Malware Domain List

Malware Related => Malicious Domains => Topic started by: GaryDee on April 07, 2012, 11:30:17 pm

Title: Honeypots forgotten Links...
Post by: GaryDee on April 07, 2012, 11:30:17 pm: Code: [Select]
http://tvgames.in http://tvgames.in/addnews.html http://tvgames.in/atari-2600-games http://tvgames.in/atari-5200-games http://tvgames.in/atari-7800-games http://tvgames.in/engine/classes/js/jquery.js http://tvgames.in/forum/forum_10 http://tvgames.in/game-ost http://tvgames.in/index.php http://tvgames.in/index.php?do=addnews http://tvgames.in/index.php?do=feedback http://tvgames.in/index.php?do=register http://tvgames.in/index.php?do=search&mode=advanced http://tvgames.in/index.php?do=stats http://tvgames.in/panasonic-3do-games http://tvgames.in/pc-apple-mac http://tvgames.in/sega-32x-games http://tvgames.in/sega-dreamcast-games http://tvgames.in/sega-master-system-games http://tvgames.in/sony-playstation2-games http://tvgames.in/sony-playstation-games http://tvgames.in/sony-psp-games http://www.tvgames.in/ http://www.tvgames.in/2007/09/ http://www.tvgames.in/2007/10/ http://www.tvgames.in/2007/11/ http://www.tvgames.in/2007/12/ http://www.tvgames.in/2008/01/ http://www.tvgames.in/2008/02/ http://www.tvgames.in/2008/03/ http://www.tvgames.in/2008/04/ http://www.tvgames.in/2008/05/ http://www.tvgames.in/2008/06/ http://www.tvgames.in/2008/07/ http://www.tvgames.in/2008/08/ http://www.tvgames.in/2008/09/ http://www.tvgames.in/2008/10/ http://www.tvgames.in/2008/11/ http://www.tvgames.in/2008/12/ http://www.tvgames.in/2009/01/ http://www.tvgames.in/2009/02/ http://www.tvgames.in/2009/03/ http://www.tvgames.in/2009/04/ http://www.tvgames.in/2009/05/ http://www.tvgames.in/2009/06/ http://www.tvgames.in/2009/07/ http://www.tvgames.in/2009/08/ http://www.tvgames.in/2009/09/ http://www.tvgames.in/2009/10/ http://www.tvgames.in/2009/11/ http://www.tvgames.in/2009/12/ http://www.tvgames.in/2010/01/ http://www.tvgames.in/2010/02/ http://www.tvgames.in/2010/03/ http://www.tvgames.in/2010/04/ http://www.tvgames.in/2010/05/ http://www.tvgames.in/2010/06/ http://www.tvgames.in/2010/07/ http://www.tvgames.in/2010/08/ http://www.tvgames.in/2010/09/ http://www.tvgames.in/2010/10/ http://www.tvgames.in/2010/11/ http://www.tvgames.in/2010/12/ http://www.tvgames.in/2011/01/ http://www.tvgames.in/2011/02/ http://www.tvgames.in/2011/03/ http://www.tvgames.in/2011/04/ http://www.tvgames.in/2011/05/ http://www.tvgames.in/2012/03/ http://www.tvgames.in/index.php?do=lostpassword http://www.tvgames.in/index.php?do=register http://www.tvgames.in/page/10/ http://www.tvgames.in/page/2/ http://www.tvgames.in/page/3/ http://www.tvgames.in/page/359/ http://www.tvgames.in/page/4/ http://www.tvgames.in/page/5/ http://www.tvgames.in/page/6/ http://www.tvgames.in/page/7/ http://www.tvgames.in/page/8/ http://www.tvgames.in/page/9/ http://www.tvgames.in/partners/ http://www.tvgames.in/pc-apple-mac/ http://www.tvgames.in/pc-apple-mac/22873-re-volt-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22873-re-volt-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22874-rollercoaster-tycoon-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22874-rollercoaster-tycoon-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22875-magic-and-mayhem-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22875-magic-and-mayhem-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22876-beavis-and-butthead-do-u-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22876-beavis-and-butthead-do-u-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22903-fifa-99-1998pcrus.html http://www.tvgames.in/pc-apple-mac/22903-fifa-99-1998pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22904-fallout-a-post-nuclear-role-play-game.html http://www.tvgames.in/pc-apple-mac/22904-fallout-a-post-nuclear-role-play-game.html#comment http://www.tvgames.in/pc-apple-mac/22905-sanitarium-1998pcrus.html http://www.tvgames.in/pc-apple-mac/22905-sanitarium-1998pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22906-indiana-jones-and-the-infernal-machine.html http://www.tvgames.in/pc-apple-mac/22906-indiana-jones-and-the-infernal-machine.html#comment http://www.tvgames.in/pc-apple-mac/22958-mechwarrior-3-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22958-mechwarrior-3-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22959-worms-armageddon-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22959-worms-armageddon-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22960-galador-der-fluch-des-prinzen-1999pcrus.html http://www.tvgames.in/pc-apple-mac/22960-galador-der-fluch-des-prinzen-1999pcrus.html#comment http://www.tvgames.in/pc-apple-mac/22961-fallout-2-1998pcrepackrus.html http://www.tvgames.in/pc-apple-mac/22961-fallout-2-1998pcrepackrus.html#comment http://www.tvgames.in/user/viip/
Trojan.JS.Redirector.vh
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 12:16:50 am: Code: [Select]
http://igamez.info/ http://igamez.info/2007/04/12/offworld_interceptor_jp.html http://igamez.info/2007/04/12/shock_wave__operation_jumpgate_eu.html http://igamez.info/2007/04/12/space_hulk_vengeance_of_the_blood_angels_us.html http://igamez.info/2007/10/05/killing_time.html http://igamez.info/2008/09/10/blue_stinger.html http://igamez.info/2008/09/10/evil_twin_cypriens_chronicles.html http://igamez.info/2009/01/25/moment_istiny__moment_of_silence_rus.html http://igamez.info/2009/03/25/snow_surfers_rus.html http://igamez.info/2009/03/27/dancing_blade_katteni_momotenshi__kanzenban.html http://igamez.info/2009/04/01/tokyo_xtreme_racer_rus.html http://igamez.info/2010/07/14/road_rash_3d_1998ruspsx.html http://igamez.info/2010/07/14/road_rash_jailbreak_2000ruspsx.html http://igamez.info/2011/01/10/colony_wars_vengeance_1998engpsx.html http://igamez.info/2011/01/10/resident_evil__directors_cut_1996ruspsx.html http://igamez.info/2011/01/10/star_wars_episode_i_the_phantom_menace_1999ruspsx.html http://igamez.info/2012/02/28/ http://igamez.info/2012/03/02/ http://igamez.info/2012/03/06/ http://igamez.info/2012/03/21/ http://igamez.info/category/atari_2600/ http://igamez.info/category/atari_jaguar/ http://igamez.info/category/atari_jaguar_cd/ http://igamez.info/category/atari_lynx/ http://igamez.info/category/igry_dlja_xbox360/ http://igamez.info/category/mattel_intellivision/ http://igamez.info/category/nec_turbo_grafx_16/ http://igamez.info/category/nintendo_nes/ http://igamez.info/category/panasonic_3do/ http://igamez.info/category/philips_cdi/ http://igamez.info/category/ps2/ http://igamez.info/category/ps3/ http://igamez.info/category/sega_cd/ http://igamez.info/category/sega_dreamcast/ http://igamez.info/category/sega_master_system/ http://igamez.info/category/sega_saturn/ http://igamez.info/category/sony_psp/ http://igamez.info/category/sony_psx/ http://igamez.info/category/wii/ http://igamez.info/engine/classes/highslide/highslide.js http://igamez.info/engine/classes/js/dle_js.js http://igamez.info/engine/classes/js/jquery.js http://igamez.info/engine/classes/js/jqueryui.js http://igamez.info/faq/ http://igamez.info/faq/downloads_file/ http://igamez.info/Game%20List.html http://igamez.info/game_boy/ http://igamez.info/index.php?do=addnews http://igamez.info/index.php?do=feedback http://igamez.info/index.php?do=lostpassword http://igamez.info/index.php?do=register http://igamez.info/index.php?do=stats http://igamez.info/On-line_games.html http://igamez.info/other_files/ http://igamez.info/page/10/ http://igamez.info/page/2/ http://igamez.info/page/3/ http://igamez.info/page/381/ http://igamez.info/page/4/ http://igamez.info/page/5/ http://igamez.info/page/6/ http://igamez.info/page/7/ http://igamez.info/page/8/ http://igamez.info/page/9/ http://igamez.info/site/ http://igamez.info/site_news/ http://igamez.info/sony_psp/7713-lord-of-apocalypse-2011pspjap.html http://igamez.info/sony_psp/7714-frontier-gate-2011pspjap.html http://igamez.info/sony_psp/7715-warnichi-2010pspeng.html http://igamez.info/sony_psp/7716-the-conveni-portable-2010pspjap.html http://igamez.info/sony_psp/7717-the-legend-of-heroes-trails-of-blue-2011pspjap.html http://igamez.info/sony_psp/7718-vulcanus-seek-and-destroy-2006pspjapeng.html http://igamez.info/sony_psp/7719-major-league-baseball-2k8-2008pspeng.html http://igamez.info/tags/ http://igamez.info/tags/%C4%E8%EA%EE%E3%EE/ http://igamez.info/tags/%CE%E4%E8%ED/ http://igamez.info/tags/%D0%E5%E3%E8%EE%ED/ http://igamez.info/tags/%E2%E0%F8%E8%EC/ http://igamez.info/tags/%E2%FB%E6%E8%F2%FC/ http://igamez.info/tags/%E2%FB%F1%EE%F2%FB/ http://igamez.info/tags/%E7%E0%F5%E2%E0%F2%FB%E2%E0%FE%F9%E8%EC/ http://igamez.info/tags/%E8%E3%F0%E0/ http://igamez.info/tags/%E8%E3%F0%E5/ http://igamez.info/tags/%E8%E3%F0%FB/ http://igamez.info/tags/%E8%F1%EF%FB%F2%E0%E9%F2%E5/ http://igamez.info/tags/%EA%EB%E0%F1%F1%E0/ http://igamez.info/tags/%EA%EE%EE%EF%E5%F0%E0%F2%E8%E2%ED%FB%E5/ http://igamez.info/tags/%EB%E5%E3%E5%ED%E4%FB/ http://igamez.info/tags/%EC%EE%E6%ED%EE/ http://igamez.info/tags/%ED%E0%E2%F1%F2%F0%E5%F7%F3/ http://igamez.info/tags/%ED%E0%E7%E0%E4/ http://igamez.info/tags/%EE%E1%EB%E0%E4%E0%E5%F2/ http://igamez.info/tags/%EE%F1%EE%E1%FB%EC/ http://igamez.info/tags/%EE%F2%EF%F0%E0%E2%E8%F2%FC/ http://igamez.info/tags/%EF%EE%E4%E7%E5%EC%EA%F3/ http://igamez.info/tags/%EF%F0%E0%EE%F2%F6%E0%EC/ http://igamez.info/tags/%EF%F0%E8%F1%F3%F2%F1%F2%E2%F3%FE%F2/ http://igamez.info/tags/%F0%FB%F6%E0%F0%FC/ http://igamez.info/tags/%F1%E2%EE%E8%EC/ http://igamez.info/tags/%F1%E2%EE%FE/ http://igamez.info/tags/%F1%E4%E5%EB%E0%F2%FC/ http://igamez.info/tags/%F1%EF%E5%F6%E8%F4%E8%F7%E5%F1%EA%EE%EC/ http://igamez.info/tags/%F2%E0%EA%EF%F0%E8%EA%EB%FE%F7%E5%ED%E8%FF/ http://igamez.info/tags/%F3%E4%E0%F0%EE%E2/ http://igamez.info/tags/%F5%E0%EC%E5%EB%E5%EE%ED%E0/ http://igamez.info/tags/%FD%F2%EE%E3%EE/ http://igamez.info/tags/anniversary/ http://igamez.info/tags/ciel/ http://igamez.info/tags/flashpoint/ http://igamez.info/tags/nanosuit/ http://igamez.info/tags/ps2/ http://igamez.info/tags/sega/ http://igamez.info/tags/tonelico/ http://igamez.info/tags/x-box/ http://igamez.info/templates/megatron/js/easing.js http://igamez.info/templates/megatron/js/timers.js http://igamez.info/templates/megatron/js/videos.js http://igamez.info/user/viip/ http://igamez.info/wii/7720-mario-party-9-2012wiieng.html http://igamez.info/wii/7721-maximum-racing-super-karts-2011wiieng.html http://igamez.info/wii/7722-hoshi-no-kirby-2011wiijap.html
HEUR:Trojan.Script.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 12:37:02 am: Feel free to analize:

