欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

Autorun隨機7位字母命名的病毒專殺工具

 更新時間:2007年06月11日 00:00:00   作者:  
<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>七位字母命名的病毒專殺工具</title>
<HTA:APPLICATION 
    APPLICATIONNAME="KILLVIRUS"
    border="thin" 
    borderstyle="normal" 
    caption="yes" 
    icon="c.ico" 
    maximizebutton="no"
    minimizebutton="yes"
    showintaskbar="yes" 
    singleinstance="yes"
    sysmenu="yes" 
    version="1.0" 
    windowState="normal"
>
<style type="text/css">
    body           {background-color:#FFF}
    body,input     {font:9pt tahoma}
    body a         {font-size:12px;text-decoration:none}
    body a:link    {color:#0000CC;text-decoration:none}
    body a:visited {color:#0000CC;text-decoration:none}
    fieldset       {height:230x}
    legend         {font-weight: bolder}
    #DataArea      {color:#FF0000}
    textarea       {scrollbar-face-color:#FFF;
                    scrollbar-arrow-color:#000;
                    scrollbar-base-color:#FFF; 
                    scrollbar-dark-shadow-color:##2D5B2D;
                   }
</style>
</head>

<script language="VBScript">

Sub Window_onLoad
window.resizeTo 620,400
End Sub

Sub DONOW
DataArea.InnerHTML = "正在進行快速殺毒……請稍等……"
End Sub

Sub DOEND
DataArea.InnerHTML = "病毒清除成功,如果你發(fā)現(xiàn)有本專殺不能清除的病毒,請?zhí)峤粯颖荆簓cosxhack@126.com,壓縮加密virus。"
End Sub

Sub KILLVIRUS
DONOW
on error resume next
msgbox "本專殺由余弦函數(shù)制作,點擊確實開始殺毒。",64,"Autorun隨機七位字母命名的病毒專殺"
set w=getobject("winmgmts:")
set p=w.execquery("select * from win32_process where name='dmecvcm.exe' or name='iywdqdf.exe' or name='oduxyym.exe' or name='wojhadp.exe' or name='rmwaccq.exe' or name='dtstorp.exe' or name='ouvjwsc.exe' or name='wocfiba.exe' or name='gnkjkrl.exe' or name='lnmwiid.exe' or name='suvtufx.exe' or name='wojhadp.exe' or name='rmwaccq.exe' or name='egclmvo.exe' or name='cyqttve.exe'") 
for each i in p
i.terminate 
next
set fso=createobject("scripting.filesystemobject")
set del=createobject("wscript.shell")
dim d(16)
dim v(16)
d(0)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\dmecvcm.exe")
d(1)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\iywdqdf.exe")
d(2)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\meex.com")
d(3)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\oduxyym.exe")
d(4)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\wojhadp.exe")
d(5)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\rmwaccq.exe")
d(6)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\dtstorp.exe")
d(7)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\ouvjwsc.exe")
d(8)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\wocfiba.exe")
d(9)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\gnkjkrl.exe")
d(10)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\lnmwiid.exe")
d(11)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\suvtufx.exe")
d(12)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\wojhadp.exe")
d(13)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\rmwaccq.exe")
d(14)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\egclmvo.exe")
d(15)=del.ExpandEnvironmentStrings("%SystemRoot%\system32\cyqttve.exe")
for i=0 to 15
set v(i)=fso.getfile(d(i))
v(i).attributes=0
v(i).delete
next
set fso=createobject("scripting.filesystemobject")
set drvs=fso.drives
for each drv in drvs
if drv.drivetype=1 or drv.drivetype=2 or drv.drivetype=3 or drv.drivetype=4 then
set w=fso.getfile(drv.driveletter&":\kocmbcd.exe")
w.attributes=0
w.delete
set w_1=fso.getfile(drv.driveletter&":\vlskjgs.exe")
w_1.attributes=0
w_1.delete
set w_2=fso.getfile(drv.driveletter&":\haqeyfy.exe")
w_2.attributes=0
w_2.delete
set w_3=fso.getfile(drv.driveletter&":\udnnnvq.exe")
w_3.attributes=0
w_3.delete
set w_3=fso.getfile(drv.driveletter&":\nqgphqd.exe")
w_3.attributes=0
w_3.delete
set w_4=fso.getfile(drv.driveletter&":\cmxpbpl.exe")
w_4.attributes=0
w_4.delete
set u=fso.getfile(drv.driveletter&":\autorun.inf")
u.attributes=0
u.delete
end if
next
set reg=createobject("wscript.shell")
reg.regwrite "HKLM\SYSTEM\CurrentControlSet\Services\AVP\Start",2,"REG_DWORD"
reg.regwrite "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Start",2,"REG_DWORD"
reg.regwrite "HKLM\SYSTEM\CurrentControlSet\Services\helpsvc\Start",2,"REG_DWORD"
reg.regwrite "HKLM\SYSTEM\CurrentControlSet\Services\wuauserv\Start",2,"REG_DWORD"
reg.regwrite "HKLM\SYSTEM\CurrentControlSet\Services\wscsvc\Start",2,"REG_DWORD"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue",1,"REG_DWORD"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\DefaultValue",2,"REG_DWORD"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedValue",2,"REG_DWORD"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\DefaultValue",2,"REG_DWORD"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden\UncheckedValue",1,"REG_DWORD"

reg.regdelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hhsonxn"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kocmbcd"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\haqeyfy"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vlskjgs"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\udnnnvq"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uragvod"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cfrxjwg"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nqgphqd"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmxpbpl"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dnpsalq"

reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FYFireWall.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPF.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapsvc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Navapw32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconsol.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webscanx.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NPFMntor.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsstat.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPfwSvc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavTask.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQKav.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AgentSvr.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AppSvc32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoruns.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrssvc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvMonitor.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CCenter.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccSvcHst.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FileDsty.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\FTCleanerShell.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HijackThis.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Iparmor.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\isPwdSvc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASMain.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KASTask.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAV32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVDX.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVPFW.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSetup.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVStart.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KISLnchr.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMailMon.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KMFilter.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KPFW32X.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KsLoader.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvfwMcl.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvolself.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVSrvXP.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvupload.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatch9x.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KWatchX.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\loaddll.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcconsol.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmqczj.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QHSET.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMonD.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavStub.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegClean.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RsAgent.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rsaupd.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safelive.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shcfg32.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SmartUp.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysSafe.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojanDetector.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Trojanwall.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UIHost.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAgent.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxAttachment.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxCfg.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxFwHlp.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UmxPol.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UpLive.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\upiea.exe\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KaScrScn.SCR\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRepair.com\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVCenter.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP_1.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvReport.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVScan.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVStub.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP_1.kxp\"
reg.regdelete "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp\"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dmecvcm.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iywdqdf.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\meex.com\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oduxyym.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wojhadp.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmwaccq.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dtstorp.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ouvjwsc.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wocfiba.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\gnkjkrl.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnmwiid.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\suvtufx.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wojhadp.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rmwaccq.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kocmbcd.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vlskjgs.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\haqeyfy.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\udnnnvq.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nqgphqd.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egclmvo.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cyqttve.exe\Debugger","NoVirus","REG_SZ"
reg.regwrite "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmxpbpl.exe\Debugger","NoVirus","REG_SZ"
set fso=nothing
DOEND
End Sub

Sub EXITKILL
window.close()
End Sub

</script>

<body>
<input type="button" value="KillVirus" onClick="KILLVIRUS">
<input type="button" value="My BLOG" onClick="window.open('http://hi.baidu.com/ycosxhack')">
<input type="button" value="EXIT" onClick="EXITKILL">
<-------------------------專殺更新時間2007年6月7日 POWERED BY <a >余弦函數(shù)</a>
<p><span id=DataArea>點擊KillVirus開始殺毒……</span><p>
<fieldset>
<legend>- Read Me First -</legend>
<textarea id="readme" style="border:0; background-color:#FFFFFF; width:98%; height:226px;">
Autorun隨機七位字母命名的病毒專殺

1、專殺目前可以完全查殺kocmbcd.exe、ouvjwsc.exen、qgphqd.exe、udnnnvq.exe與cmxpbpl.exe通過移動盤傳播的病毒!這些都是同類病毒的變種,遇到新變種我會繼續(xù)更新殺毒指令。

2、如果你中的是其它變種的Virus.Win32.AutoRun或Trojan-Downloader.Win32.Agent,運行此專殺將能暫時解決部分問題。你可以將病毒樣本發(fā)到此郵箱ycosxhack@126.com,以便我更新殺毒指令。

3、轉載本專殺的源碼請務必保持源碼的完整性……


BY 余弦函數(shù) 2007年6月7日 http://hi.baidu.com/ycosxhack <--我的博客
</textarea>
</fieldset>
</body>
</html>
打包文件下載

相關文章

最新評論