客服电话
APP下载
迪恩网络APP
随时随地掌握行业动态
官方微信
扫描二维码
关注迪恩网络微信公众号
|
echo ----------------------------3.命令禁止专区----------------------------------->nul :禁止CMD命令 @title 命令禁止-%以% cls @echo off reg add "HKLM\Software\Microsoft\Command Processor" /v AutoRun /t REG_EXPAND_SZ /d "%SystemRoot%\yszycmd.cmd" /f>nul 2>nul 4>nul dir %SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul goto jzcmd2%ERRORLEVEL% :jzcmd20 find /i "doskey"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul goto jzcmd%ERRORLEVEL% :jzcmd1 :jzcmd21 echo @echo off> %SystemRoot%\yszycmd.cmd echo doskey doskey =echo doskey已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd :jzcmd0 echo, echo, echo 请输入你要禁止的命令如:输入DIR然后回车=DIR命令禁止使用 echo ------------------------------------------------------------------------- echo 直接回车=刷新 按G=列表选择 按QQ=俺QQ空间 按Q=退出 echo ------------------------------------------------------------------------- echo 按B=去除所有禁止命令 按S=查看当前禁止的命令 按A=自定义不要禁止的命令 echo ------------------------------------------------------------------------- echo, echo, set jzcmd= set /p jzcmd= if /I "%jzcmd%"=="g" goto 列表选择 if /I "%jzcmd%"=="qq" start iexplore if /I "%jzcmd%"=="" goto 禁止CMD命令 if /I "%jzcmd%"=="b" goto jzcmdbo if /I "%jzcmd%"=="a" goto jzcmdzd if /I "%jzcmd%"=="2" goto 禁止CMD命令 if /I "%jzcmd%"=="1" goto 禁止CMD命令 if /I "%jzcmd%"=="q" (exit) if /I "%jzcmd%"=="s" goto jccmdck %jzcmd% /?>nul 2>nul 4>nul if /I "%ERRORLEVEL%"=="9009" goto cmdmy find /i "%jzcmd%"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul if /I "%ERRORLEVEL%"=="0" goto cmdyy echo "%jzcmd%"|find /i" " >nul 2>nul 4>nul if /I "%ERRORLEVEL%"=="0" goto cmdbb echo doskey %jzcmd% =echo %jzcmd%已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd goto jzcmdcg :cmdmy echo, echo, echo, echo, echo, echo 你输入的命令不可用 echo 请按任意键继续 pause >nul goto 禁止CMD命令 :jzcmdcg echo, echo, echo, echo 已经禁止-请按任意键继续 pause >nul goto 禁止CMD命令 :cmdbb echo, echo, echo 此命令带空格.不可输入 echo 请按任意键继续 pause >nul goto 禁止CMD命令 :jccmdck cls echo 以下是已经禁止的命令 echo, echo, for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i echo ------------------------------------------------------------------------- echo, echo, echo, echo, goto jzcmd0 :cmdyy echo, echo, echo, echo, echo ------------------此命令已经存在禁止列表中,不需多次禁止-------------------- echo 请按任意键继续 pause >nul goto 禁止CMD命令 :jzcmdbo cls del %SystemRoot%\yszycmd.cmd echo, echo, echo, echo, echo, echo, echo, echo, echo →◎→◎→◎→◎→◎→已经去除所有禁止命令←◎←◎←◎←◎←◎← echo ------------------------------------------------------------------------- echo →◎→◎→◎→◎→◎→请按任意键继续←◎←◎←◎←◎←◎← pause >nul goto 禁止CMD命令 :jzcmdzd cls echo 以下是已经禁止的命令 echo, echo, for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i echo ------------------------------------------------------------------------- echo, echo, echo, echo, echo 请输入你要从禁止列表中去除的命令 echo G=返回禁止CMD命令 Q=退出 set zcmdzd= set /p zcmdzd= if /I "%zcmdzd%"=="g" goto 禁止CMD命令 if /I "%zcmdzd%"=="q" (exit) if /I "%zcmdzd%"=="" goto jzcmdzd %zcmdzd% /?>nul 2>nul 4>nul if /I "%ERRORLEVEL%"=="9009" goto cmdmy find /i "%zcmdzd%"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul if /I "%ERRORLEVEL%"=="1" goto jzcmdmy11 type %SystemRoot%\yszycmd.cmd|find /v /i "%zcmdzd%">%SystemRoot%\yszycmd1.cmd del %SystemRoot%\yszycmd.cmd ren %SystemRoot%\yszycmd1.cmd yszycmd.cmd echo, echo, echo, echo, echo, echo 已经从禁止列表中去除%zcmdzd%命令 echo 按任意键继续 pause >nul goto jzcmdzd :jzcmdmy11 echo, echo, echo, echo, echo 你输入的命令不存在禁止列表中-请确定后在来吧 echo 按任意键继续 pause >nul goto jzcmdzd :cmdmy echo, echo, echo, echo, echo 你输入的不是命令-不要拿我来开唰哦 echo 按任意键继续 pause >nul goto jzcmdzd echo ----------------------------4.