Code: [Select]
http://pdavideo.info/
See:

http://128.111.48.236/view.php?hash=842efefe41f359cd6d407f5908f407ca&t=1333844309&type=js
http://jsunpack.jeek.org/?report=5f571f333e2dc8174726e03da5a9cfd192ba5d47
http://128.111.48.236/domain.php?hash=842efefe41f359cd6d407f5908f407ca&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 09:08:36 am: Code: [Select]
http://wordpress.com.cctvnoida.in/cache.php http://wordpress.com.cctvnoida.in/cgi-bin/
Backdoor:PHP/Lollusc.A
PHP/Spy.Ettu.D
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 09:55:09 am: Code: [Select]
http://www.thezoobar.com.au/pages/ http://www.thezoobar.com.au/pages/media/system/js/SpryData.js http://www.thezoobar.com.au/pages/contacts-a-directions--see-all-the-ways-you-can-contact-us.html http://www.thezoobar.com.au/pages/contacts-a-directions--see-all-the-ways-you-can-contact-us/our-map-location.html http://www.thezoobar.com.au/pages/component/user/reset.html http://www.thezoobar.com.au/pages/component/user/remind.html http://www.thezoobar.com.au/pages/index.php http://www.thezoobar.com.au/pages/entertainment-page.html http://www.thezoobar.com.au/pages/information.html http://www.thezoobar.com.au/pages/functions-a-events.html http://www.thezoobar.com.au/pages/leichhatiger-main.html http://www.thezoobar.com.au/pages/function-packages.html http://www.thezoobar.com.au/pages/entertainment.html http://www.thezoobar.com.au/pages/menus.html http://www.thezoobar.com.au/pages/photo-gallery.html http://www.thezoobar.com.au/pages/#page
Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 10:06:08 am: Code: [Select]
http://actionkids.com/ http://actionkids.com/index.php?option=com_content&view=article&id=13&Itemid=16 http://actionkids.com/index.php?option=com_content&view=article&id=2&Itemid=2 http://actionkids.com/index.php?option=com_content&view=article&id=2&Itemid=28 http://actionkids.com/index.php?option=com_content&view=article&id=27&Itemid=26 http://actionkids.com/index.php?option=com_content&view=article&id=4&Itemid=6 http://actionkids.com/index.php?option=com_content&view=article&id=41&Itemid=35 http://actionkids.com/index.php?option=com_content&view=article&id=42&Itemid=31 http://actionkids.com/index.php?option=com_content&view=article&id=43&Itemid=34 http://actionkids.com/index.php?option=com_content&view=article&id=45&Itemid=39 http://actionkids.com/index.php?option=com_content&view=article&id=46&Itemid=38 http://actionkids.com/index.php?option=com_content&view=article&id=47&Itemid=37 http://actionkids.com/index.php?option=com_content&view=article&id=48&Itemid=41 http://actionkids.com/index.php?option=com_content&view=article&id=49&Itemid=25 http://actionkids.com/index.php?option=com_content&view=article&id=49&Itemid=43 http://actionkids.com/index.php?option=com_content&view=article&id=5&Itemid=7 http://actionkids.com/index.php?option=com_content&view=article&id=50&Itemid=42 http://actionkids.com/index.php?option=com_content&view=article&id=51&Itemid=45 http://actionkids.com/index.php?option=com_content&view=article&id=9:party-information&catid=11:party&Itemid=14 http://actionkids.com/index.php?option=com_content&view=category&layout=blog&id=11&Itemid=14 http://actionkids.com/index.php?option=com_content&view=category&layout=blog&id=5&Itemid=5 http://actionkids.com/index.php?option=com_eventlist&view=categoryevents&id=3&Itemid=13 http://actionkids.com/index.php?option=com_morfeoshow&Itemid=15 http://actionkids.com/media/system/js/caption.js http://actionkids.com/media/system/js/modal.js http://actionkids.com/media/system/js/mootools.js http://actionkids.com/modules/mod_subscribe/js/check.js http://actionkids.com/plugins/content/attachments_refresh.js http://actionkids.com/templates/adeles_actions/scripts/lightbox.js http://actionkids.com/templates/adeles_actions/scripts/prototype.js
Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 10:29:23 am: Code: [Select]
http://www.anastasiart.com/ http://www.anastasiart.com/?page_id=107 http://www.anastasiart.com/?page_id=191 http://www.anastasiart.com/?page_id=193 http://www.anastasiart.com/?page_id=196 http://www.anastasiart.com/?page_id=655 http://www.anastasiart.com/?page_id=68 http://www.anastasiart.com/wp-includes/js/comment-reply.js?ver=20090102
Trojan-Downloader.HTML.IFrame.agc

http://128.111.48.236/domain.php?hash=c563817bfb0a78992e8aafdbfc864c88&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:00:26 am: Code: [Select]
http://kokky.com.au/+ gaJsHost + google-analytics.com/ga.js http://kokky.com.au/eng http://kokky.com.au/eng/about http://kokky.com.au/eng/blog http://kokky.com.au/eng/blog-open/Beats-Executive-Headphones-44 http://kokky.com.au/eng/blog-open/Canon-1D-X-DSLR-Camera-43 http://kokky.com.au/eng/contact http://kokky.com.au/eng/disclaimer http://kokky.com.au/eng/get-a-quote http://kokky.com.au/eng/legal-use http://kokky.com.au/eng/portfolio http://kokky.com.au/eng/portfolio/identity/9/1300-dentist/ http://kokky.com.au/eng/portfolio/identity/9/floriart-logo/ http://kokky.com.au/eng/portfolio/identity/9/georges-premium-fresh/ http://kokky.com.au/eng/portfolio/identity/9/home-pizza/ http://kokky.com.au/eng/portfolio/identity/9/pablos-vice/ http://kokky.com.au/eng/portfolio/identity/9/rocket-rental/ http://kokky.com.au/eng/portfolio/identity/9/speedy-berry/ http://kokky.com.au/eng/portfolio/identity/9/tuchuzy-burwood/ http://kokky.com.au/eng/portfolio/identity/9/ziller/ http://kokky.com.au/eng/portfolio/print-design/11/liverpool-lanes-flyers/ http://kokky.com.au/eng/portfolio/print-design/11/manhattansuper-bowl-flyers/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/allure/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/allure-display-centre/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/cote-d-azur/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/emerald-park-display-centre/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/enmore-box-factory/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/eton-brochure/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/eton-website/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/giallo-brochure/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/giallo-website/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/pritchard-terraces/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/the-park/ http://kokky.com.au/eng/portfolio/projeft-marketing/8/the-park-brochure/ http://kokky.com.au/eng/portfolio/website/10/floriart/ http://kokky.com.au/eng/portfolio/website/10/georges-providores/ http://kokky.com.au/eng/portfolio/website/10/home-pizza-website/ http://kokky.com.au/eng/portfolio/website/10/house-of-emmanuele/ http://kokky.com.au/eng/portfolio/website/10/kokoloco/ http://kokky.com.au/eng/portfolio/website/10/lateral-corporation/ http://kokky.com.au/eng/portfolio/website/10/liondos/ http://kokky.com.au/eng/portfolio/website/10/liverpool-lanes/ http://kokky.com.au/eng/portfolio/website/10/nick-rizzo/ http://kokky.com.au/eng/welcome http://kokky.com.au/js/flow.1.2.min.js http://kokky.com.au/js/jquery.1.3.2.js http://kokky.com.au/js/jquery.pngFix.js http://kokky.com.au/js/lightbox-0.5.js
HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:16:30 am: Code: [Select]
http://liondos.com.au/ http://liondos.com.au/?cat=about http://liondos.com.au/?cat=admin http://liondos.com.au/?cat=catalogue&sec=accessories http://liondos.com.au/?cat=catalogue&sec=business-suits http://liondos.com.au/?cat=catalogue&sec=hospitality http://liondos.com.au/?cat=catalogue&sec=jackets http://liondos.com.au/?cat=catalogue&sec=knitwear http://liondos.com.au/?cat=catalogue&sec=made-to-measure-suits http://liondos.com.au/?cat=catalogue&sec=polos http://liondos.com.au/?cat=catalogue&sec=shirts http://liondos.com.au/?cat=catalogue&sec=tees http://liondos.com.au/?cat=catalogue&sec=weddings http://liondos.com.au/?cat=catalogue&sec=work-wear http://liondos.com.au/?cat=contact http://liondos.com.au/?cat=home http://liondos.com.au/?cat=privacy http://www.liondos.com.au/?cat=catalogue&sec=made-to-measure-suits http://www.liondos.com.au/?cat=contact
Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:35:04 am: Code: [Select]
http://callex.com.au/ http://callex.com.au/?fontstyle=f-larger http://callex.com.au/?fontstyle=f-smaller http://callex.com.au/index.php?option=com_contact&view=contact&id=1&Itemid=53 http://callex.com.au/index.php?option=com_content&view=section&id=4&Itemid=37 http://callex.com.au/index.php?option=com_user&view=remind http://callex.com.au/index.php?option=com_user&view=reset http://callex.com.au/media/system/js/caption.js http://callex.com.au/media/system/js/mootools.js
Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 08, 2012, 11:40:30 am: Code: [Select]
http://nevertouchelectrical.com.au/ http://nevertouchelectrical.com.au/commercial.php?page=commercial http://nevertouchelectrical.com.au/contact.php?page=contact http://nevertouchelectrical.com.au/index.php?page=home http://nevertouchelectrical.com.au/js/pngfix.js http://nevertouchelectrical.com.au/maintenance.php?page=maintenance http://nevertouchelectrical.com.au/residential.php?page=residential
Trojan-Downloader.JS.IFrame.cvb
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 09, 2012, 06:07:25 am: Code: [Select]
http://dizixizle.com/
Suspicious

http://128.111.48.236/domain.php?hash=232891895f8928ac9ef6af7dbbb0a663&type=js
https://www.virustotal.com/url/1c6be4bd283e3c50870f9dcc68ff804ed9d36b38fb77a6d4e0e52a3ed2e685ac/analysis/1333951088/
http://jsunpack.jeek.org/?report=4cd028b63abfea97e194f59aa3fe29f37a41f5d7
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 09, 2012, 08:06:44 am: Code: [Select]
http://gjgt.sk/~fuller/dotakeys1.3/dotakeys.exe
TrojWare.Win32.TrojanDropper.Binder.~J
Riskware.Win32.HackTool!A2
Heuristic.BehavesLike.Win32.ModifiedUPX.C!87

Code: [Select]
http://gjgt.sk/~fuller/dotakeys1.3/dotakeys_installer_1.32.zip
Worm/AutoIt.ABH
Win32.WormAutoIt.Abh
Worm.Win32.AutoIt!IK
TrojanDownloader.Agent.hzx
Artemis!8708DECC3E98
Mal/Generic-L
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 05:09:19 am: Code: [Select]
http://jazwiec.pl/test/gr/nlet/ajaxam.js
Trojan-Downloader.JS.Agent.gpj

http://128.111.48.236/view.php?hash=2525e3c28e613dbbe01428cd1a1a5b2f&t=1334033357&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 05:56:59 am: Code: [Select]
chinglong.info/pdf/Document.com chinglong.info/pdf/document.com chinglong.info/pdf/Document.pif chinglong.info/pdf/Download2012.zip chinglong.info/pdf/articles.zip chinglong.info/pdf/plugin.dat chinglong.info/pdf/plugint.dat chinglong.info/pdf/web-mail.com chinglong.info/pdf/web.mail.com chinglong.info/pdf/youtub.com chinglong.info/pdf/youtube.com
HEUR:Trojan.Win32.Generic

Code: [Select]
chinglong.info/pdf/plugin.dat chinglong.info/pdf/plugint.dat
Troj/EncProc-B
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 03:58:20 pm: Code: [Select]
http://gustovero.it/best-sales.php http://gustovero.it/category.php?id_category=10 http://gustovero.it/category.php?id_category=11 http://gustovero.it/category.php?id_category=5 http://gustovero.it/category.php?id_category=6 http://gustovero.it/category.php?id_category=7 http://gustovero.it/category.php?id_category=8 http://gustovero.it/category.php?id_category=9 http://gustovero.it/cms.php?id_cms=1 http://gustovero.it/cms.php?id_cms=3 http://gustovero.it/cms.php?id_cms=5 http://gustovero.it/cms.php?id_cms=6 http://gustovero.it/contact-form.php http://gustovero.it/index.php?id_lang=1 http://gustovero.it/index.php?id_lang=2 http://gustovero.it/index.php?id_lang=3 http://gustovero.it/js/jquery/ifxtransfer.js http://gustovero.it/js/jquery/iutil.prestashop-modifications.js http://gustovero.it/js/jquery/jquery.hotkeys-0.7.8-packed.js http://gustovero.it/js/pluginDetect.js http://gustovero.it/js/tools.js http://gustovero.it/manufacturer.php http://gustovero.it/manufacturer.php?id_manufacturer=3 http://gustovero.it/my-account.php http://gustovero.it/new-products.php http://gustovero.it/order.php http://gustovero.it/order.php?step=1 http://gustovero.it/prices-drop.php http://gustovero.it/product.php?id_product=10 http://gustovero.it/product.php?id_product=11 http://gustovero.it/product.php?id_product=12 http://gustovero.it/product.php?id_product=13 http://gustovero.it/sitemap.php http://gustovero.it/cart.php? http://gustovero.it/themes/prestashop/js/tools/treeManagement.js http://www.gustovero.it
Trojan-Downloader.HTML.IFrame.agc

Code: [Select]
http://gustovero.com/ http://gustovero.com/best-sales.php http://gustovero.com/cart.php? http://gustovero.com/category.php?id_category=10 http://gustovero.com/category.php?id_category=11 http://gustovero.com/category.php?id_category=5 http://gustovero.com/category.php?id_category=6 http://gustovero.com/category.php?id_category=7 http://gustovero.com/category.php?id_category=8 http://gustovero.com/category.php?id_category=9 http://gustovero.com/cms.php?id_cms=1 http://gustovero.com/cms.php?id_cms=3 http://gustovero.com/cms.php?id_cms=5 http://gustovero.com/cms.php?id_cms=6 http://gustovero.com/contact-form.php http://gustovero.com/index.php?id_lang=1 http://gustovero.com/index.php?id_lang=2 http://gustovero.com/index.php?id_lang=3 http://gustovero.com/js/jquery/ifxtransfer.js http://gustovero.com/js/jquery/iutil.prestashop-modifications.js http://gustovero.com/js/jquery/jquery.easing.1.3.js http://gustovero.com/js/jquery/jquery.hotkeys-0.7.8-packed.js http://gustovero.com/js/jquery/jquery-1.2.6.pack.js http://gustovero.com/js/tools.js http://gustovero.com/manufacturer.php http://gustovero.com/manufacturer.php?id_manufacturer=3 http://gustovero.com/modules/blockcart/ajax-cart.js http://gustovero.com/my-account.php http://gustovero.com/new-products.php http://gustovero.com/order.php? http://gustovero.com/order.php?step=1 http://gustovero.com/prices-drop.php http://gustovero.com/product.php?id_product=10 http://gustovero.com/product.php?id_product=11 http://gustovero.com/product.php?id_product=12 http://gustovero.com/product.php?id_product=13 http://gustovero.com/sitemap.php http://gustovero.com/themes/prestashop/js/tools/treeManagement.js
Trojan-Downloader.HTML.IFrame.agc
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 04:50:22 pm: Code: [Select]
greentierra.in/servizio/Info08042012.zip
infected with

