VIP可享有论坛特权,免看广告,负分归零,重新加分开始!
「我要成为VIP」
| lcmmao27 发表于 2009-10-23 19:47 只看TA 56楼 |
|---|
|
olor 1b title 一键清理系统垃圾文件--原创:布衣技术联盟http://www.buyitx.com/bbs echo 正在清理系统垃圾文件,请稍等...... del /f /s /q %systemdrive%\*.tmp del /f /s /q %systemdrive%\*._mp del /f /s /q %systemdrive%\*.log del /f /s /q %systemdrive%\*.gid del /f /s /q %systemdrive%\*.chk del /f /s /q %systemdrive%\*.old del /f /s /q %systemdrive%\recycled\*.* del /f /s /q %windir%\*.bak del /f /s /q %windir%\prefetch\*.* rd /s /q %windir%\temp & md %windir%\temp del /f /q %userprofile%\cookies\*.* del /f /q %userprofile%\recent\*.* del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*" del /f /s /q "%userprofile%\Local Settings\Temp\*.*" del /f /s /q "%userprofile%\recent\*.*" cls echo 系统垃圾清理完成。 echo. & pause @echo off echo 正在清除系统LJ,请稍等...... del /f /s /q %systemdrive%\*.tmp del /f /s /q %systemdrive%\*._mp del /f /s /q %systemdrive%\*.log del /f /s /q %systemdrive%\*.gid del /f /s /q %systemdrive%\*.chk del /f /s /q %systemdrive%\*.old del /f /s /q %systemdrive%\recycled\*.* del /f /s /q %windir%\*.bak del /f /s /q %windir%\prefetch\*.* rd /s /q %windir%\temp & md %windir%\temp del /f /q %userprofile%\cookies\*.* del /f /q %userprofile%\recent\*.* del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*" del /f /s /q "%userprofile%\Local Settings\Temp\*.*" del /f /s /q "%userprofile%\recent\*.*" echo 清除系统LJ完成! echo. & pause @echo title SVCHOST病毒专杀 --原创:布衣技术联盟http://www.buyitx.com/bbs @echo echo. & pause @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo::停止正在运行的SXS.EXE和SVOHOST.EXE进程,请稍侯...... @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: TASKKILL /F /T /IM SXS.EXE TASKKILL /F /T /IM SVOHOST.EXE TASKKILL /F /T /IM ROSE.EXE @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo::恢复注册表中不给设置显示隐藏文件的项目,请稍侯 @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ECHO Windows Registry Editor Version 5.00>SHOWALL.reg ECHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]>>SHOWALL.reg ECHO "CheckedValue"=->>SHOWALL.reg ECHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]>>SHOWALL.reg ECHO "CheckedValue"=dword:00000001>>SHOWALL.reg @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo::删除系统目录下的SXS.EXE、SVOHOST.EXE和WINSCOK.DLL文件,请稍侯...... @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ATTRIB -R -H -S -A %SystemRoot%\System32\SXS.EXE ATTRIB -R -H -S -A %SystemRoot%\System32\SVOHOST.EXE ATTRIB -R -H -S -A %SystemRoot%\System32\WINSCOK.DLL DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\SXS.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\SVOHOST.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\WINSCOK.DLL ATTRIB -R -H -S -A %SystemRoot%\SXS.EXE ATTRIB -R -H -S -A %SystemRoot%\SVOHOST.EXE ATTRIB -R -H -S -A %SystemRoot%\WINSCOK.DLL DEL /F /Q /A -R -H -S -A %SystemRoot%\SXS.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\SVOHOST.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\WINSCOK.DLL ATTRIB -R -H -S -A %SystemRoot%\System\SXS.EXE ATTRIB -R -H -S -A %SystemRoot%\System\SVOHOST.EXE ATTRIB -R -H -S -A %SystemRoot%\System\WINSCOK.DLL DEL /F /Q /A -R -H -S -A %SystemRoot%\System\SXS.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System\SVOHOST.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System\WINSCOK.DLL ATTRIB -R -H -S -A %SystemRoot%\System32\dllcache\SXS.EXE ATTRIB -R -H -S -A %SystemRoot%\System32\dllcache\SVOHOST.EXE ATTRIB -R -H -S -A %SystemRoot%\System32\dllcache\WINSCOK.DLL DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\dllcache\SXS.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\dllcache\SVOHOST.EXE DEL /F /Q /A -R -H -S -A %SystemRoot%\System32\dllcache\WINSCOK.DLL @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo::删除每个分区下的SXS.EXE和AUTORUN.INF文件,请稍侯....... @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: FOR %%a IN ( C: D: E: F: G: H: I: J: K: L: M: N: O: P: Q: R: S: T: U: V: W: X: Y: Z: ) DO ATTRIB -R -H -S -A %%a\SXS.EXE & DEL /F /Q /A -R -H -S -A %%a\SXS.EXE & ATTRIB -R -H -S -A %%a\AUTORUN.INF & DEL /F /Q /A -R -H -S -A %%a\AUTORUN.INF @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: @echo::删除注册表中自启动项,请稍侯...... @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: echo. & pause echo. 双按任意健完成...... ECHO Windows Registry Editor Version 5.00>SoundMam.reg ECHO [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SoundMam]>>SoundMam.reg ECHO [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]>>SoundMam.reg ECHO "SoundMam"=->>SoundMam.reg REGEDIT /S SoundMam.reg DEL /F /Q SoundMam.reg REGEDIT /S SHOWALL.reg DEL /F /Q SHOWALL.reg pause>nul @echo off title 清除威金(logo_1,熊猫烧香)病毒最新变种工具...最后面请按任意健完成...... @echo 清除VIKING病毒最新变种工具 @echo ------------------------------------------------------- echo. & pause echo. 双按任意健完成...... pause>nul if exist %windir%\rundl132.exe echo ---病毒警报,发现有威金病毒 if exist %windir%\logo_1.exe echo ---病毒警报,发现有威金病毒 rem 杀viking进程 tskill logo_1 tskill rundl132 tskill zt tskill wow tskill logo1_ tskill Ravmon tskill Eghost tskill Mailmon tskill KAVPFW tskill IPARMOR tskill Ravmond taskkill /f /im 0sy.exe taskkill /f /im 1sy.exe taskkill /f /im 2sy.exe taskkill /f /im 3sy.exe taskkill /f /im 4sy.exe taskkill /f /im 5sy.exe taskkill /f /im 6sy.exe taskkill /f /im 7sy.exe taskkill /f /im 8sy.exe taskkill /f /im 9sy.exe title 删除木马 rem 删除木马 del d:\_desktop.ini /f/s/q/a del c:\Program Files\_desktop.ini del %Windir%\MickNew\MickNew.dll del %Windir%\MH_FILE\MH_DLL.dll del %Windir%\_desktop.ini del %Windir%\TODAYZTKING\TODAYZTKING.DLL attrib -h -r -s c:\go.exe del c:\go.exe del c:\setup.exe attrib -h -s -r c:\autorun.inf del c:\autorun.inf attrib -h -r -s d:\go.exe del d:\go.exe del d:\setup.exe attrib -h -s -r d:\autorun.inf del d:\autorun.inf del e:\setup.exe attrib -h -r -s e:\go.exe del e:\go.exe attrib -h -s -r e:\autorun.inf del e:\autorun.inf attrib -h -r -s f:\autorun.inf del f:\go.exe del f:\setup.exe attrib -h -s -r f:\autorun.inf del f:\autorun.inf attrib -h -r -s g:\go.exe del g:\go.exe del g:\setup.exe attrib -h -s -r g:\autorun.inf del g:\autorun.inf del h:\go.exe del h:\setup.exe attrib -h -s -r g:\autorun.inf del h:\autorun.inf del i:\go.exe attrib -h -s -r g:\autorun.inf del i:\autorun.inf del i:\setup.exe del j:\go.exe attrib -h -s -r g:\autorun.inf del j:\autorun.inf del j:\setup.exe del %windir%\system\Logo1_.exe del %windir%\rundl132.exe del %windir%\vDll.dll del %windir%\Dll.dll del %windir%\0Sy.exe del %windir%\1Sy.exe del %windir%\2Sy.exe del %windir%\3Sy.exe del %windir%\5Sy.exe del %windir%\1.com @echo ^_^ 