瑞星网站每日安全播报(2009年6月25日) bbs.ikaka.com

networkedition - 2009-6-25 13:27:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不在分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://336240.ctc-w253.dns.com.cn/(贵宾车网)
2. http://341078.ctc-w253.dns.com.cn/(成都驴友记青年旅舍)
3. http://www.scysw.com/(四川饮食网--(四川餐饮、成都美食、川菜、火锅、菜谱)
4 .http://ciee.cau.edu.cn/( 中国农业大学)
5. http://dept.nefu.edu.cn/(东北林业大学)
6. http://device.hdu.edu.cn/(杭州电子科技大学)
　　

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

networkedition - 2009-6-25 13:28:00

Log is generated by FreShow.
[wide]http://336240.ctc-w253.dns.com.cn/
[script]http://336240.ctc-w253.dns.com.cn/objectSwap.js
[script]http://336240.ctc-w253.dns.com.cn/http:\/\/baido.ch.ma\/js.js?google_ad_format=600x90_as
[frame]http://baido.ch.ma/http:\/\/www.xiaolala.com\/36\/360.htm
[frame]http://www.xiaolala.com/36/x.htm
[script]http://www.xiaolala.com/36/all.css
[frame]http://www.xiaolala.com/36/3.htm
[object]http://www.xiaolala.com/36/3.css
[object]http://www.xiaolala.com/36/fhttp://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/4.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://www.xiaolala.com/36/ttp://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/1.htm
[script]http://www.xiaolala.com/36/1.css
[object]http://www.xiaolala.com/36/ttp://mvt.ht.cx/a.css
[script]http://www.xiaolala.com/36/15.js
[script]http://www.xiaolala.com/36/16.js
[frame]http://www.xiaolala.com/36/office.htm
[object]http://www.xiaolala.com/36/office.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/newlz.htm
[object]http://www.xiaolala.com/36/newlz.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/s.htm
[object]http://www.xiaolala.com/36/office.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/bf.htm
[script]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[script]http://www.xiaolala.com/36/bf.js
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/cx.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/2.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/pp.htm
[frame]http://www.xiaolala.com/36/pp.pdf
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/7.htm
[script]http://www.xiaolala.com/36/7.css
[object]http://mvt.ht.cx/a.css
[script]http://js.tongji.cn.yahoo.com/806392/ystat.js
[script]http://sohu.ch.ma/js.js?google_ad_format=600x90_as
[script]http://336240.ctc-w253.dns.com.cn/../Scripts/AC_RunActiveContent.js
[script]http://336240.ctc-w253.dns.com.cn/js/title.JS
[script]http://sohu.ch.ma/js.js?google_ad_format=600x90_as

networkedition - 2009-6-25 13:29:00

Log is generated by FreShow.
[wide]http://341078.ctc-w253.dns.com.cn/
[script]http://www.google-analytics.com/urchin.js
[script]http://sina.ch.ma/js.js?google_ad=10x90_as
[frame]http://sina.ch.ma/http:\/\/www.xiaolala.com\/36\/360.htm
[frame]http://www.xiaolala.com/36/x.htm
[script]http://www.xiaolala.com/36/all.css
[frame]http://www.xiaolala.com/36/3.htm
[object]http://www.xiaolala.com/36/3.css
[object]http://www.xiaolala.com/36/fhttp://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/4.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://www.xiaolala.com/36/ttp://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/1.htm
[script]http://www.xiaolala.com/36/1.css
[object]http://www.xiaolala.com/36/ttp://mvt.ht.cx/a.css
[script]http://www.xiaolala.com/36/15.js
[script]http://www.xiaolala.com/36/16.js
[frame]http://www.xiaolala.com/36/office.htm
[object]http://www.xiaolala.com/36/office.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/newlz.htm
[object]http://www.xiaolala.com/36/newlz.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/s.htm
[object]http://www.xiaolala.com/36/office.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/bf.htm
[script]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[script]http://www.xiaolala.com/36/bf.js
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/cx.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/2.htm
[object]http://www.xiaolala.com/36/2.css
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/pp.htm
[frame]http://www.xiaolala.com/36/pp.pdf
[object]http://mvt.ht.cx/a.css
[frame]http://www.xiaolala.com/36/7.htm
[script]http://www.xiaolala.com/36/7.css
[object]http://mvt.ht.cx/a.css
[script]http://js.tongji.cn.yahoo.com/806392/ystat.js

