存档

文章标签 ‘malicious’

遭遇流氓

2006年8月27日 4 条评论
今天发行电脑访问一个找不到的页面时,被重定向到http://www.fsjoy.com,这个流氓网站。
同時,不断有程序启动IE访问一些流氓网站。
我用msinfo32看当前的进程,看到“千橡互联”这个流氓的名字,有3个DLL在运行,并且在C:\Documents and Settings\zgsu\Templates\b74df88下。在网上查,找到个工具RogueCleaner。他找出好多流氓。这些流氓,自己提供的删除方式不能真正删除,手工删除也不行。
这些流氓花了我几乎半天的时间,到目前访问一个找不到的页面时,仍然被重定向到http://www.fsjoy.com这个流氓网站。
有感:
一直說我們中國人聰明,的確是這樣:這些東西隱藏很深又加了防刪除。這樣下去,我們就有希望了!!!!!!!!
附部分訪問的流氓網站:
下面是其中的一部分(几个是找如何杀死这个流氓时我主动访问的)

Informational 2006-8-26 23:37:57 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:37:57 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:38:18 http://207.46.198.60/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:38:19 http://211.39.137.155/ from 192.168.0.173 Informational 2006-8-26 23:38:20 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:38:21 http://66.151.152.143/b/ss/msnportalhome/1/H.1-pdv-2/s36686667970595?[AQB]&ndh=1&t=26/7/2006%2023%3A38%3A20%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:38:21 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:38:21 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:38:21 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:38:21 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:38:22 http://211.155.228.28/ads/9829/0000009829_000000000000000337295.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942764.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D1360202133%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:38:24 http://207.46.216.61/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:38:26 http://61.129.92.134/ from 192.168.0.173 Informational 2006-8-26 23:38:51 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:38:51 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:39:12 http://wwwtkttest5.microsoft.com/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:39:13 http://211.39.137.155/ from 192.168.0.173 Informational 2006-8-26 23:39:13 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:39:14 http://omniture.112.2O7.net/b/ss/msnportalhome/1/H.1-pdv-2/s34380680468331?[AQB]&ndh=1&t=26/7/2006%2023%3A39%3A14%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:39:14 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:39:14 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:39:14 http://c.msn.com/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:39:14 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:39:14 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:39:15 http://211.155.228.28/ads/9829/0000009829_000000000000000337292.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942757.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D856703273%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:39:57 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:39:57 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:39:57 http://wwwtkttest5.microsoft.com/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:39:58 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:39:59 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:40:01 http://omniture.112.2O7.net/b/ss/msnportalhome/1/H.1-pdv-2/s39904619975808?[AQB]&ndh=1&t= 26/7/2006%2023%3A40%3A0%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&a
mp;c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y
& from 192.168.0.173 Informational 2006-8-26 23:40:01 http://c.msn.com/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:40:01 http://207.68.178.239/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:40:01 http://207.68.178.239/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:40:01 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:40:01 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:40:01 http://202.166.85.30/ads/9829/0000009829_000000000000000337290.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942755.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D1359693928%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:40:52 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:40:52 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:40:52 http://207.46.20.60/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:40:53 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:40:53 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:40:54 http://66.151.152.126/b/ss/msnportalhome/1/H.1-pdv-2/s32287640625989?[AQB]&ndh=1&t=26/7/2006%2023%3A40%3A54%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:40:54 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:40:54 http://c.msn.com/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:40:54 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:40:55 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:40:55 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:40:55 http://202.166.85.30/ads/9829/0000009829_000000000000000337290.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942755.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D536873773%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:42:08 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:42:08 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:42:09 http://207.46.20.60/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:42:09 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:42:10 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:42:11 http://66.151.152.126/b/ss/msnportalhome/1/H.1-pdv-2/s32409763003570?[AQB]&ndh=1&t=26/7/2006%2023%3A42%3A10%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:42:11 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:42:11 http://207.46.216.61/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:42:11 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:42:11 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:42:11 http://65.54.195.185/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 a> from 192.168.0.173 Informational 2006-8-26 23:42:12 http://211.155.228.28/ads/9829/0000009829_000000000000000337290.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942755.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3
BTargetID%3D1048194%26amp%3BAN%3D725157926%26amp%3BPG%3DMSNREC
from 192.168.0.173 Informational 2006-8-26 23:43:45 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:43:45 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:43:45 http://207.46.20.30/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:43:46 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:44:42 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:44:42 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:44:42 http://207.46.20.30/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:44:43 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:45:42 http://61.129.92.134/ from 192.168.0.173 Informational 2006-8-26 23:46:45 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:46:45 http://207.46.199.30/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:46:46 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:46:47 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:46:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:46:48 http://128.241.21.146/b/ss/msnportalhome/1/H.1-pdv-2/s34547027538276?[AQB]&ndh=1&t=26/7/2006%2023%3A46%3A47%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:46:48 http://207.46.216.61/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:46:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:46:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:46:48 http://207.68.178.239/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:46:48 http://202.166.85.30/ads/9829/0000009829_000000000000000337290.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942755.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D1630094178%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:47:45 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:47:45 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:47:46 http://207.46.199.30/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:47:46 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:47:47 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:47:48 http://128.241.21.146/b/ss/msnportalhome/1/H.1-pdv-2/s39144261537977?[AQB]&ndh=1&t=26/7/2006%2023%3A47%3A47%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y from 192.168.0.173 Informational 2006-8-26 23:47:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:47:48 http://207.46.216.61/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:47:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:47:48 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:47:48 http://207.68.178.239/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:47:48 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:48:43 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:48:44 http://207.46.199.30/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:48:44 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:48:45 http://www.msn.com.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:48:46 http://128.241.21.146/b/ss/msnportalhome/1/H.1-pdv-2/s353059160503?[AQB]&ndh=1&t=26/7/2006%2023%3A48%3A46%206%20-480&ns=msnportal&pageName=US%20Homepage%20V10.5&g=http%3A//www.msn.com/&cc=USD&ch=www.msn.com&server=msn.com&c1=Portal&c2=en-us&c3=10.5&c19=Dblu%2CW1%2CM5%2CF5%2CT5%2CE5&c22=False&c29=http%3A//www.msn.com/&s=1400×1050&c=32&j=1.3&v=Y&k from 192.168.0.173 Informational 2006-8-26 23:48:46 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSN9UT&AP=1339 from 192.168.0.173 Informational 2006-8-26 23:48:46 http://207.46.216.61/c.gif?di=340&pi=7317&ps=83527&tp=http://www.msn.com/&rf= from 192.168.0.173 Informational 2006-8-26 23:48:46 http://rad.msn.com.nsatc.net/ADSAdClient31.dll?GetSAd=&PG=MSNREC&AP=1440 from 192.168.0.173 Informational 2006-8-26 23:48:46 http://207.68.178.239/ADSAdClient31.dll?GetSAd=&PG=MSNMMT&AP=1402 from 192.168.0.173 Informational 2006-8-26 23:48:46 http://207.68.178.61/ADSAdClient31.dll?GetSAd=&PG=MSNSUR&AP=1140 from 192.168.0.173 Informational 2006-8-26 23:48:47 http://202.166.85.30/ads/9829/0000009829_000000000000000337292.swf?fd=www.msn.com&clickTAG=http%3A//g.msn.com/0AD0003A/942757.5.1%3F%3FPID%3D3220123%26amp%3BUIT%3DG%26amp%3BTargetID%3D1048194%26amp%3BAN%3D1210073912%26amp%3BPG%3DMSNREC from 192.168.0.173 Informational 2006-8-26 23:50:46 http://61.51.18.112/wpad.dat from 192.168.0.173 Informational 2006-8-26 23:50:47 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:50:47 http://207.46.20.60/isapi/redir.dll?prd=ie&clcid=0x0409&pver=6.0&ar=home from 192.168.0.173 Informational 2006-8-26 23:50:47 http://go.hotmail.aate.nsatc.net/ from 192.168.0.173 Informational 2006-8-26 23:50:55 http://61.129.92.135/ from 192.168.0.173 Informational 2006-8-26 23:51:15 http://club.fsjoy.com/ from 192.168.0.173 Informational 2006-8-26 23:51:32 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:52:28 http://blankstar.77169.com/archives/2006/83252.html from 192.168.0.173 Informational 2006-8-26 23:52:28 http://blankstar.77169.com/OblogStyle/OblogUserDefault31.css from 192.168.0.173 Informational 2006-8-26 23:52:30 http://blankstar.77169.com/skin/2005/bluedream/images/default.css from 192.168.0.173 Informational 2006-8-26 23:52:30 http://blankstar.77169.com/skin/2005/bluedream/images/blog_headerright.gif from 192.168.0.173 Informational 2006-8-26 23:52:30 http://blankstar.77169.com/skin/2005/bluedream/images/blog_headerleft.gif from 192.168.0.173 Informational 2006-8-26 23:52:30 http://blankstar.77169.com/skin/2005/bluedream/images/blog_logo.jpg from 192.168.0.173 Informational 2006-8-26 23:52:30 http://blankstar.77169.com/skin/2005/bluedream/images/sider_calendar.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/images/xml.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/blog_header.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/blog_main.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/01view_bg.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/blog_footerright.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/blog_footerleft.gif from 192.168.0.173 Informational 2006-8-26 23 :52:31 http://blankstar.77169.com/images/oblog_powered.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://blankstar.77169.com/skin/2005/bluedream/images/blog_footer.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673041389693.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673040462053.gif from 192.168.0.173 Informational 2006-8-26 23:52:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:52:32 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673041413381.gif from 192.168.0.173 Informational 2006-8-26 23:52:33 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673041495241.gif from 192.168.0.173 Informational 2006-8-26 23:52:35 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673041556317.gif from 192.168.0.173 Informational 2006-8-26 23:52:36 http://www3.freep.cn/photo_www3_freep_cc/2006-7-30/11/200673041801801.gif from 192.168.0.173 Informational 2006-8-26 23:52:40 http://blankstar.77169.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:52:40 http://blankstar.77169.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:53:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:53:47 http://blogger.pcauto.chinacache.net/autoblog/viewAccountBlog.do?method=personalBlogpage&accountName=gwthai&blogId=16451&pageSize=6&pageNo=9999 from 192.168.0.173 Informational 2006-8-26 23:53:47 http://blogger.pcauto.chinacache.net/autoblog/template/template2/bloglayout.css from 192.168.0.173 Informational 2006-8-26 23:53:47 http://blogger.pcauto.chinacache.net/autoblog/template/template2/bloglayout_more.css from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/w01.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/italicize.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://img.pconline.chinacache.net/images/pcautoblog/200512/1/1133408709744_thumb.jpg from 192.168.0.173 Informational 2006-8-26 23:53:48 http://img.pconline.chinacache.net/images/pcautoblog/200512/1/1133408524528_thumb.jpg from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/underline.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/center.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/url.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/email.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/image.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/image_green.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/glow.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/shadow.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/fly.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/move.gif from 192.168.0.173 Informational 2006-8-26 23:53:48 http://www.pcauto.chinacache.net/autoblog/images/preview.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_top_back.jpg from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.looho.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/head_bg_03.jpg from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/head_bg_04.jpg from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_back1.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_main_title_back.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_tool_back.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_left_back.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2 /images/button_icon_07.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/button_icon_09.gif from 192.168.0.173 Informational 2006-8-26 23:53:49 http://www.pcauto.chinacache.net/blog/template/template2/images/blogindex2_low_back.gif from 192.168.0.173 Informational 2006-8-26 23:53:51 http://www.pcauto.chinacache.net/autoblog/images/bold.gif from 192.168.0.173 Informational 2006-8-26 23:53:51 http://blogger.pcauto.chinacache.net/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:54:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:54:57 http://blogger.pcauto.chinacache.net/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:55:29 http://blankstar.77169.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:55:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 IInformational 2006-8-26 23:55:54 http://blankstar.77169.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:55:57 http://blogger.pcauto.chinacache.
net/favicon.ico
from 192.168.0.173 Informational 2006-8-26 23:56:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:57:31 http://blankstar.77169.com/favicon.ico from 192.168.0.173 Informational 2006-8-26 23:57:31 http://60.15.40.94/ws/c.gif from 192.168.0.173 Informational 2006-8-26 23:58:31 http://60.15.40.94/ws/c.gif from 192.168.0.173

这个地址:http://60.15.40.94/ws/c.gif 还被Norton报告为病毒(通过抓包看似乎是个EXE)

2011/08/04 Update:

有人留言说:“那个 fsjoy.com是街头篮球(一网络游戏)的官方网站 不是流氓网站额”、“应该是别人恶作剧吧 街球不可能搞出这种事”。

我可以保证这里记录了当时真实情况,不过可惜当时没有截图。另外,我不相信有活雷锋为其他网站贡献流量。

我搜了一下,有相同遭遇的不止我一个,有人做了个 收集证据

 

分类: 软件使用 标签: