b37 | http://www.arcot.biz/content/adp1.php?f=292 |
| 2012-02-10 04:40:07 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 4/39 (10.3%) | AS3595 | 69.73.176.160 | abuse@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | 1eda88d9becd87f9ce46a6842c4dbf5e | http://www.audio2convert.com/voc-to-mp3/download/voc-to-mp3-plus.exe |
| 2012-02-10 04:40:08 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 15/39 (38.5%) | AS29789 | 66.254.123.32 | hostmaster@reflected.net | US | ARIN | REFLECTED-1 | 70b5c0fd6295bd83bb62bd5b91d9b22e | http://www.sexy-screen-savers.com/downloads/jessica-biel-screensaver.exe |
| 2012-02-10 03:47:25 | sub8 | undef | W32/Casino.N.gen!Eldorado | 0/40 (0.0%) | AS25525 | 83.98.197.57 | abuse@reasonnet.com | NL | RIPE | NL-DIGITPAINT | 6f4ef7247f512ee531201b21b77c8d76 | http://web.obi4wan.nl/ |
| 2012-02-10 03:47:55 | sub8 | undef | HackTool.Win32.Agent.ce | 0/40 (0.0%) | AS16265 | 85.17.25.236 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20050311 | b6a7275e7d31202adfdbf9fc6dc9dc1b | http://jozeko900.cba.pl/ |
| 2012-02-10 05:00:05 | sub16 | avira | KIT/Hazard.292 | 8/40 (20%) | AS20454, AS32164 | 184.164.142.10 | abuse@securedservers.com | US | ARIN | SS5 | 4228eef9927af6e209e347c3ad790513 | http://affordbr.kronushost.com.br/Brazukas.rar |
| 2012-02-10 04:31:46 | sub5 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 0dc420f8d8f5f5853cb2b42663fab273 | http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3 |
| 2012-02-10 04:52:59 | sub5 | clamav | PUA.HTML.Crypt-8 | 1/43 (2.3%) | AS16276 | 213.186.33.16 | abuse@ovh.net | FR | RIPE | OVH | 1dd286220fbcc6cb9309711edb0ff919 | http://question-reponse.info/wp-content/themes/AskIt/cache/ayu.txt?? |
| 2012-02-10 04:17:16 | sub5 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 0dc420f8d8f5f5853cb2b42663fab273 | http://fileden.com/files/2012/2/4/3259779//asfalto.txt? |
| 2012-02-10 04:18:15 | sub5 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 0dc420f8d8f5f5853cb2b42663fab273 | http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt? |
| 2012-02-10 04:18:29 | sub5 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 0dc420f8d8f5f5853cb2b42663fab273 | http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt? |
| 2012-02-10 04:18:47 | sub5 | avira | PHP/Shellbot.7642 | 29/38 (76.3%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 0dc420f8d8f5f5853cb2b42663fab273 | http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt?http://fileden.com/files/2012/2/4/3259779//asfalto.txt? |
| 2012-02-10 05:01:23 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS36024 | 65.99.250.117 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | ddd78860818777dacac7b48a31455f6f | http://dl2.ezthemes.com/FILES/G/FILESUBMITDL2/B/BATS.EXE |
| 2012-02-10 05:01:23 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS36024 | 65.99.250.117 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | ddd78860818777dacac7b48a31455f6f | http://dl2.ezthemes.com/FILES/G/FILESUBMITDL2/B/BRITNEYZONE.EXE |
| 2012-02-10 05:20:03 | sub10 | avira | TR/Crypt.FSPM.Gen | 29/40 (72.5%) | AS4134 | 121.12.122.175 | abuse@gddc.com.cn | CN | APNIC | CHINANET-GD | 08fef6572bd00a040a443b453beee928 | http://121.12.122.175:999/auauau/wo.exe |
| 2012-02-10 05:40:05 | sub24 | clamav | Exploit.PDF-28745 | 15/40 (37.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 59affac16bddaff03ecab43d5273a863 | http://79.137.237.66/content/adfp2.php?f=338 |
| 2012-02-10 05:40:05 | sub24 | clamav | Exploit.PDF-28745 | 15/40 (37.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | ac40be470eb5d730ea480c1beedbde4e | http://79.137.237.66/content/adfp2.php?f=372 |
| 2012-02-10 05:40:05 | sub24 | clamav | Exploit.PDF-28745 | 17/43 (39.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | dd6478eb5c5d03d1a78bdda00419775b | http://79.137.237.66/content/adfp2.php?f=396 |
| 2012-02-10 05:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | f35c261b58889e74ccfa113ef5515b7f | http://91.189.123.122/content/fdp2.php?f=36 |
| 2012-02-10 05:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 080d716fa4265cf1702aee481ea8ca39 | http://91.189.123.122/content/fdp2.php?f=58 |
| 2012-02-10 05:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 21ac1e75bc5e318784dc1505f243659a | http://91.189.123.122/content/fdp2.php?f=90 |
| 2012-02-10 05:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | c7c53c24704a06748a6ab9ff577ab242 | http://flyingsohigh.com.tw/content/fdp2.php?f=56 |
| 2012-02-10 05:40:05 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 352a19799664ddfb473f7c444f51b983 | http://flyingsohigh.com.tw/content/fdp2.php?f=87 |
| 2012-02-10 05:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=32 |
| 2012-02-10 05:40:05 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=59 |
| 2012-02-10 05:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/42 (45.2%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 803325acbbccf013e7c7b5be1a0619a6 | http://www.arcot.biz/content/adp1.php?f=234 |
| 2012-02-10 05:40:05 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 20/43 (46.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | a15712e128689ee093d047b2db3936ee | http://www.arcot.biz/content/adp1.php?f=272 |
| 2012-02-10 05:40:07 | sub16 | Comodo | UnclassifiedMalware | 4/39 (10.3%) | AS30496 | 207.7.88.33 | noc@privatesystems.net | US | ARIN | PRIVATE-3 | 11e009162acde9e328ec1e60948b2497 | http://www.ecran-de-veille.org/setup-dieux-hindous-ev-scr.exe |
| 2012-02-10 05:50:05 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS36024 | 65.99.250.117 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | ddd78860818777dacac7b48a31455f6f | http://dl2.ezthemes.com/FILES/G/FILESUBMITDL2/H/HACKEREDITION.EXE |
| 2012-02-10 05:50:49 | sub16 | avira | ADSPY/NaviPromo.J | 15/40 (37.5%) | AS6939 | 184.105.174.172 | abuse@he.net | US | ARIN | HURRICANE-11 | 12402bd1175e02a89dc4530bbbeb41f3 | http://www.dvdtompegx.com/download/PlatoPassManager.exe |
| 2012-02-10 06:00:09 | sub16 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS16276 | 213.186.33.19 | abuse@ovh.net | FR | RIPE | OVH | a44ceb2f0bc609c0a38505bf9b3718e2 | http://eldesaparecido.com/usbfix.html |
| 2012-02-10 05:03:02 | sub5 | avira | PHP/Small.C | 26/40 (65%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html?http://users11.jabry.com/cas10/ansi.html? |
| 2012-02-10 06:10:06 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 3/40 (7.5%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 8c20e8ad6edc61975fd861afbdd42208 | http://chrisqueen.com/dp/distr/app-jill16/site-0062101e758/lng-eng/jill16.exe |