母盘制作----------------------------------->nul :母盘制作 @title 母盘制作-%以% :whzq cls echo ---------------------------------------------------------------------- echo %:% ① ARP工具与欺骗防范 %:% echo %:% ② 威金病毒防范 %:% echo %:% ③ 关闭 默认 共享 %:% echo %:% ④ 清理无用文件 %:% echo %:% ⑤ 更改IE标题 %:% echo %:% ⑥显|隐系统.隐藏文件·夹%:% echo %:% ⑦ 清除-桌面右键多余菜单 %:% echo ─────────────────────────────────── echo 请输入你需要的对应值. echo 按回车=刷新恢复列表 G=列表选择 QQ=俺QQ空间 Q=退出 :whzq1 gpupdate /force>nul set whzq="" set /p whzq= if /i "%whzq%"=="1" goto arpff if /i "%whzq%"=="2" goto wjbdff if /i "%whzq%"=="3" goto gbgx if /i "%whzq%"=="4" goto qlwj if /i "%whzq%"=="5" goto ggie if /i "%whzq%"=="6" goto xywj if /i "%whzq%"=="7" goto qcyj if /i "%whzq%"=="qq" start iexplore if /i "%whzq%"=="q" goto exit if /i "%whzq%"=="g" goto 列表选择 goto whzq ::---------------------① ARP工具与欺骗防范--------------------- :arpff ::使winpacp装不上.让网络执法管等没用 md %windir%\system32\packet.dll >nul 2>nul md %windir%\system32\pthreadVC.dll >nul 2>nul md %windir%\system32\wpcap.dll >nul 2>nul md %windir%\system32\drivers\npf.sys >nul 2>nul md %windir%\system32\npptools.dll >nul 2>nul ::使以上添加的文件本地用户名没权限访问 echo y|cacls.exe %windir%\system32\packet.dll /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\system32\pthreadVC.dll /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\system32\wpcap.dll /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\system32\drivers\npf.sys /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\system32\npptools.dll /d system administrator guest >nul 1>nul echo ---------------------------------------------------------------------- echo 已经添加防范ARP欺骗与网络执法管等工具的文件 goto whzq1 ::---------------------② 威金病毒防范--------------------- :wjbdff md %windir%\Logo1_.exe >nul 2>nul md %windir%\rundl132.exe >nul 2>nul md %windir%\0Sy.exe >nul 2>nul md %windir%\vDll.dll >nul 2>nul md %windir%\1Sy.exe >nul 2>nul md %windir%\2Sy.exe >nul 2>nul md %windir%\rundll32.exe >nul 2>nul md %windir%\3Sy.exe >nul 2>nul md %windir%\5Sy.exe >nul 2>nul md %windir%\1.com >nul 2>nul md %windir%\exerouter.exe >nul 2>nul md %windir%\EXP10RER.com >nul 2>nul md %windir%\finders.com >nul 2>nul md %windir%\Shell.sys >nul 2>nul md %windir%\smss.exe >nul 2>nul echo y|cacls.exe %windir%\Logo1_.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\rundl132.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\0Sy.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\vDll.dll /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\1Sy.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\2Sy.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\rundll32.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\3Sy.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\5Sy.