|
|
Seite 2 
zurück - Seite 1 - Avenger
Beispiel: Logfile of The Avenger version 1, by Swandog46 Beginning to process script file: File C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00001.dll deleted successfully. File C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00001.exe deleted successfully. Completed script processing.
Program C:\HJT\HijackThis.exe successfully set up to run once on reboot. http://swandog46.geekstogo.com/avenger2/cmd1.html # Comment: # Files to delete: # Files to replace with dummy: # Files to move: # Folders to delete: # Registry keys to delete: # Registry keys to replace with dummy: # Registry values to delete: # Registry values to replace with dummy: # Programs to launch on reboot: # Drivers to delete: # Drivers to disable Beispiel: Driver S0 vaxjutbm;vaxjutbm;C:\WINDOWS\system32\ drivers\kndhhjek.sys [] The Service name is also the name of the subkey under HKLM\System\CurrentControlSet\Services. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_VAXJUTBM http://swandog46.geekstogo.com/avenger2/tutorial.html http://swandog46.geekstogo.com/avengernotes.htm |
Suchbegriff eingeben:
Benutzerdefinierte Suche
Files to delete: c:\windows\system32\badfile.dll %windir%\system32\badfile2.dll %systemdrive%\somefile.ext Files to replace with dummy: D:\somefile.ext FILES TO MOVE: C:\SOMESOURCEFILE | c:\somedestinationfile "C:\SOMESOURCEFILE" | "c:\somedestinationfile" Folders to Delete: C:\somefolder registry keys to delete: hklm\software\badkey hkey_local_machine\system\currentcontrolset\key registry keys to replace with dummy: hku\.default\somebadkey hklm\software\some long key name registry values to delete: HKEY_USERS\.default\badkey | somebadvalue Registry values to replace with dummy: HKLM\SomeKeyPath\Blah\Blah|somevalue programs to launch on reboot: %systemdrive%\mybatch.bat Drivers to disable: vaxjutbm Drivers to delete: vaxjutbm |
