绿色安全批量创建病毒假体防毒法
以下方法比较绿色,呵呵,通过创建假的病毒文件,并设置加强权限,致使病毒无法创建,从而达到防病毒的目的。(针对ARP 流行病毒等。)批量创建病毒假体【绿色防毒】
md c:\ntldr.exe
md c:\pagefile.pif
md c:\Pegefile.pif
md c:\OSO.exe
md c:\auto.bat
md c:\mplay.pif
md c:\sxs.exe
md c:\GameSetup.exe
md C:\WINDOWS\system32\drivers\nvmini.sys
md C:\WINDOWS\system32\drivers\Arp8023.sys
cacls "C:\WINDOWS\system32\drivers\nvmini.sys" /e /t /d everyone
cacls "C:\WINDOWS\system32\drivers\Arp8023.sys" /e /t /d everyone
md d:\ntldr.exe
md d:\pagefile.pif
md d:\Pegefile.pif
md d:\OSO.exe
md d:\auto.bat
md d:\mplay.pif
md d:\sxs.exe
md d:\GameSetup.exe
md e:\ntldr.exe
md e:\pagefile.pif
md e:\Pegefile.pif
md e:\OSO.exe
md e:\auto.bat
md e:\mplay.pif
md e:\sxs.exe
md e:\GameSetup.exe
md f:\ntldr.exe
md f:\pagefile.pif
md f:\Pegefile.pif
md f:\OSO.exe
md f:\auto.bat
md f:\mplay.pif
md f:\sxs.exe
md f:\GameSetup.exe
attrib c:\ntldr.exe +r +h +s
attrib c:\pagefile.pif +r +h +s
attrib c:\Pegefile.pif +r +h +s
attrib c:\OSO.exe +r +h +s
attrib c:\auto.bat +r +h +s
attrib c:\mplay.pif +r +h +s
attrib c:\GameSetup.exe +r +h +s
attrib c:\sxs.exe +r +h +s
attrib c:\Pegefile.pif +r +h +s
attrib d:\ntldr.exe +r +h +s
attrib d:\pagefile.pif +r +h +s
attrib d:\Pegefile.pif +r +h +s
attrib d:\OSO.exe +r +h +s
attrib d:\auto.bat +r +h +s
attrib d:\mplay.pif +r +h +s
attrib d:\GameSetup.exe +r +h +s
attrib d:\sxs.exe +r +h +s
attrib d:\Pegefile.pif +r +h +s
attrib e:\ntldr.exe +r +h +s
attrib e:\pagefile.pif +r +h +s
attrib e:\Pegefile.pif +r +h +s
attrib e:\OSO.exe +r +h +s
attrib e:\auto.bat +r +h +s
attrib e:\mplay.pif +r +h +s
attrib e:\GameSetup.exe +r +h +s
attrib e:\sxs.exe +r +h +s
attrib e:\Pegefile.pif +r +h +s
attrib f:\ntldr.exe +r +h +s
attrib f:\pagefile.pif +r +h +s
attrib f:\Pegefile.pif +r +h +s
attrib f:\OSO.exe +r +h +s
attrib f:\auto.bat +r +h +s
attrib f:\mplay.pif +r +h +s
attrib f:\GameSetup.exe +r +h +s
attrib f:\sxs.exe +r +h +s
attrib f:\Pegefile.pif +r +h +s
cacls "c:\ntldr.exe" /e /t /d everyone
cacls "c:\pagefile.pif" /e /t /d everyone
cacls "c:\OSO.exe" /e /t /d everyone
cacls "c:\auto.bat " /e /t /d everyone
cacls "c:\mplay.pif" /e /t /d everyone
cacls "c:\GameSetup.exe" /e /t /d everyone.
