CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: Walker is running: 38(681) http://down8.3987.com:801/2010/dgsd2zfzzbq.3987.com.rar
Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
malware impact on AS AS9318
Query as xml: Same query as xml output
TIMERS: Runtime Query: 0.6351 Seconds 10 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(11198280) 11198280 Report false positive Report closed case make a suggestion 2013-05-20 12:30:59     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (f282ee4b7e2fbe5cb25b43a0dd786490)lookup in threatexpert.comlookup the sha256(685db548f7e8f9792b7c4ac581e351c207cb56e0b54c99aea893c96e8c3572f3) in comodo.comfollow up this md5sum(f282ee4b7e2fbe5cb25b43a0dd786490)follow up this itemfollow up this virusname (ADWARE%2FFunpop.A.64) as RSS-Feedlookup Virusname at avirafollow up this malware(ADWARE%2FFunpop.A.64) for scanner (avira) in md5 table37/46 (80.4%) ADWARE/Funpop.A.64
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://update1.cleanbi.co.kr/ab_down/?do ...  up No previous evidence recordedSaved evidence (544768 Bytes) of last contact as txt May 20 2013 17:54:00 CEST. aliveSaved log of last contact as txt May 20 2013 17:54:00 CEST. SenderBaselookup 211.215.18.232 at virustotallookup 211.215.18.232 at Rus CERT university stuttgart germanylookup 211.215.18.232 at apnicfollow up this item(ip) in same window 211.215.18.232 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 211.215.18.237 at virustotallookup 211.215.18.237 at Rus CERT university stuttgart germanylookup 211.215.18.237 at apnicfollow up this item(review) in same window 211.215.18.237 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://update1.cleanbi.co.kr/ab_down/?do ... lookup cleanbi.co.kr at virustotalfollow up this domain(cleanbi.co.kr) cleanbi.co.kr follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 211.212.0.0 - 211.215.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns55.dnsever.com follow up this item ns231.dnsever.com follow up this item ns259.dnsever.com follow up this item ns86.dnsever.com follow up this item ns53.dnsever.com Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://update1.cleanbi.co.kr/ab_down/?do ...
2 follow up this item(11198177) 11198177 Report false positive Report closed case make a suggestion 2013-05-20 12:30:55     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
19/46 (41.3%) Generic Dropper.aei Adware.Kraddare.gen SecurityRisk.Downldr ADW_KRADDARE Win32:PUP-gen [PUP] Adware.IETab.75520.F nbiz Trojan.DownLoader6.35982 Trojan.Win32.Generic!BT ADW_KRADDARE Generic Dropper.aei Adware.Win32.Kraddare.AMN (A) Win32.Troj.Generic.a.( lookup in virustotal.com (86bf216dc0a68dd2e359c83b738cd8e0)-->[http://www.virustotal.com/latest-report.html?resource=86bf216dc0a68dd2e359c83b738cd8e0]lookup in threatexpert.comlookup the sha256(0fdd65c177a4bcba9013589d05e720a39e02ddedb0d7b928c189aa24e01c1369) in comodo.comfollow up this md5sum(86bf216dc0a68dd2e359c83b738cd8e0)follow up this itemfollow up this virusname (Trj%2FCI.A) as RSS-Feedfollow up this malware(Trj%2FCI.A) for scanner (undef) in md5 table19/46 (41.3%) Trj/CI.A
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nsiclub.com/spon/IETab__IE145.exe ...  up No previous evidence recordedSaved evidence (75520 Bytes) of last contact as txt April 02 2013 06:57:57 CEST. aliveSaved log of last contact as txt May 20 2013 15:48:29 CEST. SenderBaselookup 116.120.57.106 at virustotallookup 116.120.57.106 at Rus CERT university stuttgart germanylookup 116.120.57.106 at apnicfollow up this item(ip) in same window 116.120.57.106 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 116.120.57.106 at virustotallookup 116.120.57.106 at Rus CERT university stuttgart germanylookup 116.120.57.106 at apnicfollow up this item(review) in same window 116.120.57.106 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nsiclub.com/spon/IETab__IE145.exe ... lookup nsiclub.com at virustotalfollow up this domain(nsiclub.com) nsiclub.com follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 116.120.0.0 - 116.127.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns2.cafe24.com follow up this item ns0.cafe24.com follow up this item ns1.cafe24.com follow up this item ns.cafe24.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nsiclub.com/spon/IETab__IE145.exe ...
3 follow up this item(11197845) 11197845 Report false positive Report closed case make a suggestion 2013-05-20 12:30:45     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
11/46 (23.9%) Adware Adware WS.Reputation.1 TROJ_GEN.F47V0507 Adware.matchkey.307064 ApplicUnwnt Trojan.DownLoader8.64215 Adware.Win32.Kraddare.AMN (A) Trojan/Generic.azglz Win-PUP/Helper.MatchKey.307064 a variant of Win32/Adware.Kraddare.X lookup in virustotal.com (51f34053b2e1ea1ddc8e2e278f5f6849)-->[http://www.virustotal.com/latest-report.html?resource=51f34053b2e1ea1ddc8e2e278f5f6849]lookup in threatexpert.comlookup the sha256(f32f5001805a5ff0129f5544da7024fc03c715efea6934bb0934adac9112f670) in comodo.comfollow up this md5sum(51f34053b2e1ea1ddc8e2e278f5f6849)follow up this itemfollow up this virusname (Win-PUP%2FHelper.MatchKey.307064) as RSS-Feedfollow up this malware(Win-PUP%2FHelper.MatchKey.307064) for scanner (undef) in md5 table11/46 (23.9%) Win-PUP/Helper.MatchKey.307064
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.matchkey.net/main/mkeyins.ex ...  up No previous evidence recordedSaved evidence (307064 Bytes) of last contact as txt May 06 2013 08:32:02 CEST. aliveSaved log of last contact as txt May 20 2013 19:54:05 CEST. SenderBaselookup 211.215.18.237 at virustotallookup 211.215.18.237 at Rus CERT university stuttgart germanylookup 211.215.18.237 at apnicfollow up this item(ip) in same window 211.215.18.237 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 211.215.18.232 at virustotallookup 211.215.18.232 at Rus CERT university stuttgart germanylookup 211.215.18.232 at apnicfollow up this item(review) in same window 211.215.18.232 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.matchkey.net/main/mkeyins.ex ... lookup matchkey.net at virustotalfollow up this domain(matchkey.net) matchkey.net follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 211.212.0.0 - 211.215.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns231.dnsever.com follow up this item ns259.dnsever.com follow up this item ns40.dnsever.com follow up this item ns109.dnsever.com follow up this item ns73.dnsever.com Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.matchkey.net/main/mkeyins.ex ...
