is scriptas praskanuos js saite esanius failus, bei bylas, iekos juose virusu, shell ir panaiai. Sukurkite fail su pltiniu .php ir  j nukopijuokite kod esant emiau, toliau kelkite  savo saito pagrindin direktorija.
1 ingsnis:

<?
$path = $_SERVER['DOCUMENT_ROOT']; // pagrindine direktorija
$debug = true;
$extensions = Array();
$extensions[] = 'htm';
$extensions[] = 'tml';
$extensions[] = 'txt';
$extensions[] = 'php';
$extensions[] = 'hp4';
$extensions[] = 'hp5';
$extensions[] = '.pl';
$report = '';
renderhead();
$dircount = 0;
$filecount = 0;
$infected = 0;
if (!check_defs('virus.def'))
trigger_error("Virus.def pakeistite leidimus(chmod)", E_USER_ERROR);
$defs = load_defs('virus.def', $debug);
file_scan($path, $defs, $debug);
echo '<h1>Skanavimas baigtas</h2>';
echo '<div id=summary>';
echo '<p><strong>Skanuotos bylos:</strong> ' . $dircount . '</p>';
echo '<p><strong>Skanuoti failai:</strong> ' . $filecount . '</p>';
echo '<p class=r><strong>UKRSTI FAILAI:</strong> ' . $infected . '</p>';
echo '</div>';
echo $report;
function file_scan($folder, $defs, $debug = true) {
global $dircount, $report;
$dircount++;
if ($debug)
$report .= '<p class="d">Skanuojama $folder ...</p>';
if ($d = @dir($folder)) {
while (false !== ($entry = $d->read())) {
$isdir = @is_dir($folder.'/'.$entry);
if (!$isdir and $entry!='.' and $entry!='..') {
virus_check($folder.'/'.$entry,$defs,$debug);
} elseif ($isdir and $entry!='.' and $entry!='..') {
file_scan($folder.'/'.$entry,$defs,$debug);
}
}
$d->close();
}
}
function virus_check($file, $defs, $debug = true) {
global $filecount, $infected, $report, $extensions;
$scannable = 0;
foreach ($extensions as $ext) {
if (substr($file,-3)==$ext)
$scannable = 1;
}

if ($scannable) {
$filecount++;
$data = file($file);
$data = implode('\r\n', $data);
$clean = 1;
foreach ($defs as $virus) {
if (strpos($data, $virus[1])) {
$report .= '<p class="r">Ukrsta: ' . $file . ' (' . $virus[0] . ')</p>';
$infected++;
$clean = 0;
}
}
if (($debug)&&($clean))
$report .= '<p class="g">varus: ' . $file . '</p>';
}
}
function load_defs($file, $debug = true) {
$defs = file($file);
$counter = 0;
$counttop = sizeof($defs);
while ($counter < $counttop) {
$defs[$counter] = explode(' ', $defs[$counter]);
$counter++;
}
if ($debug)
echo '<p>Paleista ' . sizeof($defs) . ' virus patikrinim.</p>';
return $defs;
}
function check_defs($file) {
clearstatcache();
$perms = substr(decoct(fileperms($file)),-2);
if ($perms > 55)
return false;
else
return true;
}
function renderhead() {
?>
<html>
<head>
<title>Virus skanavimas</title>
<style type="text/css">
h1 {
font-family: arial;}
p {
font-family: arial;
padding: 0;
margin: 0;
font-size: 10px;}
.g {
color: #009900;}
.r {
color: #990000;
font-weight: bold;
}
.d {
color: #ccc;
}
#summary {
border: #333 solid 1px;
background: #f0efca;
padding: 10px;
margin: 10px;}
#summary p {
font-size: 12px;
}
</style></head><body>
<? } ?>
</body></html>




2 ingsnis:

Sukurkite fail virus.def , (atkreipkite dms jog failo pltinys .def)  j raykite kod esant emiau ir taip pat kelkite  pagrindin saito direktorija.

Crazy Toolbar IE Exploit crazy-toolbar.com
JS.Scob.Trojan 217.107.218.147
Liber Inc. Exploit advadmin.biz
Liber Inc. Exploit Advtraff.biz
Liber Inc. Exploit bettersearch.biz
Liber Inc. Exploit Connect2cash.biz
Liber Inc. Exploit Crazy-toolbar.com
Liber Inc. Exploit Drugs-shop.biz
Liber Inc. Exploit Onlyfreevideo.com
Liber Inc. Exploit pizdato.biz
Liber Inc. Exploit private-iframe.biz
Liber Inc. Exploit private-toolbar.biz
Liber Inc. Exploit sexyphotos.biz
Liber Inc. Exploit myiframe.biz
Liber Inc. Exploit private-dialer.biz
Liber Inc. Exploit cash4me.biz
Liber Inc. Exploit newiframe.biz
Liber Inc. Exploit traffi4sale.biz
Liber Inc. Exploit traffic2cash.biz
Liber Inc. Exploit vse-moe.biz
Liber Inc. Exploit web-res.biz
Liber Inc. Exploit web-result.biz
Liber Inc. Exploit antiblock.biz
Liber Inc. Exploit sp2admin.biz
Liber Inc. Exploit sp2fucked.biz
Liber Inc. Exploit admin2cash.biz
Liber Inc. Exploit coolsearch.biz
Liber Inc. Exploit Web-res.biz
Santy Worm NeverEverNoSanity
Santy Worm WebWorm