CLEAN MX realtime database    
public access query for virus URL statistics
Totally watched: Walker is running: 513(535) http://downloadsave.info/?e=genc&publisher=2017&dd=2&p=http://ca.isohunt.com/download/323124005/x-art.torrent?src=saven
Subscribe to the VirusWatch Mailing list, updated hourly

This database consists of Virus URI, collected and verified since Feb 2006
Tweet
If you detect URI'S concerning your netblock, already closed... you have made a good job, otherwise please close them as soon as possible.

to look at some nice charts, there are complete statisticsstatistics for this database
Attention: all URI'S are manually verified, but not cross-checked for real viruses function in this moment you make this query.(Sites may have been closed already..)
Our automatic Viruswalker process is scheduled every hour, so you may see now a incident and this one will be resolved later on.
So please keep on sending close-feedbacks to us...

if you have questions, criticism, wishes or ... do not hesitate to contact us at abuse@clean-mx.de
Our PBX is down you may reach us by cell phone +49 171 4802507 ...
Query as xml: Same query as xml output
TIMERS: Runtime Query: 0.0029 Seconds 10 hits
helpLine help#descendigascending helpDatedescendigascending helpCloseddescendigascending helphours helpcontributordescendigascending helpvirusnamedescendigascending helpURLdescendigascending helpip state helpresponsedescendigascending helpIp initialdescendigascending helpAS#descendigascending helpip reviewdescendigascending helpURLdescendigascending helpDomaindescendigascending helpcountrydescendigascending helpsourcedescendigascending helpemaildescendigascending helpinetnumdescendigascending helpnetnamedescendigascending helpdescrdescendigascending helpns1descendigascending helpns2descendigascending helpns3descendigascending helpns4descendigascending helpns5descendigascending helpURLdescendigascending
1 follow up this item(11124862) 11124862 Report false positive Report closed case make a suggestion 2013-05-18 11:10:37     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
12/47 (25.5%) Gen:Variant.Barys.743 Backdoor.MSIL.PGen TROJ_GEN.RC1H1EF Trojan-Ransom.Win32.Blocker.bert Gen:Variant.Barys.743 Gen:Variant.Barys.1882 Trojan.Win32.Generic.pak!cobra TR/Barys.4458979 Gen:Variant.Barys.1882 (B) Gen:Variant.Barys.743 a variant of MSIL/Pac lookup in virustotal.com (6b6db7f11cf6bed3b18990aa5f65eb64)-->[http://www.virustotal.com/latest-report.html?resource=6b6db7f11cf6bed3b18990aa5f65eb64]follow up this md5sum(6b6db7f11cf6bed3b18990aa5f65eb64)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table12/47 (25.5%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.approachentertainment.com/Tes ...  up No previous evidence recordedSaved evidence (92056 Bytes) of last contact as txt May 15 2013 17:10:25 CEST. aliveSaved log of last contact as txt May 19 2013 08:35:41 CEST. SenderBaselookup 208.91.199.51 at virustotallookup 208.91.199.51 at Rus CERT university stuttgart germanylookup 208.91.199.51 at ARINfollow up this item(ip) in same window 208.91.199.51 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS40034) in networks tablefollow up this itemfollow up this AS (AS40034) as RSS-Feed AS40034 SenderBaselookup 208.91.199.51 at virustotallookup 208.91.199.51 at Rus CERT university stuttgart germanylookup 208.91.199.51 at ARINfollow up this item(review) in same window 208.91.199.51 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.approachentertainment.com/Tes ... lookup approachentertainment.com at virustotalfollow up this domain(approachentertainment.com) approachentertainment.com follow up this itemfollow up this country (VG) as RSS-Feed VG follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (abuse@confluence-networks.com) as RSS-Feed abuse@confluence-networks.com follow up this itemfollow up this item 208.91.196.0 - 208.91.199.255 follow up this item CONFLUENCE-NETWORK-INC follow up this item Confluence Networks Inc CN 3rd Floor, Omar Hodge Building, Wickhams Cay I, P.O. Box 362 Road Town Tortola VG1110 follow up this item ns1.md-24.webhostbox.net follow up this item ns2.md-24.webhostbox.net follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.approachentertainment.com/Tes ...
