::监视系统进程,防止病毒假冒,用路径的方式来判断
@echo off&endlocal&setlocal ENABLEDELAYEDEXPANSION
:loop
set "exePath=C:\WINDOWS\System32\smss.exe;C:\WINDOWS\system32\csrss.exe;"C:\Program Files\WinRAR\WinRAR.exe""
for %%? in (%exepath%) do (
set "str=%%~?"
wmic process where "name='%%~nx?' and executablePath<>'!str:\=\\!'" call terminate
)
ping -n 20 127.1 >nul 2>nul
goto :loop
Last modified by vkill on2007/12/10 22:00
网友评论(0):
