Malware Domain List

Malware Related => Malicious Domains => Topic started by: GaryDee on April 07, 2012, 11:30:17 pm

Title: Honeypots forgotten Links...
Post by: GaryDee on April 07, 2012, 11:30:17 pm
Code: [Select]
http://tvgames.in
http://tvgames.in/addnews.html
http://tvgames.in/atari-2600-games
http://tvgames.in/atari-5200-games
http://tvgames.in/atari-7800-games
http://tvgames.in/engine/classes/js/jquery.js
http://tvgames.in/forum/forum_10
http://tvgames.in/game-ost
http://tvgames.in/index.php
http://tvgames.in/index.php?do=addnews
http://tvgames.in/index.php?do=feedback
http://tvgames.in/index.php?do=register
http://tvgames.in/index.php?do=search&mode=advanced
http://tvgames.in/index.php?do=stats
http://tvgames.in/panasonic-3do-games
http://tvgames.in/pc-apple-mac
http://tvgames.in/sega-32x-games
http://tvgames.in/sega-dreamcast-games
http://tvgames.in/sega-master-system-games
http://tvgames.in/sony-playstation2-games
http://tvgames.in/sony-playstation-games
http://tvgames.in/sony-psp-games
http://www.tvgames.in/
http://www.tvgames.in/2007/09/
http://www.tvgames.in/2007/10/
http://www.tvgames.in/2007/11/
http://www.tvgames.in/2007/12/
http://www.tvgames.in/2008/01/
http://www.tvgames.in/2008/02/
http://www.tvgames.in/2008/03/
http://www.tvgames.in/2008/04/
http://www.tvgames.in/2008/05/
http://www.tvgames.in/2008/06/
http://www.tvgames.in/2008/07/
http://www.tvgames.in/2008/08/
http://www.tvgames.in/2008/09/
http://www.tvgames.in/2008/10/
http://www.tvgames.in/2008/11/
http://www.tvgames.in/2008/12/
http://www.tvgames.in/2009/01/
http://www.tvgames.in/2009/02/
http://www.tvgames.in/2009/03/
http://www.tvgames.in/2009/04/
http://www.tvgames.in/2009/05/
http://www.tvgames.in/2009/06/
http://www.tvgames.in/2009/07/
http://www.tvgames.in/2009/08/
http://www.tvgames.in/2009/09/
http://www.tvgames.in/2009/10/
http://www.tvgames.in/2009/11/
http://www.tvgames.in/2009/12/
http://www.tvgames.in/2010/01/
http://www.tvgames.in/2010/02/
http://www.tvgames.in/2010/03/
http://www.tvgames.in/2010/04/
http://www.tvgames.in/2010/05/
http://www.tvgames.in/2010/06/
http://www.tvgames.in/2010/07/
http://www.tvgames.in/2010/08/
http://www.tvgames.in/2010/09/
http://www.tvgames.in/2010/10/
http://www.tvgames.in/2010/11/
http://www.tvgames.in/2010/12/
http://www.tvgames.in/2011/01/
http://www.tvgames.in/2011/02/
http://www.tvgames.in/2011/03/
http://www.tvgames.in/2011/04/
http://www.tvgames.in/2011/05/
http://www.tvgames.in/2012/03/
http://www.tvgames.in/index.php?do=lostpassword
http://www.tvgames.in/index.php?do=register
http://www.tvgames.in/page/10/
http://www.tvgames.in/page/2/
http://www.tvgames.in/page/3/
http://www.tvgames.in/page/359/
http://www.tvgames.in/page/4/
http://www.tvgames.in/page/5/
http://www.tvgames.in/page/6/
http://www.tvgames.in/page/7/
http://www.tvgames.in/page/8/
http://www.tvgames.in/page/9/
http://www.tvgames.in/partners/
http://www.tvgames.in/pc-apple-mac/
http://www.tvgames.in/pc-apple-mac/22873-re-volt-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22873-re-volt-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22874-rollercoaster-tycoon-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22874-rollercoaster-tycoon-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22875-magic-and-mayhem-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22875-magic-and-mayhem-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22876-beavis-and-butthead-do-u-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22876-beavis-and-butthead-do-u-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22903-fifa-99-1998pcrus.html
http://www.tvgames.in/pc-apple-mac/22903-fifa-99-1998pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22904-fallout-a-post-nuclear-role-play-game.html
http://www.tvgames.in/pc-apple-mac/22904-fallout-a-post-nuclear-role-play-game.html#comment
http://www.tvgames.in/pc-apple-mac/22905-sanitarium-1998pcrus.html
http://www.tvgames.in/pc-apple-mac/22905-sanitarium-1998pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22906-indiana-jones-and-the-infernal-machine.html
http://www.tvgames.in/pc-apple-mac/22906-indiana-jones-and-the-infernal-machine.html#comment
http://www.tvgames.in/pc-apple-mac/22958-mechwarrior-3-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22958-mechwarrior-3-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22959-worms-armageddon-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22959-worms-armageddon-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22960-galador-der-fluch-des-prinzen-1999pcrus.html
http://www.tvgames.in/pc-apple-mac/22960-galador-der-fluch-des-prinzen-1999pcrus.html#comment
http://www.tvgames.in/pc-apple-mac/22961-fallout-2-1998pcrepackrus.html
http://www.tvgames.in/pc-apple-mac/22961-fallout-2-1998pcrepackrus.html#comment
http://www.tvgames.in/user/viip/

Trojan.JS.Redirector.vh
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 12:16:50 am
Code: [Select]
http://igamez.info/
http://igamez.info/2007/04/12/offworld_interceptor_jp.html
http://igamez.info/2007/04/12/shock_wave__operation_jumpgate_eu.html
http://igamez.info/2007/04/12/space_hulk_vengeance_of_the_blood_angels_us.html
http://igamez.info/2007/10/05/killing_time.html
http://igamez.info/2008/09/10/blue_stinger.html
http://igamez.info/2008/09/10/evil_twin_cypriens_chronicles.html
http://igamez.info/2009/01/25/moment_istiny__moment_of_silence_rus.html
http://igamez.info/2009/03/25/snow_surfers_rus.html
http://igamez.info/2009/03/27/dancing_blade_katteni_momotenshi__kanzenban.html
http://igamez.info/2009/04/01/tokyo_xtreme_racer_rus.html
http://igamez.info/2010/07/14/road_rash_3d_1998ruspsx.html
http://igamez.info/2010/07/14/road_rash_jailbreak_2000ruspsx.html
http://igamez.info/2011/01/10/colony_wars_vengeance_1998engpsx.html
http://igamez.info/2011/01/10/resident_evil__directors_cut_1996ruspsx.html
http://igamez.info/2011/01/10/star_wars_episode_i_the_phantom_menace_1999ruspsx.html
http://igamez.info/2012/02/28/
http://igamez.info/2012/03/02/
http://igamez.info/2012/03/06/
http://igamez.info/2012/03/21/
http://igamez.info/category/atari_2600/
http://igamez.info/category/atari_jaguar/
http://igamez.info/category/atari_jaguar_cd/
http://igamez.info/category/atari_lynx/
http://igamez.info/category/igry_dlja_xbox360/
http://igamez.info/category/mattel_intellivision/
http://igamez.info/category/nec_turbo_grafx_16/
http://igamez.info/category/nintendo_nes/
http://igamez.info/category/panasonic_3do/
http://igamez.info/category/philips_cdi/
http://igamez.info/category/ps2/
http://igamez.info/category/ps3/
http://igamez.info/category/sega_cd/
http://igamez.info/category/sega_dreamcast/
http://igamez.info/category/sega_master_system/
http://igamez.info/category/sega_saturn/
http://igamez.info/category/sony_psp/
http://igamez.info/category/sony_psx/
http://igamez.info/category/wii/
http://igamez.info/engine/classes/highslide/highslide.js
http://igamez.info/engine/classes/js/dle_js.js
http://igamez.info/engine/classes/js/jquery.js
http://igamez.info/engine/classes/js/jqueryui.js
http://igamez.info/faq/
http://igamez.info/faq/downloads_file/
http://igamez.info/Game%20List.html
http://igamez.info/game_boy/
http://igamez.info/index.php?do=addnews
http://igamez.info/index.php?do=feedback
http://igamez.info/index.php?do=lostpassword
http://igamez.info/index.php?do=register
http://igamez.info/index.php?do=stats
http://igamez.info/On-line_games.html
http://igamez.info/other_files/
http://igamez.info/page/10/
http://igamez.info/page/2/
http://igamez.info/page/3/
http://igamez.info/page/381/
http://igamez.info/page/4/
http://igamez.info/page/5/
http://igamez.info/page/6/
http://igamez.info/page/7/
http://igamez.info/page/8/
http://igamez.info/page/9/
http://igamez.info/site/
http://igamez.info/site_news/
http://igamez.info/sony_psp/7713-lord-of-apocalypse-2011pspjap.html
http://igamez.info/sony_psp/7714-frontier-gate-2011pspjap.html
http://igamez.info/sony_psp/7715-warnichi-2010pspeng.html
http://igamez.info/sony_psp/7716-the-conveni-portable-2010pspjap.html
http://igamez.info/sony_psp/7717-the-legend-of-heroes-trails-of-blue-2011pspjap.html
http://igamez.info/sony_psp/7718-vulcanus-seek-and-destroy-2006pspjapeng.html
http://igamez.info/sony_psp/7719-major-league-baseball-2k8-2008pspeng.html
http://igamez.info/tags/
http://igamez.info/tags/%C4%E8%EA%EE%E3%EE/
http://igamez.info/tags/%CE%E4%E8%ED/
http://igamez.info/tags/%D0%E5%E3%E8%EE%ED/
http://igamez.info/tags/%E2%E0%F8%E8%EC/
http://igamez.info/tags/%E2%FB%E6%E8%F2%FC/
http://igamez.info/tags/%E2%FB%F1%EE%F2%FB/
http://igamez.info/tags/%E7%E0%F5%E2%E0%F2%FB%E2%E0%FE%F9%E8%EC/
http://igamez.info/tags/%E8%E3%F0%E0/
http://igamez.info/tags/%E8%E3%F0%E5/
http://igamez.info/tags/%E8%E3%F0%FB/
http://igamez.info/tags/%E8%F1%EF%FB%F2%E0%E9%F2%E5/
http://igamez.info/tags/%EA%EB%E0%F1%F1%E0/
http://igamez.info/tags/%EA%EE%EE%EF%E5%F0%E0%F2%E8%E2%ED%FB%E5/
http://igamez.info/tags/%EB%E5%E3%E5%ED%E4%FB/
http://igamez.info/tags/%EC%EE%E6%ED%EE/
http://igamez.info/tags/%ED%E0%E2%F1%F2%F0%E5%F7%F3/
http://igamez.info/tags/%ED%E0%E7%E0%E4/
http://igamez.info/tags/%EE%E1%EB%E0%E4%E0%E5%F2/
http://igamez.info/tags/%EE%F1%EE%E1%FB%EC/
http://igamez.info/tags/%EE%F2%EF%F0%E0%E2%E8%F2%FC/
http://igamez.info/tags/%EF%EE%E4%E7%E5%EC%EA%F3/
http://igamez.info/tags/%EF%F0%E0%EE%F2%F6%E0%EC/
http://igamez.info/tags/%EF%F0%E8%F1%F3%F2%F1%F2%E2%F3%FE%F2/
http://igamez.info/tags/%F0%FB%F6%E0%F0%FC/
http://igamez.info/tags/%F1%E2%EE%E8%EC/
http://igamez.info/tags/%F1%E2%EE%FE/
http://igamez.info/tags/%F1%E4%E5%EB%E0%F2%FC/
http://igamez.info/tags/%F1%EF%E5%F6%E8%F4%E8%F7%E5%F1%EA%EE%EC/
http://igamez.info/tags/%F2%E0%EA%EF%F0%E8%EA%EB%FE%F7%E5%ED%E8%FF/
http://igamez.info/tags/%F3%E4%E0%F0%EE%E2/
http://igamez.info/tags/%F5%E0%EC%E5%EB%E5%EE%ED%E0/
http://igamez.info/tags/%FD%F2%EE%E3%EE/
http://igamez.info/tags/anniversary/
http://igamez.info/tags/ciel/
http://igamez.info/tags/flashpoint/
http://igamez.info/tags/nanosuit/
http://igamez.info/tags/ps2/
http://igamez.info/tags/sega/
http://igamez.info/tags/tonelico/
http://igamez.info/tags/x-box/
http://igamez.info/templates/megatron/js/easing.js
http://igamez.info/templates/megatron/js/timers.js
http://igamez.info/templates/megatron/js/videos.js
http://igamez.info/user/viip/
http://igamez.info/wii/7720-mario-party-9-2012wiieng.html
http://igamez.info/wii/7721-maximum-racing-super-karts-2011wiieng.html
http://igamez.info/wii/7722-hoshi-no-kirby-2011wiijap.html

HEUR:Trojan.Script.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 12:37:02 am
Feel free to analize:

Code: [Select]
http://pdavideo.info/
See:

http://128.111.48.236/view.php?hash=842efefe41f359cd6d407f5908f407ca&t=1333844309&type=js
http://jsunpack.jeek.org/?report=5f571f333e2dc8174726e03da5a9cfd192ba5d47
http://128.111.48.236/domain.php?hash=842efefe41f359cd6d407f5908f407ca&type=js

Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 09:08:36 am
Code: [Select]
http://wordpress.com.cctvnoida.in/cache.php
http://wordpress.com.cctvnoida.in/cgi-bin/

