Buat Antivirus Penyerang File exe Secara manual

31 10 2007

Nih, aku dapet dari temen. Tapi sayang temanku gak bilang dia dapet sumber ini dari mana. Nah, untuk komputer kamu yang gak bisa jalanin file-file berekstensi exe. misal gak bisa ngebuka browser, setting networks, atau program-program lain yang berformat exe. Cara buat antivirusnya gampang kok nih:

1. 1) Buka notepad. Udah itu copy tulisan di bawah ini ke notepad kamu (tulisan warna item aja).

[Version]

Signature=”$Chicago$”

Provider=Vaksincom

[DefaultInstall]

AddReg=UnhookRegKey

DelReg=del

[UnhookRegKey]

HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”

HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”

HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”

HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, “cmd.exe”

HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0x00010001,1

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, userinit,0, C:\WINDOWS\System32\userinit.exe ,

[del]

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp

HKCU, Software\Microsoft\Windows\CurrentVersion\Run,T1702521TT4

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run,T70Z516

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Msconfig.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

HKCU, Software\VB and VBA Program Settings

2. 2) Setelah command2 di atas dicopy dinotepad, lalu save as dalam bentuk format *.inf misalnya antivirus.inf

3. 3) Kemudian buat 1 lagi di notepad juga. Copy command2 (tulisan warna item aja) berikut:

[Version]

Signature=”$Chicago$”

Provider=Babenya Galak

[DefaultInstall]

AddReg=UnhookRegKey

DelReg=del

[UnhookRegKey]

HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”

HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”

HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”

HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Bitmap,0, “C:\WINDOWS\SYSTEM32\SHELL32.DLL,4″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Text,0, “@shell32.dll,-30498″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState, text,0, “@shell32.dll,-30506″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer, text,0, “@shell32.dll,-30497″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess, text,0, “@shell32.dll,-30507″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache, text,0, “@shell32.dll,-30517″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip, text,0, “@shell32.dll,-30514″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree, text,0, “@shell32.dll,-30511″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, Bitmap,0, “%SystemRoot%\system32\SHELL32.dll,4″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, text,0, “@shell32.dll,-30499″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, text,0, “@shell32.dll,-30499″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN, text,0, “@shell32.dll,-30501″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, CheckedValue,0x00010001,1

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, DefaultValue,0x00010001,2

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, text,0,”@shell32.dll,-30503″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “CheckBox”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler, text,0, “@shell32.dll,-30509″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers, text,0, “@shell32.dll,-30513″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor, text,0, “@shell32.dll,-30512″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath, text,0, “@shell32.dll,-30504″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress, text,0, “@shell32.dll,-30505″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip, text,0, “@shell32.dll,-30502″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing, text,0, “@shell32.dll,-30518″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, text,0, “@shell32.dll,-30508″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets, Bitmap ,0, “C:\WINDOWS\system32\SHELL32.DLL,4″

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO, text,0, “Show and manage the pair as a single file”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE, text,0, “Show both parts but manage as a single file”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE, text,0, “Show both parts and manage them individually”

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade, text,0, “@shell32.dll,-30510″

[del]

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistriTools

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableCMD

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr

HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions

HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Intelprc

HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Network

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SystemWindows

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, legalnoticecaption

HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system,legalnoticetext

4. Sama kayak yang nomor 2, save as dalam bentuk *.inf misalnya antivirus2.inf

5. Akhirnya kamu mendapatkan 2 ikon yang bakal membunuh virus yang nyerang aplikasi exe.

Cara kerja:

1. Klik kanan pada ikon yang berextensi *.inf tadi

2. Cari Install dengan klik kanan pada icon ekstensi *.inf

3. Klik Install

4. Lakukan kedua2 nya (File tadi)

5. Mudah2an virus tadi keot dan kamu bisa ngerjain aplikasi exe lagi.

6. Met mencoba

:-)

About these ads

Actions

Information

44 responses

6 11 2007
andi

gw udah coba koq g bisa ya..

bantuin dong lg blajar nich.
kirim ja ke E-mail ku

31 05 2010
awzyz

mas kok smua ikon d kompter kok g bsa ke buka?????????
ap kna vrus??

