瑞星网站每日安全播报(2011年1月19日) bbs.ikaka.com

networkedition - 2011-1-19 13:32:00

引用:

网址均来自瑞星每日安全播报，我们详细分析其中所挂恶意网址，对于已失效的恶意网址就不再分析。

引用:

注：以下分析出的恶意网址均包含有真实网马下载地址，请勿直接下载并运行，以免系统中招。

引用:

1. http://02984812229.xaonline.com/(古城热线|门当户对的城市E生活)
2. http://ciee.cau.edu.cn/(开放的中国农业大学欢迎您！)
3. http://www.cdcc.gov.cn/(成都市建设委员会)
4. http://www1.aufe.edu.cn/(安徽财经大学网络中心)

用户系统信息：Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6.6; AskTB5.6)

networkedition - 2011-1-19 13:34:00

Log generated by 1006162666 use mdecoder 0.67
[root]http://02984812229.xaonline.com/(户县交通局)
[script]http://www.xaonline.com/newtop/top950.js
[iframe]http://www.269.net/newtop/114_750.htm
[script]http://box.118114.cn/searchbox.html?id=7660
[iframe]http://box.118114.cn/searchframe.html?id=7660
[script]http://02984812229.xaonline.com/includes/siteTop.js
[script]http://www.xaonline.com/newtop/bottom950.js
[iframe]http://www.269.net/mini/
[iframe]http://m.weather.com.cn/m/pn11/weather.htm?id=101110101T
[iframe]http://www.269.net/mini/main.htm
[script]http://www.269.net/mini/js/ScrollPic.js
[iframe]http://dfgongzuo.3322.org:68/ss/so.htm
[script]http://dfgongzuo.3322.org:68/ss/as.js
[virus]http://124.232.150.68:68/x2.exe
[iframe]http://www.269.net/mini/sidebar.htm
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xylili&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey01&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey02&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey03&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey04&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey05&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xeey06&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xyylili&location=SN
[iframe]http://www.269.net/sdc_frame.htm
[script]http://www.269.net/httphttps:==0?

networkedition - 2011-1-19 13:34:00

Log generated by networkedition use mdecoder 0.67
[root]http://ciee.cau.edu.cn/dqpy/index.asp(党旗飘扬 - 信息与电气工程学院)
[flash]http://ciee.cau.edu.cn/dqpy/images/bgover.swf
[iframe]http://ciee.cau.edu.cn/dqpy/./xu_admin/list.htm
[virus]http://202.205.89.194/8.exe
[script]http://ciee.cau.edu.cn/dqpy/count.asp

networkedition - 2011-1-19 13:35:00

Log generated by 1006162666 use mdecoder 0.67
[root]http://www.cdcc.gov.cn/css/lzg.html(龙之谷辅助工具|龙之谷无敌，挤线工具免费下载-xyq163.net)
[script]http://www.cdgs.gov.cn/manager/css/lzg2.js
[exp]http://www.lsrc.cn/ad/test1test.html(Exploit.Ie0dayCVE0806.c)
[script]http://www.lsrc.cn/ad/pack.js
[script]http://www.lsrc.cn/ad/pack.css
[virus]http://www.lsrc.cn/ad/lzg123.exe

networkedition - 2011-1-19 13:36:00

Log generated by 1006162666 use mdecoder 0.67
[root]http://www1.aufe.edu.cn/jianfei/Folder/style/118861.html(pps官方下载)
[script]http://www.91mir3sf.cn/123/guanggao/tan.js
[script]http://www.91mir3sf.cn/123/guanggao/tuitan.js
[iframe]http://www.91mir3sf.cn/123/guanggao/top.asp
[iframe]http://www.91mir3sf.cn/123/guanggao/zhong.asp
[iframe]http://www.txhtjy.com/stu/anhey.html
[iframe]http://www.txhtjy.com/stu/love.html
[iframe]http://www.txhtjy.com/stu/n73.htm
[iframe]http://www.txhtjy.com/stu/ahf.htm
[iframe]http://www.txhtjy.com/stu/i1.htm
[script]http://www.txhtjy.com/stu/swfobject.js
[flash]http://www.txhtjy.com/stu/i115.swf
[flash]http://www.txhtjy.com/stu/i47.swf
[flash]http://www.txhtjy.com/stu/i45.swf
[flash]http://www.txhtjy.com/stu/i64.swf
[iframe]http://www.txhtjy.com/stu/f10.htm
[iframe]http://www.txhtjy.com/stu/f2.htm
[script]http://www.txhtjy.com/stu/swfobject.js
[flash]http://www.txhtjy.com/stu/f115.swf
[flash]http://www.txhtjy.com/stu/f47.swf
[flash]http://www.txhtjy.com/stu/f45.swf
[flash]http://www.txhtjy.com/stu/f64.swf
[iframe]http://www.txhtjy.com/stu/f10.htm
[iframe]http://www.txhtjy.com/stu/i1.htm
[iframe]http://www.txhtjy.com/stu/18.htm
[script]http://www.txhtjy.com/stu/party.css
[exp]http://www.txhtjy.com/stu/19.htm(Exploit.Ie0dayCVE0806.a)
[virus]http://www.txhtjy.com/stu/ufo.exe
[iframe]http://www.txhtjy.com/stu/n95.htm
[iframe]http://www.txhtjy.com/stu/of.htm

njuptzc - 2011-1-19 22:38:00

Log generated by njuptzc use mdecoder 0.67
[root]http://02984812229.xaonline.com/(户县交通局)
[script]http://www.xaonline.com/newtop/top950.js
[iframe]http://www.269.net/newtop/114_750.htm
[script]http://box.118114.cn/searchbox.html?id=7660
[iframe]http://box.118114.cn/searchframe.html?id=7660
[script]http://02984812229.xaonline.com/includes/siteTop.js
[script]http://www.xaonline.com/newtop/bottom950.js
[iframe]http://www.269.net/mini/
[iframe]http://m.weather.com.cn/m/pn11/weather.htm?id=101110101T
[iframe]http://www.269.net/mini/main.htm
[script]http://www.269.net/mini/js/ScrollPic.js
[iframe]http://360vs2B.3322.org:68/ss/so.htm
[iframe]http://www.269.net/mini/sidebar.htm
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xylili&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey01&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey02&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey03&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey04&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xxeey05&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xeey06&location=SN
[script]http://125.76.238.72/AdWebDelivery/AdDelivery.aspx?website=SN&place=xyylili&location=SN
[iframe]http://www.269.net/sdc_frame.htm
[script]http://www.269.net/httphttps:==0?
网马已经被清除

瑞星卡卡安全论坛