Переделки:
с файла Del Files & Folders.cmd (удаление файлов в различных директориях по различным маскам)
Код:
On Error resume next
Set WshShell = CreateObject("WScript.Shell")
Set FColl = CreateObject("Scripting.Dictionary") 'Вход колл-и адресов
Set NColl = CreateObject("Scripting.Dictionary") 'Вход колл-и шаблонов имен файлов
Set FSO = CreateObject("Scripting.FileSystemObject")
strPathAll = WshShell.ExpandEnvironmentStrings("%AllUsersProfile%")
strPathUser = WshShell.ExpandEnvironmentStrings("%UserProfile%")
strPathSys = WshShell.ExpandEnvironmentStrings("%SystemDrive%")
'Коллекция масок
NColl.Add 1, "Знакомство с Windows XP"
NColl.Add 2, "Мастер совместимости программ"
NColl.Add 3, "Адресат"
NColl.Add 4, "Мои Документы"
NColl.Add 5, "Сжатая ZIP-папка"
NArr = NColl.Items
'Коллекция папок
FColl.Add 1, strPathAll & "\" & "Главное меню\Программы"
FColl.Add 2, strPathAll & "\" & "Главное меню"
FColl.Add 3, strPathUser & "\" & "Главное меню\Программы"
FColl.Add 4, strPathUser & "\" & "Главное меню"
FColl.Add 5, strPathAll & "\" & "Главное меню\Программы\Стандартные"
FColl.Add 6, strPathUser & "\" & "Главное меню\Программы\Стандартные"
FColl.Add 7, strPathAll & "\" & "SendTo"
FColl.Add 8, strPathUser & "\" & "SendTo"
FColl.Add 9, strPathSys & "\" & "Program Files\WindowsUpdate"
FColl.Add 10, strPathSys & "\" &"Program Files\Uninstall Information"
FArr = FColl.Items
'Перебор коллекции
For i=0 To 3 'Перебор коллекции адресов
strPathDell = FArr (i)
Call DelAllFunction(strPathDell)
Next
For i=4 To FColl.count-3 'Перебор коллекции адресов
For j=0 To NColl.count-1 'Вложенный перебор коллекции масок
PathDell = "" & FArr (i) & ""
maskname = "" & NArr (j) & ""
Call DelMaskFunction(PathDell, maskname)
Next
Next
For i=8 To FColl.count-1 'Перебор коллекции адресов
strPathDell = FArr (i)
Set Folder = FSO.GetFolder(strPathDell)
Folder.Delete
Next
'Учет ошибок
If Err.Number Then
MSgBox "Сценарий выполнен с ошибками" & CStr(Err.Number) & " : " & Err.Description
Else
Err.Clear
MSgBox "Сценарий выполнен"
End if
WScript.Quit (0)
' Функция удаления всех файлов
Function DelAllFunction(strPathDell)
Set Folder = FSO.GetFolder(strPathDell)
For Each File In Folder.Files
File.Delete
Next
End If
End Function
WScript.Quit (1)
' Функция удаления файлов по маске
Function DelMaskFunction(strPathDell, strMaskname)
strMaskname = strMaskname
strPathDell = strPathDell
For Each File In FSO.GetFolder(strPathDell).Files
strName = FSO.GetBaseName(File.Name)
If strName = strmaskname Then
File.Delete
End if
Next
End Function
WScript.Quit (1)
с файла Install soft.cmd (запуск инсталляторов)
Код:
On Error resume next
Set WshShell = CreateObject("WScript.Shell")
strWINDIR = WshShell.ExpandEnvironmentStrings("%WINDIR%")
strPFILES = WshShell.ExpandEnvironmentStrings("%%PROGRAMFILES%%")
strToogle = strWINDIR & "\" & "Toogle"
WshShell.Run strWINDIR & "\" & "1365VidChng.exe 1024x768x32@60 -q"
WshShell.Run strWINDIR & "\" & "DT.exe /VERYSILENT /NORESTART"
WshShell.Run strWINDIR & "\" & "Unlocker189.exe /VERYSILENT"
WshShell.Run strPFILES & "\" & "PuntoSwitcher31172.exe /VERYSILENT"
WshShell.Run strToogle & "\" & "TOGGLE~1.EXE /Silent /HiddenFiles /SuperHiddenFiles /FilesExtension"
'Учет ошибок
If Err.Number Then
MSgBox "Сценарий выполнен с ошибками" & CStr(Err.Number) & " : " & Err.Description
Else
Err.Clear
MSgBox "Сценарий выполнен"
End if
WScript.Quit (0)
с файла CleanUp.cmd (удаление файлов из одной папки по имени)
Код:
On Error resume next
Set WshShell = CreateObject("WScript.Shell")
Set FColl = CreateObject("Scripting.Dictionary")
Set FSO = CreateObject("Scripting.FileSystemObject")
strSrcPath = WshShell.ExpandEnvironmentStrings("%WinDir%")
FColl.Add 1, "Unlocker189.exe"
FColl.Add 2, "1365VidChng.exe"
FColl.Add 3, "DT.exe"
FColl.Add 4, "reboot.exe"
FColl.Add 5, "tweaks2.reg"
FColl.Add 6, "PuntoSwitcher31172.exe"
Arr = FColl.Items
For i=0 To FColl.Count-1
objFile = strSrcPath & "\" & Arr(i)
Set File = FSO.GetFile(objFile)
If FSO.FileExists(objFile) Then
Name = FSO.GetFileName(objFile)
File.Delete
Else
strErr = strErr & objFile & vbcrlf
End if
Next
If Len(strErr) > 0 Then
strErr = "Следующие файлы не были обнаружены:" _
& vbcrlf & strErr
MSgBox strErr
End if
Set FSO = Nothing
Set FColl = Nothing
Set WshShell = Nothing
WScript.Quit
с файла Move from Windir.cmd (просто перемещение файла)
Код:
Set WshShell = CreateObject("WScript.Shell")
Set FSO = CreateObject("Scripting.FileSystemObject")
strPathAll = WshShell.ExpandEnvironmentStrings("%AllUsersProfile%")
strWINDIR = WshShell.ExpandEnvironmentStrings("%WINDIR%")
Set File = FSO.GetFile(strWINDIR & "\" & "cleanup.cmd")
File.Move strPathAll & "\" & "Главное меню\Программы\Автозагрузка"
или проще
Set FSO = CreateObject("Scripting.FileSystemObject")
Set File = FSO.GetFile("C:\Windows\cleanup.cmd")
File.Move All Users\Start menu\Program\Autorun"
Реестр...
Код:
On Error resume next
Const bRoot = "HKCU"
Const bpart = "Software\Microsoft\Windows\CurrentVersion\Policies\system"
Const bname = "DisableTaskMgr"
Const bValue = &H0
Set objShell = CreateObject("WScript.Shell")
bKey = objShell.RegRead ( bRoot & "\" & bpart & "\" & bname)
If not bKey = nul Then
MsgBox "Ключ" & bname & "присутствует в реестре со значением: " & Vbcrlf & "REG_DWORD = _" & bKey
Else
objShell.RegWrite bRoot & "\" & bpart, bValue, "REG_DWORD"
End IF
vbs-суицид
Код:
Set FSO = CreateObject("Scripting.FileSystemObject")
FSO.DeleteFile WScript.ScriptFullName, 0
И САМОЕ ГЛАВНОЕ : СПРАВКА
PS: Скачал это архивчик с *.bat и вспомнилось (просто классика жанра...), был же когда-то antiBATCHvirus.
Думаю многим будет интересно посмотреть, что это было:
Код:
mode con cols=80 lines=55
:: risk_level chart
:: low = 1 point
:: medium~low = 2 points
:: medium = 3 points
:: medium~high = 4
:: high = 5 points
:: very high = 6 points
cls
@echo off
set ver=v1.00
title MJO's Batch Virus-Scanner %ver%
color 0a
set risk_level=
goto menu
:menu
cls
set menu=
echo Welcome to MJO's Batch File Virus-Scanner %ver%
echo ------------------------------------------------
echo 1) Scan a Batch File
echo 2) Important info (read before scanning)
echo 3) Description of commands being scanned for
echo 4) Credits
echo 5) Exit
echo ------------------------------------------------
set /p "menu=Choose: "
if /i "%menu%" == "" goto menu
if /i "%menu%" == "1" goto first
if /i "%menu%" == "2" goto second
if /i "%menu%" == "3" goto third
if /i "%menu%" == "4" goto credits
if /i "%menu%" == "5" exit
goto menu
:credits
cls
echo BlueHead - Came up with Idea
echo AutoBatch - Main programmer
echo ikoinhd - Programmer and Debugger
echo Tan - Provided helpful information
echo ------------------
echo Press any key to go to the main menu
pause>nul
goto menu
:third
cls
echo "Regedit"
echo Messes with your computers Registery.