| 2012-02-10 06:20:04 | sub10 | BitDefender | Trojan.Generic.KD.528667 | 13/40 (32.5%) | AS41390 | 195.3.145.44 | abuse@altnet.lv | LV | RIPE | ALTNET-LV | f1ca6e10d4fd4379150115310bfa095f | http://rodenc.in/doc/bskn3xornf.exe |
| 2012-02-10 06:20:04 | sub10 | AhnLab_V3 | Spyware/Win32.Zbot | 23/40 (57.5%) | AS1267 | 151.9.135.4 | backboneinternet@mail.wind.it | IT | RIPE | IUNET-BNET9 | 6d5ecb7036ba00714b557e7ecb870e8a | http://xin.it/aspnet_client/system_web/4_0_30319/zuu.exe |
| 2012-02-10 06:51:31 | sub16 | avira | TR/Offend.7020313 | 17/40 (42.5%) | AS3254 | 193.193.194.59 | abuse@lucky.net | UA | RIPE | LUCKYNET-COLO-194-B | 0d8775d0ac69a1d276e268266f54b101 | http://hack-stars.ru/wp-content/uploads/2012/01/Black_Out_v1.0.exe |
| 2012-02-10 06:51:32 | sub16 | clamav | PUA.Packed.PECompact-1 | 3/40 (7.5%) | AS17036, AS22653 | 69.61.74.188 | abuse@cyberwurx.com | US | ARIN | NET-GLOBAL-COMPASS | 6cb896d6d0f2350631f8be4e0155a2cb | http://www.casinoschule.com/downloads/casinolasvegas.exe |
| 2012-02-10 06:42:17 | sub5 | avira | PHP/Loader.9852 | 16/40 (40%) | AS7393 | 216.198.203.100 | abuse@cybercon.com | US | ARIN | CYBERCON-BLK-4 | 7dd86178fed6bc8578ba1b4c8344d9b9 | http://kscottjewelers.com/images/forum.jpg?? |
| 2012-02-10 06:42:24 | sub5 | avira | PHP/PBot.A | 31/40 (77.5%) | AS15967 | 77.55.102.144 | abuse@netart.pl | PL | RIPE | NETART | e94c1249ab3d4d2c656420a9a61d1f60 | http://optre.pl/sklep/images/icons/icons.gif?? |
| 2012-02-10 06:42:48 | sub5 | avira | PHP/IRCBOT.21970 | 30/40 (75%) | AS5533 | 80.172.241.27 | abuse@pt.clara.net | PT | RIPE | ESOTERICA | f937b3beabbd32265b3cc53d20ce91d5 | http://icloud.com.pt/wp-content/themes/Memoir/cache/copy.jpg?? |
| 2012-02-10 06:42:57 | sub5 | avira | PHP/IRCBOT.21970 | 32/43 (74.4%) | AS5533 | 80.172.241.27 | abuse@pt.clara.net | PT | RIPE | ESOTERICA | f937b3beabbd32265b3cc53d20ce91d5 | http://icloud.com.pt/wp-content/themes/Memoir/cache/paste.jpg?? |
| 2012-02-10 07:20:04 | sub10 | Antiy_AVL | Trojan/Win32.Dialer.gen | 16/40 (40%) | AS4837 | 120.14.7.229 | abuse@chinaunicom.cn | CN | APNIC | UNICOM-HE | e5cfe8d1d9cee741d4b7f57dff9a16dd | http://120.14.7.229/server.exe |
| 2012-02-10 07:20:04 | sub10 | avira | WORM/Rebhip.Z | 23/43 (53.5%) | AS11351 | 67.247.56.27 | abuse@rr.com | US | ARIN | RRNY | 7e4f70b20dccbcc7a7245fc1292ddf45 | http://67.247.56.27/02.02.exe |
| 2012-02-10 07:20:04 | sub10 | avira | TR/Dropper.Gen | 34/43 (79.1%) | AS18866 | 69.50.219.138 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 68893a3c5199b2f4b55763bdf81749da | http://69.50.219.138/cjx3.exe |
| 2012-02-10 07:20:04 | sub10 | avira | TR/Dropper.Gen2 | 40/43 (93%) | AS18866 | 69.50.219.138 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 021dc3ba71da8d544e7e78fdc39575ef | http://69.50.219.138/dk20131.exe |
| 2012-02-10 07:20:11 | sub16 | Jiangmin | TrojanBanker.Banbra.fd | 1/43 (2.3%) | AS36476 | 209.237.150.20 | abuse@corp.web.com | US | ARIN | WEB-COM-BLK1 | fb16d080504a2ef4900ab6a5fc87b29e | http://www.jsoftconsulting.com/download/casino_biorhythms.exe |
| 2012-02-10 07:30:03 | sub10 | BitDefender | Gen:Variant.Kazy.18272 | 6/40 (15%) | AS13124 | 192.162.100.51 | bitbucket@ripe.net | EU | AFRINIC | IANA-BLK | a68ace618817f29898c383eacb180daf | http://coding-revolution.to/update.exe |
| 2012-02-10 07:30:12 | sub16 | NOD32 | probably a variant of Win32/GameHack.BE | 1/43 (2.3%) | AS6461 | 193.47.79.175 | joachim@webminded.nl | NL | RIPE | WEBMINDED | de192bc2d159edff38e302f9e51417bc | http://www.cheatsguru.com/download.php?itemid=2188613 |
| 2012-02-10 07:40:06 | sub10 | avira | TR/Offend.KD.429152.1 | 17/40 (42.5%) | AS3786 | 112.220.210.44 | shkim082@chol.com | KR | APNIC | BORANET-KR | 688e7bac74d7a501fd791eb2d0d6a7d9 | http://u9.websuprt.co.kr/NewSidebar/Choco/KeywordTab.exe |
| 2012-02-10 07:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 20/43 (46.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 417c71d0a9f7540f37d2cc2af154f6a8 | http://79.137.237.66/content/adfp1.php?f=80 |
| 2012-02-10 07:40:07 | sub24 | clamav | Exploit.PDF-28745 | 16/39 (41%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 285196812b9570899aea743d023fa5db | http://79.137.237.66/content/adfp2.php?f=346 |
| 2012-02-10 07:40:07 | sub24 | clamav | Exploit.PDF-28745 | 17/43 (39.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | c86e18b9746c21181b1478b2f493ebd6 | http://79.137.237.66/content/adfp2.php?f=378 |
| 2012-02-10 07:40:07 | sub24 | clamav | Exploit.PDF-28745 | 17/43 (39.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 3ec18b3a8a6c1565a3709410f64cb2ac | http://79.137.237.66/content/adfp2.php?f=45 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | cf0ee79f46c55ef3b3fa896a510174ff | http://79.137.237.66/content/fdp2.php?f=200 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | d48d8f7e5cc726552f48ab10b89f8363 | http://91.189.123.122/content/fdp2.php?f=34 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 75bc81495489355c0210696679c1207e | http://91.189.123.122/content/fdp2.php?f=65 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | a245ea1978419ad32c4b85eb67e76250 | http://91.189.123.122/content/fdp2.php?f=88 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 18/39 (46.2%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 2ebbe51f9f24299c44d03c3782b10382 | http://flyingsohigh.com.tw/content/fdp2.php?f=28 |
| 2012-02-10 07:40:07 | sub24 | avira | EXP/Pidief.atm | 18/39 (46.2%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 5aff3fa1882e14aca8eebb8da6b9cbb7 | http://flyingsohigh.com.tw/content/fdp2.php?f=54 |
| 2012-02-10 07:40:07 | sub24 | avira | SPR/KeyLogger.P.2 | 34/43 (79.1%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=36 |
| 2012-02-10 07:40:07 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/42 (45.2%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 37b773a77a36ab6c19c0e4e5b0a4629f | http://www.arcot.biz/content/adp1.php?f=239 |
| 2012-02-10 07:40:07 | sub24 | avira | SPR/KeyLogger.P.2 | 34/43 (79.1%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=77 |
| 2012-02-10 07:50:15 | sub16 | avira | TR/Spy.Gen | 1/39 (2.6%) | AS26347 | 173.236.163.61 | abuse@dreamhost.com | US | ARIN | DREAMHOST-BLK10 | 1dc2a934fe1bbe1477b2fadd64109bd5 | http://www.feeplay.com/download/earn-money-now.exe |
| 2012-02-10 07:51:37 | sub16 | trendmicro | BKDR_HUPIGON.FON | 31/43 (72.1%) | AS4618 | 203.154.201.149 | noc@inet.co.th | TH | APNIC | INET-TH | ce64830c8ce061dff07f4351195ea820 | http://tps.ac.th/~it/src/NOD32-Removal-tools/3/NOD32_Brontok-Fix.zip |