7 11 2007
ardiansyahputra

komputer mas harus kena virus yang nyerang *.exe dulu donk baru bisa nampak perubahannya.Okeeeeeeeee….

22 11 2007
Hisyam Basyeban

udah bisa..bagus banget tutorialnya….
berarti buat anti virus emang harus bener2 paham registry win dulu ya… :(

26 11 2007
UJA

ALHAMDULILAH..ternyata ada org SEBIJAK Maz..THANK U BERAT.. pgn juga belajar yg lainnya.. mngkin via Email atau KopiDarat Boz.. Demi kemajuan Teknologi diwariskan ilmunya yaks.. ^_^

28 11 2007
ardiansyahputra

patah tumbuh hilang berganti…

21 12 2007
Ali Ridho

aku coba buat tapi kok waktu diinstal muncul kotak dialog open with?

14 02 2008
kaka

aku kok nggak tahu yang kayak gituan bisa didetailkan lagi nggak mas maksud aku pertama bukanya dimana? program apa yang dibuka?

16 02 2008
ardiansyahputra

Untuk kaka:
1.buka 2 notepadnya dikomputer
2.copy registry yang ditulis di atas ke notepad
3.save dalam bentuk *inf misal antivirus.inf
4.setelah tersimpan dan icon berubah, klik kanan – pilih instal.
5.antivirus ini berguna utk komputer yang gak bisa ngebuka file2 berekstensi exe.

4 03 2008
iwal

mas… sekarang saya benar-benar minta tolng sama mas…. barusan saya coba, tapi waktu menginstallnya kok yang muncul masalah kotak doalog open with…

4 03 2008
iwal

mas…tolong dijawab secepatnya dong…. ni saya penting banget ni…

9 04 2008
12U13Y

Thank” S Yaaaaaaaa

12 04 2008
Dony

Ni caranya untuk nyelesein masalah open with…

Good Luck… ;)

1. Open Command Prompt by typing command in RUN dialog box.

2. Now provide following command:

cd\windows

3. It’ll activate Windows folder. Now provide following command to open Registry Editor:

regedit

4. Now goto following key:

HKEY_CLASSES_ROOT\.exe

In right-side pane, change value of Default key to exefile

5. Now goto:

HKEY_CLASSES_ROOT\exefile\shell\open\command

In right-side pane, change value of Default key to:

“%1″ %*

6. Thats it. Now exit Registry Editor and restart your Windows

20 06 2008
fajar

terima kasih banget ya antivirus nya, tapi kalu untuk virus yang bisa menghapus data gimana buatnya ???? ajari dong.

22 06 2008
muliawan

Saya sdh lakukan spt di atas, tp koq skg klo run-regedit yg keluar dialog: Open With melulu ? Ini bgm cara spy sy bs buka Run dan bs membuka cmd, taskmgr, regedit dan lain2 seperti semula yah? Sy jd gak bs buka RUN nih. Tolong yah…Ato tolong email caranya ke muliawanst@yahoo.com pls…

23 06 2008
ardiansyahputra

@Muliawan
Coba lihat komentar Dony di halaman ini.

23 11 2008
arief_spekta

syukran katsiran..

4 01 2009
halo

mas sbnernya ad yg nyangkut di solusi anda…ini kan problemnya ga bisa buka .exe, sedangkan dengan bikin file .inf, itu kan aplikasi yg pake grpconv.exe<<<(biasanya nyang bikin virus bikin file inf kek gini, makanya biasanya grpconv.exe dbilang trojan ato semacemnya, soalnya ini applikasi costumade)

nah yg janggal lha wong kita mau bnerin .exe yg ga bisa d buka, tapi cara nyelesainya pake .exe juga, ya nda bisa d buka…hehe y nda beres2 atuh….^^ V

8 01 2009
boy gilang ramadhan

koq g bisa

21 01 2009
evil

antivirus ne pa cuma bereaksi pada file .exe jaaa???