报告老大,VIKING已经全都被处死 @echo 真累哈,再给你的系统免疫下,不需要的话请直接退出 pause title 免疫系统 echo > %windir%\Logo1_.exe echo > %windir%\rundl132.exe echo > %windir%\0Sy.exe echo > %windir%\vDll.dll echo > %windir%\1Sy.exe echo > %windir%\2Sy.exe echo > %windir%\rundll32.exe echo > %windir%\3Sy.exe echo > %windir%\5Sy.exe echo > %windir%\1.com echo > %windir%\exerouter.exe echo > %windir%\EXP10RER.com echo > %windir%\finders.com echo > %windir%\Shell.sys echo > %windir%\kill.exe echo > %windir%\sws.dll echo > %windir%\sws32.dll echo > %windir%\uninstall\rundl132.exe echo > %windir%\SVCHOST.exe echo > %windir%\WINLOGON.exe echo > %windir%\RUNDLL32.EXE echo > C:\"Program Files"\svchost.exe echo > C:\"Program Files"\"Internet Explorer"\svchost.exe echo > %windir%\Download\svchost.exe echo > %windir%\system32\wldll.dll echo. 双按任意健完成...... attrib %windir%\Logo1_.exe +s +r +h attrib %windir%\rundl132.exe +s +r +h attrib %windir%\0Sy.exe +s +r +h attrib %windir%\vDll.dll +s +r +h attrib %windir%\1Sy.exe +s +r +h attrib %windir%\2Sy.exe +s +r +h attrib %windir%\rundll32.exe +s +r +h attrib %windir%\3Sy.exe +s +r +h attrib %windir%\5Sy.exe +s +r +h attrib %windir%\1.com +s +r +h attrib %windir%\exerouter.exe +s +r +h attrib %windir%\EXP10RER.com +s +r +h attrib %windir%\finders.com +s +r +h attrib %windir%\Shell.sys +s +r +h attrib %windir%\kill.exe +s +r +h attrib %windir%\sws.dll +s +r +h attrib %windir%\sws32.dll +s +r +h attrib %windir%\uninstall\rundl132.exe +s +r +h attrib %windir%\SVCHOST.exe +s +r +h attrib %windir%\WINLOGON.exe +s +r +h attrib %windir%\RUNDLL32.EXE +s +r +h attrib C:\"Program Files"\svchost.exe +s +r +h attrib C:\"Program Files"\"Internet Explorer"\svchost.exe +s +r +h attrib %windir%\Download\svchost.exe +s +r +h attrib %windir%\system32\wldll.dll +s +r +h net share c$ /del net share d$ /del net share e$ /del net share f$ /del net share admin$ /del net share ipc$ /del cls @echo ------------------------------------- @echo viking已经全部被我杀完拉,哈,厉害吧 @echo 系统已经成功免疫! @echo 谢谢你的使用,请重启您的电脑! @echo ------------------------------------- pause title 禁止Viking病毒运行补丁.reg Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] "DisallowRun"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\DisallowRun] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun] "**delvals."=" " "1"="0Sy.exe" "2"="1.com" "3"="1Sy.exe" "4"="2Sy.exe" "5"="3Sy.exe" "6"="5Sy.exe" "7"="dll.dll" "8"="logo1_.exe" "9"="rundl132.exe" "10"="vdll.dll" @echo off @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: title 清除灰鸽子2.0 @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: copy c:\windows\system32\service.exe C:\service.exe c:\service -u GrayPigeonServer c:\service -u "Windows Update" attrib -R -A -S -H %Windir%\G.DLL del %Windir%\G.DLL attrib -R -A -S -H %Windir%\G.EXE del %Windir%\G.EXE attrib -R -A -S -H %Windir%\G_Hook.DLL del %Windir%\G_Hook.DLL attrib -R -A -S -H %Windir%\GKey.DLL del %Windir%\GKey.DLL pause @echo off @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: 冲击波专杀 @echo:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: pulist | finde "avserve">avserve.txt & for /f "tokens=2" %%i in(avserve.txt) do @pskill %%i attrib -r -s -h %systemroot%\system32\avserve.exe ---双按任意健完成 用我这个试试吧。清理垃圾并打上防威金病毒的补丁。 方法建立一个记事本,把上面内容复制过去,保存为清理垃圾.bat |
| 0 |