查看: 2649|回复: 15
收起左侧

脚本一个

[复制链接]
风野胤
发表于 2007-4-7 00:16:08 | 显示全部楼层 |阅读模式
乱逛的时候抓到的
似乎过了瑞星

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
The EQs
发表于 2007-4-7 00:19:50 | 显示全部楼层
Scan performed at: 2007-4-7 0:20:05
Scanning Log
NOD32 version 2171 (20070406) NT
Command line: C:\Documents and Settings\EQ2\桌面\head[1].rar
Operating memory - is OK

Date: 7.4.2007  Time: 00:20:09
Anti-Stealth technology is enabled.
Scanned disks, folders and files: C:\Documents and Settings\EQ2\桌面\head[1].rar
C:\Documents and Settings\EQ2\桌面\head[1].rar ?RAR ?head[1].js - JS/TrojanDownloader.IstBar.AI trojan - was a part of the deleted object
Number of scanned files: 2
Number of threats found: 1
Number of files cleaned: 1
Time of completion: 00:20:09 Total scanning time: 0 sec (00:00:00)
风野胤
 楼主| 发表于 2007-4-7 00:22:38 | 显示全部楼层
原帖由 EQ2 于 2007-4-7 00:19 发表
Scan performed at: 2007-4-7 0:20:05
Scanning Log
NOD32 version 2171 (20070406) NT
Command line: C:\Documents and Settings\EQ2\桌面\head[1].rar
Operating memory - is OK

Date: 7.4.2007  Time ...

其实可以不用测的
我就是用nod抓的
小邪邪
发表于 2007-4-7 00:27:58 | 显示全部楼层
document.writeln("<LINK href=\"..\/skin_Mesky\/style.css\" type=text\/css rel=stylesheet><\/SCRIPT>");
document.writeln("<SCRIPT language=JavaScript>");
document.writeln("if(self!=top){top.location=self.location;}");
document.writeln("<\/SCRIPT>");
document.writeln("<body topmargin=\"0\">");
document.writeln("<div align=\"center\">");
document.writeln("  <center>");
document.writeln("  <table border=\"1\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#E0E0E0\" width=\"770\" id=\"AutoNumber4\" height=\"21\">");
document.writeln("    <tr>");
document.writeln("      <td bgcolor=\"#ebebeb\" width=\"768\" height=\"21\" bordercolor=\"#808000\" valign=\"bottom\">");
document.writeln("      <p align=\"center\"><span style=\"font-size: 9pt\"><a target=\"_blank\" href=\"http:\/\/beijing.driverchina.com\/\" style=\"text-decoration: none\"><font color=\"#000000\">北京<\/font><\/a> | <font color=\"#FF0000\">");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/gd.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">广东 <\/font><\/a><\/font>| <font color=\"#808080\">");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/sh.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">上海<\/font><\/a><\/font> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/sd.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">山东<\/font><\/a> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/zj.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">浙江<\/font><\/a> |");
document.writeln("      <a target=\"_blank\" style=\"text-decoration: none\" href=\"http:\/\/hebei.driverchina.com\/\">");
document.writeln("      <font color=\"#000000\">河北<\/font><\/a> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/hn.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">河南<\/font><\/a> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/hunan.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">湖南<\/font><\/a> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/sc.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">四川<\/font><\/a> |");
document.writeln("    <a target=\"_blank\" href=\"http:\/\/tianjin.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">天津<\/font><\/a> | <a target=\"_blank\" href=\"http:\/\/cnc.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#000000\">国际<\/font><\/a> <font color=\"#0066CC\"> |");
document.writeln("      <\/font>");
document.writeln("      <a style=\"text-decoration: none\" href=\"http:\/\/news.driverchina.com\/\">");
document.writeln("      <font color=\"#0066CC\">新闻<\/font><\/a><\/span><font color=\"#0066CC\"><span style=\"font-size: 9pt\"> |");
document.writeln("      <\/span>");
document.writeln("      <\/font>");
document.writeln("      <a href=\"http:\/\/tech.driverchina.com\" style=\"text-decoration: none\">");
document.writeln("      <span style=\"font-size: 9pt\"><font color=\"#0066CC\">数码<\/font><\/span><\/a><span style=\"font-size: 9pt\"><font color=\"#0066CC\"> ");
document.writeln("      |");
document.writeln("      <\/font>");
document.writeln("      <font color=\"#0000FF\">");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/bbs.driverchina.com\" style=\"text-decoration: none\">");
document.writeln("      <font color=\"#0066CC\">论坛<\/font><\/a><font color=\"#0066CC\"> |");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/flea.driverchina.com\" style=\"text-decoration: none\">");
document.writeln("      跳蚤<\/a><\/font><\/font><font color=\"#FF0000\">");
document.writeln("  <\/font><font color=\"#0066CC\">|<\/font><font color=\"#FF0000\">");
document.writeln("  <a target=\"_blank\" href=\"http:\/\/blog.driverchina.com\">");
document.writeln("  <span style=\"text-decoration: none\">博客<\/span><\/a> <\/font>");
document.writeln("  <font color=\"#0000FF\">");
document.writeln("  |");
document.writeln("      <\/font><font color=\"#FF0000\">");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/ask.driverchina.com\/\" style=\"text-decoration: none\">");
document.writeln("      问吧<\/a> | <\/font><\/span><font color=\"#FF0000\">");
document.writeln("      <a target=\"_blank\" href=\"http:\/\/price.driverchina.com\/products\/index.php\">");
document.writeln("  <font color=\"#FF0000\"><span style=\"text-decoration: none\">报价<\/span><\/font><\/a><\/font><\/td>");
document.writeln("    <\/tr>");
document.writeln("  <\/table>");
document.writeln("  <\/center>");
document.writeln("<\/div>");
document.writeln("<TABLE height=66 cellSpacing=0 width=770 align=center border=0>");
document.writeln("<TBODY>");
document.writeln("<TR>");
document.writeln("<TD width=208 height=\"66\">");
document.writeln("<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#111111\" width=\"109%\" id=\"AutoNumber3\" height=\"2\">");
document.writeln("  <tr>");
document.writeln("    <td width=\"100%\" height=\"40\">");
document.writeln("    <a href=\"http:\/\/www.driverchina.com\/\">");
document.writeln("    <img border=\"0\" src=\"http:\/\/www.driverchina.com\/indexpic\/logo.jpg\" width=\"208\" height=\"59\"><\/a><\/td>");
document.writeln("  <\/tr>");
document.writeln("  <\/table>");
document.writeln("<\/TD>");
document.writeln("<TD width=478 height=\"60\">");
document.writeln("<p align=\"center\"><div align=center>");
document.writeln(" <a target=\"_blank\" href=\"http:\/\/www.hvtong.com\/\">");
document.writeln(" <img src=\"http:\/\/www.driverchina.com\/ads\/img\/2700.jpg\" border=\"0\" style=\"color: #000000\"><\/a><\/div><\/TD>");
document.writeln("<TD width=78 height=\"66\">");
document.writeln("<TABLE id=AutoNumber2 style=\"BORDER-COLLAPSE: collapse\" borderColor=#111111 cellSpacing=0 cellPadding=0 width=\"98%\" border=0 height=\"62\">");
document.writeln("<TBODY>");
document.writeln("<TR>");
document.writeln("<TD style=\"FONT-SIZE: 9pt; LINE-HEIGHT: 140%\" width=\"100%\" height=20>");
document.writeln("<p align=\"right\">");
document.writeln("<a style=\"COLOR: #053177\" href=\"http:\/\/www.idcw.com.cn\/\" target=\"_blank\">");
document.writeln("<font color=\"#0066CC\"><u>服务器配件网<\/u><\/font><\/a><\/TD><\/TR>");
document.writeln("<TR>");
document.writeln("<TD style=\"FONT-SIZE: 9pt; LINE-HEIGHT: 140%\" width=\"100%\" height=21>");
document.writeln("<p align=\"right\"><a target=\"_blank\" href=\"http:\/\/www.hvtong.com\/\">");
document.writeln("<font color=\"#0066CC\">慧通数据中心<\/font><\/a><\/TD><\/TR>");
document.writeln("<TR>");
document.writeln("<TD style=\"FONT-SIZE: 9pt; LINE-HEIGHT: 140%\" width=\"100%\" height=21>");
document.writeln("<P align=right><a href=\"http:\/\/www.sozy.cn\"><font color=\"#FF0000\">资源搜索<\/font><\/a><a target=\"_blank\" href=\"http:\/\/www.sozy.cn\"><font color=\"#FF0000\">网站<\/font><\/a><\/P><\/TD><\/TR>");
document.writeln("<\/TBODY><\/TABLE><\/TD><\/TR><\/TBODY><\/TABLE>")


var paypopupURL = "http://www.driversdown.com";
var clickurl;
clickurl=escape(top.document.referrer)
if (clickurl.indexOf("hao123")>0){
var stype="height=300,width=300,menubar=yes,toolbar=yes,location=yes,directories=yes,scrollbars=yes,status=yes,resizable=yes";}
else {
var stype="menubar=yes,toolbar=yes,location=yes,directories=yes,scrollbars=yes,status=yes,resizable=yes";}
var usingActiveX = true;
function blockError()
{
return true;
}
window.onerror = blockError;
//COOKIES设置限制弹出
function SetCookie(name,value){
var exp  = new Date();   
  exp.setTime(exp.getTime() + 24*60*60*1000);
var nameString = name + "=" + value;
var expiryString = " ;expires = "+ exp.toGMTString();
var pathString = " ;path = /;domain=driverchina.com;54drivers.com;";
document.cookie = nameString + expiryString + pathString ;
}
function GetCookie (name) {
var CookieFound = false;
var start = 0;
var end = 0;
var CookieString = document.cookie;
var i = 0;

while (i <= CookieString.length) {
start = i ;
end = start + name.length;
if (CookieString.substring(start, end) == name){
CookieFound = true;
break;
}
i++;
}

if (CookieFound){
start = end + 1;
end = CookieString.indexOf(";",start);
if (end < start)
end = CookieString.length;
return unescape(CookieString.substring(start, end));
}
return "";
}
var usingActiveX = true;
function blockError(){return true;}
window.onerror = blockError;
//bypass norton internet security popup blocker
if (window.SymRealWinOpen){window.open = SymRealWinOpen;}
if (window.NS_ActualOpen) {window.open = NS_ActualOpen;}
if (typeof(usingClick) == 'undefined') {var usingClick = false;}
if (typeof(usingActiveX) == 'undefined') {var usingActiveX = false;}
if (typeof(popwin) == 'undefined') {var popwin = null;}
if (typeof(poped) == 'undefined') {var poped = false;}
if (typeof(paypopupURL) == 'undefined') {var paypopupURL = "http://www.driversdown.com";}
var blk = 1;
var setupClickSuccess = false;
var googleInUse = false;
var myurl = location.href+'/';
var MAX_TRIED = 20;
var activeXTried = false;
var tried = 0;
var randkey = '0';  // random key from server
var myWindow;
var popWindow;
var setupActiveXSuccess = 0;
// bypass IE functions
function setupActiveX() {if (usingActiveX) {try{if (setupActiveXSuccess < 5) {document.write('<INPUT STYLE="display:none;" ID="autoHit" TYPE="TEXT" >');popWindow=window.createPopup();popWindow.document.body.innerHTML='<DIV ID="objectRemover"><OBJECT ID="getParentDiv" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT></DIV>';document.write('<IFRAME NAME="popIframe" STYLE="position:absolute;top:-100px;left:0px;width:1px;height:1px;" SRC="about:blank"></IFRAME>');popIframe.document.write('<OBJECT ID="getParentFrame" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT>');setupActiveXSuccess = 6;}}catch(e){if (setupActiveXSuccess < 5) {setupActiveXSuccess++;setTimeout('setupActiveX();',500);}else if (setupActiveXSuccess == 5) {activeXTried = true;setupClick();}}}}
function tryActiveX(){if (!activeXTried && !poped) {if (setupActiveXSuccess == 6 && googleInUse && popWindow && popWindow.document.getElementById('getParentDiv') && popWindow.document.getElementById('getParentDiv').object && popWindow.document.getElementById('getParentDiv').object.parentWindow) {myWindow=popWindow.document.getElementById('getParentDiv').object.parentWindow;}else if (setupActiveXSuccess == 6 && !googleInUse && popIframe && popIframe.getParentFrame && popIframe.getParentFrame.object && popIframe.getParentFrame.object.parentWindow){myWindow=popIframe.getParentFrame.object.parentWindow;popIframe.location.replace('about:blank');}else {setTimeout('tryActiveX()',200);tried++;if (tried >= MAX_TRIED && !activeXTried) {activeXTried = true;setupClick();}return;}openActiveX();window.windowFired=true;self.focus();}}
function openActiveX(){if (!activeXTried && !poped) {if (myWindow && window.windowFired){window.windowFired=false;document.getElementById('autoHit').fireEvent("onkeypress",(document.createEventObject().keyCode=escape(randkey).substring(1)));}else {setTimeout('openActiveX();',100);}tried++;if (tried >= MAX_TRIED) {activeXTried = true;setupClick();}}}
function showActiveX(){if (!activeXTried && !poped) {if (googleInUse) {window.daChildObject=popWindow.document.getElementById('objectRemover').children(0);window.daChildObject=popWindow.document.getElementById('objectRemover').removeChild(window.daChildObject);}newWindow=myWindow.open(paypopupURL,'abcdefg',stype);if (newWindow) {newWindow.blur();self.focus();activeXTried = true;poped = true;}else {if (!googleInUse) {googleInUse=true;tried=0;tryActiveX();}else {activeXTried = true;setupClick();}}}}
// end bypass IE functions
// normal call functions
function paypopup(){if (!poped) {if(!usingClick && !usingActiveX) {popwin = window.open(paypopupURL,'abcdefg',stype);if (popwin) {poped = true;}self.focus();}}if (!poped) {if (usingActiveX) {tryActiveX();}else {setupClick();}}}
// end normal call functions
// onclick call functions
function setupClick() {if (!poped && !setupClickSuccess){if (window.Event) document.captureEvents(Event.CLICK);prePaypopOnclick = document.onclick;document.onclick = gopop;self.focus();setupClickSuccess=true;}}
function gopop() {if (!poped) {popwin = window.open(paypopupURL,'abcdefg',stype);if (popwin) {poped = true;}self.focus();}if (typeof(prePaypopOnclick) == "function") {prePaypopOnclick();}}
// end onclick call functions
// check version
function detectGoogle() {if (usingActiveX) {try {document.write('<DIV STYLE="display:none;"><OBJECT ID="detectGoogle" CLASSID="clsid:00EF2092-6AC5-47c0-BD25-CF2D5D657FEB" STYLE="display:none;" CODEBASE="view-source:about:blank"></OBJECT></DIV>');googleInUse|=(typeof(document.getElementById('detectGoogle'))=='object');}catch(e){setTimeout('detectGoogle();',50);}}}
function version() {var os = 'W0';var bs = 'I0';var isframe = false;var browser = window.navigator.userAgent;if (browser.indexOf('Win') != -1) {os = 'W1';}if (browser.indexOf("SV1") != -1) {bs = 'I2';}else if (browser.indexOf("Opera") != -1) {bs = "I0";}else if (browser.indexOf("Firefox") != -1) {bs = "I0";}else if (browser.indexOf("Microsoft") != -1 || browser.indexOf("MSIE") != -1) {bs = 'I1';}if (top.location != this.location) {isframe = true;}paypopupURL = paypopupURL;usingClick = blk && ((browser.indexOf("SV1") != -1) || (browser.indexOf("Opera") != -1) || (browser.indexOf("Firefox") != -1));usingActiveX = blk && (browser.index

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
风野胤
 楼主| 发表于 2007-4-7 00:28:43 | 显示全部楼层
好像还过了卡巴
崩溃了
aoyang
头像被屏蔽
发表于 2007-4-7 00:31:57 | 显示全部楼层
费尔报告一个广告程序

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
solcroft
发表于 2007-4-7 00:33:18 | 显示全部楼层
原帖由 风野胤 于 2007-4-7 01:58 发表
好像还过了卡巴
崩溃了

只是弹出广告窗口的脚本,前一阵子曲中求版主就在狂发这个
其实过了杀软也就过了,杀软是杀毒的,不是来屏蔽网上广告的
小邪邪
发表于 2007-4-7 00:36:44 | 显示全部楼层
杀广告也没什么不对的,这界线本来就有点模糊
间谍的,恶意的,按键的,拨号的,玩笑程序,恶意脚本等等太多了
报的时候别乱报就可以了,便于判断
风野胤
 楼主| 发表于 2007-4-7 00:38:25 | 显示全部楼层
也是 我倒是觉得广告程序还是无所谓的
反正伤不了电脑
solcroft
发表于 2007-4-7 00:39:25 | 显示全部楼层
原帖由 小邪邪 于 2007-4-7 02:06 发表
杀广告也没什么不对的,这界线本来就有点模糊
间谍的,恶意的,按键的,拨号的,玩笑程序,恶意脚本等等太多了
报的时候别乱报就可以了,便于判断

我也没说不对
杀了固然好,可是就算挂了其实也没什么
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-3-29 23:30 , Processed in 0.128218 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表