CONTINUCION DEL AV BAT......

aqui les dejo una beta, claro que le faltan mas datos, por que aqui detecta pocas cosas... pero bueno, por eso necesito la alluda de ud's
esto es el instalador[modifique el instalador, la ruta donde se instala y la oculte]

Código:

echo off
REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d c:\av\av.bat /f
cls
title instalacion av en bat
echo.
echo.
echo.
echo instalando programa
cd\
md av
echo attrib /s -R -A -S -H av
@echo off>C:\av\av.bat
pause
title Av bat cuban-hack>>C:\av\av.bat
:menu>>C:\av\av.bat
cls>>C:\av\av.bat
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»>>C:\av\av.bat
echo º Av bat º>>C:\av\av.bat
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼>>C:\av\av.bat
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»>>C:\av\av.bat
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º>>C:\av\av.bat
echo º º Analizar pc º º 1 º º>>C:\av\av.bat
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º>>C:\av\av.bat
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º>>C:\av\av.bat
echo º º Actualizar º º 2 º º>>C:\av\av.bat
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º>>C:\av\av.bat
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º>>C:\av\av.bat
echo º º Creditos º º 3 º º>>C:\av\av.bat
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º>>C:\av\av.bat
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º>>C:\av\av.bat
echo º º Salir º º 4 º º>>C:\av\av.bat
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º>>C:\av\av.bat
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼>>C:\av\av.bat
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»>>C:\av\av.bat
echo ºEscribe La Opcion Deseadaº>>C:\av\av.bat
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼>>C:\av\av.bat
set /p var=>>C:\av\av.bat
if %var%==1 goto analizar>>C:\av\av.bat
if %var%==2 goto actualizar>>C:\av\av.bat
if %var%==3 goto creditos>>C:\av\av.bat
if %var%==4 goto salir>>C:\av\av.bat

:analizar>>C:\av\av.bat
cls>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
start analizar.bat>>C:\av\av.bat
goto menu>>C:\av\av.bat

:actualizar>>C:\av\av.bat
cls>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo luego pongo las actualizaciones......>>C:\av\av.bat
pause>nul>>C:\av\av.bat
goto menu>>C:\av\av.bat
:creditos>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo.>>C:\av\av.bat
echo Antes que nada recordarles a>>C:\av\av.bat
echo todos ustedes que esta aplicacion es gratuita, >>C:\av\av.bat
echo y darle las gracias a todo el foro de foro.el-hacker.com>>C:\av\av.bat
echo skulmaster132>>C:\av\av.bat
echo gun>>C:\av\av.bat
echo sami>>C:\av\av.bat
echo nike>>C:\av\av.bat
echo the shadow>>C:\av\av.bat
echo ecduni---- no intentes hacerte superior a >>C:\av\av.batnadie...
pause>nul>>C:\av\av.bat
goto menu>>C:\av\av.bat
:salir>>C:\av\av.bat
echo gracias por usar este antivirus>>C:\av\av.bat
echo precione una tecla para salir>>C:\av\av.bat
exit>>C:\av\av.bat
echo.
echo echo off>C:\av\analizar.bat
echo cls>>C:\av\analizar.bat
echo ahora cuando precione una>>C:\av\analizar.bat
echo tecla empesare a analizarle el disco curo>>C:\av\analizar.bat
pause>nul>>C:\av\analizar.bat
cls>>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*taskkill*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*tasklist*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*taskkill*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*tasklist*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\%homepath%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\%username%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*taskkill*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*tasklist*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\%homepath%\%username%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%windir%\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*taskkill*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*tasklist*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%windir%\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%windir%\system32\*.bat">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RD*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REN*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*RMDIR*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*ERASE*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FORMAT*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REPLACE*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*FOR*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*DEBUG*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*taskkill*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*tasklist*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%windir%\system32\*.cmd">>C:\av\analizar.bat
if exist c:\windows\MASTASK.EXE (goto n) else (goto d)>>C:\av\analizar.bat
:n>>C:\av\analizar.bat
del /s /q C:\Windows\MSTASK.EXE >>C:\av\analizar.bat
if exist pepe.txt (goto b) else (goto d)>>C:\av\analizar.bat
b:>>C:\av\analizar.bat
del /s /q C:\WINDOWS\FONTS\TTFLOAD.VBS>>C:\av\analizar.bat
if exist pepe.txt (goto s) else (goto d)>>C:\av\analizar.bat
s:>>C:\av\analizar.bat
del /s /q C:\WINDOWS\Servidor.EXE>>C:\av\analizar.bat
if exist pepe.txt (goto sos) else (goto d)>>C:\av\analizar.bat
:sos>>C:\av\analizar.bat
del /s /q C:\WINDOWS\SYSTEM\LOADPE.COM>>C:\av\analizar.bat
if exist pepe.txt (goto sis) else (goto d)>>C:\av\analizar.bat
:sis>>C:\av\analizar.bat
del /s /q C:\WINDOWS\SYSTEM\SCANREGW.EXE>>C:\av\analizar.bat
:d>>C:\av\analizar.bat
del /s /q C:\Documents and Settings\%Username%\Configuracion local\Temp\*.* >>C:\av\analizar.bat
del /s /q C:\Users\%username%\AppData\Local\Temp\*.*>>C:\av\analizar.bat

ahora separare el code en 2 partes, para que les sea mas fasil a la hora de alludarme...