2 follow up this item(11112020) 11112020 Report false positive Report closed case make a suggestion 2013-05-18 01:40:34     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
16/43 (37.2%) Gen:Trojan.Heur.VP.zz0@aKo4Hlpb Troj_Generic.LGXUH TROJ_GEN.R47B1EF Gen:Trojan.Heur.VP.zz0@aKo4Hlpb Suspicious!SA UnclassifiedMalware TR/Crypt.CFI.Gen Gen:Trojan.Heur.VP.zz0@aKo4Hlpb (B) VIRUS_UNKNOWN VirTool:Win32/Obfuscator.XZ Gen:Trojan.Heur.VP.zz0@aK lookup in virustotal.com (2888ea9ef582d2ac78150e8ea95bcc27)-->[http://www.virustotal.com/latest-report.html?resource=2888ea9ef582d2ac78150e8ea95bcc27]follow up this md5sum(2888ea9ef582d2ac78150e8ea95bcc27)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table16/43 (37.2%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://kmcity.uu2.org/download/jk14_CSO_ ...  up No previous evidence recordedSaved evidence (3266512 Bytes) of last contact as txt May 14 2013 18:51:23 CEST. aliveSaved log of last contact as txt May 19 2013 07:23:55 CEST. SenderBaselookup 74.82.163.91 at virustotallookup 74.82.163.91 at Rus CERT university stuttgart germanylookup 74.82.163.91 at ARINfollow up this item(ip) in same window 74.82.163.91 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS20248) in networks tablefollow up this itemfollow up this AS (AS20248) as RSS-Feed AS20248 SenderBaselookup 74.82.163.91 at virustotallookup 74.82.163.91 at Rus CERT university stuttgart germanylookup 74.82.163.91 at ARINfollow up this item(review) in same window 74.82.163.91 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://kmcity.uu2.org/download/jk14_CSO_ ... lookup uu2.org at virustotalfollow up this domain(uu2.org) uu2.org follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (ops@take2hosting.com) as RSS-Feed ops@take2hosting.com follow up this itemfollow up this item 74.82.160.0 - 74.82.175.255 follow up this item T2H-NET4-2 follow up this item Take 2 Hosting, Inc. T2H 5255 Stevens Creek Blvd. #217 Santa Clara CA 95051 follow up this item dns2.acsite.net follow up this item dns1.acsite.net follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://kmcity.uu2.org/download/jk14_CSO_ ...
3 follow up this item(11056681) 11056681 Report false positive Report closed case make a suggestion 2013-05-16 17:10:30     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
16/43 (37.2%) Gen:Trojan.Heur.VP.zz0@aKo4Hlpb Troj_Generic.LGXUH TROJ_GEN.R47B1EF Gen:Trojan.Heur.VP.zz0@aKo4Hlpb Suspicious!SA UnclassifiedMalware TR/Crypt.CFI.Gen Gen:Trojan.Heur.VP.zz0@aKo4Hlpb (B) VIRUS_UNKNOWN VirTool:Win32/Obfuscator.XZ Gen:Trojan.Heur.VP.zz0@aK lookup in virustotal.com (2888ea9ef582d2ac78150e8ea95bcc27)-->[http://www.virustotal.com/latest-report.html?resource=2888ea9ef582d2ac78150e8ea95bcc27]follow up this md5sum(2888ea9ef582d2ac78150e8ea95bcc27)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table16/43 (37.2%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.kmcity.uu2.org/download/jk14_ ...  up No previous evidence recordedSaved evidence (3266512 Bytes) of last contact as txt May 14 2013 18:51:23 CEST. aliveSaved log of last contact as txt May 16 2013 18:03:22 CEST. SenderBaselookup 74.82.163.91 at virustotallookup 74.82.163.91 at Rus CERT university stuttgart germanylookup 74.82.163.91 at ARINfollow up this item(ip) in same window 74.82.163.91 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS20248) in networks tablefollow up this itemfollow up this AS (AS20248) as RSS-Feed AS20248 SenderBaselookup 74.82.163.91 at virustotallookup 74.82.163.91 at Rus CERT university stuttgart germanylookup 74.82.163.91 at ARINfollow up this item(review) in same window 74.82.163.91 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.kmcity.uu2.org/download/jk14_ ... lookup uu2.org at virustotalfollow up this domain(uu2.org) uu2.org follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (ops@take2hosting.com) as RSS-Feed ops@take2hosting.com follow up this itemfollow up this item 74.82.160.0 - 74.82.175.255 follow up this item T2H-NET4-2 follow up this item Take 2 Hosting, Inc. T2H 5255 Stevens Creek Blvd. #217 Santa Clara CA 95051 follow up this item dns2.acsite.net follow up this item dns1.acsite.net follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.kmcity.uu2.org/download/jk14_ ...
