Tuesday, June 15, 2010

Virus ကိုက္ျခင္းကုိ ျပန္လည္ျပဳျပင္ေပးျခင္း

VIrus ကုုိက္ထားေသာစက္အား Bat ဖုိင္ျဖင့္ ျပန္လည္ ျပဳျပင္ေပးျခင္း
ေအာက္တြင္ျပထားေသာ ကုဒ္မ်ားကုိ notepad ထဲကုိ copy ကူးထည့္လုိက္ျပီး .bat ဆုိတဲ့နာမည္ေလးနဲ႕သိမ္းလုိက္ပါ။
Flashy Kill အတြက္က အေပၚကအပုိဒ္ျဖစ္ျပီး Kill_sys အတြက္က ေအာက္က အပုိဒ္ျဖစ္ပါတယ္
သင့္၇ဲ႕စက္ထဲမွာ folder option တုိ႕ taskmanager တုိ႕ မေပၚေတာ့ဘူး ဆုိရင္ virus အကုိက္ခံေနရပါျပီ
အဲဒီအခ်ိန္မွာ ဒီဖုိင္ေလးကုိ Docuble  click ေလးႏိွပ္လုိက္ရုံနဲ႕ သင့္ရဲ႕စက္မွာ အားလုံးျပန္ေပၚလာပါလိမ့္မယ္
Flashy Kill.bat
pause
taskkill /F /IM system.exe
taskkill /F /IM New Folder.exe
taskkill /F /IM Msmsgs.exe
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /f
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /f
Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /f
Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1 /f
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start /f
Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start /t REG_DWORD /d 2 /f
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f
Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /f
Reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v MSMSGS /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v MSMSGS /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v New Folder /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS1 /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS2 /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS3 /f
Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS4 /f
pause
……………………………………………………………………………………………………………..
Kill_sys.bat
pause
taskkill /F /IM system.exe
taskkill /F /IM New Folder.exe
taskkill /F /IM Msmsgs.exe
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /f
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /f
c:\windows\system32\Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /f
c:\windows\system32\Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1 /f
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start /f
c:\windows\system32\Reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Start /t REG_DWORD /d 2 /f
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /f
c:\windows\system32\Reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /f
c:\windows\system32\Reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v MSMSGS /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v MSMSGS /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v New Folder /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS1 /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS2 /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS3 /f
c:\windows\system32\Reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\run /v SYS4 /f
pause
taskkill /IM Msmsgs.exe
cd /D %UserProfile%\Start Menu\Programs\Startup\ del systemID.pif
cd /D %Windir%\system32 del Msmsgs.exe
cd /D %Windir%\system32 del Flashy.exe
cd /D %Windir%\system32 del system.exe
cd /D %Windir%\system32 del bad1.exe
cd /D %Windir%\system32 del bad2.exe
cd /D %Windir%\system32 del bad3.exe
cd /D %Windir%\system32 del New Folder.exe
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)