查杀威金残迹并免疫补丁[经典dos命令]

zoukankan html css js c++ java

查杀威金残迹并免疫补丁[经典dos命令]

reg delete HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability /v ShutdownStateSnapshot /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v zt /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v ms /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v fzg /f
reg delete HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /v {9D0351F9-8E49-4ed1-BBCE-0795F5B9F240} /f
reg delete "HKEY_USERS\S-1-5-21-2605889240-4013433242-1396700885-500\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v load /f
md %systemroot%\1.com
cacls %systemroot%\1.com /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\sws32.dll
cacls %systemroot%\sws32.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\kill.exe
cacls %systemroot%\kill.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

md %systemroot%\EXP10RER.com
cacls %systemroot%\10RER.com /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS

md %systemroot%\finders.com
cacls %systemroot%\finders.com /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Shell.sys
cacls %systemroot%\Shell.sys /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo_.exe
cacls %systemroot%\0Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo_.exe
cacls %systemroot%\0Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\1Sy.exe
cacls %systemroot%\1Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\2Sy.exe
cacls %systemroot%\2Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\3Sy.exe
cacls %systemroot%\3Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\4Sy.exe
cacls %systemroot%\4Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\5Sy.exe
cacls %systemroot%\5Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\6Sy.exe
cacls %systemroot%\6Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\7Sy.exe
cacls %systemroot%\7Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\8Sy.exe
cacls %systemroot%\8Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\9Sy.exe
cacls %systemroot%\9Sy.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\exerouter.exe
cacls %systemroot%\exerouter.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Logo1_.exe
cacls %systemroot%\Logo1_.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\rundl132.exe
cacls %systemroot%\rundl132.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\rundll32.exe
cacls %systemroot%\rundll32.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\smss.exe
cacls %systemroot%\smss.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\vDll.dll
cacls %systemroot%\vDll.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\Dll.dll
cacls %systemroot%\Dll.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\svhost32.exe"
cacls "C:\Program Files\svhost32.exe" /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Intel\rundll32.exe"
cacls "C:\Program Files\Intel\rundll32.exe" /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Intel\svhost32.exe"
cacls "C:\Program Files\Intel\svhost32.exe" /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md "C:\Program Files\Microsoft\svhost32.exe"
cacls "C:\Program Files\Microsoft\svhost32.exe" /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\richnotify.exe
cacls %systemroot%\system32\richnotify.exe /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\reshtm.dll
cacls %systemroot%\system32\reshtm.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\system32\resPro.dll
cacls %systemroot%\system32\resPro.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
md %systemroot%\stdie.dll
cacls %systemroot%\stdie.dll /T /E /C /R everyone ADMINISTRATORS ADMINISTRATOR SYSTEM GUEST USERS
del c:\_desktop.ini /f/s/q/a
del d:\_desktop.ini /f/s/q/a
del e:\_desktop.ini /f/s/q/a
del f:\_desktop.ini /f/s/q/a
del g:\_desktop.ini /f/s/q/a
del h:\_desktop.ini /f/s/q/a
del i:\_desktop.ini /f/s/q/a

查看全文

相关阅读:
【T-SQL】分布抽取部分数据
 【Tip】如何让引用的dll随附的xml注释文档、pdb调试库等文件不出现在项目输出目录中
 【手记】F5调试报"由于缺少调试目标xxx无法开始调试xxx设置OutputPath和AssemblyName"
【手记】未能从程序集System.Net.Http.Formatting中加载类型System.Net.Http.Formatting.FormUrlEncodedMediaTypeFormatter
摄影基础知识入门
 测试开发进阶必备（附源码）---Dubbo 接口测试技术
 App自动化之dom结构和元素定位方式的详细内容（不看后悔）
接口自动化测试 | JsonPath 与 Mustache 请求传参的模板化技术
 一文搞定自动化测试框架 RESTAssured 实践(三)：对 Response 结果导出
 一文搞定 REST Assured 实践(二)：断言实现

原文地址：https://www.cnblogs.com/hhq80/p/618631.html