Last active
January 24, 2019 11:15
-
-
Save shizhao/545e252131663c9cedadf5bab52a884c to your computer and use it in GitHub Desktop.
检查本机是否存在Xmr挖矿病毒
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
set xmr=0 | |
REM 检查是否存在PortTunnel服务 | |
SC QUERY PortTunnel > NUL | |
IF %errorlevel% NEQ 1060 ( | |
ECHO PortTunnel service exist. Found Xmr mining virus! | |
set xmr=1 | |
) | |
REM 检查是否存在Network Connected服务 | |
SC QUERY "Network Connected" > NUL | |
IF %errorlevel% NEQ 1060 ( | |
ECHO Network Connected service exist. Found Xmr mining virus! | |
set xmr=1 | |
) | |
REM 检查是否存在PortTunnel进程 | |
tasklist|findstr /i "PortTunnel" > NUL | |
IF %errorlevel% EQU 0 ( | |
ECHO PortTunnel process exist. Found Xmr mining virus! | |
set xmr=1 | |
) | |
IF %xmr% ==0 ( | |
echo Not found Xmr mining virus! | |
) else ( | |
echo --------------------------------------- | |
echo Found Xmr mining virus!!! | |
echo --------------------------------------- | |
) | |
pause |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment