勒索病毒防护脚本,一键关闭高危端口和服务

  • A+
所属分类:安全闲碎

勒索病毒防护脚本,一键关闭高危端口和服务


%1 mshta vbscript:CreateObject("Shell.Application").ShellExecute("cmd.exe","/c %~s0 ::","","runas",1)(window.close)&&exitecho.@echo offcolor 1fecho.chcp 65001echo.title 您正在使用一键关闭危险端口和服务 by Mannixecho.echo 您正在使用一键关闭危险端口和服务echo.echo 正在帮您关闭这些危险端口,请稍等echo.echo 正在开启Windows防火墙服务echo.net start MpsSvcecho.echo 正在帮您开启Windows防火墙自启动echo.sc config MpsSvc start= autoecho.echo 正在启用防火墙echo.netsh advfirewall set allprofiles state onecho.
echo 正在帮您关闭端口....echo.echo.echo.
echo 正在关闭 135 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 135 - TCP"netsh advfirewall firewall add rule name = "Disable port 135 - TCP" dir = in action = block protocol = TCP localport = 135echo.netsh advfirewall firewall delete rule name = "Disable port 135 - UDP"netsh advfirewall firewall add rule name = "Disable port 135 - UDP" dir = in action = block protocol = UDP localport = 135echo.
echo 正在关闭 137 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 137 - TCP"netsh advfirewall firewall add rule name = "Disable port 137 - TCP" dir = in action = block protocol = TCP localport = 137echo.netsh advfirewall firewall delete rule name = "Disable port 137 - UDP"netsh advfirewall firewall add rule name = "Disable port 137 - UDP" dir = in action = block protocol = UDP localport = 137echo.
echo 正在关闭 138 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 138 - TCP"netsh advfirewall firewall add rule name = "Disable port 138 - TCP" dir = in action = block protocol = TCP localport = 138echo.netsh advfirewall firewall delete rule name = "Disable port 138 - UDP"netsh advfirewall firewall add rule name = "Disable port 138 - UDP" dir = in action = block protocol = UDP localport = 138echo.
echo 正在关闭 139 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 139 - TCP"netsh advfirewall firewall add rule name = "Disable port 139 - TCP" dir = in action = block protocol = TCP localport = 139echo.netsh advfirewall firewall delete rule name = "Disable port 139 - UDP"netsh advfirewall firewall add rule name = "Disable port 139 - UDP" dir = in action = block protocol = UDP localport = 139echo.
echo 正在关闭 445 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 445 - TCP"netsh advfirewall firewall add rule name = "Disable port 445 - TCP" dir = in action = block protocol = TCP localport = 445echo.netsh advfirewall firewall delete rule name = "Disable port 445 - UDP"netsh advfirewall firewall add rule name = "Disable port 445 - UDP" dir = in action = block protocol = UDP localport = 445echo.
echo 正在关闭 3389 端口 请稍候…netsh advfirewall firewall delete rule name = "Disable port 3389 - TCP"netsh advfirewall firewall add rule name = "Disable port 3389 - TCP" dir = in action = block protocol = TCP localport = 445echo.netsh advfirewall firewall delete rule name = "Disable port 3389 - UDP"netsh advfirewall firewall add rule name = "Disable port 3389 - UDP" dir = in action = block protocol = UDP localport = 445echo.
echo 危险端口已经用Windows防火墙关闭成功
echo.echo ----------------echo 正在关闭 Workstation(LanmanWorkstation)服务sc stop LanmanWorkstationsc config LanmanWorkstation start= disabled
echo.echo ----------------echo 正在关闭 Server(LanmanServer)服务sc stop LanmanServersc config LanmanServer start= disabled
echo.echo ----------------echo 正在关闭 TCP/IP NetBIOS Helper(lmhosts)共享服务sc stop lmhostssc config lmhosts start= disabled
echo.echo ----------------echo 正在关闭 Distributed Transaction Coordinator(MSDTC)共享服务sc stop MSDTCsc config MSDTC start= disabled
echo.echo ----------------echo 正在关闭 NetBT 服务sc stop NetBTsc config NetBT start= disabled
echo.echo ----------------reg add "hklmSystemCurrentControlSetServicesNetBTParameters" /v "SMBDeviceEnabled" /t reg_dword /d "0" /freg add "hklmSOFTWAREMicrosoftOle" /v "EnableDCOM" /t reg_sz /d "N" /freg add "hklmSOFTWAREMicrosoftRpc" /v "DCOM Protocols" /t reg_multi_sz /d "" /f
echo.echo ----------------echo 恭喜您,危险端口已经关闭,请重新启动电脑后用 netstat -an 查看本地端口
echo 按任意键退出pause>nul


本文始发于微信公众号(利刃信安):勒索病毒防护脚本,一键关闭高危端口和服务

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: