@ECHO OFF ::Writen by Diallix (C) ::www.diallix.net title DesktopFix if defined safeboot_option goto os VER|find "Windows 95">NUL IF NOT ERRORLEVEL 1 GOTO err VER|find "Windows 98">NUL IF NOT ERRORLEVEL 1 GOTO err VER|find "Windows Millennium">NUL IF NOT ERRORLEVEL 1 GOTO err VER|find "Windows XP" >NUL IF NOT ERRORLEVEL 1 GOTO ST VER|find "Windows 2000" >NUL IF NOT ERRORLEVEL 1 GOTO ST :ST if exist \desktopfix\file.log goto rep if exist \desktopfix\folder.log goto rep ECHO. ECHO DesktopFix sa doporucuje aplikovat v nudzovom rezime! echo. echo 1. Zahajit skenovanie echo 2. Oprava nudzoveho rezimu echo. echo E. Exit ECHO. ECHO. ECHO. set /p Choice=Zvolte 1,2,E if [%Choice%]==[1] goto Scan if [%Choice%]==[2] goto SF if [%Choice%]==[e] goto End if [%Choice%]==[E] goto End For %%a in (1,2,e,E) do (if not [%Choice%]==[%%a] goto End) :Scan cls title DestopFix--Scanning if exist drev.cf.log del /q drev.cf.log if defined SafeBoot_option set Mode=[SAFE MODE] if not defined SafeBoot_option set Mode=[NORMAL MODE] for /f "tokens=2*" %%g in ('swreg query "hklm\software\microsoft\windows nt\currentversion"^|find.exe /i "csdversion"' ) do @set "SPack=- %%h" > drev.cf.log ( %systemroot%\system32\cmd.exe /c ver|%systemroot%\system32\find.exe "Windows XP" echo "%username%" %DATE% - %time:~,-3% %SPack% echo DesktopFix - %F_System%%Mode% echo. echo ---------- echo ---------- echo ---------- echo. ) echo :::::::::::::::::::::::::::::::.Hosts.::::::::::::::::::::::::::::::::>>drev.cf.log echo.>>drev.cf.log if not exist "%systemdrive%\DesktopFix\DskBackUps\Hosts" md "%systemdrive%\DesktopFix\DskBackUps\Hosts" >nul copy /y /b /v %windir%\system32\drivers\etc\hosts %systemdrive%\DesktopFix\DskBackUps\Hosts >nul echo Look HOSTS : >> drev.cf.loG ECHO. >>drev.cf.loG type %windir%\system32\drivers\etc\hosts | find /i ".">>drev.cf.log ATTRIB -h -s -r -a %syspath%\drivers\etc\hosts >nul del /q "%syspath%\drivers\etc\hosts" >nul >%windir%\SYSTEM32\DRIVERS\ETC\HOSTS ( echo # Copyright © 1993-1999 Microsoft Corp. echo # echo # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. echo # echo # This file contains the mappings of IP addresses to host names. Each echo # entry should be kept on an individual line. The IP address should echo # be placed in the first column followed by the corresponding host name. echo # The IP address and the host name should be separated by at least one echo # space. echo # echo # Additionally, comments ^(such as these^) may be inserted on individual echo # lines or following the machine name denoted by a "#" symbol. echo # echo # For example: echo # echo # 102.54.94.97 rhino.acme.com # source server echo # 38.25.63.10 x.acme.com # x client host echo # echo 127.0.0.1 localhost ) echo.>>drev.cf.log echo ________Host file was restoring succesfully!________>>drev.cf.log echo.