Backdoor:PHP/Lollusc.A
PHP/Spy.Ettu.D
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 09:55:09 am
Code: [Select]
http://www.thezoobar.com.au/pages/
http://www.thezoobar.com.au/pages/media/system/js/SpryData.js
http://www.thezoobar.com.au/pages/contacts-a-directions--see-all-the-ways-you-can-contact-us.html
http://www.thezoobar.com.au/pages/contacts-a-directions--see-all-the-ways-you-can-contact-us/our-map-location.html
http://www.thezoobar.com.au/pages/component/user/reset.html
http://www.thezoobar.com.au/pages/component/user/remind.html
http://www.thezoobar.com.au/pages/index.php
http://www.thezoobar.com.au/pages/entertainment-page.html
http://www.thezoobar.com.au/pages/information.html
http://www.thezoobar.com.au/pages/functions-a-events.html
http://www.thezoobar.com.au/pages/leichhatiger-main.html
http://www.thezoobar.com.au/pages/function-packages.html
http://www.thezoobar.com.au/pages/entertainment.html
http://www.thezoobar.com.au/pages/menus.html
http://www.thezoobar.com.au/pages/photo-gallery.html
http://www.thezoobar.com.au/pages/#page

Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 10:06:08 am
Code: [Select]
http://actionkids.com/
http://actionkids.com/index.php?option=com_content&view=article&id=13&Itemid=16
http://actionkids.com/index.php?option=com_content&view=article&id=2&Itemid=2
http://actionkids.com/index.php?option=com_content&view=article&id=2&Itemid=28
http://actionkids.com/index.php?option=com_content&view=article&id=27&Itemid=26
http://actionkids.com/index.php?option=com_content&view=article&id=4&Itemid=6
http://actionkids.com/index.php?option=com_content&view=article&id=41&Itemid=35
http://actionkids.com/index.php?option=com_content&view=article&id=42&Itemid=31
http://actionkids.com/index.php?option=com_content&view=article&id=43&Itemid=34
http://actionkids.com/index.php?option=com_content&view=article&id=45&Itemid=39
http://actionkids.com/index.php?option=com_content&view=article&id=46&Itemid=38
http://actionkids.com/index.php?option=com_content&view=article&id=47&Itemid=37
http://actionkids.com/index.php?option=com_content&view=article&id=48&Itemid=41
http://actionkids.com/index.php?option=com_content&view=article&id=49&Itemid=25
http://actionkids.com/index.php?option=com_content&view=article&id=49&Itemid=43
http://actionkids.com/index.php?option=com_content&view=article&id=5&Itemid=7
http://actionkids.com/index.php?option=com_content&view=article&id=50&Itemid=42
http://actionkids.com/index.php?option=com_content&view=article&id=51&Itemid=45
http://actionkids.com/index.php?option=com_content&view=article&id=9:party-information&catid=11:party&Itemid=14
http://actionkids.com/index.php?option=com_content&view=category&layout=blog&id=11&Itemid=14
http://actionkids.com/index.php?option=com_content&view=category&layout=blog&id=5&Itemid=5
http://actionkids.com/index.php?option=com_eventlist&view=categoryevents&id=3&Itemid=13
http://actionkids.com/index.php?option=com_morfeoshow&Itemid=15
http://actionkids.com/media/system/js/caption.js
http://actionkids.com/media/system/js/modal.js
http://actionkids.com/media/system/js/mootools.js
http://actionkids.com/modules/mod_subscribe/js/check.js
http://actionkids.com/plugins/content/attachments_refresh.js
http://actionkids.com/templates/adeles_actions/scripts/lightbox.js
http://actionkids.com/templates/adeles_actions/scripts/prototype.js

Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 10:29:23 am
Code: [Select]
http://www.anastasiart.com/
http://www.anastasiart.com/?page_id=107
http://www.anastasiart.com/?page_id=191
http://www.anastasiart.com/?page_id=193
http://www.anastasiart.com/?page_id=196
http://www.anastasiart.com/?page_id=655
http://www.anastasiart.com/?page_id=68
http://www.anastasiart.com/wp-includes/js/comment-reply.js?ver=20090102

Trojan-Downloader.HTML.IFrame.agc

http://128.111.48.236/domain.php?hash=c563817bfb0a78992e8aafdbfc864c88&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:00:26 am
Code: [Select]
http://kokky.com.au/+ gaJsHost + google-analytics.com/ga.js
http://kokky.com.au/eng
http://kokky.com.au/eng/about
http://kokky.com.au/eng/blog
http://kokky.com.au/eng/blog-open/Beats-Executive-Headphones-44
http://kokky.com.au/eng/blog-open/Canon-1D-X-DSLR-Camera-43
http://kokky.com.au/eng/contact
http://kokky.com.au/eng/disclaimer
http://kokky.com.au/eng/get-a-quote
http://kokky.com.au/eng/legal-use
http://kokky.com.au/eng/portfolio
http://kokky.com.au/eng/portfolio/identity/9/1300-dentist/
http://kokky.com.au/eng/portfolio/identity/9/floriart-logo/
http://kokky.com.au/eng/portfolio/identity/9/georges-premium-fresh/
http://kokky.com.au/eng/portfolio/identity/9/home-pizza/
http://kokky.com.au/eng/portfolio/identity/9/pablos-vice/
http://kokky.com.au/eng/portfolio/identity/9/rocket-rental/
http://kokky.com.au/eng/portfolio/identity/9/speedy-berry/
http://kokky.com.au/eng/portfolio/identity/9/tuchuzy-burwood/
http://kokky.com.au/eng/portfolio/identity/9/ziller/
http://kokky.com.au/eng/portfolio/print-design/11/liverpool-lanes-flyers/
http://kokky.com.au/eng/portfolio/print-design/11/manhattansuper-bowl-flyers/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/allure/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/allure-display-centre/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/cote-d-azur/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/emerald-park-display-centre/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/enmore-box-factory/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/eton-brochure/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/eton-website/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/giallo-brochure/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/giallo-website/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/pritchard-terraces/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/the-park/
http://kokky.com.au/eng/portfolio/projeft-marketing/8/the-park-brochure/
http://kokky.com.au/eng/portfolio/website/10/floriart/
http://kokky.com.au/eng/portfolio/website/10/georges-providores/
http://kokky.com.au/eng/portfolio/website/10/home-pizza-website/
http://kokky.com.au/eng/portfolio/website/10/house-of-emmanuele/
http://kokky.com.au/eng/portfolio/website/10/kokoloco/
http://kokky.com.au/eng/portfolio/website/10/lateral-corporation/
http://kokky.com.au/eng/portfolio/website/10/liondos/
http://kokky.com.au/eng/portfolio/website/10/liverpool-lanes/
http://kokky.com.au/eng/portfolio/website/10/nick-rizzo/
http://kokky.com.au/eng/welcome
http://kokky.com.au/js/flow.1.2.min.js
http://kokky.com.au/js/jquery.1.3.2.js
http://kokky.com.au/js/jquery.pngFix.js
http://kokky.com.au/js/lightbox-0.5.js

HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:16:30 am
Code: [Select]
http://liondos.com.au/
http://liondos.com.au/?cat=about
http://liondos.com.au/?cat=admin
http://liondos.com.au/?cat=catalogue&sec=accessories
http://liondos.com.au/?cat=catalogue&sec=business-suits
http://liondos.com.au/?cat=catalogue&sec=hospitality
http://liondos.com.au/?cat=catalogue&sec=jackets
http://liondos.com.au/?cat=catalogue&sec=knitwear
http://liondos.com.au/?cat=catalogue&sec=made-to-measure-suits
http://liondos.com.au/?cat=catalogue&sec=polos
http://liondos.com.au/?cat=catalogue&sec=shirts
http://liondos.com.au/?cat=catalogue&sec=tees
http://liondos.com.au/?cat=catalogue&sec=weddings
http://liondos.com.au/?cat=catalogue&sec=work-wear
http://liondos.com.au/?cat=contact
http://liondos.com.au/?cat=home
http://liondos.com.au/?cat=privacy
http://www.liondos.com.au/?cat=catalogue&sec=made-to-measure-suits
http://www.liondos.com.au/?cat=contact

Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:35:04 am
Code: [Select]
http://callex.com.au/
http://callex.com.au/?fontstyle=f-larger
http://callex.com.au/?fontstyle=f-smaller
http://callex.com.au/index.php?option=com_contact&view=contact&id=1&Itemid=53
http://callex.com.au/index.php?option=com_content&view=section&id=4&Itemid=37
http://callex.com.au/index.php?option=com_user&view=remind
http://callex.com.au/index.php?option=com_user&view=reset
http://callex.com.au/media/system/js/caption.js
http://callex.com.au/media/system/js/mootools.js

Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:40:30 am
Code: [Select]
http://nevertouchelectrical.com.au/
http://nevertouchelectrical.com.au/commercial.php?page=commercial
http://nevertouchelectrical.com.au/contact.php?page=contact
http://nevertouchelectrical.com.au/index.php?page=home
http://nevertouchelectrical.com.au/js/pngfix.js
http://nevertouchelectrical.com.au/maintenance.php?page=maintenance
http://nevertouchelectrical.com.au/residential.php?page=residential

Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 09, 2012, 06:07:25 am
Code: [Select]
http://dizixizle.com/
Suspicious

http://128.111.48.236/domain.php?hash=232891895f8928ac9ef6af7dbbb0a663&type=js
https://www.virustotal.com/url/1c6be4bd283e3c50870f9dcc68ff804ed9d36b38fb77a6d4e0e52a3ed2e685ac/analysis/1333951088/
http://jsunpack.jeek.org/?report=4cd028b63abfea97e194f59aa3fe29f37a41f5d7
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 09, 2012, 08:06:44 am
Code: [Select]
http://gjgt.sk/~fuller/dotakeys1.3/dotakeys.exe
TrojWare.Win32.TrojanDropper.Binder.~J
Riskware.Win32.HackTool!A2
Heuristic.BehavesLike.Win32.ModifiedUPX.C!87


Code: [Select]
http://gjgt.sk/~fuller/dotakeys1.3/dotakeys_installer_1.32.zip
Worm/AutoIt.ABH
Win32.WormAutoIt.Abh
Worm.Win32.AutoIt!IK
TrojanDownloader.Agent.hzx
Artemis!8708DECC3E98
Mal/Generic-L
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 05:09:19 am
Code: [Select]
http://jazwiec.pl/test/gr/nlet/ajaxam.js
Trojan-Downloader.JS.Agent.gpj

http://128.111.48.236/view.php?hash=2525e3c28e613dbbe01428cd1a1a5b2f&t=1334033357&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 05:56:59 am
Code: [Select]
chinglong.info/pdf/Document.com
chinglong.info/pdf/document.com
chinglong.info/pdf/Document.pif
chinglong.info/pdf/Download2012.zip
chinglong.info/pdf/articles.zip
chinglong.info/pdf/plugin.dat
chinglong.info/pdf/plugint.dat
chinglong.info/pdf/web-mail.com
chinglong.info/pdf/web.mail.com
chinglong.info/pdf/youtub.com
chinglong.info/pdf/youtube.com

HEUR:Trojan.Win32.Generic

Code: [Select]
chinglong.info/pdf/plugin.dat
chinglong.info/pdf/plugint.dat

Troj/EncProc-B
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 03:58:20 pm
Code: [Select]
http://gustovero.it/best-sales.php
http://gustovero.it/category.php?id_category=10
http://gustovero.it/category.php?id_category=11
http://gustovero.it/category.php?id_category=5
http://gustovero.it/category.php?id_category=6
http://gustovero.it/category.php?id_category=7
http://gustovero.it/category.php?id_category=8
http://gustovero.it/category.php?id_category=9
http://gustovero.it/cms.php?id_cms=1
http://gustovero.it/cms.php?id_cms=3
http://gustovero.it/cms.php?id_cms=5
http://gustovero.it/cms.php?id_cms=6
http://gustovero.it/contact-form.php
http://gustovero.it/index.php?id_lang=1
http://gustovero.it/index.php?id_lang=2
http://gustovero.it/index.php?id_lang=3
http://gustovero.it/js/jquery/ifxtransfer.js
http://gustovero.it/js/jquery/iutil.prestashop-modifications.js
http://gustovero.it/js/jquery/jquery.hotkeys-0.7.8-packed.js
http://gustovero.it/js/pluginDetect.js
http://gustovero.it/js/tools.js
http://gustovero.it/manufacturer.php
http://gustovero.it/manufacturer.php?id_manufacturer=3
http://gustovero.it/my-account.php
http://gustovero.it/new-products.php
http://gustovero.it/order.php
http://gustovero.it/order.php?step=1
http://gustovero.it/prices-drop.php
http://gustovero.it/product.php?id_product=10
http://gustovero.it/product.php?id_product=11
http://gustovero.it/product.php?id_product=12
http://gustovero.it/product.php?id_product=13
http://gustovero.it/sitemap.php
http://gustovero.it/cart.php?
http://gustovero.it/themes/prestashop/js/tools/treeManagement.js
http://www.gustovero.it

Trojan-Downloader.HTML.IFrame.agc


Code: [Select]
http://gustovero.com/
http://gustovero.com/best-sales.php
http://gustovero.com/cart.php?
http://gustovero.com/category.php?id_category=10
http://gustovero.com/category.php?id_category=11
http://gustovero.com/category.php?id_category=5
http://gustovero.com/category.php?id_category=6
http://gustovero.com/category.php?id_category=7
http://gustovero.com/category.php?id_category=8
http://gustovero.com/category.php?id_category=9
http://gustovero.com/cms.php?id_cms=1
http://gustovero.com/cms.php?id_cms=3
http://gustovero.com/cms.php?id_cms=5
http://gustovero.com/cms.php?id_cms=6
http://gustovero.com/contact-form.php
http://gustovero.com/index.php?id_lang=1
http://gustovero.com/index.php?id_lang=2
http://gustovero.com/index.php?id_lang=3
http://gustovero.com/js/jquery/ifxtransfer.js
http://gustovero.com/js/jquery/iutil.prestashop-modifications.js
http://gustovero.com/js/jquery/jquery.easing.1.3.js
http://gustovero.com/js/jquery/jquery.hotkeys-0.7.8-packed.js
http://gustovero.com/js/jquery/jquery-1.2.6.pack.js
http://gustovero.com/js/tools.js
http://gustovero.com/manufacturer.php
http://gustovero.com/manufacturer.php?id_manufacturer=3
http://gustovero.com/modules/blockcart/ajax-cart.js
http://gustovero.com/my-account.php
http://gustovero.com/new-products.php
http://gustovero.com/order.php?
http://gustovero.com/order.php?step=1
http://gustovero.com/prices-drop.php
http://gustovero.com/product.php?id_product=10
http://gustovero.com/product.php?id_product=11
http://gustovero.com/product.php?id_product=12
http://gustovero.com/product.php?id_product=13
http://gustovero.com/sitemap.php
http://gustovero.com/themes/prestashop/js/tools/treeManagement.js

Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 04:50:22 pm
Code: [Select]
greentierra.in/servizio/Info08042012.zip
infected with

Trojan-Dropper.Win32.Injector.efwc

links to

Code: [Select]
http://putemyr.ru/tmp/index.php?out=1333473250
See:

http://www.unmaskparasites.com/security-report/?page=http%3A//greentierra.in/

&

https://www.virustotal.com/url/3ecd0a6f11e5ebf0342dac87b27705b3c25e2ff8110a58fc0c343e136426f7a4/analysis/1334075331/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 07:39:56 pm
Code: [Select]
http://glaspetzka.at
http://glaspetzka.at/anfrage/
http://glaspetzka.at/bilderrahmen/
http://glaspetzka.at/duschabtrennungen
http://glaspetzka.at/eine-seite-2/
http://glaspetzka.at/eine-seite-2/bauverglasung/
http://glaspetzka.at/glasbruch/
http://glaspetzka.at/glaskonstruktionen/
http://glaspetzka.at/glaskonstruktionen/kuchenruckwande/
http://glaspetzka.at/glasschleiferei/
http://glaspetzka.at/impressum
http://glaspetzka.at/jobs
http://glaspetzka.at/kontakt/
http://glaspetzka.at/mobelverglasung/
http://glaspetzka.at/referenzen/
http://glaspetzka.at/spiegel-und-vasen/
http://glaspetzka.at/uber-uns/
http://glaspetzka.at/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.47
http://glaspetzka.at/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.1
http://glaspetzka.at/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.88
http://glaspetzka.at/wp-content/themes/organic_health_blue/images/favicon.ico
http://glaspetzka.at/wp-content/themes/organic_health_blue/js/jquery.flow.1.1.js
http://glaspetzka.at/wp-includes/js/jquery/jquery.js?ver=1.4.2

Trojan-Downloader.JS.Iframe.cvb

&

HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 02:36:34 pm
Code: [Select]
http://les-fleurs.me/
http://les-fleurs.me/index.php
http://les-fleurs.me/index.php#catalog
http://les-fleurs.me/index.php?categoryID=1
http://les-fleurs.me/index.php?categoryID=10
http://les-fleurs.me/index.php?categoryID=11
http://les-fleurs.me/index.php?categoryID=12
http://les-fleurs.me/index.php?categoryID=13
http://les-fleurs.me/index.php?categoryID=14
http://les-fleurs.me/index.php?categoryID=15
http://les-fleurs.me/index.php?categoryID=16
http://les-fleurs.me/index.php?categoryID=17
http://les-fleurs.me/index.php?categoryID=19
http://les-fleurs.me/index.php?categoryID=2
http://les-fleurs.me/index.php?categoryID=20
http://les-fleurs.me/index.php?categoryID=3
http://les-fleurs.me/index.php?categoryID=4
http://les-fleurs.me/index.php?categoryID=5
http://les-fleurs.me/index.php?categoryID=6
http://les-fleurs.me/index.php?categoryID=7
http://les-fleurs.me/index.php?categoryID=8
http://les-fleurs.me/index.php?categoryID=9
http://les-fleurs.me/index.php?killuser=yes
http://les-fleurs.me/index.php?productID=105
http://les-fleurs.me/index.php?productID=116
http://les-fleurs.me/index.php?productID=117
http://les-fleurs.me/index.php?productID=118
http://les-fleurs.me/index.php?productID=46
http://les-fleurs.me/index.php?productID=49
http://les-fleurs.me/index.php?productID=60
http://les-fleurs.me/index.php?productID=64
http://les-fleurs.me/index.php?productID=75
http://les-fleurs.me/index.php?productID=83
http://les-fleurs.me/index.php?productID=84
http://les-fleurs.me/index.php?productID=90
http://les-fleurs.me/index.php?productID=93
http://les-fleurs.me/index.php?productID=97
http://les-fleurs.me/index.php?productID=98
http://les-fleurs.me/index.php?search_with_change_category_ability=yes
http://les-fleurs.me/index.php?shopping_cart=yes
http://les-fleurs.me/index.php?show_price=yes


Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 03:26:32 pm
Code: [Select]
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=38
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=39
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=40
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=41
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=42
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=43
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=44
http://kaif-life.isgreat.org/index.php/2012-03-11-18-45-17
http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/4-2011-10-15-05-38-31
http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/5-2011-10-16-08-58-59
http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/6-2011-10-16-09-23-03
http://kaif-life.isgreat.org/media/system/js/caption.js
http://kaif-life.isgreat.org/media/system/js/mootools.js
http://kaif-life.isgreat.org/modules/mod_ice_vmcart/assets/script.js
http://kaif-life.isgreat.org/modules/mod_icetabs/assets/script_15.js
http://kaif-life.isgreat.org/modules/mod_ja_vmproductslide/ja_vmproductslide/ja.vmproductslide.js
http://kaif-life.isgreat.org/modules/mod_note_its/assets/js/cufon-yui.js
http://kaif-life.isgreat.org/modules/mod_note_its/assets/js/Gunny_Handwriting_400.font.js
http://kaif-life.isgreat.org/templates/ja_larix/ja_menus/ja_scriptdlmenu/ja.scriptdlmenu.js

Trojan-Downloader.JS.JScript.av
Trojan-Downloader.JS.JScript.ax
Trojan-Downloader.JS.JScript.ba
Trojan-Downloader.Win32.Agent.gykb
HEUR:Trojan.Script.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 03:59:52 pm
Code: [Select]
http://en.jagler.com.tr/
HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 04:24:37 pm
Code: [Select]
http://itgarage.co.id/
http://itgarage.co.id/script/main.js
http://www.itgarage.co.id/main/about-us
http://www.itgarage.co.id/store
http://www.itgarage.co.id/store//modules/mod_s5_image_set_rotator/s5_image_set_rotator/s5_image_set_rotator.js
http://www.itgarage.co.id/store/media/system/js/caption.js
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/menu.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.corner.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.jcarousel.min.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/scripts.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/cufon-yui.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/Bebas_Neue_400.font.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.tipTip.minified.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.prettyPhoto.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.easing.1.3.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/styleswitcher.jquery.js?ver=3.3.1
http://www.itgarage.co.id/main/wp-includes/js/comment-reply.js?ver=20090102
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/Dark_Red_cufon-replace.js
http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.nivo.slider.js

Trojan-Downloader.JS.Agent.gnk

Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 05:06:32 pm
Code: [Select]
http://www.internationalmissionsfoundation.org
http://www.internationalmissionsfoundation.org/
http://www.internationalmissionsfoundation.org/contact-us/
http://www.internationalmissionsfoundation.org/donations/
http://www.internationalmissionsfoundation.org/feed/
http://www.internationalmissionsfoundation.org/imf-leadership/
http://www.internationalmissionsfoundation.org/imf-staff/
http://www.internationalmissionsfoundation.org/our-imf-mission/
http://www.internationalmissionsfoundation.org/recovery-assistance/
http://www.internationalmissionsfoundation.org/uncategorized/international-missions-foundation-history/
http://www.internationalmissionsfoundation.org/wp-content/themes/Parallels-WP/js/jquery.easing.1.3.js
http://www.internationalmissionsfoundation.org/wp-content/themes/Parallels-WP/js/jquery.validate.js
http://www.internationalmissionsfoundation.org/wp-includes/js/l10n.js?ver=20101110

Trojan-Downloader.JS.Expack.di
HEUR:Trojan.Script.Generic
Trojan.JS.Agent!IK
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 07:00:44 pm
Code: [Select]
http://hosoonlee.com.sg
http://hosoonlee.com.sg/
http://hosoonlee.com.sg/about/
http://hosoonlee.com.sg/contactus/
http://hosoonlee.com.sg/customization/
http://hosoonlee.com.sg/feed/
http://hosoonlee.com.sg/feed/atom/
http://hosoonlee.com.sg/gallery/
http://hosoonlee.com.sg/products/
http://hosoonlee.com.sg/products/fabrics/
http://hosoonlee.com.sg/products/genuine-leather/
http://hosoonlee.com.sg/products/leather-care/
http://hosoonlee.com.sg/products/polyurethane-foam/
http://hosoonlee.com.sg/products/synthetic-leather/
http://hosoonlee.com.sg/quality/
http://hosoonlee.com.sg/services/
http://hosoonlee.com.sg/services/business-owners/
http://hosoonlee.com.sg/services/contractors/
http://hosoonlee.com.sg/services/home-owners/
http://hosoonlee.com.sg/sofa/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
http://hosoonlee.com.sg/sofa/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.4
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=1.6
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/DD_belatedPNG_0.0.8a-min.js
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/jquery.cycle.all.min.js
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/jquery.easing.1.3.js
http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/superfish.js
http://hosoonlee.com.sg/sofa/wp-includes/js/jquery/jquery.js?ver=1.4.4
http://hosoonlee.com.sg/sofa/wp-includes/js/l10n.js?ver=20101110
http://hosoonlee.com.sg/sofa/wp-includes/js/comment-reply.js?ver=20090102
http://hosoonlee.com.sg/widerangeofsofas/
http://hosoonlee.com.sg/workmanship/
http://www.hosoonlee.com.sg

Trojan-Downloader.JS.JScript.ag
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 12, 2012, 05:19:31 pm
Code: [Select]
http://vizit.venal.com.ua/index.php?limitstart=144
http://vizit.venal.com.ua/index.php?limitstart=18
http://vizit.venal.com.ua/index.php?limitstart=27
http://vizit.venal.com.ua/index.php?limitstart=36
http://vizit.venal.com.ua/index.php?limitstart=45
http://vizit.venal.com.ua/index.php?limitstart=54
http://vizit.venal.com.ua/index.php?limitstart=63
http://vizit.venal.com.ua/index.php?limitstart=72
http://vizit.venal.com.ua/index.php?limitstart=81
http://vizit.venal.com.ua/index.php?limitstart=9
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=130:2011-12-02-10-20-38&catid=29:2011-08-11-16-39-01
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=165:-2012-&catid=42:2011-08-11-16-47-08&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=171&Itemid=109
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=171:-2012-&catid=72:-2012&Itemid=109
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=217:2012-01-27-13-07-21&catid=35:2011-08-11-16-44-57&Itemid=57#comment-66
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=253:2012-04-06-10-50-58&catid=38:2011-08-11-16-45-49&Itemid=67
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=253:2012-04-06-10-50-58&catid=38:2011-08-11-16-45-49&Itemid=67#comments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=254:-14-12&catid=54:2011-08-11-16-50-05&Itemid=60
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=254:-14-12&catid=54:2011-08-11-16-50-05&Itemid=60#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=255:-lr-&catid=42:2011-08-11-16-47-08&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=255:-lr-&catid=42:2011-08-11-16-47-08&Itemid=70#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=256:2012-04-06-11-10-30&catid=41:2011-08-11-16-46-50&Itemid=73
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=256:2012-04-06-11-10-30&catid=41:2011-08-11-16-46-50&Itemid=73#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=257:-8-&catid=41:2011-08-11-16-46-50&Itemid=73
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=257:-8-&catid=41:2011-08-11-16-46-50&Itemid=73#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=258:2012-04-06-11-20-36&catid=50:2011-08-11-16-49-09&Itemid=59
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=258:2012-04-06-11-20-36&catid=50:2011-08-11-16-49-09&Itemid=59#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=259:2012-04-06-13-53-54&catid=40:2011-08-11-16-46-22&Itemid=62
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=259:2012-04-06-13-53-54&catid=40:2011-08-11-16-46-22&Itemid=62#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=260:2012-04-06-13-58-41&catid=50:2011-08-11-16-49-09&Itemid=59
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=260:2012-04-06-13-58-41&catid=50:2011-08-11-16-49-09&Itemid=59#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=261:-l-r&catid=42:2011-08-11-16-47-08&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=261:-l-r&catid=42:2011-08-11-16-47-08&Itemid=70#addcomments
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=47&Itemid=30
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=48&Itemid=18
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=49&Itemid=55
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=70:2011-10-03-11-17-43&catid=42:2011-08-11-16-47-08&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102#comment-67
http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102#comment-68
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=38:2011-08-11-16-45-49&layout=blog&Itemid=67
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=40:2011-08-11-16-46-22&layout=blog&Itemid=62
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=41:2011-08-11-16-46-50&layout=blog&Itemid=73
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=42:2011-08-11-16-47-08&layout=blog&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=50:2011-08-11-16-49-09&layout=blog&Itemid=59
http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=54:2011-08-11-16-50-05&layout=blog&Itemid=60
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=25&Itemid=72
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=30&Itemid=61
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=34&Itemid=91
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=35&Itemid=57
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=36&Itemid=71
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=38&Itemid=67
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=39&Itemid=78
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=40&Itemid=62
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=41&Itemid=73
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=42&Itemid=70
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=43&Itemid=94
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=44&Itemid=69
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=44&Itemid=98
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=45&Itemid=77
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=46&Itemid=95
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=47&Itemid=64
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=48&Itemid=63
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=49&Itemid=74
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=50&Itemid=59
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=51&Itemid=76
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=52&Itemid=58
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=53&Itemid=66
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=54&Itemid=60
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=55&Itemid=65
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=56&Itemid=99
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=57&Itemid=75
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=58&Itemid=56
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=60&Itemid=93
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=61&Itemid=97
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=62&Itemid=100
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=63&Itemid=92
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=64&Itemid=101
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=65&Itemid=102
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=66&Itemid=104
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=69&Itemid=106
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=70&Itemid=107
http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=71&Itemid=108
http://vizit.venal.com.ua/index.php?option=com_content&view=frontpage&Itemid=28
http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=11&layout=blog&Itemid=82
http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=15&layout=blog&Itemid=88
http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=6&layout=blog&Itemid=85
http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=9&layout=blog&Itemid=87
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=86
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=11&Itemid=82
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=12&Itemid=103
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=13&Itemid=84
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=14&Itemid=83
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=15&Itemid=88
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=16&Itemid=80
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=17&Itemid=90
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=20&Itemid=105
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=4&Itemid=2
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=5&Itemid=89
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=6&Itemid=85
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=8&Itemid=96
http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=9&Itemid=87
http://vizit.venal.com.ua/index.php?option=com_igallery&view=category&id=0&Itemid=29
http://vizit.venal.com.ua/index.php?option=com_user&view=register
http://vizit.venal.com.ua/index.php?option=com_user&view=remind
http://vizit.venal.com.ua/index.php?option=com_user&view=reset
http://vizit.venal.com.ua/media/system/js/caption.js
http://vizit.venal.com.ua/media/system/js/mootools.js
http://vizit.venal.com.ua/modules/mod_rokslideshow/tmpl/rokslideshow.js
http://vizit.venal.com.ua/modules/mod_swmenupro/DropDownMenuX_Packed.js
http://vizit.venal.com.ua/modules/mod_swmenupro/transmenu_Packed.js
http://vizit.venal.com.ua/modules/mod_xpertscroller/admin/jquery-1.4.4.js
http://vizit.venal.com.ua/modules/mod_xpertscroller/interface/js/xpertscroller.js
http://vizit.venal.com.ua/plugins/system/cdcaptcha/js/jquery.cdcaptcha.js
http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/highslide/js/highslide-full.min.js
http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.4.2.min.js
http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js
http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jquery-ui-1.8.4.custom.min.js
http://www.venal.com.ua


Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 13, 2012, 09:00:27 am
Code: [Select]
http://www.amazonasimages.com/
HEUR:Trojan.Script.Generic
JS.Trojan.Agent-6
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 05:53:37 am
Code: [Select]
91.205.74.23/content/adp2.php?f=71
91.205.74.23/content/adp2.php?f=72
91.205.74.23/content/adp2.php?f=73
91.205.74.23/content/adp2.php?f=74
91.205.74.23/content/adp2.php?f=75
91.205.74.23/content/adp2.php?f=76
91.205.74.23/content/adp2.php?f=77
91.205.74.23/content/adp2.php?f=78
91.205.74.23/content/adp2.php?f=79
91.205.74.23/content/adp2.php?f=80

Exploit.JS.Pdfka.fof
PDF:Clicker.Exploit.E
Exploit-PDF-FAY!20FCE1336568
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 06:30:38 am
Code: [Select]
http://zabgen.predistoria.org/forum/Themes/default/script.js?fin11
http://zabgen.predistoria.org/forum/Themes/default/xml_topic.js

Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 10:03:47 am
Code: [Select]
xn----stbfln.xn--p1ai/template/images/jquery.cycle.all.js
xn----stbfln.xn--p1ai/template/images/jquery.min.js

Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 11:12:48 am
Code: [Select]
http://pmk-c.ru/
http://pmk-c.ru/template/images/jquery.cycle.all.js
http://pmk-c.ru/template/images/jquery.min.js
http://pmk-c.ru/litebox/js/moo.fx.js
http://pmk-c.ru/litebox/js/prototype.lite.js
http://pmk-c.ru/Blagoustroystvo-territorii.html
http://pmk-c.ru/Demontag-zdaniy.html
http://pmk-c.ru/Funktsii-generalnogo-podryadchika.html
http://pmk-c.ru/Informatsiya-o-kompanii.html
http://pmk-c.ru/Ingenernie-seti.html
http://pmk-c.ru/Izolyatsionnie-raboti.html
http://pmk-c.ru/Kamennie-raboti.html
http://pmk-c.ru/Karta-sayta.html
http://pmk-c.ru/Kontaktnaya-informatsiya.html
http://pmk-c.ru/Krovelnie-raboti.html
http://pmk-c.ru/Montag-metallokonstruktsiy.html
http://pmk-c.ru/Nashi-zakazchiki-galereya.html
http://pmk-c.ru/Novosti-kompanii.html
http://pmk-c.ru/Obshchestroitelnie-raboti.html
http://pmk-c.ru/Otdelochnie-raboti.html
http://pmk-c.ru/Otkritie-sportivnie-soorugeniya.html
http://pmk-c.ru/Ozelenenie-territorii.html
http://pmk-c.ru/Podgotovitelnie-raboti.html
http://pmk-c.ru/Pokritiya-iz-drevesnih-materialov.html
http://pmk-c.ru/Pokritiya-iz-plitnih-materialov.html
http://pmk-c.ru/Poli-iz-polimernih-materialov.html
http://pmk-c.ru/price.html
http://pmk-c.ru/Raschistka-territorii.html
http://pmk-c.ru/Stroitelstvo-vremennih-dorog.html
http://pmk-c.ru/Stroitelstvo-zdaniy.html
http://pmk-c.ru/Ukladka-relsovih-putey.html
http://pmk-c.ru/Ustroystvo-polov.html
http://pmk-c.ru/Ustroystvo-proezdov.html
http://pmk-c.ru/Viravnivayushchie-styagki-perekritiy.html
http://pmk-c.ru/Opalubochnie-i-armaturnie-raboti.html
http://pmk-c.ru/Ustroystvo-monolitnih-betonnih-konstruktsiy.html

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 12:41:40 pm
Code: [Select]
xn----jtbewcdgkdy.xn--p1ai/
xn----jtbewcdgkdy.xn--p1ai/ckidki.html
xn----jtbewcdgkdy.xn--p1ai/contakt.html
xn----jtbewcdgkdy.xn--p1ai/dalee.html
xn----jtbewcdgkdy.xn--p1ai/js/lightbox.js
xn----jtbewcdgkdy.xn--p1ai/js/prototype.js
xn----jtbewcdgkdy.xn--p1ai/js/scriptaculous.js
xn----jtbewcdgkdy.xn--p1ai/galerea.html
xn----jtbewcdgkdy.xn--p1ai/prize/N1.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_fasad.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_demontag.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_santex.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_elektro.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_obshestvenie.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_otdeloch.html
xn----jtbewcdgkdy.xn--p1ai/prize/usl_metallkon.html
xn----jtbewcdgkdy.xn--p1ai/smeta/smeta.html
xn----jtbewcdgkdy.xn--p1ai/vakan.html

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 11:05:12 pm
Code: [Select]
http://xn----8sb5a0ajk1cg.xn--p1ai/
xn----8sb5a0ajk1cg.xn--p1ai/modules/mod_icetabs/assets/script_15.js
xn----8sb5a0ajk1cg.xn--p1ai/#content
xn----8sb5a0ajk1cg.xn--p1ai/#footer
xn----8sb5a0ajk1cg.xn--p1ai/#main-nav_wrap
xn----8sb5a0ajk1cg.xn--p1ai/#site_wrapper
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_contact&view=contact&id=1&Itemid=688
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1216:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1236&Itemid=791
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1240&Itemid=792
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1274:2011-05-23-19-04-02
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1289:something-to-tempt-your-tastebuds
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1292&Itemid=795
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1293&Itemid=764
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1295:something-to-tempt-your-tastebuds
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1296:something-to-tempt-your-tastebuds
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1301:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1302:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1303:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1304:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1305:2011-05-15-20-27-05&catid=102:icetabs
xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_poll&id=16:-qelhouseq
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 09:04:31 am
Code: [Select]
xn--80ajb4acklee1cxfe.xn--p1ai/#imGoToCont
xn--80ajb4acklee1cxfe.xn--p1ai/#imGoToMenu
xn--80ajb4acklee1cxfe.xn--p1ai/blog/
xn--80ajb4acklee1cxfe.xn--p1ai/imsitemap.html
xn--80ajb4acklee1cxfe.xn--p1ai/index.html
xn--80ajb4acklee1cxfe.xn--p1ai/proekt.html
xn--80ajb4acklee1cxfe.xn--p1ai/res/swfobject.js
xn--80ajb4acklee1cxfe.xn--p1ai/res/x5cartengine.js

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 09:39:56 am
Code: [Select]
http://white-ravens.com/
http://white-ravens.com/index.php?option=com_content&view=article&id=57:boeing-767-300-leve-d&catid=34:demo-content
http://white-ravens.com/index.php?option=com_content&view=article&id=58:boeing-747-800-pmdg&catid=34:demo-content
http://white-ravens.com/index.php?option=com_content&view=article&id=59:boeing-747-400-pmdg&catid=34:demo-content
http://white-ravens.com/index.php?option=com_content&view=article&id=60:boeing-737-800-pmdg&catid=34:demo-content
http://white-ravens.com/index.php?option=com_content&view=article&id=66&catid=38
http://white-ravens.com/index.php?option=com_content&view=article&id=70&Itemid=53
http://white-ravens.com/index.php?option=com_content&view=article&id=74&Itemid=88
http://white-ravens.com/index.php?option=com_content&view=category&layout=blog&id=1&Itemid=69
http://white-ravens.com/index.php?option=com_content&view=frontpage&Itemid=61
http://white-ravens.com/index.php?option=com_content&view=frontpage&Itemid=78
http://white-ravens.com/index.php?option=com_content&view=section&id=3&Itemid=66
http://white-ravens.com/index.php?option=com_newsfeeds&view=categories&Itemid=68
http://white-ravens.com/index.php?option=com_user&view=remind
http://white-ravens.com/index.php?option=com_user&view=reset
http://white-ravens.com/media/system/js/caption.js
http://white-ravens.com/media/system/js/mootools.js
http://white-ravens.com/modules/mod_gk_tab/scripts/engine_compress.js
http://white-ravens.com/modules/mod_news_pro_gk1/scripts/engine_standard_compressed.js
http://white-ravens.com/templates/gk_coolfoto/lib/scripts/gk_image_show.js
http://white-ravens.com/templates/gk_coolfoto/lib/scripts/template_scripts.js

HEUR:Trojan.Script.Generic
Trojan-Downloader.JS.JScript.ak
Trojan-Downloader.JS.JScript.av
Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 10:33:06 am
Code: [Select]
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/jquery-1.3.2.min.js
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/media/system/js/mootools.js
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/plugins/system/modalizer/modals/colorbox/jquery.colorbox-min.js
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/plugins/system/modalizer/modals/jquery.min.js
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/zoom/zoom/zoom.js
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=20
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=25
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=30
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=35
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=40
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=45
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=5
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=104:-2011&catid=3:2011-06-17-06-34-47&Itemid=9
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=141:2011-11-23-19-20-57&catid=3:2011-06-17-06-34-47&Itemid=9
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=179:-q-q
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=180:-2011-
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=184:-qq-
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=188:2012-02-23-07-16-10
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=189:22-
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=190:2012-02-26-05-06-22
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=193:pozdravlenie-s-8-marta
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=194:nashi-potencialnye-soperniki-na-olimpiade-vostokzapad
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=195:15go-marta-sostojalis-baklanovskie-sostjazanija-plastun-v-gorodegeroe-volgograde
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=196:reportazh-v-volgapresse
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=197:2012-03-20-10-36-43&catid=3:2011-06-17-06-34-47&Itemid=9
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=198:2012-03-22-23-10-14
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=199:sostav-sbornoj-komandy-na-olimpiadu-vostokzapad
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=200:2012-03-28-16-29-32
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=201:pozdravljaem-kotenjova-s-zasluzhennoj-nagradoj
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=2&Itemid=2
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=22&Itemid=10
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=23&Itemid=11
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=3&Itemid=3
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=4&Itemid=4
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=5&Itemid=5
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=6&Itemid=6
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=7&Itemid=7
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=8&Itemid=8
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=category&layout=blog&id=1&Itemid=13
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=category&layout=blog&id=3&Itemid=9
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_xmap&sitemap=1

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 11:28:40 am
Code: [Select]
http://xn----7sboorocikaf8a1c.xn--p1ai/
http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/ja.ddmod.js
http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/ja.script.js
http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/menu/css.js
xn----7sboorocikaf8a1c.xn--p1ai/media/system/js/caption.js
xn----7sboorocikaf8a1c.xn--p1ai/#Top
xn----7sboorocikaf8a1c.xn--p1ai/index.php
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=13&Itemid=20
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=14&Itemid=19
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=16&Itemid=23
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=19&Itemid=10
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=29&Itemid=18
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=31&Itemid=24
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=10&Itemid=25
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=3&Itemid=15
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=4&Itemid=16
xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=5&Itemid=17
xn----7sboorocikaf8a1c.xn--p1ai/index.php?view=article&catid=3:2011-06-01-19-22-24&id=15:2011-06-01-19-23-32&tmpl=component&print=1&layout=default&page=

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 12:02:16 pm
Code: [Select]
xn------5cdaabkdeummgvtjc3gpfha6ap.xn--p1ai
HEUR:Trojan.Script.Generic
Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 16, 2012, 04:57:00 am
Code: [Select]
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/js/jquery.pixelentity.kenburnsSlider.min.js
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai//mc.yandex.ru/metrika/watch.js
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai//mc.yandex.ru/watch/12758911
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=10
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=12
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=13
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=14
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=15
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=16
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=2
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=3
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=4
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=6
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=8

Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 16, 2012, 09:59:32 pm
Code: [Select]
http://www.blue-events.pl/
http://www.blue-events.pl/galeria/
http://www.blue-events.pl/kontakt/
http://www.blue-events.pl/oferta/
http://www.blue-events.pl/o-nas/
http://www.blue-events.pl/wp-includes/js/l10n.js?ver=20101110

Trojan-Downloader.JS.Iframe.cvd

Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 17, 2012, 05:22:53 am
Code: [Select]
http://euroinkaso.pl/
http://euroinkaso.pl/libs/jquery/jquery.tools.min.js
http://euroinkaso.pl/libs/jquery/lightbox/js/jquery.lightbox-0.5.js
http://euroinkaso.pl/12/windykacja/prewencja
http://euroinkaso.pl/19/finanse/faktoring
http://euroinkaso.pl/2
http://euroinkaso.pl/3
http://euroinkaso.pl/aktualnosci
http://euroinkaso.pl/aktualnosci/25
http://euroinkaso.pl/aktualnosci/26
http://euroinkaso.pl/inwigilacja
http://euroinkaso.pl/kontakt
http://euroinkaso.pl/libs/SWFObject/swfobject.js
http://euroinkaso.pl/mapa-serwisu
http://euroinkaso.pl/pliki-do-pobrania
http://euroinkaso.pl/referencje
http://euroinkaso.pl/uslugi-detektywistyczne

Trojan-Downloader.JS.Iframe.cvd

http://128.111.48.236/view.php?hash=38d41246a2756e33cab9c3a580899c1b&t=1334639551&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 17, 2012, 07:39:00 pm
MW-Link

Code: [Select]
campari.shinsengumi-subs.info/tooltip.js
https://www.virustotal.com/url/8304cf64f7290e78df8bb65b20ebd396cc65bd8f09e34d664be96bda18306fa2/analysis/1334689338/

seems not to exist anymore

http://www.profitux.cz/errors/404.htm

hoster Profitux seems to care...But obviously not enough, because as seen here:

Code: [Select]
http://campari.shinsengumi-subs.info/mylist.htm (Caution:  Trojan-Downloader.JS.Pegel.e)

still exists. Just follow the Network Activity and Redirects:

http://128.111.48.236/view.php?hash=0293673369a10630fc73318a3ce161c3&t=1334689079&type=js

So all in all someone considered to classify

Code: [Select]
campari.shinsengumi-subs.info/tooltip.js
as malicious, but instead forgot to check the redirect,

Code: [Select]
http://campari.shinsengumi-subs.info/mylist.js
who is indeed the real malicious one. That might be ONE reason however, how a false/positive „could“ be generated... However, noones perfect, especially no bytes

http://128.111.48.236/domain.php?hash=78aa59a1a5223fd836c6e0c1570b3129&type=js

Trojan-Downloader.JS.Pegel.e
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 18, 2012, 09:43:57 am
In addition to:

Code: [Select]
http://download2.100limiterodas.com.br/
https://www.virustotal.com/url/d2166bbca5d42706763eed3d41aa09ab8011315fb18c86e14ae5eed4a04cd97d/analysis/1334741953/

see also:

Code: [Select]
http://100limiterodas.com.br/
http://construtorarh.com.br/

https://www.virustotal.com/url/7c36519cf31982531b403a232078f32e6f96255e16b229a46ae6aba06e627a25/analysis/1334741674/
https://www.virustotal.com/url/e6786c3ceb798b6c6df96e949143aae11596bb54aa3c4513ad2e7866875a7e7f/analysis/1334741856/

Trojan.Win32.Jorik.Vobfus.aqmx
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 07:42:49 am
Code: [Select]
http://down.feel2day.com/newmain/webmain/nfdinstall.exe
https://www.virustotal.com/url/f2a85e01dbdab0781ad6a37e376d1dc895f020b8cb03247c59c1420496afe305/analysis/1334752685/
https://www.virustotal.com/file/45d34bc29f82d26ff62859fc37e93e004d78083929a7b9f79cc4dea156ba049e/analysis/1334752693/

Trojan.Win32.Genome.aespr
Adware:Win32/Funpop
NSIS:Downloader-DJ [Trj]
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:19:57 am
Code: [Select]
http://down.neoprotect.com/neopuninst.exe
https://www.virustotal.com/url/e194d5a5c275bb074f969c4912a7e1792f340aa48a8176b58874f6fe1bd34cbd/analysis/1334826502/
https://www.virustotal.com/file/a04f7902085952c25baaa411e2be27370a92548f1840dec2dac0c3940b1a43f0/analysis/1334826506/

Adware/Aprotect.B.9
Trojan-Downloader.Agent!IK
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:28:01 am
Code: [Select]
http://down.pcgkimi.com/install/home/PcGkimi_setup.exe
Adware/Kraddare.AT.138
Gen:Variant.Graftor.873
TROJ_GEN.F4AC8J5
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:56:21 am
Code: [Select]
http://up1.anygray.com/setupFiles/AnyGraySetup%20WebBeta1.0.0.0.exe
Heuristic.BehavesLike.Win32.Fake.O

https://www.virustotal.com/file/ac539d9b920a025ca9a2db563d5fd992c1fc5859961d23303eb6879b58503e83/analysis/1334828731/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 11:38:23 am
Code: [Select]
http://up1.one-clean.com/Install/OneClean/OneClean_Setup.exe
Downloader.Generic10.AFJG
Artemis!73B75B2EE08E
a variant of Win32/TrojanDownloader.Small.OZA


https://www.virustotal.com/url/186ae8a0cfa6971a3b748e303a1157d72d0c4377e42a8601970b0938472084a7/analysis/1334834748/
https://www.virustotal.com/file/05250bf48aa352c9a57bae02939516582042b417fdd820ca501a6f84738d353f/analysis/1334834753/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 07:09:43 pm
Code: [Select]
http://wats.ch/
http://www.wats.ch/

Trojan.JS.Iframe.aai
JS/iFrame.bbn


http://128.111.48.236/view.php?hash=e7cb5b0a7f1c0f6c440696654259479e&t=1334861913&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 20, 2012, 08:35:32 am
Code: [Select]
http://www.puretonefitness.co.uk/
http://www.puretonefitness.co.uk/about-me-3/
http://www.puretonefitness.co.uk/contact-me/
http://www.puretonefitness.co.uk/fitness-challenge/
http://www.puretonefitness.co.uk/personal-training-bristol/
http://www.puretonefitness.co.uk/personal-training-forms/
http://www.puretonefitness.co.uk/prices/
http://www.puretonefitness.co.uk/service/
http://www.puretonefitness.co.uk/site-map/
http://www.puretonefitness.co.uk/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
http://www.puretonefitness.co.uk/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/cufon.js
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/fonts/ColaborateLight.js
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/functions.js?ver=3.1.3
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.kwicks.min.js?ver=3.1.3
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.nivo.slider.pack.js?ver=3.1.3
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.prettyPhoto.js?ver=3.1.3
http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.tools.tabs.min.js?ver=3.1.3
http://www.puretonefitness.co.uk/wp-includes/js/jquery/jquery.js?ver=1.4.4
http://www.puretonefitness.co.uk/wp-includes/js/l10n.js?ver=20101110