echo Much of the Registery is neccessary to keep your computer working.
echo ----
echo "Shutdown"
echo Shuts down your computer.
echo ----
echo "Del"
echo Delete's files, folders, etc.
echo Can be harmful.
echo ----
echo "Xcopy"
echo Copies files, folders, etc.
echo Can spam your computer until it crashes.
echo ----
echo "Taskkill"
echo Stops running tasks or processes.
echo Some tasks are neccessary to keep your computer functioning correctly.
echo ----
echo "Tasklist"
echo Displays the running tasks or process.
echo Only considered harmful if found with "Taskkill".
echo ----
echo "Erase"
echo Has the same function as "Del".
echo ----
echo "Doskey"
echo This is a rarely used commmand that most people haven't heard of.
echo If it's in a batch file it's probably for malicious purposes.
echo ----
echo Press any key to go to the main menu.
pause>nul
goto menu
:second
cls
echo First off, don't jump to conclusions if
echo the scanner says it found a virus.
echo The scanner is simply to aware you
echo of possibly harmful commands in the batch
echo file you're scanning. Here are more malicious commands.
echo Only run the batch file if you know how
echo these commands are being used.
echo ------------------------------
echo 1) regedit
echo 2) doskey
echo 3) taskkill
echo ------------------------------
echo Press any key to go to the main menu
pause>nul
goto menu
:first
cls
set fn=
echo Type E to exit to the main menu
echo Please keep the virus scanner and batch file together
echo ------------------------------------------
set /p "fn=Enter the name of the batch file: "
if /i "%fn%" == "E" goto menu
if /i exist "%fn%.bat" (
goto next
) else (
goto dne
:next
set risk_level=0
set risk_level_1=
set risk_level_2=
findstr /i /m "regedit" "%fn%.bat" (
cls
set regedit=
if "%errorlevel%" equ "0" set regedit=echo Command ^"Regedit" found : risk-very high
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+6
)
findstr /i /m "shutdown " "%fn%.bat" (
cls
set shutdown=
if "%errorlevel%" equ "0" set shutdown=echo Command "Shutdown" found : risk-medium~low
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+2
)
findstr /i /m "^del" "%fn%.bat" (
cls
set del=
if "%errorlevel%" equ "0" set del=echo Command "Del" found : risk-low
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+1
)
findstr /i /m "taskkill" "%fn%.bat" (
cls
set taskkill=
if "%errorlevel%" equ "0" set taskkill=echo Command "Taskkill" found : risk-medium~low
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+2
)
findstr /i /m "xcopy" "%fn%.bat" (
cls
set xcopy=
if "%errorlevel%" equ "0" set xcopy=echo Command "Xcopy" found : risk-medium
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+3
)
findstr /i /m "erase" "%fn%.bat" (
cls
set erase=
if "%errorlevel%" equ "0" set erase=echo Command "Erase found" : risk-medium~low
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+2
)
findstr /i /m "doskey" "%fn%.bat" (
cls
set doskey=
if "%errorlevel%" equ "0" set doskey=echo Command "Doskey" found : risk-medium~high
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+4
)
findstr /i /m "tasklist" "%fn%.bat" (
cls
set tasklist=
if "%errorlevel%" equ "0" set tasklist=echo Command "Tasklist" found : risk-medium~low
if "%errorlevel%" equ "0" set /a risk_level=%risk_level%+2
)
set risk=
if "%risk_level%" equ "0" (
set risk=echo No possibly harmful commands were found in this batch file.
set risk_level=
) else (
set risk_level_1=echo --------------------------------------
set risk_level_2=echo The level of risk for this file is:
)
goto results
:dne
echo.
echo The file specified is either not a batch file, or does
echo not exist.
pause > nul
goto first
:results
cls
echo --------------------------------------
%risk%
%regedit%
%shutdown%
%del%
%taskkill%
%doskey%
%erase%
%xcopy%
%tasklist%
%risk_level_1%
%risk_level_2% %risk_level%
echo --------------------------------------
echo Press any key to go to the main menu
pause>nul
goto menu
|
