logo_1.exe病毒专杀工具和免疫补丁(批处理)
昨天帮邻居小平家电脑杀毒。打开电脑随便看了下,感觉反应速度很慢,尤其是IE,不是一般地慢。打开任务管理器就看到logo_1.exe进程,又是它!前些天在学校帮小芳姐电脑杀毒时也是这个病毒,记得当时她电脑除了C盘以外其它盘都无法双击打开,现在小平的电脑也不例外。不过这个不难,我在DOS下删除autorun.inf和对应的病毒文件,过了会它又在根目录下自动生成。我写了几句简单的批处理,就轻松将其彻底删除而无法再自动拷贝进来。logo1这个病毒我不是很熟悉,不过我结束它的进程后,在C盘找到它的主文件,轻松删除之。我检查了它的启动项和服务,才发现已经被搞得乱七八糟,我一一将它们删除或修复。后来我才知道她的电脑上中了logo1、灰鸽子和落雪三种病毒,都是非常常见的。电脑情况是好多了,不过这个病毒这么频繁,我得去网上找下资料学习一下。
被我Down了个logo_1.exe病毒专杀工具和免疫补丁,打开一看,居然是两个批处理和一个注册表文件。
打开KillLogo1.bat,内容如下:
@echo off if exist %windir%\rundl132.exe echo 发现威金! pause taskkill /f /im rundl132.exe taskkill /f /im logo_1.exe taskkill /f /im logo1_.exe taskkill /f /im Ravmon.exe taskkill /f /im Eghost.exe taskkill /f /im Mailmon.exe taskkill /f /im KAVPFW.EXE taskkill /f /im IPARMOR.EXE taskkill /f /im Ravmond.exe taskkill /f /im 0sy.exe taskkill /f /im 1sy.exe taskkill /f /im 2sy.exe taskkill /f /im 3sy.exe taskkill /f /im 4sy.exe taskkill /f /im 5sy.exe taskkill /f /im 6sy.exe taskkill /f /im 7sy.exe taskkill /f /im 8sy.exe taskkill /f /im 9sy.exe taskkill /f /im 10sy.exe taskkill /f /im 11sy.exe taskkill /f /im 12sy.exe taskkill /f /im 13sy.exe taskkill /f /im 15sy.exe taskkill /f /im 25sy.exe ::以上为结束病毒进程. attrib %windir%\Logo1_.exe -s -r -h attrib %windir%\rundl132.exe -s -r -h attrib %windir%\0Sy.exe -s -r -h attrib %windir%\vDll.dll -s -r -h attrib %windir%\1Sy.exe -s -r -h attrib %windir%\2Sy.exe -s -r -h attrib %windir%\rundll32.exe -s -r -h attrib %windir%\3Sy.exe -s -r -h attrib %windir%\5Sy.exe -s -r -h attrib %windir%\1.com -s -r -h attrib %windir%\exerouter.exe -s -r -h attrib %windir%\EXP10RER.com -s -r -h attrib %windir%\finders.com -s -r -h attrib %windir%\Shell.sys -s -r -h attrib %windir%\kill.exe -s -r -h attrib %windir%\sws.dll -s -r -h attrib %windir%\sws32.dll -s -r -h attrib %windir%\uninstall\rundl132.exe -s -r -h attrib c:\windows\SVCHOST.exe -s -r -h attrib c:\windows\WINLOGON.exe -s -r -h attrib c:\windows\RUNDLL32.EXE -s -r -h attrib C:\"Program Files"\svchost.exe -s -r -h attrib C:\"Program Files"\"Internet Explorer"\svchost.exe -s -r -h attrib %windir%\Download\svchost.exe -s -r -h attrib %windir%\system32\wldll.dll -s -r -h attrib c:\windows\system32\Microsoft\svchost.exe -s -r -h del /f /s /q /a %systemdrive%\rundl132.exe del /f /s /q /a %systemdrive%\rundll32.exe del /f /s /q /a %systemdrive%\Dll.dll del /f /s /q /a %systemdrive%\vdll.dll del /f /s /q /a %systemdrive%\logo_1.exe del /f /s /q /a %systemdrive%\Logo1_.exe del /f /s /q /a %systemdrive%\Logo1.exe del /f /s /q /a %systemdrive%\?sy.exe del /f /s /q /a %windir%\Logo1_.exe del /f /s /q /a %windir%\rundl132.exe del /f /s /q /a %windir%\0Sy.exe del /f /s /q /a %windir%\vDll.dll del /f /s /q /a %windir%\1Sy.exe del /f /s /q /a %windir%\2Sy.exe del /f /s /q /a %windir%\rundll32.exe del /f /s /q /a %windir%\3Sy.exe del /f /s /q /a %windir%\5Sy.exe del /f /s /q /a %windir%\1.com del /f /s /q /a %windir%\exerouter.exe del /f /s /q /a %windir%\EXP10RER.com del /f /s /q /a %windir%\finders.com del /f /s /q /a %windir%\Shell.sys del /f /s /q /a %windir%\kill.exe del /f /s /q /a %windir%\sws.dll del /f /s /q /a %windir%\sws32.dll del /f /s /q /a %windir%\uninstall\rundl132.exe del /f /s /q /a c:\windows\SVCHOST.exe del /f /s /q /a c:\windows\WINLOGON.exe del /f /s /q /a c:\windows\RUNDLL32.EXE del /f /s /q /a C:\"Program Files"\svchost.exe del /f /s /q /a C:\"Program Files"\"Internet Explorer"\svchost.exe del /f /s /q /a c:\windows\Download\svchost.exe del /f /s /q /a c:\windows\system32\Microsoft\svchost.exe del /f /s /q /a c:\windows\system32\wldll.dll del /f /s /q /a c:\_desktop.ini del /f /s /q /a d:\_desktop.ini del /f /s /q /a e:\_desktop.ini del /f /s /q /a f:\_desktop.ini ::以上为删除病毒相关文件. net share c$ /del net share d$ /del net share e$ /del net share f$ /del net share admin$ /del net share ipc$ /del pause taskkill /f /im conime.exe exit
原来这么简单的一个批处理就可以称为专杀工具了,只不过就收集了几个常见的logo1病毒的文件名而已。不过logo1本来就是蠕虫病毒,特点应该是大范围传播,而不是顽固型的。
这样的一来,我想写个免疫补丁也就不难了。打开Logo1免疫补丁.bat,内容如下:
echo > %windir%\Logo1_.exe echo > %windir%\rundl132.exe echo > %windir%\0Sy.exe echo > %windir%\vDll.dll echo > %windir%\1Sy.exe echo > %windir%\2Sy.exe echo > %windir%\rundll32.exe echo > %windir%\3Sy.exe echo > %windir%\5Sy.exe echo > %windir%\1.com echo > %windir%\exerouter.exe echo > %windir%\EXP10RER.com echo > %windir%\finders.com echo > %windir%\Shell.sys echo > %windir%\kill.exe echo > %windir%\sws.dll echo > %windir%\sws32.dll echo > %windir%\uninstall\rundl132.exe echo > %windir%\SVCHOST.exe echo > %windir%\WINLOGON.exe echo > %windir%\RUNDLL32.EXE echo > C:\"Program Files"\svchost.exe echo > C:\"Program Files"\"Internet Explorer"\svchost.exe echo > %windir%\Download\svchost.exe echo > %windir%\system32\wldll.dll attrib %windir%\Logo1_.exe +s +r +h attrib %windir%\rundl132.exe +s +r +h attrib %windir%\0Sy.exe +s +r +h attrib %windir%\vDll.dll +s +r +h attrib %windir%\1Sy.exe +s +r +h attrib %windir%\2Sy.exe +s +r +h attrib %windir%\rundll32.exe +s +r +h attrib %windir%\3Sy.exe +s +r +h attrib %windir%\5Sy.exe +s +r +h attrib %windir%\1.com +s +r +h attrib %windir%\exerouter.exe +s +r +h attrib %windir%\EXP10RER.com +s +r +h attrib %windir%\finders.com +s +r +h attrib %windir%\Shell.sys +s +r +h attrib %windir%\kill.exe +s +r +h attrib %windir%\sws.dll +s +r +h attrib %windir%\sws32.dll +s +r +h attrib %windir%\uninstall\rundl132.exe +s +r +h attrib %windir%\SVCHOST.exe +s +r +h attrib %windir%\WINLOGON.exe +s +r +h attrib %windir%\RUNDLL32.EXE +s +r +h attrib C:\"Program Files"\svchost.exe +s +r +h attrib C:\"Program Files"\"Internet Explorer"\svchost.exe +s +r +h attrib %windir%\Download\svchost.exe +s +r +h attrib %windir%\system32\wldll.dll +s +r +h
logo_1.exe病毒专杀工具和免疫补丁下载:
看看还有没有您感兴趣的:
既然来了,就写两句吧~
是啊,密码不好用哦!没法安装。...