Trojan-Dropper.Win32.Injector.efwc

links to

Code: [Select]
http://putemyr.ru/tmp/index.php?out=1333473250
See:

http://www.unmaskparasites.com/security-report/?page=http%3A//greentierra.in/

&

https://www.virustotal.com/url/3ecd0a6f11e5ebf0342dac87b27705b3c25e2ff8110a58fc0c343e136426f7a4/analysis/1334075331/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 10, 2012, 07:39:56 pm: Code: [Select]
http://glaspetzka.at http://glaspetzka.at/anfrage/ http://glaspetzka.at/bilderrahmen/ http://glaspetzka.at/duschabtrennungen http://glaspetzka.at/eine-seite-2/ http://glaspetzka.at/eine-seite-2/bauverglasung/ http://glaspetzka.at/glasbruch/ http://glaspetzka.at/glaskonstruktionen/ http://glaspetzka.at/glaskonstruktionen/kuchenruckwande/ http://glaspetzka.at/glasschleiferei/ http://glaspetzka.at/impressum http://glaspetzka.at/jobs http://glaspetzka.at/kontakt/ http://glaspetzka.at/mobelverglasung/ http://glaspetzka.at/referenzen/ http://glaspetzka.at/spiegel-und-vasen/ http://glaspetzka.at/uber-uns/ http://glaspetzka.at/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.47 http://glaspetzka.at/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.1 http://glaspetzka.at/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js?ver=2.88 http://glaspetzka.at/wp-content/themes/organic_health_blue/images/favicon.ico http://glaspetzka.at/wp-content/themes/organic_health_blue/js/jquery.flow.1.1.js http://glaspetzka.at/wp-includes/js/jquery/jquery.js?ver=1.4.2
Trojan-Downloader.JS.Iframe.cvb

&

HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 02:36:34 pm: Code: [Select]
http://les-fleurs.me/ http://les-fleurs.me/index.php http://les-fleurs.me/index.php#catalog http://les-fleurs.me/index.php?categoryID=1 http://les-fleurs.me/index.php?categoryID=10 http://les-fleurs.me/index.php?categoryID=11 http://les-fleurs.me/index.php?categoryID=12 http://les-fleurs.me/index.php?categoryID=13 http://les-fleurs.me/index.php?categoryID=14 http://les-fleurs.me/index.php?categoryID=15 http://les-fleurs.me/index.php?categoryID=16 http://les-fleurs.me/index.php?categoryID=17 http://les-fleurs.me/index.php?categoryID=19 http://les-fleurs.me/index.php?categoryID=2 http://les-fleurs.me/index.php?categoryID=20 http://les-fleurs.me/index.php?categoryID=3 http://les-fleurs.me/index.php?categoryID=4 http://les-fleurs.me/index.php?categoryID=5 http://les-fleurs.me/index.php?categoryID=6 http://les-fleurs.me/index.php?categoryID=7 http://les-fleurs.me/index.php?categoryID=8 http://les-fleurs.me/index.php?categoryID=9 http://les-fleurs.me/index.php?killuser=yes http://les-fleurs.me/index.php?productID=105 http://les-fleurs.me/index.php?productID=116 http://les-fleurs.me/index.php?productID=117 http://les-fleurs.me/index.php?productID=118 http://les-fleurs.me/index.php?productID=46 http://les-fleurs.me/index.php?productID=49 http://les-fleurs.me/index.php?productID=60 http://les-fleurs.me/index.php?productID=64 http://les-fleurs.me/index.php?productID=75 http://les-fleurs.me/index.php?productID=83 http://les-fleurs.me/index.php?productID=84 http://les-fleurs.me/index.php?productID=90 http://les-fleurs.me/index.php?productID=93 http://les-fleurs.me/index.php?productID=97 http://les-fleurs.me/index.php?productID=98 http://les-fleurs.me/index.php?search_with_change_category_ability=yes http://les-fleurs.me/index.php?shopping_cart=yes http://les-fleurs.me/index.php?show_price=yes

Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 03:26:32 pm: Code: [Select]
http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=38 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=39 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=40 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=41 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=42 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=43 http://kaif-life.isgreat.org/index.php/2011-10-15-02-46-14?page=shop.product_details&category_id=9&flypage=flypage.tpl&product_id=44 http://kaif-life.isgreat.org/index.php/2012-03-11-18-45-17 http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/4-2011-10-15-05-38-31 http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/5-2011-10-16-08-58-59 http://kaif-life.isgreat.org/index.php/component/content/article/2-2011-10-15-05-21-55/6-2011-10-16-09-23-03 http://kaif-life.isgreat.org/media/system/js/caption.js http://kaif-life.isgreat.org/media/system/js/mootools.js http://kaif-life.isgreat.org/modules/mod_ice_vmcart/assets/script.js http://kaif-life.isgreat.org/modules/mod_icetabs/assets/script_15.js http://kaif-life.isgreat.org/modules/mod_ja_vmproductslide/ja_vmproductslide/ja.vmproductslide.js http://kaif-life.isgreat.org/modules/mod_note_its/assets/js/cufon-yui.js http://kaif-life.isgreat.org/modules/mod_note_its/assets/js/Gunny_Handwriting_400.font.js http://kaif-life.isgreat.org/templates/ja_larix/ja_menus/ja_scriptdlmenu/ja.scriptdlmenu.js
Trojan-Downloader.JS.JScript.av
Trojan-Downloader.JS.JScript.ax
Trojan-Downloader.JS.JScript.ba
Trojan-Downloader.Win32.Agent.gykb
HEUR:Trojan.Script.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 03:59:52 pm: Code: [Select]
http://en.jagler.com.tr/
HEUR:Trojan.Script.Iframer
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 04:24:37 pm: Code: [Select]
http://itgarage.co.id/ http://itgarage.co.id/script/main.js http://www.itgarage.co.id/main/about-us http://www.itgarage.co.id/store http://www.itgarage.co.id/store//modules/mod_s5_image_set_rotator/s5_image_set_rotator/s5_image_set_rotator.js http://www.itgarage.co.id/store/media/system/js/caption.js http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/menu.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.corner.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.jcarousel.min.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/scripts.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/cufon-yui.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/Bebas_Neue_400.font.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.tipTip.minified.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.prettyPhoto.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.easing.1.3.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/styleswitcher.jquery.js?ver=3.3.1 http://www.itgarage.co.id/main/wp-includes/js/comment-reply.js?ver=20090102 http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/Dark_Red_cufon-replace.js http://www.itgarage.co.id/main/wp-content/themes/chromegt/js/jquery.nivo.slider.js
Trojan-Downloader.JS.Agent.gnk
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 05:06:32 pm: Code: [Select]
http://www.internationalmissionsfoundation.org http://www.internationalmissionsfoundation.org/ http://www.internationalmissionsfoundation.org/contact-us/ http://www.internationalmissionsfoundation.org/donations/ http://www.internationalmissionsfoundation.org/feed/ http://www.internationalmissionsfoundation.org/imf-leadership/ http://www.internationalmissionsfoundation.org/imf-staff/ http://www.internationalmissionsfoundation.org/our-imf-mission/ http://www.internationalmissionsfoundation.org/recovery-assistance/ http://www.internationalmissionsfoundation.org/uncategorized/international-missions-foundation-history/ http://www.internationalmissionsfoundation.org/wp-content/themes/Parallels-WP/js/jquery.easing.1.3.js http://www.internationalmissionsfoundation.org/wp-content/themes/Parallels-WP/js/jquery.validate.js http://www.internationalmissionsfoundation.org/wp-includes/js/l10n.js?ver=20101110
Trojan-Downloader.JS.Expack.di
HEUR:Trojan.Script.Generic
Trojan.JS.Agent!IK
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 11, 2012, 07:00:44 pm: Code: [Select]
http://hosoonlee.com.sg http://hosoonlee.com.sg/ http://hosoonlee.com.sg/about/ http://hosoonlee.com.sg/contactus/ http://hosoonlee.com.sg/customization/ http://hosoonlee.com.sg/feed/ http://hosoonlee.com.sg/feed/atom/ http://hosoonlee.com.sg/gallery/ http://hosoonlee.com.sg/products/ http://hosoonlee.com.sg/products/fabrics/ http://hosoonlee.com.sg/products/genuine-leather/ http://hosoonlee.com.sg/products/leather-care/ http://hosoonlee.com.sg/products/polyurethane-foam/ http://hosoonlee.com.sg/products/synthetic-leather/ http://hosoonlee.com.sg/quality/ http://hosoonlee.com.sg/services/ http://hosoonlee.com.sg/services/business-owners/ http://hosoonlee.com.sg/services/contractors/ http://hosoonlee.com.sg/services/home-owners/ http://hosoonlee.com.sg/sofa/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 http://hosoonlee.com.sg/sofa/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.4 http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/page_templates/js/et-ptemplates-frontend.js?ver=1.1 http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2 http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=1.6 http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/DD_belatedPNG_0.0.8a-min.js http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/jquery.cycle.all.min.js http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/jquery.easing.1.3.js http://hosoonlee.com.sg/sofa/wp-content/themes/sofa/js/superfish.js http://hosoonlee.com.sg/sofa/wp-includes/js/jquery/jquery.js?ver=1.4.4 http://hosoonlee.com.sg/sofa/wp-includes/js/l10n.js?ver=20101110 http://hosoonlee.com.sg/sofa/wp-includes/js/comment-reply.js?ver=20090102 http://hosoonlee.com.sg/widerangeofsofas/ http://hosoonlee.com.sg/workmanship/ http://www.hosoonlee.com.sg
Trojan-Downloader.JS.JScript.ag
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 12, 2012, 05:19:31 pm: Code: [Select]
http://vizit.venal.com.ua/index.php?limitstart=144 http://vizit.venal.com.ua/index.php?limitstart=18 http://vizit.venal.com.ua/index.php?limitstart=27 http://vizit.venal.com.ua/index.php?limitstart=36 http://vizit.venal.com.ua/index.php?limitstart=45 http://vizit.venal.com.ua/index.php?limitstart=54 http://vizit.venal.com.ua/index.php?limitstart=63 http://vizit.venal.com.ua/index.php?limitstart=72 http://vizit.venal.com.ua/index.php?limitstart=81 http://vizit.venal.com.ua/index.php?limitstart=9 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=130:2011-12-02-10-20-38&catid=29:2011-08-11-16-39-01 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=165:-2012-&catid=42:2011-08-11-16-47-08&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=171&Itemid=109 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=171:-2012-&catid=72:-2012&Itemid=109 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=217:2012-01-27-13-07-21&catid=35:2011-08-11-16-44-57&Itemid=57#comment-66 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=253:2012-04-06-10-50-58&catid=38:2011-08-11-16-45-49&Itemid=67 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=253:2012-04-06-10-50-58&catid=38:2011-08-11-16-45-49&Itemid=67#comments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=254:-14-12&catid=54:2011-08-11-16-50-05&Itemid=60 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=254:-14-12&catid=54:2011-08-11-16-50-05&Itemid=60#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=255:-lr-&catid=42:2011-08-11-16-47-08&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=255:-lr-&catid=42:2011-08-11-16-47-08&Itemid=70#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=256:2012-04-06-11-10-30&catid=41:2011-08-11-16-46-50&Itemid=73 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=256:2012-04-06-11-10-30&catid=41:2011-08-11-16-46-50&Itemid=73#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=257:-8-&catid=41:2011-08-11-16-46-50&Itemid=73 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=257:-8-&catid=41:2011-08-11-16-46-50&Itemid=73#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=258:2012-04-06-11-20-36&catid=50:2011-08-11-16-49-09&Itemid=59 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=258:2012-04-06-11-20-36&catid=50:2011-08-11-16-49-09&Itemid=59#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=259:2012-04-06-13-53-54&catid=40:2011-08-11-16-46-22&Itemid=62 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=259:2012-04-06-13-53-54&catid=40:2011-08-11-16-46-22&Itemid=62#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=260:2012-04-06-13-58-41&catid=50:2011-08-11-16-49-09&Itemid=59 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=260:2012-04-06-13-58-41&catid=50:2011-08-11-16-49-09&Itemid=59#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=261:-l-r&catid=42:2011-08-11-16-47-08&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=261:-l-r&catid=42:2011-08-11-16-47-08&Itemid=70#addcomments http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=47&Itemid=30 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=48&Itemid=18 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=49&Itemid=55 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=70:2011-10-03-11-17-43&catid=42:2011-08-11-16-47-08&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102#comment-67 http://vizit.venal.com.ua/index.php?option=com_content&view=article&id=71:2011-10-06-08-58-14&catid=65:2011-10-06-08-51-27&Itemid=102#comment-68 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=38:2011-08-11-16-45-49&layout=blog&Itemid=67 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=40:2011-08-11-16-46-22&layout=blog&Itemid=62 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=41:2011-08-11-16-46-50&layout=blog&Itemid=73 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=42:2011-08-11-16-47-08&layout=blog&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=50:2011-08-11-16-49-09&layout=blog&Itemid=59 http://vizit.venal.com.ua/index.php?option=com_content&view=category&id=54:2011-08-11-16-50-05&layout=blog&Itemid=60 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=25&Itemid=72 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=30&Itemid=61 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=34&Itemid=91 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=35&Itemid=57 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=36&Itemid=71 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=38&Itemid=67 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=39&Itemid=78 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=40&Itemid=62 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=41&Itemid=73 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=42&Itemid=70 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=43&Itemid=94 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=44&Itemid=69 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=44&Itemid=98 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=45&Itemid=77 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=46&Itemid=95 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=47&Itemid=64 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=48&Itemid=63 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=49&Itemid=74 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=50&Itemid=59 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=51&Itemid=76 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=52&Itemid=58 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=53&Itemid=66 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=54&Itemid=60 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=55&Itemid=65 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=56&Itemid=99 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=57&Itemid=75 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=58&Itemid=56 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=60&Itemid=93 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=61&Itemid=97 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=62&Itemid=100 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=63&Itemid=92 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=64&Itemid=101 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=65&Itemid=102 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=66&Itemid=104 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=69&Itemid=106 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=70&Itemid=107 http://vizit.venal.com.ua/index.php?option=com_content&view=category&layout=blog&id=71&Itemid=108 http://vizit.venal.com.ua/index.php?option=com_content&view=frontpage&Itemid=28 http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=11&layout=blog&Itemid=82 http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=15&layout=blog&Itemid=88 http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=6&layout=blog&Itemid=85 http://vizit.venal.com.ua/index.php?option=com_content&view=section&id=9&layout=blog&Itemid=87 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=10&Itemid=86 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=11&Itemid=82 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=12&Itemid=103 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=13&Itemid=84 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=14&Itemid=83 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=15&Itemid=88 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=16&Itemid=80 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=17&Itemid=90 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=20&Itemid=105 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=4&Itemid=2 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=5&Itemid=89 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=6&Itemid=85 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=8&Itemid=96 http://vizit.venal.com.ua/index.php?option=com_content&view=section&layout=blog&id=9&Itemid=87 http://vizit.venal.com.ua/index.php?option=com_igallery&view=category&id=0&Itemid=29 http://vizit.venal.com.ua/index.php?option=com_user&view=register http://vizit.venal.com.ua/index.php?option=com_user&view=remind http://vizit.venal.com.ua/index.php?option=com_user&view=reset http://vizit.venal.com.ua/media/system/js/caption.js http://vizit.venal.com.ua/media/system/js/mootools.js http://vizit.venal.com.ua/modules/mod_rokslideshow/tmpl/rokslideshow.js http://vizit.venal.com.ua/modules/mod_swmenupro/DropDownMenuX_Packed.js http://vizit.venal.com.ua/modules/mod_swmenupro/transmenu_Packed.js http://vizit.venal.com.ua/modules/mod_xpertscroller/admin/jquery-1.4.4.js http://vizit.venal.com.ua/modules/mod_xpertscroller/interface/js/xpertscroller.js http://vizit.venal.com.ua/plugins/system/cdcaptcha/js/jquery.cdcaptcha.js http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/highslide/js/highslide-full.min.js http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-1.4.2.min.js http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/jquery-noconflict.js http://vizit.venal.com.ua/plugins/system/cdscriptegrator/libraries/jquery/js/ui/jquery-ui-1.8.4.custom.min.js http://www.venal.com.ua

Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 13, 2012, 09:00:27 am: Code: [Select]
http://www.amazonasimages.com/
HEUR:Trojan.Script.Generic
JS.Trojan.Agent-6
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 05:53:37 am: Code: [Select]
91.205.74.23/content/adp2.php?f=71 91.205.74.23/content/adp2.php?f=72 91.205.74.23/content/adp2.php?f=73 91.205.74.23/content/adp2.php?f=74 91.205.74.23/content/adp2.php?f=75 91.205.74.23/content/adp2.php?f=76 91.205.74.23/content/adp2.php?f=77 91.205.74.23/content/adp2.php?f=78 91.205.74.23/content/adp2.php?f=79 91.205.74.23/content/adp2.php?f=80
Exploit.JS.Pdfka.fof
PDF:Clicker.Exploit.E
Exploit-PDF-FAY!20FCE1336568
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 06:30:38 am: Code: [Select]
http://zabgen.predistoria.org/forum/Themes/default/script.js?fin11 http://zabgen.predistoria.org/forum/Themes/default/xml_topic.js
Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 10:03:47 am: Code: [Select]
xn----stbfln.xn--p1ai/template/images/jquery.cycle.all.js xn----stbfln.xn--p1ai/template/images/jquery.min.js
Trojan-Downloader.JS.Agent.gpp
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 11:12:48 am: Code: [Select]
http://pmk-c.ru/ http://pmk-c.ru/template/images/jquery.cycle.all.js http://pmk-c.ru/template/images/jquery.min.js http://pmk-c.ru/litebox/js/moo.fx.js http://pmk-c.ru/litebox/js/prototype.lite.js http://pmk-c.ru/Blagoustroystvo-territorii.html http://pmk-c.ru/Demontag-zdaniy.html http://pmk-c.ru/Funktsii-generalnogo-podryadchika.html http://pmk-c.ru/Informatsiya-o-kompanii.html http://pmk-c.ru/Ingenernie-seti.html http://pmk-c.ru/Izolyatsionnie-raboti.html http://pmk-c.ru/Kamennie-raboti.html http://pmk-c.ru/Karta-sayta.html http://pmk-c.ru/Kontaktnaya-informatsiya.html http://pmk-c.ru/Krovelnie-raboti.html http://pmk-c.ru/Montag-metallokonstruktsiy.html http://pmk-c.ru/Nashi-zakazchiki-galereya.html http://pmk-c.ru/Novosti-kompanii.html http://pmk-c.ru/Obshchestroitelnie-raboti.html http://pmk-c.ru/Otdelochnie-raboti.html http://pmk-c.ru/Otkritie-sportivnie-soorugeniya.html http://pmk-c.ru/Ozelenenie-territorii.html http://pmk-c.ru/Podgotovitelnie-raboti.html http://pmk-c.ru/Pokritiya-iz-drevesnih-materialov.html http://pmk-c.ru/Pokritiya-iz-plitnih-materialov.html http://pmk-c.ru/Poli-iz-polimernih-materialov.html http://pmk-c.ru/price.html http://pmk-c.ru/Raschistka-territorii.html http://pmk-c.ru/Stroitelstvo-vremennih-dorog.html http://pmk-c.ru/Stroitelstvo-zdaniy.html http://pmk-c.ru/Ukladka-relsovih-putey.html http://pmk-c.ru/Ustroystvo-polov.html http://pmk-c.ru/Ustroystvo-proezdov.html http://pmk-c.ru/Viravnivayushchie-styagki-perekritiy.html http://pmk-c.ru/Opalubochnie-i-armaturnie-raboti.html http://pmk-c.ru/Ustroystvo-monolitnih-betonnih-konstruktsiy.html
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 12:41:40 pm: Code: [Select]
xn----jtbewcdgkdy.xn--p1ai/ xn----jtbewcdgkdy.xn--p1ai/ckidki.html xn----jtbewcdgkdy.xn--p1ai/contakt.html xn----jtbewcdgkdy.xn--p1ai/dalee.html xn----jtbewcdgkdy.xn--p1ai/js/lightbox.js xn----jtbewcdgkdy.xn--p1ai/js/prototype.js xn----jtbewcdgkdy.xn--p1ai/js/scriptaculous.js xn----jtbewcdgkdy.xn--p1ai/galerea.html xn----jtbewcdgkdy.xn--p1ai/prize/N1.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_fasad.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_demontag.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_santex.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_elektro.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_obshestvenie.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_otdeloch.html xn----jtbewcdgkdy.xn--p1ai/prize/usl_metallkon.html xn----jtbewcdgkdy.xn--p1ai/smeta/smeta.html xn----jtbewcdgkdy.xn--p1ai/vakan.html
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 14, 2012, 11:05:12 pm: Code: [Select]
http://xn----8sb5a0ajk1cg.xn--p1ai/ xn----8sb5a0ajk1cg.xn--p1ai/modules/mod_icetabs/assets/script_15.js xn----8sb5a0ajk1cg.xn--p1ai/#content xn----8sb5a0ajk1cg.xn--p1ai/#footer xn----8sb5a0ajk1cg.xn--p1ai/#main-nav_wrap xn----8sb5a0ajk1cg.xn--p1ai/#site_wrapper xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_contact&view=contact&id=1&Itemid=688 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1216:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1236&Itemid=791 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1240&Itemid=792 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1274:2011-05-23-19-04-02 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1289:something-to-tempt-your-tastebuds xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1292&Itemid=795 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1293&Itemid=764 xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1295:something-to-tempt-your-tastebuds xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1296:something-to-tempt-your-tastebuds xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1301:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1302:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1303:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1304:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_content&view=article&id=1305:2011-05-15-20-27-05&catid=102:icetabs xn----8sb5a0ajk1cg.xn--p1ai/index.php?option=com_poll&id=16:-qelhouseq
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 09:04:31 am: Code: [Select]
xn--80ajb4acklee1cxfe.xn--p1ai/#imGoToCont xn--80ajb4acklee1cxfe.xn--p1ai/#imGoToMenu xn--80ajb4acklee1cxfe.xn--p1ai/blog/ xn--80ajb4acklee1cxfe.xn--p1ai/imsitemap.html xn--80ajb4acklee1cxfe.xn--p1ai/index.html xn--80ajb4acklee1cxfe.xn--p1ai/proekt.html xn--80ajb4acklee1cxfe.xn--p1ai/res/swfobject.js xn--80ajb4acklee1cxfe.xn--p1ai/res/x5cartengine.js
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 09:39:56 am: Code: [Select]
http://white-ravens.com/ http://white-ravens.com/index.php?option=com_content&view=article&id=57:boeing-767-300-leve-d&catid=34:demo-content http://white-ravens.com/index.php?option=com_content&view=article&id=58:boeing-747-800-pmdg&catid=34:demo-content http://white-ravens.com/index.php?option=com_content&view=article&id=59:boeing-747-400-pmdg&catid=34:demo-content http://white-ravens.com/index.php?option=com_content&view=article&id=60:boeing-737-800-pmdg&catid=34:demo-content http://white-ravens.com/index.php?option=com_content&view=article&id=66&catid=38 http://white-ravens.com/index.php?option=com_content&view=article&id=70&Itemid=53 http://white-ravens.com/index.php?option=com_content&view=article&id=74&Itemid=88 http://white-ravens.com/index.php?option=com_content&view=category&layout=blog&id=1&Itemid=69 http://white-ravens.com/index.php?option=com_content&view=frontpage&Itemid=61 http://white-ravens.com/index.php?option=com_content&view=frontpage&Itemid=78 http://white-ravens.com/index.php?option=com_content&view=section&id=3&Itemid=66 http://white-ravens.com/index.php?option=com_newsfeeds&view=categories&Itemid=68 http://white-ravens.com/index.php?option=com_user&view=remind http://white-ravens.com/index.php?option=com_user&view=reset http://white-ravens.com/media/system/js/caption.js http://white-ravens.com/media/system/js/mootools.js http://white-ravens.com/modules/mod_gk_tab/scripts/engine_compress.js http://white-ravens.com/modules/mod_news_pro_gk1/scripts/engine_standard_compressed.js http://white-ravens.com/templates/gk_coolfoto/lib/scripts/gk_image_show.js http://white-ravens.com/templates/gk_coolfoto/lib/scripts/template_scripts.js
HEUR:Trojan.Script.Generic
Trojan-Downloader.JS.JScript.ak
Trojan-Downloader.JS.JScript.av
Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 10:33:06 am: Code: [Select]
xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/ xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/jquery-1.3.2.min.js xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/media/system/js/mootools.js xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/plugins/system/modalizer/modals/colorbox/jquery.colorbox-min.js xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/plugins/system/modalizer/modals/jquery.min.js xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/zoom/zoom/zoom.js xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=20 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=25 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=30 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=35 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=40 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=45 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?limitstart=5 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=104:-2011&catid=3:2011-06-17-06-34-47&Itemid=9 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=141:2011-11-23-19-20-57&catid=3:2011-06-17-06-34-47&Itemid=9 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=179:-q-q xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=180:-2011- xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=184:-qq- xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=188:2012-02-23-07-16-10 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=189:22- xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=190:2012-02-26-05-06-22 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=193:pozdravlenie-s-8-marta xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=194:nashi-potencialnye-soperniki-na-olimpiade-vostokzapad xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=195:15go-marta-sostojalis-baklanovskie-sostjazanija-plastun-v-gorodegeroe-volgograde xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=196:reportazh-v-volgapresse xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=197:2012-03-20-10-36-43&catid=3:2011-06-17-06-34-47&Itemid=9 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=198:2012-03-22-23-10-14 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=199:sostav-sbornoj-komandy-na-olimpiadu-vostokzapad xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=200:2012-03-28-16-29-32 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=201:pozdravljaem-kotenjova-s-zasluzhennoj-nagradoj xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=2&Itemid=2 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=22&Itemid=10 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=23&Itemid=11 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=3&Itemid=3 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=4&Itemid=4 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=5&Itemid=5 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=6&Itemid=6 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=7&Itemid=7 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=article&id=8&Itemid=8 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=category&layout=blog&id=1&Itemid=13 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_content&view=category&layout=blog&id=3&Itemid=9 xn--80aadeapbbmqnj1cce9bbatr7ezf.xn--p1ai/index.php?option=com_xmap&sitemap=1
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 11:28:40 am: Code: [Select]
http://xn----7sboorocikaf8a1c.xn--p1ai/ http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/ja.ddmod.js http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/ja.script.js http://xn----7sboorocikaf8a1c.xn--p1ai/templates/ja_purity_ii/js/menu/css.js xn----7sboorocikaf8a1c.xn--p1ai/media/system/js/caption.js xn----7sboorocikaf8a1c.xn--p1ai/#Top xn----7sboorocikaf8a1c.xn--p1ai/index.php xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=13&Itemid=20 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=14&Itemid=19 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_content&view=article&id=16&Itemid=23 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=19&Itemid=10 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=29&Itemid=18 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=item&layout=item&id=31&Itemid=24 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=10&Itemid=25 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=3&Itemid=15 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=4&Itemid=16 xn----7sboorocikaf8a1c.xn--p1ai/index.php?option=com_k2&view=itemlist&layout=category&task=category&id=5&Itemid=17 xn----7sboorocikaf8a1c.xn--p1ai/index.php?view=article&catid=3:2011-06-01-19-22-24&id=15:2011-06-01-19-23-32&tmpl=component&print=1&layout=default&page=
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 15, 2012, 12:02:16 pm: Code: [Select]
xn------5cdaabkdeummgvtjc3gpfha6ap.xn--p1ai
HEUR:Trojan.Script.Generic
Trojan-Downloader.JS.JScript.ax
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 16, 2012, 04:57:00 am: Code: [Select]
http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/ http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/js/jquery.pixelentity.kenburnsSlider.min.js http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai//mc.yandex.ru/metrika/watch.js http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai//mc.yandex.ru/watch/12758911 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=10 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=12 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=13 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=14 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=15 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=16 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=2 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=3 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=4 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=6 http://xn---24-5cdablcza5abzy3aja9amodl8h.xn--p1ai/index.php?id=8
Trojan-Downloader.JS.Agent.gpp
Trojan.JS.Agent.FPX
Troj/PhoexRef-A
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 16, 2012, 09:59:32 pm: Code: [Select]
http://www.blue-events.pl/ http://www.blue-events.pl/galeria/ http://www.blue-events.pl/kontakt/ http://www.blue-events.pl/oferta/ http://www.blue-events.pl/o-nas/ http://www.blue-events.pl/wp-includes/js/l10n.js?ver=20101110
Trojan-Downloader.JS.Iframe.cvd
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 17, 2012, 05:22:53 am: Code: [Select]
http://euroinkaso.pl/ http://euroinkaso.pl/libs/jquery/jquery.tools.min.js http://euroinkaso.pl/libs/jquery/lightbox/js/jquery.lightbox-0.5.js http://euroinkaso.pl/12/windykacja/prewencja http://euroinkaso.pl/19/finanse/faktoring http://euroinkaso.pl/2 http://euroinkaso.pl/3 http://euroinkaso.pl/aktualnosci http://euroinkaso.pl/aktualnosci/25 http://euroinkaso.pl/aktualnosci/26 http://euroinkaso.pl/inwigilacja http://euroinkaso.pl/kontakt http://euroinkaso.pl/libs/SWFObject/swfobject.js http://euroinkaso.pl/mapa-serwisu http://euroinkaso.pl/pliki-do-pobrania http://euroinkaso.pl/referencje http://euroinkaso.pl/uslugi-detektywistyczne
Trojan-Downloader.JS.Iframe.cvd

http://128.111.48.236/view.php?hash=38d41246a2756e33cab9c3a580899c1b&t=1334639551&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 17, 2012, 07:39:00 pm: MW-Link

