// This script disables some services and updates some // settings in Windows XP/7. Written by Zsolt Nagy-Perge in Oct 2019. REG = ["REGEDIT4\r\n\r\n; This REG file was generated by TWEAKS.JS\r\n; on " + (new Date().toString()) + "."]; try { var WSH = new ActiveXObject("WScript.Shell"); var FSO = new ActiveXObject("Scripting.FileSystemObject"); } catch (e) { Abort("This script cannot access the file system."); } switch ( WinVer() ) { case 2: Run_on_Win98_ONLY(); break; case 5: Common(); Run_on_WinXP_ONLY(); break; case 6: Common(); Run_on_Win7_or_Vista(); break; case 7: Common(); Run_on_Win7_or_Vista(); break; case 10: Run_on_Win10_ONLY(); break; default: Abort("Your OS is not supported.\nThis script was designed to run on Windows 98/XP/Vista/7/10."); } SaveREG(); Exit(0); ////////////////////////////////////////////////////////// // // This function changes the default icon for HTA files, so // they will appear to be a security key on orange background. // This function works on both Windows 98 and XP. // // Unlike HTM and HTML files, HTA files can not only contain // web-page-like HTML code but can also contain potentially // harmful code that can run programs, download files, // and access the file system and the Windows registry. // Some setup programs and printer installer guides are // HTA files, so we don't want to disable HTA functionality // entirely. We just want to distinguish these type of // files with a special icon. // function HTASET(ICON) { SetReg("HKCR/htafile/DefaultIcon/|REG_SZ|" + ICON); SetReg("HKLM/SOFTWARE/Classes/htafile/DefaultIcon/|REG_SZ|" + ICON); SetReg("HKLM/SOFTWARE/Classes/CLSID/{3050f4d8-98B5-11CF-BB82-00AA00BDCE0B}/DefaultIcon/|REG_SZ|" + ICON); } ////////////////////////////////////////////////////////// // // This function runs on Windows 10 only: // function Run_on_Win10_ONLY() { var SERVICES_LIST = [ "DISABLE:TrkWks:Distributed Link Tracking Client", "DISABLE:LanmanServer:Server", "DISABLE:LanmanWorkstation:Workstation", "DISABLE:lltdsvc:Link-Layer Topology Discovery Mapper", "DISABLE:TermService:Remote Desktop Services", "DISABLE:UmRdpService:Remote Desktop Services UserMode Port Redirector", "DISABLE:PNRPAutoReg:PNRP Machine Name Publication Service", "DISABLE:Fax:Fax", "DISABLE:swprv:Microsoft Software Shadow Copy Provider", "DISABLE:fdPHost:Function Discovery Provider Host", "DISABLE:FDResPub:Function Discovery Resource Publication", "DISABLE:WSearch:Windows Search", "DISABLE:PcaSvc:Program Compatibility Assistant Service", "DISABLE:MDM:Machine Debug Manager", "DISABLE:iphlpsvc:IP Helper", "DISABLE:BITS:Background Intelligent Transfer Service", "DISABLE:RetailDemo:Retail Demo Service", "DISABLE:SessionEnv:Remote Desktop Configuration", "DISABLE:upnphost:UPnP Device Host", "DISABLE:WinRM:Windows Remote Management (WS-Management)", "DISABLE:wmiApSrv:WMI Performance Adapter", "DISABLE:XblAuthManager:Xbox Live Auth Manager", "DISABLE:SSDPSRV:SSDP Discovery", "DISABLE:XboxNetApiSvc:Xbox Live Networking Service", "DISABLE:Browser:Computer Browser", "DISABLE:AJRouter:AllJoyn Router Service", "DISABLE:WinHttpAutoProxySvc:WinHTTP Web Proxy Auto-Discovery Service", "DISABLE:IKEEXT:IKE and AuthIP IPsec Keying Modules", "DISABLE:HvHost:HV Host Service", "DISABLE:vmickvpexchange:Hyper-V Data Exchange Service", "DISABLE:lmhosts:TCP/IP NetBIOS Helper", "DISABLE:XblGameSave:Xbox Live Game Save", "DISABLE:W32Time:Windows Time", "DISABLE:WerSvc:Windows Error Reporting Service", "DISABLE:PolicyAgent:IPsec Policy Agent", "DISABLE:vmicguestinterface:Hyper-V Guest Service Interface", "DISABLE:vmicshutdown:Hyper-V Guest Shutdown Service", "DISABLE:vmicheartbeat:Hyper-V Heartbeat Service", "DISABLE:vmictimesync:Hyper-V Time Synchronization Service", "DISABLE:vmicvmsession:Hyper-V PowerShell Direct Service", "DISABLE:vmicrdv:Hyper-V Remote Desktop Virtualization Service", "DISABLE:vmicvss:Hyper-V Volume Shadow Copy Requestor", "DISABLE:dmwappushservice:WAP Push Message Routing Service", "DISABLE:wudfsvc:Windows Driver Foundation - User-mode Driver Framework", "DISABLE:VSS:Volume Shadow Copy", "MANUAL:wscsvc:Security Center", "MANUAL:TapiSrv:Telephony", "MANUAL:gupdate:Google Update Service (gupdate)" ]; SetServices(SERVICES_LIST); } ////////////////////////////////////////////////////////// // // This function creates entries in a REG file that will // either disable or enable a service in Windows registry. // function SetServices(SERVICES) { var C = "ControlSet"; var L = "[HKEY_LOCAL_MACHINE\\SYSTEM\\"; var i, S, ITEM, STARTUP, SERVICE_ID, DESCRIPTION; for (i = 0; i < SERVICES.length; i++) { ITEM = SERVICES[i].split(":"); STARTUP = ITEM[0].toUpperCase(); SERVICE_ID = ITEM[1]; DESCRIPTION = ITEM[2]; if (STARTUP.indexOf("AUTO") >= 0) { STARTUP = 2; REG.push("\r\n; AutoStart: " + DESCRIPTION); } else if (STARTUP.indexOf("MANUAL") >= 0) { STARTUP = 3; REG.push("\r\n; Manual: " + DESCRIPTION); } else if (STARTUP.indexOf("DISABLE") >= 0) { STARTUP = 4; REG.push("\r\n; Disable: " + DESCRIPTION); } else continue; S = "\\Services\\" + SERVICE_ID + "]\r\n\"Start\"=DWORD:0000000" + STARTUP; REG.push(L + "Current" + C + S); REG.push(L + C + "001" + S); REG.push(L + C + "002" + S); } } ////////////////////////////////////////////////////////// // // This function customizes Internet Explorer. // function ConfigureIE() { function SetIE(R) { SetUserReg("SOFTWARE/Microsoft/Internet Explorer/" + R); } function SetINet(R) { SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/" + R); } function SetIEMain(R) { SetUserReg("SOFTWARE/Microsoft/Internet Explorer/Main/" + R); } SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Content/CacheLimit|REG_DWORD|2929640"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/Cookies/CacheLimit|REG_DWORD|8192"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/Cache/History/CacheLimit|REG_DWORD|8192"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/5.0/Cache/Content/CacheLimit|REG_DWORD|2929640"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/5.0/Cache/Cookies/CacheLimit|REG_DWORD|8192"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/5.0/Cache/History/CacheLimit|REG_DWORD|8192"); SetIE("IntelliForms/AskUser|REG_DWORD|0"); SetIEMain("AllowWindowReuse|REG_DWORD|0"); SetIEMain("Anchor Underline|REG_SZ|yes"); SetIEMain("AutoSearch|REG_DWORD|0"); SetIEMain("Cache_Update_Frequency|REG_SZ|Once_Per_Session"); SetIEMain("Check_Associations|REG_SZ|yes"); SetIEMain("Delete_Temp_Files_On_Exit|REG_SZ|yes"); SetIEMain("Disable Script Debugger|REG_SZ|yes"); SetIEMain("Display Inline Images|REG_SZ|yes"); SetIEMain("Display Inline Videos|REG_SZ|yes"); SetIEMain("Do404Search|REG_BINARY|01,00,00,00"); SetIEMain("Enable AutoImageResize|REG_SZ|no"); SetIEMain("Enable Browser Extensions|REG_SZ|no"); SetIEMain("Enable_Disk_Cache|REG_SZ|yes"); SetIEMain("Enable_MyPics_Hoverbar|REG_SZ|no"); SetIEMain("Error Dlg Details Pane Open|REG_SZ|yes"); SetIEMain("Error Dlg Displayed On Every Error|REG_SZ|no"); SetIEMain("Expand Alt Text|REG_SZ|yes"); SetIEMain("FavIntelliMenus|REG_SZ|no"); SetIEMain("Force Offscreen Composition|REG_DWORD|0"); SetIEMain("FormSuggest Passwords|REG_SZ|no"); SetIEMain("FormSuggest PW Ask|REG_SZ|no"); SetIEMain("Friendly http errors|REG_SZ|yes"); SetIEMain("FullScreen|REG_SZ|no"); SetIEMain("Local Page|REG_SZ|C:\\WINDOWS\\System32\\blank.htm"); SetIEMain("Move System Caret|REG_SZ|yes"); SetIEMain("NoJITSetup|REG_DWORD|1"); SetIEMain("NoSaveAsPOSTWarning|REG_DWORD|1"); SetIEMain("NotifyDownloadComplete|REG_SZ|no"); SetIEMain("NoUpdateCheck|REG_DWORD|1"); SetIEMain("NoWebJITSetup|REG_DWORD|1"); SetIEMain("NscSingleExpand|REG_DWORD|1"); SetIEMain("Page_Transitions|REG_DWORD|1"); SetIEMain("Play_Animations|REG_SZ|yes"); SetIEMain("Play_Background_Sounds|REG_SZ|yes"); SetIEMain("Print_Background|REG_SZ|no"); SetIEMain("Save_Session_History_On_Exit|REG_SZ|no"); SetIEMain("Search Bar|REG_SZ|http://www.duckduckgo.com"); SetIEMain("Search Page|REG_SZ|http://www.duckduckgo.com"); SetIEMain("Show image placeholders|REG_DWORD|1"); SetIEMain("Show_ChannelBand|REG_SZ|no"); SetIEMain("Show_FullURL|REG_SZ|yes"); SetIEMain("Show_StatusBar|REG_SZ|yes"); SetIEMain("Show_ToolBar|REG_SZ|yes"); SetIEMain("Show_URLinStatusBar|REG_SZ|yes"); SetIEMain("Show_URLToolBar|REG_SZ|yes"); SetIEMain("ShowedCheckBrowser|REG_SZ|yes"); SetIEMain("ShowGoButton|REG_SZ|yes"); SetIEMain("SmoothScroll|REG_DWORD|1"); SetIEMain("Use FormSuggest|REG_SZ|no"); SetIEMain("Use_DlgBox_Colors|REG_SZ|yes"); SetIEMain("UseThemes|REG_DWORD|1"); // Disable AutoComplete. SetReg("HKCU/Software/Policies/Microsoft/Internet Explorer/Control Panel/Form Suggest|REG_DWORD|1"); SetReg("HKCU/Software/Policies/Microsoft/Internet Explorer/Control Panel/Form Suggest Passwords|REG_DWORD|1"); SetINet("CertificateRevocation|REG_DWORD|0"); SetINet("DisableCachingOfSSLPages|REG_DWORD|1"); SetINet("DisablePasswordCaching|REG_DWORD|1"); SetINet("EnableAutodial|REG_DWORD|0"); SetINet("EnableHttp1_1|REG_DWORD|1"); SetINet("EnableNegotiate|REG_DWORD|0"); SetINet("GlobalUserOffline|REG_DWORD|0"); SetINet("MaxConnectionsPer1_0Server|REG_DWORD|10"); SetINet("MaxConnectionsPerServer|REG_DWORD|10"); SetINet("MigrateProxy|REG_DWORD|1"); SetINet("NoNetAutodial|REG_DWORD|0"); SetINet("PrivacyAdvanced|REG_DWORD|1"); SetINet("PrivDiscUiShown|REG_DWORD|1"); SetINet("ProxyEnable|REG_DWORD|0"); SetINet("ProxyHttp1.1|REG_DWORD|0"); SetINet("SecureProtocols|REG_DWORD|40"); SetINet("SyncMode5|REG_DWORD|2"); SetINet("UrlEncoding|REG_DWORD|0"); SetINet("WarnonBadCertRecving|REG_DWORD|0"); SetINet("WarnOnPost|REG_BINARY|01,00,00,00"); SetINet("WarnOnPostRedirect|REG_DWORD|0"); SetINet("WarnonZoneCrossing|REG_DWORD|0"); } ////////////////////////////////////////////////////////// // // This function runs on Windows XP, Windows 7 and Vista: // function Common() { // Speedup Winlogon DelReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/termsrv"); DelReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/sclgntfy"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/system/dontdisplaylastusername|REG_DWORD|0"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/system/shutdownwithoutlogon|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/system/undockwithoutlogon|REG_DWORD|1"); // Take no action on RPC service failure UpdateControlSet("Services/RpcSs/FailureActions|REG_BINARY|00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,53,00,65, 00,00,00,00,00,60,ea,00,00,00,00,00,00,60,ea,00,00,00,00,00,00,60,ea,00,00"); UpdateControlSet("Services/RpcSs/ErrorControl|REG_DWORD|1"); UpdateControlSet("Services/RpcSs/Start|REG_DWORD|2"); // Take no action on WMI service failure UpdateControlSet("Services/winmgmt/FailureActions|REG_BINARY|80,51,01,00,00,00,00,00,00,00,00,00,03,00,00,00,00,00,00, 00,00,00,00,00,60,ea,00,00,00,00,00,00,60,ea,00,00,00,00,00,00,60,ea,00,00"); UpdateControlSet("Services/winmgmt/ErrorControl|REG_DWORD|0"); UpdateControlSet("Services/winmgmt/Start|REG_DWORD|2"); // Don't restart Print Spooler service when stopped UpdateControlSet("Services/Spooler/FailureActions|REG_BINARY|00,00,00,00,00,00,00,00,00,00,00,00,03,00,00,00,14,00,00,00,00,00,00,00,60,ea,00,00,00,00,00,00,60,ea,00,00,00,00,00,00,00,00,00,00"); UpdateControlSet("Services/Spooler/ErrorControl|REG_DWORD|1"); // Windows Media Player (WMP) will check from time to time if a newer // version of WMP is available by connecting to the microsoft.com site. // Here we disable WMP's auto-update function: SetReg("HKLM/SOFTWARE/Policies/Microsoft/WindowsMediaPlayer/DisableAutoUpdate|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/PlayerUpgrade/AskMeAgain|REG_SZ|no"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/PlayerUpgrade/EnableAutoUpdate|REG_SZ|no"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/PlayerUpgrade/EnableAutoUpgrade|REG_SZ|no"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/EnableAutoUpgrade|REG_SZ|no"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/IEInstall|REG_SZ|no"); // Don't restart on fatal errors, so user can correct them... UpdateControlSet("Control/CrashControl/CrashDumpEnabled|REG_DWORD|0"); UpdateControlSet("Control/CrashControl/AutoReboot|REG_DWORD|0"); UpdateControlSet("Control/CrashControl/Overwrite|REG_DWORD|1"); UpdateControlSet("Control/CrashControl/SendAlert|REG_DWORD|0"); UpdateControlSet("Control/CrashControl/LogEvent|REG_DWORD|0"); // Set .HTA default icon HTASET("%SYSTEMROOT%\\SYSTEM32\\SHELL32.DLL,44"); // Speed up desktop context menu by removing the Intel Graphics Option. // You will still be able to access these options from Control Panel. DelReg("HKCR/Directory/Background/shellex/ContextMenuHandlers/igfxcui"); // Enable Numlock when Windows starts SetUserReg("Control Panel/Keyboard/InitialKeyboardIndicators|REG_SZ|2"); // Speed up keyboard SetUserReg("Control Panel/Keyboard/KeyboardDelay|REG_DWORD|0"); SetUserReg("Control Panel/Keyboard/KeyboardSpeed|REG_DWORD|31"); ConfigureIE(); } ////////////////////////////////////////////////////////// // // This function runs on Windows XP only: // function Run_on_WinXP_ONLY() { // Faster shutdown SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/EnableQuickReboot|REG_SZ|1"); UpdateControlSet("Control/WaitToKillServiceTimeout|REG_SZ|1000"); UpdateControlSet("Control/Session Manager/Memory Management/ClearPageFileAtShutdown|REG_DWORD|0"); SetUserReg("Control Panel/Desktop/WaitToKillAppTimeout|REG_SZ|1000"); SetUserReg("Control Panel/Desktop/HungAppTimeout|REG_SZ|5000"); SetUserReg("Control Panel/Desktop/AutoEndTasks|REG_SZ|1"); // Faster NTFS UpdateControlSet("Control/FileSystem/NtfsDisable8dot3NameCreation|REG_DWORD|1"); UpdateControlSet("Control/FileSystem/NtfsDisableLastAccessUpdate|REG_DWORD|1"); UpdateControlSet("Control/FileSystem/Win95TruncatedExtensions|REG_DWORD|1"); UpdateControlSet("Control/FileSystem/Win31FileSystem|REG_DWORD|0"); // DFS is a feature of NT which allows multiple physical file systems // to be logically grafted together to appear as a singe directory structure. // This can ease the difficulties of users locating resources across many // different servers. The first step in locating a server via UNC is to check // to see if it is DFS. Disabling DFS support will cause this step to be skipped: UpdateControlSet("Services/Mup/DisableDFS|REG_DWORD|1"); // Disable Prefetch UpdateControlSet("Control/Session Manager/Memory Management/PrefetchParameters/EnablePrefetcher|REG_DWORD|0"); // Faster System Cache UpdateControlSet("Control/Session Manager/Memory Management/LargeSystemCache|REG_DWORD|1"); // Deactivate Windows Tour SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Applets/Tour/RunCount|REG_DWORD|0"); SetUserReg("SOFTWARE/Microsoft/Windows/CurrentVersion/Applets/Tour/RunCount|REG_DWORD|0"); // Speed up opening of My Computer and Explorer SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/Advanced/NoNetCrawling|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Explorer/NoRemoteRecursiveEvents|REG_DWORD|1"); // Speedup browsing DelReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/RemoteComputer/NameSpace/{D6277990-4C6A-11CF-8D87-00AA0060F5BF}/"); // Enable Large Drive Support (137GB+) UpdateControlSet("Services/atapi/Parameters/EnableBigLba|REG_DWORD|1"); // Tell the Computer Browser service not to maintain browserlist UpdateControlSet("Services/Browser/Parameters/MaintainServerList|REG_SZ|NO"); UpdateControlSet("Control/Terminal Server/fDenyTSConnections|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/WinStationsDisabled|REG_SZ|1"); // Disable Windows Updates SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Explorer/NoWindowsUpdate|REG_DWORD|1"); SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/WindowsUpdate/DisableWindowsUpdateAccess|REG_DWORD|1"); // Remove SP2 Security Center & Windows Updates icons from Control Panel. SetReg("HKCU/Control Panel/don't load/ncpa.cpl|REG_SZ|No"); SetReg("HKCU/Control Panel/don't load/wscui.cpl|REG_SZ|No"); SetReg("HKCU/Control Panel/don't load/wuaucpl.cpl|REG_SZ|No"); SetReg("HKCU/Control Panel/don't load/odbccp32.cpl|REG_SZ|No"); // Turn off annoying security warnings. SetReg("HKLM/SOFTWARE/Microsoft/Security Center/AntiVirusDisableNotify|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Security Center/AntiVirusOverride|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Security Center/FirewallDisableNotify|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Security Center/FirewallOverride|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Security Center/FirstRunDisabled|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/Security Center/UpdatesDisableNotify|REG_DWORD|1"); // Disable IPSec bypass security hole. This is a very important registry key. // Without this setting, malicious users can bypass the IPSec port filters. UpdateControlSet("Services/IPSEC/Parameters/NoDefaultExempt|REG_DWORD|1"); // Disable Port 445. UpdateControlSet("Services/NetBT/Parameters/TransportBindName|REG_SZ|"); // Disable LMHOSTS. UpdateControlSet("Services/NetBT/Parameters/EnableLMHOSTS|REG_DWORD|0"); // Make sure "EXPLORER.EXE" is the Windows shell. SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/Shell|REG_SZ|EXPLORER.EXE"); // Remove autorun programs DelReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Explorer/Run"); SetReg("HKLM/SYSTEM/CurrentControlSet/Services/Cdrom/AutoRun|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Explorer/NoDriveTypeAutoRun|REG_DWORD|177"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/Explorer/NoDriveTypeAutoRun/NoDriveTypeAutoRun|REG_DWORD|177"); // Remove IE Browser Helper Objects. DelReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/Browser Helper Objects"); // Disable error reporting. SetReg("HKLM/SOFTWARE/Microsoft/Internet Explorer/Main/IEWatsonDisabled|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/PCHealth/ErrorReporting/DoReport|REG_DWORD|0"); SetReg("HKLM/SOFTWARE/Microsoft/PCHealth/ErrorReporting/ShowUI|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Policies/Microsoft/PCHealth/ErrorReporting/DW/DWNeverUpload|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Policies/Microsoft/Office/10.0/Common/DWNeverUpload|REG_DWORD|1"); // DCOM Fix SetReg("HKLM/SOFTWARE/Microsoft/Ole/EnableDCOM|REG_SZ|N"); SetReg("HKLM/SOFTWARE/Microsoft/Rpc/DCOM Protocols|REG_MULTI_SZ|00,00"); UpdateControlSet("Control/SecurePipeServers/winreg/AllowedPaths/Machine|REG_BINARY|00,00"); UpdateControlSet("Services/NetBT/Parameters/SmbDeviceEnabled|REG_DWORD|0"); UpdateControlSet("Services/LanmanServer/Parameters/AutoShareServer|REG_DWORD|0"); UpdateControlSet("Services/LanmanServer/Parameters/AutoShareWks|REG_DWORD|0"); DelReg("HKLM/SYSTEM/CurrentControlSet/Services/LanManServer/Parameters"); // The following line causes an error in Windows XP on startup. // Don't use this: // UpdateControlSet("Services/Dnscache/Parameters/MaxCachedSockets|REG_DWORD|0"); // Initialize WMP 10. SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/Preferences/FirstTime|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/Preferences/AcceptedEULA|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Microsoft/MediaPlayer/Preferences/FirstTime|REG_DWORD|1"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/AcceptedPrivacyStatement|REG_DWORD|1"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/AutoAddMusicToLibrary|REG_DWORD|1"); // Remove MSN Run("RUNDLL32 ADVPACK.DLL,LaunchINFSection %windir%\\INF\\MSMSGS.INF,BLC.Remove"); // Even if you disable both Universal Plug&Play Services, some programs might still // create Simple Service Discovery (SSD) messages. That's because some programs, that // use SSD messages, need to run on Windows versions before Windows XP. Since only // Windows XP contains Universal Plug&Play out of the box, some other programs bring // their own Universal Plug&Play executables. This behavior is mostly seen by // Windows/MSN Messenger since it creates its own SSD messages. // We don't need that, so we disable them here: SetReg("HKLM/SOFTWARE/Microsoft/DirectPlayNATHelp/DPNHUPnP/UPnPMode|REG_DWORD|2"); // Cleanup autocomplete. DelReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/AutoComplete"); // Here we customize WMP 10. SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentDisplayPreset|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentDisplayView|REG_SZ|VizView"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentEffectPreset|REG_DWORD|11"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentEffectType|REG_SZ|WMPVis"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentMetadataPreset|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentMetadataView|REG_SZ|MediaInfoView"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentSettingsPreset|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/CurrentSettingsView|REG_SZ|EQView"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/DisableMRU|REG_DWORD|1"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/DoNotShowAnchor|REG_DWORD|1"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/FirstMediaGuideRun|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/FirstRun|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/ForceOnline|REG_DWORD|0"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/Maximized|REG_SZ|1"); SetReg("HKCU/SOFTWARE/Microsoft/MediaPlayer/Preferences/MetadataRetrieval|REG_DWORD|0"); // Disable CD-ROM Autorun SetReg("HKLM/SYSTEM/CurrentControlSet/Services/Cdrom/AutoRun|REG_DWORD|0"); SetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/policies/Explorer/NoDriveTypeAutoRun/NoDriveTypeAutoRun|REG_DWORD|177"); SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/Explorer/NoDriveTypeAutoRun|REG_DWORD|177"); // Enable Task Manager SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/System/DisableTaskMgr|REG_DWORD|0"); // Show All Devices UpdateControlSet("Control/Session Manager/Environment/DEVMGR_SHOW_NONPRESENT_DEVICES|REG_SZ|1"); // Disable Beeps SetReg("HKCU/Control Panel/Sound/Beep|REG_SZ|no"); // Customize Desktop... SetUserReg("Control Panel/Desktop/CoolSwitch|REG_SZ|1"); SetUserReg("Control Panel/Desktop/CoolSwitchRows|REG_SZ|3"); SetUserReg("Control Panel/Desktop/CoolSwitchColumns|REG_SZ|7"); SetUserReg("Control Panel/Desktop/ForegroundFlashCount|REG_DWORD|3"); SetUserReg("Control Panel/Desktop/FontSmoothing|REG_SZ|2"); SetUserReg("Control Panel/Desktop/FontSmoothingType|REG_DWORD|1"); SetUserReg("Control Panel/Desktop/CaretWidth|REG_DWORD|1"); SetUserReg("Control Panel/Desktop/CursorBlinkRate|REG_SZ|200"); SetUserReg("Control Panel/Desktop/GridGranularity|REG_SZ|0"); SetUserReg("Control Panel/Desktop/DragFullWindows|REG_SZ|0"); SetUserReg("Control Panel/Desktop/DragHeight|REG_SZ|4"); SetUserReg("Control Panel/Desktop/DragWidth|REG_SZ|4"); SetUserReg("Control Panel/Desktop/MenuShowDelay|REG_SZ|200"); SetUserReg("Control Panel/Desktop/WheelScrollLines|REG_SZ|3"); SetUserReg("Control Panel/Desktop/WindowMetrics/AppliedDPI|REG_DWORD|96"); SetUserReg("Control Panel/Desktop/WindowMetrics/BorderWidth|REG_SZ|0"); SetUserReg("Control Panel/Desktop/WindowMetrics/CaptionFont|REG_BINARY|f3,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,bc,02,00,00,00,00,00,01,00,00,00,00,54,00,72,00,65,00,62,00,75,00,63,00,68,00,65,00,74,00,20,00,4d,00,53,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetUserReg("Control Panel/Desktop/WindowMetrics/CaptionHeight|REG_SZ|-375"); SetUserReg("Control Panel/Desktop/WindowMetrics/CaptionWidth|REG_SZ|-270"); SetUserReg("Control Panel/Desktop/WindowMetrics/IconFont|REG_BINARY|f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,00,00,01,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetUserReg("Control Panel/Desktop/WindowMetrics/IconSpacing|REG_SZ|-1125"); SetUserReg("Control Panel/Desktop/WindowMetrics/IconTitleWrap|REG_SZ|1"); SetUserReg("Control Panel/Desktop/WindowMetrics/IconVerticalspacing|REG_SZ|-1125"); SetUserReg("Control Panel/Desktop/WindowMetrics/MenuFont|REG_BINARY|f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,00,00,01,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetUserReg("Control Panel/Desktop/WindowMetrics/MenuHeight|REG_SZ|-285"); SetUserReg("Control Panel/Desktop/WindowMetrics/MenuWidth|REG_SZ|-270"); SetUserReg("Control Panel/Desktop/WindowMetrics/MessageFont|REG_BINARY|f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,00,00,01,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetUserReg("Control Panel/Desktop/WindowMetrics/MinAnimate|REG_SZ|0"); SetUserReg("Control Panel/Desktop/WindowMetrics/ScrollHeight|REG_SZ|-255"); SetUserReg("Control Panel/Desktop/WindowMetrics/ScrollWidth|REG_SZ|-255"); SetUserReg("Control Panel/Desktop/WindowMetrics/Shell Icon BPP|REG_SZ|16"); SetUserReg("Control Panel/Desktop/WindowMetrics/Shell Icon Size|REG_SZ|32"); SetUserReg("Control Panel/Desktop/WindowMetrics/SmCaptionFont|REG_BINARY|f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,bc,02,00,00,00,00,00,01,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetUserReg("Control Panel/Desktop/WindowMetrics/SmCaptionHeight|REG_SZ|-255"); SetUserReg("Control Panel/Desktop/WindowMetrics/SmCaptionWidth|REG_SZ|-255"); SetUserReg("Control Panel/Desktop/WindowMetrics/StatusFont|REG_BINARY|f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,00,00,01,00,00,00,00,54,00,61,00,68,00,6f,00,6d,00,61,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00"); SetReg("HKCU/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/Advanced/EnableBalloonTips|REG_DWORD|0"); // Sort Favorites Menu DelReg("HKCU/Software/Microsoft/Windows/CurrentVersion/Explorer/MenuOrder/Favorites"); // Set Registration Done SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/RegDone|REG_SZ|1"); SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Welcome/RegWiz/|REG_SZ|1"); // Remember Folder Settings SetReg("HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/Shell/BagMRU Size|REG_DWORD|5000"); SetReg("HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/ShellNoRoam/BagMRU Size|REG_DWORD|5000"); // Remove the "Regmon is already running" error message DelReg("HKLM/SYSTEM/CurrentControlSet/Enum/Root/LEGACY_REGMON701"); // Set .HTA default icon HTASET("%SYSTEMROOT%\\SYSTEM32\\SHELL32.DLL,44"); // Clear startup items & all changes in MSCONFIG. //DelReg("HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Shared Tools/MSConfig"); //SetReg("HKCU/Software/Microsoft/Windows/CurrentVersion/Run/|REG_SZ|"); //SetReg("HKCU/Software/Microsoft/Windows/CurrentVersion/RunOnce/|REG_SZ|"); //SetReg("HKLM/Software/Microsoft/Windows/CurrentVersion/Run/|REG_SZ|"); //SetReg("HKLM/Software/Microsoft/Windows/CurrentVersion/RunOnce/|REG_SZ|"); //DelReg("HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/"); //DelReg("HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/RunOnce/"); //DelReg("HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run/"); //DelReg("HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunOnce/"); //SetReg("HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run/|REG_SZ|"); //SetReg("HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/RunOnce/|REG_SZ|"); //SetReg("HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run/|REG_SZ|"); //SetReg("HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/RunOnce/|REG_SZ|"); // Show Administrator account. SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/SpecialAccounts/UserList/Administrator|REG_DWORD|1"); // Disable System Restore Configuration SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/SystemRestore/DisableSR|REG_DWORD|1"); SetReg("HKLM/SOFTWARE/Policies/Microsoft/Windows NT/SystemRestore/DisableConfig|REG_DWORD|1"); // NOTE: Disabling System Restore is not an absolute MUST, but // I have never had any benefit from having this service on. // All it does is save a snapshot of the Windows registry // in a separate location. Here we're trying to reduce the // amount of disk I/O the system has to do. So, why not? // Make sure to power down after shutdown. SetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/Winlogon/PowerdownAfterShutdown|REG_DWORD|1"); UpdateBootINI(); ActivateXP(); // Services set to "Manual": //SetSrv("CryptSvc,dmadmin,dmio,dmserver,Eventlog,EventSystem,ImapiService,Modem,MSDTC,Nla,ose,RasMan,TapiSrv", 3); // Here we disable a bunch of Windows XP services: var SERVICES_LIST = [ "DISABLE:Alerter:Alerter", "DISABLE:CiSvc:Indexing Service", "DISABLE:RDSessMgr:Remote Desktop Help Session Manager", "DISABLE:RSVP:QoS RSVP", "DISABLE:rdpdr:Terminal Server Device Redirector Driver", "DISABLE:ClipSrv:Clipbook", "DISABLE:uploadmgr:Upload Manager", "DISABLE:seclogon:Secondary Logon", "DISABLE:TlntSvr:Telnet", "DISABLE:RemoteAccess:Routing and Remote Access", "DISABLE:mnmsrvc:NetMeeting Remote Desktop Sharing", "DISABLE:NetDDE:Network DDE", "DISABLE:Messenger:Messenger", "DISABLE:RemoteRegistry:Remote Registry", "DISABLE:NetDDEdsdm:Network DDE DSDM", "DISABLE:Netlogon:Netlogon", "DISABLE:FastUserSwitchingCompatibility:Fast User Switching Compatibility", "DISABLE:LanmanServer:Server", "DISABLE:LanmanWorkstation:Workstation", "DISABLE:lmhosts:TCP/IP NetBIOS Helper", "DISABLE:MDM:Machine Debug Manager", "DISABLE:Schedule:Task Scheduler", "DISABLE:SSDPSRV:SSDP Discovery", "DISABLE:TrkWks:Distributed Link Tracking Client", "DISABLE:upnphost:UPnP Device Host", "DISABLE:WebClient:WebClient", "DISABLE:WmdmPmSN:Portable Media Serial Number Service", "DISABLE:wuauserv:Windows Update", "DISABLE:Browser:Computer Browser", "DISABLE:BITS:Background Intelligent Transfer Service", "DISABLE:Dnscache:DNS Client", // Double check this one: "DISABLE:ERSvc:Windows Error Reporting Service", "DISABLE:SCardDrv:", "DISABLE:SCardSvr:Smart Card", "DISABLE:sr:System Restore Filter Driver", "DISABLE:srservice:System Restore Service", "DISABLE:Srv:", "DISABLE:SwPrv:MS Software Shadow Copy Provider", "DISABLE:SysmonLog:", "DISABLE:TermService:Remote Desktop Services", "DISABLE:VSS:Volume Shadow Copy", "DISABLE:Udfs:File System", "DISABLE:UMWdf:Windows User-Mode Driver Framework", "DISABLE:UPS:Uninterruptible Power Supply", "DISABLE:W32Time:Windows Time", "DISABLE:Wmi:Windows Management Instrumentation Driver Extensions", "DISABLE:WmiApSrv:WMI Performance Adapter", "DISABLE:wscsvc:Security Center", "DISABLE:gupdate:Google Update Service (gupdate)", "DISABLE:gupdatem:Google Update Service (gupdatem)", "DISABLE:PolicyAgent:IPsec Policy Agent", "DISABLE:Ati HotKey Poller:Ati HotKey Poller", "DISABLE:SharedAccess:Internet Connection Sharing (ICS)", "DISABLE:helpsvc:Microsoft Help Center", "DISABLE:spupdsvc:Microsoft Update RunOnce Service", "MANUAL:RasAcd:Remote Access Auto Connection Driver", "MANUAL:NtmsSvc:Removable Storage", "MANUAL:TapiSrv:Telephony", "MANUAL:ALG:Application Layer Gateway Service", "MANUAL:AppMgmt:Application Management", "MANUAL:WZCSVC:Wireless Zero Configuration", "MANUAL:dmadmin:Logical Disk Manager Administrative Service", "MANUAL:SamSs:Security Accounts Manager", "MANUAL:EventSystem:COM+ Event System", "MANUAL:HidServ:Human Interface Device", "MANUAL:Nla:Network Location Awareness Service Provider (NLA)", "MANUAL:ProtectedStorage:Protected Storage Service", "MANUAL:CryptSvc:Cryptographic Services", "MANUAL:dmserver:Logical Disk Manager", "MANUAL:COMSysApp:COM+ System Application", "MANUAL:ImapiService:IMAPI CD-Burning COM Service", "MANUAL:MSDTC:Microsoft Distributed Transaction Coordinator", "MANUAL:JavaQuickStarterService:Java Quick Starter", "MANUAL:Modem:Modem", "MANUAL:Ntfs:NTFS File System", "MANUAL:ose:Office Source Engine", "AUTOMATIC:EventLog,Windows Event Log", "AUTOMATIC:Tcpip:TCP/IP Protocol Driver", "AUTOMATIC:IPSec:IPsec Policy Agent", "AUTOMATIC:RasMan:Remote Access Connection Manager", "AUTOMATIC:RasAuto:Remote Access Auto Connection Manager", "AUTOMATIC:Spooler:Print Spooler" ]; SetServices(SERVICES_LIST); // NOTE: Do not disable Eventlog, because it will cause // a very long delay when Windows starts. This service // must be set to "Automatic" for best performance! } ////////////////////////////////////////////////////////// // // This function sets the timeout in BOOT.INI to zero. // [Windows_XP_ONLY] // function UpdateBootINI() { var FILE = "C:\\BOOT.INI"; var TIMEOUT = "timeout=0"; // Clear S-H-R attributes. var F = FSO.GetFile(FILE); F.Attributes = 32; // Archive attribute // Read the whole file F = FSO.OpenTextFile(FILE, 1); var A = F.ReadAll(); F.Close(); // MODIFY CERTAIN THINGS IN BOOT.INI A = A.split("/fastdetect").join("/FASTDETECT"); A = A.split("/noexecute=optin").join("/NOEXECUTE=OPTIN"); A = A.split("multi(0)disk(0)rdisk(0)partition(1)\\").join("C:\\"); A = A.replace(RegExp("\r\n", "g"), "\n").split("\n"); var i, P, LINE, HEADING, VARLABEL, VARVALUE; for (i = 0; i < A.length; i++) { LINE = Trim(A[i]).toUpperCase(); VARLABEL = ""; VARVALUE = ""; P = LINE.indexOf("="); if (P > 0) { VARLABEL = LINE.slice(0, P++); VARVALUE = LINE.slice(P, LINE.length); } if (LINE.charAt(0) == "[") { HEADING = LINE.slice(1, LINE.length - 1); continue; } // Change timeout if (HEADING == "BOOT LOADER" && VARLABEL == "TIMEOUT") A[i] = TIMEOUT; // Change Windows 98 heading (if applicable). if (HEADING == "OPERATING SYSTEMS" && VARLABEL == "C:\\") if (VARVALUE.indexOf("\"MICROSOFT WINDOWS\"") >= 0 || VARVALUE.indexOf("DOS") >= 0) A[i] = "C:\\=\"MS-DOS Command Prompt\""; } // Save changes. CreateFile(FILE, A.join("\r\n")); // Set H-R-A attributes. Run("ATTRIB +H +R +A " + FILE); } ////////////////////////////////////////////////////////// // // This function will attempt to activate XP. // (may or may not work) // function ActivateXP() { // NOTE: Windows XP Corporate Edition does not require activation. SetReg("HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon\\Activation Required|REG_DWORD|0"); SetReg("HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\WPAEvents\\OOBETimer|REG_BINARY|ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd,73"); try { Run("ATTRIB C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\*.* -R"); UnReg("C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICWMI.DLL"); UnReg("C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\REGWIZC.DLL"); UnReg("C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICDLL.DLL"); Run("MD C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\WPABALN.EXE C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\PREFETCH\\WPABALN.EXE* C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\\LICDLL.DLL C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\\LICWMI.DLL C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\WPABALN.EXE C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICDLL.DLL C:\\WINDOWS\\TEMP"); Run("COPY /Y C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICWMI.DLL C:\\WINDOWS\\TEMP"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\WPABALN.EXE"); Run("DEL /S /F /Q C:\\WINDOWS\\PREFETCH\\WPABALN.EXE*"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\LICDLL.DLL"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\LICWMI.DLL"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\WPABALN.EXE"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICDLL.DLL"); Run("DEL /S /F /Q C:\\WINDOWS\\SYSTEM32\\DLLCACHE\\LICWMI.DLL"); Run("DELTREE /Y C:\\WINDOWS\\PREFETCH"); } catch(e) {} } ////////////////////////////////////////////////////////// // // This function runs on Windows 7 or Vista only: // function Run_on_Win7_or_Vista() { var MANUAL = "Schedule,Task Scheduler|SamSs,Security Accounts Manager|msiserver,Windows Installer"; var AUTOMATIC = "eventlog,Windows Event Log|Winmgmt,Windows Management Instrumentation|Audiosrv,Windows Audio|AudioEndpointBuilder,Windows Audio Endpoint Builder|ProfSvc,User Profile Service|Themes,Themes|SENS,System Event Notification Service|SysMain,Superfetch|sppsvc,Software Protection|ShellHWDetection,Shell Hardware Detection|RpcEptMapper,RPC Endpoint Mapper|RpcSs,Remote Procedure Call (RPC)|Spooler,Print Spooler|Power,Power|PlugPlay,Plug and Play|nsi,Network Store Interface Service|NlaSvc,Network Location Awareness|gpsvc,Group Policy Client|Dnscache,DNS Client|DPS,Diagnostic Policy Service|Dhcp,DHCP Client|UxSms,Desktop Window Manager Session Manager|DcomLaunch,DCOM Server Process Launcher|CryptSvc,Cryptographic Services|EventSystem,COM+ Event System|BFE,Base Filtering Engine"; var DISABLE = "SharedAccess,Internet Connection Sharing (ICS)|wmiApSrv,WMI Performance Adapter|SDRSVC,Windows Backup|BITS,Background Intelligent Transfer Service|Browser,Computer Browser|defragsvc,Disk Defragmenter|TrkWks,Distributed Link Tracking Client|Fax,Fax|fdPHost,Function Discovery Provider Host|FDResPub,Function Discovery Resource Publication|IKEEXT,IKE and AuthIP IPsec Keying Modules|iphlpsvc,IP Helper|PolicyAgent,IPsec Policy Agent|lltdsvc,Link-Layer Topology Discovery Mapper|MDM,Machine Debug Manager|Mcx2Svc,Media Center Extender Service|clr_optimization_v2.0.50727_32,Microsoft .NET Framework NGEN v2.0.50727_X86|swprv,Microsoft Software Shadow Copy Provider|NetTcpPortSharing,Net.Tcp Port Sharing Service|NMIndexingService,NMIndexingService|CscService,Offline Files|PNRPAutoReg,PNRP Machine Name Publication Service|wercplsupport,Problem Reports and Solutions Control Panel Support|PcaSvc,Program Compatibility Assistant Service|SessionEnv,Remote Desktop Configuration|TermService,Remote Desktop Services|UmRdpService,Remote Desktop Services UserMode Port Redirector|RemoteRegistry,Remote Registry|RemoteAccess,Routing and Remote Access|wscsvc,Security Center|LanmanSrver,Server|SSDPSRV,SSDP Discovery|lmhosts,TCP/IP NetBIOS Helper|TapiSrv,Telephony|upnphost,UPnP Device Host|VSS,Volume Shadow Copy|WinDefend,Windows Defender|wudfsvc,Windows Driver Foundation - User-mode Driver Framework|WerSvc,Windows Error Reporting Service|MpsSvc,Windows Firewall|WMPNetworkSvc,Windows Media Player Network Sharing Service|WinRM,Windows Remote Management (WS-Management)|WSearch,Windows Search|W32Time,Windows Time|wuauserv,Windows Update|WinHttpAutoProxySvc,WinHTTP Web Proxy Auto-Discovery Service|LanmanWorkstation,Workstation"; // Create list: var i; var SVC_NAME, SVC_DESCRIPTION; var ALERT = []; DISABLE = DISABLE.split("|"); for (i = 0; i < DISABLE.length; i++) { SERVICE = DISABLE[i].split(","); SVC_NAME = SERVICE[0]; SVC_DESCRIPTION = SERVICE[1]; DisableService(SVC_NAME, SVC_DESCRIPTION); ALERT.push((i+1) + ") " + SVC_DESCRIPTION); } MANUAL = MANUAL.split("|"); for (i = 0; i < MANUAL.length; i++) { SERVICE = MANUAL[i].split(","); SVC_NAME = SERVICE[0]; SVC_DESCRIPTION = SERVICE[1]; ManualService(SVC_NAME, SVC_DESCRIPTION); } AUTOMATIC = AUTOMATIC.split("|"); for (i = 0; i < AUTOMATIC.length; i++) { SERVICE = AUTOMATIC[i].split(","); SVC_NAME = SERVICE[0]; SVC_DESCRIPTION = SERVICE[1]; AutomaticService(SVC_NAME, SVC_DESCRIPTION); } } ////////////////////////////////////////////////////////// // // This function is responsible for saving the REG entries // to an actual REG file. // function SaveREG() { var WORK = GetWorkDir(); var FILENAME = JoinPath(WORK, "TWEAKS.REG"); var SUCCESS = CreateFile(FILENAME, REG.join("\r\n")); if (SUCCESS) { Alert("Your system settings have been updated.\nPlease restar your computer now.\n\n( File created: " + FILENAME + " )"); UpdateRegistry(FILENAME); } else { Abort("Some changes have been made, but registry tweaks cannot be applied.\nCouldn't create output file: " + FILENAME); } } ////////////////////////////////////////////////////////// // // This function runs on Windows 98 only: // function Run_on_Win98_ONLY() { if (!FSO.FileExits("WSCRIPT.ICO")) Abort("Please copy WSCRIPT.ICO to the current directory."); // Set HTA file icon. CopyFile("WSCRIPT.ICO", "C:\\WINDOWS\\WSCRIPT.ICO"); HTASET("C:\\WINDOWS\\WSCRIPT.ICO"); // We're done. Windows 98 was pretty secure out of the box. // It's not going to get a virus or spyware unless you // install an additional software that has a vulnerability. } ////////////////////////////////////////////////////////// // // This function expands common registry name abbreviations. // function ExpandRegPath(r) { r = r.split("/").join("\\"); var $ = r.slice(4); var X = r.substr(0, 4).toUpperCase(); if (X == "HKCU") return "HKEY_CURRENT_USER" + $; if (X == "HKCR") return "HKEY_CLASSES_ROOT" + $; if (X == "HKLM") return "HKEY_LOCAL_MACHINE" + $; if (X == "HKCC") return "HKEY_CURRENT_CONFIG" + $; return r; } ////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////// function Trim(T) { T += ""; var i = T.length, j = -1, k; while (i--) if (T.charCodeAt(i) > 32) { if (j < 0) j = i; k = i; } return T.slice(k, j + 1); } function TrimChar(STRING, LIST) { var i = STRING.length; var START = 0; var LAST = 0; while (i--) { if (LIST.indexOf(STRING.charAt(i)) < 0) { START = i; if (LAST == 0) LAST = i + 1; } } return STRING.substring(START, LAST); } function Run(cmd) { try { WSH.Run(cmd); return 1; } catch(e) {} return 0; } function UnReg(f) { if (FSO.FileExists(f)) Run("REGSVR32 /U " + f); } function GetWorkDir() { try { return FSO.GetAbsolutePathName("."); } catch (e) {} try { return WSH.SpecialFolders("Desktop"); } catch (e) {} return "C:\\"; } function CreateFile(FILENAME, STRING) { try { var FILE = FSO.CreateTextFile(FILENAME, true); FILE.Write(STRING); FILE.Close(); return 1; } catch (e) {} return 0; } function DeleteFile(FILENAME) { try { FSO.DeleteFile(FILENAME, true); } catch (e) {} } function CopyFile(SRC, DST) { try { var F = FSO.GetFile(SRC); F.Copy(DST); } catch (e) {} } function Abort(m) { Alert("Oops! " + m); Exit(1); } function Alert(m) { WScript.Echo(m); } function Exit(e) { WScript.Quit(e); } ////////////////////////////////////////////////////////// // // This function reads a value from the Windows registry. // function GetReg(r) { try { return WSH.RegRead(ExpandRegPath(r)); } catch(e) {} return ""; } ////////////////////////////////////////////////////////// // // This function calls REGEDT32.EXE to process // a registry file right away. // function UpdateRegistry(FILENAME) { return Run("REGEDT32.EXE /S " + FILENAME); } ////////////////////////////////////////////////////////// // // This function ensures that values written within // quotation marks are properly escaped. // function QuoteStr(s) { s = s.split('"').join("\\\""); // Replace " with \" s = s.split("\\").join("\\\\"); // Replace \ with \\ return '"' + s + '"'; // Surround with " } ////////////////////////////////////////////////////////// // // function SetReg(r) { r = r.split("|"); var PATH = ExpandRegPath(r[0]); var P = PATH.split("\\"); var NAME = P.pop(); var TYPE = r[1].toUpperCase(); var VALUE = r[2]; REG.push("[" + PATH + "]"); NAME = (PATH.charAt(PATH.length-1) == "\\") ? "@" : '"' + NAME + '"'; if (TYPE == "REG_SZ") REG.push(NAME + '=' + QuoteStr(VALUE)); if (TYPE == "REG_DWORD") REG.push(NAME + '=dword:' + VALUE); if (TYPE == "REG_BINARY") REG.push(NAME + '=hex(2):' + VALUE); // Modify the registry right away: try { WSH.RegWrite(PATH, VALUE, TYPE); } catch(e) {} } ////////////////////////////////////////////////////////// // // This function records an entry in a REG file which will // be responsible for deleting an item from Windows registry. // function DelReg(r) { r = ExpandRegPath(r); REG.push("[-" + r + "]"); try { WSH.RegDelete(r); } catch(e) {} // Delete an item from registry right away } ////////////////////////////////////////////////////////// // // This function updates some settings in all profiles // in the Windows registry. Unlike some other functions // in this program, this one does not write changes to a // REG file. This function attempts to write to the // registry directly (this may or may not work always). // function UpdateControlSet(r) { SetReg("HKLM/SYSTEM/ControlSet001/" + r); SetReg("HKLM/SYSTEM/ControlSet002/" + r); SetReg("HKLM/SYSTEM/CurrentControlSet/" + r); } ////////////////////////////////////////////////////////// // // This function updates some settings in all user profiles // in the Windows registry. Unlike some other functions // in this program, this one does not write changes to a // REG file. This function attempts to write to the // registry directly (this may or may not work always). // function SetUserReg(r) { SetReg("HKCU/" + r); SetReg("HKEY_USERS/.DEFAULT/" + r); } ////////////////////////////////////////////////////////// // // This function updates the startup type of a list // of services. This function attempts to write to the // registry directly (this may or may not work always). // function SetSrv(SERVICELIST, VALUE) { var SERVICE = SERVICELIST.split(","); for (var i = 0; i < SERVICE.length; i++) UpdateControlSet("Services/" + SERVICE[i] + "/Start|REG_DWORD|" + VALUE); } ////////////////////////////////////////////////////////// // // This function tries to detect the Windows version. // Returns 0 = Unknown // 1 = Windows 95 // 2 = Windows 98 // 3 = Windows Me // 4 = Windows 2000 // 5 = Windows XP // 6 = Windows Vista // 7 = Windows 7 // 8 = Windows 8 // 10 = Windows 10 // function WinVer() { var X = GetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/VersionNumber"); if (X.indexOf("4.00.950") >= 0) return 1; var V = GetReg("HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Version").toUpperCase(); if (V.indexOf("MILLENNIUM") >= 0) return 3; if (X || V) return 2; V = GetReg("HKLM/SOFTWARE/Microsoft/Windows NT/CurrentVersion/CurrentVersion"); if (V == "5.0") return 4; if (V == "5.1" || V == "5.2") return 5; if (V == "6.0") return 6; if (V == "6.1") return 7; if (V == "6.2" || V == "6.3") return 8; if (V == "10.0") return 10; return 0; } ////////////////////////////////////////////////////////// // // This function joins two names into a single path by // adding / in between the names. It also simplifies the // resulting path by removing repeated \\ // characters, // and tries to resolve the "." and ".." in a path name // to literal names only. // Usage: STRING = JoinPath(STRING, STRING, [STRING]...) // function JoinPath(PATH) { var A = [], i; for (i = 0; i < arguments.length; i++) { if (arguments[i].length) A.push(Trim(arguments[i].split("/").join("\\"))); } // Remove prefix if (PATH.substr(0, 8).toUpperCase() == "FILE:///") PATH = PATH.slice(8); // Detect drive letter / start point var DRIVE = ""; var BACKSLASH = ""; if (PATH.charAt(1) == ":") { DRIVE = PATH.substr(0, 2); PATH = PATH.slice(2); } if (PATH.charAt(0) == "\\") { BACKSLASH = "\\"; PATH = PATH.slice(1); } A[0] = PATH; // Process each section of path for (i = 0; i < A.length; i++) { // Remove leading and trailing slashes A[i] = TrimChar(A[i], "/\\"); // Remove "." or zero-length string if (A[i] == "." || A[i].length == 0) { A.splice(i--, 1); continue; } // Resolve ".." if (A[i] == "..") { if (i > 0) { A.splice(--i, 2); i--; } else { A.splice(i, 1); i--; } } } return DRIVE + BACKSLASH + A.join("\\"); } ////////////////////////////////////////////////////////// // // This function creates entries in a REG file that will // disable a service so it can't start. // function DisableService(NAME, DESCRIPTION) { SetService(NAME, "Disable: " + DESCRIPTION, 4); } ////////////////////////////////////////////////////////// // // This function creates entries in a REG file that will // set a service to start manually when needed. // function ManualService(NAME, DESCRIPTION) { SetService(NAME, "Manual: " + DESCRIPTION, 3); } ////////////////////////////////////////////////////////// // // This function creates entries in a REG file that will // set a service to start automatically. // function AutomaticService(NAME, DESCRIPTION) { SetService(NAME, "AutoStart: " + DESCRIPTION, 2); } ////////////////////////////////////////////////////////// // // This function creates entries in a REG file that will // either disable or enable a service in Windows registry. // function SetService(NAME, DESCRIPTION, STARTUP) { var C = "ControlSet"; var L = "[HKEY_LOCAL_MACHINE\\SYSTEM\\"; NAME = "\\Services\\" + NAME + "]\r\n\"Start\"=DWORD:0000000" + STARTUP; REG.push("\r\n; " + DESCRIPTION); REG.push(L + "Current" + C + NAME); REG.push(L + C + "001" + NAME); REG.push(L + C + "002" + NAME); } //////////////////////////////////////////////////////////