手動刪除U盤文件夾病毒
最近好多電腦中了U盤病毒,把U盤上所有正常文件夾隱藏,然後用病毒自己的程序充當文件夾,引起電腦運行緩慢,不能用註冊表、任務管理器,感興趣的`朋友可以嘗試一下這個批處理方法...
將以下內容另存文批處理文檔。運行試一下!
@REM -------------------------------------------------------------------------------------------------
@ECHO OFF
@REM VIRUS MAIN PROGRAM FILE'S NAME IS ""
ECHO KILLING VIRUS MAIN PROGRAM IN MEMORY...
SET VIRUSPROG=
SET VIRUSFILE=%SYSTEMROOT%SYSTEM32%VIRUSPROG%
TASKLIST | FIND /I "%VIRUSPROG%"
IF %ERRORLEVEL% GEQ 1 (GOTO NOVIRUS)
:FINDVIRUS
TASKKILL /F /IM "%VIRUSPROG%" /T
TASKLIST | FIND /I "%VIRUSPROG%"
IF %ERRORLEVEL% EQU 0 ( GOTO FINDVIRUS ) ELSE ( GOTO KILLEDVIRUS )
:KILLEDVIRUS
ECHO VIRUS IN MEMORY KILLED!
ECHO NOW DELETING THE VIRUS FILES:
GOTO DELETEFILE
:NOVIRUS
ECHO THERE'S NO VIRUS IN YOUR MACHINE!
GOTO END
:DELETEFILE
ECHO DELETING VIRUS MAIN PROGRAM FILE AND EMAILS CREATED BY VIRUS...
@REM DELETE MAIN VIRUS PROGRAM FILE
ATTRIB -R -S -H %VIRUSFILE%
DEL %VIRUSFILE%
@REM DELETE EMAIL FILE.
SET FILENAME=%PROGRAMFILES%COMMON FILESMICROSOFT
IF EXIST %FILENAME% DEL %FILENAME%
SET FILENAME=%PROGRAMFILES%COMMON
IF EXIST %FILENAME% DEL %FILENAME%
SET FILENAME=%PROGRAMFILES%
IF EXIST %FILENAME% DEL %FILENAME%
ECHO REPAIRE REGISTRY:
ECHO ENABLING SYSTEM TASK MANAGER...
REG DELETE HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciessystem /V DisableTaskMgr /F
ECHO ENABLING SYSTEM REGISTRY TOOLS...
REG DELETE HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciessystem /V DisableRegistryTools /F
ECHO DELETE VIRUS REGISTRY ...
REG DELETE HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun /V Runonce /F
ECHO "DONE!"
:END
PAUSE
注意:該批處理只刪除在系統盤WindowsSystem32下的病毒主程序,和幾個附加的email,不能刪除優盤上的病毒。
