کد:
Sleep[5000 Milliseconds]
Sleep[3000 Milliseconds]
Import Registry:
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,Nofolderoptions,1"
"HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore,DisableConfig,1"
"HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore,DisableSR,1"
Copy Current File [with "CopyFileW"]:
"C:\Program Files\Common Files\Microsoft Shared\MSshare.exe"
Create new file [with "CreateFileW"]:
"C:\Program Files\Common Files\Microsoft Shared\MSshare.exe"
"C:\Program Files\Common Files\Microsoft Shared\MSshare.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Paint.lnk"
"C:\Program Files\Common Files\Microsoft Shared\MSshare.exe"
"C:\Program Files\Common Files\Microsoft Shared\MSshare.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Calculator.lnk"
Create Directory
"C:\Program Files\Sound Utility"
Copy Current File [with "CopyFileW"]:
"C:\Program Files\Sound Utility\Soundmax.exe"
"C:\Windows\Web\OfficeUpdate.exe"
Sleep[200000 Milliseconds]
Create new file [with "CreateFileW"]:
"C:\Windows\Web\OfficeUpdate.exe"
"C:\Windows\Web\OfficeUpdate.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Office Update.lnk"
Create Process[with "CreateProcessW"]:
["C:\Windows\system32\AT.exe"] ["C:\WINDOWS\system32\AT.exe" /delete /yes]
Sleep[250 Milliseconds]
Create Process[with "CreateProcessW"]:
["C:\Windows\system32\AT.exe"] ["C:\WINDOWS\system32\AT.exe" 20:30 /every:M,T,TH,F,SU C:\WINDOWS\Web\OfficeUpdate.exe]
Sleep[250 Milliseconds]
Create Process[with "CreateProcessW"]:
["C:\Windows\system32\AT.exe"] ["C:\WINDOWS\system32\AT.exe" 11:30 /every:M,T,TH,F,SU C:\WINDOWS\Web\OfficeUpdate.exe]
Sleep[250 Milliseconds]
Sleep[200000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Create new file [with "CreateFileA"]:
"C:\Autorun.inf"
Set Atributing:
"C:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"C:\autoply.exe"
Set Atributing:
"C:\autoply.inf" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Sleep[250 Milliseconds]
Create new file [with "CreateFileA"]:
"D:\Autorun.inf"
Set Atributing:
"D:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"D:\autoply.exe"
Set Atributing:
"D:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"E:\Autorun.inf"
Set Atributing:
"E:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"E:\autoply.exe"
Set Atributing:
"E:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"F:\Autorun.inf"
Set Atributing:
"F:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"F:\autoply.exe"
Set Atributing:
"F:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"G:\Autorun.inf"
Set Atributing:
"G:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"G:\autoply.exe"
Set Atributing:
"G:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"H:\Autorun.inf"
Set Atributing:
"H:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"H:\autoply.exe"
Set Atributing:
"H:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"I:\Autorun.inf"
Set Atributing:
"I:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"I:\autoply.exe"
Set Atributing:
"I:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Set Atributing:
"J:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Set Atributing:
"K:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Set Atributing:
"L:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Set Atributing:
"M:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Set Atributing:
"N:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Set Atributing:
"O:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Set Atributing:
"P:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Set Atributing:
"Q:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Set Atributing:
"R:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"R:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Set Atributing:
"S:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Set Atributing:
"T:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Set Atributing:
"U:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Set Atributing:
"V:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Set Atributing:
"W:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Set Atributing:
"X:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Set Atributing:
"Y:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Set Atributing:
"Z:\Autorun.inf" to " [READONLY] [HIDDEN]
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"C:\Documents and Settings\{ -> current user}\Desktop\Important.htm"
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Locate to find window [with FindWindowW]:
"Hwnd:0" , "ClassName:''" , "WindowName:Shell_TrayWnd" , "Result:0"
Sleep[200000 Milliseconds]
Copy Current File [with "CopyFileW"]:
"C:\Program Files\Kazaa Lite\My Shared Folder\Sex_ScreenSaver.scr"
"C:\Program Files\Kazaa Lite\My Shared Folder\Sex_Game.scr"
"C:\Program Files\Kazaa\My Shared Folder\Sex_ScreenSaver.scr"
"C:\Program Files\Kazaa\My Shared Folder\Sex_Game.scr"
"C:\Program Files\Edonkey2000\Incoming\Sex_ScreenSaver.scr"
"C:\Program Files\Edonkey2000\Incoming\Sex_Game.scr"
"C:\Program Files\Icq\My Shared Files\Sex_ScreenSaver.scr"
"C:\Program Files\Icq\My Shared Files\Sex_Game.scr"
"C:\Program Files\Kazaa Lite\My Shared Folder\Sex_ScreenSaver.scr"
"C:\Program Files\Kazaa Lite\My Shared Folder\Sex_Game.scr"
"C:\Program Files\emule\Incoming\Sex_ScreenSaver.scr"
"C:\Program Files\emule\Incoming\Sex_Game.scr"
"C:\Program Files\Gnucleus\Downloads\Incoming\Sex_ScreenSaver.scr"
"C:\Program Files\Gnucleus\Downloads\Incoming\Sex_Game.scr"
"C:\Program Files\KMD\My Shared Folder\Sex_ScreenSaver.scr"
"C:\Program Files\KMD\My Shared Folder\Sex_Game.scr"
"C:\Program Files\Limewire\Shared\Sex_ScreenSaver.scr"
"C:\Program Files\Limewire\Shared\Sex_Game.scr"
"C:\Program Files\Inetpub\ftproot\Sex_ScreenSaver.scr"
"C:\Program Files\Inetpub\ftproot\Sex_Game.scr"
Sleep[200000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"R:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Locate to find window [with FindWindowW]:
"Hwnd:0" , "ClassName:''" , "WindowName:Shell_TrayWnd" , "Result:0"
Sleep[200000 Milliseconds]
Create Directory
"C:\Program Files\XPCODE\"
Copy Current File [with "CopyFileW"]:
"C:\Program Files\XPCODE\SexGame.exe"
"C:\Program Files\XPCODE\ScreenSaver.scr"
"C:\Program Files\XPCODE\SexGameList.pif"
"C:\Program Files\XPCODE\SexGame.exe"
"C:\Program Files\XPCODE\SexGame.exe"
"C:\Program Files\XPCODE\Games.lnk
Sleep[200000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"R:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"R:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
OPENING SERTVICE CONTROL MANAGER [With: OpenServiceW]
"Machine Name:''" , "Database Name:''" , "Desired Access:[SC_MANAGER_ALL_ACCESS][SC_MANAGER_ENUMERATE_SERVICE]
Opening LanmanWorkstation Service to access it [With: OpenServiceW]
"Service Handle:[0x004661D0]" , "Service Name: [LanmanWorkstation]" , "Desired Access:[SERVICE_ALL_ACCESS][SERVICE_QUERY_STATUS]"
OPENING SERTVICE CONTROL MANAGER [With: OpenServiceW]
"Machine Name:''" , "Database Name:''" , "Desired Access:[SC_MANAGER_ALL_ACCESS][SC_MANAGER_ENUMERATE_SERVICE]
Opening LanmanWorkstation Service to access it [With: OpenServiceW]
"Service Handle:[0x004668e8]" , "Service Name: [LanmanWorkstation]" , "Desired Access:[SERVICE_ALL_ACCESS][SERVICE_QUERY_STATUS]"
Sleep[200000 Milliseconds]
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,Hidden,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,HideFileExt,2"
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced,ShowSuperHiden,2"
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"J:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"J:\autoply.exe"
Set Atributing:
"J:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"K:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"K:\autoply.exe"
Set Atributing:
"K:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"L:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"L:\autoply.exe"
Set Atributing:
"L:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"M:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"M:\autoply.exe"
Set Atributing:
"M:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"N:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"N:\autoply.exe"
Set Atributing:
"N:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"O:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"O:\autoply.exe"
Set Atributing:
"O:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"P:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"P:\autoply.exe"
Set Atributing:
"P:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Q:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Q:\autoply.exe"
Set Atributing:
"Q:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"R:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"R:\autoply.exe"
Set Atributing:
"R:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"S:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"S:\autoply.exe"
Set Atributing:
"S:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"T:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"T:\autoply.exe"
Set Atributing:
"T:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"U:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"U:\autoply.exe"
Set Atributing:
"U:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"V:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"V:\autoply.exe"
Set Atributing:
"V:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"W:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"W:\autoply.exe"
Set Atributing:
"W:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"X:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"X:\autoply.exe"
Set Atributing:
"X:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Y:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Y:\autoply.exe"
Set Atributing:
"Y:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Create new file [with "CreateFileA"]:
"Z:\Autorun.inf"
Copy Current File [with "CopyFileW"]:
"Z:\autoply.exe"
Set Atributing:
"Z:\autoply.exe" to " [READONLY] [HIDDEN]
Sleep[5000 Milliseconds]
Import Registry:
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrgateFallback\,Hidden,2"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrgateFallback\,HideFileExt,2"
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrgateFallback\,ShowSuperHidden,2"
Analyzed By Casit Virus Analyzer 1.0 By Arash Veyskarami
صفحه اصلی
انجمن
جستجو
فهرست اعضا
افزونه های فایرفاکس
» 
تشکر شده توسط :
![[تصویر: cropped-Logo-3-2.png]](http://kernel32.ir/wp-content/uploads/2019/01/cropped-Logo-3-2.png){kind=logo}
