各位幫我看看這段彈窗代碼,怎麼殺軟報毒,我覺得是誤報...
" g( F1 G0 H: O- v$ `: U- i" A* T" m* S9 I- U; I/ x
代碼如下.$ C& D1 t0 d* y; |5 b
+ D8 X/ \) V1 R* ^: X
5 Q1 P* C( a8 c<Script Language="JavaScript">
& m3 }; f9 V3 A2 g) Q. Yvar paypopupURL = "http://diaocha888.ik8.com/aonev.htm";# J, E$ q5 `& c$ L8 h7 ~- }) g
var usingActiveX = true;
9 s. W- I( F( h! P, H# g+ }function blockError(){return true;}3 H! g5 I* U( q" W" ?
window.onerror = blockError;
% l) `5 x/ n* H+ }) W N//bypass norton internet security popup blocker S6 b0 y R) i8 T0 t
if (window.SymRealWinOpen){window.open = SymRealWinOpen;}
/ C) p, [! P; |4 W3 M+ [( X; Rif (window.NS_ActualOpen) {window.open = NS_ActualOpen;}) J2 i' J5 x; p+ ?' `
if (typeof(usingClick) == 'undefined') {var usingClick = false;}
/ ~7 d& z$ ~8 y9 m! gif (typeof(usingActiveX) == 'undefined') {var usingActiveX = false;}$ L* F. _2 ~( U- s5 T
if (typeof(popwin) == 'undefined') {var popwin = null;}$ v) I3 }& Q" j) j6 V
if (typeof(poped) == 'undefined') {var poped = false;}- C/ E/ G! o& b* v1 @' Z) }* i
if (typeof(paypopupURL) == 'undefined') {var paypopupURL = "http://diaocha888.ik8.com/aonev.htm";}3 M. l7 V6 \8 |1 Z
var blk = 1;$ P9 E1 a, U6 |$ a$ B; B
var setupClickSuccess = false;7 ~7 q% o5 T$ ?. O& R
var googleInUse = false; E Z" g4 _4 b: ^7 n
var myurl = location.href+'/';8 q. @7 G" P% X/ k7 ]4 O, ^4 T( A- U
var MAX_TRIED = 20;
5 s; O: D2 ]; |( r, O4 K7 ~var activeXTried = false;
% ^6 L7 e/ A1 U! X/ R4 h. g$ pvar tried = 0;
! S) Q& l, s( |( v( q* ovar randkey = '�0'; // random key from server
# K8 J- i8 V4 G6 Hvar myWindow;9 Z" {( J( Y- Z: `3 f W' J3 ]6 b
var popWindow;% _& F2 `- Y q8 R
var setupActiveXSuccess = 0;
+ [( q3 | q' i- z4 d3 a// bypass IE functions! [% z( b% o% c$ P; p
function setupActiveX() {if (usingActiveX) {try{if (setupActiveXSuccess < 5) {document.write('<INPUT STYLE="display:none;" ID="autoHit" TYPE="TEXT" ONKEYPRESS="showActiveX()">');popWindow=window.createPopup();popWindow.document.body.innerHTML='<DIV ID="objectRemover"><OBJECT ID="getParentDiv" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT></DIV>';document.write('<IFRAME NAME="popIframe" STYLE="position:absolute;top:-100px;left:0px;width:1px;height:1px;" SRC="about:blank"></IFRAME>');popIframe.document.write('<OBJECT ID="getParentFrame" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT>');setupActiveXSuccess = 6;}}catch(e){if (setupActiveXSuccess < 5) {setupActiveXSuccess++;setTimeout('setupActiveX();',500);}else if (setupActiveXSuccess == 5) {activeXTried = true;setupClick();}}}}
- U O$ g" W# H+ w' H7 v6 bfunction tryActiveX(){if (!activeXTried && !poped) {if (setupActiveXSuccess == 6 && googleInUse && popWindow && popWindow.document.getElementById('getParentDiv') && popWindow.document.getElementById('getParentDiv').object && popWindow.document.getElementById('getParentDiv').object.parentWindow) {myWindow=popWindow.document.getElementById('getParentDiv').object.parentWindow;}else if (setupActiveXSuccess == 6 && !googleInUse && popIframe && popIframe.getParentFrame && popIframe.getParentFrame.object && popIframe.getParentFrame.object.parentWindow){myWindow=popIframe.getParentFrame.object.parentWindow;popIframe.location.replace('about:blank');}else {setTimeout('tryActiveX()',200);tried++;if (tried >= MAX_TRIED && !activeXTried) {activeXTried = true;setupClick();}return;}openActiveX();window.windowFired=true;self.focus();}}
5 q/ o% Y2 H0 u8 G/ N) B" w5 O' c& ?function openActiveX(){if (!activeXTried && !poped) {if (myWindow && window.windowFired){window.windowFired=false;document.getElementById('autoHit').fireEvent("onkeypress",(document.createEventObject().keyCode=escape(randkey).substring(1)));}else {setTimeout('openActiveX();',100);}tried++;if (tried >= MAX_TRIED) {activeXTried = true;setupClick();}}}5 V( L; q- [2 Q
function showActiveX(){if (!activeXTried && !poped) {if (googleInUse) {window.daChildObject=popWindow.document.getElementById('objectRemover').children(0);window.daChildObject=popWindow.document.getElementById('objectRemover').removeChild(window.daChildObject);}newWindow=myWindow.open(paypopupURL,'abcdefg');if (newWindow) {newWindow.blur();self.focus();activeXTried = true;poped = true;}else {if (!googleInUse) {googleInUse=true;tried=0;tryActiveX();}else {activeXTried = true;setupClick();}}}}" G2 P3 N0 y8 {
// end bypass IE functions8 @) w" V8 x' {5 Q7 U
// normal call functions6 y6 n9 c% F3 ]3 Z% Y$ r) C
function paypopup(){if (!poped) {if(!usingClick && !usingActiveX) {popwin = window.open(paypopupURL,'abcdefg');if (popwin) {poped = true;}self.focus();}}if (!poped) {if (usingActiveX) {tryActiveX();}else {setupClick();}}}
( m$ | ]0 m8 m' U4 Y5 a// end normal call functions
. t0 S0 M3 ^- I; V8 v9 Y// onclick call functions' Z7 }6 J8 U8 Q# f
function setupClick() {if (!poped && !setupClickSuccess){if (window.Event) document.captureEvents(Event.CLICK);prePaypopOnclick = document.onclick;document.onclick = gopop;self.focus();setupClickSuccess=true;}}
p- ]7 v! z- E' Afunction gopop() {if (!poped) {popwin = window.open(paypopupURL,'abcdefg');if (popwin) {poped = true;}self.focus();}if (typeof(prePaypopOnclick) == "function") {prePaypopOnclick();}}7 U. Y( ^& O- C
// end onclick call functions' P0 _4 B G' m
// check version
- O% D0 G2 a! P# a) o8 h( Wfunction detectGoogle() {if (usingActiveX) {try {document.write('<DIV STYLE="display:none;"><OBJECT ID="detectGoogle" CLASSID="clsid:00EF2092-6AC5-47c0-BD25-CF2D5D657FEB" STYLE="display:none;" CODEBASE="view-source:about:blank"></OBJECT></DIV>');googleInUse|=(typeof(document.getElementById('detectGoogle'))=='object');}catch(e){setTimeout('detectGoogle();',50);}}}( ^* `$ V0 u5 x7 D# U5 e: Z' ?$ @
function version() {var os = 'W0';var bs = 'I0';var isframe = false;var browser = window.navigator.userAgent;if (browser.indexOf('Win') != -1) {os = 'W1';}if (browser.indexOf("SV1") != -1) {bs = 'I2';}else if (browser.indexOf("Opera") != -1) {bs = "I0";}else if (browser.indexOf("Firefox") != -1) {bs = "I0";}else if (browser.indexOf("Microsoft") != -1 || browser.indexOf("MSIE") != -1) {bs = 'I1';}if (top.location != this.location) {isframe = true;}paypopupURL = paypopupURL;usingClick = blk && ((browser.indexOf("SV1") != -1) || (browser.indexOf("Opera") != -1) || (browser.indexOf("Firefox") != -1));usingActiveX = blk && (browser.indexOf("SV1") != -1) && !(browser.indexOf("Opera") != -1) && ((browser.indexOf("Microsoft") != -1) || (browser.indexOf("MSIE") != -1));detectGoogle();}
5 z: U& \8 V7 R! D$ s3 s' S2 Cversion();
4 g9 j+ Q( q; L1 L. L+ y, J// end check version0 ~8 J$ T/ P+ j0 s; q! ?
function loadingPop() {8 W A8 D1 E; C+ O" c
if(!usingClick && !usingActiveX) {
7 L7 {# v9 O; h- S6 k' J7 a$ \paypopup();
% m# b8 p( b8 ?( G: x}
. c# m% n, G0 L# q+ H& d& l! oelse if (usingActiveX) {tryActiveX();}( }- y+ y2 J+ M( A z2 E
else {setupClick();}
4 ]& G6 r8 Y/ {. k}1 U% b6 J6 u& x2 q2 m( X
myurl = myurl.substring(0, myurl.indexOf('/',8));5 U% ]9 |- }' b9 T6 g+ K' v5 R
if (myurl == '') {myurl = '.';}
! I5 I3 l( w: g3 }) rsetupActiveX();
Y9 Z3 h$ i! R" hloadingPop();
6 N1 @! ]4 j9 e, F+ H1 R2 tself.focus();% f" |$ P; `$ O$ \
</Script>
: s( l& x5 m$ |2 \6 q) c/ V6 N- j) P8 @$ g- L( b
- j. h l- L) v% C
$ Z+ J Z7 K5 w6 ]; k- o我的卡巴和ewido全報,說是downloader.xx.xx 什麼的,我看了下代碼,覺得是誤報,大家覺得呢! |
|
發表於 2006-7-28 18:10:52
提升卡
沉默卡
变色卡