4 follow up this item(11023413) 11023413 Report false positive Report closed case make a suggestion 2013-05-15 22:40:34     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
43/46 (93.5%) Win32/Bancos.LAR Trojan.Generic.7469202 Trojan/W32.Agent.45752 Spy-Agent.dt Trojan.Agent Trojan Riskware Trojan/Downloader.Dadobra.cfh Trojan.Win32.Agent.wypw W32/Trojan2.HLOK Trojan Horse Smalltroj.LWCY TROJ_SPNR.30HJ12 Win32:Agent-AGPO [Trj] Suspicious lookup in virustotal.com (79499fa1d1b38ec47210842030a272c3)-->[http://www.virustotal.com/latest-report.html?resource=79499fa1d1b38ec47210842030a272c3]lookup in threatexpert.comlookup the sha256(7fd293732b9572826fbfcb8eaa4dff3999b811c5697afbd606d276dada4984e6) in comodo.comfollow up this md5sum(79499fa1d1b38ec47210842030a272c3)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table43/46 (93.5%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://ia601605.us.archive.org/18/items/ ...  up No previous evidence recordedSaved evidence (45752 Bytes) of last contact as txt March 18 2013 20:19:47 CET. aliveSaved log of last contact as txt May 15 2013 23:24:19 CEST. SenderBaselookup 207.241.227.85 at virustotallookup 207.241.227.85 at Rus CERT university stuttgart germanylookup 207.241.227.85 at ARINfollow up this item(ip) in same window 207.241.227.85 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS7941) in networks tablefollow up this itemfollow up this AS (AS7941) as RSS-Feed AS7941 SenderBaselookup 207.241.227.85 at virustotallookup 207.241.227.85 at Rus CERT university stuttgart germanylookup 207.241.227.85 at ARINfollow up this item(review) in same window 207.241.227.85 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://ia601605.us.archive.org/18/items/ ... lookup archive.org at virustotalfollow up this domain(archive.org) archive.org follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (jim@archive.org) as RSS-Feed jim@archive.org follow up this itemfollow up this item 207.241.224.0 - 207.241.239.255 follow up this item INTERNET-ARCHIVE-1 follow up this item Internet Archive INTERN-95 The Presidio of San Francisco 116 Sheridan Ave. San Francisco CA 94129 follow up this item ns2.archive.org follow up this item ns1.archive.org follow up this item ams.sns-pb.isc.org follow up this item sfba.sns-pb.isc.org follow up this item ord.sns-pb.isc.org Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://ia601605.us.archive.org/18/items/ ...
