Switches (English) – G3n-h@ckm@n Tools

Kill::All => Kills All non-vital processes

Kill::process.exe => Kills one or more specified process(es)

Key::[Key] => Deletes the key[Key]|Value => Deletes the value[Key]|value|REG_SZ|Data => Creates or modify chain Value[Key]|Value|REG_DWORD|Data => Creates or modify Dword Valueex of results :[Key]~[Value] : Data -> Set Successfully !

RegRead::[HKLM\…..etc….] => Reads the key, its values and the datas of values ( not recursively )

Info::Path\File => Will show file informations ( md5 , version , etc… ) of the file

List::Folder path => Lists a Folder

RecurseList::Folder path => Lists all the content of a folder recursively

File::File path => Quarantines a fileFolder path => Quarantines a folder

txt::c:\boot.ini => Lists the content of a text file ( c:\boot.ini in this example )

ADS::@C:\ProgramData\Temp => Deletes the ADS, If there’s more than one on a same folder , theyll be all deleted writing just the folder where they are

IP::Trace => Lists all active connections

IP::<IP adress> => Shows informations about the IP adress

cmd::Executes a command line or a complete batch file ( the last line must be ### )

netsvc::qidljedejq => Deletes the service of netsvcs ( services launched by svchost.exe. in this case its a rootkit )

Search::File => Searches every file with the same name in the computer and shows a informations about ( md5 , version , etc… )

Clean::yes => Disk cleaning of temporary files , etc…( If yes isn’t written , the command won’t work )

info::File path => shows a lot of informations about a file ( dates , modif , md5, copyright (if exists) , etc… )

tray::yes => Cleans the notification zone pour ne laisser que ceux des programmes actifs  ( If yes isnt written , the command won’t work )

Driver::qurkzwyz => Deletes the service , service/LEGACY keys if they are still present , and the file qurkzwyz.sys in C:\Windows\System32\Drivers Folder if present

backup::File path => Restores a file scripted by mistakeFolder path => Restores a folder scripted by mistake

Replace::C:\Winlogon.exe C:\Windows\System32\Winlogon.exe => will replace the 2nd file by the 1st at reboot , reboots the computer , if not , do it

Hosts::Reset => Resets hosts file

Task::<Task> => Deletes a task ( C:\Windows\System32\Tasks\***** | C:\Windows\Tasks\****.job)

Line::Path\File|Line or characters to delete => Deletes the line or characters in the filePath\File|Line or characters to modify|Line or characters modified => will replace Line or characters to modify by Line or characters modified in the file

Partager :

• X
• Facebook

J’aime chargement…