este es el que busca el virus, que arriba lo redirecciono a c:\program files\av bat\analizar.at

Código:

echo echo off
echo cls
echo ahora cuando precione una
echo tecla empesare a analizarle el disco curo
pause>nul
cls
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*RD*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*REN*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*FOR*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\*.bat"
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*RD*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*REN*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*FOR*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*taskkill*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*tasklist*" "%homedrive%\*.cmd"
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\*.cmd"

findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\*.bat"
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*taskkill*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*tasklist*" "%homedrive%\%homepath%\*.cmd"
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\%homepath%\*.cmd"

findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\%username%\*.bat"
findstr /s /i /m /c:"*DEL*/Q*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*RD*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*SHUTDOWN*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*REN*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*RMDIR*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*ERASE*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*FORMAT*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*REPLACE*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*TSSHUTDN*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*FOR*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*DEBUG*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*taskkill*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*tasklist*" "%homedrive%\%homepath%\%username%\*.cmd"
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%homedrive%\%homepath%\%username%\*.cmd"

findstr /s /i /m /c:"*DEL*/Q*" "%windir%\*.bat"
findstr /s /i /m /c:"*RD*" "%windir%\*.bat"
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\*.bat"
findstr /s /i /m /c:"*REN*" "%windir%\*.bat"
findstr /s /i /m /c:"*RMDIR*" "%windir%\*.bat"
findstr /s /i /m /c:"*ERASE*" "%windir%\*.bat"
findstr /s /i /m /c:"*FORMAT*" "%windir%\*.bat"
findstr /s /i /m /c:"*REPLACE*" "%windir%\*.bat"
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\*.bat"
findstr /s /i /m /c:"*FOR*" "%windir%\*.bat"
findstr /s /i /m /c:"*DEBUG*" "%windir%\*.bat"
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\*.cmd"
findstr /s /i /m /c:"*RD*" "%windir%\*.cmd"
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\*.cmd"
findstr /s /i /m /c:"*REN*" "%windir%\*.cmd"
findstr /s /i /m /c:"*RMDIR*" "%windir%\*.cmd"
findstr /s /i /m /c:"*ERASE*" "%windir%\*.cmd"
findstr /s /i /m /c:"*FORMAT*" "%windir%\*.cmd"
findstr /s /i /m /c:"*REPLACE*" "%windir%\*.cmd"
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\*.cmd"
findstr /s /i /m /c:"*FOR*" "%windir%\*.cmd"
findstr /s /i /m /c:"*DEBUG*" "%windir%\*.cmd"
findstr /s /i /m /c:"*taskkill*" "%windir%\*.cmd"
findstr /s /i /m /c:"*tasklist*" "%windir%\*.cmd"
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%windir%\*.cmd"

