以往在安裝Windows作業系統時,我都會在各磁碟分割的根目錄手動建立如autorun.inf等資料夾,並移除安全性設定中所有使用者的權限,以『防止病毒利用autorun.inf檔進行交叉感染』。但是這種重複性的動作做久了也會覺得蠻麻煩。因此後來就直接一個批次檔,要用時直接點2下,一次解決繁瑣的步驟。
批次檔內容:
一、移除有問題的檔案
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 增加防護資料夾或有問題的檔案權限
ECHO ----------------------------------------------------------------
ECHO.
echo Y|cacls
echo y| cacls "C:\autorun.inf" /g administrators:f
echo y| cacls "D:\autorun.inf" /g administrators:f
echo y| cacls "E:\autorun.inf" /g administrators:f
echo y| cacls "F:\autorun.inf" /g administrators:f
echo y| cacls "G:\autorun.inf" /g administrators:f
echo y| cacls "H:\autorun.inf" /g administrators:f
echo y| cacls "I:\autorun.inf" /g administrators:f
echo y| cacls "J:\autorun.inf" /g administrators:f
echo y| cacls "K:\autorun.inf" /g administrators:f
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 刪除有問題的檔案
ECHO ----------------------------------------------------------------
ECHO.
del /q "C:\autorun.inf"
del /q "D:\autorun.inf"
del /q "E:\autorun.inf"
del /q "F:\autorun.inf"
del /q "G:\autorun.inf"
del /q "H:\autorun.inf"
del /q "I:\autorun.inf"
del /q "J:\autorun.inf"
del /q "K:\autorun.inf"
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 刪除防護資料夾(解除防護資料夾時用的,非必要)
ECHO ----------------------------------------------------------------
ECHO.
rd /s /q "C:\autorun.inf"
rd /s /q "D:\autorun.inf"
rd /s /q "E:\autorun.inf"
rd /s /q "F:\autorun.inf"
rd /s /q "G:\autorun.inf"
rd /s /q "H:\autorun.inf"
rd /s /q "I:\autorun.inf"
rd /s /q "J:\autorun.inf"
rd /s /q "K:\autorun.inf"
二、建立防範資料夾
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 建立防護資料夾
ECHO ----------------------------------------------------------------
ECHO.
mkdir "C:\autorun.inf"
mkdir "D:\autorun.inf"
mkdir "E:\autorun.inf"
mkdir "F:\autorun.inf"
mkdir "G:\autorun.inf"
mkdir "H:\autorun.inf"
mkdir "I:\autorun.inf"
mkdir "J:\autorun.inf"
mkdir "K:\autorun.inf"
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 設定防護資料夾屬性
ECHO ----------------------------------------------------------------
ECHO.
attrib "C:\autorun.inf" +S +H +R
attrib "D:\autorun.inf" +S +H +R
attrib "E:\autorun.inf" +S +H +R
attrib "F:\autorun.inf" +S +H +R
attrib "G:\autorun.inf" +S +H +R
attrib "H:\autorun.inf" +S +H +R
attrib "I:\autorun.inf" +S +H +R
attrib "J:\autorun.inf" +S +H +R
attrib "K:\autorun.inf" +S +H +R
@echo off
ECHO.
ECHO ----------------------------------------------------------------
ECHO 移除防護資料夾權限
ECHO ----------------------------------------------------------------
ECHO.
echo Y|cacls
echo y| cacls "C:\autorun.inf" /d administrator
echo y| cacls "D:\autorun.inf" /d administrator
echo y| cacls "E:\autorun.inf" /d administrator
echo y| cacls "F:\autorun.inf" /d administrator
echo y| cacls "G:\autorun.inf" /d administrator
echo y| cacls "H:\autorun.inf" /d administrator
echo y| cacls "I:\autorun.inf" /d administrator
echo y| cacls "J:\autorun.inf" /d administrator
echo y| cacls "K:\autorun.inf" /d administrator
說明:
01.『移除有問題的檔案』這個步驟是當已經中了隨身碟病毒後,要移除中毒自動產生的'檔案,如果是乾淨的系統不必處理。
02.移除或建立檔案(資料夾)不必挶限在『autorun.inf』,也可依需求增加已知的病毒名稱(含路徑),如ntdelect.com、ntdeIect.com...等。
02.『K:\autorun.inf』其中『K』是指磁碟代號,可依實際需求增減指令行數。(不過一般人應該很少分割那麼多Partition吧)
沒有留言:
張貼留言