Code: [Select]
campari.shinsengumi-subs.info/tooltip.js
https://www.virustotal.com/url/8304cf64f7290e78df8bb65b20ebd396cc65bd8f09e34d664be96bda18306fa2/analysis/1334689338/

seems not to exist anymore

http://www.profitux.cz/errors/404.htm

hoster Profitux seems to care...But obviously not enough, because as seen here:

Code: [Select]
http://campari.shinsengumi-subs.info/mylist.htm (Caution: Trojan-Downloader.JS.Pegel.e)

still exists. Just follow the Network Activity and Redirects:

http://128.111.48.236/view.php?hash=0293673369a10630fc73318a3ce161c3&t=1334689079&type=js

So all in all someone considered to classify

Code: [Select]
campari.shinsengumi-subs.info/tooltip.js
as malicious, but instead forgot to check the redirect,

Code: [Select]
http://campari.shinsengumi-subs.info/mylist.js
who is indeed the real malicious one. That might be ONE reason however, how a false/positive „could“ be generated... However, noones perfect, especially no bytes

http://128.111.48.236/domain.php?hash=78aa59a1a5223fd836c6e0c1570b3129&type=js

Trojan-Downloader.JS.Pegel.e
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 18, 2012, 09:43:57 am: In addition to:

Code: [Select]
http://download2.100limiterodas.com.br/
https://www.virustotal.com/url/d2166bbca5d42706763eed3d41aa09ab8011315fb18c86e14ae5eed4a04cd97d/analysis/1334741953/

see also:

Code: [Select]
http://100limiterodas.com.br/ http://construtorarh.com.br/
https://www.virustotal.com/url/7c36519cf31982531b403a232078f32e6f96255e16b229a46ae6aba06e627a25/analysis/1334741674/
https://www.virustotal.com/url/e6786c3ceb798b6c6df96e949143aae11596bb54aa3c4513ad2e7866875a7e7f/analysis/1334741856/

Trojan.Win32.Jorik.Vobfus.aqmx
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 07:42:49 am: Code: [Select]
http://down.feel2day.com/newmain/webmain/nfdinstall.exe
https://www.virustotal.com/url/f2a85e01dbdab0781ad6a37e376d1dc895f020b8cb03247c59c1420496afe305/analysis/1334752685/
https://www.virustotal.com/file/45d34bc29f82d26ff62859fc37e93e004d78083929a7b9f79cc4dea156ba049e/analysis/1334752693/

Trojan.Win32.Genome.aespr
Adware:Win32/Funpop
NSIS:Downloader-DJ [Trj]
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:19:57 am: Code: [Select]
http://down.neoprotect.com/neopuninst.exe
https://www.virustotal.com/url/e194d5a5c275bb074f969c4912a7e1792f340aa48a8176b58874f6fe1bd34cbd/analysis/1334826502/
https://www.virustotal.com/file/a04f7902085952c25baaa411e2be27370a92548f1840dec2dac0c3940b1a43f0/analysis/1334826506/

Adware/Aprotect.B.9
Trojan-Downloader.Agent!IK
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:28:01 am: Code: [Select]
http://down.pcgkimi.com/install/home/PcGkimi_setup.exe
Adware/Kraddare.AT.138
Gen:Variant.Graftor.873
TROJ_GEN.F4AC8J5
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 09:56:21 am: Code: [Select]
http://up1.anygray.com/setupFiles/AnyGraySetup%20WebBeta1.0.0.0.exe
Heuristic.BehavesLike.Win32.Fake.O

https://www.virustotal.com/file/ac539d9b920a025ca9a2db563d5fd992c1fc5859961d23303eb6879b58503e83/analysis/1334828731/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 11:38:23 am: Code: [Select]
http://up1.one-clean.com/Install/OneClean/OneClean_Setup.exe
Downloader.Generic10.AFJG
Artemis!73B75B2EE08E
a variant of Win32/TrojanDownloader.Small.OZA

https://www.virustotal.com/url/186ae8a0cfa6971a3b748e303a1157d72d0c4377e42a8601970b0938472084a7/analysis/1334834748/
https://www.virustotal.com/file/05250bf48aa352c9a57bae02939516582042b417fdd820ca501a6f84738d353f/analysis/1334834753/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 19, 2012, 07:09:43 pm: Code: [Select]
http://wats.ch/ http://www.wats.ch/
Trojan.JS.Iframe.aai
JS/iFrame.bbn