findstr /s /i /m /c:"*DEL*/Q*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*RD*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*REN*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*RMDIR*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*ERASE*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*FORMAT*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*REPLACE*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*FOR*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*DEBUG*" "%windir%\system32\*.bat"
findstr /s /i /m /c:"*DEL*/Q*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*RD*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*SHUTDOWN*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*REN*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*RMDIR*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*ERASE*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*FORMAT*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*REPLACE*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*TSSHUTDN*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*FOR*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*DEBUG*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*taskkill*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*tasklist*" "%windir%\system32\*.cmd"
findstr /s /i /m /c:"*REG ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v Microsoft /t REG_SZ /d*" "%windir%\system32\*.cmd"
[color=red]REM ESTO QUE VIENE A CONTINUACION ES NUEVO SE LO AÑADI AHORA[/color]
if exist c:\windows\MASTASK.EXE (goto n) else (goto d)
:n
del /s /q C:\Windows\MSTASK.EXE
:d
if exist C:\WINDOWS\FONTS\TTFLOAD.VBS (goto b) else (goto 1)
b:
del /s /q C:\WINDOWS\FONTS\TTFLOAD.VBS
:1
if exist C:\WINDOWS\Servidor.EXE (goto s) else (goto 2)
s:
del /s /q C:\WINDOWS\Servidor.EXE
:2
if exist C:\WINDOWS\SYSTEM\LOADPE.COM (goto sos) else (goto 3)
:sos
del /s /q C:\WINDOWS\SYSTEM\LOADPE.COM
:3
if exist C:\WINDOWS\SYSTEM\SCANREGW.EXE (goto sis) else (goto 4)
:sis
del /s /q C:\WINDOWS\SYSTEM\SCANREGW.EXE
:4
del /s /q C:\Documents and Settings\%Username%\Configuracion local\Temp\*.*
del /s /q C:\Users\%username%\AppData\Local\Temp\*.*
if exist C:\Windows\TmpPath.ini (goto app) else (goto 5)
:app
del /s /q C:\Windows\TmpPath.ini
:5
if exist C:\Windows\Command\y.y (goto aap1) else (goto 6)
:app1
del /s /q C:\Windows\Command\y.y
:6
if exist C:\Windows\Command\yy.yy (goto app2) else (goto 7)
:app2
C:\Windows\Command\yy.yy
:7
if exist C:\Windows\Command\y.bat (goto app3) else (goto 8)
:app3
del /s /q C:\Windows\Command\y.bat
:8
if exist C:\Windows\Command\System1.dt_ (goto app4) else (goto 9)
app4
del /s /q C:\Windows\Command\System1.dt_
:9
if exist C:\Amore.bat (goto app5) else (goto 10)
del /s /q C:\Amore.bat
del /s /q C:\Docume~1\*.exe
del /s /q C:\Docume~1\*.doc
del /s /q C:\Docume~1\*.xls
del /s /q C:\Docume~1\*.txt
:10
if exist C:\Amore.bat (goto app6) else (goto 11)
del /s /q C:\Mhr.vbs
del /s /q C:\Docume~1\*.exe
del /s /q C:\Docume~1\*.doc
del /s /q C:\Docume~1\*.xls
del /s /q C:\Docume~1\*.txt
:11
if exist C:\Amore.bat (goto app7) else (goto 12)
del /s /q C:\Windows\Vale\Amore.vbs
del /s /q C:\Docume~1\*.exe
del /s /q C:\Docume~1\*.doc
del /s /q C:\Docume~1\*.xls
del /s /q C:\Docume~1\*.txt
:12
if exist C:\Amore.bat (goto app8) else (goto 13)
del /s /q C:\Windows\Vale\2.vbs
del /s /q C:\Docume~1\*.exe
del /s /q C:\Docume~1\*.doc
del /s /q C:\Docume~1\*.xls
del /s /q C:\Docume~1\*.txt
:13
if exist C:\Amore.bat (goto app9) else (goto 14)
del /s /q C:\Windows\Vale\Zkm.reg
del /s /q C:\Docume~1\*.exe
del /s /q C:\Docume~1\*.doc
del /s /q C:\Docume~1\*.xls
del /s /q C:\Docume~1\*.txt
:14

ahora pongo el menu, que tambien biene incluido en el instalador de arriba, y lo guarda en la misma carpeta que el otro pero con nombre distinto C:\Program Files\av bat\av.bat

Código:

@echo off
title Av bat cuban-hack
:menu
cls
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º Av bat º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º
echo º º Analizar pc º º 1 º º
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º
echo º º Actualizar º º 2 º º
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º
echo º º Creditos º º 3 º º
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º
echo º ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ» ÉÍÍÍ» º
echo º º Salir º º 4 º º
echo º ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼ ÈÍÍÍ¼ º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo ºEscribe La Opcion Deseadaº
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ¼
set /p var=
if %var%==1 goto analizar
if %var%==2 goto actualizar
if %var%==3 goto creditos
if %var%==4 goto salir

:analizar
cls
echo.
echo.
echo.
start analizar.bat
goto menu

:actualizar
cls
echo.
echo.
echo.
echo.
echo luego pongo las actualizaciones......
pause>nul
goto menu
:creditos
echo.
echo.
echo.
echo.
echo.
echo.
echo Antes que nada recordarles a
echo todos ustedes que esta aplicacion es gratuita,
echo y darle las gracias a todo el foro de foro.el-hacker.com
echo skulmaster132
echo gun$
echo sami
echo nike
echo the shadow
pause>nul
goto menu
:salir
echo gracias por usar este antivirus
echo precione una tecla para salir
exit

lo que necesito es mas code, para hacer que me detecte mas virus, tanto exe, como bat o vb....y lo otro que me gustaria añadirle es un firewall, pero no se como monitorear todas las conecciones entrantes de un pc, desde la consola.

agradesco las alludas.... seria el antivirus de este seccion del foro

	Bienvenido(a), Visitante. Favor de ingresar o registrarse. ¿Perdiste tu email de activación? - Julio 19, 2008, 12:22:41 Boton Buscar