查杀威金残迹并免疫补丁[经典dos命令]

reg delete HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability /v ShutdownStateSnapshot /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v zt /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v ms /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v fzg /f
reg delete HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete "HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
md %systemroot%\1.com
cacls %systemroot%\1.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\sws32.dll
cacls %systemroot%\sws32.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\kill.exe
cacls %systemroot%\kill.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

md %systemroot%\EXP10RER.com
cacls %systemroot%\10RER.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

md %systemroot%\finders.com
cacls %systemroot%\finders.com /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Shell.sys
cacls %systemroot%\Shell.sys /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo_.exe
cacls %systemroot%\0Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo_.exe
cacls %systemroot%\0Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\1Sy.exe
cacls %systemroot%\1Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\2Sy.exe
cacls %systemroot%\2Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\3Sy.exe
cacls %systemroot%\3Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\4Sy.exe
cacls %systemroot%\4Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\5Sy.exe
cacls %systemroot%\5Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\6Sy.exe
cacls %systemroot%\6Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\7Sy.exe
cacls %systemroot%\7Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\8Sy.exe
cacls %systemroot%\8Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\9Sy.exe
cacls %systemroot%\9Sy.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\exerouter.exe
cacls %systemroot%\exerouter.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo1_.exe
cacls %systemroot%\Logo1_.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\rundl132.exe
cacls %systemroot%\rundl132.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\rundll32.exe
cacls %systemroot%\rundll32.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\smss.exe
cacls %systemroot%\smss.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\vDll.dll
cacls %systemroot%\vDll.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Dll.dll
cacls %systemroot%\Dll.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\svhost32.exe"
cacls "C:\Program Files\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Intel\rundll32.exe"
cacls "C:\Program Files\Intel\rundll32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Intel\svhost32.exe"
cacls "C:\Program Files\Intel\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Microsoft\svhost32.exe"
cacls "C:\Program Files\Microsoft\svhost32.exe" /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\richnotify.exe
cacls %systemroot%\system32\richnotify.exe /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\reshtm.dll
cacls %systemroot%\system32\reshtm.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\resPro.dll
cacls %systemroot%\system32\resPro.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\stdie.dll
cacls %systemroot%\stdie.dll /T /E /C /R everyone  ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
del c:\_desktop.ini /f/s/q/a
del d:\_desktop.ini /f/s/q/a
del e:\_desktop.ini /f/s/q/a
del f:\_desktop.ini /f/s/q/a
del g:\_desktop.ini /f/s/q/a
del h:\_desktop.ini /f/s/q/a
del i:\_desktop.ini /f/s/q/a