5 follow up this item(10846300) 10846300 Report false positive Report closed case make a suggestion 2013-05-11 13:36:16     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
15/46 (32.6%) Gen:Variant.Strictor.20762 W32/SuspPack.DX.gen!Eldorado WS.Reputation.1 Suspicious_Gen5.VTAP TROJ_GEN.F47V0422 Win32:Malware-gen Gen:Variant.Strictor.20762 Virus.Win32.Virut.CE Gen:Variant.Strictor.20762 Trojan.Win32.Generic.pak!cobra TR/Crypt.CFI.Gen Ge lookup in virustotal.com (ac348bd37c2121a2793a54815a4741ee)-->[http://www.virustotal.com/latest-report.html?resource=ac348bd37c2121a2793a54815a4741ee]follow up this md5sum(ac348bd37c2121a2793a54815a4741ee)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table15/46 (32.6%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.176lzcq.com/%E4%B9%9D%E5%A4%A ...  up No previous evidence recordedSaved evidence (5723124 Bytes) of last contact as txt March 18 2013 11:58:49 CET. aliveSaved log of last contact as txt May 11 2013 19:24:53 CEST. SenderBaselookup 115.239.248.141 at virustotallookup 115.239.248.141 at Rus CERT university stuttgart germanylookup 115.239.248.141 at apnicfollow up this item(ip) in same window 115.239.248.141 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS4134) in networks tablefollow up this itemfollow up this AS (AS4134) as RSS-Feed AS4134 SenderBaselookup 115.239.248.141 at virustotallookup 115.239.248.141 at Rus CERT university stuttgart germanylookup 115.239.248.141 at apnicfollow up this item(review) in same window 115.239.248.141 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.176lzcq.com/%E4%B9%9D%E5%A4%A ... lookup 176lzcq.com at virustotalfollow up this domain(176lzcq.com) 176lzcq.com follow up this itemfollow up this country (CN) as RSS-Feed CN follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (anti-spam@ns.chinanet.cn.net) as RSS-Feed anti-spam@ns.chinanet.cn.net follow up this itemfollow up this item 115.224.0.0 - 115.239.255.255 follow up this item CHINANET-ZJ follow up this item CHINANET Zhejiang province networkChina TelecomNo.31,jingrong streetBeijing 100032 follow up this item superdns7.gslbdns.com follow up this item superdns8.gslbdns.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.176lzcq.com/%E4%B9%9D%E5%A4%A ...
6 follow up this item(10833777) 10833777 Report false positive Report closed case make a suggestion 2013-05-11 02:11:10     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
20/46 (43.5%) Gen:Trojan.Heur.bmKfrDztOjpi2 Trojan-Downloader Trojan-Downloader Posible_Worm32 W32/VBTrojan.17D1!Maximus Obfuscated.Z!genr Trojan-Downloader.Win32.VB.gzrr Gen:Trojan.Heur.bmKfrDztOjpi2 TrojWare.Win32.TrojanDownloader.VB.PQZ Gen:Trojan.Heur.bmKfrDztOjpi lookup in virustotal.com (b04edebcee5013b7186d6f631d15da0e)-->[http://www.virustotal.com/latest-report.html?resource=b04edebcee5013b7186d6f631d15da0e]lookup in threatexpert.comlookup the sha256(ca8c61dd5ba001c3e3652e9de664ffce95200c6f57760d8611c7da1243d823b0) in comodo.comfollow up this md5sum(b04edebcee5013b7186d6f631d15da0e)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table20/46 (43.5%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal https://dl.dropboxusercontent.com/s/zjct ...  up No previous evidence recordedSaved evidence (23040 Bytes) of last contact as txt May 11 2013 10:49:48 CEST. aliveSaved log of last contact as txt May 11 2013 10:49:48 CEST. SenderBaselookup 23.21.201.7 at virustotallookup 23.21.201.7 at Rus CERT university stuttgart germanylookup 23.21.201.7 at ARINfollow up this item(ip) in same window 23.21.201.7 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS16509) in networks tablefollow up this itemfollow up this AS (AS16509) as RSS-Feed AS16509 SenderBaselookup 50.19.253.55 at virustotallookup 50.19.253.55 at Rus CERT university stuttgart germanylookup 50.19.253.55 at ARINfollow up this item(review) in same window 50.19.253.55 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal https://dl.dropboxusercontent.com/s/zjct ... lookup dropboxusercontent.com at virustotalfollow up this domain(dropboxusercontent.com) dropboxusercontent.com follow up this itemfollow up this country (US) as RSS-Feed US follow up this itemfollow up this region (ARIN) as RSS-Feed ARIN follow up this itemfollow up this enail (ec2-abuse@amazon.com) as RSS-Feed ec2-abuse@amazon.com follow up this itemfollow up this item 23.20.0.0 - 23.23.255.255 follow up this item AMAZON-EC2-8 follow up this item Amazon.com, Inc. AMAZO-4 Amazon Web Services, Elastic Compute Cloud, EC2 1200 12th Avenue South Seattle WA 98144 follow up this item ns-88.awsdns-11.com follow up this item ns-1525.awsdns-62.org follow up this item ns-649.awsdns-17.net follow up this item ns-1797.awsdns-32.co.uk follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal https://dl.dropboxusercontent.com/s/zjct ...
