SOGO論壇
標題:
最新四種勒索病毒NotPetya/Petya/Petna/SortaPetya防毒疫苗的 寫法
[列印本頁]
作者:
Zigzap
時間:
2017-7-9 01:24:31
標題:
最新四種勒索病毒NotPetya/Petya/Petna/SortaPetya防毒疫苗的 寫法
本帖最後由 Zigzap 於 2017-7-9 01:25 編輯
最新四種勒索病毒NotPetya/Petya/Petna/SortaPetya防毒
疫苗
的 寫法 :
這四種已經有疫苗了NotPetya/Petya/Petna/SortaPetya,打開
記事本
;
把下列代碼貼上儲存為 ((
疫苗.BAT
))
批次檔
:
@echo off
REM Administrative check from here:
http://stackoverflow.com/questio ... ck-for-admin-rights
REM Vaccination discovered by twitter.com/0xAmit/status/879778335286452224
REM Batch file created by Lawrence Abrams of BleepingComputer.com. @bleepincomputer@lawrenceabrams
echo Administrative permissions required.
Detecting permissions...
echo.
net session >nul 2>&1
if %errorLevel% == 0
(
if exist C:\Windows\perfc
(
echo Computer already vaccinated for NotPetya/Petya/Petna/SortaPetya.
echo.
) else
(
echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya.
> C:\Windows\perfc
echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya.
> C:\Windows\perfc.dll
echo This is a NotPetya/Petya/Petna/SortaPetya Vaccination file. Do not remove as it protects you from being encrypted by Petya.
> C:\Windows\perfc.dat
attrib +R C:\Windows\perfc
attrib +R C:\Windows\perfc.dll
attrib +R C:\Windows\perfc.dat
echo Computer vaccinated for current version of NotPetya/Petya/Petna/SortaPetya.
echo.
)
)
else
(
echo Failure: You must run this batch file as Administrator.
)
pause
-----------------------------------結束-----------------------------------------------------
作者:
kuan060911
時間:
2017-8-9 23:22:27
謝謝大大的分享這先試用看看
歡迎光臨 SOGO論壇 (https://oursogo.com/)
Powered by OURSOGO.COM