| 2012-02-10 08:11:25 | sub16 | undef | unknown_html_google_malware | 0/39 (0.0%) | AS13768 | 216.151.212.178 | abuse@serverbeach.com | US | ARIN | SERVER-ALLOC-2 | 0a786f3bae54f19f840a4cff45905c65 | http://pearljewelrysets.net/ |
| 2012-02-10 08:20:03 | sub10 | Avast | Win32:Cidox-AE Trj | 12/40 (30%) | AS21788 | 184.82.0.38 | nic@hostnoc.net | US | ARIN | HOSTNOC-8BLK | eebec162f73febe37c3c860801172599 | http://184.82.0.38/f/word.exe |
| 2012-02-10 09:40:04 | sub10 | avira | TR/ATRAPS.Gen2 | 30/40 (75%) | AS4134 | 58.221.36.245 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | ab273d10d64ae34df8f287c5bcb95a0e | http://go.qxom.info:8896/QvodSetupPlusGwA1.exe?qqdrsign=05126 |
| 2012-02-10 09:40:26 | sub10 | Antiy_AVL | Trojan/win32.agent.gen | 1/43 (2.3%) | AS32475 | 184.154.224.12 | abuse@singlehop.com | US | ARIN | SINGLEHOP | 4c14348892bbee7b26ee01889f5c25b4 | http://montanamenagerie.org/hostsfile/downloads/puisetup.exe |
| 2012-02-10 09:40:28 | sub14 | avira | ADWARE/Adware.1499508 | 16/41 (39%) | AS19318 | 209.159.146.144 | network@interserver.net | US | ARIN | INTERSERVER | 3293cace2ac355676329424e5b71725c | http://download.xvidcodec.org/dm-ddd-xvid.exe?filename=3dxvidsetup.ex&%= |
| 2012-02-10 09:40:28 | sub14 | avira | TR/VB.Downloader.Gen | 20/40 (50%) | AS3267 | 194.226.211.12 | | RU | RIPE | HERZEN-NET | 7e7bb7feb0c8202c39f8eea4c1c80667 | http://herzen.spb.ru/images/video/2358/sexo/02/12/videos0494-casal-de-loucos-fazendo-sexo-em-carro-em-movimento-AVI.exe |
| 2012-02-10 09:40:28 | sub14 | Avast | Win32:MediaGet-B [PUP] | 8/40 (20%) | AS41947 | 92.241.182.191 | abuse@wahome.ru | RU | RIPE | WAHOME-COLO | ed408a827bf1ea03f5978e235160bfbf | http://mediaget.com/torrent.php?r=h33t&&u=h33t.com%2Fdetails.php?id=bb8b33389cdff962326b1ad0452f43f91627d348&&f=cFosSpeed+6.61+beta+x32x64+ASRock_mod-madeinheaven |
| 2012-02-10 09:40:28 | sub14 | F_Prot | File is damaged | 2/40 (5%) | AS18866 | 69.50.209.95 | abuse@atjeuhosting.com | US | ARIN | ATJEU | 4ac42993a0c1e427ef76b3ec07029d9a | http://optinsecretsexposed.com/gs/gs.exe |
| 2012-02-10 09:40:28 | sub14 | AhnLab_V3 | Win-Trojan/Zbot.194048.Q | 16/40 (40%) | AS42313 | 12.133.182.141 | abuse@att.net | US | ARIN | ATT | 0c4cf45b512432aaeb0e0a52697f1e8a | http://staplescratch.ru/cx.exe |
| 2012-02-10 09:40:28 | sub14 | DrWeb | Adware.InstallCore.17 | 2/40 (5%) | AS46281 | 94.127.76.170 | ripeadmin@cotendo.com | US | RIPE | IL-CTNDO-20081008 | 55a17dd81f0844cce499736e35fb91a8 | http://unlocker.soft32.com/get/file/id/686810 |
| 2012-02-10 09:40:28 | sub15 | Kaspersky | Trojan-Spy.Win32.Zbot.dkcv | 5/40 (12.5%) | AS7496 | 203.147.166.169 | noc@webcentral.com | AU | APNIC | WEBCENTRAL | 7acc5377801ff835fe2a392105e5473a | http://esvc000404.bne102u.server-web.com/rub |
| 2012-02-10 09:40:28 | sub15 | undef | unknown_exe | 0/40 (0.0%) | AS36351 | 173.192.114.193 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 43fbe568e0266738718031c86ea30f8b | http://xboxcontrollerforpc.com/rub |
| 2012-02-10 09:50:33 | sub16 | undef | unknown_html_RFI_shell | 0/43 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 184.173.195.219 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | cadf7743c1764279c592a03d8c26f242 | http://www.nuscreensavers.com/screensaver_Tiffani-Amber-Thiessen.zip |
| 2011-11-16 14:08:02 | sub17 | avira | HTML/Infected.WebPage.Gen2 | 33/40 (82.5%) | AS25973, AS35937, AS15244 | 67.210.113.11 | hostmaster@lunarpages.com | US | ARIN | ADD2NET-DOT-COM | cf8088f22d59b14c26c4d25847c74bec | http://egosandgreed.com |
| 2012-02-10 10:00:06 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 3/41 (7.3%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | aa9dd0e3da7acbb2b0be28832b78a5e7 | http://chrisqueen.com/dp/distr/app-methodx/site-00ab0c4cbcf/lng-eng/methodx.exe |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_html_google_malware | 0/38 (0.0%) | AS14618 | 107.20.182.97 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 81df613aa0bebb57caa8aeb3b81455f5 | http://dl.dropbox.com/u/61211486/arquivo10.zip |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_html_google_malware | 0/41 (0.0%) | AS14618 | 107.20.182.97 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | e410c7f46710b39c7ffcc8baf834b9c2 | http://dl.dropbox.com/u/61211486/arquivo20.zip |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_html_RFI_php | 0/40 (0.0%) | AS14618 | 174.129.218.194 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-5 | d99abafa7d4e51b59ae67c102a9f4101 | http://dl.dropbox.com/u/61211486/arquivo30.zip |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_html_google_malware | 0/43 (0.0%) | AS14618 | 174.129.218.194 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-5 | fc597d42af58aeeb07fa872f21771625 | http://dl.dropbox.com/u/61211486/arquivo40.zip |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_html_google_malware | 0/42 (0.0%) | AS14618 | 50.16.185.216 | aes-noc@amazon.com | US | ARIN | AMAZON-EC2-8 | 82a1f449ea71ba4b6623df83a2fbe041 | http://dl.dropbox.com/u/61211486/arquivo60.zip |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_file_$_OUTDIR/waitBHOEnable.exe | 0/40 (0.0%) | AS32613 | 72.55.158.70 | abuse@noc.privatedns.com | CA | ARIN | IWEBGROUP | 023873846021c9b2169725bf5744dc81 | http://download.wajam.com/download/wajam_blinx.exe |
| 2012-02-10 10:10:33 | sub1 | undef | unknown_file_$_OUTDIR/waitBHOEnable.exe | 0/40 (0.0%) | AS32613 | 72.55.158.70 | abuse@noc.privatedns.com | CA | ARIN | IWEBGROUP | 8019c9747dacc04f9003f16eab4f9f82 | http://download.wajam.com/download/wajam_installMonetizer.exe |
| 2012-02-10 10:10:35 | sub1 | Norman | HTML/Agent.NP | 1/42 (2.4%) | AS30058 | 74.63.108.110 | NOC@fdcservers.net | US | ARIN | FDCSERVERS | f382fe3d08efcce6cd54e56071cac771 | http://pcgame.gamedia.cn/pcgame/C8C/gl/cnzz6.html?GameID=0,Path=c:\temp\download_virusfile.php-sid-0037596861.exe |
| 2012-02-10 10:10:37 | sub24 | clamav | Exploit.PDF-28745 | 14/38 (36.8%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 76e61a30653503b1f563d9d4cd43e0c8 | http://79.137.237.66/content/adfp2.php?f=245 |
| 2012-02-10 10:10:37 | sub24 | clamav | Exploit.PDF-28745 | 15/40 (37.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | dd9401421c47f78908e26fc20513aa0c | http://79.137.237.66/content/adfp2.php?f=332 |
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS12695 | 79.137.237.66 | noc@msm.ru | RU | RIPE | DINETHOSTING | 81f4407e8a02cb205b646e19f4325637 | http://79.137.237.66/content/fdp2.php?f=148 |
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | c70036e27b306bd479d1b8be29967721 | http://91.189.123.122/content/fdp2.php?f=35 |
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 2ecda9f98c7809271870c9f4b6cee103 | http://91.189.123.122/content/fdp2.php?f=91 |
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 12b9400d0adfde0bd8ba044fb62aed67 | http://flyingsohigh.com.tw/content/fdp2.php?f=21 |
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 21/43 (48.8%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | 96670308d039fecced7d33d8db1e362d | http://flyingsohigh.com.tw/content/fdp2.php?f=51 |
+---------------------+-------------+---------------+-----------------------------------------+---------------+---------------------------------------------+-----------------+-------------------------------+---------+---------+-----------------------------+----------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
150 rows in set (0.07 sec)

--- End code ---

cleanmx:
upto 2012-02-10 18:02:04 CET online data http://support.clean-mx.de/clean-mx/viruses.php?sort=id%20desc&response=alive
rss-feed: http://support.clean-mx.de/clean-mx/rss?scope=viruses
twitter: http://twitter.com/CleanmxMalware

--- Code: ---+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+------------------------------+---------+---------+--------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| date | contributor | scanner | virusname | vt_score | AS | review | email | country | source | netname | md5sum | url |
+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+------------------------------+---------+---------+--------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| 2012-02-10 10:10:37 | sub24 | avira | EXP/Pidief.atm | 19/40 (47.5%) | AS42400 | 91.189.123.122 | abuse@multihost.no | NO | RIPE | NO-MULTIHOST | fdaa3aeeb0b8ffc0235e0b97d3a36d56 | http://flyingsohigh.com.tw/content/fdp2.php?f=82 |
| 2012-02-10 10:10:37 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=57 |
| 2012-02-10 10:10:37 | sub24 | avira | SPR/KeyLogger.P.2 | 33/42 (78.6%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=78 |
| 2012-02-10 10:10:37 | sub24 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 17/39 (43.6%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 6aa3b78f053354170ab29cc86fe48faf | http://www.arcot.biz/content/adp1.php?f=290 |
| 2012-02-10 10:11:50 | sub16 | avira | ADSPY/NaviPromo.J | 9/40 (22.5%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 8e3467c27b69e2daeacb5a96dc16815e | http://www.softwaredepo.com/download/sdvc.exe |
| 2012-02-10 10:20:05 | sub24 | avira | SPR/KeyLogger.P.2 | 32/40 (80%) | AS16276 | 94.23.81.156 | abuse@ovh.net | ES | RIPE | ES-OVH | f1e1a63e6416244397682df86a3b6853 | http://keylogger-douglas.descargar.es/descarga-directa.php?x=30 |
| 2012-02-10 10:30:10 | sub7 | avira | PHP/IRCBOT.21970 | 32/43 (74.4%) | AS5533 | 80.172.241.27 | abuse@pt.clara.net | PT | RIPE | ESOTERICA | f937b3beabbd32265b3cc53d20ce91d5 | http://www.icloud.com.pt/wp-content/themes/Memoir/cache/copy.jpg?? |
| 2012-02-10 10:30:10 | sub7 | avira | PHP/IRCBOT.21970 | 30/40 (75%) | AS5533 | 80.172.241.27 | abuse@pt.clara.net | PT | RIPE | ESOTERICA | f937b3beabbd32265b3cc53d20ce91d5 | http://www.icloud.com.pt/wp-content/themes/Memoir/cache/paste.jpg?? |
| 2012-02-10 10:30:41 | sub16 | NOD32 | HTML/ScrInject.B.Gen | 2/39 (5.1%) | AS13335 | 173.245.60.115 | noc@cloudflare.com | US | ARIN | CLOUDFLARENET | fd4f9c8c12b5f5598ac0fe49e3b2b693 | http://profile-checker.co.uk/ |
| 2012-02-10 10:30:56 | sub9 | clamav | PUA.Script.PDF.EmbeddedJavaScript | 19/42 (45.2%) | AS13124 | 128.204.202.33 | bitbucket@ripe.net | EU | AFRINIC | IANA-BLK | ead21c7ecb9ba40ef8f90881ae14c410 | http://sratypak.eu/content/adp1.php?f=142 |
| 2012-02-10 10:30:57 | sub10 | Antiy_AVL | Trojan/win32.agent.gen | 1/40 (2.5%) | AS14361 | 209.160.20.35 | abuse@hopone.net | US | ARIN | HOPONE-MULTI-SITE-1 | 4c14348892bbee7b26ee01889f5c25b4 | http://support.it-mate.co.uk/downloads/puisetup.exe |
| 2012-02-10 10:31:03 | sub1 | Ikarus | Trojan.Script | 2/39 (5.1%) | AS4134 | 58.218.204.109 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | e0f2c48440d9e4cbadfd483faf81bf2b | http://123.qqhuhu.com/1.html |
| 2012-02-10 10:31:03 | sub1 | Norman | HTML/Agent.NP | 1/39 (2.6%) | AS30058 | 74.63.108.110 | NOC@fdcservers.net | US | ARIN | FDCSERVERS | f382fe3d08efcce6cd54e56071cac771 | http://pcgame.gamedia.cn/pcgame/C8C/gl/cnzz6.html?GameID=0,Path=c:%5C%5Ctemp%5C%5Cdownload_virusfile.php-sid-0037596861.exe |
| 2012-02-10 10:50:50 | sub16 | DrWeb | Trojan.KillProc.13765 | 1/40 (2.5%) | AS21844 | 74.52.78.82 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | a6ba27f55c834711c45e35bf2bf001ed | http://www.housetrainingapuppy.org/software/housetrainingapuppypuzzle.exe |
| 2012-02-10 10:50:50 | sub16 | undef | unknown_html_RFI_shell | 0/40 (0.0%) | AS36420, AS30315, AS13749, AS21844 | 184.173.195.219 | noc@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-17 | 867a1e875f99b79a63fa9e0c7111ac87 | http://www.nuscreensavers.com/screensaver_Stacy-Ferguson.zip |
| 2012-02-10 11:01:08 | sub15 | BitDefender | Gen:Variant.Kazy.55125 | 3/43 (7%) | AS24940 | 176.9.195.84 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | 4953167a28a9ace1b77d7d21efc49b72 | http://176.9.195.84/files/37 |
| 2012-02-10 11:01:08 | sub15 | McAfee_GW_Editio | Heuristic.BehavesLike.Win32.ModifiedUPX.C | 1/43 (2.3%) | AS24940 | 176.9.195.81 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | 7025bc1a051091965e2544f1a710666f | http://176.9.195.81/files/17 |
| 2012-02-10 11:01:09 | sub15 | Kaspersky | HEUR:Trojan.Win32.Generic | 2/40 (5%) | AS24940 | 176.9.195.82 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | d3d1f019e7fa93dae4a8dff405b99c86 | http://176.9.195.82/files/47 |
| 2012-02-10 11:01:09 | sub15 | Kaspersky | HEUR:Trojan.Win32.Generic | 2/43 (4.7%) | AS24940 | 176.9.195.82 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | 081873609b18ea257402310d3cf2809d | http://176.9.195.82/files/46 |
| 2012-02-10 11:01:09 | sub15 | Kaspersky | HEUR:Trojan.Win32.Generic | 2/40 (5%) | AS24940 | 176.9.195.82 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | c9aa7531d026d87abd060687cdd5e0a9 | http://176.9.195.82/files/45 |
| 2012-02-10 11:01:09 | sub15 | BitDefender | Gen:Variant.Kazy.55125 | 3/40 (7.5%) | AS24940 | 176.9.195.82 | abuse@hetzner.de | DE | RIPE | DE-HETZNER-20110517 | 4953167a28a9ace1b77d7d21efc49b72 | http://176.9.195.82/files/37 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/40 (2.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 214d808f4bcbb881b627ef9f70e76a1e | http://www.arcot.biz/files/81 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 2/40 (5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | c1c457335bdbf95e59705b4c92956a9e | http://www.arcot.biz/files/66 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/43 (2.3%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | c18bcaff85cad7c2d207fbdde60c1536 | http://www.arcot.biz/files/61 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/43 (2.3%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | a4c4f39446a14fced6e0f161ce90fff0 | http://www.arcot.biz/files/39 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/40 (2.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | e0b537887a7df2681f15944e2fa9a6b5 | http://www.arcot.biz/files/34 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/43 (2.3%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | 4da759a72601943b40b73931793e103f | http://www.arcot.biz/files/32 |
| 2012-02-10 11:40:05 | sub15 | Panda | Suspicious file | 1/40 (2.5%) | AS43637 | 78.111.51.114 | vugar@kouliyev.com | AZ | RIPE | AZ-SOL-20070905 | a99f79c701b209d761ddcb0991d07e40 | http://www.arcot.biz/files/28 |
| 2012-02-10 11:41:08 | sub20 | undef | unknown_html_RFI_php | 0/43 (0.0%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 694d0691a578b20703acb6afb3c97b39 | http://www.chrisqueen.com/cb/JILL16/program |
| 2012-02-10 12:20:03 | sub1 | Ikarus | Trojan.Link | 7/43 (16.3%) | AS36351 | 173.192.106.222 | abuse@softlayer.com | US | ARIN | SOFTLAYER-4-8 | 7aa923a8ab735f811b1d04ff4fd62673 | http://shubhkamnaproperties.com/uRTKkRS0/index.html |
| 2012-02-10 12:20:17 | sub10 | AhnLab_V3 | Dropper/Win32.Injector | 13/43 (30.2%) | AS28753 | 188.72.248.146 | abuse@leaseweb.de | DE | RIPE | DE-NETDIRECT-20090709 | 512376358053122d77b05fba84bedc77 | http://188.72.248.146/2030.exe |
| 2012-02-10 12:40:06 | sub16 | avira | TR/Monder.qns | 29/39 (74.4%) | AS41947 | 77.91.229.67 | abuse@wahome.ru | RU | RIPE | FATAL-RU | d57cf70828f62599b8187df7fa401b92 | http://e-realms.webhost.ru/files/win_patch/win_patch.exe |
| 2012-02-10 12:02:27 | sub17 | avira | HTML/Infected.WebPage.Gen | 25/40 (62.5%) | AS3595 | 69.73.138.107 | abuse@jaguarpc.com | US | ARIN | LH-GOLD-NETWORK | 008dd3a456b444e5fc8a18c4f4b5fcfd | http://www.afaik.us |
| 2012-02-10 12:02:26 | sub17 | trendmicro | Mal_Hifrm | 2/43 (4.7%) | AS17547 | 120.50.40.90 | abuse@qala.com.sg | SG | APNIC | VODIEN-SG | 64edbe529ac168ec402afd07a480aa9a | http://warrior.com.sg/index.html |
| 2012-02-10 12:50:03 | sub1 | undef | unknown_html_google_malware | 0/40 (0.0%) | AS4906 | 63.250.48.74 | abuse@frontline.net | US | ARIN | SINEP-BLOCK-3 | d855e7c7d33d98bb9576245f70a3d66f | http://heresmymusic.com/wells.html |
| 2012-02-10 12:50:06 | sub16 | avira | JS/Agent.alf | 19/40 (47.5%) | AS7506 | 210.157.5.15 | warita@gmo.jp | JP | APNIC | INTERQ | 1ef20d0d89f33374a43972f4091a70f7 | http://elanjapan.co.jp/ski/index.html |
| 2012-02-10 12:02:21 | sub17 | avira | HTML/Drop.Agent.AB | 31/40 (77.5%) | AS12824 | 212.85.123.243 | abuse@home.pl | PL | RIPE | HOMEPL | 807fc4b49e1a37eac73fb5bd63ec2ca2 | http://okb.home.pl/eko/ |
| 2012-02-10 13:02:04 | sub1 | DrWeb | Adware.Searcher.1334 | 1/40 (2.5%) | AS38676 | 111.67.216.45 | post@clunet.co.kr | KR | APNIC | WIZCDN | 7928e771a1eb9a4e1e203e7fe6e0a79c | http://u7.websuprt.co.kr/NewSidebar/webSupporter/DownFileInfo.oBs |
| 2012-02-10 13:04:11 | sub1 | AhnLab_V3 | Win-Trojan/Infostealer.900338 | 2/40 (5%) | AS26496 | 72.167.232.40 | noc@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 159f9b290548903ba9b46f5604bb4af6 | http://fidessa.2tetra.com/includes/stfn.exe |
| 2012-02-10 12:02:19 | sub17 | trendmicro | Mal_Hifrm | 9/40 (22.5%) | AS13768 | 69.90.163.170 | support@hostpapasupport.com | CA | ARIN | PEER1-HOSTPAPA-01 | d2b44cf3e4f163c5777eaf78a654ff6b | http://kazalycoaching.com.au |
| 2012-02-10 13:04:16 | sub1 | undef | unknown_exe | 0/40 (0.0%) | AS20886 | 80.90.147.82 | noc@bn-online.net | DE | RIPE | TNS-07112008-HOSTING_NET | fd2a78554f3530ae3c47cac917170516 | http://cissdb5.de/SVS_Plan.exe |
| 2012-02-10 13:20:05 | sub10 | BitDefender | Trojan.Generic.7200791 | 13/38 (34.2%) | AS41011 | 93.115.241.34 | admin@chnet.ro | ro | RIPE | SC-CH-NET-SRL | 9bc84c1f547e1782134d5bbb824b6f8a | http://93.115.241.34:12783/vdesrecfde.exe |
| 2012-02-10 12:02:06 | sub17 | avira | HTML/Drop.Agent.AB | 31/39 (79.5%) | AS196763 | 109.234.111.38 | bkolodziejczyk@az.pl | PL | RIPE | AZPL-1 | 90f0e4e6b035aa00f1730072a5ae733f | http://coe-ino.pl |
| 2012-02-10 13:31:52 | sub10 | AntiVir | GAME/Casino.Gen2 | 15/38 (39.5%) | AS11754 | 216.59.154.18 | noc@orangeisp.com | US | ARIN | GUS-NET | f84902225999c5ed57b025cbb0f68d8b | http://qiesjkrdbu.casinos4you.eu/En-WinPalace.exe |
| 2012-02-10 13:50:05 | sub10 | avira | TR/Agent.281211 | 6/40 (15%) | AS16276 | 46.105.232.103 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | 08f3778cc7a755e0091b2def73b5da56 | http://trumaxsystems.info/sdafews/ikeses.exe |
| 2012-02-10 13:50:05 | sub10 | avira | TR/Agent.281211 | 5/42 (11.9%) | AS16276 | 46.105.232.103 | abuse@ovh.net | FR | RIPE | FR-OVH-20101129 | ff1f81b064ae5fbaab918c24367de0a2 | http://trumaxsystems.info/sdafews/rspps.exe |
| 2012-02-10 13:50:27 | sub20 | Symantec | Suspicious.Cloud.5 | 1/39 (2.6%) | AS25847 | 207.58.131.69 | abuse@servint.com | US | ARIN | SERVINT-CIDR-3 | 0d633f9cd5d1ee1dc1fc3b95d1ba83a2 | http://ignouguess.com/xBZq.exe |
| 2012-02-10 14:02:12 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | b887ab12d424426e3a85dd971bb6b2b7 | http://blogdelcoche.es/mercedes-benz/mercedes-espana-lanza-el-s250-cdi/ |
| 2012-02-10 14:02:15 | sub16 | avira | JS/iFrame.GT.1 | 24/42 (57.1%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 218393298295b6ce81f2d6df5e294983 | http://blogdelcoche.es/motor/deportivos/ |
| 2012-02-10 14:02:15 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 8642102f2caa8a0c9adb67116315749a | http://blogdelcoche.es/motor/hyundai-i30/ |
| 2012-02-10 14:02:15 | sub16 | avira | JS/iFrame.GT.1 | 21/39 (53.8%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 782a9a789d8f93989bbcca26ecceccd1 | http://blogdelcoche.es/motor/julio/ |
| 2012-02-10 14:02:15 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 8047f4799fa1d2b16b4b863078f26f09 | http://blogdelcoche.es/motor/stratos/ |
| 2012-02-10 14:02:15 | sub16 | avira | JS/iFrame.GT.1 | 23/41 (56.1%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 3e88d5e86dcb4fd15f46e06fc051fd46 | http://blogdelcoche.es/subaru/impreza-crossover-se-presentara-en-ginebra/ |
| 2012-02-10 14:02:15 | sub16 | Comodo | ApplicUnsaf.Win32.RemoteAdmin.WinVNC.1360 | 3/40 (7.5%) | AS4134 | 219.159.68.53 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-GX | d68fcd5597d09ecdc782d0abfae0e4e6 | http://netman123.com/down/netman_enterprise.zip |
| 2012-02-10 14:20:06 | sub16 | avira | JS/iFrame.GT.1 | 24/43 (55.8%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | e11cff1ae4b938e2ade811c6a2f30cda | http://blogdelcoche.es/citroen/citroen-c3-picasso/ |
| 2012-02-10 14:20:06 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 3c863778667e9c3dd550f0dac4ac5064 | http://blogdelcoche.es/ford/novedades-para-los-amantes-de-ford-vuelve-el-viejo-boss/ |
| 2012-02-10 14:20:06 | sub16 | avira | JS/iFrame.GT.1 | 21/38 (55.3%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 631ca4c52821862d16e0b5b072fc8d70 | http://blogdelcoche.es/motor/daihatsu/ |
| 2012-02-10 14:20:06 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 5e59d06c33c528e49f55d70a3baaf1f6 | http://blogdelcoche.es/motor/peugeot-espana/ |
| 2012-02-10 14:20:06 | sub16 | avira | JS/iFrame.GT.1 | 22/40 (55%) | AS19066 | 96.30.33.232 | abuse@wiredtree.com | US | ARIN | WIREDTREE | 1d130f7582188abfe39e3e11eae03819 | http://blogdelcoche.es/motor/precios/ |
| 2012-02-10 14:30:30 | sub16 | Antiy_AVL | Trojan/win32.agent.gen | 17/40 (42.5%) | AS21844 | 74.52.59.130 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | 4de54af9c76b7b8c8a5d47f5ad4cde72 | http://www.file-joiner.com/filejoiner-demo.zip |
| 2012-02-10 14:30:30 | sub16 | Jiangmin | Trojan/JboxGeneric.dot | 1/40 (2.5%) | AS36420, AS30315, AS13749, AS21844 | 70.84.99.69 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-13 | 27d8ddc964a3df8faa28a3fbb0dd833e | http://www.newqite.com/CUCUdvdipad.exe |
| 2012-02-10 13:51:07 | sub8 | undef | HEUR:Trojan.Win32.Generic | 0/39 (0.0%) | AS8560 | 74.208.26.97 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 9c1c685a9162b461ecf6ddb69d03f96c | http://www.kronopio.tv/images/M_images/ |
| 2012-02-10 14:45:52 | sub1 | avira | TR/Crypt.FKM.Gen | 12/40 (30%) | AS43006 | 77.91.204.48 | abuse@cgest.com | PT | RIPE | PT-CGEST-20070523 | 7f2bacddd7055af63e08ef2e1c4a7f44 | http://images.comunidades.net/arl/arle07fev/midia1.jpg |
| 2012-02-10 15:00:16 | sub7 | avira | PHP/BackDoor.AR | 29/40 (72.5%) | AS3786 | 61.38.186.176 | shkim082@chol.com | KR | APNIC | BORANET-KR | 59fbe6ce00bc6f520e3ccc31543033b8 | http://www.triz.or.kr//data/log/img09.jpg??? |
| 2012-02-10 15:00:17 | sub7 | avira | SPR/PHP.ID | 14/40 (35%) | AS3786 | 61.38.186.176 | shkim082@chol.com | KR | APNIC | BORANET-KR | 54e3d089f7a0e93907c06a3341029b5c | http://www.triz.or.kr//data/log/main.txt??? |
| 2012-02-10 15:20:03 | sub10 | avira | TR/Offend.7187095 | 29/43 (67.4%) | AS31147 | 178.18.243.172 | abuse@inline.de | DE | RIPE | DE-INLINE-20100427 | b7e9e0cf48e9cd0893f89e2ade1764c4 | http://178.18.243.172/l.exe?rwmid=1&/;&/;&/;&/;wmid=284 |
| 2012-02-10 15:31:56 | sub16 | avira | TR/Dldr.Delphi.Gen | 29/39 (74.4%) | AS8560 | 74.208.28.204 | abuse@1and1.com | US | ARIN | 1AN1-NETWORK | 7705032e237fd9e7aed14921884755e2 | http://www.lawyerbillingtips.com/lpmebook/Law-Practice-Management-Profit-Secrets-Ebook.exe |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/Shellbot.7642 | 26/40 (65%) | AS46475 | 69.162.107.55 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 22dc1670d87cd1e9c60cdac48e75fdc3 | http://69.162.107.55/cmd.txt |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/Zapchast.X | 11/43 (25.6%) | AS9464 | 202.28.66.15 | unnop@uni.net.th | TH | APNIC | THAINET-TH | ccb9e1bbb7dbb46819f54f1639a51621 | http://cc.tsu.ac.th/old_cc/courseware/computer/rico.txt |
| 2012-02-10 15:40:07 | sub11 | clamav | PUA.Script.Packed-10 | 5/40 (12.5%) | AS35902 | 69.169.181.199 | support@broadweave.com | US | ARIN | BNUL | 61cd86c3a64080d8cc72c304cc689200 | http://scateam.org/albums/thumb/idx |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/Small.C | 26/40 (65%) | AS33597 | 67.208.91.116 | abuse@inforelay.com | US | ARIN | INFORELAY-NETBLOCK01 | 81da5586a5994fb8fc7416004ef14d4d | http://users11.jabry.com/cas10/ansi.html |
| 2012-02-10 15:40:07 | sub11 | Avast | PHP:Agent-BH Trj | 5/40 (12.5%) | AS44112 | 77.222.40.42 | abuse@sweb.ru | RU | RIPE | SpaceWeb | 450ada3a5896ecd8220f5df3749e9c4e | http://www.civilinfo.ru/picture/proarte2012.txt |
| 2012-02-10 15:40:07 | sub11 | Avast | PHP:Agent-BH Trj | 5/40 (12.5%) | AS28299 | 189.38.90.30 | abuse@kinghost.com.br | BR | LACNIC | 005.305.671/0001-84 | 742867f9c8b4fcf0279fbfa2ed813fb1 | http://www.eletroferriopreto.com.br/fotos/Anjo_Loko.txt |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/RemoteAdmi.5398 | 28/40 (70%) | AS39729 | 81.88.48.78 | abuse@register.it | IT | RIPE | REGISTERIT03 | 4a90c7ffbdf3b7f65b4acbe9b1c0f702 | http://www.euronova.net/php//administrator/components/com_virtuemart/myid.flv |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/Shellbot.7642 | 32/42 (76.2%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 9101ecb9587eccf2b6806f894a733ede | http://www.fileden.com/files/2012/2/1/3258462/meianoite.txt |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/Shellbot.7642 | 30/38 (78.9%) | AS14141 | 98.142.215.184 | wnoc@wiresix.com | US | ARIN | WIRESIX | 22f468b2d7c7b05a60a3d4ab1db3f6d8 | http://www.fileden.com/files/2012/2/4/3259779//fkfkdjjfh4h4h5h5hfff.txt |
| 2012-02-10 15:40:07 | sub11 | avira | PHP/MassMail.4127 | 12/40 (30%) | AS27823 | 200.58.123.102 | ipmaster@hostmar.com | AR | LACNIC | AR-DATT-LACNIC | 7a6a035869359371ef385f5dc64dcbd5 | http://www.xdelsur.com.ar/es/enviar.txt |
| 2012-02-10 15:40:07 | sub14 | avira | DR/Dldr.Small.atkz | 22/40 (55%) | AS8422 | 78.35.36.202 | abuse@netcologne.de | DE | RIPE | ARTEGIC | 7ee8ba61e081a00a3f03f18360632262 | http://diebestenbits.de/files/86098ef82c97fa789a47a8d2e8800794/115/dana-setup.exe&&&&&&&&&&&&lt;br&&&&&&&&&&&&gt; |
| 2012-02-10 15:40:07 | sub14 | avira | ADWARE/Adware.1499508 | 16/40 (40%) | AS19318 | 209.159.146.144 | network@interserver.net | US | ARIN | INTERSERVER | 3293cace2ac355676329424e5b71725c | http://download.xvidcodec.org/dm-ddd-xvid.exe?filename=xvidsetup.ex&ampampltbr%2F&ampampgte&ampampamp&ampampampchannel=addirect&ampampamp&ampampampdddno=dmxv1ddd |
| 2012-02-10 15:40:07 | sub14 | AVG | SmartShopper | 1/40 (2.5%) | AS32209 | 69.172.200.70 | net-admin@peer1.net | US | ARIN | PEER1-BLK-14 | 37389dc9f124408f986ebebdc72e8570 | http://freeinstaller.net/bundle.php?m=i&b=13&br=iexplore |
