天衣防火墙 V3.1修改版（绿色单文件）

龙腾九天

天衣防火墙 V3.1修改版（绿色单文件）图片：


  常在网上漂，哪有不中镖，本软件能为你打造天衣无缝的安全防线。保护你的计算机免于各种流氓软件、插件、间谍软件、蠕虫病毒和特洛伊木马的侵袭，有效拦截内核级驱动的加载、可疑进程的运行、ROOTKIT病毒，防范各类扫描攻击、ARP欺骗造成的频繁出现IP地址冲突、网络断线与时断时续，并可以追捕出攻击者、警告攻击者、迫使其断网等功能。一旦发现可疑程序偷偷入侵，立即报警并加以清除，就算能够进入你的计算机，它们也没有机会执行，因此更没有机会对你的机器造成任何损害。她能使你在上网浏览、搜索资料时得以安然无恙，在下载软件时亦无后顾之忧，也不再有捆绑软件与绿色软件之分，她能将一个捆绑软件在安装时分离成绿色软件，阻止未被授权的捆绑插件安装，并监视所有安装到你系统中的文件，便于你能对其进行任意删除。该软件无需安装、单个文件、体积小、占用内存少，使你的计算机无论是否运行监控均能保持同等速度。


自己小改了下 脱壳减少资源占用， 删除恶心的启动画面

顺便把里面的规则提取出来供大家研究。

[Settings]
AutoRun=1
AutoWatch=1
Protected=1
AntiArpSniff=3
AntiArpTime=2
Sound=1
ShowMsg=1
监控目录=C:\
[Selections]
m_bAddNew=1
[PassFileName]
\Program Files\Internet Explorer\iexplore.exe=1
\Program Files\Internet Explorer\IEXPLORE.EXE=1
\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe=1
\Program Files\WinRAR\WinRAR.exe=1
\HS\hsreg.exe=1
\WINDOWS\system32\logonui.exe=1
\Program Files\Rising\Rav\Rav.exe=1
\WINDOWS\system32\Restore\rstrui.exe=1
\WINDOWS\system32\calc.exe=1
\Program Files\Windows NT\Accessories\wordpad.exe=1
\Program Files\Rising\Rav\RavMon.exe=1
\WINDOWS\Explorer.EXE=1
\WINDOWS\system32\winlogon.exe=1
\WINDOWS\system32\smss.exe=1
\WINDOWS\system32\services.exe=1
\WINDOWS\System32\svchost.exe=1
\WINDOWS\system32\lsass.exe=1
\WINDOWS\system32\csrss.exe=1
\WINDOWS\system32\taskmgr.exe=1
\WINDOWS\system32\userinit.exe=1
\WINDOWS\system32\systray.exe=1
\WINDOWS\system32\logoff.exe=1
\WINDOWS\System32\conime.exe=1
\WINDOWS\system32\ctfmon.exe=1
\WINDOWS\system32\systeminfo.exe=1
\WINDOWS\system32\spoolsv.exe=1
\WINDOWS\system32\rundll32.exe=1
\WINDOWS\System32\rundll32.exe=1
\WINDOWS\system32\regsvr32.exe=1
\WINDOWS\system32\notepad.exe=1
\WINDOWS\System32\NOTEPAD.EXE=1
\WINDOWS\notepad.exe=1
\WINDOWS\System32\dllhost.exe=1
\WINDOWS\System32\inetsrv\DavCData.exe=1
\WINDOWS\system32\shutdown.exe=1
\WINDOWS\system32\control.exe=1
\WINDOWS\system32\command.com=1
\WINDOWS\system32\cmd.exe=1
\WINDOWS\system32\mmc.exe=1
\WINDOWS\system32\user.exe=1
\WINDOWS\system32\arp.exe=1
\WINDOWS\System32\SNDVOL32.EXE=1
\WINDOWS\system32\ping.exe=1
\WINDOWS\System32\ping.exe=1
\WINDOWS\System32\cmd.exe=1
\WINDOWS\system32\restore\rstrui.exe=1
\WINDOWS\system32\net.exe=1
\WINDOWS\system32\net1.exe=1
\WINDOWS\system32\win.com=1
\WINDOWS\System32\wbem\wmiprvse.exe=1
\WINDOWS\system32\mspaint.exe=1
\WINDOWS\system32\mplay32.exe=1
\WINDOWS\system32\ntoskrnl.exe=1
\WINDOWS\system32\ipconfig.exe=1
\WINDOWS\system32\ipv6.exe=1
\WINDOWS\system32\ftp.exe=1
\WINDOWS\system32\debug.exe=1
\WINDOWS\system32\mshearts.exe=1
\WINDOWS\system32\imapi.exe=1
\WINDOWS\system32\wuauclt.exe=1
\WINDOWS\system32\sndrec32.exe=1
\WINDOWS\system32\dwwin.exe=1
\WINDOWS\system32\drwtsn32.exe=1
\WINDOWS\System32\inetsrv\inetinfo.exe=1
\WINDOWS\system32\odbcad32.exe=1
\WINDOWS\System32\DRIVERS\fetnd5.sys=1
\WINDOWS\System32\DRIVERS\nic1394.sys=1
\WINDOWS\system32\drivers\cmuda.sys=1
\WINDOWS\system32\drivers\kmixer.sys=1
\WINDOWS\System32\DRIVERS\USBSTOR.SYS=1
\WINDOWS\System32\DRIVERS\sfloppy.sys=1
\WINDOWS\system32\drivers\msmpu401.sys=1
\WINDOWS\System32\msiexec.exe=1
\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe=1
\Program Files\Rising\Rav\CCenter.exe=1
\Program Files\Rising\Rav\RavMonD.exe=1
\WINDOWS\System32\drivers\basetdi.sys=1
\program files\rising\rav\inbuild.exe=1
\PROGRAM FILES\RISING\RAV\HOOKBASE.SYS=1
\PROGRAM FILES\RISING\RAV\HOOKSYS.SYS=1
\PROGRAM FILES\RISING\RAV\HOOKREG.SYS=1
\Program Files\Rising\Rav\RsAgent.exe=1
\WINDOWS\System32\drivers\basetdi.sys=1
\program files\rising\rfw\rfwsrv.exe=1
\Program Files\Rising\Rfw\rfwmain.exe=1
\program files\rising\rfw\FwDrv.sys=1
\Program Files\Rising\Rfw\RfwCfg.exe=1
\Program Files\Rising\Rav\Smartup.exe=1
\Program Files\Rising\AntiSpyware\runiep.exe=1
\Program Files\Rising\Rav\RavTask.exe=1
\Program Files\Rising\Rav\RavQuick.exe=1
\Program Files\Rising\Rav\RsConfig.exe=1
\Program Files\Rising\Rav\RSPPSYS.sys=1
\Program Files\Rising\Rav\MEMSCAN.sys=1
\Program Files\Rising\Rav\HOOKAPI.SYS=1
\Program Files\Rising\Rav\ExpScan.sys=1
\Program Files\Rising\Rav\HOOKCONT.sys=1
\Program Files\Rising\Rav\RavStub.exe=1
\Program Files\JiangMin\AntiVirus\kvsrvxp.exe=1
\Program Files\JiangMin\KVOL\KVolself.exe=1
\WINDOWS\System32\netsh.exe=1
\PROGRA~1\JiangMin\ANTIVI~1\BsDeamon.sys=1
\PROGRA~1\JiangMin\common\KSysCall.sys=1
\PROGRA~1\JiangMin\ANTIVI~1\KSysMon.sys=1
\WINDOWS\System32\drivers\KWatch3.SYS=1
\WINDOWS\System32\DRIVERS\ipfltdrv.sys=1
\WINDOWS\System32\drivers\klif.sys=1
\Program Files\Alwil Software\Avast4\ashAvast.exe=1
\Program Files\Alwil Software\Avast4\ashSimpl.exe=1
\WINDOWS\System32\msiexec.exe=1
\WINDOWS\hh.exe=1
\WINDOWS\System32\logon.scr=1
\WINDOWS\System32\ssbezier.scr=1
\WINDOWS\System32\ssmyst.scr=1
\WINDOWS\System32\ssstars.scr=1
\WINDOWS\System32\scrnsave.scr=1
\WINDOWS\System32\ss3dfo.scr=1
\WINDOWS\System32\sspipes.scr=1
\WINDOWS\System32\ssflwbox.scr=1
\WINDOWS\System32\sstext3d.scr=1
\WINDOWS\System32\ssmypics.scr=1
\WINDOWS\System32\ssmarque.scr=1
\Program Files\YuanZhi\Recovery Genius 21st\WinNT\HDDGMon.exe=1
\PROGRA~1\COMMON~1\GOLDEN~1\PizzaSvr.exe=1
\Program Files\Common Files\GoldenSoft\ChannelRg.exe=1
\Program Files\Common Files\GoldenSoft\PizzaSvr.exe=1
\Program Files\Windows Media Player\wmplayer.exe=1
\Program Files\Outlook Express\msimn.exe=1
\Program Files\Tencent\qq\QQ.exe=1
\Program Files\Tencent\qq\QQLiveUpdate.exe=1
\Program Files\Tencent\qq\TIMPlatform.exe=1
\Program Files\Tencent\qq\MagicBook.exe=1
\Program Files\Tencent\QQ\CoralQQ.exe=1
\Program Files\Tencent\QQ\QQ.exe=1
\Program Files\Tencent\qq\TIMPlatform.exe=1
\Program Files\Tencent\QQ\QQLiveUpdate.exe=1
\Program Files\Tencent\qq\QQexternal.exe=1
\Program Files\Tencent\qq\QQUpdateCenter.exe=1
\PROGRAM FILES\TENCENT\QQ\NPKCRYPT.SYS=1
\Program Files\Tencent\qq\QQTemp\QQGameHall.exe=1
\Program Files\Tencent\QQGAME\Download\QQDdzRPG.EXE=1
\Program Files\Tencent\qq\QZone\Qzone.exe=1
\WINDOWS\vqqsdl.exe=1
\Program Files\Tencent\qq\QQTemp\QQTV.exe=1
\Program Files\Tencent\QQLive\TVLoge.exe=1
\Program Files\Tencent\QQLive\QQLive.exe=1
\Program Files\Tencent\QQLive\QQLiveOneClick.exe=1
\Program Files\Tencent\QQLive\QQLivePlayer.exe=1
\Program Files\Tencent\qq\Timwp.exe=1
\PROGRA~1\TENCENT\QQGAME\DDZRPG\ddzrpg.exe=1
\Program Files\Tencent\TT\TTraveler.exe=1
\WINDOWS\system32\attrib.exe=1
\Program Files\Maxthon\Maxthon.exe=1
\Program Files\Mozilla Firefox\firefox.exe=1
\Program Files\Microsoft Office\Office10\WINWORD.EXE=1
\Program Files\Microsoft Office\Office10\EXCEL.EXE=1
\Program Files\Microsoft Office\Office10\FRONTPG.EXE=1
\PROGRA~1\MICROS~2\Office10\FRONTPG.EXE=1
\Program Files\Microsoft Office\Office10\MSACCESS.EXE=1
\Program Files\Microsoft Office\Office10\OUTLOOK.EXE=1
\Program Files\Microsoft Office\Office10\msohtmed.exe=1
\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE=1
\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE=1
\Program Files\Microsoft Office\Office10\POWERPNT.EXE=1
\WINDOWS\msagent\AgentSvr.exe=1
\WINDOWS\System32\packager.exe=1
\Program Files\Messenger\msmsgs.exe=1
\Program Files\MSN\MSNCoreFiles\msn6.exe=1
\Program Files\Macromedia\Flash 8\Flash.exe=1
\Program Files\Macromedia\Dreamweaver 8\Dreamweaver.exe=1
\Program Files\Macromedia\Fireworks 8\Fireworks.exe=1
\Program Files\Real\RealOne Player\realplay.exe=1
\Program Files\Common Files\Real\Update_OB\realsched.exe=1
\Program Files\Thunder Network\Thunder\Thunder.exe=1
\Program Files\Thunder Network\Thunder\Program\Thunder5.exe=1
\Program Files\Thunder Network\WebThunder\WebThunder.exe=1
\Program Files\Thunder Network\Thunder\Program\BugReport.exe=1
\WINDOWS\winhlp32.exe=1
\Program Files\FlashGet\flashget.exe=1
\WINDOWS\System32\wbem\wmiapsrv.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Common7\Tools\vcspawn.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Vc7\bin\cl.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Vc7\bin\rc.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Vc7\bin\link.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Vc7\bin\cvtres.exe=1
\Program Files\Microsoft Visual Studio .NET 2003\Common7\IDE\devenv.exe=1
\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe=1
\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\MSDEV.EXE=1
\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\vcspawn.exe=1
\Program Files\Microsoft Visual Studio\Common\MSDev98\Bin\rc.exe=1
\Program Files\Microsoft Visual Studio\VC98\BIN\cl.exe=1
\Program Files\Microsoft Visual Studio\VC98\BIN\link.exe=1
\Program Files\Microsoft Visual Studio\VC98\BIN\cvtres.exe=1
\WINDOWS\system32\rcimlby.exe=1
\WINDOWS\pchealth\helpctr\binaries\helpctr.exe=1
\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe=1
\WINDOWS\system32\spider.exe=1
\Program Files\Microsoft Office\Office10\OSA.EXE=1
\Program Files\GoldenSoft\Recovery Genius\WinNT\HDDGMon.exe=1
\WINDOWS\system32\tourstart.exe=1
\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe=1
\WINDOWS\system32\cleanmgr.exe=1
\WINDOWS\system32\ntbackup.exe=1
\WINDOWS\System32\rsmsink.exe=1
\WINDOWS\system32\usmt\migwiz.exe=1
\WINDOWS\system32\mstsc.exe=1
\WINDOWS\system32\magnify.exe=1
\WINDOWS\system32\osk.exe=1
\WINDOWS\system32\MSSWCHX.EXE=1
\Program Files\Ringz Studio\Storm Codec\mplayerc.exe=1
\Program Files\UltraEdit\Uedit32.exe=1
\Program Files\Foxmail\Foxmail.exe=1
\Program Files\Adobe\Photoshop CS\Photoshop.exe=1
\WINDOWS\system32\wupdmgr.exe=1
