Scribd
Upload
275 views

Virus Decrypt Script

The document contains a batch script that finds and adds entries to the Windows hosts file. It finds and redirects various domains and subdomains to 127.0.0.1 including "tonec.com", "CSCKKXK", secure, mirror, and mirror2-3 variants of "CSCKKXK". It also sets the hosts file attribute to read-only.

Uploaded by

GTA 5
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
275 views

Virus Decrypt Script

The document contains a batch script that finds and adds entries to the Windows hosts file. It finds and redirects various domains and subdomains to 127.0.0.1 including "tonec.com", "CSCKKXK", secure, mirror, and mirror2-3 variants of "CSCKKXK". It also sets the hosts file attribute to read-only.

Uploaded by

GTA 5
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

attrib -r %WINDIR%\system32\drivers\etc\hosts

SET NEWLINE=^& echo.

FIND /C /I "tonec.com" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 tonec.com>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.tonec.com" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.tonec.com>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror2.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror2.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror3.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror3.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

attrib +r %WINDIR%\system32\drivers\etc\hosts

FIND /C /I "www.tonec.com" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.tonec.com>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror2.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror2.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror3.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror3.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

attrib +r %WINDIR%\system32\drivers\etc\hosts

FIND /C /I "www.tonec.com" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.tonec.com>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror2.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror2.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror3.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror3.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

attrib +r %WINDIR%\system32\drivers\etc\hosts

FIND /C /I "www.tonec.com" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.tonec.com>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "www.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 www.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "secure.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 secure.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror2.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror2.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

FIND /C /I "mirror3.CSCKKXK" %WINDIR%\system32\drivers\etc\hosts


IF %ERRORLEVEL% NEQ 0 ECHO ^127.0.0.1 mirror3.CSCKKXK>>%WINDIR
%\system32\drivers\etc\hosts

attrib +r %WINDIR%\system32\drivers\etc\hosts
ren *.CSCKKXK *.mp3

You might also like