Switches (English)

Kill::
All => Kills All non-vital processes

Kill::
process.exe => Kills one or more specified process(es)

Key::
[Key] => Deletes the key
[Key]|Value => Deletes the value
[Key]|value|REG_SZ|Data => Creates or modify chain Value
[Key]|Value|REG_DWORD|Data => Creates or modify Dword Value
ex of results :
[Key]~[Value] : Data -> Set Successfully !

RegRead::
[HKLM\…..etc….] => Reads the key, its values and the datas of values ( not recursively )

Info::
Path\File => Will show file informations ( md5 , version , etc… ) of the file

List::
Folder path => Lists a Folder

RecurseList::
Folder path => Lists all the content of a folder recursively

File::
File path => Quarantines a file
Folder path => Quarantines a folder

txt::
c:\boot.ini => Lists the content of a text file ( c:\boot.ini in this example )

ADS::
@C:\ProgramData\Temp => Deletes the ADS, If there’s more than one on a same folder , theyll be all deleted writing just the folder where they are

IP::
Trace => Lists all active connections

IP::
<IP adress> => Shows informations about the IP adress

cmd::
Executes a command line or a complete batch file ( the last line must be ### )

netsvc::
qidljedejq => Deletes the service of netsvcs ( services launched by svchost.exe. in this case its a rootkit )

Search::
File => Searches every file with the same name in the computer and shows a informations about ( md5 , version , etc… )

Clean::
yes => Disk cleaning of temporary files , etc…( If yes isn’t written , the command won’t work )

info::
File path => shows a lot of informations about a file ( dates , modif , md5, copyright (if exists) , etc… )

tray::
yes => Cleans the notification zone pour ne laisser que ceux des programmes actifs  ( If yes isnt written , the command won’t work )

Driver::
qurkzwyz => Deletes the service , service/LEGACY keys if they are still present , and the file qurkzwyz.sys in C:\Windows\System32\Drivers Folder if present

backup::
File path => Restores a file scripted by mistake
Folder path => Restores a folder scripted by mistake

Replace::
C:\Winlogon.exe C:\Windows\System32\Winlogon.exe => will replace the 2nd file by the 1st at reboot , reboots the computer , if not , do it

Hosts::
Reset => Resets hosts file

Task::
<Task> => Deletes a task ( C:\Windows\System32\Tasks\***** | C:\Windows\Tasks\****.job)

Line::
Path\File|Line or characters to delete => Deletes the line or characters in the file
Path\File|Line or characters to modify|Line or characters modified => will replace Line or characters to modify by Line or characters modified in the file

Site Web créé avec WordPress.com.

Retour en haut ↑

%d blogueurs aiment cette page :