http://128.111.48.236/view.php?hash=e7cb5b0a7f1c0f6c440696654259479e&t=1334861913&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 20, 2012, 08:35:32 am: Code: [Select]
http://www.puretonefitness.co.uk/ http://www.puretonefitness.co.uk/about-me-3/ http://www.puretonefitness.co.uk/contact-me/ http://www.puretonefitness.co.uk/fitness-challenge/ http://www.puretonefitness.co.uk/personal-training-bristol/ http://www.puretonefitness.co.uk/personal-training-forms/ http://www.puretonefitness.co.uk/prices/ http://www.puretonefitness.co.uk/service/ http://www.puretonefitness.co.uk/site-map/ http://www.puretonefitness.co.uk/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 http://www.puretonefitness.co.uk/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5 http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/cufon.js http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/fonts/ColaborateLight.js http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/functions.js?ver=3.1.3 http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.kwicks.min.js?ver=3.1.3 http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.nivo.slider.pack.js?ver=3.1.3 http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.prettyPhoto.js?ver=3.1.3 http://www.puretonefitness.co.uk/wp-content/themes/ecobiz/js/jquery.tools.tabs.min.js?ver=3.1.3 http://www.puretonefitness.co.uk/wp-includes/js/jquery/jquery.js?ver=1.4.4 http://www.puretonefitness.co.uk/wp-includes/js/l10n.js?ver=20101110
Trojan-Downloader.JS.Agent.gnk
Trojan.JS.Agent.EXP
Trojan:JS/Alescurf.D
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 20, 2012, 09:22:18 pm: Code: [Select]
http://www.30days.gr http://www.30days.gr/ http://www.30days.gr/index.php/13siethnespanoramaanexartitondhmiourgonkinhmatografouekth15161718dekemvriou/ http://www.30days.gr/index.php/about-us/ http://www.30days.gr/index.php/animasyrosopenhouse100pureanimationkaisththessalonikistis28ianoyarioy/ http://www.30days.gr/index.php/animasyrosopenhouse100pureanimationkaisththessalonikistis28ianoyarioy/#commentspost http://www.30days.gr/index.php/animation_diethnes_festival_foroum_kinoumenonsxedion_animasyros4/ http://www.30days.gr/index.php/anyshxei_eidikoys_okeanos/ http://www.30days.gr/index.php/author/admin/ http://www.30days.gr/index.php/category/%ce%b1%cf%84%ce%b1%ce%be%ce%b9%ce%bd%cf%8c%ce%bc%ce%b7%cf%84%ce%b1/ http://www.30days.gr/index.php/category/%ce%b4/ http://www.30days.gr/index.php/category/%ce%b5/ http://www.30days.gr/index.php/category/%ce%b6/ http://www.30days.gr/index.php/category/%ce%b7/ http://www.30days.gr/index.php/category/%ce%b8/ http://www.30days.gr/index.php/category/%ce%b9/ http://www.30days.gr/index.php/category/%ce%bb/ http://www.30days.gr/index.php/category/%ce%bc/ http://www.30days.gr/index.php/category/%ce%bd/ http://www.30days.gr/index.php/category/%ce%be/ http://www.30days.gr/index.php/category/%ce%bf/ http://www.30days.gr/index.php/category/%cf%80/ http://www.30days.gr/index.php/category/%cf%81/ http://www.30days.gr/index.php/category/%cf%83/ http://www.30days.gr/index.php/category/%cf%84/ http://www.30days.gr/index.php/category/%cf%85/ http://www.30days.gr/index.php/category/%cf%86/ http://www.30days.gr/index.php/category/%cf%87/ http://www.30days.gr/index.php/category/%cf%88/ http://www.30days.gr/index.php/category/%cf%89/ http://www.30days.gr/index.php/category/a/ http://www.30days.gr/index.php/category/b/ http://www.30days.gr/index.php/category/business/ http://www.30days.gr/index.php/category/business/%ce%b3/ http://www.30days.gr/index.php/category/business/%ce%ba/ http://www.30days.gr/index.php/category/business/accessories/ http://www.30days.gr/index.php/category/business/advertisement-companies/ http://www.30days.gr/index.php/category/business/aesthetics/ http://www.30days.gr/index.php/category/business/aesthetics/manicure-penticure/ http://www.30days.gr/index.php/category/business/architects/ http://www.30days.gr/index.php/category/business/awninngs/ http://www.30days.gr/index.php/category/business/bakeries/ http://www.30days.gr/index.php/category/business/bathroom-equipment/ http://www.30days.gr/index.php/category/business/biological-ecological-products/ http://www.30days.gr/index.php/category/business/book-stores/ http://www.30days.gr/index.php/category/business/cafe-bar/ http://www.30days.gr/index.php/category/business/cardiologists/ http://www.30days.gr/index.php/category/business/car-services/ http://www.30days.gr/index.php/category/business/car-services/buysell-cars/ http://www.30days.gr/index.php/category/business/car-services/car-alarms-music-players/ http://www.30days.gr/index.php/category/business/car-services/car-cleaners-washers/ http://www.30days.gr/index.php/category/business/car-services/car-painters/ http://www.30days.gr/index.php/category/business/car-services/car-resellers/ http://www.30days.gr/index.php/category/business/car-services/car-suspensions/ http://www.30days.gr/index.php/category/business/car-services/car-technical-check/ http://www.30days.gr/index.php/category/business/car-services/gas-stations-oil/ http://www.30days.gr/index.php/category/business/car-services/voulkan/ http://www.30days.gr/index.php/category/business/catering/ http://www.30days.gr/index.php/category/business/cleaning-services/ http://www.30days.gr/index.php/category/business/clothes/ http://www.30days.gr/index.php/category/business/clothes/babies-children/ http://www.30days.gr/index.php/category/business/clothes/couturiers/ http://www.30days.gr/index.php/category/business/clothes/leather-accessories/ http://www.30days.gr/index.php/category/business/clothes/woman-clothes/ http://www.30days.gr/index.php/category/business/colours/ http://www.30days.gr/index.php/category/business/computers/ http://www.30days.gr/index.php/category/business/curtains/ http://www.30days.gr/index.php/category/business/dancing-school/ http://www.30days.gr/index.php/category/business/dentist/ http://www.30days.gr/index.php/category/business/dermatologists/ http://www.30days.gr/index.php/category/business/diet-doctors/ http://www.30days.gr/index.php/category/business/doctors-doctors-business/ http://www.30days.gr/index.php/category/business/doctors-doctors-business-business/ http://www.30days.gr/index.php/category/business/dostors/ http://www.30days.gr/index.php/category/business/education/ http://www.30days.gr/index.php/category/business/education/centres-of-foreigner-languages/ http://www.30days.gr/index.php/category/business/education/tuition-centres/ http://www.30days.gr/index.php/category/business/electricians/ http://www.30days.gr/index.php/category/business/electric-machines/ http://www.30days.gr/index.php/category/business/electric-machines/services/ http://www.30days.gr/index.php/category/business/elevators-lifts/ http://www.30days.gr/index.php/category/business/energy/ http://www.30days.gr/index.php/category/business/event-rooms/ http://www.30days.gr/index.php/category/business/flower-shops/ http://www.30days.gr/index.php/category/business/funeral-offices/ http://www.30days.gr/index.php/category/business/furniture/ http://www.30days.gr/index.php/category/business/furniture/children-furniture/ http://www.30days.gr/index.php/category/business/furniture/home-furniture/ http://www.30days.gr/index.php/category/business/furniture/kitchen-furniture/ http://www.30days.gr/index.php/category/business/garden/ http://www.30days.gr/index.php/category/business/garden/flower-shop/ http://www.30days.gr/index.php/category/business/garden/garden-shop/ http://www.30days.gr/index.php/category/business/gastroenterologists/ http://www.30days.gr/index.php/category/business/general-practitioners/ http://www.30days.gr/index.php/category/business/gifts/ http://www.30days.gr/index.php/category/business/graphic-design/ http://www.30days.gr/index.php/category/business/gym/ http://www.30days.gr/index.php/category/business/gynecologic/ http://www.30days.gr/index.php/category/business/hairdressers/ http://www.30days.gr/index.php/category/business/heating/ http://www.30days.gr/index.php/category/business/hospitals-health-center/ http://www.30days.gr/index.php/category/business/insurance-companies/ http://www.30days.gr/index.php/category/business/kindergartens/ http://www.30days.gr/index.php/category/business/lawyers/ http://www.30days.gr/index.php/category/business/medical-instruments/ http://www.30days.gr/index.php/category/business/microbiologists/ http://www.30days.gr/index.php/category/business/motorcycle/ http://www.30days.gr/index.php/category/business/neurologists/ http://www.30days.gr/index.php/category/business/obstructions/ http://www.30days.gr/index.php/category/business/oculist/ http://www.30days.gr/index.php/category/business/oncologist/ http://www.30days.gr/index.php/category/business/opticians/ http://www.30days.gr/index.php/category/business/orthopedic/ http://www.30days.gr/index.php/category/business/pastry-shop/ http://www.30days.gr/index.php/category/business/pediatricians/ http://www.30days.gr/index.php/category/business/phsycologist/ http://www.30days.gr/index.php/category/business/plastic-surgeons/ http://www.30days.gr/index.php/category/business/professional-equipment-provider/ http://www.30days.gr/index.php/category/business/psychiatric/ http://www.30days.gr/index.php/category/business/rebuilding/ http://www.30days.gr/index.php/category/business/recycling/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/grill/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/ouzo-tavern/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/pizza/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/restaurant/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/tavern/ http://www.30days.gr/index.php/category/business/restaurant-tavern-grill/titbits-shop/ http://www.30days.gr/index.php/category/business/satellite-systems/ http://www.30days.gr/index.php/category/business/sign/ http://www.30days.gr/index.php/category/business/sound-and-optical-systems/ http://www.30days.gr/index.php/category/business/sports/ http://www.30days.gr/index.php/category/business/travel-equipment/ http://www.30days.gr/index.php/category/business/vet/ http://www.30days.gr/index.php/category/business/video-club/ http://www.30days.gr/index.php/category/business/wedding-baptism/ http://www.30days.gr/index.php/category/ecology/ http://www.30days.gr/index.php/category/entertainment/ http://www.30days.gr/index.php/category/entertainment/books/ http://www.30days.gr/index.php/category/entertainment/cinema/ http://www.30days.gr/index.php/category/entertainment/cinema/feed/ http://www.30days.gr/index.php/category/entertainment/cinema/new-dvd-releashes/ http://www.30days.gr/index.php/category/entertainment/music/ http://www.30days.gr/index.php/category/entertainment/music/feed/ http://www.30days.gr/index.php/category/entertainment/theater/ http://www.30days.gr/index.php/category/entertainment/tv-news/ http://www.30days.gr/index.php/category/featured/ http://www.30days.gr/index.php/category/health/ http://www.30days.gr/index.php/category/health/diet/ http://www.30days.gr/index.php/category/health/doctors/ http://www.30days.gr/index.php/category/health/fitness/ http://www.30days.gr/index.php/category/health/health-general/ http://www.30days.gr/index.php/category/health/psychology/ http://www.30days.gr/index.php/category/news/ http://www.30days.gr/index.php/category/news/feed/ http://www.30days.gr/index.php/category/news/greece/ http://www.30days.gr/index.php/category/news/technology/ http://www.30days.gr/index.php/category/news/weird/ http://www.30days.gr/index.php/category/news/world/ http://www.30days.gr/index.php/category/recipes/ http://www.30days.gr/index.php/category/recipes/feed/ http://www.30days.gr/index.php/category/recipes/tips/ http://www.30days.gr/index.php/contact/ http://www.30days.gr/index.php/efyge_mixalhs_kakogiannhs/ http://www.30days.gr/index.php/eidos_pros_eksafanish_h_sokolata/ http://www.30days.gr/index.php/exoikonomisi_nerou/ http://www.30days.gr/index.php/fotovoltaika_adeia_paragogis_deftero_megalytero_parko_ellad/ http://www.30days.gr/index.php/giati_xrhsimopoioume_bologika_proionta/ http://www.30days.gr/index.php/h_kampania_megalou_kanaliou_apespase_akoma_diakrish/ http://www.30days.gr/index.php/hmtstikh_synfonia_arvyla/ http://www.30days.gr/index.php/ipopsiofiuothtes-gia-tis-xryses-sfaires/ http://www.30days.gr/index.php/masterchefii_agnosto_poios_paroysiazei/ http://www.30days.gr/index.php/meli_ygros_xrysos/ http://www.30days.gr/index.php/melomakarona/ http://www.30days.gr/index.php/nekrh_vrethike_diamerisma_eimy_gouainxaouz/ http://www.30days.gr/index.php/neoalbum_mus/ http://www.30days.gr/index.php/noikiaste_aftokinito_draxmes/ http://www.30days.gr/index.php/oijames_live_sththessaloniki_stis04-10-2011_stoivanofeio_ghpedo_mpasket_hraklh/ http://www.30days.gr/index.php/oiredhotchilipeppersgiaprothforasthnellada/ http://www.30days.gr/index.php/onemo_xanei_akoh/ http://www.30days.gr/index.php/oscar2012oimegaloinikhtes/ http://www.30days.gr/index.php/oscar2012oimegaloinikhtes/#commentspost http://www.30days.gr/index.php/oyanntiersen_epistrefei_sthn_ellada/ http://www.30days.gr/index.php/paella/ http://www.30days.gr/index.php/paizontas_pisina_asfaleia/ http://www.30days.gr/index.php/panselinos_meta_mousikhs/ http://www.30days.gr/index.php/pethane_oidryths_ths_apple_steve_jobs/ http://www.30days.gr/index.php/pethaneoskinothetisthodorosaggelopoulosapotroxaio/ http://www.30days.gr/index.php/pethaneoskinothetisthodorosaggelopoulosapotroxaio/#commentspost http://www.30days.gr/index.php/rockwavefestival2012/ http://www.30days.gr/index.php/sigisehfonhtoydimitrimitropanoyftoxoterhhellhnikhmousikiskhnh/ http://www.30days.gr/index.php/sigisehfonhtoydimitrimitropanoyftoxoterhhellhnikhmousikiskhnh/#commentspost http://www.30days.gr/index.php/staskarianeoshrialtoygiorgoukapoutzidh/ http://www.30days.gr/index.php/stin_kriti_hamerikanikh_ekpompi_thecookingodysse/ http://www.30days.gr/index.php/ta_athlimata_kalokairiou/ http://www.30days.gr/index.php/tamcdonaldsallaxantaxampourgermetaapopieseistoyjamie-oliver/ http://www.30days.gr/index.php/tamcdonaldsallaxantaxampourgermetaapopieseistoyjamie-oliver/#commentspost http://www.30days.gr/index.php/tospitakitainiaupzontanevei/ http://www.30days.gr/index.php/toxoriotouaivasili_gia3hxronia_stomylo/ http://www.30days.gr/index.php/vasilopita/ http://www.30days.gr/index.php/xristougenniatikampiskotameglaso/ http://www.30days.gr/index.php/xrysessfaires2012/ http://www.30days.gr/index.php/xrysessfaires2012/#commentspost http://www.30days.gr/wp-content/plugins/1-flash-gallery/js/gallery/photoGallery.js?ver=3.3.1 http://www.30days.gr/wp-content/plugins/1-flash-gallery/js/swfhelper.js?ver=3.3.1 http://www.30days.gr/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52 http://www.30days.gr/wp-content/plugins/contact-form-7/scripts.js?ver=3.0.2.1 http://www.30days.gr/wp-content/plugins/google-analyticator/external-tracking.min.js?ver=6.2 http://www.30days.gr/wp-content/plugins/sexybookmarks/js/sexy-bookmarks-public.min.js?ver=4.0.6.4 http://www.30days.gr/wp-content/plugins/sexybookmarks/js/shareaholic-perf.min.js?ver=4.0.6.4 http://www.30days.gr/wp-content/themes/manifesto/js/dropdown.js http://www.30days.gr/wp-content/themes/manifesto/js/loopedslider.min.js http://www.30days.gr/wp-content/themes/manifesto/js/simpletabs.js http://www.30days.gr/wp-includes/js/jquery/jquery.js?ver=1.7.1 http://www.30days.gr/wp-includes/js/swfobject.js?ver=2.2 http://www.30days.gr/wp-includes/js/thickbox/thickbox.js?ver=3.1-20111117

Trojan-Downloader.JS.Agent.gnk
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 08:21:12 am: Code: [Select]
http://www.resolucion-9298.com.ar/usuarios/index_user.asp
Trojan-Downloader.JS.Agent.gkb

http://128.111.48.236/view.php?hash=263daabe332bc6e458bdf019e10ff8bb&t=1334996167&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 08:35:59 am: Code: [Select]
http://down.nurungzi.co.kr/main/webmain/sinnrz.exe
Trojan-Downloader.Win32.Adload.cezb

https://www.virustotal.com/url/7966b3c419f47d84e0250f976ff2a0691fb6428cb621bf864c74bf55411ad6fe/analysis/1334997158/
https://www.virustotal.com/file/02c2dbbd53b3c1d4e10fcb9c673cb98943097386b22aa2228276491f497254b1/analysis/1334997167/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 09:55:55 am: Code: [Select]
http://www.alivegames.net/files/reflexive/LittleShopOfTreasuresSetup.exe
Trojan.Win32.Generic.124210FE
Trojan.DL.Agent!ojCmqAnPfTU

https://www.virustotal.com/url/ecd55a451c7f37a86e93da4106817239051019070ee51ef5ddf41514f1317292/analysis/1335001690/
https://www.virustotal.com/file/dce184d9d15246dac184c0ef11684b39fe2a72af68497bb0a285083d0c048d2a/analysis/1335001713/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:03:29 am: Code: [Select]
http://www.alivegames.net/files/StarDefenderSetup.exe
Win32.PWS.Zbot.Cc

https://www.virustotal.com/url/5df643c2caf18835cd6cd6324b0d11ff6aa73a025a26d0ad94bcee74a5a60324/analysis/1335002400/
https://www.virustotal.com/file/551a7127996689a1af124a34885298d294e58a9a493b7ba87eb0cc48da33b1bb/analysis/1335002402/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:14:25 am: Code: [Select]
www.alivegames.net/files/reflexive/AirStrike2Setup.exe
Backdoor.Win32.Agobot.rsp

https://www.virustotal.com/url/634e7c72942818c26f6a5bd9d2dfa3175ac906ddcde983f0fcd8e87654080a13/analysis/1335002765/
https://www.virustotal.com/file/2063a610ad6d698a402fd4c9b93fc3b9a71f54b426b2ebafb4c92f415a66cf39/analysis/1335002786/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 10:26:25 am: Code: [Select]
http://www.alivegames.com/files/ClashAff_13326.exe
Trojan/Gentee.a

https://www.virustotal.com/url/583785e56254bcdb55d352771957c7cb7eb845b77b4c4ab4bd96c12af87c5ab2/analysis/1335003716/
https://www.virustotal.com/file/b8b48b4f5a8127ebbd7160126844578566979e11bfd90cf3f3071ffee8207606/analysis/1335003722/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:27:40 am: Code: [Select]
http://www.alivegames.net/files/SmartReversiSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/4daf7a8cef28a5d720823ad95df1c33aca8e4599ec9be469c50301cfc7a1d9ed/analysis/1335003878/
https://www.virustotal.com/file/572fc625f5a6cfaea6504a33f9ae1fcd9407167e4c22340ebdaa59644c386249/analysis/1335003879/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:31:32 am: Code: [Select]
http://www.alivegames.net/files/SeaWarSetup.exe
Adware/Gator.3202

https://www.virustotal.com/url/5741de2369c7d6c3c20942cc9cba71aff66def09e9d97961b3897a46835ce181/analysis/1335007704/
https://www.virustotal.com/file/c558d5a8afbf4b2281e672ca1ef23b28160180e1be46656457067a9630f5562c/analysis/1335007707/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:35:13 am: Code: [Select]
www.alivegames.net/files/BombardixSetup.exe
Suspicious File (eSafe)
PUA.Packed.ASPack (ClamAV)

https://www.virustotal.com/url/568b43efb4b013c88338d13b4f9cd1a8444d28561791273df625ab11fe353aa9/analysis/1335007919/
https://www.virustotal.com/file/d80b6fb2a6a3f535a1018eefbd72932bfc28c16089a90d82a793595f01a1dff6/analysis/1335007922/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 11:38:48 am: Code: [Select]
http://www.alivegames.net/files/FoxJonesSetup.exe
Win32.PWS.Zbot.Cc

https://www.virustotal.com/url/484efbe7e528ce5082854328f4281fac8e3e990958babcfcaa48103cea9115aa/analysis/1335008150/
https://www.virustotal.com/file/df26d09a6bd55f80ccc4f0b805c36d9a5b6eb5dc469ad0a666d57ec2548eeac3/analysis/1335008155/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:01:46 pm: Code: [Select]
http://www.alivegames.net/files/reflexive/PlatypusSetup.exe
Trojan.Click1.28648
Trojan:Win32/Provis!rts
Trojan.Win32.Generic.124C5A5B

https://www.virustotal.com/url/23f8e1a0b983e894b6a891e98f24ae125c342b4cd8f1f2089a666256aa24f59c/analysis/1335009350/
https://www.virustotal.com/file/e925019502a5df0fc0b943e828fa02402fb05bac1fd7b71ff38013516a537eda/analysis/1335009364/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:20:39 pm: Code: [Select]
http://www.alivegames.net/files/PacBomberSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/2bb81aa123fd1fd500f283508c5813ebd5844fb16a88dede3c54131161b7a0fd/analysis/1335010447/
https://www.virustotal.com/file/3554675acd44ab3f4580d9be6307b8f9e736f9739721e8bc472c6110935d15cb/analysis/1335010450/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:28:56 pm: Code: [Select]
http://www.alivegames.net/files/LiveBilliardsSetup.exe
Adware/Gator.3202

