Friday, January 27, 2012

recycler virus killer!



post by uhackme
form myanmar hacking forum

က်ေနာ္ကေတာ.uhackme လို.အမည္ေျပာင္ေလးေပးထားပါတယ္ဗ်ာ....က်ေနာ္ကေတာ.
ေလ့လာေနဆဲလူတေယာက္ေပါ.ဗ်ားbasic အဆင္.ေလာက္ပါပဲ..........အခုက်ေနာ္သယ္ရင္းေတြ
ြကြန္ျပဴတာမွာrecycler virus ကိုက္တာမခံရေအာင္လို.ကုဒ္ေလးshare ေပးလိုက္ပါတယ္ဗ်ား...........
.(file name.bat)နဲ.save ျပီးအသံုးျပဳနိုင္ပါတယ္။...............
@echo Modified by uh4ckm3
path %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;
Color 1F
tskill bar311
tskill blastcln
tskill mveo
tskill password_viewer
tskill photos
tskill sscviihost
tskill services
tskill silentsoftech
tskill smss
tskill wscript
taskkill /f /im awkeygen.exe
taskkill /f /im boot.exe
taskkill /f /im calc.exe
taskkill /f /im ccprxy.exe
taskkill /f /im ctfmon.exe
taskkill /f /im exp1orer.exe
taskkill /f /im exiplorer.exe
taskkill /f /im "Funny UST Scandal.avi.exe"
taskkill /f /im iexp1ore.exe
taskkill /f /im iexplore.exe
taskkill /f /im iloveher.exe
taskkill /f /im jay.exe
taskkill /f /im killer.exe
taskkill /f /im knight.exe
taskkill /f /im krag.exe
taskkill /f /im ld.exe
taskkill /f /im netsvcs.exe
taskkill /f /im "new document.exe"
taskkill /f /im "new folder.exe"
taskkill /f /im pet32.exe
taskkill /f /im ravmone.exe
taskkill /f /im scvhosts.exe
taskkill /f /im scvshosts.exe
taskkill /f /im scvvhsot.exe
taskkill /f /im SecretStub.exe
taskkill /f /im spoclsv.exe
taskkill /f /im sscvihost.exe
taskkill /f /im svchosl.exe
taskkill /f /im svhost.exe
taskkill /f /im svhost32.exe
taskkill /f /im svohost.exe
taskkill /f /im svshost.exe
taskkill /f /im vhost.exe
taskkill /f /im wmiprvse.exe
Color 4F
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableRegistryTools /t REG_DWORD /d 0 /f > nul
REG add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableRegistryTools /t REG_DWORD /d 0 /f > nul
REG delete "HKCU\Software\BARRY" /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /t reg_sz /d "%SystemRoot%\system32\userinit.exe," /f >nul
REG delete "HKCU\Software\Microsoft\Command Processor" /v "autorun" /f >nul
REG delete "HKLM\Software\Microsoft\Command Processor" /v "autorun" /f >nul
echo.
rd /q /s c:\docume~1\admini~1\mydocu~1\ratedr~1
cd %userprofile%
del /f /a wintask.exe
cd..
cd alluse~1\startm~1\programs\startup
del /f /a lsass.exe
cd %userprofile%\startm~1\programs\startup
del /f /a ctfmon.exe
del startu~1.com
cd %userprofile%\applic~1\micros~1\intern~1\quickl~1
del intern~1.lnk
cd %userprofile%\locals~1\applic~1
del jalak-~1.com
rd /q /s dv6116~1
cd\docume~1\anggra~1\locals~1\applic~1
del jalak-~1.com
rd /q /s dv6156~1
cd\docume~1\locals~1\locals~1\applic~1
del jalak-~1.com
rd /q /s dv6191~1
rd /q /s dv6333~1
cd\docume~1\admini~1.use\locals~1\applic~1
del jalak-~1.com
rd /q /s dv6211~1
cd %userprofile%\locals~1\temp
del winlogon.exe
cd\progra~1\common~1\micros~1\msinfo
del /f /a c:\docume~1\admini~1\wintask.exe
del /f /a c:\docume~1\admini~1\templa~1\ld.exe
del /f /a c:\docume~1\admini~1\templa~1\ldup.exe
del /f /a c:\docume~1\admini~1\mydocu~1\myfold~1.com
del /f /a c:\docume~1\admini~1\mydocu~1\ratedr~1
del /f /a c:\docume~1\admini~1\mydocu~1\ratedr~1.com
del /f /a c:\docume~1\alluse~1\startm~1\programs\startup\dllhost.com
del /f /a exp1orer.exe
del /f /a noteped.exe
del /f /a redelbat.bat
del /f /a c:\aikelyu.html
del /f /a c:\iloveher.exe
del /f /a c:\SilentSoftecth.exe
del /f /a c:\FLEXLM\awkeygen.exe


del /f /a %windir%\_defau~1.pif
del /f /a %windir%\autorun.*
del /f /a %windir%\bar311.exe
del /f /a %windir%\FS6519.dll.vbs
del /f /a %windir%\funnyu~1.exe
del /f /a %windir%\iloveher.exe
del /f /a %windir%\infrom.dat
del /f /a %windir%\j6154022.exe
del /f /a %windir%\killer.exe
del /f /a %windir%\knight.exe
del /f /a %windir%\krag.exe
del /f /a %windir%\ld.exe
del /f /a %windir%\ldjs.txt
del /f /a %windir%\ldlist.txt
del /f /a %windir%\ldup.exe
del /f /a %windir%\lsass.exe
del /f /a %windir%\lsasse~1.exe
del /f /a %windir%\maskrider2001.vbs
del /f /a %windir%\mdm.exe
del /f /a %windir%\ms32dll.dll.vbs
del /f /a %windir%\ms.config`.exe
del /f /a %windir%\ntkros.dll
del /f /a %windir%\ntsys.exe
del /f /a %windir%\o4154027.exe
del /f /a %windir%\passwo~1.exe
del /f /a %windir%\pc-off.bat
del /f /a %windir%\photos~1.exe
del /f /a %windir%\ravmone.exe
del /f /a %windir%\scvvhsot.exe
del /f /a %windir%\services.exe
del /f /a %windir%\SecretStub.exe
del /f /a %windir%\smss.exe
del /f /a %windir%\sscviihost.exe
del /f /a %windir%\svchost.exe
del /f /a %windir%\svchost.ini
del /f /a %windir%\sy.exe
del /f /a %windir%\ttms*.dll.vbs
del /f /a %windir%\winlogon.exe
del /f /a %windir%\svhost.exe
del /f /a %windir%\svhost32.exe
del /f /a %windir%\system\111.exe
del /f /a %windir%\system\desktrukto.vbs
del /f /a %windir%\system\lsass.exe
del /f /a %windir%\system\svchosl.exe
del /f /a %windir%\system\svchost.exe
del /f /a %windir%\system\svchost32.exe
del /f /a %windir%\system\ymworm.exe
del /f /a %windir%\system32\__.*
del /f /a %windir%\system32\_exp1orer.exe
del /f /a %windir%\system32\_noteped.exe
del /f /a %windir%\system32\alecks.*
del /f /a %windir%\system32\autorun*.*
del /f /a %windir%\system32\amvo.exe
del /f /a %windir%\system32\amvo0.dll
del /f /a %windir%\system32\amvo1.dll
del /f /a %windir%\system32\avpo*.*
del /f /a %windir%\system32\azkaban.*
del /f /a %windir%\system32\blastclnnn.exe
del /f /a %windir%\system32\ccprxy.exe
del /f /a %windir%\system32\crss.exe
del /f /a %windir%\system32\destrukto.*
del /f /a %windir%\system32\dismgnt.exe
del /f /a %windir%\system32\dllhost.com
del /f /a %windir%\system32\dnscon70.dll
del /f /a %windir%\system32\exiplorer.exe
del /f /a %windir%\system32\explorer.vbs
del /f /a %windir%\system32\explorer.exe
del /f /a %windir%\system32\homepage.html
del /f /a %windir%\system32\imgkulot.*
del /f /a %windir%\system32\isass.exe
del /f /a %windir%\system32\kavo.exe
del /f /a %windir%\system32\kavo0.dll
del /f /a %windir%\system32\kavo1.dll
del /f /a %windir%\system32\kernel~1.vbs
del /f /a %windir%\system32\kernell.dll.vbs
del /f /a %windir%\system32\kulitut.*
del /f /a %windir%\system32\mgrShell.exe
del /f /a %windir%\system32\mma.bat
del /f /a %windir%\system32\mma.reg
del /f /a %windir%\system32\mma.vbs
del /f /a %windir%\system32\mstcpcon20.dll
del /f /a %windir%\system32\mveo.exe
del /f /a %windir%\system32\netmanage.dll
del /f /a %windir%\system32\netsvcs.exe
del /f /a %windir%\system32\netused.dll
del /f /a %windir%\system32\ntkros.dll
del /f /a %windir%\system32\ntsys.exe
del /f /a %windir%\system32\ofcpfwsvcs.exe
del /f /a %windir%\system32\S2pidwaraynon.html
del /f /a %windir%\system32\scvhost.exe
del /f /a %windir%\system32\scvhosts.exe
del /f /a %windir%\system32\scvshosts.exe
del /f /a %windir%\system32\scvvhsot.exe
del /f /a %windir%\system32\setting.ini
del /f /a %windir%\system32\silent~1.exe
del /f /a %windir%\system32\sscvihost.exe
del /f /a %windir%\system32\sscviihost.exe
del /f /a %windir%\system32\ssvichosst.exe
del /f /a %windir%\system32\svshost.exe
del /f /a %windir%\system32\svohost.exe
del /f /a %windir%\system32\test.*
del /f /a %windir%\system32\vhost.exe
del /f /a %windir%\system32\wincab.sys
del /f /a %windir%\system32\winkrnl.exe
del /f /a %windir%\system32\winscok.dll
del /f /a %windir%\system32\wmiprvse.exe
del /f /a %windir%\system32\wvcst.*
del /f /a %windir%\system32\x264~1.exe
del /f /a %windir%\system32\zllictbl.dat
del /f /a %windir%\system32\drivers\spoclsv.exe
rd /q /s %windir%\ac12594
rd /q /s %windir%\Ad22098
rd /q /s %windir%\an16554
rd /q /s %windir%\SY20118
rd /q /s %windir%\ugqe
del /f /a %windir%\setup\dllhost.com
rd /q /s %windir%\setup
rd /q /s %windir%\system\_sv_cmd_
rd /q /s %windir%\system32\n2847
rd /q /s %windir%\system32\n5619
rd /q /s %windir%\system32\n8127
rd /q /s %windir%\system32\s5421
rd /q /s %windir%\system32\s8787
rd /q /s %windir%\system32\s6939
rd /q /s %windir%\temp\_istmpi.dir
for %%i in (C D E F G H) do del /f /a %%i:\aikelyu.html
for %%i in (C D E F G H) do del /f /a %%i:\__.*
for %%i in (C D E F G H) do del /f /a %%i:\3g08.bat
for %%i in (C D E F G H) do del /f /a %%i:\3wcxx91.cmd
for %%i in (C D E F G H) do del /f /a %%i:\8ng8w.com
for %%i in (C D E F G H) do del /f /a %%i:\8ot8y86.exe
for %%i in (C D E F G H) do del /f /a %%i:\8u.com
for %%i in (C D E F G H) do del /f /a %%i:\adober.exe
for %%i in (C D E F G H) do del /f /a %%i:\alecks.*
for %%i in (C D E F G H) do del /f /a %%i:\autorun.*
for %%i in (C D E F G H) do del /f /a %%i:\azkaban.*
for %%i in (C D E F G H) do del /f /a %%i:\bacabr~1.txt
for %%i in (C D E F G H) do del /f /a %%i:\bar311.exe
for %%i in (C D E F G H) do del /f /a %%i:\boot.exe
for %%i in (C D E F G H) do del /f /a %%i:\copy.exe
for %%i in (C D E F G H) do del /f /a %%i:\d.com
for %%i in (C D E F G H) do del /f /a %%i:\desktop.exe
for %%i in (C D E F G H) do del /f /a %%i:\desktop.ini
for %%i in (C D E F G H) do del /f /a %%i:\destrukto.vbs
for %%i in (C D E F G H) do del /f /a %%i:\exiplorer.exe
for %%i in (C D E F G H) do del /f /a %%i:\exp1orer.exe
for %%i in (C D E F G H) do del /f /a %%i:\explorar.vbs
for %%i in (C D E F G H) do del /f /a %%i:\explorer.exe
for %%i in (C D E F G H) do del /f /a %%i:\folder.htt
for %%i in (C D E F G H) do del /f /a %%i:\funnyu~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\FS6519.dll.vbs
for %%i in (C D E F G H) do del /f /a %%i:\g2p3s.exe
for %%i in (C D E F G H) do del /f /a %%i:\gwe(i~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\h.cmd
for %%i in (C D E F G H) do del /f /a %%i:\h2.com
for %%i in (C D E F G H) do del /f /a %%i:\host.exe
for %%i in (C D E F G H) do del /f /a %%i:\iloveher.exe
for %%i in (C D E F G H) do del /f /a %%i:\ie.exe
for %%i in (C D E F G H) do del /f /a %%i:\imgkulot.*
for %%i in (C D E F G H) do del /f /a %%i:\infrom.exe
for %%i in (C D E F G H) do del /f /a %%i:\jay.exe
for %%i in (C D E F G H) do del /f /a %%i:\knight.exe
for %%i in (C D E F G H) do del /f /a %%i:\krag.exe
for %%i in (C D E F G H) do del /f /a %%i:\kragdor.log
for %%i in (C D E F G H) do del /f /a %%i:\kulitut.*
for %%i in (C D E F G H) do del /f /a %%i:\ldupver.txt
for %%i in (C D E F G H) do del /f /a %%i:\lsass.exe
for %%i in (C D E F G H) do del /f /a %%i:\maskrider2001.vbs
for %%i in (C D E F G H) do del /f /a %%i:\mma.bat
for %%i in (C D E F G H) do del /f /a %%i:\mma.reg
for %%i in (C D E F G H) do del /f /a %%i:\mma.vbs
for %%i in (C D E F G H) do del /f /a %%i:\MS32DLL.dll.vbs
for %%i in (C D E F G H) do del /f /a %%i:\msvcr71.dll
for %%i in (C D E F G H) do del /f /a %%i:\mswinsck.ocx
for %%i in (C D E F G H) do del /f /a %%i:\n1deiect.com
for %%i in (C D E F G H) do del /f /a %%i:\netsvcs.exe
for %%i in (C D E F G H) do del /f /a %%i:\newdoc~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\newfol~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\noteped.exe
for %%i in (C D E F G H) do del /f /a %%i:\ntde1ect.com
for %%i in (C D E F G H) do del /f /a %%i:\p3r1ud.exe
for %%i in (C D E F G H) do del /f /a %%i:\pet32.exe
for %%i in (C D E F G H) do del /f /a %%i:\poogs.vbs
for %%i in (C D E F G H) do del /f /a %%i:\pooh.vbs
for %%i in (C D E F G H) do del /f /a %%i:\ravmone.exe
for %%i in (C D E F G H) do del /f /a %%i:\ravmonlog
for %%i in (C D E F G H) do del /f /a %%i:\recycler.exe
for %%i in (C D E F G H) do del /f /a %%i:\rootfo~1.com
for %%i in (C D E F G H) do del /f /a %%i:\sender.vbs
for %%i in (C D E F G H) do del /f /a %%i:\sexvid~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\scvhsot.exe
for %%i in (C D E F G H) do del /f /a %%i:\scvvhsot.exe
for %%i in (C D E F G H) do del /f /a %%i:\silent~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\SilentSoftecth.exe
for %%i in (C D E F G H) do del /f /a %%i:\smss.exe
for %%i in (C D E F G H) do del /f /a %%i:\sqlserv.exe
for %%i in (C D E F G H) do del /f /a %%i:\SSCVIHOST.exe
for %%i in (C D E F G H) do del /f /a %%i:\SSCVIIHOST.exe
for %%i in (C D E F G H) do del /f /a %%i:\SSVICHOSST.exe
for %%i in (C D E F G H) do del /f /a %%i:\sxs.exe
for %%i in (C D E F G H) do del /f /a %%i:\t.exe
for %%i in (C D E F G H) do del /f /a %%i:\test.*
for %%i in (C D E F G H) do del /f /a %%i:\ttms*.dll.vbs
for %%i in (C D E F G H) do del /f /a %%i:\winconfig.dll.vbs
for %%i in (C D E F G H) do del /f /a %%i:\wsctf.exe
for %%i in (C D E F G H) do del /f /a %%i:\wvcst.*
for %%i in (C D E F G H) do del /f /a %%i:\x.com
for %%i in (C D E F G H) do del /f /a %%i:\xn1i9x.com
for %%i in (C D E F G H) do del /f /a %%i:\zelurm~1.exe
for %%i in (C D E F G H) do del /f /a %%i:\progra~1\intern~1\iexp1ore.exe
for %%i in (C D E F G H) do del /ah /ar /as %%i:\setup.exe
echo.
for %%i in (C D E F G H) do rd /q /s %%i:\$lddata$
for %%i in (C D E F G H) do rd /q /s %%i:\ms-dos
for %%i in (C D E F G H) do rd /q /s %%i:\ms.config
for %%i in (C D E F G H) do rd /q /s %%i:\msrm
for %%i in (C D E F G H) do rd /q /s %%i:\nt.config
for %%i in (C D E F G H) do rd /q /s %%i:\recycled
for %%i in (C D E F G H) do rd /q /s %%i:\rm
for %%i in (D E F G H) do rd /q /s %%i:\recycler\recycler
for %%i in (D E F G H) do rd /q /s %%i:\recycler
echo.
Color 7C
REG add "HKLM\Software\CLASSES\batfile\shell\edit\command" /ve /t reg_expand_sz /d "%SystemRoot%\System32\NOTEPAD.EXE %%1" /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t reg_sz /d "Explorer.exe" /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /t reg_sz /d "%SystemRoot%\system32\userinit.exe," /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeCaption" /t reg_sz /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "LegalNoticeText" /t reg_sz /f >nul

REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "Hidden" /f >nul
REG add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL" /v "CheckedValue" /t reg_dword /d 1 /f >nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableTaskMgr /t REG_DWORD /d 0 /f > nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 1 /f >nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFind /t REG_DWORD /d 0 /f > nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRun /t REG_DWORD /d 0 /f > nul
REG add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoRun /t REG_DWORD /d 0 /f > nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFolderOptions /t REG_DWORD /d 0 /f >nul
REG add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoFolderOptions /t REG_DWORD /d 0 /f >nul
REG add "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel" /v HomePage /t REG_DWORD /d 0 /f >nul
REG add "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d "http://www.google.com.ph/intl/en/" /f >nul
REM ----------------------------------------------------
REM [Hidden Value = [1 = Show, 2 = Hide Files (Default)]
REM ----------------------------------------------------
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t reg_dword /d 1 /f >nul
REM ---------------------------------------------------------------------
REM [ShowSupperHidden Value = [1 = Show, 0 = Hide System Files (Default)]
REM ---------------------------------------------------------------------
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSuperHidden" /t reg_dword /d 1 /f >nul
REG delete "HKLM\Software\Microsoft\Windows\CurrentVersion" /v "RegisteredOrganization" /f >nul
REG delete "HKLM\Software\Microsoft\Windows\CurrentVersion" /v "RegisteredOwner" /f >nul
REG delete "HKLM\Software\Microsoft\Windows\CurrentVersion" /v "ProductId" /f >nul
REG delete "HKLM\HARDWARE\DESCRIPTION\System\CentralProcessor\0" /v "ProcessorNameString" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /ve /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "{random}" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "ctfmon.exe" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "ampli" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "amva" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "avpa" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "ccPrxy.exe" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "Disk Knight" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "Explorer" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "EXPLORER.EXE" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "f1761gta" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "Firewall auto setup" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "FS6519" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "kava" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "krag" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "Local Security Authority Service" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "maskrider" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "ms32dll" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "MSConfig" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "MSPetServ" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "N2328c" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "nav_x" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "nav_x" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "OfcpfwSvcs.exe" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "RavAV" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "Runonce" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "S2pidwaraynon" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "scApp" /f
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "SilentSoftech" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "svchosl" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "svchost" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "svcshare" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "System File" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "Task Manager" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "winconfig" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "WindowNT" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "winlogon.exe" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "WinRun" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "wsctf.exe" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "y1860ace" /f >nul
REG delete HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v "Yahoo Messenger" /f >nul
REG delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v "Yahoo Messengger" /f >nul
REG delete "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /f >nul
REG delete "HKCU\Software\Microsoft\Internet Explorer\Main" /v "Window Title" /f >nul
REG delete "HKLM\SYSTEM\ControlSet001\Services\dnscon" /f >nul
REG delete "HKLM\SYSTEM\ControlSet001\Services\NetManager" /f >nul
REG delete "HKLM\SYSTEM\ControlSet001\Services\PmApiService" /f >nul
REG delete "HKLM\SYSTEM\ControlSet002\Services\dnscon" /f >nul
REG delete "HKLM\SYSTEM\ControlSet002\Services\NetManager" /f >nul
REG delete "HKLM\SYSTEM\ControlSet002\Services\PmApiService" /f >nul
REG delete "HKLM\SYSTEM\CurrentControlSet\Services\dnscon" /f >nul
REG delete "HKLM\SYSTEM\CurrentControlSet\Services\NetManager" /f >nul
REG delete "HKLM\SYSTEM\CurrentControlSet\Services\PmApiService" /f >nul
REG delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /v "N2328c" /f >nul
REG delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /v "N2373c" /f >nul
REG delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /v "PolicyRun" /f >nul
REG delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /v "y1860ace" /f >nul
REG delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run" /ve /f >nul
______________________________
Getting back the attributes.
______________________________
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSuperHidden" /t reg_dword /d 0 /f >nul
REG add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t reg_dword /d 2 /f >nul
REG add HCKU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "HideFileExt" /t reg_dword /d 1 /f >nul
echo.
msg %username% /w /time:15 VIRUSES HAS BEEN REMOVED!!!

ROCK FOREVER (MUSIC)

Pageviewers

CBOX

Manutd-Results

Label

Android (3) autorun (3) Backtrack (8) batch file (19) blogger (10) Botnet (2) browser (5) Brute Force (6) cafezee (2) cmd (5) Cookies (2) crack (12) Cracking (2) crypter (7) DDos (20) deepfreeze (4) defacing (1) defence (16) domain (4) Dos (9) downloader (4) ebomb (2) ebook (48) Exploit (26) firewall (3) game (2) gmail (11) google hack (16) Hacking Show (3) Hash (4) hosting (1) icon changer (1) ip adress (6) Keygen (1) keylogger (8) knowledge (67) locker (1) maintainence (8) network (17) news (31) other (35) passwoard viewer (7) password (12) Philosophy (6) Phishing (8) premium account (2) proxy (7) RAT (10) run commands (4) script (27) Shell code (10) shortcut Key (2) SMTP ports (1) social engineering (7) spammer (1) SQL Injection (30) Stealer.crack (5) tools (125) Tools Pack (4) tutorial (107) USB (3) virus (32) website (84) WiFi (4) word list (2)

Blogger templates

picoodle.com

Blogger news

Print Friendly and PDF

HOW IS MY SITE?

Powered by Blogger.

Blog Archive

Followers

About Me

My Photo
Hacking= intelligent+techonology+psychology