系统维护(原)

         前段时间两位可怜姐姐的电脑都被病毒袭击了,那惨样系统维护(原) - 黑暗力量 - 小男生的博客

         不提了,现在进入正题。
         首先:“开始”——“运行”输入“net stop server”然后回车,如果提示有其他服务一并关闭,直接输入“y”然后回车。

          然后把下面的内容:

md %systemroot%\1.com
attrib +r +s +h +a %systemroot%\1.com
cacls %systemroot%\1.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\sws32.dll
attrib +r +s +h +a %systemroot%\sws32.dll
cacls %systemroot%\sws32.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\kill.exe
attrib +r +s +h +a %systemroot%\kill.exe
cacls %systemroot%\kill.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\EXP10RER.com
attrib +r +s +h +a %systemroot%\EXP10RER.com
cacls %systemroot%\EXP10RER.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\finders.com
attrib +r +s +h +a %systemroot%\finders.com
cacls %systemroot%\finders.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\finder.com
attrib +r +s +h +a %systemroot%\finder.com
cacls %systemroot%\finder.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\Shell.sys
attrib +r +s +h +a %systemroot%\Shell.sys
cacls %systemroot%\Shell.sys /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\0Sy.exe
attrib +r +s +h +a %systemroot%\0Sy.exe
cacls %systemroot%\0Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\1Sy.exe
attrib +r +s +h +a %systemroot%\1Sy.exe
cacls %systemroot%\1Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\2Sy.exe
attrib +r +s +h +a %systemroot%\2Sy.exe
cacls %systemroot%\2Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\3Sy.exe
attrib +r +s +h +a %systemroot%\3Sy.exe
cacls %systemroot%\3Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\4Sy.exe
attrib +r +s +h +a %systemroot%\4Sy.exe
cacls %systemroot%\4Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\5Sy.exe
attrib +r +s +h +a %systemroot%\5Sy.exe
cacls %systemroot%\5Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\6Sy.exe
attrib +r +s +h +a %systemroot%\6Sy.exe
cacls %systemroot%\6Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\7Sy.exe
attrib +r +s +h +a %systemroot%\7Sy.exe
cacls %systemroot%\7Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\8Sy.exe
attrib +r +s +h +a %systemroot%\8Sy.exe
cacls %systemroot%\8Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\9Sy.exe
attrib +r +s +h +a %systemroot%\9Sy.exe
cacls %systemroot%\9Sy.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\exerouter.exe
attrib +r +s +h +a %systemroot%\exerouter.exe
cacls %systemroot%\exerouter.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\Logo1_.exe
attrib +r +s +h +a %systemroot%\Logo1_.exe
cacls %systemroot%\Logo1_.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\rundl132.exe
attrib +r +s +h +a %systemroot%\rundl132.exe
cacls %systemroot%\rundl132.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\rundll32.exe
attrib +r +s +h +a %systemroot%\rundll32.exe
cacls %systemroot%\rundll32.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\rundll.exe
attrib +r +s +h +a %systemroot%\rundll.exe
cacls %systemroot%\rundll.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\rundll.com
attrib +r +s +h +a %systemroot%\rundll.com
cacls %systemroot%\rundll.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\rundll32.com
attrib +r +s +h +a %systemroot%\rundll32.com
cacls %systemroot%\rundll32.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\smss.exe
attrib +r +s +h +a %systemroot%\smss.exe
cacls %systemroot%\smss.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\smss.com
attrib +r +s +h +a %systemroot%\smss.com
cacls %systemroot%\smss.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\vDll.dll
attrib +r +s +h +a %systemroot%\vDll.dll
cacls %systemroot%\vDll.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\Dll.dll
attrib +r +s +h +a %systemroot%\Dll.dll
cacls %systemroot%\Dll.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\command.pif
attrib +r +s +h +a %systemroot%\command.pif
cacls %systemroot%\command.pif /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\~tmp5199.exe
attrib +r +s +h +a %systemroot%\~tmp5199.exe
cacls %systemroot%\~tmp5199.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\EXERT.EXE
attrib +r +s +h +a %systemroot%\EXERT.EXE
cacls %systemroot%\EXERT.EXE /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\regedit.scr
attrib +r +s +h +a %systemroot%\regedit.scr
cacls %systemroot%\regedit.scr /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\logo1.exe
attrib +r +s +h +a %systemroot%\logo1.exe
cacls %systemroot%\logo1.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\logo_1.exe
attrib +r +s +h +a %systemroot%\logo_1.exe
cacls %systemroot%\logo_1.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\winampa.exe
attrib +r +s +h +a %systemroot%\winampa.exe
cacls %systemroot%\winampa.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\command\rundll32.exe
attrib +r +s +h +a %systemroot%\command\rundll32.exe
cacls %systemroot%\command\rundll32.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\svhost32.exe"
attrib +r +s +h +a "C:\Program Files\svhost32.exe"
cacls "C:\Program Files\svhost32.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Intel\rundll32.exe"
attrib +r +s +h +a "C:\Program Files\Intel\rundll32.exe"
cacls "C:\Program Files\Intel\rundll32.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Intel\svhost32.exe"
attrib +r +s +h +a "C:\Program Files\Intel\svhost32.exe"
cacls "C:\Program Files\Intel\svhost32.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Microsoft\svhost32.exe"
attrib +r +s +h +a "C:\Program Files\Microsoft\svhost32.exe"
cacls "C:\Program Files\Microsoft\svhost32.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Common Files\IEXPLORE.com"
attrib +r +s +h +a "C:\Program Files\Common Files\IEXPLORE.com"
cacls "C:\Program Files\Common Files\IEXPLORE.com" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\richnotify.exe
attrib +r +s +h +a %systemroot%\system32\richnotify.exe
cacls %systemroot%\system32\richnotify.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\Ravdm.exe
attrib +r +s +h +a %systemroot%\system32\Ravdm.exe
cacls %systemroot%\system32\Ravdm.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\mskey16.dll
attrib +r +s +h +a %systemroot%\system32\mskey16.dll
cacls %systemroot%\system32\mskey16.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\Realplayer.exe
attrib +r +s +h +a %systemroot%\system32\Realplayer.exe
