Friday, August 10, 2007

VBS (Visual Basic Script) buat policy Registry

mungkin kita pernah mendengar virus yang dibuat dengan Visual Basic Script(VBS) yang dapat memodifikasi Registry Editor...
karena VBS dapat berjalan tanpa menampilkan apapun (stealth) tetapi sebenarnya dia sudah bekerja...
namun banyak yang belum tahu bagaimana cara membuatnya dan bagaimana perintah VBS untuk mengendalikan Registry Editor..
di sini saya memanfaatkan WSH (Windows Scripting Host) yaitu perizinan menjalankan script di OS Windows
langsung aja yah..ini contoh VBS yang saya buat...
ketik aja di notepad trus save dengan extension ".vbs" misal "belajar.vbs"

----------------------------------------------------------------------------------------
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisableRegistryTools" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrograms" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisableRegistryTools" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRun" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoClose" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFind" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoPrograms" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoRecentDocsMenu" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetFolders" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoViewContextMenu" , 1 , "REG_DWORD"
WScript.CreateObject("WScript.Shell").RegWrite "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoTrayContextMenu" , 1 , "REG_DWORD"
----------------------------------------------------------------------------------------

2 comments:

yayo said...

Nice post, cuma ndak mudeng je bahasa ap itu, ya klo ndak keberatan lebih di jelasin gtu, tiap baris tu apa trus fungsinya gitu...hehe *pulang ke kos trus mandi*

Lavonne said...

Well said.