四招彻底防御所有感染exe文件的病毒!修正了非保护盘被感染的问题!
四招彻底防御LOGO1,熊猫等所有感染EXE文件的病毒!
资料完全来源于网盟,本人只是综合了网盟多位朋友的资料。本网吧已经用该方案快一个月了,没出现任何感染情况。彻底防御LOGO1,熊猫病毒,尼姆亚病毒,所有感染EXE的病毒。望版主置顶两天,送给被该类病毒折磨的朋友。望做母盘的朋友都用上。 修正资料在154楼!!!!!!!!!!!!!!!!! 第一步:制作免疫补丁(P处理内容) echo > c:\windows\Logo1.exe echo > c:\windows\Logo_1.exe echo > c:\windows\Logo1_1.exe echo > c:\windows\Logo1_.exe echo > c:\windows\0Sy.exe echo > c:\windows\1Sy.exe echo > c:\windows\2Sy.exe echo > c:\windows\3Sy.exe echo > c:\windows\4Sy.exe echo > c:\windows\5Sy.exe echo > c:\windows\6Sy.exe echo > c:\windows\7Sy.exe echo > c:\windows\8Sy.exe echo > c:\windows\9Sy.exe echo > c:\windows\1.com echo > c:\windows\rundll32.exe echo > c:\windows\rundl132.exe echo > c:\windows\vDll.dll echo > c:\windows\exerouter.exe echo > c:\windows\EXP10RER.com echo > c:\windows\finders.com echo > c:\windows\Shell.sys echo > c:\windows\smss.exe echo > c:\windows\kill.exe echo > c:\windows\sws.dll echo > c:\windows\sws32.dll echo > c:\windows\tool.exe echo > c:\windows\tool2005.exe echo > c:\windows\tool2006.exe echo > c:\windows\tools.exe echo > c:\windows\finders.exe attrib c:\windows\Logo1.exe +s +r +h attrib c:\windows\Logo_1.exe +s +r +h attrib c:\windows\Logo1_1.exe +s +r +h attrib c:\windows\Logo1_.exe +s +r +h attrib c:\windows\0Sy.exe +s +r +h attrib c:\windows\1Sy.exe +s +r +h attrib c:\windows\2Sy.exe +s +r +h attrib c:\windows\3Sy.exe +s +r +h attrib c:\windows\4Sy.exe +s +r +h attrib c:\windows\5Sy.exe +s +r +h attrib c:\windows\6Sy.exe +s +r +h attrib c:\windows\7Sy.exe +s +r +h attrib c:\windows\8Sy.exe +s +r +h attrib c:\windows\9Sy.exe +s +r +h attrib c:\windows\1.com +s +r +h attrib c:\windows\rundl132.exe +s +r +h attrib c:\windows\rundll32.exe +s +r +h attrib c:\windows\vDll.dll +s +r +h attrib c:\windows\exerouter.exe +s +r +h attrib c:\windows\EXP10RER.com +s +r +h attrib c:\windows\finders.com +s +r +h attrib c:\windows\Shell.sys +s +r +h attrib c:\windows\smss.exe +s +r +h attrib c:\windows\kill.exe +s +r +h attrib c:\windows\sws.dll +s +r +h attrib c:\windows\sws32.dll +s +r +h attrib c:\windows\tool.exe +s +r +h attrib c:\windows\tool2005.exe +s +r +h attrib c:\windows\tool2006.exe +s +r +h attrib c:\windows\tools.exe +s +r +h attrib c:\windows\finders.exe +s +r +h ================================================================== 第二步:巩固免疫补丁,禁止免疫补丁运行。(注册表内容) Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\本地 User\Software\Microsoft\Windows\CurrentVersion\Policies\ Explorer\DisallowRun] "**delvals."=" " "1"="Logo1.exe" "2"="Logo_1.exe" "3"="Logo1_1.exe" "4"="Logo1_.exe" "5"="0Sy.exe" "6"="1Sy.exe" "7"="2Sy.exe" "8"="3Sy.exe" "9"="4Sy.exe" "10"="5Sy.exe" "11"="6Sy.exe" "12"="7Sy.exe" "13"="8Sy.exe" "14"="9Sy.exe" "15"="1.com" "16"="rundll32.exe" "17"="rundl132.exe" "18"="vDll.dll" "19"="exerouter.exe" "20"="EXP10RER.com" "21"="finders.com" "22"="Shell.sys" "23"="smss.exe" "24"="kill.exe" "25"="sws.dll" "26"="sws32.dll" "27"="tool.exe" "28"="tool2005.exe" "29"="tool2006.exe" "30"="tools.exe" "31"="finders.exe" =============================================== 第三步,加强系统自身安全性(P处理内容) @echo off echo 程序运行中...... echo y|cacls e:\ /p everyone:r echo y|cacls f:\ /p everyone:r (P处理内容说明:禁止在E盘,F盘跟目录下创建任何文件及文件夹) =========================================================== 第四步:增强文件权限安全,防止病毒感染(P处理内容) e: cd e:\netgames cacls *.exe /t /e /g /everyone:r cacls *.exe /t /e /p /everyone:r cacls *.dll /t /e /g /everyone:r cacls *.dll /t /e /p /everyone:r (P处理内容说明:该批处理会把e:\netgames文件夹下所有的exe和dll文件属性设为只读,同步更新软件会复制文件的只读属性,文件在只读状态下无法修改和保存,但不影响更新和删除(服务器上也必须做这一步) 附:有人问了,用了第三步,那管理员要在其盘符下创建文件夹怎么办?不用着急,运行下面的P处理就解决了。 @echo off echo 程序运行中...... echo y|cacls e:\ /g everyone:f echo y|cacls f:\ /g everyone:f |
所有时间均为北京时间。现在的时间是 02:42 PM。 |
©2003-2024 1819.net All rights reserved.