Meister. Example010 0 Report post Posted June 26, 2007 Sape2 yg tk dapat bukak registry, aku leh bagi sorce code untuk cpp..#include <windows.h> /* Declare Windows procedure */ int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument, int nFunsterStil) { HKEY hkey,hkeyB; RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\policies\\system",0,KEY_SET_VALUE,&hkey); RegOpenKeyEx(HKEY_CURRENT_USER,"Software\\Microsoft\\Windows\\CurrentVersion\\policies\\system",0,KEY_SET_VALUE,&hkeyB); RegDeleteValue(hkey,"NoFolderOptions"); RegDeleteValue(hkeyB,"DisableRegistryTools"); RegCloseKey(hkey); RegCloseKey(hkeyB); DeleteFile("C:\\WINDOWS\\lsass.exe "); DeleteFile("C:\\WINDOWS\\system32\\boot.exe "); return 0; } Quote Share this post Link to post Share on other sites
nocturnal 7 Report post Posted June 26, 2007 mana dapat key ni? Quote Share this post Link to post Share on other sites
Meister. Example010 0 Report post Posted June 26, 2007 aku amek basic die kat rohitab.com.. Pastu aku modified ikut keperluan nak buang virus tu.. Quote Share this post Link to post Share on other sites
kecik-88 4 Report post Posted June 26, 2007 (edited) apesal ko punye source code ko tue panjang sangat...??baik pakai yang nie..copy kat bawah nie dan paste kat kotak run...REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /ftak pon gune jer Group policy lagi senang... Edited June 26, 2007 by kecik-88 Quote Share this post Link to post Share on other sites
Meister. Example010 0 Report post Posted June 26, 2007 apesal ko punye source code ko tue panjang sangat...??baik pakai yang nie..copy kat bawah nie dan paste kat kotak run...tak pon gune jer Group policy lagi senang...wah.. aku akn tngglkn source code panjang tu, sejak ko reply.. Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted June 27, 2007 (edited) apesal ko punye source code ko tue panjang sangat...??Code yg Meister. Example010 bagi tu bukan jer enable balik regedit, tp jugak enable balik folder option dan delete file C:\WINDOWS\lsass.exe C:\WINDOWS\system32\boot.exeTu yg panjang skit tu.. Edited June 27, 2007 by johnburn Quote Share this post Link to post Share on other sites
class_sick 3 Report post Posted June 27, 2007 C:\WINDOWS\lsass.exeC:\WINDOWS\system32\boot.exenie file2 virus ker?Code yg bro meister bg tu leh guna utk setelkan seme mslh regedit,folder option ker?ker nak kena tgk jenis virus gak? Quote Share this post Link to post Share on other sites
diamondclow 0 Report post Posted June 27, 2007 copy paste dlm notepad pastu save dlm ext ape??.reg atau .bat atau lain2??ps: aku baru blajar basic je... tp paham la bace kod tu... huhu~@class_sickdier enablekan balik folder option ngan regedit akibat dr perlakuan virus tu dgn delete registry utk disablekan function regedit Quote Share this post Link to post Share on other sites
nocturnal 7 Report post Posted June 27, 2007 C:\WINDOWS\lsass.exeC:\WINDOWS\system32\boot.exenie file2 virus ker?ha`ahtapi dalam normal situation file windows pun mcm tu gak. Quote Share this post Link to post Share on other sites
MenCaRi 10 Report post Posted June 28, 2007 bagus ni..mekaasihbertambah skill aku Quote Share this post Link to post Share on other sites
kecik-88 4 Report post Posted July 1, 2007 Code yg Meister. Example010 bagi tu bukan jer enable balik regedit, tp jugak enable balik folder option dan delete file C:\WINDOWS\lsass.exe C:\WINDOWS\system32\boot.exeTu yg panjang skit tu..ohh..aku paham lar...time kasih johnburn...aku igat kan nak bukak registry jer... Quote Share this post Link to post Share on other sites
PinguSpy 3 Report post Posted July 1, 2007 lorr........ x silap aku microspy dpt sourcecode windows setelah bermain dgn regeditso banyak2 lah buat kajian dgn reg library Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted July 1, 2007 lorr........ x silap aku microspy dpt sourcecode windows setelah bermain dgn regeditso banyak2 lah buat kajian dgn reg libraryBtol tu..Best sbenarnye godek2 registry nih..Tp, kene la hati2, silap2 takleh bukak trus PC.. Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted July 2, 2007 thanks bagi source code tu.. bertambah lagi ilmu aku.. hehehe..aku tumpang tanya, korang guna compiler apa untuk compile source code tu? aku guna micros0ft visual studio 6 xleh ahh plak... Quote Share this post Link to post Share on other sites
dukun 0 Report post Posted July 2, 2007 dah dapat code nie, camana nak gunakan?paste di run ker? Quote Share this post Link to post Share on other sites
PinguSpy 3 Report post Posted July 2, 2007 tampal dl note pad lepastu hiden.... ntah aku teka Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted July 2, 2007 ko kena compile jadik file *.exe dulu.. aku dah try guna guna micros0ft visual studio 6, xbleh compile ahh plak, ada error masa nak execute.. mungkin kalau compile guna dev c++ xder masalah kot.. p/s: mungkin ada yang xtahu.. *.cpp tu adalah file bahasa c++ atau c.. sekian.. Quote Share this post Link to post Share on other sites
ApoNie 0 Report post Posted July 2, 2007 aku dah test, leh compile dan execute kalau guna dev c++ compiler.. kalau nak download, nie link dia http://sourceforge.net/project/downloading...mirror=optusnet Quote Share this post Link to post Share on other sites
dukun 0 Report post Posted July 3, 2007 o, kena guna c++ ker?kod yang boleh tampal jer di notepad ader tak? Quote Share this post Link to post Share on other sites
Meister. Example010 0 Report post Posted July 3, 2007 sorry.. aku lame tak online.. paling senang nak gune and paling free n bagus gune dev c++.. pastu kat new project, pilih windows application.. ko plih c++, and bubuh name program ko.. pastu, ko padam sume.. pastu paste code yg aku bagi.. siap..ubah suai je code yag registry tu utk yg lain.. just ubah yg tu je utk registry.. kalau ade probs, tanye je.. aku akan reply.. aku bagi code sebab nak kite same2 blaja code tu.. kalau bagi trus yg .exe, nanti tak dapat blaja pape... selain blaja code, dapat gak blaja registry.. tak gitu.. Jom kite same2 ubah suai code tu nak.. kite tengok sape wat yg best.. Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted July 3, 2007 Ni antare registry value yg biase diubah oleh virus..HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System >> DisableTaskMgr HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NotoolBarsOnTaskBar HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoFileMenu HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoShellSearchButton HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoFind HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoRun HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoTrayItemsDisplay HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL >>CheckedValue HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon >> DisableCAD HKCU\Software\Policies\Microsoft\Windows\System >> DisableCMD HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoControlPanel HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer >> NoControlPanel Quote Share this post Link to post Share on other sites
dukun 0 Report post Posted July 3, 2007 ok, bila virus dah ubah registry tu, camana nak betulkan balik? kalau boleh secara manual.. Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted July 3, 2007 ok, bila virus dah ubah registry tu, camana nak betulkan balik? kalau boleh secara manual..Ko masuk registry editor (Start >> Run >> regedit)Pastu pegi la kat registry2 value kat atas tu..Pastu ubah la..Sume tu REG_DWORD, maknenye nilai dia samada 0 atau 1.Cnth:DisableTaskMgr >> jike nilai dia 1, task manager disable. Jike nilai die 0, task manager enable. Quote Share this post Link to post Share on other sites
kecik-88 4 Report post Posted July 3, 2007 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon >> DisableCADjohnburn nak tanye yang kat atas nie DisableCAD untuk aper...?? Quote Share this post Link to post Share on other sites
johnburn 6 Report post Posted July 3, 2007 johnburn nak tanye yang kat atas nie DisableCAD untuk aper...??http://www.visualautomation.com/comprod/secure6/disablec.htm Quote Share this post Link to post Share on other sites