4 follow up this item(11188047) 11188047 Report false positive Report closed case make a suggestion 2013-05-20 07:50:57     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
23/47 (48.9%) Gen:Trojan.Heur.GM.0140416032 Trojan.Win32.DownLoad.bfqxfq Downloader Possible_Virus Win32:Malware-gen Backdoor.Win32.Zegost.sjd Gen:Trojan.Heur.GM.0140416032 Suspicious!SA Backdoor.Win32.S.Agent.178267 TrojWare.Win32.Trojan.NSPM.~gen Gen:Trojan.Heur.GM. lookup in virustotal.com (634df94dcfc5035fed35934bf62da0c2)-->[http://www.virustotal.com/latest-report.html?resource=634df94dcfc5035fed35934bf62da0c2]lookup in threatexpert.comlookup the sha256(98cb3e657f14ccedfec781d76098156b545c659d5373778902757e37a7b37516) in comodo.comfollow up this md5sum(634df94dcfc5035fed35934bf62da0c2)follow up this itemfollow up this virusname (TR%2FCrypt.NSPM.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.NSPM.Gen) for scanner (avira) in md5 table23/47 (48.9%) TR/Crypt.NSPM.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://pds27.egloos.com/pds/201305/08/04 ...  up No previous evidence recordedSaved evidence (178267 Bytes) of last contact as txt May 07 2013 18:14:36 CEST. aliveSaved log of last contact as txt May 20 2013 16:13:11 CEST. SenderBaselookup 58.229.125.107 at virustotallookup 58.229.125.107 at Rus CERT university stuttgart germanylookup 58.229.125.107 at apnicfollow up this item(ip) in same window 58.229.125.107 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 58.229.125.107 at virustotallookup 58.229.125.107 at Rus CERT university stuttgart germanylookup 58.229.125.107 at apnicfollow up this item(review) in same window 58.229.125.107 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://pds27.egloos.com/pds/201305/08/04 ... lookup egloos.com at virustotalfollow up this domain(egloos.com) egloos.com follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 58.224.0.0 - 58.239.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns1.onnetmns.co.kr follow up this item ns2.onnetmns.co.kr follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://pds27.egloos.com/pds/201305/08/04 ...
5 follow up this item(11181196) 11181196 Report false positive Report closed case make a suggestion 2013-05-20 05:00:41     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
20/47 (42.6%) Gen:Trojan.Heur.FU.pmW@aWZQENp BackDoor-FAUB!92CAF3DF817E WS.Reputation.1 TROJ_GEN.R47B1EI Win32:Malware-gen Backdoor.Win32.Papras.pwh Gen:Trojan.Heur.FU.pmW@aWZQENp Troj/Agent-ABQT UnclassifiedMalware Gen:Trojan.Heur.FU.pmW@aWZQENp BehavesLike.Win32.Mal lookup in virustotal.com (92caf3df817e5fb829e99d26270aae4f)-->[http://www.virustotal.com/latest-report.html?resource=92caf3df817e5fb829e99d26270aae4f]lookup in threatexpert.comlookup the sha256(61d4ec5f7dce78fe7463b15870c969bee99e60f1c714797dc98018efd57d998b) in comodo.comfollow up this md5sum(92caf3df817e5fb829e99d26270aae4f)follow up this itemfollow up this virusname (Suspicious+file) as RSS-Feedfollow up this malware(Suspicious+file) for scanner (undef) in md5 table20/47 (42.6%) Suspicious file
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jangwoocnc.com/flash/sub_english_ ...  up No previous evidence recordedSaved evidence (261632 Bytes) of last contact as txt May 17 2013 21:08:32 CEST. aliveSaved log of last contact as txt May 20 2013 05:24:42 CEST. SenderBaselookup 218.236.90.142 at virustotallookup 218.236.90.142 at Rus CERT university stuttgart germanylookup 218.236.90.142 at apnicfollow up this item(ip) in same window 218.236.90.142 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 218.236.90.142 at virustotallookup 218.236.90.142 at Rus CERT university stuttgart germanylookup 218.236.90.142 at apnicfollow up this item(review) in same window 218.236.90.142 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jangwoocnc.com/flash/sub_english_ ... lookup jangwoocnc.com at virustotalfollow up this domain(jangwoocnc.com) jangwoocnc.com follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 218.236.0.0 - 218.239.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns11.whois.co.kr follow up this item ns11.whoisweb.net follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jangwoocnc.com/flash/sub_english_ ...