7 follow up this item(10772012) 10772012 Report false positive Report closed case make a suggestion 2013-05-09 12:56:07     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
41/46 (89.1%) Trojan.Generic.8285316 Trojan.Generic.8285316 TrojanDropper.Delf.jnb RDN/Generic Dropper!fj Malware.NSPack Riskware Riskware W32/Behav-Heuristic-065 Trojan.Win32.Delf.enadz W32/Downloader.AT.gen!Eldorado Trojan.Gen Suspicious_Gen2.RSHSW TROJ_GEN.R44H1B9 lookup in virustotal.com (89efc86b9dbb52e60ca4cb9fb8dd89b3)-->[http://www.virustotal.com/latest-report.html?resource=89efc86b9dbb52e60ca4cb9fb8dd89b3]follow up this md5sum(89efc86b9dbb52e60ca4cb9fb8dd89b3)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table41/46 (89.1%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://small.962.net//patch/lkwgwg.rar  up No previous evidence recordedSaved evidence (6572313 Bytes) of last contact as txt August 08 2012 10:15:00 CEST. aliveSaved log of last contact as txt May 09 2013 21:38:11 CEST. SenderBaselookup 117.21.224.248 at virustotallookup 117.21.224.248 at Rus CERT university stuttgart germanylookup 117.21.224.248 at apnicfollow up this item(ip) in same window 117.21.224.248 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS4134) in networks tablefollow up this itemfollow up this AS (AS4134) as RSS-Feed AS4134 SenderBaselookup 117.21.224.248 at virustotallookup 117.21.224.248 at Rus CERT university stuttgart germanylookup 117.21.224.248 at apnicfollow up this item(review) in same window 117.21.224.248 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://small.962.net//patch/lkwgwg.rar lookup 962.net at virustotalfollow up this domain(962.net) 962.net follow up this itemfollow up this country (CN) as RSS-Feed CN follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (anti-spam@ns.chinanet.cn.net) as RSS-Feed anti-spam@ns.chinanet.cn.net follow up this itemfollow up this item 117.21.0.0 - 117.21.255.255 follow up this item CHINANET-JX follow up this item CHINANET Jiangxi province networkChina TelecomNo.31,jingrong streetBeijing 100032 follow up this item cdn.962.net follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://small.962.net//patch/lkwgwg.rar
8 follow up this item(10759317) 10759317 Report false positive Report closed case make a suggestion 2013-05-09 00:23:34     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
22/36 (61.1%) Trojan.Generic.8822102 Generic Backdoor.uc Riskware Trojan/Xih.amg W32/Agent.EW.gen!Eldorado WS.Reputation.1 Smalltroj.VYNQ TROJ_GEN.R47H1CN Win32:Malware-gen Trojan.Generic.8822102 UnclassifiedMalware Trojan:W32/DelfInject.R TR/Crypt.CFI.Gen TROJ_SPNR. lookup in virustotal.com (a4b1a8c9d959c3ee58720cc26f9182e3)-->[http://www.virustotal.com/latest-report.html?resource=a4b1a8c9d959c3ee58720cc26f9182e3]lookup in threatexpert.comlookup the sha256(fe613670822cf9346108f041ecc3dd80805bfdddb5f2dc77799084f4eeb7d6ad) in comodo.comfollow up this md5sum(a4b1a8c9d959c3ee58720cc26f9182e3)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table22/36 (61.1%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dxdown1.xixiwg.com/rj009/04/040ef ...  