瑞星网站每日安全播报(2010年1月6日) bbs.ikaka.com

networkedition - 2010-1-6 12:52:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://auto.shangdu.com/（商都汽车）
2. http://product.591hx.com/(华讯财经：中国最权威最专业的财经即时分析门户网站_股票）
3. http://www.hao86.com/（中国求职指南网-求职,自荐书,自荐信,求职信.）
4. http://www.medipromos.com/（百医网__医疗信息, 临床实例, 临床应用, 治疗方案）

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)

networkedition - 2010-1-6 12:52:00

Log generated by networkedition use mdecoder 0.30
[root]http://auto.shangdu.com/show.aspx?id=68534&n=2
[iframe]http://auto.shangdu.com/kongjian/headsearch.aspx
[script]http://auto.shangdu.com/js/search.js
[iframe]http://174.139.92.8:1100/360/4/index.html
[iframe]http://174.139.92.8:1100/360/4/index.html
[script]http://174.139.92.8:1100/360/4/a.jpg
[exe]http://cocoexe.8gcc.com:8886/down/my/4.exe
[script]http://174.139.92.8:1100/360/4/c.jpg
[script]http://174.139.92.8:1100/360/4/d.css
[script]http://174.139.92.8:1100/360/4/e.jpg
[script]http://174.139.92.8:1100/360/4/f.css

networkedition - 2010-1-6 12:53:00

Log generated by networkedition use mdecoder 0.30
[root]http://product.591hx.com/
[script]http://product.591hx.com/js/prototype.js
[script]http://product.591hx.com/js/msclass.js
[script]http://product.591hx.com/js/scriptaculous.js?load=effects
[script]http://product.591hx.com/js/lightbox.js
[script]http://www.crcf.org.cn/logo.gif?591hx
[iframe]http://t00ls.6600.org:2788/logasp/on.html?l
[iframe]http://t00ls.6600.org:2788/logasp/ardme.html
[iframe]http://t00ls.6600.org:2788/logasp/ko4.htm
[script]http://t00ls.6600.org:2788/logasp/14.js
[exe]http://bb.ismydns.com.cn:8288/log.css
[script]http://t00ls.6600.org:2788/logasp/15.js
[script]http://t00ls.6600.org:2788/logasp/17.js
[script]http://t00ls.6600.org:2788/logasp/16.js
[script]http://t00ls.6600.org:2788/logasp/18.js
[script]http://t00ls.6600.org:2788/logasp/19.js
[iframe]http://t00ls.6600.org:2788/logasp/tsing.htm
[script]http://t00ls.6600.org:2788/logasp/ll.jpg
[script]http://t00ls.6600.org:2788/logasp/ll1.jpg
[script]http://t00ls.6600.org:2788/logasp/kopp.jpg
[exe]http://bb.ismydns.com.cn:8288/log.css
[script]http://t00ls.6600.org:2788/logasp/llll1.jpg
[script]http://t00ls.6600.org:2788/logasp/llll.jpg
[script]http://t00ls.6600.org:2788/logasp/lllll.jpg
[iframe]http://t00ls.6600.org:2788/logasp/see9.htm
[script]http://t00ls.6600.org:2788/logasp/kob.jpg
[exe]http://bb.ismydns.com.cn:8288/log.css
[script]http://t00ls.6600.org:2788/logasp/91.js
[script]http://t00ls.6600.org:2788/logasp/90.js
[iframe]http://t00ls.6600.org:2788/logasp/see1.htm
[iframe]http://t00ls.6600.org:2788/logasp/kof.htm
[iframe]http://t00ls.6600.org:2788/logasp/ki.htm
[script]http://t00ls.6600.org:2788/logasp/swfobject.js
[flash]http://t00ls.6600.org:2788/logasp/i115.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/i47.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/i45.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/i64.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[iframe]http://t00ls.6600.org:2788/logasp/kf.htm
[script]http://t00ls.6600.org:2788/logasp/swfobject.js
[flash]http://t00ls.6600.org:2788/logasp/f115.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/f47.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/f45.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[flash]http://t00ls.6600.org:2788/logasp/f64.swf
[exe]http://bb.ismydns.com.cn:8288/log.css
[iframe]http://t00ls.6600.org:2788/logasp/ki.htm
[iframe]http://t00ls.6600.org:2788/logasp/kofi.htm
[script]http://t00ls.6600.org:2788/logasp/week.jpg
[exe]http://bb.ismydns.com.cn:8288/log.css
[script]http://t00ls.6600.org:2788/logasp/kg.jpg
[script]http://t00ls.6600.org:2788/logasp/km.jpg
[iframe]http://t00ls.6600.org:2788/logasp/see2.htm
[iframe]http://t00ls.6600.org:2788/logasp/kaq.htm
[iframe]http://t00ls.6600.org:2788/logasp/see3.htm
[iframe]http://t00ls.6600.org:2788/logasp/kol.htm
[script]http://t00ls.6600.org:2788/logasp/week.jpg
[script]http://t00ls.6600.org:2788/logasp/lz.css
[script]http://t00ls.6600.org:2788/logasp/lz2.css
[script]http://product.591hx.com/google-analytics.com/ga.js

networkedition - 2010-1-6 12:53:00

Log generated by networkedition use mdecoder 0.30
[root]http://www.hao86.com/xiezuo/shixi/
[script]http://www.hao86.com/search/newsearch.js
[script]http://img0.niupan.com/html/tiyu/zt/wj.jpg?133
[iframe]http://img0.niupan.com/html/tiyu/zt/wj/gm.htm?晕123
[script]http://img0.niupan.com/html/tiyu/zt/wj/logo.js
[exe]http://www.98cssf.com/uploads/75.exe
[script]http://www.hao86.com/ad/count.js
[script]http://js.users.51.la/3192969.js
[exe]http://www.hao86.com/images/base.css
[exe]http://www.hao86.com/images/main.css
[exe]http://www.hao86.com/images/index.css
[exe]http://www.hao86.com/images/base.css

networkedition - 2010-1-6 12:54:00

Log is generated by FreShow.
[wide]http://www.medipromos.com/cold/guw/cl.asp?130.html
[object]http://sc.gzidc.cn/db/index.htm
[frame]http://sc.gzidc.cn/db/oa.htm
[script]http://sc.gzidc.cn/db/oa.js
[object]http://www.89189.com/ad/w.exe
[script]http://js.users.51.la/3392182.js

瑞星卡卡安全论坛