CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: 4756433 As of 2014-07-13 21:31:13 CEST
Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
Recently we pushed out notifications with "unrated site" these are totally clean sites, we apologize this!

If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
Query as xml: Same query as xml output
TIMERS: Runtime Query: 2.9862 Seconds 100 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(33735553) 33735553 Report false positive Report closed case make a suggestion 2014-07-11 20:12:31     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (7215ee9c7d9dc229d2921a40e899ec5f)follow up this md5sum(7215ee9c7d9dc229d2921a40e899ec5f)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://forum.yuztech.grn.cc/  up alive follow up this ip (ip=31.170.167.140) as RSS-FeedSenderBaselookup 31.170.167.140 at virustotallookup 31.170.167.140 at Rus CERT university stuttgart germanylookup 31.170.167.140 at Ripefollow up this item(ip) in same window 31.170.167.140 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.140) as RSS-FeedSenderBaselookup 31.170.167.140 at virustotallookup 31.170.167.140 at Rus CERT university stuttgart germanylookup 31.170.167.140 at Ripefollow up this item(review) in same window 31.170.167.140 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://forum.yuztech.grn.cc/ follow up this domain (grn.cc) as RSS-Feedlookup grn.cc at virustotalfollow up this domain(grn.cc) grn.cc follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.grendelhosting.com follow up this item ns2.grendelhosting.com follow up this item ns3.grendelhosting.com follow up this item ns1.grendelhosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://forum.yuztech.grn.cc/
2 follow up this item(33727805) 33727805 Report false positive Report closed case make a suggestion 2014-07-11 20:02:16     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (c03904fc609567784bd9ac7730015a1d)follow up this md5sum(c03904fc609567784bd9ac7730015a1d)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://31.170.167.212/  up alive follow up this ip (ip=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(ip) in same window 31.170.167.212 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(review) in same window 31.170.167.212 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://31.170.167.212/ follow up this domain (31.170.167.212) as RSS-Feedlookup 31.170.167.212 at virustotalfollow up this domain(31.170.167.212) 31.170.167.212 follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item  follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://31.170.167.212/
3 follow up this item(33671675) 33671675 Report false positive Report closed case make a suggestion 2014-07-11 05:21:51     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
follow up this itemfollow up this virusname (Virus.Win32.NSAnti) as RSS-Feedfollow up this malware(Virus.Win32.NSAnti) for scanner (undef) in md5 table3/54 (5.6%) Virus.Win32.NSAnti
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.l33tcoding.com/luccss/update. ...  up alive follow up this ip (ip=31.170.167.116) as RSS-FeedSenderBaselookup 31.170.167.116 at virustotallookup 31.170.167.116 at Rus CERT university stuttgart germanylookup 31.170.167.116 at Ripefollow up this item(ip) in same window 31.170.167.116 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.116) as RSS-FeedSenderBaselookup 31.170.167.116 at virustotallookup 31.170.167.116 at Rus CERT university stuttgart germanylookup 31.170.167.116 at Ripefollow up this item(review) in same window 31.170.167.116 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.l33tcoding.com/luccss/update. ... follow up this domain (l33tcoding.com) as RSS-Feedlookup l33tcoding.com at virustotalfollow up this domain(l33tcoding.com) l33tcoding.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.hostinger.com.br follow up this item ns4.hostinger.com.br follow up this item ns1.hostinger.com.br follow up this item ns2.hostinger.com.br follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.l33tcoding.com/luccss/update. ...
4 follow up this item(33670346) 33670346 Report false positive Report closed case make a suggestion 2014-07-11 05:16:36     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (c03904fc609567784bd9ac7730015a1d)follow up this md5sum(c03904fc609567784bd9ac7730015a1d)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mc-sserver.com/  up alive follow up this ip (ip=31.170.166.97) as RSS-FeedSenderBaselookup 31.170.166.97 at virustotallookup 31.170.166.97 at Rus CERT university stuttgart germanylookup 31.170.166.97 at Ripefollow up this item(ip) in same window 31.170.166.97 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.97) as RSS-FeedSenderBaselookup 31.170.166.97 at virustotallookup 31.170.166.97 at Rus CERT university stuttgart germanylookup 31.170.166.97 at Ripefollow up this item(review) in same window 31.170.166.97 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mc-sserver.com/ follow up this domain (mc-sserver.com) as RSS-Feedlookup mc-sserver.com at virustotalfollow up this domain(mc-sserver.com) mc-sserver.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.afraid.org follow up this item ns2.afraid.org follow up this item ns4.afraid.org follow up this item ns3.afraid.org follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mc-sserver.com/
5 follow up this item(33594867) 33594867 Report false positive Report closed case make a suggestion 2014-07-10 14:38:35     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (4c8a4723c1fb4bfb52470fe57608856a)follow up this md5sum(4c8a4723c1fb4bfb52470fe57608856a)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://45735488drive.lovedhost.com/  up alive follow up this ip (ip=31.170.166.83) as RSS-FeedSenderBaselookup 31.170.166.83 at virustotallookup 31.170.166.83 at Rus CERT university stuttgart germanylookup 31.170.166.83 at Ripefollow up this item(ip) in same window 31.170.166.83 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.83) as RSS-FeedSenderBaselookup 31.170.166.83 at virustotallookup 31.170.166.83 at Rus CERT university stuttgart germanylookup 31.170.166.83 at Ripefollow up this item(review) in same window 31.170.166.83 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://45735488drive.lovedhost.com/ follow up this domain (lovedhost.com) as RSS-Feedlookup lovedhost.com at virustotalfollow up this domain(lovedhost.com) lovedhost.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://45735488drive.lovedhost.com/
6 follow up this item(33418261) 33418261 Report false positive Report closed case make a suggestion 2014-07-09 01:46:44     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
14/52 (26.9%) 
 Artemis!27F72CE6A0A2
Trojan.Agent.Win32.136388
Riskware
(
0040f0f51
)
Riskware
(
0040f0f51
)
Trojan.Chifrax!nGJD/4Nh+Y0
WS.Reputation.1
TROJ_GEN.F47V0503
Win32:PUP-gen
[PUP]
Trojan.Win32.Behav328.hyydp
Mal/Behav-328
BACKDOOR.Trojan
TR/Offend.2.5308
Artem 
 lookup in virustotal.com (53d170e2b40c0ba26bb4374b52410ddf)-->[http://www.virustotal.com/latest-report.html?resource=53d170e2b40c0ba26bb4374b52410ddf]follow up this md5sum(53d170e2b40c0ba26bb4374b52410ddf)follow up this itemfollow up this virusname (W32.HfsIframe.C20a) as RSS-Feedfollow up this malware(W32.HfsIframe.C20a) for scanner (undef) in md5 table14/52 (26.9%) W32.HfsIframe.C20a
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/setup-5.1.0.zip  up alive follow up this ip (ip=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(ip) in same window 31.170.166.175 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(review) in same window 31.170.166.175 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/setup-5.1.0.zip follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.serversfree.com follow up this item ns3.serversfree.com follow up this item ns2.serversfree.com follow up this item ns1.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/setup-5.1.0.zip
7 follow up this item(33401356) 33401356 Report false positive Report closed case make a suggestion 2014-07-09 01:35:06     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
9/52 (17.3%) 
 Artemis!E9407019F088
WS.Reputation.1
TROJ_GEN.F47V0430
Win.Trojan.11323372
PE:Trojan.Win32.Generic.12C94DA3!315182499
Trojan.Agent.Win32.136388
TR/Dropper.Gen
Artemis!E9407019F088
VIRUS_UNKNOWN 
 lookup in virustotal.com (dd07577bd6ba5889168807bc0953b1c4)-->[http://www.virustotal.com/latest-report.html?resource=dd07577bd6ba5889168807bc0953b1c4]follow up this md5sum(dd07577bd6ba5889168807bc0953b1c4)follow up this itemfollow up this virusname (PUP%2FInstallMonstr) as RSS-Feedfollow up this malware(PUP%2FInstallMonstr) for scanner () in md5 table9/52 (17.3%) PUP/InstallMonstr
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/TibiaAutoSetup.z ...  up alive follow up this ip (ip=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(ip) in same window 31.170.166.175 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(review) in same window 31.170.166.175 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/TibiaAutoSetup.z ... follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.serversfree.com follow up this item ns1.serversfree.com follow up this item ns3.serversfree.com follow up this item ns4.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/TibiaAutoSetup.z ...
8 follow up this item(33401355) 33401355 Report false positive Report closed case make a suggestion 2014-07-09 01:35:06     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
6/53 (11.3%) 
 Trojan.Dropper.SFXAI
Trojan.Agent.Win32.136388
WS.Reputation.1
TROJ_GEN.F47V0505
UnclassifiedMalware
Trojan.MulDrop5.16955 
 lookup in virustotal.com (47cd157ce369ffe3970a0e79b296bcab)-->[http://www.virustotal.com/latest-report.html?resource=47cd157ce369ffe3970a0e79b296bcab]follow up this md5sum(47cd157ce369ffe3970a0e79b296bcab)follow up this itemfollow up this virusname (PUP%2FInstallMonstr) as RSS-Feedfollow up this malware(PUP%2FInstallMonstr) for scanner () in md5 table6/53 (11.3%) PUP/InstallMonstr
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/iBot%20v1_1_7.zi ...  up alive follow up this ip (ip=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(ip) in same window 31.170.166.175 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(review) in same window 31.170.166.175 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/iBot%20v1_1_7.zi ... follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.serversfree.com follow up this item ns1.serversfree.com follow up this item ns3.serversfree.com follow up this item ns4.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/iBot%20v1_1_7.zi ...
9 follow up this item(33359895) 33359895 Report false positive Report closed case make a suggestion 2014-07-09 01:15:42     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/52 (1.9%) 
 
HTML:Script-inf 
 lookup in virustotal.com (15567c2007cbc209b389327d3133c3a2)-->[http://www.virustotal.com/latest-report.html?resource=15567c2007cbc209b389327d3133c3a2]follow up this md5sum(15567c2007cbc209b389327d3133c3a2)follow up this itemfollow up this virusname (HTML%3AScript-inf) as RSS-Feedfollow up this malware(HTML%3AScript-inf) for scanner (Avast) in md5 table1/52 (1.9%) HTML:Script-inf
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fbhacks.2fh.co/index.php?action=l ...  up alive follow up this ip (ip=31.170.166.132) as RSS-FeedSenderBaselookup 31.170.166.132 at virustotallookup 31.170.166.132 at Rus CERT university stuttgart germanylookup 31.170.166.132 at Ripefollow up this item(ip) in same window 31.170.166.132 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.132) as RSS-FeedSenderBaselookup 31.170.166.132 at virustotallookup 31.170.166.132 at Rus CERT university stuttgart germanylookup 31.170.166.132 at Ripefollow up this item(review) in same window 31.170.166.132 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fbhacks.2fh.co/index.php?action=l ... follow up this domain (2fh.co) as RSS-Feedlookup 2fh.co at virustotalfollow up this domain(2fh.co) 2fh.co follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.2freehosting.com follow up this item ns4.2freehosting.com follow up this item ns1.2freehosting.com follow up this item ns3.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://fbhacks.2fh.co/index.php?action=l ...
10 follow up this item(33207061) 33207061 Report false positive Report closed case make a suggestion 2014-07-08 00:26:45     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
4/51 (7.8%) 
 
SCRIPT.Virus
Trojan.HTML.Phishbank
Exploit
(
04c557941
)
Exploit
(
04c557941
) 
 lookup in virustotal.com (3f43165661e3d7ad588a334ed2b3a5d6)-->[http://www.virustotal.com/latest-report.html?resource=3f43165661e3d7ad588a334ed2b3a5d6]follow up this md5sum(3f43165661e3d7ad588a334ed2b3a5d6)follow up this itemfollow up this virusname (SCRIPT.Virus) as RSS-Feedfollow up this malware(SCRIPT.Virus) for scanner (DrWeb) in md5 table4/51 (7.8%) SCRIPT.Virus
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://euwleagueoflegends.3eeweb.com/  up alive follow up this ip (ip=31.170.167.222) as RSS-FeedSenderBaselookup 31.170.167.222 at virustotallookup 31.170.167.222 at Rus CERT university stuttgart germanylookup 31.170.167.222 at Ripefollow up this item(ip) in same window 31.170.167.222 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.222) as RSS-FeedSenderBaselookup 31.170.167.222 at virustotallookup 31.170.167.222 at Rus CERT university stuttgart germanylookup 31.170.167.222 at Ripefollow up this item(review) in same window 31.170.167.222 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://euwleagueoflegends.3eeweb.com/ follow up this domain (3eeweb.com) as RSS-Feedlookup 3eeweb.com at virustotalfollow up this domain(3eeweb.com) 3eeweb.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.2freehosting.com follow up this item ns3.2freehosting.com follow up this item ns4.2freehosting.com follow up this item ns2.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://euwleagueoflegends.3eeweb.com/
11 follow up this item(33162843) 33162843 Report false positive Report closed case make a suggestion 2014-07-07 21:15:07     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (272ad59002eddea248082293d7eefe05)follow up this md5sum(272ad59002eddea248082293d7eefe05)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.facboook.meximas.com/  up alive follow up this ip (ip=31.170.166.202) as RSS-FeedSenderBaselookup 31.170.166.202 at virustotallookup 31.170.166.202 at Rus CERT university stuttgart germanylookup 31.170.166.202 at Ripefollow up this item(ip) in same window 31.170.166.202 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.202) as RSS-FeedSenderBaselookup 31.170.166.202 at virustotallookup 31.170.166.202 at Rus CERT university stuttgart germanylookup 31.170.166.202 at Ripefollow up this item(review) in same window 31.170.166.202 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.facboook.meximas.com/ follow up this domain (meximas.com) as RSS-Feedlookup meximas.com at virustotalfollow up this domain(meximas.com) meximas.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns4.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.facboook.meximas.com/
12 follow up this item(33133498) 33133498 Report false positive Report closed case make a suggestion 2014-07-07 17:54:43     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
follow up this itemfollow up this virusname (a+variant+of+MSIL%2FPSW.Agent.NPH) as RSS-Feedfollow up this malware(a+variant+of+MSIL%2FPSW.Agent.NPH) for scanner (undef) in md5 table2/53 (3.8%) a variant of MSIL/PSW.Agent.NPH
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://marwan-up.mw3b.com/kleeja_1.5.4/U ...  up alive follow up this ip (ip=31.170.166.70) as RSS-FeedSenderBaselookup 31.170.166.70 at virustotallookup 31.170.166.70 at Rus CERT university stuttgart germanylookup 31.170.166.70 at Ripefollow up this item(ip) in same window 31.170.166.70 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.70) as RSS-FeedSenderBaselookup 31.170.166.70 at virustotallookup 31.170.166.70 at Rus CERT university stuttgart germanylookup 31.170.166.70 at Ripefollow up this item(review) in same window 31.170.166.70 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://marwan-up.mw3b.com/kleeja_1.5.4/U ... follow up this domain (mw3b.com) as RSS-Feedlookup mw3b.com at virustotalfollow up this domain(mw3b.com) mw3b.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.marocwebs.com follow up this item ns3.marocwebs.com follow up this item ns1.marocwebs.com follow up this item ns2.marocwebs.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://marwan-up.mw3b.com/kleeja_1.5.4/U ...
13 follow up this item(33028280) 33028280 Report false positive Report closed case make a suggestion 2014-07-07 12:11:34     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
34/54 (63%) 
 W32.Clod392.Trojan.fc8d
Trojan.Generic.8977980
Trojan.Generic.8977980
TrojanRansom.Blocker.r3
Generic.dx!CFCD979C8842
Trojan.Spy.Zbot
Trojan.Win32.Blocker.bondyc
Trojan.Gen
Suspicious_Gen4.DOTHA
TROJ_SPNR.0BDO13
MSIL:Agent-AEX
[Trj]
Trojan-Ransom.Win32.B 
 lookup in virustotal.com (886262ff61a7ae7edc7e85bd91639338)-->[http://www.virustotal.com/latest-report.html?resource=886262ff61a7ae7edc7e85bd91639338]follow up this md5sum(886262ff61a7ae7edc7e85bd91639338)follow up this itemfollow up this virusname (Trojan.Agent%2FGen-Dropper) as RSS-Feedfollow up this malware(Trojan.Agent%2FGen-Dropper) for scanner (undef) in md5 table34/54 (63%) Trojan.Agent/Gen-Dropper
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://boc-cn.id.ai/payment-order.zip  up alive follow up this ip (ip=31.170.167.161) as RSS-FeedSenderBaselookup 31.170.167.161 at virustotallookup 31.170.167.161 at Rus CERT university stuttgart germanylookup 31.170.167.161 at Ripefollow up this item(ip) in same window 31.170.167.161 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.161) as RSS-FeedSenderBaselookup 31.170.167.161 at virustotallookup 31.170.167.161 at Rus CERT university stuttgart germanylookup 31.170.167.161 at Ripefollow up this item(review) in same window 31.170.167.161 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://boc-cn.id.ai/payment-order.zip follow up this domain (id.ai) as RSS-Feedlookup id.ai at virustotalfollow up this domain(id.ai) id.ai follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.nazuka.net follow up this item ns3.nazuka.net follow up this item ns1.nazuka.net follow up this item ns4.nazuka.net follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://boc-cn.id.ai/payment-order.zip
14 follow up this item(32973559) 32973559 Report false positive Report closed case make a suggestion 2014-07-07 01:42:10     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (ff480270e389606150b98a0995cc914f)follow up this md5sum(ff480270e389606150b98a0995cc914f)follow up this malware() for scanner () in md5 table0/43 (0.0%) 
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cjlzy.kuphp.net/  up alive follow up this ip (ip=31.170.167.229) as RSS-FeedSenderBaselookup 31.170.167.229 at virustotallookup 31.170.167.229 at Rus CERT university stuttgart germanylookup 31.170.167.229 at Ripefollow up this item(ip) in same window 31.170.167.229 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.229) as RSS-FeedSenderBaselookup 31.170.167.229 at virustotallookup 31.170.167.229 at Rus CERT university stuttgart germanylookup 31.170.167.229 at Ripefollow up this item(review) in same window 31.170.167.229 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cjlzy.kuphp.net/ follow up this domain (kuphp.net) as RSS-Feedlookup kuphp.net at virustotalfollow up this domain(kuphp.net) kuphp.net follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.kukew.info follow up this item ns3.kukew.info follow up this item ns4.kukew.info follow up this item ns2.kukew.info follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cjlzy.kuphp.net/
15 follow up this item(32936323) 32936323 Report false positive Report closed case make a suggestion 2014-07-06 13:12:10     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/53 (1.9%) 
 
Includer.SRC 
 lookup in virustotal.com (92efaa1282ac91edaac6ee7bdddef8ba)-->[http://www.virustotal.com/latest-report.html?resource=92efaa1282ac91edaac6ee7bdddef8ba]follow up this md5sum(92efaa1282ac91edaac6ee7bdddef8ba)follow up this itemfollow up this virusname (Includer.SRC) as RSS-Feedfollow up this malware(Includer.SRC) for scanner (Norman) in md5 table1/53 (1.9%) Includer.SRC
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.adulttv.cu.cc/  up alive follow up this ip (ip=31.170.166.139) as RSS-FeedSenderBaselookup 31.170.166.139 at virustotallookup 31.170.166.139 at Rus CERT university stuttgart germanylookup 31.170.166.139 at Ripefollow up this item(ip) in same window 31.170.166.139 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=185.27.134.154) as RSS-FeedSenderBaselookup 185.27.134.154 at virustotallookup 185.27.134.154 at Rus CERT university stuttgart germanylookup 185.27.134.154 at Ripefollow up this item(review) in same window 185.27.134.154 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.adulttv.cu.cc/ follow up this domain (cu.cc) as RSS-Feedlookup cu.cc at virustotalfollow up this domain(cu.cc) cu.cc follow up this itemfollow up this country (GB) as RSS-Feed GB follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@ifastnet.com) as RSS-Feed abuse@ifastnet.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item IFASTNET-HOSTING-NETv4-2 follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.cu.cc follow up this item ns2.cu.cc follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.adulttv.cu.cc/
16 follow up this item(32872282) 32872282 Report false positive Report closed case make a suggestion 2014-07-05 20:21:36     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/53 (1.9%) 
 
HTML:Script-inf 
 lookup in virustotal.com (77c5ec0e87437e4633a7d7dd53fe301c)-->[http://www.virustotal.com/latest-report.html?resource=77c5ec0e87437e4633a7d7dd53fe301c]follow up this md5sum(77c5ec0e87437e4633a7d7dd53fe301c)follow up this itemfollow up this virusname (HTML%3AScript-inf) as RSS-Feedfollow up this malware(HTML%3AScript-inf) for scanner (Avast) in md5 table1/53 (1.9%) HTML:Script-inf
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gpcasino.2fh.co/  up alive follow up this ip (ip=31.170.166.68) as RSS-FeedSenderBaselookup 31.170.166.68 at virustotallookup 31.170.166.68 at Rus CERT university stuttgart germanylookup 31.170.166.68 at Ripefollow up this item(ip) in same window 31.170.166.68 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.68) as RSS-FeedSenderBaselookup 31.170.166.68 at virustotallookup 31.170.166.68 at Rus CERT university stuttgart germanylookup 31.170.166.68 at Ripefollow up this item(review) in same window 31.170.166.68 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gpcasino.2fh.co/ follow up this domain (2fh.co) as RSS-Feedlookup 2fh.co at virustotalfollow up this domain(2fh.co) 2fh.co follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.2freehosting.com follow up this item ns1.2freehosting.com follow up this item ns3.2freehosting.com follow up this item ns2.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gpcasino.2fh.co/
17 follow up this item(32178348) 32178348 Report false positive Report closed case make a suggestion 2014-07-01 19:02:00     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
8/50 (16%) 
 
Gen:Trojan.Heur.ZGY.5
Gen:Trojan.Heur.ZGY.5
(B)
Gen:Trojan.Heur.ZGY.5
(B)
W32/VBTrojan.Dropper.4!Maximus
Gen:Trojan.Heur.ZGY.5
Gen:Trojan.Heur.ZGY.5
Trojan-Dropper.Win32.VB.cvgd
Gen:Trojan.Heur.ZGY.5 
 lookup in virustotal.com (3c73f9e6d113b95a230dbbf1a93a96f3)-->[http://www.virustotal.com/latest-report.html?resource=3c73f9e6d113b95a230dbbf1a93a96f3]lookup in threatexpert.comlookup the sha256(5265cff18e9672f96a7e375c75f302889ae7facee180d4b9c7e416abc732eefd) in comodo.comfollow up this md5sum(3c73f9e6d113b95a230dbbf1a93a96f3)follow up this itemfollow up this virusname (Gen%3ATrojan.Heur.ZGY.5) as RSS-Feedfollow up this malware(Gen%3ATrojan.Heur.ZGY.5) for scanner (BitDefender) in md5 table8/50 (16%) Gen:Trojan.Heur.ZGY.5
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sharma.binhoster.com/calculator.e ...  up alive follow up this ip (ip=31.170.167.95) as RSS-FeedSenderBaselookup 31.170.167.95 at virustotallookup 31.170.167.95 at Rus CERT university stuttgart germanylookup 31.170.167.95 at Ripefollow up this item(ip) in same window 31.170.167.95 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.95) as RSS-FeedSenderBaselookup 31.170.167.95 at virustotallookup 31.170.167.95 at Rus CERT university stuttgart germanylookup 31.170.167.95 at Ripefollow up this item(review) in same window 31.170.167.95 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sharma.binhoster.com/calculator.e ... follow up this domain (binhoster.com) as RSS-Feedlookup binhoster.com at virustotalfollow up this domain(binhoster.com) binhoster.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.binhoster.com follow up this item ns1.binhoster.com follow up this item ns3.binhoster.com follow up this item ns2.binhoster.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sharma.binhoster.com/calculator.e ...
18 follow up this item(32161549) 32161549 Report false positive Report closed case make a suggestion 2014-07-01 14:22:02     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
4/49 (8.2%) 
 
HTML:Phishing-CQ
Trj
Trojan.Fraudster.517
TrojanSpy:JS/Phish.D
Mal/Phish-A 
 lookup in virustotal.com (6e3c1bdf86b9340a171cb462af2b9cef)-->[http://www.virustotal.com/latest-report.html?resource=6e3c1bdf86b9340a171cb462af2b9cef]follow up this md5sum(6e3c1bdf86b9340a171cb462af2b9cef)follow up this itemfollow up this virusname (HTML%3APhishing-CQ+Trj) as RSS-Feedfollow up this malware(HTML%3APhishing-CQ+Trj) for scanner (Avast) in md5 table4/49 (8.2%) HTML:Phishing-CQ Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gdrive427724.lovedhost.com/  up alive follow up this ip (ip=31.170.166.70) as RSS-FeedSenderBaselookup 31.170.166.70 at virustotallookup 31.170.166.70 at Rus CERT university stuttgart germanylookup 31.170.166.70 at Ripefollow up this item(ip) in same window 31.170.166.70 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.70) as RSS-FeedSenderBaselookup 31.170.166.70 at virustotallookup 31.170.166.70 at Rus CERT university stuttgart germanylookup 31.170.166.70 at Ripefollow up this item(review) in same window 31.170.166.70 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gdrive427724.lovedhost.com/ follow up this domain (lovedhost.com) as RSS-Feedlookup lovedhost.com at virustotalfollow up this domain(lovedhost.com) lovedhost.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns2.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://gdrive427724.lovedhost.com/
19 follow up this item(32095180) 32095180 Report false positive Report closed case make a suggestion 2014-07-01 02:03:24     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
4/49 (8.2%) 
 
