百度空间 | 百度首页 
 
查看文章
 
IGM病毒专杀
2007-11-14 16:27

将以下内容复制,保存为.bat文件,双击即可执行:

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IGM.EXE" /v debugger /t reg_sz /d debugfile.exe /f
del c:\IGM.EXE/f/s/q/a

taskkill /f /im igw.exe
taskkill /f /im igm.exe
del c:\igw.exe /f/s/q/a
copy nul c:\windows\igw.exe
attrib c:\windows\igw.exe +s +h +r
taskkill /f /im igm.exe
del c:\igm.exe /f/s/q/a
copy nul c:\windows\igm.exe
attrib c:\windows\igm.exe +s +h +r
taskkill /f /im serdst.exe
del c:\serdst.exe /f/s/q/a
deltree /y C:\WINDOWS\system32\serdst.exe
copy nul C:\WINDOWS\system32\serdst.exe
attrib C:\WINDOWS\system32\serdst.exe +s +h +r
taskkill /f /im swchost.exe
del c:\swchost.exe /f/s/q/a
copy nul C:\WINDOWS\swchost.exe
attrib C:\WINDOWS\swchost.exe +s +h +r
echo y|cacls c:\windows\igm.exe /d everyone:n
echo y|cacls c:\windows\igw.exe /d everyone:n
echo y|cacls c:\windows\swchost.exe /d everyone:n
echo y|cacls C:\WINDOWS\system32\serdst.exe /d everyone:n
echo 127.0.0.1 http://www.8jee.com/ >>%systemroot%\system32\drivers\etc\hosts


md c:\WINDOWS\AVPSrv.exe >nul 2>nul

md c:\WINDOWS\DiskMan32.exe >nul 2>nul

md c:\WINDOWS\IGM.exe >nul 2>nul

md c:\WINDOWS\Kvsc3.exe >nul 2>nul

md c:\WINDOWS\lqvytv.exe >nul 2>nul

md c:\WINDOWS\MsIMMs32.exe >nul 2>nul

md c:\WINDOWS\system32\3CEBCAF.EXE >nul 2>nul

md %windir%\system32\drivers\svchost.exe >nul 2>nul

md c:\WINDOWS\system32\a.exe >nul 2>nul

md c:\WINDOWS\upxdnd.exe >nul 2>nul

md c:\WINDOWS\WinForm.exe >nul 2>nul

md c:\WINDOWS\system32\rsjzbpm.dll >nul 2>nul

md c:\WINDOWS\system32\racvsvc.exe >nul 2>nul

md c:\WINDOWS\cmdbcs.exe >nul 2>nul

md c:\WINDOWS\dbghlp32.exe >nul 2>nul

md c:\WINDOWS\nvdispdrv.exe >nul 2>nul

md c:\WINDOWS\system32\cmdbcs.dll >nul 2>nul

md c:\WINDOWS\system32\dbghlp32.dll >nul 2>nul

md c:\WINDOWS\system32\upxdnd.dll >nul 2>nul

md c:\WINDOWS\system32\yfmtdiouaf.dll >nul 2>nul

echo y|cacls.exe c:\WINDOWS\AVPSrv.exe /d everyone >nul 1>nul

echo y|cacls.exe %windir%\system32\drivers\svchost.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\DiskMan32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\IGM.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\Kvsc3.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\lqvytv.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\MsIMMs32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\3CEBCAF.EXE /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\a.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\upxdnd.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\WinForm.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\rsjzbpm.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\racvsvc.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\cmdbcs.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\dbghlp32.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\nvdispdrv.exe /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\cmdbcs.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\dbghlp32.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\upxdnd.dll /d everyone >nul 1>nul

echo y|cacls.exe c:\WINDOWS\system32\yfmtdiouaf.dll /d everyone >nul 1>nul

echo reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IGM.EXE" /v debugger /t reg_sz /d debugfile.exe /f

echo gpupdate

exit

类别:病毒木马 | 添加到搜藏 | 浏览() | 评论 (4)
最近读者:
 
网友评论:
1
2007-12-03 00:02 | 回复
怎么我不会用啊
 
2
2007-12-12 09:21 | 回复
thank you
 
3
2007-12-12 12:01 | 回复
谢谢,暂时是没有了,不知道还会不会出现了
 
4
2007-12-21 21:23 | 回复
要是不能上网还能用吗
 
发表评论:
姓 名:
网址或邮箱: (选填)
内 容:
验证码: 请点击后输入四位验证码,字母不区分大小写
      

     
 
精彩相册
   
     

©2009 Baidu