// Generate a wscript. Shell object that can operate the registry and execute command lines.
VaR OBJ = new activexobject ("wscript. Shell ");
// Read the value of testvalue from the explorer table entry
VaR testvalue = obj. regread ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue ");
// Write a new key to the explorer table entry: testvalue; Value: 1; Type: REG_SZ
OBJ. regwrite ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue", "1", "REG_SZ ");
// Write a new table entry to the explorer table entry: testvalue. The default value is null and the type is REG_SZ.
OBJ. regwrite ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue \", "", "REG_SZ ");
// Delete the key named testvalue In the explorer table
OBJ. regdelete ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ testvalue ");
// Delete the table item testvalue and its subkeys In the explorer table item
Obj. RegDelete ("HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ TestValue \\");
We can see that when you use WScript. Shell to operate the registry, "\" is used to distinguish whether the operation object is a table item or a key.
Using this method to operate the client registry requires that the client's browser security settings allow "Running unsigned ActiveX scripts", otherwise it will not work. This is obvious, or the virus will flood.