6 follow up this item(11180909) 11180909 Report false positive Report closed case make a suggestion 2013-05-20 04:50:33     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
32/46 (69.6%) Trojan/W32.Agent.113152.QC Trojan-FBCA!0B85AE06F25C Trojan/Agent.nwi Riskware Trojan.Gen.2 Suspicious_Gen5.NCZI TROJ_SPNR.0CD113 Win32:Agent-AQXH [Trj] Trojan.Win32.Agent.xcnl Gen:Variant.Zusy.30324 Troj/Agent-AALE UnclassifiedMalware Gen:Variant.Zusy.30 lookup in virustotal.com (cfcd208495d565ef66e7dff9f98764da)-->[http://www.virustotal.com/latest-report.html?resource=0b85ae06f25c7d10dc723e3d0fd99717]lookup in threatexpert.comlookup the sha256(5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9) in comodo.comfollow up this md5sum(cfcd208495d565ef66e7dff9f98764da)follow up this itemfollow up this virusname (Trojan%2FWin32.Agent) as RSS-Feedfollow up this malware(Trojan%2FWin32.Agent) for scanner (AhnLab_V3) in md5 table32/46 (69.6%) Trojan/Win32.Agent
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.infocover.co.kr/APP/ck_set ...  up No previous evidence recordedSaved evidence (1 Bytes) of last contact as txt May 20 2013 05:12:23 CEST. aliveSaved log of last contact as txt May 20 2013 05:12:23 CEST. SenderBaselookup 211.49.99.33 at virustotallookup 211.49.99.33 at Rus CERT university stuttgart germanylookup 211.49.99.33 at apnicfollow up this item(ip) in same window 211.49.99.33 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 211.49.99.33 at virustotallookup 211.49.99.33 at Rus CERT university stuttgart germanylookup 211.49.99.33 at apnicfollow up this item(review) in same window 211.49.99.33 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.infocover.co.kr/APP/ck_set ... lookup infocover.co.kr at virustotalfollow up this domain(infocover.co.kr) infocover.co.kr follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 211.49.0.0 - 211.49.127.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns.infocover.co.kr follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.infocover.co.kr/APP/ck_set ...
7 follow up this item(11177541) 11177541 Report false positive Report closed case make a suggestion 2013-05-20 03:00:46     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
12/40 (30%) TR/Dldr.Delphi.Gen Trojan.Generic.KD.530322 Trojan-Downloader.Delphi!IK W32/Banload.M.gen!Eldorado Trojan.Generic.KD.530322 Trojan.Generic.KD.530322 Trojan-Downloader.Delphi Riskware Artemis!765E98402453 Artemis!765E98402453 W32/Suspicious_Gen4.LGRN Tro lookup in virustotal.com (b897db0a5039e87b2454490d7dede5bb)-->[http://www.virustotal.com/latest-report.html?resource=765e984024532226751d380c1ac2588b]lookup in threatexpert.comlookup the sha256(efe2d84303f280b4e143f2ebf5b0420ff334d644986be49f7d11a3ff63bd0a87) in comodo.comfollow up this md5sum(b897db0a5039e87b2454490d7dede5bb)follow up this itemfollow up this virusname (TR%2FDldr.Delphi.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FDldr.Delphi.Gen) for scanner (avira) in md5 table12/40 (30%) TR/Dldr.Delphi.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://218.38.12.110/tool/dtsys.exe?ccp= ...  up No previous evidence recordedSaved evidence (1030800 Bytes) of last contact as txt March 15 2013 09:18:28 CET. aliveSaved log of last contact as txt May 20 2013 03:35:01 CEST. SenderBaselookup 218.38.12.110 at virustotallookup 218.38.12.110 at Rus CERT university stuttgart germanylookup 218.38.12.110 at apnicfollow up this item(ip) in same window 218.38.12.110 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 218.38.12.110 at virustotallookup 218.38.12.110 at Rus CERT university stuttgart germanylookup 218.38.12.110 at apnicfollow up this item(review) in same window 218.38.12.110 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://218.38.12.110/tool/dtsys.exe?ccp= ... lookup 218.38.12.110 at virustotalfollow up this domain(218.38.12.110) 218.38.12.110 follow up this itemfollow up this country (kr) as RSS-Feed kr follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 218.38.0.0 - 218.39.255.255 ( - 218.39.255.255 follow up this item HANANET-INFRA follow up this item  follow up this item  follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://218.38.12.110/tool/dtsys.exe?ccp= ...
8 follow up this item(11173791) 11173791 Report false positive Report closed case make a suggestion 2013-05-19 23:16:29     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
30/47 (63.8%) Gen:Variant.Graftor.53956 Generic FakeAlert.hh Adware.Kraddare Riskware Trojan.Win32.Fakealert.bmqvcm W32/FakeAlert.UA.gen!Eldorado WS.Reputation.1 Krypt.DI TROJ_GEN.R47CPCU UDS:DangerousObject.Multi.Generic Gen:Variant.Graftor.53956 Adware.Kraddare!QENW lookup in virustotal.com (12c56de9d2267107616b968ac21a16c7)-->[http://www.virustotal.com/latest-report.html?resource=12c56de9d2267107616b968ac21a16c7]lookup in threatexpert.comlookup the sha256(8c41082a0e3a6aafcac6c8d92d96938326fe98500eb7bd745d304d0dc66d2dd1) in comodo.comfollow up this md5sum(12c56de9d2267107616b968ac21a16c7)follow up this itemfollow up this virusname (TR%2FFraud.Gen4) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FFraud.Gen4) for scanner (avira) in md5 table30/47 (63.8%) TR/Fraud.Gen4
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.speedupgrade.co.kr/P/userc ...  up No previous evidence recordedSaved evidence (160104 Bytes) of last contact as txt March 29 2013 09:14:05 CET. aliveSaved log of last contact as txt May 20 2013 01:48:06 CEST. SenderBaselookup 211.49.99.45 at virustotallookup 211.49.99.45 at Rus CERT university stuttgart germanylookup 211.49.99.45 at apnicfollow up this item(ip) in same window 211.49.99.45 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 211.49.99.45 at virustotallookup 211.49.99.45 at Rus CERT university stuttgart germanylookup 211.49.99.45 at apnicfollow up this item(review) in same window 211.49.99.45 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.speedupgrade.co.kr/P/userc ... lookup speedupgrade.co.kr at virustotalfollow up this domain(speedupgrade.co.kr) speedupgrade.co.kr follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 211.49.0.0 - 211.49.127.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns.speedupgrade.co.kr follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.speedupgrade.co.kr/P/userc ...
9 follow up this item(11173771) 11173771 Report false positive Report closed case make a suggestion 2013-05-19 23:16:21     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
19/34 (55.9%) Generic FakeAlert.hh Riskware W32/FakeAlert.UA.gen!Eldorado WS.Reputation.1 Krypt.DI TROJ_GEN.F47V0415 Gen:Variant.Graftor.53956 Adware.Kraddare UnclassifiedMalware Gen:Variant.Graftor.53956 Trojan.Fakealert.36942 TR/Fraud.Gen4 Heuristic.BehavesLike.Win lookup in virustotal.com (001c2afb9c4b20c816dcc0dc3ff5d301)-->[http://www.virustotal.com/latest-report.html?resource=001c2afb9c4b20c816dcc0dc3ff5d301]lookup in threatexpert.comlookup the sha256(846f60b1361d925e38366fb0a649fd4ce7bb6603dda8f39b3eea23ad81d0f0d4) in comodo.comfollow up this md5sum(001c2afb9c4b20c816dcc0dc3ff5d301)follow up this itemfollow up this virusname (TR%2FFraud.Gen4) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FFraud.Gen4) for scanner (avira) in md5 table19/34 (55.9%) TR/Fraud.Gen4
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.powerbooting.co.kr/P/userc ...  up No previous evidence recordedSaved evidence (157200 Bytes) of last contact as txt March 29 2013 09:16:22 CET. aliveSaved log of last contact as txt May 20 2013 01:51:59 CEST. SenderBaselookup 211.49.99.45 at virustotallookup 211.49.99.45 at Rus CERT university stuttgart germanylookup 211.49.99.45 at apnicfollow up this item(ip) in same window 211.49.99.45 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 211.49.99.45 at virustotallookup 211.49.99.45 at Rus CERT university stuttgart germanylookup 211.49.99.45 at apnicfollow up this item(review) in same window 211.49.99.45 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.powerbooting.co.kr/P/userc ... lookup powerbooting.co.kr at virustotalfollow up this domain(powerbooting.co.kr) powerbooting.co.kr follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 211.49.0.0 - 211.49.127.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns.powerbooting.co.kr follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://upstat.powerbooting.co.kr/P/userc ...
10 follow up this item(11172392) 11172392 Report false positive Report closed case make a suggestion 2013-05-20 00:02:00     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
12/47 (25.5%) Artemis!972ED30E2228 Adware.Kraddare TROJ_GEN.RC1H1EF Win32:Rootkit-gen [Rtk] ApplicUnwnt Trojan.Win32.Generic!BT HEUR/Malware Win32:Rootkit-gen a variant of Win32/Adware.Kraddare.HB Win32.Rootkit Generic5.WZF Suspicious file lookup in virustotal.com (9dbceafe43bf5f91371b7fd0e1a8c115)-->[http://www.virustotal.com/latest-report.html?resource=9dbceafe43bf5f91371b7fd0e1a8c115]lookup in threatexpert.comlookup the sha256(d82f86920a75662a9d93aa3b5e331010f6e3234a53b93b3e91375c079a62a6f4) in comodo.comfollow up this md5sum(9dbceafe43bf5f91371b7fd0e1a8c115)follow up this itemfollow up this virusname (HEUR%2FMalware) as RSS-Feedlookup Virusname at avirafollow up this malware(HEUR%2FMalware) for scanner (avira) in md5 table12/47 (25.5%) HEUR/Malware
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.boanfile.com/boanfile_power. ...  up No previous evidence recordedSaved evidence (396809 Bytes) of last contact as txt May 14 2013 10:41:49 CEST. aliveSaved log of last contact as txt May 20 2013 00:32:18 CEST. SenderBaselookup 218.38.136.18 at virustotallookup 218.38.136.18 at Rus CERT university stuttgart germanylookup 218.38.136.18 at apnicfollow up this item(ip) in same window 218.38.136.18 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS9318) in networks tablefollow up this itemfollow up this AS (AS9318) as RSS-Feed AS9318 SenderBaselookup 123.214.170.144 at virustotallookup 123.214.170.144 at Rus CERT university stuttgart germanylookup 123.214.170.144 at apnicfollow up this item(review) in same window 123.214.170.144 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.boanfile.com/boanfile_power. ... lookup boanfile.com at virustotalfollow up this domain(boanfile.com) boanfile.com follow up this itemfollow up this country (KR) as RSS-Feed KR follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@skbroadband.com) as RSS-Feed abuse@skbroadband.com follow up this itemfollow up this item 218.38.0.0 - 218.39.255.255 ( - 218.39.255.255 follow up this item broadNnet-KR follow up this item SK Broadband Co Ltd follow up this item ns102.dnsever.com follow up this item ns89.dnsever.com follow up this item ns69.dnsever.com follow up this item ns259.dnsever.com follow up this item ns231.dnsever.com Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://down.boanfile.com/boanfile_power. ...
Click here for other already closed incidents for your AS (AS9318)

Click here for other vital incidents


for query you may use wildcard=% or placeholder=_
response
domain
url
virusname
md5
ip
review
score
as
id
scanner
recent
descr
email
netname
inetnum
source
country
nsx
ns1
ns2
ns3
ns4
ns5
sub
sort
# of items to display

Protected by clean MX [Valid RSS] Valid HTML 4.01 Transitional CSS ist valide!
Access is provided for free and subject to these Terms and Conditions.