>>drev.cf.log echo ---------->>drev.cf.log echo ---------->>drev.cf.log echo ---------->>drev.cf.log echo.>>drev.cf.log attrib -r -h -s "%userprofile%\desktop\"*"" /s /d >nul :hijack >>file.txt ( echo %homedrive%\uniq echo %homedrive%\1.tmp echo %homedrive%\2.tmp echo %homedrive%\3.tmp echo %homedrive%\4.tmp echo %homedrive%\5.tmp echo %homedrive%\6.tmp echo %homedrive%\7.tmp echo %homedrive%\8.tmp echo %homedrive%\8.tmp echo %homedrive%\10.tmp echo %homedrive%\11.tmp echo %homedrive%\12.tmp echo %homedrive%\13.tmp echo %homedrive%\14.tmp echo %homedrive%\15.tmp echo %homedrive%\16.tmp echo %homedrive%\17.tmp echo %homedrive%\18.tmp echo %homedrive%\19.tmp echo %homedrive%\A.tmp echo %homedrive%\B.tmp echo %homedrive%\C.tmp echo %homedrive%\D.tmp echo %homedrive%\E.tmp echo %homedrive%\F.tmp echo %homedrive%\G.tmp echo %homedrive%\H.tmp echo %homedrive%\WINDOWS\system32\msupdate.exe echo %homedrive%\WINDOWS\system32\ntdll32.dll echo %windir%\system32\oleadm.dll echo %windir%\system32\oleadm32.dll echo %windir%\system32\oleext32.dll echo %windir%\system32\svch0st.exe echo %windir%\system32\WinCtrl32.dll echo %homedrive%\WINDOWS\system32\WLCtrl32.dll echo %homedrive%\windows\xpupdate.exe echo %homedrive%\winstall.exe echo %homedrive%\WINDOWS\system32\WinNt32.dll echo %homedrive%\ygktc.exe echo %homedrive%\yexjkot.exe echo %homedrive%\vhbq.exe echo %homedrive%\veyrq.exe echo %homedrive%\uokowrm.exe echo %homedrive%\rwdf.exe echo %homedrive%\nbfrhshw.exe echo %homedrive%\lrvcx.exe echo %homedrive%\iwqvqc.exe echo %homedrive%\WINDOWS\system32\td.exe echo %homedrive%\WINDOWS\system32\UpdateService.exe echo %homedrive%\WINDOWS\system32\opnlljh.dll echo %homedrive%\WINDOWS\system32\wp.bmp echo %homedrive%\WINDOWS\system32\wppp.html echo %homedrive%\WINDOWS\system32\intell32.exe echo %homedrive%\WINDOWS\system\ID.exe echo %homedrive%\WINDOWS\system32\IEDriver\IExplore.exe ) >>file.txt ( echo %homedrive%\WINDOWS\system32\capslock.exe echo %homedrive%\WINDOWS\system32\numlock.exe echo %homedrive%\apel.txt echo %homedrive%\WINDOWS\inf\lsass.exe echo %homedrive%\WINDOWS\system32\blank.htm echo %homedrive%\WINDOWS\apel.htm echo %homedrive%\WINDOWS\Installer\smss.exe echo %homedrive%\WINDOWS\system32\scrolllock.exe echo %userprofile%\smss.exe echo %userprofile%\numlock.exe echo %userprofile%\strolllock.exe echo %userprofile%\Start Menu\Programs\desktop.ini echo %userprofile%\Start Menu\Programs\startup\ctfmon.exe ) for %%a in ( %homedrive%\Jangan dibuka %homedrive%\sdfix %homedrive%\lizdata %homedrive%\avido ) do ( dir /b/s/a-d "%%a\*" >>file.txt && dir /b/a:d/s /O "%%a" >>folder.txt ) >>folder.txt ( echo.%homedrive%\Jangan dibuka echo.%homedrive%\sdfix echo.%homedrive%\lizdata echo.%homedrive%\avido ) FOR %%g in (c d e f g h i j k l m n o p q r s t u v w x y z) do @vol %%g: >nul 2>&1 &&@( if exist "%%g:\recycler\s-1-5-21-1078073611-1993962763-839522115-1003\mmc32.exe" echo."%%g:\recycler\s-1-5-21-1078073611-1993962763-839522115-1003\mmc32.exe" if exist "%%g:\recycler\autorun.exe" echo."%%g:\recycler\autorun.exe" if exist "%%g:\pagefile.pif" echo."%%g:\pagefile.pif" if exist "%%g:\rising.exe" echo."%%g:\rising.exe" if exist "%%g:\RavMonE.exe" echo."%%g:\RavMonE.exe" if exist "%%g:\Oso.exe" echo."%%g:\Oso.exe" if exist "%%g:\Ghost.pif" echo."%%g:\Ghost.pif" if exist "%%g:\oxjsybe.exe" echo."%%g:\oxjsybe.exe" if exist "%%g:\autorun.bat" echo."%%g:\autorun.bat" if exist "%%g:\autorun.reg" echo."%%g:\autorun.reg" if exist "%%g:\autorun.vbs" echo."%%g:\autorun.vbs" if exist "%%g:\*.dll.vbs" echo."%%g:\*.dll.vbs" if exist "%%g:\autorun.inf" echo."%%g:\autorun.inf" if exist "%%g:\copy.exe" echo."%%g:\copy.exe" if exist "%%g:\host.exe" echo."%%g:\host.exe" if exist "%%g:\tel.xls*.exe" echo."%%g:\tel.xls*.exe" if exist "%%g:\~de*.tmp" echo. "%%g:\~de*.tmp" if exist "%%g:\setup.exe" echo. "%%g:\setup.exe" ) >>file.txt 2>nul echo :::::::::::::::::::::::.Infection File DELETED.:::::::::::::::::::::::>>drev.cf.log if exist file.txt @( for /f "tokens=*" %%g in (file.txt) do @cmd.exe /c dir /a-d "%%~g" >nul 2>&1 &&( cmd.exe /c MoveIt.bat "%%~g" >nul 2>&1 if not exist "%%~g" ( echo."%%~g">>drev.cf.log ) else ( echo."%%~g">>file.log ))) if exist folder.txt @( for /f "tokens=*" %%a in (folder.txt) do @dir /a/d "%%~a" >nul 2>&1 && echo "%%~a" && ( attrib -h -r -s "%%~a" >nul >nul 2>&1 attrib -h -r -s "%%~a\*" /s /d >nul 2>&1 rd /s/q "%%~a\"^"">nul 2>&1 rd /s/q "%%~a">nul 2>&1 if not exist "%%~a" ( echo."%%~a">>drev.cf.log ) else ( echo."%%~a">>folder.log ))) echo.>>drev.cf.log echo ________Host file was restoring succesfully!________>>drev.cf.log echo.>>drev.cf.log echo ---------->>drev.cf.log echo ---------->>drev.cf.log echo ---------->>drev.cf.log echo.>>drev.cf.log echo :::::::::::::::::::::::.Runing file of Startup.:::::::::::::::::::::::>>drev.cf.log dir /b/s/a-d "%userprofile%\Start Menu\Programs\startup\*" 2>nul >>drev.cf.log start boot.bat EXIT :rep if exist file.log @( for /f "tokens=*" %%g in (file.log) do @cmd.exe /c dir /a-d "%%~g" >nul 2>&1 &&( cmd.exe /c MoveIt.bat "%%~g" >nul 2>&1 if exist "%%~g" ( echo."%%~g" . . . failed to delete>>drev.cf.log ) else ( echo."%%~g">>drev.cf.log ))) if exist folder.log @( for /f "tokens=*" %%a in (folder.log) do @dir /ad "%%~a" >nul 2>&1 &&( attrib -h -r -s "%%~a" >nul 2>&1 attrib -h -r -s "%%~a\*" /s /d >nul rd /s/q "%%~a\"^"" >nul 2>&1 if exist "%%~a" ( echo."%%~a" . . . failed to delete>>drev.cf.log ) else ( echo."%%~a">>drev.cf.log ))) del /q %homedrive%\file.txt del /q %homedrive%\file.log del /q %homedrive%\folder.txt del /q %homedrive%\folder.log pause start %homedrive%\drev.cf.log exit :err ECHO. ECHO. ECHO Chyba! echo. ECHO DesktopFix nie je konpatybilny s OS! ECHO Program je urceny pre Windows XP a Windows 2000! ECHO. echo. echo. echo. echo. PAUSE exit