Nih, aku dapet dari temen. Tapi sayang temanku gak bilang dia dapet sumber ini dari mana. Nah, untuk komputer kamu yang gak bisa jalanin file-file berekstensi exe. misal gak bisa ngebuka browser, setting networks, atau program-program lain yang berformat exe. Cara buat antivirusnya gampang kok nih:
1. 1) Buka notepad. Udah itu copy tulisan di bawah ini ke notepad kamu (tulisan warna item aja).
[Version]
Signature=”$Chicago$”
Provider=Vaksincom
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\ControlSet002\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, userinit,0, C:\WINDOWS\System32\userinit.exe ,
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\WinOldApp
HKCU, Software\Microsoft\Windows\CurrentVersion\Run,T1702521TT4
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run,T70Z516
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKCU, Software\VB and VBA Program Settings
2. 2) Setelah command2 di atas dicopy dinotepad, lalu save as dalam bentuk format *.inf misalnya antivirus.inf
3. 3) Kemudian buat 1 lagi di notepad juga. Copy command2 (tulisan warna item aja) berikut:
[Version]
Signature=”$Chicago$”
Provider=Babenya Galak
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Bitmap,0, “C:\WINDOWS\SYSTEM32\SHELL32.DLL,4”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder, Text,0, “@shell32.dll,-30498”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ClassicViewState, text,0, “@shell32.dll,-30506”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ControlPanelInMyComputer, text,0, “@shell32.dll,-30497”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DesktopProcess, text,0, “@shell32.dll,-30507”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\DisableThumbCache, text,0, “@shell32.dll,-30517”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FolderSizeTip, text,0, “@shell32.dll,-30514”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\FriendlyTree, text,0, “@shell32.dll,-30511”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, Bitmap,0, “%SystemRoot%\system32\SHELL32.dll,4”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden, text,0, “@shell32.dll,-30499”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, text,0, “@shell32.dll,-30499”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN, text,0, “@shell32.dll,-30501”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, CheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL, DefaultValue,0x00010001,2
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, text,0,”@shell32.dll,-30503″
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “CheckBox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\NetCrawler, text,0, “@shell32.dll,-30509”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\PersistBrowsers, text,0, “@shell32.dll,-30513”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowCompColor, text,0, “@shell32.dll,-30512”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPath, text,0, “@shell32.dll,-30504”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowFullPathAddress, text,0, “@shell32.dll,-30505”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\ShowInfoTip, text,0, “@shell32.dll,-30502”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SimpleSharing, text,0, “@shell32.dll,-30518”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, text,0, “@shell32.dll,-30508”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets, Bitmap ,0, “C:\WINDOWS\system32\SHELL32.DLL,4”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\AUTO, text,0, “Show and manage the pair as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NOHIDE, text,0, “Show both parts but manage as a single file”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Thickets\NONE, text,0, “Show both parts and manage them individually”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\WebViewBarricade, text,0, “@shell32.dll,-30510”
[del]
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistriTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableCMD
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableTaskMgr
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer,NoFolderOptions
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Intelprc
HKCU, Software\Microsoft\Windows\CurrentVersion\Run, Network
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, SystemWindows
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, legalnoticecaption
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system,legalnoticetext
4. Sama kayak yang nomor 2, save as dalam bentuk *.inf misalnya antivirus2.inf
5. Akhirnya kamu mendapatkan 2 ikon yang bakal membunuh virus yang nyerang aplikasi exe.
Cara kerja:
1. Klik kanan pada ikon yang berextensi *.inf tadi
2. Cari Install dengan klik kanan pada icon ekstensi *.inf
3. Klik Install
4. Lakukan kedua2 nya (File tadi)
5. Mudah2an virus tadi keot dan kamu bisa ngerjain aplikasi exe lagi.
6. Met mencoba
🙂
gw udah coba koq g bisa ya..
bantuin dong lg blajar nich.
kirim ja ke E-mail ku
mas kok smua ikon d kompter kok g bsa ke buka?????????
ap kna vrus??
komputer mas harus kena virus yang nyerang *.exe dulu donk baru bisa nampak perubahannya.Okeeeeeeeee….
udah bisa..bagus banget tutorialnya….
berarti buat anti virus emang harus bener2 paham registry win dulu ya…
😦
ALHAMDULILAH..ternyata ada org SEBIJAK Maz..THANK U BERAT.. pgn juga belajar yg lainnya.. mngkin via Email atau KopiDarat Boz.. Demi kemajuan Teknologi diwariskan ilmunya yaks.. ^_^
patah tumbuh hilang berganti…
aku coba buat tapi kok waktu diinstal muncul kotak dialog open with?
aku kok nggak tahu yang kayak gituan bisa didetailkan lagi nggak mas maksud aku pertama bukanya dimana? program apa yang dibuka?
Untuk kaka:
1.buka 2 notepadnya dikomputer
2.copy registry yang ditulis di atas ke notepad
3.save dalam bentuk *inf misal antivirus.inf
4.setelah tersimpan dan icon berubah, klik kanan – pilih instal.
5.antivirus ini berguna utk komputer yang gak bisa ngebuka file2 berekstensi exe.
mas… sekarang saya benar-benar minta tolng sama mas…. barusan saya coba, tapi waktu menginstallnya kok yang muncul masalah kotak doalog open with…
mas…tolong dijawab secepatnya dong…. ni saya penting banget ni…
Thank” S Yaaaaaaaa
Ni caranya untuk nyelesein masalah open with…
Good Luck… 😉
1. Open Command Prompt by typing command in RUN dialog box.
2. Now provide following command:
cd\windows
3. It’ll activate Windows folder. Now provide following command to open Registry Editor:
regedit
4. Now goto following key:
HKEY_CLASSES_ROOT\.exe
In right-side pane, change value of Default key to exefile
5. Now goto:
HKEY_CLASSES_ROOT\exefile\shell\open\command
In right-side pane, change value of Default key to:
“%1″ %*
6. Thats it. Now exit Registry Editor and restart your Windows
terima kasih banget ya antivirus nya, tapi kalu untuk virus yang bisa menghapus data gimana buatnya ???? ajari dong.
Saya sdh lakukan spt di atas, tp koq skg klo run-regedit yg keluar dialog: Open With melulu ? Ini bgm cara spy sy bs buka Run dan bs membuka cmd, taskmgr, regedit dan lain2 seperti semula yah? Sy jd gak bs buka RUN nih. Tolong yah…Ato tolong email caranya ke muliawanst@yahoo.com pls…
@Muliawan
Coba lihat komentar Dony di halaman ini.
syukran katsiran..
mas sbnernya ad yg nyangkut di solusi anda…ini kan problemnya ga bisa buka .exe, sedangkan dengan bikin file .inf, itu kan aplikasi yg pake grpconv.exe<<<(biasanya nyang bikin virus bikin file inf kek gini, makanya biasanya grpconv.exe dbilang trojan ato semacemnya, soalnya ini applikasi costumade)
nah yg janggal lha wong kita mau bnerin .exe yg ga bisa d buka, tapi cara nyelesainya pake .exe juga, ya nda bisa d buka…hehe y nda beres2 atuh….^^ V
koq g bisa
antivirus ne pa cuma bereaksi pada file .exe jaaa???
duh gmin donk cara bwt nya
Terima kasih banyak ya, Mas Ardian.
Saya sudah mencoba solusi antivirus manual dari Anda, dan ternyata berhasil.
Padahal semua antivirus (AVG, PCMAV, dan RegRun) untuk menghilangkan virus.exe tidak mempan.
Virus.exe menyerang ke C dan D komputer saya. Jadi saya kopi aja tuh antivirus.inf dan antivirus2.inf ke C dan D, terus diinstal. Ternyata manjuuur… Virusnya langsung musnah..
nuhun dan salam,
erma y.
Ngaku aja deh, ini script virus kan!!!. Nih buktinya :
[del]
Bla-bla-bla—Policies\System,DisableRegistryTools (block alt registry)
Bla-bla-bla—\Policies\Explorer,NoFolderOptions (block fol option)
*BUKAN MEMNUAT APLIKASI EXE TERBUKA TAPI TERBLOKIR (KHUSUSNYA FILE PENTING DI C SEPERTI CMD,REGEDIT,FOLDER OPTION JADI ANEH DAN MASIH BANYAK LAGI*
dan lainnya yg membuat komputer tempat saya praktekan script ini menjadi :
Kehilangan kemampuan membaca regedit,folder option,cmd,menu start,tidak lupa juga virus ini membuat komputer HANYA MEMUNCULKAN EXPLORE STELAH STARTUP!!!!. JANGAN HAPUS NI KOMENTAR, KALO G LU YANG PUNYA NI BLOG PENGECUT!!! OH,YA NGGA USAH PAKE BAHASA BAIK TAPI NGERUSAK KOMPUTER ORANG LAIN.
mohon petunjuknya:
kan q dah cb bersihin virus .EXE pake *.inf tapi trus kompie q malah aneh gt gak bs bk CommandPrompt dll. tu gmn cara balikinnya ato normalin lg gt?
trmksh.
UNTUNG PADA G BISA BUAT KALO BISA MODAR DEH YANG BUAT DAN INSTALL
@hacker community tahu
makasi infonya. tapi swear saya ga ngerti yg begituan, tujuan saya disini cuman ngasih ilmu aja kok, yg pernah saya praktekin dan sukses akan saya posting diblog nih. Tapi jujur saya bukan virus maker dan gak ada sangkut pautnya ngerugiin orang lain. Nih sumber juga saya dapet dari orang lain juga lho mas. Tapi kayaknya yg ngasih comment ini sebenarnya lebih tau ttg yg beginian kan. Ya udah sapa aja yg baca artikel ini terserah deh tanggapannya gimana. Yg penting yg punya blog nih ikhlas bagi2 ilmu. ..
Ok, sekarang bolehkan saya promosi??. Kalau mau buat virus ke hacker8d.wordpress.com aja ya.
Oh ya buat Mas Ardiansyah, lain kali kalau mau buat posting, di cek dulu ya.
Misi-misi, mas mau nanya. Kenapa yah website mas bisa muncul di urutan pertama??. Tolong dibantu ya mas, maklum newbie. Trus mas kan pake wordpress. Gimana sih caranya posting di halaman lain. Klo di webku, buat posting nanti akhirnya ke 1 halaman itu lagi. Mohon bantuan-nya ya mas, maklum masih newbie. Ngomong-ngomong, mas ribut sama siapa??
Woi, mas saya promosi lagi yah. Yang mau mengetahui tentang komputer,virus, antivirus dan lain-lain silahkan ke sini
Mas, tolong dong link saya dimasukin blogroll di sini
mas ko setelah saya copy & instal Open With melulu lalu sy restart eh malah ga mau kebuka window nya help dunk mas gmn neh solusinya ?
mohon petunjuknya mas Ardy :
kan q dah pake script yang mas Ardy ksh tuk ilangin virus .EXE pake *.inf tapi sekarang komputerQ jadi gak bisa buka command promt & aneh gt. tuk kembaliin awal kayak smula gmn ya biar normal lg gt??
trmksh.
ada yang lain lagi ga? q masih pengen nyoba lagi bos!
maksudnya nyoba diedit dan diperbaharui, makasih buat kebodohannya.
boz, HaCKER Community TAHU..
kamsudnya bknnya gn ya?…
[del] <- kamsudnya tu kn ngedelete..
Bla-bla-bla—Policies\System,DisableRegistryTools (disable registry yg dah dibuat oleh virus, jika ini di delete, maka registry akan bisa diakses ato normal).
Bla-bla-bla—\Policies\Explorer,NoFolderOptions (NoFolderOptions tu kan dibuat oleh virus, jika ini di delete, maka folder options akan bisa tampil kembali ato normal)
bnr ga kira2?..
ato gw yg slh?..
mas penjelasan open wth’a bisa pke b.ind aja ga?
wah keren mas
sip deh
bisa minta yang lebih keren lagi mas?
wah,…parah banget !!! dah di coba malah semua program file aplikasi .exe gak bisa ke buka !!
untung gw punya repairnya !!
nih scriptnya :
[Version]
Signature=”$Chicago$”
Provider=Vaksincom
[DefaultInstall]
AddReg=UnhookRegKey
DelReg=del
[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\comfile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\exefile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\piffile\shell\open\command,,,”””%1″” %*”
HKLM, Software\CLASSES\regfile\shell\open\command,,,”regedit.exe “%1″”
HKLM, Software\CLASSES\scrfile\shell\open\command,,,”””%1″” %*”
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell,0, “Explorer.exe”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, UncheckedValue,0x00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,CheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt,DefaultValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, UncheckedValue,0x00010001,1
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, CheckedValue,0x00010001,0
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, DefaultValue,0x00010001,0
HKCU, Software\Microsoft\Internet Explorer\Main, Start Page,0, “about:blank”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt, type,0, “checkbox”
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden, type,0, “checkbox”
HKCU, Control Panel\International, s1159,0, “AM”
HKCU, Control Panel\International, s2359,0, “PM”
HKLM, SYSTEM\ControlSet001\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKLM, SYSTEM\CurrentControlSet\Control\SafeBoot, AlternateShell,0, “cmd.exe”
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, ShowSuperHidden,0x00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, SuperHidden,0x00010001,1
HKCU, Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, HideFileExt,0x00010001,0
[del]
HKCU, Software\Microsoft\Internet Explorer\Main, Window Title,
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableConfig
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore, DisableSR
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspoold.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kspool.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HokageFile.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Rin.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Obito.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cmd.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SMP.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskkill.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tasklist.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KakashiHatake.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears-CLN.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears-RTP.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boot.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\HOKAGE4.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Britney Spears
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansav.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Instal.exe, debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Install.exe,debugger
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\procexp.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msiexec.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKLM, SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ansavgd.exe
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegistryTools
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFind
HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer, DisableMSI
HKLM, SOFTWARE\Policies\Microsoft\Windows\Installer, LimitSystemRestoreCheckpointing
HKCR, exefile, NeverShowExt
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, PaRaY_VM
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, ConfigVir
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NviDiaGT
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, NarmonVirusAnti
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Run, AVManager
HKLM, SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, EnableLUA
HKLM, SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore
orang gila
wah napa msih g bisa tolong ajarin lagi ya…
k setelah klik knan trus install,,, trus di buka pkek apa…
wah,, thank’s buat mas HaCKER Community TAHU,,,
awal’y saya jg bingung,, kok system CMD, Dll, (Disable)
untung’y saya sempet baca posting mas,, jdi lebih yakin,, hehe,, thank’s all,,,
mas……… gmn nich file saya yg berformat .exe ga bs kebuka? setelah mw install notepadnya……… skrg sy mw hapus notepadnya jg gbs… tlg donk gmn normalin lg sistem komputer saya…………
sumpaaaaaah anjink loe yg bikin Buat Antivirus Penyerang File exe Secara manual……..