Posted on 14 June 2010. Filed under: Teknologi |

Want to know How to Make a virus whether it is a computer virus or cell phone because the way it works is easy kok Create Virus almost the same. It’s just that the difference in the programming code and the way the virus who had been working so later. However please remember yes in True Friends do not recommend How to Make a virus is intended to do something about things that harm others, such as sowing the virus in the internet cafe, etc campus lab.

You remember Aksika not with viruses, Virus “open source” that one really has a lot of kinds. No wonder because the source code is provided free on the Internet, so anyone can easily modify and change the source code and there was a new kind of How to Make a Virus.

Cara Membuat Virus

Starting from the convenience of that, many How to Make a Virus or newbi programmers try to make a virus without the need for extra effort. Just needed only knowledge about the operating system and computer programming course.

But convenience is not the worst, when compared with using the application generator virus. From the name alone, we’ve been able to think the usefulness of the application. Yes, Virus Generator is an application to be able to make the virus easily and instantly.

Starting from the example of a virus transmitted by the reader quite a lot to us. PC Media Antivirus Gen.FFE-known by the name of Dawn, but there are also other antivirus Brontok.D call it by name. With a simple investigation ultimately found that the virus was made from the Virus Generator.

Fast Firus Engine (FFE)
How to Make a Virus Generator Creator is calling it with a homemade application Firus Fast Engines. As shown in the application or website creators, he told me that this application only for learning purposes and not for destructive actions. Still, if this application has fallen into the wrong hands, would be used for destruction.

Virus Generator was created using Visual Basic and compressed using a packer-tELock. In the package there are two files, namely Fast Firus Engine.exe and data.ex_. Fast Firus Engine. exe is a major application in the manufacture of the virus and temporary files data.exe. Is actually the original virus is not before the body change.

When files Fast Firus Engine.exe run, then How to Create Virus users will be faced with an interface. You just told to fill in the name of the virus, a maker, and his message. Then by pressing the Generate button, then you become a virus.

How to Make a Virus from these generators are actually very simple. He is only adding of data you inserted to the end of the original virus file (data.ex_). Later this information is used by the virus infection process.

How To Make Virus infect?
Virus creation FFE does look simple. Just as the generator, he also created using Visual Basic in Native Code compile it with the method. Then the compressed using tELock order size smaller. This virus has the original size of 55 296 bytes.

When the virus first executed, it will create several master files in several locations. Like in the directory \% WINDOWS% \, will have a file with nama.exe, Win32 exe, activex.exe, and% virusname% (the name of the virus is loaded by the manufacturer based on the Generator). In \% WINDOWS% \% system32% \ will have files copy.pif, _default.pif, and surif.bin. In addition, How to Make a Virus also change or create Oeminfo.ini file is part of the System Properties. So if your computer is infected by the virus results generated from FFE, it will have on the System Properties it says “Generated by Fast Firus Engine”.

In the directory \% WINDOWS% \% System% \ will have some parent file again using the same name as the file system of Windows, such as csrss.exe, winlogon.exe, lsass.exe, smss.exe, svchost. exe, and winlogon.exe.

And do not forget, for the root drive will have a file named “read euy.txt” contain messages from the virus creator. So when creating the viruses by using the generator, then the manufacturer will be presented with several input boxes, such as the Author How to Make a Virus, Name of the virus, and Messages. Now, the contents of this message box will appear in the file “read euy.txt” it.

After the virus managed to move the file to their parent in the system, he will run the files parent before, so that in memory there will be some process of viruses, such as csrss.exe, winlogon.exe, lsass. exe, smss.exe, svchost.exe, and winlogon.exe. Process name similar to the processes / services of Windows is possible deliberately to deceive the user. To distinguish it, you can see the path or location of such a process is executed. Process virus usually runs in the System directory as a process / services belonging running Windows who usually comes from the System32 directory.

How to Make a Virus to Change Registry.
The virus is added some startup items in the registry so when he can start running Windows automatically or to change the settings of Windows to suit his desire. Information about the registry can not be transformed easily we look for in an encrypted state.

What he is such change Userinit value of the item by adding a parameter to the parent file. At key HKEY_CURRENT_ USER \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows \ Load also be modified to point to an item with the name of the parent file Activex.exe. In the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Run \ will have a new item with a present. Key HKEY_ LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run \ will have new items as well with the default name and% username%, username here is the current user’s name at that time.

Virus generated from the FFE results also change the extension to the shell. Exe file, ie by changing the type of information from the Application to File Folder. Setting the Options folder is also modified so as not to show the extension and each fi le with attributes hidden. And that can be active in safe-mode, he also changed the value of the item SafeBoot.

With the help of registry Image File Execution Options, this virus also adds a new item on the section with the name of cmd.exe, msconfi g.exe, regedit.exe and taskmgr.exe. The point is that each user when accessing the application with a file name like that, it will be bypassed by Windows and transferred to the parent files for viruses.

How to Make a Virus Viruses Spread?
This virus can spread through the data storage media such as flash disks. When we plug the flash disk on the infected computer, then on the flash disk will have several new files, like explorer.exe,% virusname%. Exe, and msvbvm60.dll. Also some support files such as desktop.ini, autorun.inf so that he dapatrunning automatically when accessing the flash disk.

Other virus files were stored in a new directory in the flash disk with a file containing the names Recycled Firus.pif and folder.htt. All of these virus files hidden in a condition that is not visible.

How To Virus in Action?
To be able to survive, the virus will try to block any unwanted applications such as tools or applications including antivirus PCMAV. Just as dataregistry that changed, the data on any applications that are blocked by it also occurs in the body in an encrypted state.

So, when the computer virus was already in memory, he will monitor every application that is accessed by the user, ie by reading the file name and window caption. Some antivirus program name that will try to dibloknya is nav.exe, avgcc.exe, njeeves.exe, ccapps.exe, ccapp.exe, kav.exe, nvcoas.exe, avp32.exe, and much more. Includes several application setup or installer also can not run on a computer is infected.

Prevention and How to Make a Virus?
PC Media Antivirus RC19 can clean the infected computer completely and accurately 100% of each virus was made by using Fast Firus Generator. To avoid action against PCMAV block the virus, please rename the file first instance PCMAV PCMAV-CLN.EXE be MERDEKA.EXE


Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...