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\1.com /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\exerouter.exe /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\EXP10RER.com /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\finders.com /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\Shell.sys /d system administrator guest >nul 1>nul echo y|cacls.exe %windir%\smss.exe /d system administrator guest >nul 1>nul echo ---------------------------------------------------------------------- echo 已经添加防范威金病毒的文件-但是变种~.exe尚是没办法 goto whzq1 ::---------------------③ 关闭 默认 共享--------------------- :gbgx net share c$ /delete 2>nul net share d$ /delete 2>nul net share e$ /delete 2>nul net share f$ /delete 2>nul net share g$ /delete 2>nul net share h$ /delete 2>nul net share g$ /delete 2>nul net share admin$ /delete 2>nul net share i$ /delete 2>nul echo Windows Registry Editor Version 5.00> c:/delshare.reg REG ADD HKLM\SYSTEM\CurrentControlSet\Control\LSA /v RestrictAnonymous /t REG_DWORD /d 1 /F >nul REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareWks /t REG_DWORD /d 0 /F >nul REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t REG_DWORD /d 0 /F >nul echo ---------------------------------------------------------------------- echo 已经关闭默认共享. goto whzq1 ::---------------------④ 清理无用文件--------------------- :qlwj echo 正在清除系统垃圾文件,请稍等...... del /f /s /q %systemdrive%\*.tmp >nul 2>nul del /f /s /q %systemdrive%\*._mp >nul 2>nul del /f /s /q %systemdrive%\*.log >nul 2>nul del /f /s /q %systemdrive%\*.gid >nul 2>nul del /f /s /q %systemdrive%\*.chk >nul 2>nul del /f /s /q %systemdrive%\*.old >nul 2>nul del /f /s /q %systemdrive%\recycled\*.* >nul 2>nul del /f /s /q %windir%\*.bak >nul 2>nul del /f /s /q %windir%\prefetch\*.* >nul 2>nul rd /s /q %windir%\temp & md %windir%\temp >nul 2>nul del /f /q %userprofile%\cookies\*.* >nul 2>nul del /f /q %userprofile%\recent\*.* >nul 2>nul del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*" >nul 2>nul del /f /s /q "%userprofile%\Local Settings\Temp\*.*" >nul 2>nul del /f /s /q "%userprofile%\recent\*.*" >nul 2>nul echo ---------------------------------------------------------------------- echo 系统垃圾文件已经清理完成. goto whzq1 ::---------------------⑤ 更改IE标题 --------------------- :ggie set yszy="" echo -------------------请输入你需要的IE标题.复制进去也行------------------- echo ------------------- 直接回车=母盘专区 Q=退出 ------------------- set /p yszy= if /i "%yszy%"=="""" (goto whzq) if /i "%yszy%"=="q" (exit) REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "%yszy%" /F >nul echo ---------------------------------------------------------------------- echo IE标题已经更改为 %yszy%. goto whzq1 ::--------------------- ⑥显|隐系统.隐藏文件·夹 -------------------- :xywj set yszy="" echo -------------------输入X显示 输入Y隐藏------------------- echo ------------------- 直接回车与乱输入=母盘专区 Q=退出 ------------------- set /p yszy= if /i "%yszy%"=="""" (goto whzq) if /i "%yszy%"=="x" (set xy=1 &set yszy=显示 &goto xywj1) if /i "%yszy%"=="y" (set xy=0 &set yszy=隐藏 &goto xywj1) if /i "%yszy%"=="q" (exit) goto whzq :xywj1 REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Hidden /t REG_DWORD /d %xy% /F >nul echo ---------------------------------------------------------------------- echo 系统·隐藏.文件.文件夹已经 %yszy%.刷新即可见到状态. goto whzq1 ::---------------------⑦ 清除-桌面右键多余菜单 -------------------- :qcyj regsvr32 /u /s igfxpph.dll >nul 2>nul reg delete HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers /f >nul reg add HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\new /ve /d {D969A300-E7FF-11d0-A93B-00A0C90F2719} >nul echo ---------------------------------------------------------------------- echo 桌面多余右键菜单已清除完成. goto whzq1 |
请发表评论