| 2012-02-10 15:50:05 | sub16 | avira | ADSPY/AdSpy.Gen2 | 25/40 (62.5%) | AS10912 | 66.150.14.86 | abuse@internap.com | US | ARIN | PNAP-06-2001 | 1ecdc487cb970d9e82d2c247d9df7b56 | http://origin-ics.ravenbleu.com/IC/GPLRavenBleu05/32467/1/6382d1ed-a3fb-4072-84f3-64f25997d342/XvidSetup.exe |
| 2012-02-10 15:50:05 | sub16 | avira | TR/Dldr.Bedobot.B.9 | 31/38 (81.6%) | AS13749, AS21844, AS30315, AS36420 | 74.54.177.28 | abuse@theplanet.com | US | ARIN | NETBLK-THEPLANET-BLK-14 | ca84a9eb8a270cfc21a1e317237f0aee | http://shineservicescounselling.com.au/media/historico_TXT.exe?lore&ampamp |
| 2012-02-10 15:34:54 | sub5 | avira | PHP/C99Shell.CG | 22/40 (55%) | AS36167 | 216.59.16.36 | abuse@netriplex.com | US | ARIN | NETR-AVL-1 | 8d7ab0063ac76d17817fb216576e9547 | http://omaravilhapousada.com.br/danger.txt??? |
| 2012-02-10 16:01:58 | sub10 | avira | TR/Rootkit.Gen | 23/40 (57.5%) | AS9318 | 118.218.136.175 | abuse@skbroadband.com | KR | APNIC | broadNnet-KR | 1a8a8ed34d63cdcdc0a0c6684d6d1cda | http://118.218.136.175/bin/m210.exe |
| 2012-02-10 16:20:07 | sub16 | clamav | PUA.IRC-Client.mIRC-37 | 3/38 (7.9%) | AS26496 | 72.167.1.1 | abuse@godaddy.com | US | ARIN | GO-DADDY-SOFTWARE-INC | 677bdc9172eef9236cbbdba080b24e38 | http://chrisqueen.com/dp/distr/app-hsvdm/site-0062101e758/lng-eng/hsvdm.exe |
| 2012-02-10 16:30:04 | sub10 | avira | TR/SkynetRef.u | 35/43 (81.4%) | AS39743 | 188.211.239.213 | maria.mirabela1980@gmail.com | ro | RIPE | PF-DEACONU-VASILE | ca9adac5b59021d6e1ae4f845709ded3 | http://fvsn.org/!install/install-17406.exe |
| 2012-02-10 16:30:06 | sub16 | avira | TR/Graftor.G | 15/38 (39.5%) | AS14618 | 107.20.230.29 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | 65f774c7e41a831d406fe0490234311e | http://dl.dropbox.com/u/56937573/explorer.exe |
| 2012-02-10 16:33:10 | sub10 | avira | BDS/Wallop.GY | 16/40 (40%) | AS15857 | 81.168.149.12 | registry@dialog.net.pl | PL | RIPE | PL-DIALOG-20030617 | f689c382150bbcee9fe7cd14d5d687a6 | http://neverland.com.pl/nt/netTrade.exe |
| 2012-02-10 16:33:10 | sub10 | avira | TR/Offend.7187095 | 27/40 (67.5%) | AS31147 | 178.18.243.172 | abuse@inline.de | DE | RIPE | DE-INLINE-20100427 | b801f04343f7245d6553f97ede186662 | http://psesinda.in/l.exe?rwmid=1&&&&&&&&&&&&&&&&wmid=284 |
| 2012-02-10 16:33:10 | sub10 | BitDefender | Gen:Variant.Kazy.54796 | 8/39 (20.5%) | AS16265 | 83.149.112.18 | abuse@leaseweb.com | NL | RIPE | NL-LEASEWEB-20040309 | 25845c35fe1564824ab005f56bb578ed | http://web-programmingsite.be/sis/123.exe |
| 2012-02-10 16:33:11 | sub10 | avira | PHP/BackDoor.AR | 29/40 (72.5%) | AS3786 | 61.38.186.176 | shkim082@chol.com | KR | APNIC | BORANET-KR | 59fbe6ce00bc6f520e3ccc31543033b8 | http://triz.or.kr//data/log/img09.jpg??? |
| 2012-02-10 16:33:11 | sub10 | avira | SPR/PHP.ID | 14/37 (37.8%) | AS3786 | 61.38.186.176 | shkim082@chol.com | KR | APNIC | BORANET-KR | 54e3d089f7a0e93907c06a3341029b5c | http://triz.or.kr//data/log/main.txt??? |
| 2012-02-10 16:33:12 | sub16 | avira | ADSPY/NaviPromo.J | 12/38 (31.6%) | AS36351 | 74.86.54.224 | abuse@softlayer.com | US | ARIN | SOFTLAYER-NETBLOCK5 | 9de51f6b3db08c27f87d13aacac6bc1f | http://www.file4me.com/birdiesoftware/tnbridgedelphi2010.exe |
| 2012-02-10 16:33:13 | sub16 | avira | PHISH/TAM.A | 7/40 (17.5%) | AS9931 | 122.155.10.196 | support@idc.cattelecom.com | TH | APNIC | CAT-IDC-Service | b814b2c6c43012dcf2b3e746b39447b8 | http://www.makeup-amour.com/xmlrpc/Fidelidade/tam105/ |
| 2012-02-10 15:47:31 | sub8 | undef | Adware.BHO.WUH | 0/43 (0.0%) | AS24940 | 213.133.104.82 | abuse@hetzner.de | DE | RIPE | HETZNER-RZ-NBG-NET | bb15b24e8b7102b6d111053c9b63f7b9 | http://sl5.de/ |
| 2012-02-10 16:50:06 | sub16 | avira | HTML/IFrame.AP | 22/31 (71%) | AS9803 | 211.100.61.82 | zhengym@bjtelecom.net | CN | APNIC | BJTEL | 04267c28a3268c6648e624a3cabcc155 | http://www.schenck.com.cn/ |
| 2012-02-10 16:12:21 | sub5 | avira | PHP/Shellbot.7642 | 25/38 (65.8%) | AS46475 | 69.162.107.55 | abuse@limestonenetworks.com | US | ARIN | LSN-DLLSTX-2 | 22dc1670d87cd1e9c60cdac48e75fdc3 | http://69.162.107.55/cmd.txt? |
| 2012-02-10 15:48:19 | sub8 | undef | Joke:Win32/ScreenFly | 0/43 (0.0%) | AS18779 | 209.141.60.202 | admin@frantech.ca | CA | ARIN | PONYNET-04 | c7b4690c8c46625ef0f328cd7a24a0a3 | http://jetcrafting.ru/ |
| 2012-02-10 17:03:47 | sub1 | avira | TR/Spy.Banker.aax.83 | 23/40 (57.5%) | AS35612 | 88.149.174.74 | abuse@ngi.it | IT | RIPE | IT-NGI-20060120 | a023d940451bca57fde649432a6fa8ac | http://www.cajarelli.it/templates/trollan/sincronizar.exe |
| 2012-02-10 17:11:26 | sub1 | Ikarus | Trojan.JS.Ransom | 2/40 (5%) | AS41018 | 195.189.227.69 | abuse@server.ua | UA | RIPE | DC-SERVER-UKRAINE | 484a267da15763cc4ce75e67a88477ea | http://195.189.227.69/ |
| 2012-02-10 17:11:26 | sub1 | Ikarus | Trojan.Crypt.Ransom | 2/40 (5%) | AS41018 | 195.189.227.69 | abuse@server.ua | UA | RIPE | DC-SERVER-UKRAINE | f7120522b79cb07337744990afbf14d5 | http://195.189.227.69/images.rar |
| 2012-02-10 17:11:26 | sub16 | DrWeb | Win32.HLLW.Autoruner.25074 | 3/40 (7.5%) | AS14618 | 107.20.138.135 | ec2-abuse@amazon.com | US | ARIN | AMAZON-EC2-8 | f5f6d8347889a45fe152c24863d6711a | http://dl.dropbox.com/u/52324326/Youtube%20Bot%20by%20Blackmetalcinema.rar |
| 2012-02-10 17:20:04 | sub10 | avira | TR/Crypt.ULPM.Gen2 | 34/39 (87.2%) | AS43205 | 46.40.84.16 | n.hristov@bulsat.com | BG | RIPE | BG-BULSATCOM-20100630 | 3a054634a734166e911a707cd507f3d1 | http://46.40.84.16/search=iecheck12.exe |
| 2012-02-10 17:31:47 | sub10 | Avast | Win32:FakeAV-CXC Trj | 10/40 (25%) | AS197569 | 91.223.89.101 | stas_vl@mail.ru | UA | RIPE | ENERGOMONTAZH-NET | 8ec580f1ddb2864c901cefc151352e4f | http://91.223.89.101/share/bdu3romkd.exe |
| 2012-02-10 17:31:48 | sub10 | Avast | Win32:FakeAV-CXC Trj | 12/40 (30%) | AS197569 | 91.223.89.101 | stas_vl@mail.ru | UA | RIPE | ENERGOMONTAZH-NET | 9e600c97fa4b069e88e8bdd057245076 | http://91.223.89.101/share/bsub5romkr.exe |
| 2012-02-10 17:31:57 | sub1 | AVG | Dropper.Generic5.AEYI | 12/42 (28.6%) | AS31034 | 62.149.140.124 | hostmaster@technorail.com | IT | RIPE | TECHNORAIL-NET | 4ce6021b41a51c1758e6bf2bdced7b82 | http://www.lacortigianadelre.it/cache/mod_login/perup.exe |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Click.AG.2 | 28/40 (70%) | AS4134 | 222.184.114.73 | anti-spam@ns.chinanet.cn.net | CN | APNIC | CHINANET-JS | 2beca5e2f50b94ef442b0ecdd8e96cee | http://222.184.114.73/bbmedia.qq.com/media/game/2006/10/KartLauncher.exe |
| 2012-02-10 17:40:06 | sub14 | undef | unknown_exe | 0/40 (0.0%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | e7af86ec6d269574ed8a5e3a09e886b9 | http://cabledr.cjhellovision.com/cabletb/634/update/CBOXResource.dll |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Offend.KD.501127 | 11/43 (25.6%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 3e237296e29317c6085387e622ca18a1 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBAct.dll |
| 2012-02-10 17:40:06 | sub14 | clamav | PUA.Packed.ASPack | 1/43 (2.3%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 8dd13dfc2ad20a61d7f6635d741d1d1e | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBCapture.exe |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Offend.KD.501119 | 10/43 (23.3%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 1b30e0e016d28afacb907c6b3102019e | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBCmMn.exe |
| 2012-02-10 17:40:06 | sub14 | clamav | PUA.Packed.ASPack | 1/40 (2.5%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 48d92e74e5220d810839a033434bb022 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBEC.exe |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Offend.KD.501126 | 15/40 (37.5%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 296f7b63b4f2ee79c8a59eb4a903153a | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBECm.exe |
| 2012-02-10 17:40:06 | sub14 | avira | ADWARE/Offend.257024.1 | 14/40 (35%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | fdb7bba96a05a300eabe18eb0e180fa9 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBEInf.exe |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Offend.KD.501124 | 20/40 (50%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 01655499d4b88c31f6e3568feb75da4d | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBEUse.exe |
| 2012-02-10 17:40:06 | sub14 | clamav | PUA.Packed.ASPack | 1/43 (2.3%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 66ed76c69ba77cc72ee0dcd54514f994 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBMailer.exe |
| 2012-02-10 17:40:06 | sub14 | avira | TR/Offend.KD.501131 | 17/40 (42.5%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 5c5564e055254043a55e08e3e913a753 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBMnCm.exe |
| 2012-02-10 17:40:07 | sub14 | clamav | PUA.Packed.ASPack | 3/43 (7%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | f3667361bee07b322d9cb4a01b1066ff | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBReg.exe |
| 2012-02-10 17:40:07 | sub14 | clamav | PUA.Packed.ASPack | 18/40 (45%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 070349151c31e0c00e6afd996ed60ba1 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBSet.exe |
| 2012-02-10 17:40:07 | sub14 | avira | TR/Offend.KD.501132 | 7/40 (17.5%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 935c1997f5f96f14fa89fdbcd41f62d7 | http://cabledr.cjhellovision.com/cabletb/634/update/CbTBUp.exe |
| 2012-02-10 17:40:07 | sub14 | Symantec | WS.Reputation.1 | 1/40 (2.5%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | 9eac50431953b1fb41a07c3cfa36a9e2 | http://cabledr.cjhellovision.com/cabletb/634/update/MSBLIB.dll |
| 2012-02-10 17:40:07 | sub14 | avira | TR/Offend.KD.501128 | 20/40 (50%) | AS17839 | 61.97.192.119 | abuse@dreamcity.co.kr | KR | APNIC | CJ-HELLOVISION-KR | ec3a5df75ad8cfe58f353debb5dca6ce | http://cabledr.cjhellovision.com/cabletb/634/update/Uninst.exe |
| 2012-02-10 17:40:07 | sub14 | Avast | Win32:Rootkit-gen [Rtk] | 20/40 (50%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | 3046124ef502dd2c587306d1c6335e15 | http://cineplanet.info/css/as |
| 2012-02-10 17:40:07 | sub14 | clamav | Worm.Ngrbot-10 | 23/41 (56.1%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | dfd733ac1103ce752b01a7f3bd8ba2fa | http://cineplanet.info/css/df |
| 2012-02-10 17:40:07 | sub14 | avira | TR/Crypt.XPACK.Gen | 16/39 (41%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | e75a7f069a3ba9dde3ed9c5a0b710e28 | http://cineplanet.info/css/rmt |
| 2012-02-10 17:40:07 | sub14 | clamav | Worm.Ngrbot-10 | 12/43 (27.9%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | 8287a8ac75b9224e532c0d00416561b0 | http://cineplanet.info/css/sf |
| 2012-02-10 17:40:07 | sub14 | BitDefender | Trojan.Generic.KD.529867 | 14/42 (33.3%) | AS46095, AS46861, AS32613, AS14720, AS40699, AS18875 | 108.163.164.154 | abuse@noc.privatedns.com | CA | ARIN | IWEB-NE-1 | 75cd88fced4d7623b7d8c28218751663 | http://cineplanet.info/css/sss |
| 2012-02-10 17:40:07 | sub14 | undef | unknown_exe | 0/43 (0.0%) | AS42602 | 193.143.98.68 | svap@devnull.ru | RU | RIPE | GRANBANK-NET | ddbde87737d88b85beb6aea32e681963 | http://granonline.ru/files/PC-Banking.exe |
| 2012-02-10 17:40:07 | sub14 | AVG | Dropper.Generic5.AFHL | 7/40 (17.5%) | AS10297 | 209.190.61.44 | abuse@ee.net | US | ARIN | ENET-XLHOST | 4741fb64f216bf8fc5c64db30c097e87 | http://ismeretterjesztes.info/1/steal.exe |
| 2012-02-10 16:11:07 | sub8 | undef | PWS:Win32/Zbot.gen!Y | 0/40 (0.0%) | AS35612 | 88.149.174.74 | abuse@ngi.it | IT | RIPE | IT-NGI-20060120 | 4e4324225f442ab56a60f3dd822c93a8 | http://www.cajarelli.it/templates/trollan/ |
| 2012-02-10 18:00:06 | sub10 | Avast | NSIS:Relevant-D [PUP] | 5/42 (11.9%) | AS36024 | 65.99.250.115 | Chavvon@yoggin.com | US | ARIN | COLO4-TRANS-070506 | 70f517ec92978df25f619e06f33c7b24 | http://themexp.org/site_tempfiles/06/184879.exe |
| 2012-02-10 17:22:40 | sub5 | avira | PERL/IrcBot.AC | 8/39 (20.5%) | AS23688 | 123.200.5.66 | apnic@link3.net | BD | APNIC | LINK3 | b1f713ab6b26e756ee06e41469c44c21 | http://egnbazaar.com/Nevi/b0t.txt?? |
| 2012-02-10 17:22:51 | sub5 | avira | PERL/IrBot.D.1 | 20/40 (50%) | AS23688 | 123.200.5.66 | apnic@link3.net | BD | APNIC | LINK3 | ec3a2c2c232877f1cf98a19f5bce1867 | http://egnbazaar.com/Nevi/remote.txt?? |
| 2012-02-10 18:02:03 | sub10 | avira | PHP/MassMail.4127 | 12/40 (30%) | AS27823 | 200.58.123.102 | ipmaster@hostmar.com | AR | LACNIC | AR-DATT-LACNIC | 7a6a035869359371ef385f5dc64dcbd5 | http://xdelsur.com.ar/es/enviar.txt |
| 2012-02-10 18:02:04 | sub10 | AntiVir | GAME/Casino.Gen2 | 15/40 (37.5%) | AS11754 | 216.59.154.18 | noc@orangeisp.com | US | ARIN | GUS-NET | f84902225999c5ed57b025cbb0f68d8b | http://zrdylwhuy.casinos4you.eu/En-WinPalace.exe |
+---------------------+-------------+------------------+-------------------------------------------+---------------+------------------------------------------------------+-----------------+------------------------------+---------+---------+--------------------------+----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
135 rows in set (0.00 sec)

--- End code ---

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version