22 01 2009
RUSMA

duh gmin donk cara bwt nya

18 02 2009
erma yulihastin

Terima kasih banyak ya, Mas Ardian.
Saya sudah mencoba solusi antivirus manual dari Anda, dan ternyata berhasil.
Padahal semua antivirus (AVG, PCMAV, dan RegRun) untuk menghilangkan virus.exe tidak mempan.
Virus.exe menyerang ke C dan D komputer saya. Jadi saya kopi aja tuh antivirus.inf dan antivirus2.inf ke C dan D, terus diinstal. Ternyata manjuuur… Virusnya langsung musnah..

nuhun dan salam,
erma y.

1 03 2009
HaCKER Community TAHU

Ngaku aja deh, ini script virus kan!!!. Nih buktinya :
[del]
Bla-bla-bla—Policies\System,DisableRegistryTools (block alt registry)
Bla-bla-bla—\Policies\Explorer,NoFolderOptions (block fol option)

*BUKAN MEMNUAT APLIKASI EXE TERBUKA TAPI TERBLOKIR (KHUSUSNYA FILE PENTING DI C SEPERTI CMD,REGEDIT,FOLDER OPTION JADI ANEH DAN MASIH BANYAK LAGI*

dan lainnya yg membuat komputer tempat saya praktekan script ini menjadi :
Kehilangan kemampuan membaca regedit,folder option,cmd,menu start,tidak lupa juga virus ini membuat komputer HANYA MEMUNCULKAN EXPLORE STELAH STARTUP!!!!. JANGAN HAPUS NI KOMENTAR, KALO G LU YANG PUNYA NI BLOG PENGECUT!!! OH,YA NGGA USAH PAKE BAHASA BAIK TAPI NGERUSAK KOMPUTER ORANG LAIN.

6 05 2009
Nedhyk

mohon petunjuknya:

kan q dah cb bersihin virus .EXE pake *.inf tapi trus kompie q malah aneh gt gak bs bk CommandPrompt dll. tu gmn cara balikinnya ato normalin lg gt?

trmksh.

1 03 2009
HaCKER Community TAHU

UNTUNG PADA G BISA BUAT KALO BISA MODAR DEH YANG BUAT DAN INSTALL

5 03 2009
ardiansyahputra

@hacker community tahu
makasi infonya. tapi swear saya ga ngerti yg begituan, tujuan saya disini cuman ngasih ilmu aja kok, yg pernah saya praktekin dan sukses akan saya posting diblog nih. Tapi jujur saya bukan virus maker dan gak ada sangkut pautnya ngerugiin orang lain. Nih sumber juga saya dapet dari orang lain juga lho mas. Tapi kayaknya yg ngasih comment ini sebenarnya lebih tau ttg yg beginian kan. Ya udah sapa aja yg baca artikel ini terserah deh tanggapannya gimana. Yg penting yg punya blog nih ikhlas bagi2 ilmu. ..

12 03 2009
HaCKER

Ok, sekarang bolehkan saya promosi??. Kalau mau buat virus ke hacker8d.wordpress.com aja ya.

12 03 2009
HaCKER

Oh ya buat Mas Ardiansyah, lain kali kalau mau buat posting, di cek dulu ya.

13 03 2009
Heran???

Misi-misi, mas mau nanya. Kenapa yah website mas bisa muncul di urutan pertama??. Tolong dibantu ya mas, maklum newbie. Trus mas kan pake wordpress. Gimana sih caranya posting di halaman lain. Klo di webku, buat posting nanti akhirnya ke 1 halaman itu lagi. Mohon bantuan-nya ya mas, maklum masih newbie. Ngomong-ngomong, mas ribut sama siapa??

19 03 2009
HaCKER

Woi, mas saya promosi lagi yah. Yang mau mengetahui tentang komputer,virus, antivirus dan lain-lain silahkan ke sini

29 03 2009
Please

Mas, tolong dong link saya dimasukin blogroll di sini

7 04 2009
binun

mas ko setelah saya copy & instal Open With melulu lalu sy restart eh malah ga mau kebuka window nya help dunk mas gmn neh solusinya ?

6 05 2009
Nedhyk

mohon petunjuknya mas Ardy :
kan q dah pake script yang mas Ardy ksh tuk ilangin virus .EXE pake *.inf tapi sekarang komputerQ jadi gak bisa buka command promt & aneh gt. tuk kembaliin awal kayak smula gmn ya biar normal lg gt??

trmksh.

25 06 2009
2aG1

ada yang lain lagi ga? q masih pengen nyoba lagi bos!

25 06 2009
2aG1

maksudnya nyoba diedit dan diperbaharui, makasih buat kebodohannya.

13 07 2009
bkn sapa2

boz, HaCKER Community TAHU..
kamsudnya bknnya gn ya?…

[del] <- kamsudnya tu kn ngedelete..

Bla-bla-bla—Policies\System,DisableRegistryTools (disable registry yg dah dibuat oleh virus, jika ini di delete, maka registry akan bisa diakses ato normal).

Bla-bla-bla—\Policies\Explorer,NoFolderOptions (NoFolderOptions tu kan dibuat oleh virus, jika ini di delete, maka folder options akan bisa tampil kembali ato normal)

bnr ga kira2?..
ato gw yg slh?..

24 07 2009
ray

mas penjelasan open wth’a bisa pke b.ind aja ga?

7 10 2009
finalheaven

wah keren mas

sip deh

bisa minta yang lebih keren lagi mas?

8 10 2009
yohansyah

wah,…parah banget !!! dah di coba malah semua program file aplikasi .exe gak bisa ke buka !!
untung gw punya repairnya !!

nih scriptnya :

[Version]
Signature=”$Chicago$”
Provider=Vaksincom

[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, UncheckedValue,0x00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,CheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,DefaultValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, CheckedValue,0x00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, DefaultValue,0x00010001,0
HKCU, Software\Microsoft\Internet Explorer\Main, Start Page,0, “about:blank”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “checkbox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, type,0, “checkbox”
HKCU, Control Panel\International, s1159,0, “AM”
HKCU, Control Panel\International, s2359,0, “PM”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, ShowSuperHidden,0x00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, SuperHidden,0x00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, HideFileExt,0x00010001,0

[del]
HKCU, Software\Microsoft\Internet Explorer\Main, Window Title,
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableConfig
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableSR
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspoold.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspool.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HokageFile.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rin.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Obito.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMP.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tasklist.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KakashiHatake.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears-CLN.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears-RTP.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boot.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HOKAGE4.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Instal.exe, debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansavgd.exe
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind
HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer, DisableMSI
HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer, LimitSystemRestoreCheckpointing
HKCR, exefile, NeverShowExt
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PaRaY_VM
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConfigVir
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NviDiaGT
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NarmonVirusAnti
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVManager
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, EnableLUA
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore

31 10 2009
amkjas

orang gila

6 12 2009
wahyu

wah napa msih g bisa tolong ajarin lagi ya…
k setelah klik knan trus install,,, trus di buka pkek apa…

19 01 2010
hazby

wah,, thank’s buat mas HaCKER Community TAHU,,,
awal’y saya jg bingung,, kok system CMD, Dll, (Disable)
untung’y saya sempet baca posting mas,, jdi lebih yakin,, hehe,, thank’s all,,,

7 02 2010
dealova

mas……… gmn nich file saya yg berformat .exe ga bs kebuka? setelah mw install notepadnya……… skrg sy mw hapus notepadnya jg gbs… tlg donk gmn normalin lg sistem komputer saya…………

16 02 2010
adhink

sumpaaaaaah anjink loe yg bikin Buat Antivirus Penyerang File exe Secara manual……..

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




Follow

Get every new post delivered to your Inbox.

%d bloggers like this: