IGM病毒专杀_GoldenMoon

查看文章

IGM病毒专杀

2007-11-14 16:27

将以下内容复制，保存为.bat文件，双击即可执行：

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IGM.EXE" /v debugger /t reg_sz /d debugfile.exe /f
del c:\IGM.EXE/f/s/q/a

taskkill /f /im igw.exe
taskkill /f /im igm.exe
del c:\igw.exe /f/s/q/a
copy nul c:\windows\igw.exe
attrib c:\windows\igw.exe +s +h +r
taskkill /f /im igm.exe
del c:\igm.exe /f/s/q/a
copy nul c:\windows\igm.exe
attrib c:\windows\igm.exe +s +h +r
taskkill /f /im serdst.exe
del c:\serdst.exe /f/s/q/a
deltree /y C:\WINDOWS\system32\serdst.exe
copy nul C:\WINDOWS\system32\serdst.exe
attrib C:\WINDOWS\system32\serdst.exe +s +h +r
taskkill /f /im swchost.exe
del c:\swchost.exe /f/s/q/a
copy nul C:\WINDOWS\swchost.exe
attrib C:\WINDOWS\swchost.exe +s +h +r
echo y|cacls c:\windows\igm.exe /d everyone:n
echo y|cacls c:\windows\igw.exe /d everyone:n
echo y|cacls c:\windows\swchost.exe /d everyone:n
echo y|cacls C:\WINDOWS\system32\serdst.exe /d everyone:n
echo 127.0.0.1 http://www.8jee.com/ >>%systemroot%\system32\drivers\etc\hosts

md c:\WINDOWS\AVPSrv.exe >nul 2>nul

md c:\WINDOWS\DiskMan32.exe >nul 2>nul

md c:\WINDOWS\IGM.exe >nul 2>nul

md c:\WINDOWS\Kvsc3.exe >nul 2>nul

md c:\WINDOWS\lqvytv.exe >nul 2>nul

md c:\WINDOWS\MsIMMs32.exe >nul 2>nul

md c:\WINDOWS\system32\3CEBCAF.EXE >nul 2>nul

md %windir%\system32\drivers\svchost.exe >nul 2>nul

md c:\WINDOWS\system32\a.exe >nul 2>nul

md c:\WINDOWS\upxdnd.exe >nul 2>nul

md c:\WINDOWS\WinForm.exe >nul 2>nul

md c:\WINDOWS\system32\rsjzbpm.dll >nul 2>nul

md c:\WINDOWS\system32\racvsvc.exe >nul 2>nul

md c:\WINDOWS\cmdbcs.exe >nul 2>nul

md c:\WINDOWS\dbghlp32.exe >nul 2>nul

md c:\WINDOWS\nvdispdrv.exe >nul 2>nul

md c:\WINDOWS\system32\cmdbcs.dll >nul 2>nul

md c:\WINDOWS\system32\dbghlp32.dll >nul 2>nul

md c:\WINDOWS\system32\upxdnd.dll >nul 2>nul

md c:\WINDOWS\system32\yfmtdiouaf.dll >nul 2>nul

echo y|cacls.exe c:\WINDOWS\AVPSrv.exe /d everyone >nul 1>nul

echo y|cacls.exe %windir%\system32\drivers\svchost.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\DiskMan32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\IGM.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\Kvsc3.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\lqvytv.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\MsIMMs32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\3CEBCAF.EXE /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\a.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\upxdnd.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\WinForm.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\rsjzbpm.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\racvsvc.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\cmdbcs.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\dbghlp32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\nvdispdrv.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\cmdbcs.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\dbghlp32.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\upxdnd.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\yfmtdiouaf.dll /d everyone >nul 1>nul

echo reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IGM.EXE" /v debugger /t reg_sz /d debugfile.exe /f

echo gpupdate

exit

类别：病毒木马 | 添加到搜藏 | 浏览() | 评论 (4)

姓　名：	*姓名最长为50字节

网址或邮箱：	(选填)

内　容：

验证码：	请点击后输入四位验证码，字母不区分大小写看不清?
	取消回复