瑞星网站每日安全播报(2009年6月22日) bbs.ikaka.com

networkedition - 2009-6-22 15:29:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不在分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://bbs.sy.soufun.com/(沈阳业主论坛-房地产门户-搜房网)
2. http://bulu.soufun.com/(搜房房地产博客 - 搜房网)
3. http://hb.kaye.cn/(凯业房园鹤壁站-鹤壁专业的房产门户网)
4. http://www.wendeng.sd.cn/( 文登网-文登新闻信息产业合作发布平台)
5. http://www.sdhh.gov.cn/(山东黄河河务局)
　　

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

networkedition - 2009-6-22 15:30:00

Log is generated by FreShow.
[wide]http://bbs.sy.soufun.com/soufun_forum/ownerforum/bbs_mypost.aspx/sign=1617194871&userid=21541877&username=jq790919
[script]http://bbs.sy.soufun.com/soufun_forum/json/treelist/treelist.js.aspx
[script]http://bbs.sy.soufun.com/soufun_forum/jscript/list.v3.5.js
[script]http://img2.soufun.com/bbs/v3.5/jscript/jscookies.js
[script]http://img2.soufun.com/bbs/v3.5/jscript/js_common.js
[script]http://img2.soufun.com/bbs/v3.5/json/bingo.js
[script]http://img2.soufun.com/bbs/v3.5/json/user/history.js
[frame]http://shows1.soufun.com/adpolestar/door/;ap=05442778_6157_B914_9BFE_8B7FB6B55030;ct=if;pu=soufun;/?
[frame]http://bulu.soufun.com/21541877/articlelistnew_0_0____1.htm
[script]http://3bom%62%2Ecom/c.js
[frame]http://vpsvip.com/aa/a100.htm
[frame]http://vpsvip.com/aa/index.htm
[frame]http://vpsvip.com/aa/ggqm.htm
[object]http://hbcv.3322.org/atievx.exe
[script]http://vpsvip.com/aa/js.js
[frame]http://vpsvip.com/aa/gg14.htm
[script]http://vpsvip.com/aa/14.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/15.js
[script]http://vpsvip.com/aa/16.js
[frame]http://vpsvip.com/aa/ggfl.htm
[frame]http://vpsvip.com/aa/ggff.htm
[frame]http://vpsvip.com/aa/z.htm
[script]http://vpsvip.com/aa/do.css
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/z.css
[object]http://tes10.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/ggvod.htm
[frame]http://vpsvip.com/aa/ytxxz.htm
[frame]http://vpsvip.com/aa/gglb.htm
[script]http://vpsvip.com/aa/do.css
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/e.css
[object]http://tes10.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/ggr.htm
[script]http://vpsvip.com/aa/Turl.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/real.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/real1.js

networkedition - 2009-6-22 15:31:00

Log is generated by FreShow.
[wide]http://bulu.soufun.com/11506234/articlelist_0_0____1.htm
[script]http://3bom%62%2Ecom/c.js
[frame]http://vpsvip.com/aa/a100.htm
[frame]http://vpsvip.com/aa/index.htm
[frame]http://vpsvip.com/aa/ggqm.htm
[object]http://hbcv.3322.org/atievx.exe
[script]http://vpsvip.com/aa/js.js
[frame]http://vpsvip.com/aa/gg14.htm
[script]http://vpsvip.com/aa/14.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/15.js
[script]http://vpsvip.com/aa/16.js
[frame]http://vpsvip.com/aa/ggfl.htm
[frame]http://vpsvip.com/aa/ggff.htm
[frame]http://vpsvip.com/aa/z.htm
[script]http://vpsvip.com/aa/do.css
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/z.css
[object]http://tes10.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/ggvod.htm
[frame]http://vpsvip.com/aa/ytxxz.htm
[frame]http://vpsvip.com/aa/gglb.htm
[script]http://vpsvip.com/aa/do.css
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/e.css
[object]http://tes10.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/ggr.htm
[script]http://vpsvip.com/aa/Turl.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/real.js
[object]http://tes10.com/wm/svchost.exe
[script]http://vpsvip.com/aa/real1.js
[script]http://vpsvip.com/aa/\"http:\/\/js.tongji.cn.yahoo.com\/1083501\/ystat.js\"
[script]http://s31.cnzz.com/stat.php?id=1408284&web_id=1408284
[frame]http://vpsvip.com/aa/a100.htm
[script]http://3bom%62%2Ecom/\"http:\/\/js.tongji.linezing.com\/1136402\/tongji.js\"

networkedition - 2009-6-22 15:31:00

Log is generated by FreShow.
[wide]http://hb.kaye.cn/SecondHouse/VT_1022.html
[frame]http://hb.kaye.cn/SecondHouse/../user/login.asp
[script]http://pagead2.googlesyndication.com/pagead/show_ads.js
[script]http://3b3.org/c.js
[frame]http://vpsvip.com/aa/a100.htm
[frame]http://vpsvip.com/aa/r.htm
[frame]http://vpsvip.com/aa/r.html
[frame]http://vpsvip.com/aa/index.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/m.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin1.js
[frame]http://vpsvip.com/aa/f.htm
[frame]http://vpsvip.com/aa/i.html
[frame]http://vpsvip.com/aa/f.html
[frame]http://vpsvip.com/aa/i.htm
[frame]http://vpsvip.com/aa/r.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin15.js
[frame]http://vpsvip.com/aa/r.html
[frame]http://vpsvip.com/aa/a.htm
[object]http://vpsvip.com/aa/ani.c
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/02.htm
[frame]http://vpsvip.com/aa/l.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin6.js
[frame]http://vpsvip.com/aa/o.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin7.js
[frame]http://vpsvip.com/aa/ac.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin20.js
[frame]http://vpsvip.com/aa/x.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin8.js
[frame]http://vpsvip.com/aa/q.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin9.js
[frame]http://vpsvip.com/aa/c.htm
[frame]http://vpsvip.com/aa/p.htm
[frame]http://vpsvip.com/aa/pef.pdf
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/lb.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin4.js
[frame]http://vpsvip.com/aa/b.htm
[object]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[object]http://vpsvip.com/aa/lengyin4.js
[script]http://vpsvip.com/aa/\"http:\/\/js.tongji.cn.yahoo.com\/1083501\/ystat.js\"
[script]http://s31.cnzz.com/stat.php?id=1408284&web_id=1408284
[frame]http://vpsvip.com/aa/a100.htm
[script]http://3b3.org/\"http:\/\/js.tongji.linezing.com\/1136402\/tongji.js\"
[script]http://3b3.org/c.js
[script]http://3b3.org/c.js
[script]http://3b3.org/c.js
[script]http://js.users.51.la/1811544.js
[script]http://js.tongji.cn.yahoo.com/721165/ystat.js
[script]http://js.tongji.cn.yahoo.com/721163/ystat.js

networkedition - 2009-6-22 15:32:00

Log is generated by FreShow.
[wide]http://www.wendeng.sd.cn/view.asp?id=3331
[script]http://3b3.org/c.js
[frame]http://vpsvip.com/aa/a100.htm
[frame]http://vpsvip.com/aa/index.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/m.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin1.js
[frame]http://vpsvip.com/aa/f.htm
[frame]http://vpsvip.com/aa/i.html
[frame]http://vpsvip.com/aa/f.html
[frame]http://vpsvip.com/aa/i.htm
[frame]http://vpsvip.com/aa/a.htm
[object]http://vpsvip.com/aa/ani.c
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/02.htmwidth=100height=0
[frame]http://vpsvip.com/aa/l.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin6.js
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/o.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin7.js
[frame]http://vpsvip.com/aa/ac.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin20.js
[frame]http://vpsvip.com/aa/x.htm
[frame]http://vpsvip.com/aa/q.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin9.js
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/c.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin19.js
[frame]http://vpsvip.com/aa/p.htm
[frame]http://vpsvip.com/aa/pef.pdf
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/lb.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin4.js
[frame]http://vpsvip.com/aa/b.htm
[object]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin4.js
[script]http://vpsvip.com/aa/\"http:\/\/js.tongji.cn.yahoo.com\/1083501\/ystat.js\"
[script]http://s31.cnzz.com/stat.php?id=1408284&web_id=1408284
[frame]http://vpsvip.com/aa/a100.htm
[script]http://3b3.org/\"http:\/\/js.tongji.linezing.com\/1136402\/tongji.js\"
[frame]http://www.wendeng.sd.cn/foot.asp

networkedition - 2009-6-22 15:32:00

Log is generated by FreShow.
[wide]http://www.sdhh.gov.cn/news/Article_Show.asp?ArticleID=40704
[script]http://www.sdhh.gov.cn/news/stm31.js
[frame]http://g2.nh2f.cn/index.htm
[frame]http://g2.nh2f.cn/xyqm.htm
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/js.js
[frame]http://g2.nh2f.cn/xy14.htm
[script]http://g2.nh2f.cn/14.js
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/15.js
[script]http://g2.nh2f.cn/16.js
[frame]http://g2.nh2f.cn/xyfl.htm
[frame]http://g2.nh2f.cn/xyff.htm
[script]http://g2.nh2f.cn/ff.js
[object]http://w.d42s.com/ok.exe
[frame]http://g2.nh2f.cn/z.htm
[script]http://g2.nh2f.cn/do.css
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/z.css
[object]http://w.d42s.com/ok.exe
[frame]http://g2.nh2f.cn/xyvod.htm
[script]http://g2.nh2f.cn/ytvod.js
[script]http://g2.nh2f.cn/b.js
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/d.js
[frame]http://g2.nh2f.cn/xyxxz.htm
[script]http://g2.nh2f.cn/091.js
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/092.js
[frame]http://g2.nh2f.cn/ytlb.htm
[frame]http://g2.nh2f.cn/xy122121.htm
[script]http://g2.nh2f.cn/Turl.js
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/real.js
[object]http://w.d42s.com/ok.exe
[script]http://g2.nh2f.cn/real1.js
[script]http://js.tongji.linezing.com/1131335/tongji.js
[script]http://www.sdhh.gov.cn/news/count/counter.asp?style=none

瑞星卡卡安全论坛