瑞星网站每日安全播报(2010年9月3日) bbs.ikaka.com

networkedition - 2010-9-3 13:20:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://www.qjxcb.gov.cn/(清涧宣传网= 中国红枣之乡－清涧)
2. http://www.tlcppcc.gov.cn/(通辽市政协网)
3. http://xsc.nacta.edu.cn/(中国戏曲学院)
4. http://io.ruc.edu.cn/(中国人民大学国际交流处)
5. http://mba.nbu.edu.cn/(宁波大学MBA教育中心)

用户系统信息：Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)

networkedition - 2010-9-3 13:20:00

Log generated by networkedition use mdecoder 0.54
[root]http://www.qjxcb.gov.cn/ReadNews.asp?NewsID=1262(陕北文化产业应乘势崛起_文化旅游_文化旅游_清涧宣传网= 中国红枣之乡－清涧)
[script]http://www.qjxcb.gov.cn/mm_menu.js
[flash]http://www.qjxcb.gov.cn/IMAGES/xcad0.swf
[iframe]http://www.bjxyedu.com/haha.htm
[virus]http://www.bjxyedu.com/22.exe
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm
[iframe]http://www.bjxyedu.com/haha.htm

networkedition - 2010-9-3 13:20:00

Log generated by networkedition use mdecoder 0.54
[root]http://www.tlcppcc.gov.cn/up/news.asp?id=12863
[script]http://www.gakm.net/images/help.js
[iframe]http://www.gakm.net/images/index.html
[virus]http://www.gakm.net/images/wo.exe
[script]http://www.gakm.net/images/a.js
[script]http://js.users.51.la/3954187.js

networkedition - 2010-9-3 13:21:00

Log generated by networkedition use mdecoder 0.54
[root]http://xsc.nacta.edu.cn/show.asp?dy=215022679
[script]http://www.866pk.com/baidu3.js
[script]http://www.866pk.com/baidu2.js
[script]http://www.866pk.com/baidu.js
[script]http://js.users.51.la/4089455.js
[script]http://www.866pk.com/baidu4.js
[iframe]http://ww.freesjeidw.info/wm/wow/index.htm
[exp]http://ww.freesjeidw.info/wm/wow/1.html(Exploit.Ie0dayCVE0806.a)
[virus]http://freejyfc19.info/xx.exe
[script]http://ww.freesjeidw.info/wm/wow/yt.jpg
[virus]http://freejyfc19.info/xx.exe
[script]http://www.866pk.com/baidu2.js
[script]http://js.users.51.la/4094254.js

networkedition - 2010-9-3 13:21:00

Log generated by networkedition use mdecoder 0.54
[root]http://io.ruc.edu.cn/list.asp?/fAILT.html
[script]http://js.users.51.la/3926172.js
[script]http://www.heze369.com/memory/hk.js
[iframe]http://www.heze369.com/memory/hhh.html
[exp]http://www.heze369.com/memory/y.htm(Exploit.Ie0dayCVE0806.a)
[virus]http://www.heze369.com/memory/xxx.exe
[iframe]http://www.heze369.com/memory/f.htm
[script]http://www.heze369.com/memory/css.css

networkedition - 2010-9-3 13:21:00

Log generated by networkedition use mdecoder 0.54
[root]http://mba.nbu.edu.cn/nul.show.asp?dy=217338194(龙之谷求时装补丁安装方法和杰哥武器补丁 - 已回答 )
[script]http://js.users.51.la/4088676.js
[exp]http://jyfc19.info/wm/lzg/index.htm(Exploit.Ie0dayCVE0806.a)
[virus]http://www.hangzhou-anmo.com/xiazai/1.exe
[script]http://jyfc19.info/wm/lzg/yt.jpg
[script]http://js.users.51.la/4086942.js

jks_风 - 2010-9-3 14:00:00

十进制加密
Log is generated by FreShow.
[wide]http://www.qjxcb.gov.cn/ReadNews.asp?NewsID=1262
[script]http://www.qjxcb.gov.cn/mm_menu.js
[frame]http://www.bjxyedu.com/haha.htm
[object]http://www.bjxyedu.com/22.exe
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm
[frame]http://www.bjxyedu.com/haha.htm

jks_风 - 2010-9-3 14:01:00

Log is generated by FreShow.
[wide]http://www.tlcppcc.gov.cn/up/news.asp?id=12863
[script]http://www.gakm.net/images/help.js
[frame]http://www.gakm.net/images/index.html
[script]http://www.gakm.net/images/a.js
[script]http://js.users.51.la/3954187.js
[object]http://www.gakm.net/images/wo.exe

jks_风 - 2010-9-3 14:03:00

Log is generated by FreShow.
[wide]http://xsc.nacta.edu.cn/show.asp?dy=215022679
[script]http://www.866pk.com/baidu3.js
[script]http://www.866pk.com/baidu2.js
[script]http://www.866pk.com/baidu.js
[script]http://js.users.51.la/4089455.js
[script]http://www.866pk.com/baidu4.js
[frame]http://ww.freesjeidw.info/wm/wow/index.htm
[frame]http://ww.freesjeidw.info/wm/wow/1.html
[object]http://freejyfc19.info/xx.exe
[script]http://www.866pk.com/baidu2.js
[script]http://js.users.51.la/4094254.js

jks_风 - 2010-9-3 14:29:00

Log is generated by FreShow.
[wide]http://io.ruc.edu.cn/list.asp?/fAILT.html
[script]http://www.sohu.com/sohuflash_1.js
[script]http://js.users.51.la/3926172.js
[script]http://%77%77%77%2E%68%65%7A%65%33%36%39%2E%63%6F%6D/memory/hk.js
[frame]http://www.heze369.com/memory/hhh.html
[frame]http://www.heze369.com/memory/y.htm
[object]http://www.heze369.com/memory/xxx.exe
[frame]http://www.heze369.com/memory/f.htm
[script]http://www.heze369.com/memory/css.css

jks_风 - 2010-9-3 14:30:00

Log is generated by FreShow.
[wide]http://mba.nbu.edu.cn/nul.show.asp?dy=217338194
[script]http://js.users.51.la/4088676.js
[frame]http://jyfc19.info/wm/lzg/index.htm
[object]http://www.hangzhou-anmo.com/xiazai/1.exe

ー樣的對白 - 2010-9-3 21:01:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:04:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:04:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:04:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:04:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:04:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:06:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:06:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:06:00

该用户帖子内容已被屏蔽

ー樣的對白 - 2010-9-3 21:06:00

该用户帖子内容已被屏蔽

瑞星卡卡安全论坛