\Program Files\ThinkVantage Fingerprint Software\enrollbtn.exe=1
\Program Files\ThinkVantage Fingerprint Software\ctlcntr.exe=1
\Program Files\ThinkVantage Fingerprint Software\launchte.exe=1
\Program Files\ThinkVantage Fingerprint Software\startmui.exe=1
\Program Files\Microsoft SQL Server\80\Tools\Binn\cldtcstp.exe=1
\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlredis.exe=1
\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe=1
\Program Files\Microsoft SQL Server\80\Tools\Binn\cnfgsvr.exe=1
\Program Files\Microsoft SQL Server\MSSQL$CFIT808\Binn\sqlservr.exe=1
\WINDOWS\System32\unlodctr.exe=1
\WINDOWS\System32\lodctr.exe=1
\WINDOWS\system32\WBEM\WMIADAP.EXE=1
\Program Files\Common Files\Real\Update_OB\realevent.exe=1
\Program Files\NSIS\NSIS.exe=1
\Program Files\NSIS\VNISEdit\VNISEdit.exe=1
\Program Files\NSIS\makensis.exe=1
\Program Files\BitSpirit\BitSpirit.exe=1
\PROGRA~1\Yahoo!\ASSIST~1\Assist\yascenter.exe=1
\PROGRA~1\Yahoo!\Assistant\yassistse.exe=1
\Program Files\Super Rabbit\MagicSet\MagicSet.exe=1
\Program Files\Super Rabbit\MagicSet\SRCK.EXE=1
\Program Files\Super Rabbit\MagicSet\srms.exe=1
\Program Files\Super Rabbit\MagicSet\iepro.exe=1
\Program Files\Super Rabbit\MagicSet\iehelp.exe=1
\Program Files\Super Rabbit\MagicSet\safeedit.exe=1
\Program Files\Super Rabbit\MagicSet\srsi.exe=1
\Program Files\Super Rabbit\MagicSet\srrest.exe=1
\Program Files\Super Rabbit\MagicSet\srtask.exe=1
\Program Files\Wopti\WoptiUtilities.exe=1
\Program Files\Wopti\WoptiClean.exe=1
\Program Files\Wopti\WoptiDecryption.exe=1
\Program Files\Wopti\WoptiEncrypt.exe=1
\Program Files\Wopti\WoptiMem.exe=1
\Program Files\Wopti\WomUpdate.exe=1
\Program Files\Wopti\WoptiProcess.exe=1
\Program Files\Wopti\WoptiWipe.exe=1
\Program Files\360safe\360Safe.exe=1
\Program Files\360safe\360rpt.exe=1
\Program Files\360safe\kabaload.exe=1
\Program Files\Rising\AntiSpyware\Ras.exe=1
\Program Files\Rising\AntiSpyware\Rsaupd.exe=1
\Program Files\Kingsoft\KSysCleaner\KASMain.EXE=1
\Program Files\Kingsoft\KSysCleaner\KASStart.EXE=1
\Program Files\Kingsoft\KSysCleaner\KASUpd.EXE=1
\Program Files\Nero7\nero.exe=1
\Program Files\SlySoft\CloneCD\CloneCD.exe=1
\Program Files\SlySoft\CloneCD\RgDrvls.exe=1
\Program Files\kingbase\server\kbser.exe=1
\Program Files\kingbase\server\kingbase.exe=1
\Program Files\kingbase\client\dumpw.exe=1
\Program Files\Unlocker\Unlocker.exe=1
\Program Files\TTPlayer\TTPlayer.exe=1
\Program Files\KMplayer\KMPlayer.exe=1
\PROGRA~1\KMplayer\KMPlayer.exe=1
\Program Files\PPLive\PPLive.exe=1
\Program Files\木马杀客\mmsk.exe=1
\Program Files\按键精灵\jdyou\简单游.exe=1
\Program Files\按键精灵\jdyou\aLogin.exe=1
\Program Files\YHGameCenter\YHGame.exe=1
\Program Files\YHGameCenter\GamePlace.exe=1
\Program Files\YHGameCenter\UpdateMgr.exe=1
\Program Files\Tencent\QQGame\UNWISE.EXE=1
\PROGRA~1\TENCENT\QQGAME\QQGame.exe=1
\Program Files\Tencent\QQGame\QQGame.exe=1
\Program Files\Tencent\QQGame\QQGameDl.exe=1
\Program Files\Tencent\QQGame\MusicPlayer.exe=1
\Program Files\Tencent\QQGame\Update.EXE=1
\Program Files\Globallink\Game\share\GLWorld.exe=1
\Program Files\泡泡堂\ca.exe=1
[ForbidFileName]