Memanipulasi Registry
Windows
Seperti yang anda tau
Registry merupakan “jantungnya” Windows berbeda dengan OS Linux yang tidak
memakai Registry dan untuk orang-orang yang iseng seperti saya mungkin dan anda
setelah membaca artikel ini, Registry pada windows dapat dimanfaatkan untuk
dimanipulasi.
Registry pada Windows
terdapat di C:\Windows\system32\reg.r dan windows mempunyai tool untuk
mengeditnya yang bernama regedit di directory yang sama pula..Delphi mempunyai
Unit Registry yang dapat digunakan untuk menulis, mengganti, menghapus
registry-registry Windows, dengan delphi dan sediktit pengetahuan tentang
registry kita bisa melakukannya. Misalnya:
*Mendisable
TaskManager*
{tambahkan Registry
pada klause uses}
Procedure
TForm1.Form.Create(Sender:TObject);
var
reg:Registry;
Begin
reg:=TRegistry.Create;
Try
reg.RootKey:=HKEY_CURRENT_USER;
reg.OpenKey(‘\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System’,true);
reg.WriteInteger(‘DisableTaskMgr’,1);
reg1.CloseKey;
Finally
reg.free;
end;
end;
Agar Aplikasi jalan
saat window pertama aktip
User_key:[HKEY_LOCAL_MACHINE\Software\Microsoft\Wind
ows\CurrentVersion\Run
Name:String nama
applikasi{sperti contoh make virus with delphi
Type:REG_SZ(String_Value)
Value:
Disable TaskManager
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
System]
Name: DisableTaskMgr
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = disable Task Manager)
jika typenya DWORD
maka reg.writenya integer.
diatas adalah
Value2/nilai untuk mendisable TaskManger,anda juga bisa memanipulasi
value-value yang lain dengan melihatnya di Regedit tool yang penting adalah
parameter-parameternya…
anda tidak perlu
repot2 membuka regedit untuk melihat nilai-nilai yang lain saya saya sudah
merangkum sebagian nilai-nilai yang biasa di gunakan.kuarang baik apa saya coba
untuk pengunjung fajardelhpiscript,,he…nih:
Mendisable regedit
User Key:
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\
System]
Name:
DisableRegistryTools
Type: REG_DWORD
(DWORD Value)
Value: (0 = allow
regedit, 1 = disable regedit)
Menghilangkan “RUN”
dari Start Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoRun
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
Name:
IgnoreShiftOveride
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = ignore shift)
menDisable Taskbar
Context Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoTrayContextMenu
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
Menyembunyikan
subfolder Start Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoStartMenuSubFolders
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = enable restriction)
MEnghilangkan tombol
All Program dari start menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoStartMenuMorePrograms
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = disable button)
Disable kemampuan
klik kanan di Desktop
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoViewContextMenu
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
menDisable Task
Scheduler
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
Name: SchedulingAgent
Type: REG_SZ (String
Value)
Value: mstask.exe
Disablemen MS-DOS
Command Prompt
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
WinOldApp]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
WinOldApp]
Name: Disabled
Type: REG_DWORD
(DWORD Value)
Value: (0 = disable,
1 = enable)
menDisable Command
Prompt dan Batch Files
User Key:
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System]
Name: DisableCMD
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = disabled, 2 = disabled but allow batch)
Run Start up di
CMD(Command Prompt)
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor]
Name: AutoRun
Type: REG_SZ (String
Value)
Value: Command to
Execute
ex:AutoRun REG_SZ
“c:\batch\environ.bat”
kalau lebih dari satu
maka ?”command1 && command2?
menspesifikasi exe
file saat winlogon
System Key:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
Name: System
Type: REG_SZ (String
Value)
Value: (default =
lsass.exe)
menDisable Menu Bars
dan Start Button
ubah nama key dengan
mengganti “-” di atas GUID (i.e. {-5b4dae26-b807-11d0-9815-00c04fd91972}).
System Key:
[HKEY_CLASSES_ROOT\CLSID\{5b4dae26-b807-11d0-9815-00c04fd91972}]
Hide or Display
Administrative Tools Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\
Advanced]
Name:
StartMenuAdminTools
Type: REG_SZ (String
Value)
Value: Yes or No
menghilagkan
kemampuan klik kanan di start menu Button (All Windows)
Nilai manipulasi ini
akan kelihatan ketika user menekan klik kanan pada tombol start
untuk memilih Explore
atau Find.
key
[HKEY_CLASSES_ROOT\Directory\shell] kemudian nilai ’shell’ ganti menjadi
’shell.old’.
lakukan juga pada
key
[HKEY_CLASSES_ROOT\Folder\shell] dan ganti nilainya menjadi [...\shell.old].
menghilangkan Control
Panel, Printer dan Network Settings
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoSetFolders
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
menghilangkan setting
taskbar di start menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoSetTaskbar
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
menghilangkan tombol
logoff di start menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoLogOff
Type: REG_DWORD
(DWORD Value)
Value: (1 = no log
off, 0 = show log off)
Disable Drag-dan-Drop
di Start Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoChangeStartMenu
Type: REG_DWORD
(DWORD Value)
Value: (0 = disable
restriction, 1 = enable restriction)
menghilangkan Run
dari Start Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoRun
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
menghilangkan
“Search” dari Start Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoFind
Type: REG_DWORD
(DWORD Value)
Value: (0 = disabled,
1 = enabled)
MEnghilangkan Tray
Items dari Taskbar
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoTrayItemsDisplay
Type: REG_DWORD
(DWORD Value)
Value: (0 = default,
1 = enable restriction
Disable Folder
Options Menu
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoFolderOptions
Type: REG_DWORD
(DWORD Value)
Value: (0 = show
options, 1 = hide options)
Remove Properties
fromMy Computer
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name:
NoPropertiesMyComputer
Type: REG_DWORD
(DWORD Value)
Value: (0 =
Properties, 1 = No Properties)
menghilangkan semua
Items di the Desktop
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoDesktop
Type: REG_DWORD
(DWORD Value)
Value: (0 = disable
restriction, 1 = enabled restriction)
Disable Hotkeys
Windows
User Key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key:
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Name: NoWinKeys
Type: REG_DWORD
(DWORD Value)
Value: (0 = disable
restriction, 1 = enable restriction)
Peringatan HardDisk
penuh
System Key:
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\
Parameters]
Name:
DiskSpaceThreshold
Type: REG_DWORD
(DWORD Value)
Value: 0 – 99 percent
(Default is 10)
Author: Fajar Khairil · Published: May 10, 2009