W32.HfsIframe.Cb7b
Heuristic.LooksLike.HTML.Infected.B
Mal_Hifrm
Mal_Hifrm 
 lookup in virustotal.com (506c9172665a1785ce3d01c322b1ba94)-->[http://www.virustotal.com/latest-report.html?resource=506c9172665a1785ce3d01c322b1ba94]follow up this md5sum(506c9172665a1785ce3d01c322b1ba94)follow up this itemfollow up this virusname (Mal_Hifrm) as RSS-Feedlookup Virusname at trendmicrofollow up this malware(Mal_Hifrm) for scanner (trendmicro) in md5 table4/49 (8.2%) Mal_Hifrm
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://petvillehack.0hna.com/wp-login.ph ...  up alive follow up this ip (ip=31.170.166.91) as RSS-FeedSenderBaselookup 31.170.166.91 at virustotallookup 31.170.166.91 at Rus CERT university stuttgart germanylookup 31.170.166.91 at Ripefollow up this item(ip) in same window 31.170.166.91 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.91) as RSS-FeedSenderBaselookup 31.170.166.91 at virustotallookup 31.170.166.91 at Rus CERT university stuttgart germanylookup 31.170.166.91 at Ripefollow up this item(review) in same window 31.170.166.91 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://petvillehack.0hna.com/wp-login.ph ... follow up this domain (0hna.com) as RSS-Feedlookup 0hna.com at virustotalfollow up this domain(0hna.com) 0hna.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns4.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://petvillehack.0hna.com/wp-login.ph ...
20 follow up this item(31212362) 31212362 Report false positive Report closed case make a suggestion 2014-06-28 23:13:14     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 
HTML:Script-inf 
 lookup in virustotal.com (7e47daff55b03af62b7a9130cbfb3a4b)-->[http://www.virustotal.com/latest-report.html?resource=7e47daff55b03af62b7a9130cbfb3a4b]follow up this md5sum(7e47daff55b03af62b7a9130cbfb3a4b)follow up this itemfollow up this virusname (HTML%3AScript-inf) as RSS-Feedfollow up this malware(HTML%3AScript-inf) for scanner (Avast) in md5 table1/50 (2%) HTML:Script-inf
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://thedarkserver.2fh.co/  up alive follow up this ip (ip=31.170.167.208) as RSS-FeedSenderBaselookup 31.170.167.208 at virustotallookup 31.170.167.208 at Rus CERT university stuttgart germanylookup 31.170.167.208 at Ripefollow up this item(ip) in same window 31.170.167.208 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.208) as RSS-FeedSenderBaselookup 31.170.167.208 at virustotallookup 31.170.167.208 at Rus CERT university stuttgart germanylookup 31.170.167.208 at Ripefollow up this item(review) in same window 31.170.167.208 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://thedarkserver.2fh.co/ follow up this domain (2fh.co) as RSS-Feedlookup 2fh.co at virustotalfollow up this domain(2fh.co) 2fh.co follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.2freehosting.com follow up this item ns2.2freehosting.com follow up this item ns3.2freehosting.com follow up this item ns1.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://thedarkserver.2fh.co/
21 follow up this item(30687519) 30687519 Report false positive Report closed case make a suggestion 2014-06-27 13:34:31     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 
Trojan.HTML.Phishbank 
 lookup in virustotal.com (bce5e197954afc28df429ff6ed314430)-->[http://www.virustotal.com/latest-report.html?resource=bce5e197954afc28df429ff6ed314430]follow up this md5sum(bce5e197954afc28df429ff6ed314430)follow up this itemfollow up this virusname (Trojan.HTML.Phishbank) as RSS-Feedfollow up this malware(Trojan.HTML.Phishbank) for scanner (Ikarus) in md5 table1/50 (2%) Trojan.HTML.Phishbank
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://orcamentoplanilhas.yupage.com/  up alive follow up this ip (ip=31.170.166.235) as RSS-FeedSenderBaselookup 31.170.166.235 at virustotallookup 31.170.166.235 at Rus CERT university stuttgart germanylookup 31.170.166.235 at Ripefollow up this item(ip) in same window 31.170.166.235 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.235) as RSS-FeedSenderBaselookup 31.170.166.235 at virustotallookup 31.170.166.235 at Rus CERT university stuttgart germanylookup 31.170.166.235 at Ripefollow up this item(review) in same window 31.170.166.235 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://orcamentoplanilhas.yupage.com/ follow up this domain (yupage.com) as RSS-Feedlookup yupage.com at virustotalfollow up this domain(yupage.com) yupage.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.yupage.com follow up this item ns2.yupage.com follow up this item ns4.yupage.com follow up this item ns1.yupage.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://orcamentoplanilhas.yupage.com/
22 follow up this item(30671474) 30671474 Report false positive Report closed case make a suggestion 2014-06-27 12:42:32     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (f7f641589ec8d0703e3962d84a657fcb)follow up this md5sum(f7f641589ec8d0703e3962d84a657fcb)follow up this itemfollow up this virusname (MSIL4.BMO) as RSS-Feedfollow up this malware(MSIL4.BMO) for scanner () in md5 table0/43 (0.0%) MSIL4.BMO
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tos.1eko.com/toniso.exe  up alive follow up this ip (ip=31.170.167.103) as RSS-FeedSenderBaselookup 31.170.167.103 at virustotallookup 31.170.167.103 at Rus CERT university stuttgart germanylookup 31.170.167.103 at Ripefollow up this item(ip) in same window 31.170.167.103 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.103) as RSS-FeedSenderBaselookup 31.170.167.103 at virustotallookup 31.170.167.103 at Rus CERT university stuttgart germanylookup 31.170.167.103 at Ripefollow up this item(review) in same window 31.170.167.103 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tos.1eko.com/toniso.exe follow up this domain (1eko.com) as RSS-Feedlookup 1eko.com at virustotalfollow up this domain(1eko.com) 1eko.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.3owl.com follow up this item ns1.3owl.com follow up this item ns3.3owl.com follow up this item ns4.3owl.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tos.1eko.com/toniso.exe
23 follow up this item(30163664) 30163664 Report false positive Report closed case make a suggestion 2014-06-25 16:29:53     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
12/50 (24%) 
 
Trojan.Win32.Themida.bgen
HW32.CDB.Aa6c
Trojan.Win32.Krap.1!O
UnclassifiedMalware
a
variant
of
Win32/Packed.Themida
Trojan
(
0040f4ef1
)
Trojan
(
0040f4ef1
)
Heuristic.LooksLike.Win32.EPO.N
Heur.Agent/Gen-HackRelated
Heur.Agent/Gen-HackRelated
Generic
P 
 lookup in virustotal.com (6675c4d4e74b52ae25b9efd97bb2b779)-->[http://www.virustotal.com/latest-report.html?resource=6675c4d4e74b52ae25b9efd97bb2b779]lookup in threatexpert.comlookup the sha256(17fd452410bbb2a83130990a409f94b12120b93310f84300fc52b1a9e0b2c86c) in comodo.comfollow up this md5sum(6675c4d4e74b52ae25b9efd97bb2b779)follow up this itemfollow up this virusname (UnclassifiedMalware) as RSS-Feedfollow up this malware(UnclassifiedMalware) for scanner (Comodo) in md5 table12/50 (24%) UnclassifiedMalware
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lulzgamehacking.net/LoaderUP/EXE/ ...  up alive follow up this ip (ip=31.170.167.106) as RSS-FeedSenderBaselookup 31.170.167.106 at virustotallookup 31.170.167.106 at Rus CERT university stuttgart germanylookup 31.170.167.106 at Ripefollow up this item(ip) in same window 31.170.167.106 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.106) as RSS-FeedSenderBaselookup 31.170.167.106 at virustotallookup 31.170.167.106 at Rus CERT university stuttgart germanylookup 31.170.167.106 at Ripefollow up this item(review) in same window 31.170.167.106 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lulzgamehacking.net/LoaderUP/EXE/ ... follow up this domain (lulzgamehacking.net) as RSS-Feedlookup lulzgamehacking.net at virustotalfollow up this domain(lulzgamehacking.net) lulzgamehacking.net follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item bob.ns.cloudflare.com follow up this item kate.ns.cloudflare.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lulzgamehacking.net/LoaderUP/EXE/ ...
24 follow up this item(30032024) 30032024 Report false positive Report closed case make a suggestion 2014-06-23 22:33:52     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
9/50 (18%) 
 
Win32:Malware-gen
Gen:Trojan.Heur.RP.auWbaaIkP4p
Virus.Win32.Part.a
Gen:Trojan.Heur.RP.auWbaaIkP4p
(B)
Gen:Trojan.Heur.RP.auWbaaIkP4p
(B)
Gen:Trojan.Heur.RP.auWbaaIkP4p
Gen:Trojan.Heur.RP.auWbaaIkP4p
Gen:Trojan.Heur.RP.auWbaaIkP4p
Trojan/Downloader.Geno 
 lookup in virustotal.com (a4515b54d4ebd1e1f153459d270ac556)-->[http://www.virustotal.com/latest-report.html?resource=a4515b54d4ebd1e1f153459d270ac556]lookup in threatexpert.comlookup the sha256(e8394b3233a4d9a10247963d61d0c394f32eadf1c4b1cb88666455800f972efc) in comodo.comfollow up this md5sum(a4515b54d4ebd1e1f153459d270ac556)follow up this itemfollow up this virusname (Win32%3AMalware-gen) as RSS-Feedfollow up this malware(Win32%3AMalware-gen) for scanner (Avast) in md5 table9/50 (18%) Win32:Malware-gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://raidcalliha.vvs.ir/dl/RaidCall%20 ...  up alive follow up this ip (ip=31.170.167.157) as RSS-FeedSenderBaselookup 31.170.167.157 at virustotallookup 31.170.167.157 at Rus CERT university stuttgart germanylookup 31.170.167.157 at Ripefollow up this item(ip) in same window 31.170.167.157 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.157) as RSS-FeedSenderBaselookup 31.170.167.157 at virustotallookup 31.170.167.157 at Rus CERT university stuttgart germanylookup 31.170.167.157 at Ripefollow up this item(review) in same window 31.170.167.157 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://raidcalliha.vvs.ir/dl/RaidCall%20 ... follow up this domain (vvs.ir) as RSS-Feedlookup vvs.ir at virustotalfollow up this domain(vvs.ir) vvs.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://raidcalliha.vvs.ir/dl/RaidCall%20 ...
25 follow up this item(30013117) 30013117 Report false positive Report closed case make a suggestion 2014-06-23 20:20:20     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (5b13cdc860f29670e18435e74daea482)follow up this md5sum(5b13cdc860f29670e18435e74daea482)follow up this itemfollow up this virusname (TrojanDropper.FrauDrop.uic) as RSS-Feedfollow up this malware(TrojanDropper.FrauDrop.uic) for scanner () in md5 table0/43 (0.0%) TrojanDropper.FrauDrop.uic
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://a6y.orisale.ru/files/Last_Chaos_B ...  up alive follow up this ip (ip=31.170.166.126) as RSS-FeedSenderBaselookup 31.170.166.126 at virustotallookup 31.170.166.126 at Rus CERT university stuttgart germanylookup 31.170.166.126 at Ripefollow up this item(ip) in same window 31.170.166.126 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.126) as RSS-FeedSenderBaselookup 31.170.166.126 at virustotallookup 31.170.166.126 at Rus CERT university stuttgart germanylookup 31.170.166.126 at Ripefollow up this item(review) in same window 31.170.166.126 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://a6y.orisale.ru/files/Last_Chaos_B ... follow up this domain (orisale.ru) as RSS-Feedlookup orisale.ru at virustotalfollow up this domain(orisale.ru) orisale.ru follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.sitescopy.ru follow up this item ns2.sitescopy.ru follow up this item ns4.sitescopy.ru follow up this item ns3.sitescopy.ru follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://a6y.orisale.ru/files/Last_Chaos_B ...
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
26 follow up this item(29957176) 29957176 Report false positive Report closed case make a suggestion 2014-06-23 13:31:14     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
19/50 (38%) 
 