cacls %systemroot%\system32\Realplayer.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\reshtm.dll
attrib +r +s +h +a %systemroot%\system32\reshtm.dll
cacls %systemroot%\system32\reshtm.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\resPro.dll
attrib +r +s +h +a %systemroot%\system32\resPro.dll
cacls %systemroot%\system32\resPro.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\stdie.dll
attrib +r +s +h +a %systemroot%\stdie.dll
cacls %systemroot%\stdie.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\3721"
attrib +r +s +h +a "C:\Program Files\3721"
cacls "C:\Program Files\3721" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\baidu"
attrib +r +s +h +a "C:\Program Files\baidu"
cacls "C:\Program Files\baidu" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\CNNIC"
attrib +r +s +h +a "C:\Program Files\CNNIC"
cacls "C:\Program Files\CNNIC" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\HDP"
attrib +r +s +h +a "C:\Program Files\HDP"
cacls "C:\Program Files\HDP" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\MMSAssist"
attrib +r +s +h +a "C:\Program Files\MMSAssist"
cacls "C:\Program Files\MMSAssist" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\p4p"
attrib +r +s +h +a "C:\Program Files\p4p"
cacls "C:\Program Files\p4p" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Yayad"
attrib +r +s +h +a "C:\Program Files\Yayad"
cacls "C:\Program Files\Yayad" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Yahoo!\Assistant"
attrib +r +s +h +a "C:\Program Files\Yahoo!\Assistant"
cacls "C:\Program Files\Yahoo!\Assistant" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Common Files\INTEXPLORE.pif"
attrib +r +s +h +a "C:\Program Files\Common Files\INTEXPLORE.pif"
cacls "C:\Program Files\Common Files\INTEXPLORE.pif" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Common Files\IE-bar"
attrib +r +s +h +a "C:\Program Files\Common Files\IE-bar"
cacls "C:\Program Files\Common Files\IE-bar" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Common Files\Sogou PXP"
attrib +r +s +h +a "C:\Program Files\Common Files\Sogou PXP"
cacls "C:\Program Files\Common Files\Sogou PXP" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Documents and Settings\user\Local Settings\Temp\temp0010.exe"
attrib +r +s +h +a "C:\Documents and Settings\user\Local Settings\Temp\temp0010.exe"
cacls "C:\Documents and Settings\user\Local Settings\Temp\temp0010.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Documents and Settings\user\Local Settings\Temp\g0ld.com"
attrib +r +s +h +a "C:\Documents and Settings\user\Local Settings\Temp\g0ld.com"
cacls "C:\Documents and Settings\user\Local Settings\Temp\g0ld.com" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Documents and Settings\user\Local Settings\Temp\2hujh.dll"
attrib +r +s +h +a "C:\Documents and Settings\user\Local Settings\Temp\2hujh.dll"
cacls "C:\Documents and Settings\user\Local Settings\Temp\2hujh.dll" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Documents and Settings\user\Local Settings\Temp\uprar.exe"
attrib +r +s +h +a "C:\Documents and Settings\user\Local Settings\Temp\uprar.exe"
cacls "C:\Documents and Settings\user\Local Settings\Temp\uprar.exe" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Internet Explorer\IEXPLORE.com"
attrib +r +s +h +a "C:\Program Files\Internet Explorer\IEXPLORE.com"
cacls "C:\Program Files\Internet Explorer\IEXPLORE.com" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md "C:\Program Files\Internet Explorer\INTEXPLORE.com"
attrib +r +s +h +a "C:\Program Files\Internet Explorer\INTEXPLORE.com"
cacls "C:\Program Files\Internet Explorer\INTEXPLORE.com" /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\command.pif
attrib +r +s +h +a %systemroot%\system32\command.pif
cacls %systemroot%\system32\command.pif /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\albus.dat
attrib +r +s +h +a %systemroot%\system32\albus.dat
cacls %systemroot%\system32\albus.dat /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\sysapis.dll
attrib +r +s +h +a %systemroot%\system32\sysapis.dll
cacls %systemroot%\system32\sysapis.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\drivers\Albus.SYS
attrib +r +s +h +a %systemroot%\system32\drivers\Albus.SYS
cacls %systemroot%\system32\drivers\Albus.SYS /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\drivers\rinld.sys
attrib +r +s +h +a %systemroot%\system32\drivers\rinld.sys
cacls %systemroot%\system32\drivers\rinld.sys /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\intel\rundll32.exe
attrib +r +s +h +a %systemroot%\intel\rundll32.exe
cacls %systemroot%\intel\rundll32.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\cs.exe
attrib +r +s +h +a %systemroot%\system32\cs.exe
cacls %systemroot%\system32\cs.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\dxdiag.com
attrib +r +s +h +a %systemroot%\system32\dxdiag.com
cacls %systemroot%\system32\dxdiag.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\mh.exe
attrib +r +s +h +a %systemroot%\system32\mh.exe
cacls %systemroot%\system32\mh.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\MSCONFIG.COM
attrib +r +s +h +a %systemroot%\system32\MSCONFIG.COM
cacls %systemroot%\system32\MSCONFIG.COM /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\msdll.dll
attrib +r +s +h +a %systemroot%\system32\msdll.dll
cacls %systemroot%\system32\msdll.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\regedit.com
attrib +r +s +h +a %systemroot%\system32\regedit.com
cacls %systemroot%\system32\regedit.com /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\RX.EXE
attrib +r +s +h +a %systemroot%\system32\RX.EXE
cacls %systemroot%\system32\RX.EXE /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\sc.exe
attrib +r +s +h +a %systemroot%\system32\sc.exe
cacls %systemroot%\system32\sc.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\tdll.dll
attrib +r +s +h +a %systemroot%\system32\tdll.dll
cacls %systemroot%\system32\tdll.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\wow.exe
attrib +r +s +h +a %systemroot%\system32\wow.exe
cacls %systemroot%\system32\wow.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\ztdll.dll
attrib +r +s +h +a %systemroot%\system32\ztdll.dll
cacls %systemroot%\system32\ztdll.dll /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