up No previous evidence recordedSaved evidence (471690 Bytes) of last contact as txt March 23 2013 13:49:03 CET. aliveSaved log of last contact as txt May 09 2013 13:06:17 CEST. SenderBaselookup 60.18.147.51 at virustotallookup 60.18.147.51 at Rus CERT university stuttgart germanylookup 60.18.147.51 at apnicfollow up this item(ip) in same window 60.18.147.51 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS4837) in networks tablefollow up this itemfollow up this AS (AS4837) as RSS-Feed AS4837 SenderBaselookup 60.18.147.51 at virustotallookup 60.18.147.51 at Rus CERT university stuttgart germanylookup 60.18.147.51 at apnicfollow up this item(review) in same window 60.18.147.51 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dxdown1.xixiwg.com/rj009/04/040ef ... lookup xixiwg.com at virustotalfollow up this domain(xixiwg.com) xixiwg.com follow up this itemfollow up this country (CN) as RSS-Feed CN follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (abuse@online.ln.cn) as RSS-Feed abuse@online.ln.cn follow up this itemfollow up this item 60.16.0.0 - 60.23.255.255 follow up this item UNICOM-LN follow up this item China Unicom Liaoning province networkChina UnicomCNC Group CHINA169 Liaoning Province Network follow up this item  follow up this item  follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://dxdown1.xixiwg.com/rj009/04/040ef ...
9 follow up this item(10747440) 10747440 Report false positive Report closed case make a suggestion 2013-05-08 17:40:57     follow up this itemfollow up this contributor (test) as RSS-Feed sub16possible lookup Evidence at malwaredomainlist.com
21/46 (45.7%) Gen:Variant.Graftor.60487 Artemis!0150589A8190 Trojan Cryp_Banker-6 Trojan-Downloader.Win32.Genome.dnln Gen:Variant.Graftor.60487 Mal/Banspy-K Gen:Variant.Graftor.60487 Trojan.Win32.Generic.pak!cobra TR/Crypt.CFI.Gen Cryp_Banker-6 Artemis!0150589A8190 Ge lookup in virustotal.com (0150589a81900bdbd9828bd4ee91b7ec)-->[http://www.virustotal.com/latest-report.html?resource=0150589a81900bdbd9828bd4ee91b7ec]lookup in threatexpert.comlookup the sha256(fe05ffcb5c34bc2ad9ba5a0457a48bd40b700db89474fab0a9c66c0df2cab5fb) in comodo.comfollow up this md5sum(0150589a81900bdbd9828bd4ee91b7ec)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table21/46 (45.7%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nota-fiscal.coginix-empresarial.c ...  up No previous evidence recordedSaved evidence (240128 Bytes) of last contact as txt May 08 2013 21:15:52 CEST. aliveSaved log of last contact as txt May 08 2013 21:15:52 CEST. SenderBaselookup 5.39.220.224 at virustotallookup 5.39.220.224 at Rus CERT university stuttgart germanylookup 5.39.220.224 at Ripefollow up this item(ip) in same window 5.39.220.224 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS57043) in networks tablefollow up this itemfollow up this AS (AS57043) as RSS-Feed AS57043 SenderBaselookup 79.124.90.226 at virustotallookup 79.124.90.226 at Rus CERT university stuttgart germanylookup 79.124.90.226 at Ripefollow up this item(review) in same window 79.124.90.226 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nota-fiscal.coginix-empresarial.c ... lookup coginix-empresarial.com at virustotalfollow up this domain(coginix-empresarial.com) coginix-empresarial.com follow up this itemfollow up this country (BG) as RSS-Feed BG follow up this itemfollow up this region (RIPE) as RSS-Feed RIPE follow up this itemfollow up this enail (noc@airbites.net) as RSS-Feed noc@airbites.net follow up this itemfollow up this item 5.39.216.0 - 5.39.223.255 follow up this item AIRBITESBG follow up this item Air Bites BulgariaAir Bites Bulgaria follow up this item ns2.cloudns.net follow up this item ns3.cloudns.net follow up this item ns1.cloudns.net follow up this item ns4.cloudns.net follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://nota-fiscal.coginix-empresarial.c ...
10 follow up this item(10733116) 10733116 Report false positive Report closed case make a suggestion 2013-05-08 07:27:38     follow up this itemfollow up this contributor (csirt) as RSS-Feed sub31possible lookup Evidence at malwaredomainlist.com
13/45 (28.9%) W32/SuspPack.DX.gen!Eldorado Troj_Generic.JUSMD TROJ_GEN.F47V0407 Win32:Malware-gen Gen:Variant.Strictor.20762 Virus.Win32.Virut.CE Gen:Variant.Strictor.20762 TR/Crypt.CFI.Gen Gen:Variant.Strictor.20762 (B) Gen:Variant.Strictor.20762 Trj/CI.A lookup in virustotal.com (b3730a51d254ebb1ec1899fba8d1a9d1)-->[http://www.virustotal.com/latest-report.html?resource=b3730a51d254ebb1ec1899fba8d1a9d1]follow up this md5sum(b3730a51d254ebb1ec1899fba8d1a9d1)follow up this itemfollow up this virusname (TR%2FCrypt.CFI.Gen) as RSS-Feedlookup Virusname at avirafollow up this malware(TR%2FCrypt.CFI.Gen) for scanner (avira) in md5 table13/45 (28.9%) TR/Crypt.CFI.Gen
 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.llh176.com/1.76%E7%83%88%E7%8 ...  up No previous evidence recordedSaved evidence (5721595 Bytes) of last contact as txt March 06 2013 17:20:06 CET. aliveSaved log of last contact as txt May 08 2013 11:03:25 CEST. SenderBaselookup 122.224.32.60 at virustotallookup 122.224.32.60 at Rus CERT university stuttgart germanylookup 122.224.32.60 at apnicfollow up this item(ip) in same window 122.224.32.60 possible lookup in maliciousnetworks.org (FIRE: FInding RoguE Networks) pagepossible lookup in google safebrowsing pagefollow up this AS (AS4134) in networks tablefollow up this itemfollow up this AS (AS4134) as RSS-Feed AS4134 SenderBaselookup 122.224.32.60 at virustotallookup 122.224.32.60 at Rus CERT university stuttgart germanylookup 122.224.32.60 at apnicfollow up this item(review) in same window 122.224.32.60 Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.llh176.com/1.76%E7%83%88%E7%8 ... lookup llh176.com at virustotalfollow up this domain(llh176.com) llh176.com follow up this itemfollow up this country (CN) as RSS-Feed CN follow up this itemfollow up this region (APNIC) as RSS-Feed APNIC follow up this itemfollow up this enail (anti-spam@mail.sxptt.zj.cn) as RSS-Feed anti-spam@mail.sxptt.zj.cn follow up this itemfollow up this item 122.224.32.0 - 122.224.35.255 follow up this item NINBO-LANZHONG-LTD follow up this item Ninbo Lanzhong Network Ltd follow up this item superdns7.gslbdns.com follow up this item superdns8.gslbdns.com follow up this item  follow up this item  follow up this item  Safe Virus-Viewer and Analyser may take a minute to completelookup in virustotal http://www.llh176.com/1.76%E7%83%88%E7%8 ...
Click here for other vital incidents


for query you may use wildcard=% or placeholder=_
response
domain
url
virusname
md5
ip
review
score
as
id
scanner
recent
descr
email
netname
inetnum
source
country
nsx
ns1
ns2
ns3
ns4
ns5
sub
sort
# of items to display

Protected by clean MX [Valid RSS] Valid HTML 4.01 Transitional CSS ist valide!
Access is provided for free and subject to these Terms and Conditions.