Adware.Win32.OutBrowse.BS
MemScan:Application.Bundler.Outbrowse.E
Adware.Downware.4104
Win32/OutBrowse.S
MemScan:Application.Bundler.Outbrowse
Riskware/Agent
MemScan:Application.Bundler.Outbrowse.E
AdWare.Win32.OutBrowse
Trojan
(
0049a54f1
)
Trojan
(
00 
 lookup in virustotal.com (e2ea627dec90f168d921a4138f900388)-->[http://www.virustotal.com/latest-report.html?resource=e2ea627dec90f168d921a4138f900388]lookup in threatexpert.comlookup the sha256(59bf8eddce2e0b5651f4f26b16e8a58410e76a70aa4d4ec3305f720eda1c007c) in comodo.comfollow up this md5sum(e2ea627dec90f168d921a4138f900388)follow up this itemfollow up this virusname (MemScan%3AApplication.Bundler.Outbrowse.E) as RSS-Feedfollow up this malware(MemScan%3AApplication.Bundler.Outbrowse.E) for scanner (BitDefender) in md5 table19/50 (38%) MemScan:Application.Bundler.Outbrowse.E
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://downloadmanager.acoxi.com/downloa ...  up alive follow up this ip (ip=31.170.167.135) as RSS-FeedSenderBaselookup 31.170.167.135 at virustotallookup 31.170.167.135 at Rus CERT university stuttgart germanylookup 31.170.167.135 at Ripefollow up this item(ip) in same window 31.170.167.135 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.135) as RSS-FeedSenderBaselookup 31.170.167.135 at virustotallookup 31.170.167.135 at Rus CERT university stuttgart germanylookup 31.170.167.135 at Ripefollow up this item(review) in same window 31.170.167.135 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://downloadmanager.acoxi.com/downloa ... follow up this domain (acoxi.com) as RSS-Feedlookup acoxi.com at virustotalfollow up this domain(acoxi.com) acoxi.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.grendelhosting.com follow up this item ns3.grendelhosting.com follow up this item ns2.grendelhosting.com follow up this item ns1.grendelhosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://downloadmanager.acoxi.com/downloa ...
27 follow up this item(29929266) 29929266 Report false positive Report closed case make a suggestion 2014-06-23 10:50:19     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
29/49 (59.2%) 
 
HTML/Framer
HTML/Infected.WebPage.Gen
HTML:Agent-FS
Trj
Exploit.Html.Iframe.Bof.ABP
W32.HfsIframe.417b
HTML/Iframe.BX
IFrame.gen
HTML/Iframe.B.Gen
Exploit.Html.Iframe.Bof.ABP
(B)
Exploit.Html.Iframe.Bof.ABP
(B)
IFrame.gen
Exploit.Html.Iframe.Bof.ABP
HTM 
 lookup in virustotal.com (8824eae5e0e280cc99b881cc6b0446f1)-->[http://www.virustotal.com/latest-report.html?resource=8824eae5e0e280cc99b881cc6b0446f1]follow up this md5sum(8824eae5e0e280cc99b881cc6b0446f1)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FInfected.WebPage.Gen) for scanner (avira) in md5 table29/49 (59.2%) HTML/Infected.WebPage.Gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://switche.mw3b.com/  up alive follow up this ip (ip=31.170.166.128) as RSS-FeedSenderBaselookup 31.170.166.128 at virustotallookup 31.170.166.128 at Rus CERT university stuttgart germanylookup 31.170.166.128 at Ripefollow up this item(ip) in same window 31.170.166.128 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.128) as RSS-FeedSenderBaselookup 31.170.166.128 at virustotallookup 31.170.166.128 at Rus CERT university stuttgart germanylookup 31.170.166.128 at Ripefollow up this item(review) in same window 31.170.166.128 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://switche.mw3b.com/ follow up this domain (mw3b.com) as RSS-Feedlookup mw3b.com at virustotalfollow up this domain(mw3b.com) mw3b.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.marocwebs.com follow up this item ns1.marocwebs.com follow up this item ns4.marocwebs.com follow up this item ns3.marocwebs.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://switche.mw3b.com/
28 follow up this item(29855326) 29855326 Report false positive Report closed case make a suggestion 2014-06-22 10:11:47     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 
HTML:Script-inf 
 lookup in virustotal.com (7ff2965a9b686c61f8363be985861035)-->[http://www.virustotal.com/latest-report.html?resource=7ff2965a9b686c61f8363be985861035]follow up this md5sum(7ff2965a9b686c61f8363be985861035)follow up this itemfollow up this virusname (HTML%3AScript-inf) as RSS-Feedfollow up this malware(HTML%3AScript-inf) for scanner (Avast) in md5 table1/50 (2%) HTML:Script-inf
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://skamilinux.grn.cc/?p=87  up alive follow up this ip (ip=31.170.167.252) as RSS-FeedSenderBaselookup 31.170.167.252 at virustotallookup 31.170.167.252 at Rus CERT university stuttgart germanylookup 31.170.167.252 at Ripefollow up this item(ip) in same window 31.170.167.252 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.252) as RSS-FeedSenderBaselookup 31.170.167.252 at virustotallookup 31.170.167.252 at Rus CERT university stuttgart germanylookup 31.170.167.252 at Ripefollow up this item(review) in same window 31.170.167.252 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://skamilinux.grn.cc/?p=87 follow up this domain (grn.cc) as RSS-Feedlookup grn.cc at virustotalfollow up this domain(grn.cc) grn.cc follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.grendelhosting.com follow up this item ns3.grendelhosting.com follow up this item ns1.grendelhosting.com follow up this item ns2.grendelhosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://skamilinux.grn.cc/?p=87
29 follow up this item(29771361) 29771361 Report false positive Report closed case make a suggestion 2014-06-21 01:20:22 OVERDUE! Overdue!553.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
13/50 (26%) 
 
HTML/Framer
JS/Redirector.NT.106
HTML:Iframe-BNK
Trj
TrojWare.HTML.iFrame.TWTR
JS/Iframe.JE
JS/Iframe.R!tr
Trojan.Framer
HEUR:Trojan.Script.Generic
JS/Iframe.gen.an
Exploit:HTML/IframeRef.DM
Trojan.Html.TwitScroll.bklyhq
Iframe.WL
Exploit.HTML.Iframe.dm 
 lookup in virustotal.com (37264cd805df59a512e7e1b250df4a63)-->[http://www.virustotal.com/latest-report.html?resource=37264cd805df59a512e7e1b250df4a63]follow up this md5sum(37264cd805df59a512e7e1b250df4a63)follow up this itemfollow up this virusname (JS%2FRedirector.NT.106) as RSS-Feedfollow up this malware(JS%2FRedirector.NT.106) for scanner (AntiVir) in md5 table13/50 (26%) JS/Redirector.NT.106
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://carloseceron.besaba.com/wordpress ...  up alive follow up this ip (ip=31.170.166.218) as RSS-FeedSenderBaselookup 31.170.166.218 at virustotallookup 31.170.166.218 at Rus CERT university stuttgart germanylookup 31.170.166.218 at Ripefollow up this item(ip) in same window 31.170.166.218 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.218) as RSS-FeedSenderBaselookup 31.170.166.218 at virustotallookup 31.170.166.218 at Rus CERT university stuttgart germanylookup 31.170.166.218 at Ripefollow up this item(review) in same window 31.170.166.218 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://carloseceron.besaba.com/wordpress ... follow up this domain (besaba.com) as RSS-Feedlookup besaba.com at virustotalfollow up this domain(besaba.com) besaba.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://carloseceron.besaba.com/wordpress ...
30 follow up this item(28798753) 28798753 Report false positive Report closed case make a suggestion 2014-06-09 23:01:34 OVERDUE! Overdue!820.1 follow up this itemfollow up this contributor (cross posting from portals) as RSS-Feed sub17possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (35ff56fde55d6233dba248766e4526b6)follow up this md5sum(35ff56fde55d6233dba248766e4526b6)follow up this itemfollow up this virusname (cleanmx_generic) as RSS-Feedfollow up this malware(cleanmx_generic) for scanner (undef) in md5 table0/43 (0.0%) cleanmx_generic
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://message-codes-ca.gwchost.com/Zyng ...  up alive follow up this ip (ip=31.170.167.215) as RSS-FeedSenderBaselookup 31.170.167.215 at virustotallookup 31.170.167.215 at Rus CERT university stuttgart germanylookup 31.170.167.215 at Ripefollow up this item(ip) in same window 31.170.167.215 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.215) as RSS-FeedSenderBaselookup 31.170.167.215 at virustotallookup 31.170.167.215 at Rus CERT university stuttgart germanylookup 31.170.167.215 at Ripefollow up this item(review) in same window 31.170.167.215 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://message-codes-ca.gwchost.com/Zyng ... follow up this domain (gwchost.com) as RSS-Feedlookup gwchost.com at virustotalfollow up this domain(gwchost.com) gwchost.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://message-codes-ca.gwchost.com/Zyng ...
31 follow up this item(28785506) 28785506 Report false positive Report closed case make a suggestion 2014-06-09 17:08:51 OVERDUE! Overdue!826 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
5/50 (10%) 
 
JS/FBJack.A!tr
Trojan.JS.Clickjack
Exploit
(
04c5519d1
)
Exploit
(
04c5519d1
)
Mal/FBJack-P 
 lookup in virustotal.com (2aab0935fbe738d382061b62847601bb)-->[http://www.virustotal.com/latest-report.html?resource=2aab0935fbe738d382061b62847601bb]follow up this md5sum(2aab0935fbe738d382061b62847601bb)follow up this itemfollow up this virusname (JS%2FFBJack.A%21tr) as RSS-Feedfollow up this malware(JS%2FFBJack.A%21tr) for scanner (Fortinet) in md5 table5/50 (10%) JS/FBJack.A!tr
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://appzking.com/Love-test  up alive follow up this ip (ip=31.170.167.144) as RSS-FeedSenderBaselookup 31.170.167.144 at virustotallookup 31.170.167.144 at Rus CERT university stuttgart germanylookup 31.170.167.144 at Ripefollow up this item(ip) in same window 31.170.167.144 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.144) as RSS-FeedSenderBaselookup 31.170.167.144 at virustotallookup 31.170.167.144 at Rus CERT university stuttgart germanylookup 31.170.167.144 at Ripefollow up this item(review) in same window 31.170.167.144 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://appzking.com/Love-test follow up this domain (appzking.com) as RSS-Feedlookup appzking.com at virustotalfollow up this domain(appzking.com) appzking.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.nazuka.net follow up this item ns4.nazuka.net follow up this item ns2.nazuka.net follow up this item ns1.nazuka.net follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://appzking.com/Love-test
32 follow up this item(28754271) 28754271 Report false positive Report closed case make a suggestion 2014-06-09 10:01:26 OVERDUE! Overdue!833.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
7/48 (14.6%) 
 
JS/Redir.NV!tr
Script.Packed.Agent.F@susp
HEUR:Trojan.Script.Generic
Trojan:JS/Redirector.NQ
Trojan.Script.Redirector.czylrv
Decode.A
Trojan.JS.ObfJS.ba
(v) 
 lookup in virustotal.com (43977a6006f8cff5c1777f8fb3b95762)-->[http://www.virustotal.com/latest-report.html?resource=43977a6006f8cff5c1777f8fb3b95762]follow up this md5sum(43977a6006f8cff5c1777f8fb3b95762)follow up this itemfollow up this virusname (JS%2FRedir.NV%21tr) as RSS-Feedfollow up this malware(JS%2FRedir.NV%21tr) for scanner (Fortinet) in md5 table7/48 (14.6%) JS/Redir.NV!tr
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tramalanas.com/quierouno  up alive follow up this ip (ip=31.170.167.224) as RSS-FeedSenderBaselookup 31.170.167.224 at virustotallookup 31.170.167.224 at Rus CERT university stuttgart germanylookup 31.170.167.224 at Ripefollow up this item(ip) in same window 31.170.167.224 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.224) as RSS-FeedSenderBaselookup 31.170.167.224 at virustotallookup 31.170.167.224 at Rus CERT university stuttgart germanylookup 31.170.167.224 at Ripefollow up this item(review) in same window 31.170.167.224 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tramalanas.com/quierouno follow up this domain (tramalanas.com) as RSS-Feedlookup tramalanas.com at virustotalfollow up this domain(tramalanas.com) tramalanas.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.tuars.com follow up this item ns2.tuars.com follow up this item ns4.tuars.com follow up this item ns3.tuars.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://tramalanas.com/quierouno
33 follow up this item(28752997) 28752997 Report false positive Report closed case make a suggestion 2014-06-09 09:31:16 OVERDUE! Overdue!833.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (8b73eb15946ee05585d96ccff97df2c0)follow up this md5sum(8b73eb15946ee05585d96ccff97df2c0)follow up this itemfollow up this virusname (Dropper.Msil.BZ) as RSS-Feedfollow up this malware(Dropper.Msil.BZ) for scanner () in md5 table0/43 (0.0%) Dropper.Msil.BZ
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://multihackmt2.bedavahost.biz/Metin ...  up alive follow up this ip (ip=31.170.167.90) as RSS-FeedSenderBaselookup 31.170.167.90 at virustotallookup 31.170.167.90 at Rus CERT university stuttgart germanylookup 31.170.167.90 at Ripefollow up this item(ip) in same window 31.170.167.90 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.90) as RSS-FeedSenderBaselookup 31.170.167.90 at virustotallookup 31.170.167.90 at Rus CERT university stuttgart germanylookup 31.170.167.90 at Ripefollow up this item(review) in same window 31.170.167.90 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://multihackmt2.bedavahost.biz/Metin ... follow up this domain (bedavahost.biz) as RSS-Feedlookup bedavahost.biz at virustotalfollow up this domain(bedavahost.biz) bedavahost.biz follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://multihackmt2.bedavahost.biz/Metin ...
34 follow up this item(28115165) 28115165 Report false positive Report closed case make a suggestion 2014-06-01 21:32:18 OVERDUE! Overdue!1013.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
4/50 (8%) 
 