md %systemroot%\system32\mswdm.exe
attrib +r +s +h +a %systemroot%\system32\mswdm.exe
cacls %systemroot%\system32\mswdm.exe /T /E /C /R EVERYONE ADMINISTRATORS SYSTEM GUEST USERS USER

pause

          上面的代码能够一定程度抵御病毒和木马的袭击,看得懂的自己研究,我不解释。

          将代码复制到记事本中,存为批处理文件(就是后缀名bat),然后运行保存的文件就OK了。

          最后安装几个常用的安全软件,

           奇虎360安全卫士       下载

            谷歌工具栏                下载

           谷歌工具栏不用介绍,奇虎安全卫士的操作如下:

            1.查杀木马。

                         系统维护(原) - 黑暗力量 - 小男生的博客

          2.清理恶意插件。

                         系统维护(原) - 黑暗力量 - 小男生的博客

           3.修补系统漏洞。

                         系统维护(原) - 黑暗力量 - 小男生的博客

            3.开启实时保护。

                         系统维护(原) - 黑暗力量 - 小男生的博客

         

最后给大家推荐两个观察进程的安全工具:Process Explorer (这个有汉化版,随处可见) 

                                                                   IceSword             (安全焦点有下载

最后奉劝大家不要用什么杀毒软件,装杀软,浪费不少硬件资源,简直费神。我最反感那东西。自己搞搞研究,做个免杀还不错,普通用户没那必要,

                                                                                                                                

发表评论