Trojan-Downloader.JS.Agent.gnk
Trojan.JS.Agent.EXP
Trojan:JS/Alescurf.D
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 20, 2012, 09:22:18 pm
Code: [Select]
http://www.30days.gr
http://www.30days.gr/
http://www.30days.gr/index.php/13siethnespanoramaanexartitondhmiourgonkinhmatografouekth15161718dekemvriou/
http://www.30days.gr/index.php/about-us/
http://www.30days.gr/index.php/animasyrosopenhouse100pureanimationkaisththessalonikistis28ianoyarioy/
http://www.30days.gr/index.php/animasyrosopenhouse100pureanimationkaisththessalonikistis28ianoyarioy/#commentspost
http://www.30days.gr/index.php/animation_diethnes_festival_foroum_kinoumenonsxedion_animasyros4/
http://www.30days.gr/index.php/anyshxei_eidikoys_okeanos/
http://www.30days.gr/index.php/author/admin/
http://www.30days.gr/index.php/category/%ce%b1%cf%84%ce%b1%ce%be%ce%b9%ce%bd%cf%8c%ce%bc%ce%b7%cf%84%ce%b1/
http://www.30days.gr/index.php/category/%ce%b4/
http://www.30days.gr/index.php/category/%ce%b5/
http://www.30days.gr/index.php/category/%ce%b6/
http://www.30days.gr/index.php/category/%ce%b7/
http://www.30days.gr/index.php/category/%ce%b8/
http://www.30days.gr/index.php/category/%ce%b9/
http://www.30days.gr/index.php/category/%ce%bb/
http://www.30days.gr/index.php/category/%ce%bc/
http://www.30days.gr/index.php/category/%ce%bd/
http://www.30days.gr/index.php/category/%ce%be/
http://www.30days.gr/index.php/category/%ce%bf/
http://www.30days.gr/index.php/category/%cf%80/
http://www.30days.gr/index.php/category/%cf%81/
http://www.30days.gr/index.php/category/%cf%83/
http://www.30days.gr/index.php/category/%cf%84/
http://www.30days.gr/index.php/category/%cf%85/
http://www.30days.gr/index.php/category/%cf%86/
http://www.30days.gr/index.php/category/%cf%87/
http://www.30days.gr/index.php/category/%cf%88/
http://www.30days.gr/index.php/category/%cf%89/
http://www.30days.gr/index.php/category/a/
http://www.30days.gr/index.php/category/b/
http://www.30days.gr/index.php/category/business/
http://www.30days.gr/index.php/category/business/%ce%b3/
http://www.30days.gr/index.php/category/business/%ce%ba/
http://www.30days.gr/index.php/category/business/accessories/
http://www.30days.gr/index.php/category/business/advertisement-companies/
http://www.30days.gr/index.php/category/business/aesthetics/
http://www.30days.gr/index.php/category/business/aesthetics/manicure-penticure/
http://www.30days.gr/index.php/category/business/architects/
http://www.30days.gr/index.php/category/business/awninngs/
http://www.30days.gr/index.php/category/business/bakeries/
http://www.30days.gr/index.php/category/business/bathroom-equipment/
http://www.30days.gr/index.php/category/business/biological-ecological-products/
http://www.30days.gr/index.php/category/business/book-stores/
http://www.30days.gr/index.php/category/business/cafe-bar/
http://www.30days.gr/index.php/category/business/cardiologists/
http://www.30days.gr/index.php/category/business/car-services/
http://www.30days.gr/index.php/category/business/car-services/buysell-cars/
http://www.30days.gr/index.php/category/business/car-services/car-alarms-music-players/
http://www.30days.gr/index.php/category/business/car-services/car-cleaners-washers/
http://www.30days.gr/index.php/category/business/car-services/car-painters/
http://www.30days.gr/index.php/category/business/car-services/car-resellers/
http://www.30days.gr/index.php/category/business/car-services/car-suspensions/
http://www.30days.gr/index.php/category/business/car-services/car-technical-check/
http://www.30days.gr/index.php/category/business/car-services/gas-stations-oil/
http://www.30days.gr/index.php/category/business/car-services/voulkan/
http://www.30days.gr/index.php/category/business/catering/
http://www.30days.gr/index.php/category/business/cleaning-services/
http://www.30days.gr/index.php/category/business/clothes/
http://www.30days.gr/index.php/category/business/clothes/babies-children/
http://www.30days.gr/index.php/category/business/clothes/couturiers/
http://www.30days.gr/index.php/category/business/clothes/leather-accessories/
http://www.30days.gr/index.php/category/business/clothes/woman-clothes/
http://www.30days.gr/index.php/category/business/colours/
http://www.30days.gr/index.php/category/business/computers/
http://www.30days.gr/index.php/category/business/curtains/
http://www.30days.gr/index.php/category/business/dancing-school/
http://www.30days.gr/index.php/category/business/dentist/
http://www.30days.gr/index.php/category/business/dermatologists/
http://www.30days.gr/index.php/category/business/diet-doctors/
http://www.30days.gr/index.php/category/business/doctors-doctors-business/
http://www.30days.gr/index.php/category/business/doctors-doctors-business-business/
http://www.30days.gr/index.php/category/business/dostors/
http://www.30days.gr/index.php/category/business/education/
http://www.30days.gr/index.php/category/business/education/centres-of-foreigner-languages/
http://www.30days.gr/index.php/category/business/education/tuition-centres/
http://www.30days.gr/index.php/category/business/electricians/
http://www.30days.gr/index.php/category/business/electric-machines/
http://www.30days.gr/index.php/category/business/electric-machines/services/
http://www.30days.gr/index.php/category/business/elevators-lifts/
http://www.30days.gr/index.php/category/business/energy/
http://www.30days.gr/index.php/category/business/event-rooms/
http://www.30days.gr/index.php/category/business/flower-shops/
http://www.30days.gr/index.php/category/business/funeral-offices/
http://www.30days.gr/index.php/category/business/furniture/
http://www.30days.gr/index.php/category/business/furniture/children-furniture/
http://www.30days.gr/index.php/category/business/furniture/home-furniture/
http://www.30days.gr/index.php/category/business/furniture/kitchen-furniture/
http://www.30days.gr/index.php/category/business/garden/
http://www.30days.gr/index.php/category/business/garden/flower-shop/
http://www.30days.gr/index.php/category/business/garden/garden-shop/
http://www.30days.gr/index.php/category/business/gastroenterologists/
http://www.30days.gr/index.php/category/business/general-practitioners/
http://www.30days.gr/index.php/category/business/gifts/
http://www.30days.gr/index.php/category/business/graphic-design/
http://www.30days.gr/index.php/category/business/gym/
http://www.30days.gr/index.php/category/business/gynecologic/
http://www.30days.gr/index.php/category/business/hairdressers/
http://www.30days.gr/index.php/category/business/heating/
http://www.30days.gr/index.php/category/business/hospitals-health-center/
http://www.30days.gr/index.php/category/business/insurance-companies/
http://www.30days.gr/index.php/category/business/kindergartens/
http://www.30days.gr/index.php/category/business/lawyers/
http://www.30days.gr/index.php/category/business/medical-instruments/
http://www.30days.gr/index.php/category/business/microbiologists/
http://www.30days.gr/index.php/category/business/motorcycle/
http://www.30days.gr/index.php/category/business/neurologists/
http://www.30days.gr/index.php/category/business/obstructions/
http://www.30days.gr/index.php/category/business/oculist/
http://www.30days.gr/index.php/category/business/oncologist/
http://www.30days.gr/index.php/category/business/opticians/
http://www.30days.gr/index.php/category/business/orthopedic/
http://www.30days.gr/index.php/category/business/pastry-shop/
http://www.30days.gr/index.php/category/business/pediatricians/
http://www.30days.gr/index.php/category/business/phsycologist/
http://www.30days.gr/index.php/category/business/plastic-surgeons/
http://www.30days.gr/index.php/category/business/professional-equipment-provider/
http://www.30days.gr/index.php/category/business/psychiatric/
http://www.30days.gr/index.php/category/business/rebuilding/
http://www.30days.gr/index.php/category/business/recycling/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/grill/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/ouzo-tavern/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/pizza/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/restaurant/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/tavern/
http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/titbits-shop/
http://www.30days.gr/index.php/category/business/satellite-systems/
http://www.30days.gr/index.php/category/business/sign/
http://www.30days.gr/index.php/category/business/sound-and-optical-systems/
http://www.30days.gr/index.php/category/business/sports/
http://www.30days.gr/index.php/category/business/travel-equipment/
http://www.30days.gr/index.php/category/business/vet/
http://www.30days.gr/index.php/category/business/video-club/
http://www.30days.gr/index.php/category/business/wedding-baptism/
http://www.30days.gr/index.php/category/ecology/
http://www.30days.gr/index.php/category/entertainment/
http://www.30days.gr/index.php/category/entertainment/books/
http://www.30days.gr/index.php/category/entertainment/cinema/
http://www.30days.gr/index.php/category/entertainment/cinema/feed/
http://www.30days.gr/index.php/category/entertainment/cinema/new-dvd-releashes/
http://www.30days.gr/index.php/category/entertainment/music/
http://www.30days.gr/index.php/category/entertainment/music/feed/
http://www.30days.gr/index.php/category/entertainment/theater/
http://www.30days.gr/index.php/category/entertainment/tv-news/
http://www.30days.gr/index.php/category/featured/
http://www.30days.gr/index.php/category/health/
http://www.30days.gr/index.php/category/health/diet/
http://www.30days.gr/index.php/category/health/doctors/
http://www.30days.gr/index.php/category/health/fitness/
http://www.30days.gr/index.php/category/health/health-general/
http://www.30days.gr/index.php/category/health/psychology/
http://www.30days.gr/index.php/category/news/
http://www.30days.gr/index.php/category/news/feed/
http://www.30days.gr/index.php/category/news/greece/
http://www.30days.gr/index.php/category/news/technology/
http://www.30days.gr/index.php/category/news/weird/
http://www.30days.gr/index.php/category/news/world/
http://www.30days.gr/index.php/category/recipes/
http://www.30days.gr/index.php/category/recipes/feed/
http://www.30days.gr/index.php/category/recipes/tips/
http://www.30days.gr/index.php/contact/
http://www.30days.gr/index.php/efyge_mixalhs_kakogiannhs/
http://www.30days.gr/index.php/eidos_pros_eksafanish_h_sokolata/
http://www.30days.gr/index.php/exoikonomisi_nerou/
http://www.30days.gr/index.php/fotovoltaika_adeia_paragogis_deftero_megalytero_parko_ellad/
http://www.30days.gr/index.php/giati_xrhsimopoioume_bologika_proionta/
http://www.30days.gr/index.php/h_kampania_megalou_kanaliou_apespase_akoma_diakrish/
http://www.30days.gr/index.php/hmtstikh_synfonia_arvyla/
http://www.30days.gr/index.php/ipopsiofiuothtes-gia-tis-xryses-sfaires/
http://www.30days.gr/index.php/masterchefii_agnosto_poios_paroysiazei/
http://www.30days.gr/index.php/meli_ygros_xrysos/
http://www.30days.gr/index.php/melomakarona/
http://www.30days.gr/index.php/nekrh_vrethike_diamerisma_eimy_gouainxaouz/
http://www.30days.gr/index.php/neoalbum_mus/
http://www.30days.gr/index.php/noikiaste_aftokinito_draxmes/
http://www.30days.gr/index.php/oijames_live_sththessaloniki_stis04-10-2011_stoivanofeio_ghpedo_mpasket_hraklh/
http://www.30days.gr/index.php/oiredhotchilipeppersgiaprothforasthnellada/
http://www.30days.gr/index.php/onemo_xanei_akoh/
http://www.30days.gr/index.php/oscar2012oimegaloinikhtes/
http://www.30days.gr/index.php/oscar2012oimegaloinikhtes/#commentspost
http://www.30days.gr/index.php/oyanntiersen_epistrefei_sthn_ellada/
http://www.30days.gr/index.php/paella/
http://www.30days.gr/index.php/paizontas_pisina_asfaleia/
http://www.30days.gr/index.php/panselinos_meta_mousikhs/
http://www.30days.gr/index.php/pethane_oidryths_ths_apple_steve_jobs/
http://www.30days.gr/index.php/pethaneoskinothetisthodorosaggelopoulosapotroxaio/
http://www.30days.gr/index.php/pethaneoskinothetisthodorosaggelopoulosapotroxaio/#commentspost
http://www.30days.gr/index.php/rockwavefestival2012/
http://www.30days.gr/index.php/sigisehfonhtoydimitrimitropanoyftoxoterhhellhnikhmousikiskhnh/
http://www.30days.gr/index.php/sigisehfonhtoydimitrimitropanoyftoxoterhhellhnikhmousikiskhnh/#commentspost
http://www.30days.gr/index.php/staskarianeoshrialtoygiorgoukapoutzidh/
http://www.30days.gr/index.php/stin_kriti_hamerikanikh_ekpompi_thecookingodysse/
http://www.30days.gr/index.php/ta_athlimata_kalokairiou/
http://www.30days.gr/index.php/tamcdonaldsallaxantaxampourgermetaapopieseistoyjamie-oliver/
http://www.30days.gr/index.php/tamcdonaldsallaxantaxampourgermetaapopieseistoyjamie-oliver/#commentspost
http://www.30days.gr/index.php/tospitakitainiaupzontanevei/
http://www.30days.gr/index.php/toxoriotouaivasili_gia3hxronia_stomylo/
http://www.30days.gr/index.php/vasilopita/
http://www.30days.gr/index.php/xristougenniatikampiskotameglaso/
http://www.30days.gr/index.php/xrysessfaires2012/
http://www.30days.gr/index.php/xrysessfaires2012/#commentspost
http://www.30days.gr/wp-content/plugins/1-flash-gallery/js/gallery/photoGallery.js?ver=3.3.1
http://www.30days.gr/wp-content/plugins/1-flash-gallery/js/swfhelper.js?ver=3.3.1
http://www.30days.gr/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
http://www.30days.gr/wp-content/plugins/contact-form-7/scripts.js?ver=3.0.2.1
http://www.30days.gr/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.2
http://www.30days.gr/wp-content/plugins/sexybookmarks/js/sexy-bookmarks-public.min.js?ver=4.0.6.4
http://www.30days.gr/wp-content/plugins/sexybookmarks/js/shareaholic-perf.min.js?ver=4.0.6.4
http://www.30days.gr/wp-content/themes/manifesto/js/dropdown.js
http://www.30days.gr/wp-content/themes/manifesto/js/loopedslider.min.js
http://www.30days.gr/wp-content/themes/manifesto/js/simpletabs.js
http://www.30days.gr/wp-includes/js/jquery/jquery.js?ver=1.7.1
http://www.30days.gr/wp-includes/js/swfobject.js?ver=2.2
http://www.30days.gr/wp-includes/js/thickbox/thickbox.js?ver=3.1-20111117


Trojan-Downloader.JS.Agent.gnk
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 08:21:12 am
Code: [Select]
http://www.resolucion-9298.com.ar/usuarios/index_user.asp
Trojan-Downloader.JS.Agent.gkb

http://128.111.48.236/view.php?hash=263daabe332bc6e458bdf019e10ff8bb&t=1334996167&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 08:35:59 am
Code: [Select]
http://down.nurungzi.co.kr/main/webmain/sinnrz.exe
Trojan-Downloader.Win32.Adload.cezb

https://www.virustotal.com/url/7966b3c419f47d84e0250f976ff2a0691fb6428cb621bf864c74bf55411ad6fe/analysis/1334997158/
https://www.virustotal.com/file/02c2dbbd53b3c1d4e10fcb9c673cb98943097386b22aa2228276491f497254b1/analysis/1334997167/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 09:55:55 am
Code: [Select]
http://www.alivegames.net/files/reflexive/LittleShopOfTreasuresSetup.exe
Trojan.Win32.Generic.124210FE
Trojan.DL.Agent!ojCmqAnPfTU


https://www.virustotal.com/url/ecd55a451c7f37a86e93da4106817239051019070ee51ef5ddf41514f1317292/analysis/1335001690/
https://www.virustotal.com/file/dce184d9d15246dac184c0ef11684b39fe2a72af68497bb0a285083d0c048d2a/analysis/1335001713/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:03:29 am
Code: [Select]
http://www.alivegames.net/files/StarDefenderSetup.exe
Win32.PWS.Zbot.Cc

https://www.virustotal.com/url/5df643c2caf18835cd6cd6324b0d11ff6aa73a025a26d0ad94bcee74a5a60324/analysis/1335002400/
https://www.virustotal.com/file/551a7127996689a1af124a34885298d294e58a9a493b7ba87eb0cc48da33b1bb/analysis/1335002402/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:14:25 am
Code: [Select]
www.alivegames.net/files/reflexive/AirStrike2Setup.exe
Backdoor.Win32.Agobot.rsp

https://www.virustotal.com/url/634e7c72942818c26f6a5bd9d2dfa3175ac906ddcde983f0fcd8e87654080a13/analysis/1335002765/
https://www.virustotal.com/file/2063a610ad6d698a402fd4c9b93fc3b9a71f54b426b2ebafb4c92f415a66cf39/analysis/1335002786/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:26:25 am
Code: [Select]
http://www.alivegames.com/files/ClashAff_13326.exe
Trojan/Gentee.a

https://www.virustotal.com/url/583785e56254bcdb55d352771957c7cb7eb845b77b4c4ab4bd96c12af87c5ab2/analysis/1335003716/
https://www.virustotal.com/file/b8b48b4f5a8127ebbd7160126844578566979e11bfd90cf3f3071ffee8207606/analysis/1335003722/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:27:40 am
Code: [Select]
http://www.alivegames.net/files/SmartReversiSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/4daf7a8cef28a5d720823ad95df1c33aca8e4599ec9be469c50301cfc7a1d9ed/analysis/1335003878/
https://www.virustotal.com/file/572fc625f5a6cfaea6504a33f9ae1fcd9407167e4c22340ebdaa59644c386249/analysis/1335003879/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:31:32 am
Code: [Select]
http://www.alivegames.net/files/SeaWarSetup.exe
Adware/Gator.3202

https://www.virustotal.com/url/5741de2369c7d6c3c20942cc9cba71aff66def09e9d97961b3897a46835ce181/analysis/1335007704/
https://www.virustotal.com/file/c558d5a8afbf4b2281e672ca1ef23b28160180e1be46656457067a9630f5562c/analysis/1335007707/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:35:13 am
Code: [Select]
www.alivegames.net/files/BombardixSetup.exe
Suspicious File (eSafe)
PUA.Packed.ASPack (ClamAV)


https://www.virustotal.com/url/568b43efb4b013c88338d13b4f9cd1a8444d28561791273df625ab11fe353aa9/analysis/1335007919/
https://www.virustotal.com/file/d80b6fb2a6a3f535a1018eefbd72932bfc28c16089a90d82a793595f01a1dff6/analysis/1335007922/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:38:48 am
Code: [Select]
http://www.alivegames.net/files/FoxJonesSetup.exe
Win32.PWS.Zbot.Cc

https://www.virustotal.com/url/484efbe7e528ce5082854328f4281fac8e3e990958babcfcaa48103cea9115aa/analysis/1335008150/
https://www.virustotal.com/file/df26d09a6bd55f80ccc4f0b805c36d9a5b6eb5dc469ad0a666d57ec2548eeac3/analysis/1335008155/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:01:46 pm
Code: [Select]
http://www.alivegames.net/files/reflexive/PlatypusSetup.exe
Trojan.Click1.28648
Trojan:Win32/Provis!rts
Trojan.Win32.Generic.124C5A5B


https://www.virustotal.com/url/23f8e1a0b983e894b6a891e98f24ae125c342b4cd8f1f2089a666256aa24f59c/analysis/1335009350/
https://www.virustotal.com/file/e925019502a5df0fc0b943e828fa02402fb05bac1fd7b71ff38013516a537eda/analysis/1335009364/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:20:39 pm
Code: [Select]
http://www.alivegames.net/files/PacBomberSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/2bb81aa123fd1fd500f283508c5813ebd5844fb16a88dede3c54131161b7a0fd/analysis/1335010447/
https://www.virustotal.com/file/3554675acd44ab3f4580d9be6307b8f9e736f9739721e8bc472c6110935d15cb/analysis/1335010450/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:28:56 pm
Code: [Select]
http://www.alivegames.net/files/LiveBilliardsSetup.exe
Adware/Gator.3202

https://www.virustotal.com/url/b21cc4cb949e9335b19f195f2e71a55e668ab23d6834c4c1ca637fc4d5ae5912/analysis/1335011119/
https://www.virustotal.com/file/8cc52810b2176919aa6fa17de0c65c8c0ea1491966fb28833c3ff3918aeeca34/analysis/1335011125/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:37:06 pm
Code: [Select]
http://www.alivegames.net/files/JuicyPuzzleSetup.exe
PUA.Packed.ASPack
Trojan.Win32.Spy!IK
Trojan.Win32.Spy


https://www.virustotal.com/url/376123d1b6deacfd74a8682a4846096b01fdb1ed2723b6a4157879bda87bf3cf/analysis/1335011400/
https://www.virustotal.com/file/a9dd68667327dc4a3ed1f2ceeb3c41e8f1526d1f2c86418689f56acc32dbc949/analysis/1335011405/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:47:13 pm
Code: [Select]
http://www.alivegames.net/files/reflexive/WonderlandSetup.exe
http://www.alivegames.net/files/reflexive/PuzzleMythSetup.exe

