唉……现在的病毒 好像都不是用免疫能防的住的了,病毒无情,人有情,
看我经常看H网站的时候用来防毒的进程查杀bat
(如果是以原有的进程名执行的病毒,这个批处理就没辙拉,但是病毒总不会孤军做战,总要用到其他进程,所以,这个思路我认为还是可以的,至少我看H网的时候没中毒)
@echo off
for /f "skip=10" %%a in ('type %~nx0') do (
if not exist oldlist\%%a (md oldlist\%%a)
)
:action
for /f "skip=1" %%a in ('tasklist /nh') do (
if not exist oldlist\%%a (taskkill /t /f /im %%a &echo.%%a>>keyi.x)
)
ping -n 2 127.0>nul
goto action
System
smss.exe
csrss.exe
winlogon.exe
services.exe
lsass.exe
svchost.exe
svchost.exe
svchost.exe
explorer.exe
dllhost.exe
CltSrv.exe
nvsvc32.exe
svchost.exe
dmadmin.exe
Clsmn.exe
VM_STI.EXE
internat.exe
conime.exe
IEXPLORE.EXE
Thunder5.exe
QQ.exe
TIMPlatform.exe
Qzone.exe
PinyinUp.exe
notepad.exe
cmd.exe
cmd.exe
tasklist.exe
rundll32.exe
wmiprvse.exe
winrar.exe
------------------------------------------------------------------------------
进程部分可以自己更新 |
|