Investigating New Trends of Rogue Antiviruses - Part 2

Besides the randomly named sites that host the rogue antivirus pages, I have also noticed a huge amount of legitimate sites that have been compromised to direct traffic to the rogue antivirus domains.

Each compromised website contains a folder with a 5 lettered randomly generated name. The folder also contains another randomly generated folder of the same length that contains hundreds of computer generated infected php web pages.

Examples of the folders found on compromised legitimate sites that I have discovered via google are:
http://kingofthecageskennels.com/hoabe/sueno/
http://trd3tv.net/qiqut/aejpc/
http://markingsstudio.com/ppplc/iyiux/
http://internationalharpmuseum.org/keaeb/qrdaw/
http://romania-ti.com/steuf/sgqrm/
http://bizbuilderswa.org/pmrum/bpakx/
http://mrantasi.com/ljglc/mjqrl/
http://amerilao.org/grano/kpsxm/
http://appliancerepair.tv/bseul/ewsyo/s
http://susancastor.org/czpmf/dihbl/
http://deartes.net/qesbr/sieme/
http://ffseguros.net/zwwzo/ommil/
http://eventsregister.net/cbuga/dykdb/
http://giaitri8x.net/bdrmh/bhusp/
http://alu-vene.com/eiika/zeypc/
http://streetmedia.us/iktdl/ytzcq/
http://butteredhost.com/iwyiw/xdbhc/
http://leadershipsummit.net/tyird/yeirh/
http://vogelrentalproperties.ca/iljqu/daogi/
http://punk-designs.com/uaiyx/tkuif/
http://guard-door.info/fqrna/nyhlh/
http://mortgagecapitalrealty.com/cyzle/ubpnr/
http://endoscopyspecialists.com/kescd/drwiy/
http://californiahistoricalsociety.org/ieeci/skelr
http://uriellaw.com/ilrxb/dxixr
http://elrealsabordecuba.com/lyxei/uolqe/
http://karpovthewreckedtrain.com/epjfw/htgbs/
http://moto-osat.com/npkcg/zuzfj
http://swanjoy.com/ewyqi/fopzi/
http://stevericks.net/yuyrz/tbrdw/
http://costumeoriental.com/lwicu/nghep/
http://kfgroup.net/nbfep/biqni/
http://otroma.com/omhig/flwbi
http://bilikbahasa.com/nsege/olgyf/
http://catasticbritz.com/imgjx/ekquz
http://tomspencerbassin.com/pcuwz/sbous
http://puijonsrknuoret.net/exhcy/sirfa/
http://caflasvegas.org/zeaen/ifpkl/
http://energizardelvalle.com/xisfe/esixm/

Examples of infected php pages taken from one of the above sites:
http://kingofthecageskennels.com/hoabe/sueno/survivors.php
http://trd3tv.net/qiqut/aejpc/pomegranate.php

The list of compromised sites continue to grow every hour.