今天研究 Serial99.com 的機碼 VBScript
這機碼的 VBS 會把 IE 的首頁改掉,網址的 prefix 修改
Windows 的 「關機」按鈕、「執行」關閉,「工作管理員」、「登錄檔編輯器」也會被關閉

修改原程式,使程式原本的目的變更,使之變成清除原本寫入的機碼
以下為 VBScript 的程式內容,若要使用,直接複製至一文字檔,並將副檔名修改成 .vbs 即可


Set LDANN = WScript.CreateObject("WScript.Shell")
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page", "about:blank","REG_SZ"
LDANN.RegWrite "HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page", "about:blank","REG_SZ"
LDANN.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\www","http://","REG_SZ"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\\HideFileExt","00000000","REG_DWORD"

LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Window Title", "","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Window Title"
LDANN.RegWrite "HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel\\HomePage","00000000","REG_DWORD"
LDANN.RegDelete "HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel\\HomePage"
LDANN.RegWrite "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\\HomePage","00000000","REG_DWORD"
LDANN.RegDelete "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\\HomePage"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\\DisableTaskMgr", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\\DisableTaskMgr"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRun", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRun"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogOff", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogOff"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsMenu", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRecentDocsMenu"
LDANN.RegWrite "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoClose", "0","REG_SZ"
LDANN.RegDelete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoClose"

WScript.Echo "清除 serial99.com 註冊之機碼"

smalldd 發表在 痞客邦 PIXNET 留言(0) 人氣()