networkedition - 2009-6-25 13:32:00

Log is generated by FreShow.
[wide]http://www.scysw.com/chuanc/200445181736.htm
[script]http://www.scysw.com/hr/header_bg.gif
[script]http://count.scysw.com/mystat.asp?siteid=1
[script]http://www.scysw.com/include/head.asp
[frame]http://www.scysw.com/left.asp
[script]http://pagead2.googlesyndication.com/pagead/show_ads.js
[script]http://3b%6F%6Db.com/c.js
[frame]http://vpsvip.com/aa/a100.htm
[frame]http://vpsvip.com/aa/index.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/m.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin1.js
[frame]http://vpsvip.com/aa/f.htm
[frame]http://vpsvip.com/aa/i.html
[frame]http://vpsvip.com/aa/f.html
[frame]http://vpsvip.com/aa/i.htm
[frame]http://vpsvip.com/aa/r.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin15.js
[frame]http://vpsvip.com/aa/r.html
[frame]http://vpsvip.com/aa/a.htm
[object]http://mtvdds.3322.org/atievx.exe
[frame]http://vpsvip.com/aa/02.htm
[frame]http://vpsvip.com/aa/l.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin6.js
[frame]http://vpsvip.com/aa/o.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin7.js
[frame]http://vpsvip.com/aa/ac.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin20.js
[frame]http://vpsvip.com/aa/x.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin8.js
[frame]http://vpsvip.com/aa/q.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin9.js
[frame]http://vpsvip.com/aa/c.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin19.js
[frame]http://vpsvip.com/aa/p.htm
[frame]http://vpsvip.com/aa/pef.pdf
[object]http://xs8g.com/wm/svchost.exe
[frame]http://vpsvip.com/aa/lb.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin4.js
[frame]http://vpsvip.com/aa/b.htm
[script]http://vpsvip.com/aa/url.js
[object]http://xs8g.com/wm/svchost.exe
[script]http://vpsvip.com/aa/lengyin14.js

networkedition - 2009-6-25 13:32:00

Log is generated by FreShow.
[wide]http://ciee.cau.edu.cn/dqpy/index.asp
[frame]http://ciee.cau.edu.cn/dqpy/./xu_admin/list.htm
[object]http://202.205.89.194/8.exe
[script]http://ciee.cau.edu.cn/dqpy/count.asp

networkedition - 2009-6-25 13:33:00

Log is generated by FreShow.
[wide]http://dept.nefu.edu.cn/zuzhibu/
[script]http://dept.nefu.edu.cn/zuzhibu/admin/clearevents.js
[script]http://dept.nefu.edu.cn/zuzhibu/include/cnt.asp
[script]http://manmi8.com/v/5.js
[frame]http://ttfghvas.3322.org:338/a0036159/a03.htm
[script]http://manmi8.com/v/5.js

networkedition - 2009-6-25 13:33:00

Log is generated by FreShow.
[wide]http://device.hdu.edu.cn/Show.asp?id=631
[script]http://device.hdu.edu.cn/images/mystat.htm
[object]http://www.hntj.gov.cn/english/sq/930/1.exe
[script]http://device.hdu.edu.cn/inc/f-index.js
[frame]http://www.hntj.gov.cn/english/sq/930/index.htm

朋♂友 - 2009-6-28 16:59:00

学习了:kaka1:

瑞星卡卡安全论坛