https://www.virustotal.com/url/b21cc4cb949e9335b19f195f2e71a55e668ab23d6834c4c1ca637fc4d5ae5912/analysis/1335011119/
https://www.virustotal.com/file/8cc52810b2176919aa6fa17de0c65c8c0ea1491966fb28833c3ff3918aeeca34/analysis/1335011125/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:37:06 pm: Code: [Select]
http://www.alivegames.net/files/JuicyPuzzleSetup.exe
PUA.Packed.ASPack
Trojan.Win32.Spy!IK
Trojan.Win32.Spy

https://www.virustotal.com/url/376123d1b6deacfd74a8682a4846096b01fdb1ed2723b6a4157879bda87bf3cf/analysis/1335011400/
https://www.virustotal.com/file/a9dd68667327dc4a3ed1f2ceeb3c41e8f1526d1f2c86418689f56acc32dbc949/analysis/1335011405/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:47:13 pm: Code: [Select]
http://www.alivegames.net/files/reflexive/WonderlandSetup.exe http://www.alivegames.net/files/reflexive/PuzzleMythSetup.exe
Trojan.Click2.14015

https://www.virustotal.com/url/98e9f9ed4ddffaa8686e071b235e1ec7b78c7b5276e1e4c92047c240143ace85/analysis/1335012180/
https://www.virustotal.com/file/166958556c4881eb3c6fbc145bc98785d5ac0b5bb42fe6d0fd6a2cea53db3ff7/analysis/1335012186/
https://www.virustotal.com/url/c51e09d7198acb37c8a4acc970d1d372a83dded27f55a1eb94fb0f73742810f7/analysis/1335012091/
https://www.virustotal.com/file/4e75ba0bf6e8dd6a802bbb0a64aa5d51b6ad7b6cd01fb5bb4774286d27d46813/analysis/1335012096/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 21, 2012, 12:48:27 pm: Code: [Select]
http://www.alivegames.net/files/reflexive/SuperCollapsePuzzleSetup.exe
Win32/Heur (AVG)

https://www.virustotal.com/url/e157be6cd08a0f3997bea89c57d50c14c7879d823d5e4437f88db55413740429/analysis/1335012132/
https://www.virustotal.com/file/bfa1f22346b1d040e888eebfcdaf18c8fc155b9e3cd901264448f91a8d8ae3a6/analysis/1335012142/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 10:00:18 am: Code: [Select]
http://www.regnow.com/softsell/visitor.cgi?affiliate=13326&action=site&vendor=8052&ref=http://www.awem.com/files/pacboy.exe
Suspicious

http://128.111.48.236/view.php?hash=a56767818bd4addadf69ac8ac4eca2fb&t=1335088515&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 10:12:33 am: Code: [Select]
http://www.alivegames.com/files/SmartReversiSetup.exe
PUA.Packed.ASPack

https://www.virustotal.com/url/c95f176d84bc706f58922fde5e8cccaa80f1baaa07a8b464aeb9408a083f62bd/analysis/1335089387/
https://www.virustotal.com/file/572fc625f5a6cfaea6504a33f9ae1fcd9407167e4c22340ebdaa59644c386249/analysis/1335089389/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:02:09 am: Keylogger

Code: [Select]
http://www.award-soft.com/download/klsetup.exe
WS.Reputation.1

https://www.virustotal.com/url/557595bba1c8548e06c8143336755b49cb8fe62f7268f36eb770b535080cf2e4/analysis/1335092294/
https://www.virustotal.com/file/26942caa0852bf4521072fda92d87129b46d3ca8fd097d0912ea5a95dcf5fbb6/analysis/1335092297/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:13:06 am: Keylogger

Code: [Select]
http://www.award-soft.com/download/klproinstall.exe
Riskware.Monitor.Win32.Keylogger!IK
not-a-virus:Monitor.Win32.KeyLogger.brr
Spyware.KeyloggerPro

https://www.virustotal.com/url/7a58828bc5ef39ad4ccc098da9c7a4a47557a8e0cdaa3c20cc131e4f2c7e14d7/analysis/1335092731/
https://www.virustotal.com/file/3e020c0659e07a3c4973491662e92ac1768d7c9d561ba83535e3ac8ac94b31e3/analysis/1335092736/
http://128.111.48.236/view.php?hash=9edb6df06478319e755acb99272f6744&t=1335092713&type=js

Keylogger-64bit

Code: [Select]
http://www.award-soft.com/download/klproinstall64.exe
Keylog-AwardKey
MonitoringTool:Win64/AwardKeylogger

https://www.virustotal.com/url/006ef8504edc8120d22a41b83e6dd03ac577728347e62241d027ba32113a78b0/analysis/1335092785/
https://www.virustotal.com/file/f517f47bd72e0ce858cd7c7c710678ba91de9b5e84263aebc7b47785313f30ae/analysis/1335092795/
http://128.111.48.236/view.php?hash=4a1133bbbae4adfca7f7a33ce1d17188&t=1335092776&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 22, 2012, 11:17:07 am: Keylogger

Code: [Select]
http://www.award-soft.com/download/pminstall.exe
not-a-virus:Monitor.Win32.KeyLogger.amd
Keylog-AwardPersonalMon
Spyware.KGBSpy

https://www.virustotal.com/url/3c12bb84fdc2b365168c6e367898bfff1c5fa33f50a250538aaf9482995021cc/analysis/1335093228/
https://www.virustotal.com/file/9fdd5141b7856f6a79eabfcc8c58cb6409c018f9e6c36518567676324fc0e072/analysis/1335093233/
http://128.111.48.236/view.php?hash=059f1323a2384ba28693def5a6dc0564&t=1335093218&type=js
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 23, 2012, 07:40:38 am: Code: [Select]
http://minecraft.filecook.com/
redirects ---> to

Code: [Select]
http://download.filecook.com/download3.php?n=MineCraft_v1_0.exe
TR/Dldr.NoAsk.A
Win32:PUP-gen [PUP]
unknown virus Win32/DH.FF8801A5{00000000-00000020-00804002-00000000}
TrojanDownloader.Generic.ujc
Artemis!90DA2A390057
Win32/TrojanDownloader.Agent.REE
Posible_Worm32
suspected of Trojan.Downloader.gen.h
Trojan.Win32.Generic.pak!cobra

http://128.111.48.236/view.php?hash=423978e5f1a76e4cd7904478cbdddf04&t=1335165961&type=js
http://anubis.iseclab.org/?action=result&task_id=1d2dfb0f53a0d1ba4112afbb0b06cbc5a
https://www.virustotal.com/url/2d02070da1fef3c1ad275d14438cb187fbc0ba8a39008df79b5801279d25d30b/analysis/1335166008/
https://www.virustotal.com/url/637cc8b01e12a8101bda9c57f296b04c2e9e3baf56e60943b75d8cf01ddbb11b/analysis/1335166096/
https://www.virustotal.com/file/255aead7d27bb8fa658d7ab3f3a5660856c719b7700a0cce22a9fd387a7ed354/analysis/1335166322/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 25, 2012, 12:37:06 pm: Code: [Select]
www.axito.com/Crossloop.exe
not-a-virus:RemoteAdmin.Win32.WinVNC.gc

https://www.virustotal.com/url/7ef798b7748edf66c78fc9a36bb9bb88889bff1a1b071a7585c5975e23b97437/analysis/1335353869/
https://www.virustotal.com/file/6a47e7e254a43b12bcefcb4e7084bb81dff67bf5005845c3b7754997dcf83fb7/analysis/1335353876/
http://128.111.48.236/view.php?hash=e47d3f4c02864da7d6eaa5eafc48334e&t=1335353898&type=js

Code: [Select]
www.axito.com/Download/7z465.exe
Additional (potential) malware:
http://128.111.48.236/view.php?hash=93667b440b564f948d7f3d98e67815de&t=1335354198&type=js
http://anubis.iseclab.org/?action=result&task_id=14c55162fd45b9f3431ce4c72da82ed8e

Code: [Select]
http://www.axito.com/Download/PSsetup.exe
Additional (potential) malware:
http://128.111.48.236/view.php?hash=07cd3353725a0da9cf001d659f213da4&t=1335355261&type=js
http://anubis.iseclab.org/?action=result&task_id=11ce1ae4abdfff29439c6a78564ca8131

Code: [Select]
www.axito.com/Download/wrar380nl.exe
Heur.Packed.Unknown
Win32.Banker

https://www.virustotal.com/url/f4272126e53e66749312fde7684ba3e00928e8446b73837c93725dc3b3664f16/analysis/1335356787/
https://www.virustotal.com/file/f3b70721fce7947eac8af44ebca3795f2a913c561862449452bacc99061a5374/analysis/1335356792/
http://128.111.48.236/view.php?hash=d8142be54d940ea6afd38550ebeb7750&t=1335356738&type=js
http://anubis.iseclab.org/?action=result&task_id=16f2fb83feff1ba74c179eb2dc91a0518
Title: Re: Honeypots forgotten Links...
Post by: dlipman on April 25, 2012, 12:54:50 pm: Quote from: GaryDee on April 25, 2012, 12:37:06 pm
Code: [Select]
www.axito.com/Download/wrar380nl.exe

WinRAR from 2008, False Positives

Quote from: GaryDee on April 25, 2012, 12:37:06 pm
Code: [Select]
www.axito.com/Download/7z465.exe

7-Zip 4.65 from 2009, False Positives

Quote from: GaryDee on April 25, 2012, 12:37:06 pm
Code: [Select]
http://www.axito.com/Download/PSsetup.exe

This too appears to be a False Positive for a possible PostScript print driver or some other form.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 26, 2012, 10:10:52 am: Code: [Select]
http://www.2shared.com/file/10073685/81fbf320/AionKtz_125English.html http://dc104.2shared.com/download/1LAUZdY8/AionKtz_125English.rar?tsid=20120426-092139-995279e7
TR/PSW.Magania.clza
PSW.OnlineGames3.BDHX
Trojan.Generic.3283892

https://www.virustotal.com/file/62be6a141f487435647165ae94724d8c2b391fdc922565002214c1f5c109792e/analysis/1335432391/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126English.rar http://www.2shared.com/file/10541005/f0cb2672/AionKtz_126English.html
Win32:Malware-gen
HEUR:Trojan.Win32.Generic
VirTool:Win32/Obfuscator.XZ

https://www.virustotal.com/url/cc234718262f5d6e01e8e5ec6fbde52f1a8b3589c49e77aa2b99e261d24ee7bb/analysis/1335432561/
https://www.virustotal.com/file/76596f36f5676d4c0179ba19c8aa4e3f17aff7b4bdba8ac89d7c03f836926ff3/analysis/1335432564/

Code: [Select]
http://www.2shared.com/file/10296534/d2684b7c/AionKtz_RURussia102rar.html
PSW.OnlineGames3.BDHX
Artemis!F7FB32F5F9C7
Trojan/Magania.clza

https://www.virustotal.com/file/4c362d9d68229e67f214a09ef5bf9405e485533645289755e6ba5e6b44cfc5eb/analysis/1335433853/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126French.rar
PSW.OnlineGames3.BDHX
Backdoor.Win32.Agent.bfop
VirTool:Win32/Obfuscator.XZ

https://www.virustotal.com/url/17d7f0902420b72089212fa98d6d010e07145c0a204e6b0619d3ea65d7904a80/analysis/1335434111/
https://www.virustotal.com/file/9316ef38d2250bf931496aa2977d82be1745abb746de15abf99d6652bb54d8ed/analysis/1335434114/

Code: [Select]
http://www.aionktzbot.com/files/AionKtz_126Swedish.rar
HEUR:Trojan.Win32.Generic
Trojan.Generic.3283892
Trojan/Magania.clza

https://www.virustotal.com/url/c0d9bc330bfcbaaf51a020478cb920248a6dc0d2d86f8ed8dc3817e60a9026bc/analysis/1335434465/
https://www.virustotal.com/file/3d34742828931f39b174c78b139dc46ff4a83cbb9287a4fd76f9cb7b10d6f92f/analysis/1335434470/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 26, 2012, 10:44:12 am: Code: [Select]
http://rapidshare.com/files/162927456/Data_Unpacker.rar
TrojanDropper.Agent.vcc

https://www.virustotal.com/file/77d9db1b8065280efd73360c91611fdbd8f4a0116ee1aa4d518745e6ef184b4b/analysis/1335436708/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on April 30, 2012, 12:07:45 pm: Code: [Select]
http://i.cr3ation.co.uk/dl/s1/exe/7278.spkd.www.ariap30.com.exe
Code: [Select]
http://archivosrecuperar.com/free-download/7278.spkd.www.ariap30.com.exe?c=GceGAUINoQ0qyJeIQ1af6kqv98ZmMAnIWp6hkvEgF6C9VsQb44zHKGcNe2s4q3bAhIADAtD3vepZCicWK8uHXw%3D%3D
HackTool.Win32.KeyFinder.b

https://www.virustotal.com/file/6b6e94c4e6e619f8cb2076a06e62564450adc5ccde982ba9c5ddc966bc8cc83f/analysis/1335787692/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 03, 2012, 05:01:26 pm: Code: [Select]
http://fc.yesnet.yk.ca/ClientDownloads/FC9106US.EXE
Additional (potential) malware:

http://wepawet.iseclab.org/view.php?hash=b6f951a83e4024720f657ccf5ec8c9c5&t=1336063011&type=js
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 03, 2012, 08:00:22 pm: Quote from: GaryDee on May 03, 2012, 05:01:26 pm
Code: [Select]
http://fc.yesnet.yk.ca/ClientDownloads/FC9106US.EXE
Additional (potential) malware:

http://wepawet.iseclab.org/view.php?hash=b6f951a83e4024720f657ccf5ec8c9c5&t=1336063011&type=js

Yukon Education Student Network First Class client software.

