Thursday, May 29, 2008

task manager ngan registry edit tak leh bukak

macam macam la perangai hackers kat dunia ni... anto virus menyusahkan orang... ni salah satu effect dari virus diorang. sapa sapa yang takleh bukak dua mende nih, cubalah try apa yang aku kasik ni...

kalau takleh bukak registry, mula mula bukak notepad.exe,
pastu taip mende ni:

'Enable/Disable Registry Editing tools
'© Din jbq34 mirage tebabo - rev 05/02/08 - tiru omputeh nyer coding hehehe

Option Explicit

'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off dan on balik, atau restart pc" & vbCR & "kalau tak log off ngan restart pon ok gak kot"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools (regedit) dah "

'This section tries to read the registry key value. If not present an
'error is generated. Normal error return should be 0 if value is
'present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
'Create the registry key value for DisableRegistryTools with value 0
WSHShell.RegWrite p, 0, itemtype
End If

'If the key is present, or was created, it is toggled
'Confirmations can be disabled by commenting out
'the two MyBox lines below

If n = 0 Then
n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If


save as registry.vbs

kalu task manager pon disabled, pastu bukak notepad lagi, taip :


Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\]
"DisableTaskMgr"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DisableCAD"=dword:00000000



save as taskmanager.reg

ikut step dibawah, jgn langkah langkah
1.install updated antivirus tuk ilangkan kekacauan virus.
2.run registry.vbs utk ablekan regedit
3.run taskmanager.reg utk ablekan taskmanager

No comments: