目前依然只有红伞报的毒

beat2

The file 'opr0098F.js' has been determined to be 'MALWARE'. Our analysts named the threat JS/Dldr.Agent.AG. The term "JS/" denotes a Java scriptvirus.Detection is added to our virus definition file (VDF) starting with version 6.38.00.185.

红伞的回信

今天浏览网页，又报了同样的毒

http://www.cisrt.org/blog/read.php?301

脚本看不懂 但两个脚本有个共同点，都有http://www.51.la/ 这个网址  不知道有没有关。

[ 本帖最后由 beat2 于 2007-4-11 14:30 编辑 ]

tonger2003

附件文件不存在或无法读入，请与管理员联系

beat2

可以下啊

chow2006

费尔不报

小邪邪

document.write ('<a href="http://www.51.la/?304412" target="_blank"><img alt="&#x35;&#x31;&#x2E;&#x6C;&#x61;&#x20;专业、免费、强健的访问统计" src="http://icon.ajiang.net/icon_0.gif" style="border:none" /></a>\n');
window.onerror=function(){return true};
document.write ('<script>var a304412tf="51la";var a304412pu="";var a304412pf="51la";var a304412su=window.location;var a304412sf=document.referrer;var a304412of="";var a304412op="";var a304412ops=1;var a304412ot=1;var a304412d=new Date();var a304412color="";if (navigator.appName=="Netscape"){a304412color=screen.pixelDepth;} else {a304412color=screen.colorDepth;}<\/script><script>a304412tf=top.document.referrer;<\/script><script>a304412pu =window.parent.location;<\/script><script>a304412pf=window.parent.document.referrer;<\/script><script>a304412ops=document.cookie.match(new RegExp("(^| )AJSTAT_ok_pages=([^;]*)(;|$)"));a304412ops=(a304412ops==null)?1: (parseInt(unescape((a304412ops)[2]))+1);var a304412oe =new Date();a304412oe.setTime(a304412oe.getTime()+60*60*1000);document.cookie="AJSTAT_ok_pages="+a304412ops+ ";expires="+a304412oe.toGMTString();a304412ot=document.cookie.match(new RegExp("(^| )AJSTAT_ok_times=([^;]*)(;|$)"));if(a304412ot==null){a304412ot=1;}else{a304412ot=parseInt(unescape((a304412ot)[2])); a304412ot=(a304412ops==1)?(a304412ot+1):(a304412ot);}a304412oe.setTime(a304412oe.getTime()+365*24*60*60*1000);document.cookie="AJSTAT_ok_times="+a304412ot+";expires="+a304412oe.toGMTString();<\/script><script>a304412of=a304412sf;if(a304412pf!=="51la"){a304412of=a304412pf;}if(a304412tf!=="51la"){a304412of=a304412tf;}a304412op=a304412pu;try{lainframe}catch(e){a304412op=a304412su;}document.write(\'<img style="width:0px;height:0px" src="http://5.db.51.la/s.asp?id=304412&tpages=\'+a304412ops+\'&ttimes=\'+a304412ot+\'&tzone=\'+(0-a304412d.getTimezoneOffset()/60)+\'&tcolor=\'+a304412color+\'&sSize=\'+screen.width+\',\'+screen.height+\'&referrer=\'+escape(a304412of)+\'&vpage=\'+escape(a304412op)+\'" \/>\');<\/script>');

taihuxian

Start of the scan: 2007年4月11日  20:28

Start scanning boot sectors:
Boot sector 'C:\'
      [NOTE]      No virus was found!

Starting the file scan:

Begin scan in 'C:\Documents and Settings\Administrator\桌面\js.zip'
C:\Documents and Settings\Administrator\桌面\js.zip
  [0] Archive type: ZIP
  --> js/opr0098F.js
      [DETECTION] Contains signature of the Java script virus JS/Dldr.Agent.AG
      [INFO]      A backup was created as '464ad4de.qua'  ( QUARANTINE )
      [INFO]      The file was deleted!


End of the scan: 2007年4月11日  20:28
Used time: 00:04 min

蓝色牛仔裤

又是脚本...

马力

驱逐舰没反应

chenpatrick

卡巴下载后报了

000110

我的卡巴沒报...