zoukankan      html  css  js  c++  java
  • 查杀威金残迹并免疫补丁[经典dos命令]

    reg delete HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
    reg delete "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
    reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
    reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability /v ShutdownStateSnapshot /f
    reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v zt /f
    reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v ms /f
    reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v fzg /f
    reg delete HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
    reg delete "HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
    md %systemroot%\1.com
    cacls %systemroot%\1.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\sws32.dll
    cacls %systemroot%\sws32.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\kill.exe
    cacls %systemroot%\kill.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

    md %systemroot%\EXP10RER.com
    cacls %systemroot%\10RER.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

    md %systemroot%\finders.com
    cacls %systemroot%\finders.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\Shell.sys
    cacls %systemroot%\Shell.sys /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\Logo_.exe
    cacls %systemroot%\0Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\Logo_.exe
    cacls %systemroot%\0Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\1Sy.exe
    cacls %systemroot%\1Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\2Sy.exe
    cacls %systemroot%\2Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\3Sy.exe
    cacls %systemroot%\3Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\4Sy.exe
    cacls %systemroot%\4Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\5Sy.exe
    cacls %systemroot%\5Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\6Sy.exe
    cacls %systemroot%\6Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\7Sy.exe
    cacls %systemroot%\7Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\8Sy.exe
    cacls %systemroot%\8Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\9Sy.exe
    cacls %systemroot%\9Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\exerouter.exe
    cacls %systemroot%\exerouter.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\Logo1_.exe
    cacls %systemroot%\Logo1_.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\rundl132.exe
    cacls %systemroot%\rundl132.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\rundll32.exe
    cacls %systemroot%\rundll32.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\smss.exe
    cacls %systemroot%\smss.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\vDll.dll
    cacls %systemroot%\vDll.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\Dll.dll
    cacls %systemroot%\Dll.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md "C:\Program Files\svhost32.exe"
    cacls "C:\Program Files\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md "C:\Program Files\Intel\rundll32.exe"
    cacls "C:\Program Files\Intel\rundll32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md "C:\Program Files\Intel\svhost32.exe"
    cacls "C:\Program Files\Intel\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md "C:\Program Files\Microsoft\svhost32.exe"
    cacls "C:\Program Files\Microsoft\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\system32\richnotify.exe
    cacls %systemroot%\system32\richnotify.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\system32\reshtm.dll
    cacls %systemroot%\system32\reshtm.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\system32\resPro.dll
    cacls %systemroot%\system32\resPro.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    md %systemroot%\stdie.dll
    cacls %systemroot%\stdie.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
    del c:\_desktop.ini /f/s/q/a
    del d:\_desktop.ini /f/s/q/a
    del e:\_desktop.ini /f/s/q/a
    del f:\_desktop.ini /f/s/q/a
    del g:\_desktop.ini /f/s/q/a
    del h:\_desktop.ini /f/s/q/a
    del i:\_desktop.ini /f/s/q/a

  • 相关阅读:
    【T-SQL】分布抽取部分数据
    【Tip】如何让引用的dll随附的xml注释文档、pdb调试库等文件不出现在项目输出目录中
    【手记】F5调试报"由于缺少调试目标xxx无法开始调试xxx设置OutputPath和AssemblyName"
    【手记】未能从程序集System.Net.Http.Formatting中加载类型System.Net.Http.Formatting.FormUrlEncodedMediaTypeFormatter
    摄影基础知识入门
    测试开发进阶必备(附源码)---Dubbo 接口测试技术
    App自动化之dom结构和元素定位方式的详细内容(不看后悔)
    接口自动化测试 | JsonPath 与 Mustache 请求传参的模板化技术
    一文搞定自动化测试框架 RESTAssured 实践(三):对 Response 结果导出
    一文搞定 REST Assured 实践(二):断言实现
  • 原文地址:https://www.cnblogs.com/hhq80/p/618631.html
Copyright © 2011-2022 走看看