Jump to content

My whitehat U3 payload


remkow

Recommended Posts

Since all current payloads are kinda grey/blackhat, I thought I'd make a whitehat one. This payload does some small security fixes, removes temporary files and such, speeds up windows, and does a check for spyware and viruses.

It's still very small, and I am planning to add more stuff to it, with some help and suggestions of you guys :D .

Features:

- Removes all traces from the Switchblade/Hacksaw

- Disables CDrom autorun

- Disables LM hashes

- Disables anonymous access

- Disables the clearing of the pagefile at shutdown

- Sets prefetch to cache both normal and system files

- Disables the thing which shows when a file was last accessed. This increases the overall speed of windows

- Deletes temporary files

- Updates antivirus, and then scans for viruses and spyware

- Scans for rootkits

- Performs a chkdsk to repair any damage to the HDD

- Defragments the C: drive

- Creates a system restore point

Download:

Mirror 1

Mirror 2

Mirror 3 OLD FILE by Spartain X

Wiki page

Sorry for the large file, but that's the antivirus/antispyware component.

Link to comment
Share on other sites

Guest Twilight Zone

It's great.I work with 30 non-techy peoples and clean computers for them,this is for mass actions.Howewer,is it posible to remove chkdsk and defragments the C: drive ? it's takes too much time and I think in most cases unnesessary.

Link to comment
Share on other sites

  • 2 months later...

Is there anyway to make it so that this is not hidden? I really like this antidote but everything is so hidden and I am not sure why. I would actually like some sort of progress bar myself. But if it would at least show a console window with the output I would be happy. I tried to dump the dir to my desktop but it disappeared. Revealing hidden files does not work and so I just deleted it using linux. Being so hidden makes me feel as though something underhanded is going on here. I want it to be a useful tool with progress easily seen so I know how long to leave it in and such.

Any help would be much appreciated

Link to comment
Share on other sites

You also have to enable `view system files and folders` in order to view the files. You can then just edit the go.cmd and see there is nothing scary going on. I think I will add a progress thingie along with it, like you said, which shows what task it is performing, and which are done.. stay tuned :D

Link to comment
Share on other sites

  • 2 weeks later...

any idea why I might not be able to autorun this USBAntidote on my laptop? I enabled autorun and reinstalled U3 and it autoruns. But when I use Antidote it does not. If I right click on the faux cdrom and choose autorun it does nothing. If I click on the vbe script it does nothing but if I click on go.cmd it does run.

Does anyone have a way to see whats in the encrypted vbe on the iso so I can see whats going on? I am really a n00b to this but could there be something on my laptop that won't run vbe's or somthing like that preventing it from autorunning? I have take no action to stop it from running. This is a Dell Lattitude D620.

So anyway I would love to get a peak at the vbe and also would like to know why I can't autorun the antidote or any cutom payload.

P.S. For reference I ran the hacked lpinstaller for sandisk as I have a cruzer. I then copied over the payload to the root dir of the flash drive. Pop it in and nada. I tried the lpinstaller from all the different payloads thinking that maybe the one I initially used was corrupt but nothing. Although I can reinstall U3 and it works "perfectly".

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...