Trojan.Click2.14015

https://www.virustotal.com/url/98e9f9ed4ddffaa8686e071b235e1ec7b78c7b5276e1e4c92047c240143ace85/analysis/1335012180/
https://www.virustotal.com/file/166958556c4881eb3c6fbc145bc98785d5ac0b5bb42fe6d0fd6a2cea53db3ff7/analysis/1335012186/
https://www.virustotal.com/url/c51e09d7198acb37c8a4acc970d1d372a83dded27f55a1eb94fb0f73742810f7/analysis/1335012091/
https://www.virustotal.com/file/4e75ba0bf6e8dd6a802bbb0a64aa5d51b6ad7b6cd01fb5bb4774286d27d46813/analysis/1335012096/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:48:27 pm
Code: [Select]
http://www.alivegames.net/files/reflexive/SuperCollapsePuzzleSetup.exe
Win32/Heur (AVG)

https://www.virustotal.com/url/e157be6cd08a0f3997bea89c57d50c14c7879d823d5e4437f88db55413740429/analysis/1335012132/
https://www.virustotal.com/file/bfa1f22346b1d040e888eebfcdaf18c8fc155b9e3cd901264448f91a8d8ae3a6/analysis/1335012142/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 10:00:18 am
Code: [Select]
http://www.regnow.com/softsell/visitor.cgi?affiliate=13326&action=site&vendor=8052&ref=http://www.awem.com/files/pacboy.exe
Suspicious

http://128.111.48.236/view.php?hash=a56767818bd4addadf69ac8ac4eca2fb&t=1335088515&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 10:12:33 am
Code: [Select]
http://www.alivegames.com/files/SmartReversiSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/c95f176d84bc706f58922fde5e8cccaa80f1baaa07a8b464aeb9408a083f62bd/analysis/1335089387/
https://www.virustotal.com/file/572fc625f5a6cfaea6504a33f9ae1fcd9407167e4c22340ebdaa59644c386249/analysis/1335089389/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:02:09 am
Keylogger

Code: [Select]
http://www.award-soft.com/download/klsetup.exe
WS.Reputation.1

https://www.virustotal.com/url/557595bba1c8548e06c8143336755b49cb8fe62f7268f36eb770b535080cf2e4/analysis/1335092294/
https://www.virustotal.com/file/26942caa0852bf4521072fda92d87129b46d3ca8fd097d0912ea5a95dcf5fbb6/analysis/1335092297/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:13:06 am
Keylogger

Code: [Select]
http://www.award-soft.com/download/klproinstall.exe
Riskware.Monitor.Win32.Keylogger!IK
not-a-virus:Monitor.Win32.KeyLogger.brr
Spyware.KeyloggerPro


https://www.virustotal.com/url/7a58828bc5ef39ad4ccc098da9c7a4a47557a8e0cdaa3c20cc131e4f2c7e14d7/analysis/1335092731/
https://www.virustotal.com/file/3e020c0659e07a3c4973491662e92ac1768d7c9d561ba83535e3ac8ac94b31e3/analysis/1335092736/
http://128.111.48.236/view.php?hash=9edb6df06478319e755acb99272f6744&t=1335092713&type=js

Keylogger-64bit

Code: [Select]
http://www.award-soft.com/download/klproinstall64.exe
Keylog-AwardKey
MonitoringTool:Win64/AwardKeylogger


https://www.virustotal.com/url/006ef8504edc8120d22a41b83e6dd03ac577728347e62241d027ba32113a78b0/analysis/1335092785/
https://www.virustotal.com/file/f517f47bd72e0ce858cd7c7c710678ba91de9b5e84263aebc7b47785313f30ae/analysis/1335092795/
http://128.111.48.236/view.php?hash=4a1133bbbae4adfca7f7a33ce1d17188&t=1335092776&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:17:07 am
Keylogger

Code: [Select]
http://www.award-soft.com/download/pminstall.exe
not-a-virus:Monitor.Win32.KeyLogger.amd
Keylog-AwardPersonalMon
Spyware.KGBSpy


https://www.virustotal.com/url/3c12bb84fdc2b365168c6e367898bfff1c5fa33f50a250538aaf9482995021cc/analysis/1335093228/
https://www.virustotal.com/file/9fdd5141b7856f6a79eabfcc8c58cb6409c018f9e6c36518567676324fc0e072/analysis/1335093233/
http://128.111.48.236/view.php?hash=059f1323a2384ba28693def5a6dc0564&t=1335093218&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 23, 2012, 07:40:38 am
Code: [Select]
http://minecraft.filecook.com/
redirects ---> to

Code: [Select]
http://download.filecook.com/download3.php?n=MineCraft_v1_0.exe
TR/Dldr.NoAsk.A
Win32:PUP-gen [PUP]
unknown virus Win32/DH.FF8801A5{00000000-00000020-00804002-00000000}
TrojanDownloader.Generic.ujc
Artemis!90DA2A390057
Win32/TrojanDownloader.Agent.REE
Posible_Worm32
suspected of Trojan.Downloader.gen.h
Trojan.Win32.Generic.pak!cobra


http://128.111.48.236/view.php?hash=423978e5f1a76e4cd7904478cbdddf04&t=1335165961&type=js
http://anubis.iseclab.org/?action=result&task_id=1d2dfb0f53a0d1ba4112afbb0b06cbc5a
https://www.virustotal.com/url/2d02070da1fef3c1ad275d14438cb187fbc0ba8a39008df79b5801279d25d30b/analysis/1335166008/
https://www.virustotal.com/url/637cc8b01e12a8101bda9c57f296b04c2e9e3baf56e60943b75d8cf01ddbb11b/analysis/1335166096/
https://www.virustotal.com/file/255aead7d27bb8fa658d7ab3f3a5660856c719b7700a0cce22a9fd387a7ed354/analysis/1335166322/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 25, 2012, 12:37:06 pm
Code: [Select]
www.axito.com/Crossloop.exe
not-a-virus:RemoteAdmin.Win32.WinVNC.gc

https://www.virustotal.com/url/7ef798b7748edf66c78fc9a36bb9bb88889bff1a1b071a7585c5975e23b97437/analysis/1335353869/
https://www.virustotal.com/file/6a47e7e254a43b12bcefcb4e7084bb81dff67bf5005845c3b7754997dcf83fb7/analysis/1335353876/
http://128.111.48.236/view.php?hash=e47d3f4c02864da7d6eaa5eafc48334e&t=1335353898&type=js

Code: [Select]
www.axito.com/Download/7z465.exe
Additional (potential) malware:
http://128.111.48.236/view.php?hash=93667b440b564f948d7f3d98e67815de&t=1335354198&type=js
http://anubis.iseclab.org/?action=result&task_id=14c55162fd45b9f3431ce4c72da82ed8e

Code: [Select]
http://www.axito.com/Download/PSsetup.exe
Additional (potential) malware:
http://128.111.48.236/view.php?hash=07cd3353725a0da9cf001d659f213da4&t=1335355261&type=js
http://anubis.iseclab.org/?action=result&task_id=11ce1ae4abdfff29439c6a78564ca8131

Code: [Select]
www.axito.com/Download/wrar380nl.exe
Heur.Packed.Unknown
Win32.Banker


https://www.virustotal.com/url/f4272126e53e66749312fde7684ba3e00928e8446b73837c93725dc3b3664f16/analysis/1335356787/
https://www.virustotal.com/file/f3b70721fce7947eac8af44ebca3795f2a913c561862449452bacc99061a5374/analysis/1335356792/
http://128.111.48.236/view.php?hash=d8142be54d940ea6afd38550ebeb7750&t=1335356738&type=js
http://anubis.iseclab.org/?action=result&task_id=16f2fb83feff1ba74c179eb2dc91a0518

Title: Re: Honeypots forgotten Links...
Post by: dlipman on April 25, 2012, 12:54:50 pm
Code: [Select]
www.axito.com/Download/wrar380nl.exe

WinRAR from 2008, False Positives

Code: [Select]
www.axito.com/Download/7z465.exe

7-Zip 4.65 from 2009,  False Positives

Code: [Select]
http://www.axito.com/Download/PSsetup.exe

This too appears to be a False Positive for a possible PostScript print driver or some other form.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 26, 2012, 10:10:52 am
Code: [Select]
http://www.2shared.com/file/10073685/81fbf320/AionKtz_125English.html
http://dc104.2shared.com/download/1LAUZdY8/AionKtz_125English.rar?tsid=20120426-092139-995279e7

TR/PSW.Magania.clza
PSW.OnlineGames3.BDHX
Trojan.Generic.3283892


https://www.virustotal.com/file/62be6a141f487435647165ae94724d8c2b391fdc922565002214c1f5c109792e/analysis/1335432391/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126English.rar
http://www.2shared.com/file/10541005/f0cb2672/AionKtz_126English.html

Win32:Malware-gen
HEUR:Trojan.Win32.Generic
VirTool:Win32/Obfuscator.XZ

https://www.virustotal.com/url/cc234718262f5d6e01e8e5ec6fbde52f1a8b3589c49e77aa2b99e261d24ee7bb/analysis/1335432561/
https://www.virustotal.com/file/76596f36f5676d4c0179ba19c8aa4e3f17aff7b4bdba8ac89d7c03f836926ff3/analysis/1335432564/

Code: [Select]
http://www.2shared.com/file/10296534/d2684b7c/AionKtz_RURussia102rar.html
PSW.OnlineGames3.BDHX
Artemis!F7FB32F5F9C7
Trojan/Magania.clza


https://www.virustotal.com/file/4c362d9d68229e67f214a09ef5bf9405e485533645289755e6ba5e6b44cfc5eb/analysis/1335433853/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126French.rar
PSW.OnlineGames3.BDHX
Backdoor.Win32.Agent.bfop
VirTool:Win32/Obfuscator.XZ


https://www.virustotal.com/url/17d7f0902420b72089212fa98d6d010e07145c0a204e6b0619d3ea65d7904a80/analysis/1335434111/
https://www.virustotal.com/file/9316ef38d2250bf931496aa2977d82be1745abb746de15abf99d6652bb54d8ed/analysis/1335434114/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126Swedish.rar
HEUR:Trojan.Win32.Generic
Trojan.Generic.3283892
Trojan/Magania.clza


https://www.virustotal.com/url/c0d9bc330bfcbaaf51a020478cb920248a6dc0d2d86f8ed8dc3817e60a9026bc/analysis/1335434465/
https://www.virustotal.com/file/3d34742828931f39b174c78b139dc46ff4a83cbb9287a4fd76f9cb7b10d6f92f/analysis/1335434470/

Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 26, 2012, 10:44:12 am
Code: [Select]
http://rapidshare.com/files/162927456/Data_Unpacker.rar
TrojanDropper.Agent.vcc

https://www.virustotal.com/file/77d9db1b8065280efd73360c91611fdbd8f4a0116ee1aa4d518745e6ef184b4b/analysis/1335436708/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 30, 2012, 12:07:45 pm
Code: [Select]
http://i.cr3ation.co.uk/dl/s1/exe/7278.spkd.www.ariap30.com.exe
Code: [Select]
http://archivosrecuperar.com/free-download/7278.spkd.www.ariap30.com.exe?c=GceGAUINoQ0qyJeIQ1af6kqv98ZmMAnIWp6hkvEgF6C9VsQb44zHKGcNe2s4q3bAhIADAtD3vepZCicWK8uHXw%3D%3D
HackTool.Win32.KeyFinder.b

https://www.virustotal.com/file/6b6e94c4e6e619f8cb2076a06e62564450adc5ccde982ba9c5ddc966bc8cc83f/analysis/1335787692/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 03, 2012, 05:01:26 pm
Code: [Select]
http://fc.yesnet.yk.ca/ClientDownloads/FC9106US.EXE
Additional (potential) malware:

http://wepawet.iseclab.org/view.php?hash=b6f951a83e4024720f657ccf5ec8c9c5&t=1336063011&type=js
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 03, 2012, 08:00:22 pm
Code: [Select]
http://fc.yesnet.yk.ca/ClientDownloads/FC9106US.EXE
Additional (potential) malware:

http://wepawet.iseclab.org/view.php?hash=b6f951a83e4024720f657ccf5ec8c9c5&t=1336063011&type=js

Yukon Education Student Network First Class client software.

NOT malware!
Title: Re: Honeypots forgotten Links...
Post by: Amishrabbit on May 04, 2012, 12:27:06 am
Where do you come up with these links, GaryDee?
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 04, 2012, 02:16:15 am
I don't know, does he posted *any* link to real malware for all this time?
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:03:03 pm
Code: [Select]
http://www.asfreeware.ru/InfoStart.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/edf281213f9135b87f6330e7ae735938a8519bf95123a863516fc486f7945dfe/analysis/1336150710/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:07:05 pm
Code: [Select]
http://www.asfreeware.ru/Sovetnik.zip
Heuristic.LooksLike.Win32.Suspicious.F

https://www.virustotal.com/file/dacd03103e0a1b4d369e1c1b89baf448df98e622d7fb711ed955be41dd67a7af/analysis/1336151078/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:16:19 pm
Code: [Select]
http://www.asfreeware.ru/Memorial.zip
Heuristic.LooksLike.Win32.Suspicious.F

https://www.virustotal.com/file/c0dd35e56d1ddfe617ca5521214e1d6e9da541bfa606f55d2479878f968d0d45/analysis/1336151619/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:22:41 pm
Code: [Select]
http://www.asfreeware.ru/PriNumEx32.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/a4ccbd6c2127bb2d4ac545614ffba850fd52a16be3c832b7630fbc632186547c/analysis/1336152005/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:26:41 pm
Code: [Select]
http://www.asfreeware.ru/Prostor.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/3dd4608274f7845d23ef3e180ad6bdadf15b33ffb62133077dcb0b15c2a5cb59/analysis/1336152238/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:29:40 pm
Code: [Select]
http://www.asfreeware.ru/InfoTask.zip
Trojan-Downloader.Win32.VB.bbe

https://www.virustotal.com/url/798d1940dc49aff43e63cdce3c41b87c5af3e9d2b5527f1a639d79cf5af02e61/analysis/1336152425/
https://www.virustotal.com/file/db01ce27bd58ff85bd1ebd69e014148907ba91381e0cf26a20256421f922de38/analysis/1336152427/
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 04, 2012, 05:45:40 pm
Heuristic JUNK FILES

GaryDee:

Please concentrate on REAL malware.  Do NOT post files with mostly heuristic detections.  Unless you can post PROOF that they are acting maliciously and why.

Do post actual malware URLs;  ZBot, Ransom, ZeroAccess, FakeAlert, TDSS family, Cridex, Exploit files/code pages, the various bots (R, Qak, GAO, SD, etc). Hiloti, Randex, Harniq, etc, etc.

Please do not operate in a vacuum.

Please do communicate with fellow members and use their feedback to improve what is posted.  So far you ignore feedback and that's not the way to operate.

Please...
Quality not Quantity.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 10, 2012, 04:04:54 pm
Code: [Select]
http://www.cracks.vg/cracks/H!dden_7.1_99152.html
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 11, 2012, 10:10:47 am
Code: [Select]
http://www.cracks.vg/cracks/K-ML_v3.17.319_100639.html
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 17, 2012, 12:01:14 pm
Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 17, 2012, 12:45:49 pm
Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe

To my PM Buddy:
No matter, a IP Scanner is MALWARE, nomatter which way you turn it. The file is classified for over 6 Years as Malware to leading AVScanners. There would have been enough time to classify it as f/p or whatsoever.

BTW, Cain & Abel, is also classified by Paretologic as Malware since 2010. See

http://www.malwareblacklist.com/searchClearingHouse.php?search=net-security.org

So:first look then think, next time you write PMs. THX. Cheers.
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 17, 2012, 02:04:45 pm
IP Port Scanners are grey-ware.  You found it on a security site hosting it for use by security professionals.

They are tools that have legitimate uses but may be used maliciously.  Thus they are grey area software and not really malware and may be classified as a PUP, Tool, Hacktool, etc.

If you had a downloader or a dropper that included an IP Port Scanner and you showed how it was being used maliciously in a particular process then that would be beneficial because you would be passing on that information of the tool being used in a particular technique. 

Are you going to tell me those old archivers you posted about in late April were malware ? 
Do you remember your posting the "WinRAR from 2008" and "7-Zip 4.65 from 2009" ?
How about those UPX compressed files ?


There is so much REAL malware out there; Ransom, Bobax, ZeroAccess, FakeAlert, TDSS family, Cridex, Exploit files/code pages, the various bots (Zbot, Rbot, Qakbot, GAObot, SDbot, etc). Cutwail, Mebroot, Bredolab, Hiloti, Randex, Harniq, Sinowal, etc, etc.

Post URLs to samples of the above and not grey-ware tools, false positives and at-best heuristics.
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 17, 2012, 02:33:53 pm
Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe

To my PM Buddy:
No matter, a IP Scanner is MALWARE, nomatter which way you turn it. The file is classified for over 6 Years as Malware to leading AVScanners. There would have been enough time to classify it as f/p or whatsoever.

BTW, Cain & Abel, is also classified by Paretologic as Malware since 2010. See

http://www.malwareblacklist.com/searchClearingHouse.php?search=net-security.org

So:first look then think, next time you write PMs. THX. Cheers.

This is not malware. Maximum as it can be rated - "Hacktool" or PUA. But itself this tool is not malicious at all. You are wasting your and others time posting complete junk. If you disagree then give us please a *analysis* (not a result from fake av's considering everything as malware and skipping any real malware) to prove this file is malicious software.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 19, 2012, 01:04:14 pm
Code: [Select]
http://8.153.cc/0705/Password%20Agent.rar
Trojan.Win32.MicroFake.ba
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 19, 2012, 01:59:12 pm
Code: [Select]
http://205.196.121.158/qhm92or2r8qg/y5m992hvmfy6myx/Zynga.exe
Trojan.Win32.Jorik.Llac.ash
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 20, 2012, 03:45:46 pm
Code: [Select]
i2307.in/2012/04/08/page/2/
links from/to

Code: [Select]
http://install.secure-softwaremanager.com/installer/zcdownload/c061a9ad328c637a2d044ef0daf638c86cefde9c8845b33c39e219fa4500e8d7e1589a5693:70522e5fd1a61b0f77a4cb83a0f1ecd3?ld=1
redirects to:

Code: [Select]
http://a.cryingbabee.com/IC/GPLAppBundler78/37280/1/9ff58cab-2959-41a2-b777-c4f7c3442ece/MPLSetup.exe
code is suspicious/malicious

not-a-virus:AdWare.Win32
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 21, 2012, 05:29:27 pm
Code: [Select]
http://www.regeasycleaner.com/RegistryEasy_Lite.exe
Risky
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 23, 2012, 02:08:08 pm
Code: [Select]
http://premiumstorage.info/v54
Suspicious Adware
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 24, 2012, 11:40:46 am
Code: [Select]
http://rivia.net/Products/Friendzee/Friendzee_Setup.exe
Potential Malware
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 24, 2012, 03:11:32 pm
Code: [Select]
http://rivia.net/Products/Friendzee/Friendzee_Setup.exe
Potential Malware


Your analysis to prove "potentiality"? Maybe you will mail your Kaspersky guy for confirmation?

Actually this is installer for Windows Mobile 5 application, dated back to 2007(!).

http://rivia.net/Friendzee.aspx
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 24, 2012, 03:35:54 pm
Your analysis to prove "potentiality"? Maybe you will mail your Kaspersky guy for confirmation?

Actually this is installer for Windows Mobile 5 application, dated back to 2007(!).

http://rivia.net/Friendzee.aspx

(http://multi-av.thespykiller.co.uk/GIF/S_THUM~11.GIF)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 25, 2012, 01:20:23 pm
Code: [Select]
http://dubno-rada.rv.ua/components/com_jcomments/libraries/joomlatune/ajax.js
Trojan Script
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 25, 2012, 06:22:47 pm
Code: [Select]
http://download-soft99.info/engine/classes/js/dle_js.js

http://download-soft99.info/engine/classes/js/jquery.js

http://download-soft99.info/engine/classes/js/jqueryui.js

Trojan Scripts
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 10:34:06 am
Code: [Select]
adideco.es/wp-includes/js/l10n.js?ver=20101110
Trojan JS
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 02:37:44 pm
http://www.malwareblacklist.com/searchClearingHouse.php?search=update.boanupgrade.co.kr

Code: [Select]
http://update.boanupgrade.co.kr/bin/boanupgradeU.exe

http://update.boanupgrade.co.kr/bin/boanupgradeBK.exe

http://update.boanupgrade.co.kr/bin/boanupgrade.exe

https://www.virustotal.com/file/afc65608c1ade9bbd18f9e47111c404261be8e9bb538009ad0665f7a1efd5383/analysis/1338039907/
Trojan.Fraud

Downloads are mostly corrupted/fake, as almost every download comes differently. Although:
Suspicious

F.ex.:

https://www.virustotal.com/file/e4a5e2639ce8025419b0dfc4b00701f4f46496a1a180af46c826fc8bc449da80/analysis/1338035459/
https://www.virustotal.com/file/dd149f8e835302cbfbcd03c375e6f9241ef6ae5a16229e8a8fd15444d25df6f3/analysis/1338035956/
https://www.virustotal.com/file/afc65608c1ade9bbd18f9e47111c404261be8e9bb538009ad0665f7a1efd5383/analysis/1338040645/
https://www.virustotal.com/file/c651911f73d2315cd9558b47e0f331a73e39902b41a7f541a955a082bd8ce7c7/analysis/1338041200/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 08:22:28 pm
Code: [Select]
http://u1.minisearch.co.kr/Update64/rec.exe
Security Risk
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 27, 2012, 09:09:33 am
Code: [Select]
http://www.digsee.com/ftp/t-rec.exe
http://www.filecluster.com/download-link-1/9102.html
http://www.filecluster.com/download-link-2/9102.html


Download without asking
Code: [Select]
http://www.softsia.com/download-rvmh.htm
Keylogger
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 27, 2012, 11:13:36 am
Are you kidding or trolling?

What you point as *download without asking* is download page for

http://cresotech-typerecorder.softsia.com/

How about go hunt real malware, not all this junk?
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 27, 2012, 11:33:55 am
Code: [Select]
http://urlfile.com/files/63915/pst-rec.exe
Not-A-Virus: Adware-Toolbar (Potential MW)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 31, 2012, 07:08:52 am
Code: [Select]
http://www.qeasoft.com/download.php?software_id=19030&url=http%3A%2F%2Fwww.audiocdtools.com%2Faudio-burner%2Fdownload%2Faudio-burner-plus.exe
Dropper ?
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 31, 2012, 12:41:14 pm
Code: [Select]
http://www.qeasoft.com/download.php?software_id=19030&url=http%3A%2F%2Fwww.audiocdtools.com%2Faudio-burner%2Fdownload%2Faudio-burner-plus.exe
Dropper ?


Audio Burner Plus 3.1 trialware

* NOT MALWARE *
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 04, 2012, 04:20:00 pm
Code: [Select]
http://www.overspy.com/download/solid-key-logger-setup.exe
KEYLOGGER (not-a-virus:Monitor.Win32.OverSpy.bq)
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on June 05, 2012, 03:58:46 am
How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)
Title: Re: Honeypots forgotten Links...
Post by: dlipman on June 05, 2012, 12:54:58 pm
How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)

(http://multi-av.thespykiller.co.uk/GIF/S_THUM~11.GIF)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 08:47:30 am
Code: [Select]
http://www.datarecoverysoftwaretrial.ws/trial/demo20126422443.zip
Keylog-Sanmaxi
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 11:02:00 am
Code: [Select]
http://www.google.com/aclk?sa=l&ai=CbgNTAi_PT4zxCcve4ASPvZGVA6rSsfYD2vb1sFreptP8AggAEAogwvWoGCgKUM_cnKAFYLsDoAG-ktbNA8gBAaoEV0_Q80dv5nLGRk9stXs1ojsZjsyrw96EH3KxNHY_JvOOv_SZ-ns6BEsKvBouQ_0Hq8Urf2QvBpA2a5cAhFV2_9HEB1Cyo7rYYp-eJHc9BJzfTnTZP94Nmg&sig=AOD64_0MeSej33E281wlz2T5enJ3XGA66w&adurl=http://gamesxite.com/download/
Code: [Select]
http://gamesxite.com/download/
Code: [Select]
http://ak.imgfarm.com/images/nocache/vicinio/206140027/37610-120530154136/4wffxtbr-bs@Retrogamer_4w.com.xpi
not-a-virus:WebToolbar.Win32.MyWebSearch.rh


Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 03:25:33 pm
Code: [Select]
http://www.copperheadsecurity.com/AntiSpy/AntiSpywareTrial.exe
not-a-virus:FraudTool.Win32.AntiSpyware.a

Rogueware
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 11:01:29 am
Code: [Select]
http://rghost.net/38584310
Trojan.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 01:57:02 pm
Code: [Select]
http://rghost.net/38587601
Cheers
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 06:15:44 pm
Code: [Select]
http://rghost.net/38588275
Trojan Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 11, 2012, 10:04:01 am
Code: [Select]
http://rghost.net/38600496
Trojan.Crypt
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 11, 2012, 03:04:58 pm
Code: [Select]
http://rghost.net/38605974
Trojan-PSW.PHP.AccPhish.eu