下载https://github.com/robertdavidgraham/rdpscan/releases

最新版本

然后运行rdpscan扫描

扫描单ip
rdpscan 192.168.1.1
扫描IP段
rdpscan 192.168.1.1-192.168.1.255

VULNERABLE 表示发现漏洞
SAFE表示安全
CredSSP/NLA 表示启动用了安全身份证验证的远程，并不表示漏洞不存在
UNKNOWN 表示未知

…

Norton Power Eraser

https://support.norton.com/sp/en/us/home/current/solutions/kb20100824120155EN

https://support.norton.com/sp/static/external/NPE/5.3/prod/en/NPE.exe

360系统急救箱

http://www.360.cn/superfirstaid/index.html

rootkitremover

https://www.mcafee.com/enterprise/en-us/downloads/free-tools/rootkitremover.html

tdsskiller

https://usa.kaspersky.com/downloads/tdsskiller

ylx.me/td

Trend Micro RootkitBuster

https://www.trendmicro.com/download/rbuster.asp

参考

http://155.223.31.253/archive/index.php?d=AntiReklam_Programlari/Rootkits…

fsutil hardlink list c:\windows\system32\amsi.dll
\Windows\System32\amsi.dll
\Windows\WinSxS\amd64_microsoft-antimalware-scan-interface_31bf3856ad364e35_10.0.17763.1_none_477a43df2f3d6453\amsi.dll

…

适合谷歌火狐带有脚本管理如油猴子Tampermonkey

from http://bbs.pcbeta.com/viewthread-1529903-1-1.html

// ==UserScript==
// @name            DZ_Block
// @author          aa65535
// @version         1.03
// @lastmodified    2014-07-26 11:14:54
// @run-at          document-end
// @noframes        yes
// @description     屏蔽指定用户的帖子
// @namespace       Rin Satsuki
// @updateURL       http://aa65535.com/public/userscript/dz_block.meta.js
// @downloadURL     http://aa65535.com/public/userscript/dz_block.user.js
// @include         http://*/*

这些只是给我自己备用，如果中了勒索病毒，只能杀毒，数据恢复无解

有更新功能 推荐
https://www.emsisoft.com/en/home/emergencykit/         [推荐]
https://dl.emsisoft.com/EmsisoftEmergencyKit.exe
https://www.comodo.com/business-security/network-protection/cleaning-essentials.php

无更新功能
https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe
https://www.kaspersky.com.cn/downloads/thank-you/free-virus-removal-tool
https://devbuilds.s.kaspersky-labs.com/devbuilds/KVRT/latest/full/KVRT.exe

无更新功能
https://free.drweb.cn/download+cureit+free/
https://free.drweb.cn/download+cureit/gr/?lng=en…

1.打开about:studies，进入更新选项，Firefox 数据收集与使用下面勾上允许 Firefox 向 Mozilla 发送技术信息及交互数据，再勾上允许 Firefox 安装并运行一些实验项目，等待恢复

2.安装https://storage.googleapis.com/moz-fx-normandy-prod-addons/extensions/hotfix-update-xpi-intermediate@mozilla.com-1.0.2-signed.xpi

    蓝奏云地址 https://www.lanzous.com/i4125ah

3.更新到最新版本

    官方FTP链接
    win32
    https://ftp.mozilla.org/pub/fire … 0Setup%2066.0.4.exe
    win64
    https://ftp.mozilla.org/pub/fire … 0Setup%2066.0.4.exe…

C:\ProgramData\GlassWire\service

备份上面这个目录就可以了

实际好像只需要glasswire.conf和glasswire.db…

yum install mkisofs -y

mkisofs -allow-limited-size -l -J -r -iso-level 3 -o file.iso /dir/…