cacls "c:\sxs.exe" /e /t /d everyone
cacls "c:\Pegefile.pif" /e /t /d everyone
cacls "d:\ntldr.exe" /e /t /d everyone
cacls "d:\pagefile.pif" /e /t /d everyone
cacls "d:\OSO.exe" /e /t /d everyone
cacls "d:\auto.bat " /e /t /d everyone
cacls "d:\mplay.pif" /e /t /d everyone
cacls "d:\GameSetup.exe" /e /t /d everyone.
cacls "d:\sxs.exe" /e /t /d everyone
cacls "d:\Pegefile.pif" /e /t /d everyone
cacls "e:\ntldr.exe" /e /t /d everyone
cacls "e:\pagefile.pif" /e /t /d everyone
cacls "e:\OSO.exe" /e /t /d everyone
cacls "e:\auto.bat " /e /t /d everyone
cacls "e:\mplay.pif" /e /t /d everyone
cacls "e:\GameSetup.exe" /e /t /d everyone.
cacls "e:\sxs.exe" /e /t /d everyone
cacls "e:\Pegefile.pif" /e /t /d everyone.
cacls "f:\ntldr.exe" /e /t /d everyone
cacls "f:\pagefile.pif" /e /t /d everyone
cacls "f:\OSO.exe" /e /t /d everyone
cacls "f:\auto.bat " /e /t /d everyone
cacls "f:\mplay.pif" /e /t /d everyone
cacls "f:\GameSetup.exe" /e /t /d everyone.
cacls "f:\sxs.exe" /e /t /d everyone
cacls "f:\Pegefile.pif" /e /t /d everyone
md c:\auto.exe
md d:\auto.exe
md e:\auto.exe
md f:\auto.exe
attrib c:\auto.exe +r +h +s
attrib d:\auto.exe +r +h +s
attrib e:\auto.exe +r +h +s
attrib f:\auto.exe +r +h +s
cacls c:\auto.exe /e /t /d everyone
cacls d:\auto.exe /e /t /d everyone
cacls e:\auto.exe /e /t /d everyone
cacls f:\auto.exe /e /t /d everyone
echo y|cacls c:\windows\system32\userinit.exe /g everyone:r
md c:\windows\system32\usrinit.exe
cacls c:\windows\system32\usrinit.exe /e /t /d everyone
md "C:\Program Files\conime0.exe"
cacls "C:\Program Files\conime0.exe" /e /t /d everyone
md "c:\windows\system32\IGW.exe"
cacls "c:\windows\system32\IGW.exe" /e /t /d everyone
md "c:\windows\system32\vml.exe"
cacls "c:\windows\system32\vml.exe" /e /t /d everyone
md C:\WINDOWS\system32\Com\smss.exe
cacls "C:\WINDOWS\system32\Com\smss.exe" /e /t /d everyone
md C:\WINDOWS\system32\Com\lsass.exe
cacls "C:\WINDOWS\system32\Com\lsass.exe" /e /t /d everyone
md "c:\windows\system32\swchost.exe"
cacls "c:\windows\system32\swchost.exe" /e /t /d everyone
md "c:\windows\system32\533931MM.DLL"
cacls "c:\windows\system32\533931MM.DLL" /e /t /d everyone
md "c:\windows\system32\533931WL.DLL"
cacls "c:\windows\system32\533931WL.DLL" /e /t /d everyone
md "c:\windows\system32\533931WO.DLL"
cacls "c:\windows\system32\533931WO.DLL" /e /t /d everyone
md C:\WINDOWS\SWCHOST.EXE
md C:\WINDOWS\SYSTEM32\DRIVERS\SCVHOST.EXE
md c:\WINDOWS\AVPSrv.exe >nul 2>nul
md c:\WINDOWS\DiskMan32.exe >nul 2>nul
md c:\WINDOWS\IGM.exe >nul 2>nul
md c:\WINDOWS\Kvsc3.exe >nul 2>nul
md c:\WINDOWS\lqvytv.exe >nul 2>nul
md c:\WINDOWS\MsIMMs32.exe >nul 2>nul
md c:\WINDOWS\system32\3CEBCAF.EXE >nul 2>nul
md %windir%\system32\drivers\svchost.exe >nul 2>nul
md c:\WINDOWS\system32\a.exe >nul 2>nul
md c:\WINDOWS\upxdnd.exe >nul 2>nul
md c:\WINDOWS\WinForm.exe >nul 2>nul
md c:\WINDOWS\system32\rsjzbpm.dll >nul 2>nul
md c:\WINDOWS\system32\racvsvc.exe >nul 2>nul
md c:\WINDOWS\cmdbcs.exe >nul 2>nul
md c:\WINDOWS\dbghlp32.exe >nul 2>nul
md c:\WINDOWS\nvdispdrv.exe >nul 2>nul
md c:\WINDOWS\system32\cmdbcs.dll >nul 2>nul
md c:\WINDOWS\system32\dbghlp32.dll >nul 2>nul
md c:\WINDOWS\system32\upxdnd.dll >nul 2>nul
md c:\WINDOWS\system32\yfmtdiouaf.dll >nul 2>nul
md C:\WINDOWS\SYSTEM32\Drivers\PCIHDD.SYS >nul 2>nul
echo y|cacls.exe c:\WINDOWS\AVPSrv.exe /d everyone >nul 1>nul
echo y|cacls.exe %windir%\system32\drivers\svchost.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\DiskMan32.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\IGM.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\Kvsc3.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\lqvytv.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\MsIMMs32.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\3CEBCAF.EXE /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\a.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\upxdnd.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\WinForm.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\rsjzbpm.dll /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\racvsvc.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\cmdbcs.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\dbghlp32.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\nvdispdrv.exe /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\cmdbcs.dll /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\dbghlp32.dll /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\upxdnd.dll /d everyone >nul 1>nul
echo y|cacls.exe c:\WINDOWS\system32\yfmtdiouaf.dll /d everyone >nul 1>nul
echo y|cacls C:\WINDOWS\SYSTEM32\Drivers\PCIHDD.SYS /p everyone:n >nul 1>nul
echo reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IGM.EXE" /v debugger /t reg_sz /d debugfile.exe /f
echo gpupdate
@echo off
:: 去掉权限
echo y|cacls c:\autorun.inf /c /p everyone:f
echo y|cacls d:\autorun.inf /c /p everyone:f
echo y|cacls e:\autorun.inf /c /p everyone:f
echo y|cacls f:\autorun.inf /c /p everyone:f
echo y|cacls g:\autorun.inf /c /p everyone:f
echo y|cacls c:\setup.exe /c /p everyone:f
echo y|cacls d:\setup.exe /c /p everyone:f
echo y|cacls e:\setup.exe /c /p everyone:f
echo y|cacls f:\setup.exe /c /p everyone:f
echo y|cacls g:\setup.exe /c /p everyone:f
echo y|cacls c:\windows\crasos.exe /c /p everyone:f
echo y|cacls c:\windows\system32\mswsock30.dll /c /p everyone:f
echo y|cacls c:\windows\system32\msxos.dll /c /p everyone:f
echo y|cacls c:\windows\system32\tmp.zip /c /p everyone:f
echo y|cacls c:\windows\system32\maindownloadselfinfo.tmp /c /p everyone:f
echo y|cacls c:\windows\system32\wsp_fix.dll /c /p everyone:f
echo y|cacls c:\windows\system32\win_std32.dll /c /p everyone:f
echo y|cacls c:\windows\system32\shell32_cn.dll /c /p everyone:f
echo y|cacls c:\windows\system32\seh_dbg.dll /c /p everyone:f
echo y|cacls c:\windows\system32\msspi.dll /c /p everyone:f
转截请注明:文章来自 pc捍卫者 http://www.pchwz.com
本站发布此文为传递更多信息之目的,不表明pc捍卫者赞同其观点