SCRIPT.Virus
Trojan.HTML.Phishbank
Exploit
(
04c557941
)
Exploit
(
04c557941
) 
 lookup in virustotal.com (e0fd151ba3cfd59277e19e9b1cf7de74)-->[http://www.virustotal.com/latest-report.html?resource=e0fd151ba3cfd59277e19e9b1cf7de74]follow up this md5sum(e0fd151ba3cfd59277e19e9b1cf7de74)follow up this itemfollow up this virusname (SCRIPT.Virus) as RSS-Feedfollow up this malware(SCRIPT.Virus) for scanner (DrWeb) in md5 table4/50 (8%) SCRIPT.Virus
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://leaguoflegends.yzi.me/  up alive follow up this ip (ip=31.170.166.62) as RSS-FeedSenderBaselookup 31.170.166.62 at virustotallookup 31.170.166.62 at Rus CERT university stuttgart germanylookup 31.170.166.62 at Ripefollow up this item(ip) in same window 31.170.166.62 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.62) as RSS-FeedSenderBaselookup 31.170.166.62 at virustotallookup 31.170.166.62 at Rus CERT university stuttgart germanylookup 31.170.166.62 at Ripefollow up this item(review) in same window 31.170.166.62 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://leaguoflegends.yzi.me/ follow up this domain (yzi.me) as RSS-Feedlookup yzi.me at virustotalfollow up this domain(yzi.me) yzi.me follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.2freehosting.com follow up this item ns1.2freehosting.com follow up this item ns2.2freehosting.com follow up this item ns4.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://leaguoflegends.yzi.me/
35 follow up this item(27776802) 27776802 Report false positive Report closed case make a suggestion 2014-05-28 14:31:38 OVERDUE! Overdue!1116.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
4/50 (8%) 
 
HTML:Phishing-CQ
Trj
Trojan.Fraudster.517
Mal/Phish-A
Trojan.HTML.Phish.fd
(v) 
 lookup in virustotal.com (4c8a4723c1fb4bfb52470fe57608856a)-->[http://www.virustotal.com/latest-report.html?resource=4c8a4723c1fb4bfb52470fe57608856a]follow up this md5sum(4c8a4723c1fb4bfb52470fe57608856a)follow up this itemfollow up this virusname (HTML%3APhishing-CQ+Trj) as RSS-Feedfollow up this malware(HTML%3APhishing-CQ+Trj) for scanner (Avast) in md5 table4/50 (8%) HTML:Phishing-CQ Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://weregog.fbia-unit.org/  up alive follow up this ip (ip=31.170.166.181) as RSS-FeedSenderBaselookup 31.170.166.181 at virustotallookup 31.170.166.181 at Rus CERT university stuttgart germanylookup 31.170.166.181 at Ripefollow up this item(ip) in same window 31.170.166.181 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.181) as RSS-FeedSenderBaselookup 31.170.166.181 at virustotallookup 31.170.166.181 at Rus CERT university stuttgart germanylookup 31.170.166.181 at Ripefollow up this item(review) in same window 31.170.166.181 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://weregog.fbia-unit.org/ follow up this domain (fbia-unit.org) as RSS-Feedlookup fbia-unit.org at virustotalfollow up this domain(fbia-unit.org) fbia-unit.org follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://weregog.fbia-unit.org/
36 follow up this item(27180363) 27180363 Report false positive Report closed case make a suggestion 2014-05-19 00:11:19 OVERDUE! Overdue!1346.9 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
10/48 (20.8%) 
 
Trojan.Generic.11245321
Trojan.Generic.11245321
(B)
Trojan.Generic.11245321
(B)
Trojan.Generic.11245321
Trojan.Generic.11245321
Trojan.SuspectCRC
Trojan.Generic.11245321
WS.Reputation.1
TROJ_GEN.F47V0506
Trojan.Generic.11245321 
 lookup in virustotal.com (28da7b361f652900a565187ad1b85a4c)-->[http://www.virustotal.com/latest-report.html?resource=28da7b361f652900a565187ad1b85a4c]lookup in threatexpert.comlookup the sha256(f1e09be79742b74bc67b903900e310b006a4ac633aae1a831291afa90e8fde37) in comodo.comfollow up this md5sum(28da7b361f652900a565187ad1b85a4c)follow up this itemfollow up this virusname (Trojan.Generic.11245321) as RSS-Feedfollow up this malware(Trojan.Generic.11245321) for scanner (BitDefender) in md5 table10/48 (20.8%) Trojan.Generic.11245321
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/RedbotPro136.zip ...  up alive follow up this ip (ip=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(ip) in same window 31.170.166.175 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.175) as RSS-FeedSenderBaselookup 31.170.166.175 at virustotallookup 31.170.166.175 at Rus CERT university stuttgart germanylookup 31.170.166.175 at Ripefollow up this item(review) in same window 31.170.166.175 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/RedbotPro136.zip ... follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.serversfree.com follow up this item ns3.serversfree.com follow up this item ns1.serversfree.com follow up this item ns4.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://sv2.bugs3.com/dl/RedbotPro136.zip ...
37 follow up this item(27092223) 27092223 Report false positive Report closed case make a suggestion 2014-05-17 04:30:46 OVERDUE! Overdue!1390.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
37/50 (74%) 
 
HTML/Framer
HTML.Malurl.G
HTML/Infected.WebPage.Gen
JS:Iframe-BQC
Trj
Trojan.Iframe.KX
W32.IsertIfr.Worm
HTML/Iframe.REF
HTML.Iframe-63
HTML/IFrame
TrojWare.JS.Iframe.AM
JS.IFrame.393
HTML/TrojanDownloader.IFrame
Trojan.Iframe.KX
(B)
Trojan.Iframe.KX
(B 
 lookup in virustotal.com (daed6951c0fcf401d5a63fcc93577d5b)-->[http://www.virustotal.com/latest-report.html?resource=daed6951c0fcf401d5a63fcc93577d5b]follow up this md5sum(daed6951c0fcf401d5a63fcc93577d5b)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FInfected.WebPage.Gen) for scanner (avira) in md5 table37/50 (74%) HTML/Infected.WebPage.Gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://face2face.2u2.ir/  up alive follow up this ip (ip=31.170.167.233) as RSS-FeedSenderBaselookup 31.170.167.233 at virustotallookup 31.170.167.233 at Rus CERT university stuttgart germanylookup 31.170.167.233 at Ripefollow up this item(ip) in same window 31.170.167.233 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.233) as RSS-FeedSenderBaselookup 31.170.167.233 at virustotallookup 31.170.167.233 at Rus CERT university stuttgart germanylookup 31.170.167.233 at Ripefollow up this item(review) in same window 31.170.167.233 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://face2face.2u2.ir/ follow up this domain (2u2.ir) as RSS-Feedlookup 2u2.ir at virustotalfollow up this domain(2u2.ir) 2u2.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.finbnd.ir follow up this item ns4.finbnd.ir follow up this item ns1.finbnd.ir follow up this item ns2.finbnd.ir follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://face2face.2u2.ir/
38 follow up this item(27019491) 27019491 Report false positive Report closed case make a suggestion 2014-05-16 02:31:17 OVERDUE! Overdue!1416.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
8/50 (16%) 
 
Trojan/Win32.Badur
Win32:Malware-gen
BackDoor.Siggen.49176
Trojan/Scar.bajl
Artemis!A3BFD656047A
Artemis!A3BFD656047A
Trj/dtcontx.K
TROJ_GEN.F47V0516 
 lookup in virustotal.com (a3bfd656047a987d17b14a14d960dcf0)-->[http://www.virustotal.com/latest-report.html?resource=a3bfd656047a987d17b14a14d960dcf0]lookup in threatexpert.comlookup the sha256(17a45de55950e5e98392559f68b8c7dcb38ba5052a2aa8e79896d84aa75371a2) in comodo.comfollow up this md5sum(a3bfd656047a987d17b14a14d960dcf0)follow up this itemfollow up this virusname (Trojan%2FWin32.Badur) as RSS-Feedfollow up this malware(Trojan%2FWin32.Badur) for scanner (Antiy_AVL) in md5 table8/50 (16%) Trojan/Win32.Badur
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...  up alive follow up this ip (ip=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(ip) in same window 31.170.167.80 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(review) in same window 31.170.167.80 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ... follow up this domain (fulba.com) as RSS-Feedlookup fulba.com at virustotalfollow up this domain(fulba.com) fulba.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.1freehosting.com follow up this item ns4.1freehosting.com follow up this item ns3.1freehosting.com follow up this item ns1.1freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...
39 follow up this item(27019490) 27019490 Report false positive Report closed case make a suggestion 2014-05-16 02:31:17 OVERDUE! Overdue!1416.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
13/46 (28.3%) 
 
Luhe.Ramnit-corrupted
TR/Agent.221719.1
Trojan/Win32.SGeneric
W32.HfsAutoB.2680
Win.Trojan.Agent-85644
Trojan/Agent.dfkf
Artemis!A41848577DAF
Artemis!A41848577DAF
Trojan.Win32.XPACK.csruxs
WS.Reputation.1
TROJ_GEN.F47V0515
Backdoor.Agent
Trojan.Win32.Ag 
 lookup in virustotal.com (a41848577dafc0da376414eccd7eee6a)-->[http://www.virustotal.com/latest-report.html?resource=a41848577dafc0da376414eccd7eee6a]lookup in threatexpert.comlookup the sha256(0c5837d51156e940d37ae69a291fb0563d1b4f4dd91dec60efeb635013cde5a4) in comodo.comfollow up this md5sum(a41848577dafc0da376414eccd7eee6a)follow up this itemfollow up this virusname (Win.Trojan.Agent-85644) as RSS-Feedlookup Virusname at viruspoolfollow up this malware(Win.Trojan.Agent-85644) for scanner (clamav) in md5 table13/46 (28.3%) Win.Trojan.Agent-85644
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...  up alive follow up this ip (ip=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(ip) in same window 31.170.167.80 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(review) in same window 31.170.167.80 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ... follow up this domain (fulba.com) as RSS-Feedlookup fulba.com at virustotalfollow up this domain(fulba.com) fulba.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.1freehosting.com follow up this item ns4.1freehosting.com follow up this item ns3.1freehosting.com follow up this item ns1.1freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...
40 follow up this item(27019489) 27019489 Report false positive Report closed case make a suggestion 2014-05-16 02:31:17 OVERDUE! Overdue!1416.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
9/50 (18%) 
 
Trojan/Win32.Badur
Win32:Malware-gen
BackDoor.Siggen.49176
Win32.Trojan.Agent.JSSAL2
Trojan/Scar.bajl
Artemis!CC1CD23E4E21
Artemis!CC1CD23E4E21
Trj/dtcontx.K
WS.Reputation.1 
 lookup in virustotal.com (cc1cd23e4e2161bc5420c9e5b106902c)-->[http://www.virustotal.com/latest-report.html?resource=cc1cd23e4e2161bc5420c9e5b106902c]lookup in threatexpert.comlookup the sha256(1ec00ba59d85f33ddeb83934c7201ef246e2dff8d8ec3be248c3bab1e8b794f4) in comodo.comfollow up this md5sum(cc1cd23e4e2161bc5420c9e5b106902c)follow up this itemfollow up this virusname (Trojan%2FWin32.Badur) as RSS-Feedfollow up this malware(Trojan%2FWin32.Badur) for scanner (Antiy_AVL) in md5 table9/50 (18%) Trojan/Win32.Badur
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...  up alive follow up this ip (ip=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(ip) in same window 31.170.167.80 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(review) in same window 31.170.167.80 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ... follow up this domain (fulba.com) as RSS-Feedlookup fulba.com at virustotalfollow up this domain(fulba.com) fulba.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.1freehosting.com follow up this item ns4.1freehosting.com follow up this item ns3.1freehosting.com follow up this item ns1.1freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...
41 follow up this item(27019488) 27019488 Report false positive Report closed case make a suggestion 2014-05-16 02:31:17 OVERDUE! Overdue!1416.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
42/51 (82.4%) 
 W32.GenericBeeboneA.Trojan
Trojan.Generic.6006757
Trojan/W32.Agent.968704.E
Backdoor.Win32.Prorat!O
Backdoor.ProRat.rmh
Generic.dx!B789AF6449E5
Trojan.Downloader
Riskware
(
0040eff71
)
Trojan
(
050000001
)
Trojan/Genome.hyqq
Trojan.XPACK!Drg14Ve3IX4
W32/ 
 lookup in virustotal.com (b789af6449e5deebe33f3ef667c51f8a)-->[http://www.virustotal.com/latest-report.html?resource=b789af6449e5deebe33f3ef667c51f8a]follow up this md5sum(b789af6449e5deebe33f3ef667c51f8a)follow up this itemfollow up this virusname (Generic+Trojan) as RSS-Feedfollow up this malware(Generic+Trojan) for scanner () in md5 table42/51 (82.4%) Generic Trojan
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...  up alive follow up this ip (ip=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(ip) in same window 31.170.167.80 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.80) as RSS-FeedSenderBaselookup 31.170.167.80 at virustotallookup 31.170.167.80 at Rus CERT university stuttgart germanylookup 31.170.167.80 at Ripefollow up this item(review) in same window 31.170.167.80 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ... follow up this domain (fulba.com) as RSS-Feedlookup fulba.com at virustotalfollow up this domain(fulba.com) fulba.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.1freehosting.com follow up this item ns4.1freehosting.com follow up this item ns3.1freehosting.com follow up this item ns1.1freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://autosieucap.fulba.com/xTNL%20TLT/ ...
42 follow up this item(27017134) 27017134 Report false positive Report closed case make a suggestion 2014-05-16 01:01:00 OVERDUE! Overdue!1418.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (0e5f33395075ba10ef66595037a85c14)follow up this md5sum(0e5f33395075ba10ef66595037a85c14)follow up this itemfollow up this virusname (PHISH%2FVisa.H) as RSS-Feedfollow up this malware(PHISH%2FVisa.H) for scanner () in md5 table0/43 (0.0%) PHISH/Visa.H
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/  up alive follow up this ip (ip=31.170.166.231) as RSS-FeedSenderBaselookup 31.170.166.231 at virustotallookup 31.170.166.231 at Rus CERT university stuttgart germanylookup 31.170.166.231 at Ripefollow up this item(ip) in same window 31.170.166.231 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.231) as RSS-FeedSenderBaselookup 31.170.166.231 at virustotallookup 31.170.166.231 at Rus CERT university stuttgart germanylookup 31.170.166.231 at Ripefollow up this item(review) in same window 31.170.166.231 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/ follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.serversfree.com follow up this item ns1.serversfree.com follow up this item ns3.serversfree.com follow up this item ns4.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/
43 follow up this item(26998349) 26998349 Report false positive Report closed case make a suggestion 2014-05-15 14:32:33 OVERDUE! Overdue!1428.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
18/50 (36%) 
 
DR/AutoIt.Gen
Trojan.Agent.BDAD
a
variant
of
Generik.GOPSMZB
Trojan.Agent.BDAD
(B)
Trojan.Agent.BDAD
(B)
Trojan.Agent.BDAD
Trojan.Agent.BDAD
Trojan-Spy.Zbot
Riskware
(
0040f0f51
)
Riskware
(
0040f0f51
)
Artemis!1AB73A725AC8
Artemis!1AB73A725AC8
Trojan.A 
 lookup in virustotal.com (1ab73a725ac8a6317d22a9596f0ae4a8)-->[http://www.virustotal.com/latest-report.html?resource=1ab73a725ac8a6317d22a9596f0ae4a8]lookup in threatexpert.comlookup the sha256(ac4b1e63d05490d4b715ca4faa33d087ed72321220608ba58ae7429535355b98) in comodo.comfollow up this md5sum(1ab73a725ac8a6317d22a9596f0ae4a8)follow up this itemfollow up this virusname (DR%2FAutoIt.Gen) as RSS-Feedfollow up this malware(DR%2FAutoIt.Gen) for scanner (AntiVir) in md5 table18/50 (36%) DR/AutoIt.Gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/ad ...  up alive follow up this ip (ip=31.170.166.231) as RSS-FeedSenderBaselookup 31.170.166.231 at virustotallookup 31.170.166.231 at Rus CERT university stuttgart germanylookup 31.170.166.231 at Ripefollow up this item(ip) in same window 31.170.166.231 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.231) as RSS-FeedSenderBaselookup 31.170.166.231 at virustotallookup 31.170.166.231 at Rus CERT university stuttgart germanylookup 31.170.166.231 at Ripefollow up this item(review) in same window 31.170.166.231 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/ad ... follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.serversfree.com follow up this item ns1.serversfree.com follow up this item ns2.serversfree.com follow up this item ns3.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://videogame.bugs3.com/videos/TF2/ad ...
44 follow up this item(26974270) 26974270 Report false positive Report closed case make a suggestion 2014-05-14 22:05:26 OVERDUE! Overdue!1445 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
2/50 (4%) 
 
Riskware/SLICMod
TROJ_GEN.F47V0515 
 lookup in virustotal.com (1639325d8dc3b0b57e85bb56db38ca14)-->[http://www.virustotal.com/latest-report.html?resource=1639325d8dc3b0b57e85bb56db38ca14]lookup in threatexpert.comlookup the sha256(fa916e08d71e2692fe63e429c841efb9af89feadad6d2ba9122c71550657ca49) in comodo.comfollow up this md5sum(1639325d8dc3b0b57e85bb56db38ca14)follow up this itemfollow up this virusname (Win.Trojan.Swrort-6698) as RSS-Feedlookup Virusname at viruspoolfollow up this malware(Win.Trojan.Swrort-6698) for scanner (clamav) in md5 table2/50 (4%) Win.Trojan.Swrort-6698
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mnoldata.pixub.com/xe/upload-f/K. ...  up alive follow up this ip (ip=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(ip) in same window 31.170.167.212 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(review) in same window 31.170.167.212 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mnoldata.pixub.com/xe/upload-f/K. ... follow up this domain (pixub.com) as RSS-Feedlookup pixub.com at virustotalfollow up this domain(pixub.com) pixub.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.1freehosting.com follow up this item ns2.1freehosting.com follow up this item ns3.1freehosting.com follow up this item ns4.1freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://mnoldata.pixub.com/xe/upload-f/K. ...
45 follow up this item(26948645) 26948645 Report false positive Report closed case make a suggestion 2014-05-14 09:19:44 OVERDUE! Overdue!1457.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (bdddf8d3306c01943459bda191d533af)follow up this md5sum(bdddf8d3306c01943459bda191d533af)follow up this itemfollow up this virusname (Delf.AOZT) as RSS-Feedfollow up this malware(Delf.AOZT) for scanner () in md5 table0/43 (0.0%) Delf.AOZT
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://notasdemaio.yupage.com/NF-eletron ...  up alive follow up this ip (ip=31.170.167.77) as RSS-FeedSenderBaselookup 31.170.167.77 at virustotallookup 31.170.167.77 at Rus CERT university stuttgart germanylookup 31.170.167.77 at Ripefollow up this item(ip) in same window 31.170.167.77 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.77) as RSS-FeedSenderBaselookup 31.170.167.77 at virustotallookup 31.170.167.77 at Rus CERT university stuttgart germanylookup 31.170.167.77 at Ripefollow up this item(review) in same window 31.170.167.77 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://notasdemaio.yupage.com/NF-eletron ... follow up this domain (yupage.com) as RSS-Feedlookup yupage.com at virustotalfollow up this domain(yupage.com) yupage.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.yupage.com follow up this item ns4.yupage.com follow up this item ns2.yupage.com follow up this item ns1.yupage.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://notasdemaio.yupage.com/NF-eletron ...
46 follow up this item(26841037) 26841037 Report false positive Report closed case make a suggestion 2014-05-12 13:01:39 OVERDUE! Overdue!1502.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (9bb13d791d5e58f924a6617978f0fec4)follow up this md5sum(9bb13d791d5e58f924a6617978f0fec4)follow up this itemfollow up this virusname (Trojan.SuspectCRC) as RSS-Feedfollow up this malware(Trojan.SuspectCRC) for scanner () in md5 table0/43 (0.0%) Trojan.SuspectCRC
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://online.rurs.net/undate.exe  up alive follow up this ip (ip=31.170.167.208) as RSS-FeedSenderBaselookup 31.170.167.208 at virustotallookup 31.170.167.208 at Rus CERT university stuttgart germanylookup 31.170.167.208 at Ripefollow up this item(ip) in same window 31.170.167.208 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.208) as RSS-FeedSenderBaselookup 31.170.167.208 at virustotallookup 31.170.167.208 at Rus CERT university stuttgart germanylookup 31.170.167.208 at Ripefollow up this item(review) in same window 31.170.167.208 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://online.rurs.net/undate.exe follow up this domain (rurs.net) as RSS-Feedlookup rurs.net at virustotalfollow up this domain(rurs.net) rurs.net follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item fred.ns.cloudflare.com follow up this item vera.ns.cloudflare.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://online.rurs.net/undate.exe
47 follow up this item(26815652) 26815652 Report false positive Report closed case make a suggestion 2014-05-11 22:32:03 OVERDUE! Overdue!1516.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (0e5f33395075ba10ef66595037a85c14)follow up this md5sum(0e5f33395075ba10ef66595037a85c14)follow up this itemfollow up this virusname (PHISH%2FVisa.H) as RSS-Feedfollow up this malware(PHISH%2FVisa.H) for scanner () in md5 table0/43 (0.0%) PHISH/Visa.H
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://teamfortress.bugs3.com/videos/TF2 ...  up alive follow up this ip (ip=31.170.167.168) as RSS-FeedSenderBaselookup 31.170.167.168 at virustotallookup 31.170.167.168 at Rus CERT university stuttgart germanylookup 31.170.167.168 at Ripefollow up this item(ip) in same window 31.170.167.168 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.168) as RSS-FeedSenderBaselookup 31.170.167.168 at virustotallookup 31.170.167.168 at Rus CERT university stuttgart germanylookup 31.170.167.168 at Ripefollow up this item(review) in same window 31.170.167.168 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://teamfortress.bugs3.com/videos/TF2 ... follow up this domain (bugs3.com) as RSS-Feedlookup bugs3.com at virustotalfollow up this domain(bugs3.com) bugs3.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.serversfree.com follow up this item ns4.serversfree.com follow up this item ns1.serversfree.com follow up this item ns2.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://teamfortress.bugs3.com/videos/TF2 ...
48 follow up this item(26766421) 26766421 Report false positive Report closed case make a suggestion 2014-05-10 20:01:10 OVERDUE! Overdue!1543.1 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
12/50 (24%) 
 
HTML/Infected.WebPage.Gen3
HTML:Iframe-ZG
Trj
TrojWare.JS.Iframe.GJ
JS.IFrame.425
JS/Iframe.BMY!tr
Exploit.HTML.IframeRef
Trojan.JS.Iframe.aeq
Heuristic.LooksLike.HTML.Infected.B
Trojan.Html.Iframe.bwupbf
Iframe.gen
Mal/Iframe-AP
Malware.JS.Generic
(JS) 
 lookup in virustotal.com (75fe77fa0ab90775a596b57c0138d0f8)-->[http://www.virustotal.com/latest-report.html?resource=75fe77fa0ab90775a596b57c0138d0f8]follow up this md5sum(75fe77fa0ab90775a596b57c0138d0f8)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen3) as RSS-Feedfollow up this malware(HTML%2FInfected.WebPage.Gen3) for scanner (AntiVir) in md5 table12/50 (24%) HTML/Infected.WebPage.Gen3
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jahan-it.ugig.ir/  up alive follow up this ip (ip=31.170.166.105) as RSS-FeedSenderBaselookup 31.170.166.105 at virustotallookup 31.170.166.105 at Rus CERT university stuttgart germanylookup 31.170.166.105 at Ripefollow up this item(ip) in same window 31.170.166.105 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.105) as RSS-FeedSenderBaselookup 31.170.166.105 at virustotallookup 31.170.166.105 at Rus CERT university stuttgart germanylookup 31.170.166.105 at Ripefollow up this item(review) in same window 31.170.166.105 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jahan-it.ugig.ir/ follow up this domain (ugig.ir) as RSS-Feedlookup ugig.ir at virustotalfollow up this domain(ugig.ir) ugig.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://jahan-it.ugig.ir/
49 follow up this item(26735301) 26735301 Report false positive Report closed case make a suggestion 2014-05-10 07:30:20 OVERDUE! Overdue!1555.6 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (4e989601b45ad4afe5a2ef94394939cb)follow up this md5sum(4e989601b45ad4afe5a2ef94394939cb)follow up this itemfollow up this virusname (Trj%2FGenetic.gen) as RSS-Feedfollow up this malware(Trj%2FGenetic.gen) for scanner () in md5 table0/43 (0.0%) Trj/Genetic.gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://acessoriacontabil.usr.me/comprova ...  up alive follow up this ip (ip=31.170.167.246) as RSS-FeedSenderBaselookup 31.170.167.246 at virustotallookup 31.170.167.246 at Rus CERT university stuttgart germanylookup 31.170.167.246 at Ripefollow up this item(ip) in same window 31.170.167.246 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.246) as RSS-FeedSenderBaselookup 31.170.167.246 at virustotallookup 31.170.167.246 at Rus CERT university stuttgart germanylookup 31.170.167.246 at Ripefollow up this item(review) in same window 31.170.167.246 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://acessoriacontabil.usr.me/comprova ... follow up this domain (usr.me) as RSS-Feedlookup usr.me at virustotalfollow up this domain(usr.me) usr.me follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://acessoriacontabil.usr.me/comprova ...
50 follow up this item(26641038) 26641038 Report false positive Report closed case make a suggestion 2014-05-08 18:40:09 OVERDUE! Overdue!1592.4 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/52 (1.9%) 
 HTML:RedirBA-inf
[Trj] 
 lookup in virustotal.com (d9cc2a878583df49b80643247c9c0cec)-->[http://www.virustotal.com/latest-report.html?resource=d9cc2a878583df49b80643247c9c0cec]follow up this md5sum(d9cc2a878583df49b80643247c9c0cec)follow up this itemfollow up this virusname (HTML%3ARedirBA-inf+Trj) as RSS-Feedfollow up this malware(HTML%3ARedirBA-inf+Trj) for scanner (Avast) in md5 table1/52 (1.9%) HTML:RedirBA-inf Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://permanentguild.grn.cc/  up alive follow up this ip (ip=31.170.167.232) as RSS-FeedSenderBaselookup 31.170.167.232 at virustotallookup 31.170.167.232 at Rus CERT university stuttgart germanylookup 31.170.167.232 at Ripefollow up this item(ip) in same window 31.170.167.232 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.232) as RSS-FeedSenderBaselookup 31.170.167.232 at virustotallookup 31.170.167.232 at Rus CERT university stuttgart germanylookup 31.170.167.232 at Ripefollow up this item(review) in same window 31.170.167.232 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://permanentguild.grn.cc/ follow up this domain (grn.cc) as RSS-Feedlookup grn.cc at virustotalfollow up this domain(grn.cc) grn.cc follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.grendelhosting.com follow up this item ns1.grendelhosting.com follow up this item ns3.grendelhosting.com follow up this item ns2.grendelhosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://permanentguild.grn.cc/
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
51 follow up this item(26636697) 26636697 Report false positive Report closed case make a suggestion 2014-05-08 15:12:10 OVERDUE! Overdue!1595.9 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
17/50 (34%) 
 
HTML:Phishing-AC
Trj
Trojan.HTML.Phishing.FI
Trojan.Fraudster.517
HTML/Phishing.Agent.G
Trojan.HTML.Phishing.FI
(B)
Trojan.HTML.Phishing.FI
(B)
Trojan.HTML.Phishing.FI
Trojan.HTML.Phishing.FI
Trojan-PWS.HTML.Phish
HEUR:Trojan.Script.Generic
Trojan.HTML. 
 lookup in virustotal.com (a62fe6e8b061ea0e3df59d717d28362a)-->[http://www.virustotal.com/latest-report.html?resource=a62fe6e8b061ea0e3df59d717d28362a]follow up this md5sum(a62fe6e8b061ea0e3df59d717d28362a)follow up this itemfollow up this virusname (HTML%3APhishing-AC+Trj) as RSS-Feedfollow up this malware(HTML%3APhishing-AC+Trj) for scanner (Avast) in md5 table17/50 (34%) HTML:Phishing-AC Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vxg.terx.nl/  up alive follow up this ip (ip=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(ip) in same window 31.170.167.212 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.212) as RSS-FeedSenderBaselookup 31.170.167.212 at virustotallookup 31.170.167.212 at Rus CERT university stuttgart germanylookup 31.170.167.212 at Ripefollow up this item(review) in same window 31.170.167.212 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vxg.terx.nl/ follow up this domain (terx.nl) as RSS-Feedlookup terx.nl at virustotalfollow up this domain(terx.nl) terx.nl follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://vxg.terx.nl/
52 follow up this item(26636579) 26636579 Report false positive Report closed case make a suggestion 2014-05-08 15:11:59 OVERDUE! Overdue!1595.9 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
8/50 (16%) 
 
JS/Redir.NV!tr
Script.Packed.Agent.F@susp
HEUR:Trojan.Script.Generic
JS/Redirector.bb
JS/Redirector.bb
Decode.A
Troj/JsRedir-NV
Trojan.JS.ObfJS.ba
(v) 
 lookup in virustotal.com (6a9132ac73a211682091eb0e37ffbef1)-->[http://www.virustotal.com/latest-report.html?resource=6a9132ac73a211682091eb0e37ffbef1]follow up this md5sum(6a9132ac73a211682091eb0e37ffbef1)follow up this itemfollow up this virusname (JS%2FRedir.NV%21tr) as RSS-Feedfollow up this malware(JS%2FRedir.NV%21tr) for scanner (Fortinet) in md5 table8/50 (16%) JS/Redir.NV!tr
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://noticiaschorras.xtrweb.com/hombre ...  up alive follow up this ip (ip=31.170.167.232) as RSS-FeedSenderBaselookup 31.170.167.232 at virustotallookup 31.170.167.232 at Rus CERT university stuttgart germanylookup 31.170.167.232 at Ripefollow up this item(ip) in same window 31.170.167.232 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.232) as RSS-FeedSenderBaselookup 31.170.167.232 at virustotallookup 31.170.167.232 at Rus CERT university stuttgart germanylookup 31.170.167.232 at Ripefollow up this item(review) in same window 31.170.167.232 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://noticiaschorras.xtrweb.com/hombre ... follow up this domain (xtrweb.com) as RSS-Feedlookup xtrweb.com at virustotalfollow up this domain(xtrweb.com) xtrweb.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns4.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://noticiaschorras.xtrweb.com/hombre ...
53 follow up this item(26247657) 26247657 Report false positive Report closed case make a suggestion 2014-05-02 09:49:04 OVERDUE! Overdue!1745.3 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
36/49 (73.5%) 
 
HTML/Framer
HTML.Malurl.G
HTML/Infected.WebPage.Gen
JS:Iframe-BQC
Trj
Trojan.Iframe.KX
W32.IsertIfr.Worm
HTML.Iframe-63
HTML/IFrame
JS.IFrame.393
HTML/TrojanDownloader.IFrame
Trojan.Iframe.KX
(B)
Trojan.Iframe.KX
(B)
HTML/IFrame
Trojan.Iframe.KX
HTML/Vi 
 lookup in virustotal.com (c377384a09c7971c2ff4e46c4441e0ce)-->[http://www.virustotal.com/latest-report.html?resource=c377384a09c7971c2ff4e46c4441e0ce]follow up this md5sum(c377384a09c7971c2ff4e46c4441e0ce)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FInfected.WebPage.Gen) for scanner (avira) in md5 table36/49 (73.5%) HTML/Infected.WebPage.Gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://parsgame.servicefars.ir/  up alive follow up this ip (ip=31.170.166.142) as RSS-FeedSenderBaselookup 31.170.166.142 at virustotallookup 31.170.166.142 at Rus CERT university stuttgart germanylookup 31.170.166.142 at Ripefollow up this item(ip) in same window 31.170.166.142 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.142) as RSS-FeedSenderBaselookup 31.170.166.142 at virustotallookup 31.170.166.142 at Rus CERT university stuttgart germanylookup 31.170.166.142 at Ripefollow up this item(review) in same window 31.170.166.142 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://parsgame.servicefars.ir/ follow up this domain (servicefars.ir) as RSS-Feedlookup servicefars.ir at virustotalfollow up this domain(servicefars.ir) servicefars.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://parsgame.servicefars.ir/
54 follow up this item(26244027) 26244027 Report false positive Report closed case make a suggestion 2014-05-02 09:47:05 OVERDUE! Overdue!1745.3 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
2/50 (4%) 
 
JS:Iframe-EGI
Trj
Trojan.Script.Iframe.cgdffl 
 lookup in virustotal.com (0b5f36e8068a7974099152a60d121bf5)-->[http://www.virustotal.com/latest-report.html?resource=0b5f36e8068a7974099152a60d121bf5]follow up this md5sum(0b5f36e8068a7974099152a60d121bf5)follow up this itemfollow up this virusname (JS%3AIframe-EGI+Trj) as RSS-Feedfollow up this malware(JS%3AIframe-EGI+Trj) for scanner (Avast) in md5 table2/50 (4%) JS:Iframe-EGI Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nakshipping.com/  up alive follow up this ip (ip=31.170.166.180) as RSS-FeedSenderBaselookup 31.170.166.180 at virustotallookup 31.170.166.180 at Rus CERT university stuttgart germanylookup 31.170.166.180 at Ripefollow up this item(ip) in same window 31.170.166.180 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.180) as RSS-FeedSenderBaselookup 31.170.166.180 at virustotallookup 31.170.166.180 at Rus CERT university stuttgart germanylookup 31.170.166.180 at Ripefollow up this item(review) in same window 31.170.166.180 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nakshipping.com/ follow up this domain (nakshipping.com) as RSS-Feedlookup nakshipping.com at virustotalfollow up this domain(nakshipping.com) nakshipping.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns2.serversfree.com follow up this item ns1.serversfree.com follow up this item ns4.serversfree.com follow up this item ns3.serversfree.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nakshipping.com/
55 follow up this item(26243798) 26243798 Report false positive Report closed case make a suggestion 2014-05-02 09:46:57 OVERDUE! Overdue!1745.3 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
37/50 (74%) 
 
HTML/Framer
HTML.Malurl.G
HTML/Infected.WebPage.Gen
JS:Iframe-BQC
Trj
Trojan.IFrame.KP
W32.IsertIfr.Worm
HTML/Iframe.REF
HTML.Iframe-63
HTML/IFrame
TrojWare.JS.Iframe.AM
JS.IFrame.393
HTML/TrojanDownloader.IFrame
Trojan.IFrame.KP
(B)
Trojan.IFrame.KP
(B 
 lookup in virustotal.com (831e6f6f66f0310747366dbed965bb52)-->[http://www.virustotal.com/latest-report.html?resource=831e6f6f66f0310747366dbed965bb52]follow up this md5sum(831e6f6f66f0310747366dbed965bb52)follow up this itemfollow up this virusname (HTML%2FInfected.WebPage.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(HTML%2FInfected.WebPage.Gen) for scanner (avira) in md5 table37/50 (74%) HTML/Infected.WebPage.Gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://music.finbnd.ir/pro  up alive follow up this ip (ip=31.170.166.141) as RSS-FeedSenderBaselookup 31.170.166.141 at virustotallookup 31.170.166.141 at Rus CERT university stuttgart germanylookup 31.170.166.141 at Ripefollow up this item(ip) in same window 31.170.166.141 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.141) as RSS-FeedSenderBaselookup 31.170.166.141 at virustotallookup 31.170.166.141 at Rus CERT university stuttgart germanylookup 31.170.166.141 at Ripefollow up this item(review) in same window 31.170.166.141 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://music.finbnd.ir/pro follow up this domain (finbnd.ir) as RSS-Feedlookup finbnd.ir at virustotalfollow up this domain(finbnd.ir) finbnd.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns1.main-hosting.com follow up this item ns4.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://music.finbnd.ir/pro
56 follow up this item(26226377) 26226377 Report false positive Report closed case make a suggestion 2014-05-02 09:34:17 OVERDUE! Overdue!1745.5 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
17/50 (34%) 
 
HTML/Framer
HTML/IframeRef.DM
HTML:Iframe-BNK
Trj
IFrame.gen
TrojWare.HTML.iFrame.TWTR
JS/Iframe.JE
IFrame.gen
JS/Iframe.R!tr
Trojan-Downloader.JS.Iframe
HEUR:Trojan.Script.Generic
JS/Iframe.gen.r
JS/Iframe.gen.r
Exploit:HTML/IframeRef.DM
Trojan.Html.Tw 
 lookup in virustotal.com (37f689cd86734930b1de002d3f5f7688)-->[http://www.virustotal.com/latest-report.html?resource=37f689cd86734930b1de002d3f5f7688]follow up this md5sum(37f689cd86734930b1de002d3f5f7688)follow up this itemfollow up this virusname (HTML%2FIframeRef.DM) as RSS-Feedfollow up this malware(HTML%2FIframeRef.DM) for scanner (AntiVir) in md5 table17/50 (34%) HTML/IframeRef.DM
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cnc-arts.ir/  up alive follow up this ip (ip=31.170.166.235) as RSS-FeedSenderBaselookup 31.170.166.235 at virustotallookup 31.170.166.235 at Rus CERT university stuttgart germanylookup 31.170.166.235 at Ripefollow up this item(ip) in same window 31.170.166.235 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.235) as RSS-FeedSenderBaselookup 31.170.166.235 at virustotallookup 31.170.166.235 at Rus CERT university stuttgart germanylookup 31.170.166.235 at Ripefollow up this item(review) in same window 31.170.166.235 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cnc-arts.ir/ follow up this domain (cnc-arts.ir) as RSS-Feedlookup cnc-arts.ir at virustotalfollow up this domain(cnc-arts.ir) cnc-arts.ir follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.xzn.ir follow up this item ns1.xzn.ir follow up this item ns4.xzn.ir follow up this item ns2.xzn.ir follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://cnc-arts.ir/
57 follow up this item(26205008) 26205008 Report false positive Report closed case make a suggestion 2014-05-01 18:10:47 OVERDUE! Overdue!1760.9 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (6a230fa32cba8213190d6551d8d1ae4e)follow up this md5sum(6a230fa32cba8213190d6551d8d1ae4e)follow up this itemfollow up this virusname (Generic+Malware) as RSS-Feedfollow up this malware(Generic+Malware) for scanner () in md5 table0/43 (0.0%) Generic Malware
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://rusbb.ml/files/Project2.exe  up alive follow up this ip (ip=31.170.167.147) as RSS-FeedSenderBaselookup 31.170.167.147 at virustotallookup 31.170.167.147 at Rus CERT university stuttgart germanylookup 31.170.167.147 at Ripefollow up this item(ip) in same window 31.170.167.147 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.147) as RSS-FeedSenderBaselookup 31.170.167.147 at virustotallookup 31.170.167.147 at Rus CERT university stuttgart germanylookup 31.170.167.147 at Ripefollow up this item(review) in same window 31.170.167.147 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://rusbb.ml/files/Project2.exe follow up this domain (rusbb.ml) as RSS-Feedlookup rusbb.ml at virustotalfollow up this domain(rusbb.ml) rusbb.ml follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.100ms.ru follow up this item ns1.100ms.ru follow up this item ns4.100ms.ru follow up this item ns2.100ms.ru follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://rusbb.ml/files/Project2.exe
58 follow up this item(26196615) 26196615 Report false positive Report closed case make a suggestion 2014-05-01 14:20:13 OVERDUE! Overdue!1764.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 
HTML:RedirBA-inf
Trj 
 lookup in virustotal.com (17617ff1831327a4129bdc0557ae00ff)-->[http://www.virustotal.com/latest-report.html?resource=17617ff1831327a4129bdc0557ae00ff]follow up this md5sum(17617ff1831327a4129bdc0557ae00ff)follow up this itemfollow up this virusname (HTML%3ARedirBA-inf+Trj) as RSS-Feedfollow up this malware(HTML%3ARedirBA-inf+Trj) for scanner (Avast) in md5 table1/50 (2%) HTML:RedirBA-inf Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://agung.ciki.me/  up alive follow up this ip (ip=31.170.167.174) as RSS-FeedSenderBaselookup 31.170.167.174 at virustotallookup 31.170.167.174 at Rus CERT university stuttgart germanylookup 31.170.167.174 at Ripefollow up this item(ip) in same window 31.170.167.174 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.174) as RSS-FeedSenderBaselookup 31.170.167.174 at virustotallookup 31.170.167.174 at Rus CERT university stuttgart germanylookup 31.170.167.174 at Ripefollow up this item(review) in same window 31.170.167.174 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://agung.ciki.me/ follow up this domain (ciki.me) as RSS-Feedlookup ciki.me at virustotalfollow up this domain(ciki.me) ciki.me follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.2freehosting.com follow up this item ns3.2freehosting.com follow up this item ns2.2freehosting.com follow up this item ns1.2freehosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://agung.ciki.me/
59 follow up this item(26107535) 26107535 Report false positive Report closed case make a suggestion 2014-04-29 19:20:22 OVERDUE! Overdue!1807.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 
HTML:Defacement-Q
Trj 
 lookup in virustotal.com (62532ed87a96f1bce911631e4bf4f0ea)-->[http://www.virustotal.com/latest-report.html?resource=62532ed87a96f1bce911631e4bf4f0ea]follow up this md5sum(62532ed87a96f1bce911631e4bf4f0ea)follow up this itemfollow up this virusname (HTML%3ADefacement-Q+Trj) as RSS-Feedfollow up this malware(HTML%3ADefacement-Q+Trj) for scanner (Avast) in md5 table1/50 (2%) HTML:Defacement-Q Trj
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://anonlinux.bl.ee/  up alive follow up this ip (ip=31.170.166.215) as RSS-FeedSenderBaselookup 31.170.166.215 at virustotallookup 31.170.166.215 at Rus CERT university stuttgart germanylookup 31.170.166.215 at Ripefollow up this item(ip) in same window 31.170.166.215 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.215) as RSS-FeedSenderBaselookup 31.170.166.215 at virustotallookup 31.170.166.215 at Rus CERT university stuttgart germanylookup 31.170.166.215 at Ripefollow up this item(review) in same window 31.170.166.215 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://anonlinux.bl.ee/ follow up this domain (bl.ee) as RSS-Feedlookup bl.ee at virustotalfollow up this domain(bl.ee) bl.ee follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns3.hostinger.com follow up this item ns4.hostinger.com follow up this item ns2.hostinger.com follow up this item ns1.hostinger.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://anonlinux.bl.ee/
60 follow up this item(26062300) 26062300 Report false positive Report closed case make a suggestion 2014-04-29 05:32:01 OVERDUE! Overdue!1821.6 follow up this itemfollow up this contributor (cross posting from portals) as RSS-Feed sub17possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (35ff56fde55d6233dba248766e4526b6)follow up this md5sum(35ff56fde55d6233dba248766e4526b6)follow up this itemfollow up this virusname (cleanmx_generic) as RSS-Feedfollow up this malware(cleanmx_generic) for scanner (undef) in md5 table0/43 (0.0%) cleanmx_generic
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://980897585858587.fhero.net/index.p ...  up alive follow up this ip (ip=31.170.166.97) as RSS-FeedSenderBaselookup 31.170.166.97 at virustotallookup 31.170.166.97 at Rus CERT university stuttgart germanylookup 31.170.166.97 at Ripefollow up this item(ip) in same window 31.170.166.97 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.97) as RSS-FeedSenderBaselookup 31.170.166.97 at virustotallookup 31.170.166.97 at Rus CERT university stuttgart germanylookup 31.170.166.97 at Ripefollow up this item(review) in same window 31.170.166.97 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://980897585858587.fhero.net/index.p ... follow up this domain (fhero.net) as RSS-Feedlookup fhero.net at virustotalfollow up this domain(fhero.net) fhero.net follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://980897585858587.fhero.net/index.p ...
61 follow up this item(26026931) 26026931 Report false positive Report closed case make a suggestion 2014-04-28 22:10:53 OVERDUE! Overdue!1828.9 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
1/50 (2%) 
 virus.bat.danger.gen 
 lookup in virustotal.com (9ba13d1be50f827bc83ba362546a70d3)-->[http://www.virustotal.com/latest-report.html?resource=9ba13d1be50f827bc83ba362546a70d3]follow up this md5sum(9ba13d1be50f827bc83ba362546a70d3)follow up this itemfollow up this virusname (virus.bat.danger.gen) as RSS-Feedfollow up this malware(virus.bat.danger.gen) for scanner () in md5 table1/50 (2%) virus.bat.danger.gen
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://baixando.meximas.com/hackPB.rar  up alive follow up this ip (ip=31.170.166.226) as RSS-FeedSenderBaselookup 31.170.166.226 at virustotallookup 31.170.166.226 at Rus CERT university stuttgart germanylookup 31.170.166.226 at Ripefollow up this item(ip) in same window 31.170.166.226 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.166.226) as RSS-FeedSenderBaselookup 31.170.166.226 at virustotallookup 31.170.166.226 at Rus CERT university stuttgart germanylookup 31.170.166.226 at Ripefollow up this item(review) in same window 31.170.166.226 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://baixando.meximas.com/hackPB.rar follow up this domain (meximas.com) as RSS-Feedlookup meximas.com at virustotalfollow up this domain(meximas.com) meximas.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns1.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns3.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://baixando.meximas.com/hackPB.rar
62 follow up this item(26008342) 26008342 Report false positive Report closed case make a suggestion 2014-04-28 14:37:34 OVERDUE! Overdue!1836.5 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
lookup in virustotal.com (ec547ffe72227b895504b30ad05860e1)follow up this md5sum(ec547ffe72227b895504b30ad05860e1)follow up this itemfollow up this virusname (Generic+Malware) as RSS-Feedfollow up this malware(Generic+Malware) for scanner () in md5 table0/43 (0.0%) Generic Malware
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dosyatutucau.bedavahost.biz/JavaU ...  up alive follow up this ip (ip=31.170.167.163) as RSS-FeedSenderBaselookup 31.170.167.163 at virustotallookup 31.170.167.163 at Rus CERT university stuttgart germanylookup 31.170.167.163 at Ripefollow up this item(ip) in same window 31.170.167.163 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.163) as RSS-FeedSenderBaselookup 31.170.167.163 at virustotallookup 31.170.167.163 at Rus CERT university stuttgart germanylookup 31.170.167.163 at Ripefollow up this item(review) in same window 31.170.167.163 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dosyatutucau.bedavahost.biz/JavaU ... follow up this domain (bedavahost.biz) as RSS-Feedlookup bedavahost.biz at virustotalfollow up this domain(bedavahost.biz) bedavahost.biz follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (abuse@main-hosting.com) as RSS-Feed abuse@main-hosting.com follow up this itemfollow up this item 31.170.166.0 - 31.170.167.255 follow up this item MAIN-HOSTING-SERVERS follow up this item Main Hosting ServersMAIN HOSTING US follow up this item ns4.main-hosting.com follow up this item ns3.main-hosting.com follow up this item ns2.main-hosting.com follow up this item ns1.main-hosting.com follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dosyatutucau.bedavahost.biz/JavaU ...
63 follow up this item(25471342) 25471342 Report false positive Report closed case make a suggestion 2014-04-21 08:21:02 OVERDUE! Overdue!2010.8 follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
37/50 (74%) 
 
BackDoor.Generic_r.DK.dropper
Trojan.Agent2!4kX0nXwOeYI
DR/Netcut.A.2
Trojan/Win32.Agent2
Win32:Trojan-gen
Trojan.Win32.Agent.aqw
Trojan.Obfuscated.MQ
Trojan.Agent2.mt
W32/Koutodoor.A.gen!Eldorado
TrojWare.Win32.TrojanDownloader.BHO.~BK
Trojan.DownLoade 
 lookup in virustotal.com (48edfc7c7c709a887201eaa7211230d2)-->[http://www.virustotal.com/latest-report.html?resource=48edfc7c7c709a887201eaa7211230d2]follow up this md5sum(48edfc7c7c709a887201eaa7211230d2)follow up this itemfollow up this virusname (DR%2FNetcut.A.2) as RSS-Feedlookup Virusname at avirafollow up this malware(DR%2FNetcut.A.2) for scanner (avira) in md5 table37/50 (74%) DR/Netcut.A.2
Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://lanyang.oost4u.com/iso/hackx20090 ...  up alive follow up this ip (ip=31.170.167.92) as RSS-FeedSenderBaselookup 31.170.167.92 at virustotallookup 31.170.167.92 at Rus CERT university stuttgart germanylookup 31.170.167.92 at Ripefollow up this item(ip) in same window 31.170.167.92 possible lookup  in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS47583) in networks tablefollow up this itemfollow up this AS (AS47583) as RSS-Feed AS47583 follow up this ip (review=31.170.167.92) as RSS-FeedSenderBaselookup 31.170.167.92 at virustotallookup 31.170.167.92 at Rus CERT university stuttgart germany