NOT malware!
Title: Re: Honeypots forgotten Links...
Post by: Amishrabbit on May 04, 2012, 12:27:06 am: Where do you come up with these links, GaryDee?
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 04, 2012, 02:16:15 am: I don't know, does he posted *any* link to real malware for all this time?
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:03:03 pm: Code: [Select]
http://www.asfreeware.ru/InfoStart.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/edf281213f9135b87f6330e7ae735938a8519bf95123a863516fc486f7945dfe/analysis/1336150710/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:07:05 pm: Code: [Select]
http://www.asfreeware.ru/Sovetnik.zip
Heuristic.LooksLike.Win32.Suspicious.F

https://www.virustotal.com/file/dacd03103e0a1b4d369e1c1b89baf448df98e622d7fb711ed955be41dd67a7af/analysis/1336151078/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:16:19 pm: Code: [Select]
http://www.asfreeware.ru/Memorial.zip
Heuristic.LooksLike.Win32.Suspicious.F

https://www.virustotal.com/file/c0dd35e56d1ddfe617ca5521214e1d6e9da541bfa606f55d2479878f968d0d45/analysis/1336151619/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:22:41 pm: Code: [Select]
http://www.asfreeware.ru/PriNumEx32.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/a4ccbd6c2127bb2d4ac545614ffba850fd52a16be3c832b7630fbc632186547c/analysis/1336152005/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:26:41 pm: Code: [Select]
http://www.asfreeware.ru/Prostor.zip
Heuristic.LooksLike.Win32.Suspicious.C

https://www.virustotal.com/file/3dd4608274f7845d23ef3e180ad6bdadf15b33ffb62133077dcb0b15c2a5cb59/analysis/1336152238/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 04, 2012, 05:29:40 pm: Code: [Select]
http://www.asfreeware.ru/InfoTask.zip
Trojan-Downloader.Win32.VB.bbe

https://www.virustotal.com/url/798d1940dc49aff43e63cdce3c41b87c5af3e9d2b5527f1a639d79cf5af02e61/analysis/1336152425/
https://www.virustotal.com/file/db01ce27bd58ff85bd1ebd69e014148907ba91381e0cf26a20256421f922de38/analysis/1336152427/
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 04, 2012, 05:45:40 pm: Heuristic JUNK FILES

GaryDee:

Please concentrate on REAL malware. Do NOT post files with mostly heuristic detections. Unless you can post PROOF that they are acting maliciously and why.

Do post actual malware URLs; ZBot, Ransom, ZeroAccess, FakeAlert, TDSS family, Cridex, Exploit files/code pages, the various bots (R, Qak, GAO, SD, etc). Hiloti, Randex, Harniq, etc, etc.

Please do not operate in a vacuum.

Please do communicate with fellow members and use their feedback to improve what is posted. So far you ignore feedback and that's not the way to operate.

Please...
Quality not Quantity.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 10, 2012, 04:04:54 pm: Code: [Select]
http://www.cracks.vg/cracks/H!dden_7.1_99152.html
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 11, 2012, 10:10:47 am: Code: [Select]
http://www.cracks.vg/cracks/K-ML_v3.17.319_100639.html
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 17, 2012, 12:01:14 pm: Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 17, 2012, 12:45:49 pm: Quote from: GaryDee on May 17, 2012, 12:01:14 pm
Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe

To my PM Buddy:
No matter, a IP Scanner is MALWARE, nomatter which way you turn it. The file is classified for over 6 Years as Malware to leading AVScanners. There would have been enough time to classify it as f/p or whatsoever.

BTW, Cain & Abel, is also classified by Paretologic as Malware since 2010. See

http://www.malwareblacklist.com/searchClearingHouse.php?search=net-security.org

So:first look then think, next time you write PMs. THX. Cheers.
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 17, 2012, 02:04:45 pm: IP Port Scanners are grey-ware. You found it on a security site hosting it for use by security professionals.

They are tools that have legitimate uses but may be used maliciously. Thus they are grey area software and not really malware and may be classified as a PUP, Tool, Hacktool, etc.

If you had a downloader or a dropper that included an IP Port Scanner and you showed how it was being used maliciously in a particular process then that would be beneficial because you would be passing on that information of the tool being used in a particular technique.

Are you going to tell me those old archivers you posted about in late April were malware ?
Do you remember your posting the "WinRAR from 2008" and "7-Zip 4.65 from 2009" ?
How about those UPX compressed files ?

There is so much REAL malware out there; Ransom, Bobax, ZeroAccess, FakeAlert, TDSS family, Cridex, Exploit files/code pages, the various bots (Zbot, Rbot, Qakbot, GAObot, SDbot, etc). Cutwail, Mebroot, Bredolab, Hiloti, Randex, Harniq, Sinowal, etc, etc.

Post URLs to samples of the above and not grey-ware tools, false positives and at-best heuristics.
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 17, 2012, 02:33:53 pm: Quote from: GaryDee on May 17, 2012, 12:45:49 pm
Quote from: GaryDee on May 17, 2012, 12:01:14 pm
Code: [Select]
https://64.16.211.20/dl/software/ipeye.exe

To my PM Buddy:
No matter, a IP Scanner is MALWARE, nomatter which way you turn it. The file is classified for over 6 Years as Malware to leading AVScanners. There would have been enough time to classify it as f/p or whatsoever.

BTW, Cain & Abel, is also classified by Paretologic as Malware since 2010. See

http://www.malwareblacklist.com/searchClearingHouse.php?search=net-security.org

So:first look then think, next time you write PMs. THX. Cheers.

This is not malware. Maximum as it can be rated - "Hacktool" or PUA. But itself this tool is not malicious at all. You are wasting your and others time posting complete junk. If you disagree then give us please a *analysis* (not a result from fake av's considering everything as malware and skipping any real malware) to prove this file is malicious software.
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 19, 2012, 01:04:14 pm: Code: [Select]
http://8.153.cc/0705/Password%20Agent.rar
Trojan.Win32.MicroFake.ba
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 19, 2012, 01:59:12 pm: Code: [Select]
http://205.196.121.158/qhm92or2r8qg/y5m992hvmfy6myx/Zynga.exe
Trojan.Win32.Jorik.Llac.ash
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 20, 2012, 03:45:46 pm: Code: [Select]
i2307.in/2012/04/08/page/2/
links from/to

Code: [Select]
http://install.secure-softwaremanager.com/installer/zcdownload/c061a9ad328c637a2d044ef0daf638c86cefde9c8845b33c39e219fa4500e8d7e1589a5693:70522e5fd1a61b0f77a4cb83a0f1ecd3?ld=1
redirects to:

Code: [Select]
http://a.cryingbabee.com/IC/GPLAppBundler78/37280/1/9ff58cab-2959-41a2-b777-c4f7c3442ece/MPLSetup.exe
code is suspicious/malicious

not-a-virus:AdWare.Win32
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 21, 2012, 05:29:27 pm: Code: [Select]
http://www.regeasycleaner.com/RegistryEasy_Lite.exe
Risky
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 23, 2012, 02:08:08 pm: Code: [Select]
http://premiumstorage.info/v54
Suspicious Adware
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 24, 2012, 11:40:46 am: Code: [Select]
http://rivia.net/Products/Friendzee/Friendzee_Setup.exe
Potential Malware
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 24, 2012, 03:11:32 pm: Quote from: GaryDee on May 24, 2012, 11:40:46 am
Code: [Select]
http://rivia.net/Products/Friendzee/Friendzee_Setup.exe
Potential Malware

Your analysis to prove "potentiality"? Maybe you will mail your Kaspersky guy for confirmation?

Actually this is installer for Windows Mobile 5 application, dated back to 2007(!).

http://rivia.net/Friendzee.aspx
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 24, 2012, 03:35:54 pm: Quote from: EP_X0FF on May 24, 2012, 03:11:32 pm
Your analysis to prove "potentiality"? Maybe you will mail your Kaspersky guy for confirmation?

Actually this is installer for Windows Mobile 5 application, dated back to 2007(!).

http://rivia.net/Friendzee.aspx

(http://multi-av.thespykiller.co.uk/GIF/S_THUM~11.GIF)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 25, 2012, 01:20:23 pm: Code: [Select]
http://dubno-rada.rv.ua/components/com_jcomments/libraries/joomlatune/ajax.js
Trojan Script
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 25, 2012, 06:22:47 pm: Code: [Select]
http://download-soft99.info/engine/classes/js/dle_js.js http://download-soft99.info/engine/classes/js/jquery.js http://download-soft99.info/engine/classes/js/jqueryui.js
Trojan Scripts
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 10:34:06 am: Code: [Select]
adideco.es/wp-includes/js/l10n.js?ver=20101110
Trojan JS
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 02:37:44 pm: http://www.malwareblacklist.com/searchClearingHouse.php?search=update.boanupgrade.co.kr

Code: [Select]
http://update.boanupgrade.co.kr/bin/boanupgradeU.exe http://update.boanupgrade.co.kr/bin/boanupgradeBK.exe http://update.boanupgrade.co.kr/bin/boanupgrade.exe
https://www.virustotal.com/file/afc65608c1ade9bbd18f9e47111c404261be8e9bb538009ad0665f7a1efd5383/analysis/1338039907/
Trojan.Fraud

Downloads are mostly corrupted/fake, as almost every download comes differently. Although:
Suspicious

F.ex.:

https://www.virustotal.com/file/e4a5e2639ce8025419b0dfc4b00701f4f46496a1a180af46c826fc8bc449da80/analysis/1338035459/
https://www.virustotal.com/file/dd149f8e835302cbfbcd03c375e6f9241ef6ae5a16229e8a8fd15444d25df6f3/analysis/1338035956/
https://www.virustotal.com/file/afc65608c1ade9bbd18f9e47111c404261be8e9bb538009ad0665f7a1efd5383/analysis/1338040645/
https://www.virustotal.com/file/c651911f73d2315cd9558b47e0f331a73e39902b41a7f541a955a082bd8ce7c7/analysis/1338041200/
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 26, 2012, 08:22:28 pm: Code: [Select]
http://u1.minisearch.co.kr/Update64/rec.exe
Security Risk
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 27, 2012, 09:09:33 am: Code: [Select]
http://www.digsee.com/ftp/t-rec.exe http://www.filecluster.com/download-link-1/9102.html http://www.filecluster.com/download-link-2/9102.html

Download without asking
Code: [Select]
http://www.softsia.com/download-rvmh.htm
Keylogger
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on May 27, 2012, 11:13:36 am: Are you kidding or trolling?

What you point as *download without asking* is download page for

http://cresotech-typerecorder.softsia.com/

How about go hunt real malware, not all this junk?
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 27, 2012, 11:33:55 am: Code: [Select]
http://urlfile.com/files/63915/pst-rec.exe
Not-A-Virus: Adware-Toolbar (Potential MW)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on May 31, 2012, 07:08:52 am: Code: [Select]
http://www.qeasoft.com/download.php?software_id=19030&url=http%3A%2F%2Fwww.audiocdtools.com%2Faudio-burner%2Fdownload%2Faudio-burner-plus.exe
Dropper ?
Title: Re: Honeypots forgotten Links...
Post by: dlipman on May 31, 2012, 12:41:14 pm: Quote from: GaryDee on May 31, 2012, 07:08:52 am
Code: [Select]
http://www.qeasoft.com/download.php?software_id=19030&url=http%3A%2F%2Fwww.audiocdtools.com%2Faudio-burner%2Fdownload%2Faudio-burner-plus.exe
Dropper ?

Audio Burner Plus 3.1 trialware

* NOT MALWARE *
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 04, 2012, 04:20:00 pm: Code: [Select]
http://www.overspy.com/download/solid-key-logger-setup.exe
KEYLOGGER (not-a-virus:Monitor.Win32.OverSpy.bq)
Title: Re: Honeypots forgotten Links...
Post by: EP_X0FF on June 05, 2012, 03:58:46 am: How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)
Title: Re: Honeypots forgotten Links...
Post by: dlipman on June 05, 2012, 12:54:58 pm: Quote from: EP_X0FF on June 05, 2012, 03:58:46 am
How about NirSoft or SysInternals PsTools? Will you also post links to them here? :)

(http://multi-av.thespykiller.co.uk/GIF/S_THUM~11.GIF)
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 08:47:30 am: Code: [Select]
http://www.datarecoverysoftwaretrial.ws/trial/demo20126422443.zip
Keylog-Sanmaxi
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 11:02:00 am: Code: [Select]
http://www.google.com/aclk?sa=l&ai=CbgNTAi_PT4zxCcve4ASPvZGVA6rSsfYD2vb1sFreptP8AggAEAogwvWoGCgKUM_cnKAFYLsDoAG-ktbNA8gBAaoEV0_Q80dv5nLGRk9stXs1ojsZjsyrw96EH3KxNHY_JvOOv_SZ-ns6BEsKvBouQ_0Hq8Urf2QvBpA2a5cAhFV2_9HEB1Cyo7rYYp-eJHc9BJzfTnTZP94Nmg&sig=AOD64_0MeSej33E281wlz2T5enJ3XGA66w&adurl=http://gamesxite.com/download/
Code: [Select]
http://gamesxite.com/download/
Code: [Select]
http://ak.imgfarm.com/images/nocache/vicinio/206140027/37610-120530154136/4wffxtbr-bs@Retrogamer_4w.com.xpi
not-a-virus:WebToolbar.Win32.MyWebSearch.rh
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 06, 2012, 03:25:33 pm: Code: [Select]
http://www.copperheadsecurity.com/AntiSpy/AntiSpywareTrial.exe
not-a-virus:FraudTool.Win32.AntiSpyware.a

Rogueware
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 11:01:29 am: Code: [Select]
http://rghost.net/38584310
Trojan.Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 01:57:02 pm: Code: [Select]
http://rghost.net/38587601
Cheers
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 10, 2012, 06:15:44 pm: Code: [Select]
http://rghost.net/38588275
Trojan Generic
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 11, 2012, 10:04:01 am: Code: [Select]
http://rghost.net/38600496
Trojan.Crypt
Title: Re: Honeypots forgotten Links...
Post by: GaryDee on June 11, 2012, 03:04:58 pm: Code: [Select]
http://rghost.net/38605974
Trojan-PSW.PHP.AccPhish.eu