|
jashonx
初级用户
铂金会员
积分 44
发帖 21
注册 2007-4-15
状态 离线
|
『第
31 楼』:
md autorun.inf
cd autorun.inf
md prn\
md pig..\
cd\
能否告诉我这几句的意思?谢谢!
|
|
 2007-7-1 16:21 |
|
|
sgw888
初级用户
积分 86
发帖 33
注册 2007-6-30
状态 离线
|
『第
32 楼』:
| Quote: | Originally posted by jashonx at 2007-7-1 04:21 PM:
md autorun.inf
cd autorun.inf
md prn\
md pig..\
cd\
能否告诉我这几句的意思?谢谢! |
|
上面几个命令就很简单了.
md autorun.inf 就是创建名为 autorun.inf 的文件夹,
cd autorun.inf 就是进入这个文件夹
md prn\ 就是在autorun.inf文件夹下创建prn 文件夹,因为prn是特殊名称,在DOS下代表打印设备,所以用了个 prn\
md pig..\ 就是创建名为 pig..\的特殊文件夹,要知道文件跟文件夹名是不能用.来命名的,这儿用特殊的方法创建就是防止病毒来删除文件夹,因为 在WIN下不能直接删除 非空文件夹,prn跟 pig..\如果无法删除,那么 autorun.inf就无法删除,文件跟文件夹不能重名,所以病毒不能建立名为 autorun.inf的文件,这样,双击打开U盘就不会自动打开病毒文件了.
|
|
|
2007-7-1 16:45 |
|
|
koala
初级用户
Batchs上議院參議長
积分 199
发帖 105
注册 2007-6-5
来自 江苏
状态 离线
|
『第
33 楼』:
挖掘 流氓软件免疫程序源代码
@Echo Off
color 1f
Title 流氓软件免疫程序 v2.4 飓风制作 QQ:41436270
:start
cls
Set Choice=
Echo.
Echo 流氓软件免疫程序 v2.4 飓风制作 QQ:41436270
Echo --------------------------------------------------------------
Echo.
Echo 本工具从目录权限控制入手,彻底免除各种流氓软件感染,
Echo 比如 3721/雅虎助手/百度/网络猪/DUDU加速器/中文邮/一搜 等。
Echo.
Echo 注意!您的系统分区必须是 NTFS 格式才能生效!
Echo 如果是 FAT32 格式,请运行 1 进行转换!
Echo.
Echo 【说明】
Echo ① 本程序仅支持 Windows 2000/XP/2003。
Echo ② 运行本程序后,上述网络插件将不再可用,也不能手工安装。
Echo ③ 本程序根据深山红叶的系统安全免疫工具包,制作而成。
Echo ④ 为了更好了的免疫流氓软件,请配合upiea一起使用。
Echo ⑤ 使用本工具的免疫功能完全出于您的个人意愿!
Echo.
Echo [1] 系统盘转换为NTFS格式
Echo [2] 流氓软件免疫程序
Echo [3] 清除系统垃圾并退出
Echo [Q] 退出
Echo.
Set /P Choice= 请选择要进行的操作:
If Not '%Choice%'=='' SET Choice=%Choice:~0,1%
If /I '%Choice%'=='1' GOTO ntfs
If /I '%Choice%'=='2' GOTO Main
If /I '%Choice%'=='3' GOTO clear
If /I '%Choice%'=='4' GOTO Readme
If /I '%Choice%'=='q' GOTO end
:ntfs
convert %SystemDrive%/fs:ntfs
Echo 任意键返回……
pause>nul
Goto start
:Main
@Echo Off
Echo 正在帮您免疫流氓软件,请稍等......
md "%SystemDrive%\NetBar"
attrib +s +h "%SystemDrive%\NetBar"
setacl "%SystemDrive%\NetBar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\3721"
attrib +s +h "%ProgramFiles%\3721"
setacl "%ProgramFiles%\3721" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\System32\Drivers\CnsminKP.sys"
md "%SystemRoot%\Downloaded Program Files\CnsMin.dll"
md "%SystemRoot%\Downloaded Program Files\CnsMin.inf"
md "%SystemRoot%\Downloaded Program Files\CnsMin.cab"
md "%SystemRoot%\Downloaded Program Files\cns02.dat"
md "%SystemRoot%\Downloaded Program Files\CnsHook.dll"
md "%SystemRoot%\Downloaded Program Files\CnsInst.dll"
attrib +s +h "%SystemRoot%\Downloaded Program Files\Cns*.*"
attrib +s +h "%SystemRoot%\System32\Drivers\CnsminKP.sys"
setacl "%SystemRoot%\System32\Drivers\CnsminKP.sys" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\CnsMin.dll" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\CnsMin.inf" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\CnsMin.cab" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\cns02.dat" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\CnsHook.dll" /dir /deny everyone /full /p:no_dont_copy
setacl "%SystemRoot%\Downloaded Program Files\CnsInst.dll" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\360so"
attrib +s +h "%ProgramFiles%\360so"
setacl "%ProgramFiles%\360so" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Accoona"
attrib +s +h "%ProgramFiles%\Accoona"
setacl "%ProgramFiles%\Accoona" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\AD4All"
attrib +s +h "%ProgramFiles%\AD4All"
setacl "%ProgramFiles%\AD4All" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Baidu"
attrib +s +h "%ProgramFiles%\Baidu"
setacl "%ProgramFiles%\Baidu" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\Baidu"
attrib +s +h "%ProgramFiles%\Common Files\Baidu"
setacl "%ProgramFiles%\Common Files\Baidu" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Downloaded Program Files\BDSrHook.dll"
attrib +s +h "%SystemRoot%\Downloaded Program Files\BDSrHook.dll"
setacl "%SystemRoot%\Downloaded Program Files\BDSrHook.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Downloaded Program Files\BDHelper.dll"
attrib +s +h "%SystemRoot%\Downloaded Program Files\BDHelper.dll"
setacl "%SystemRoot%\Downloaded Program Files\BDHelper.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Downloaded Program Files\BDPlugin.dll"
attrib +s +h "%SystemRoot%\Downloaded Program Files\BDPlugin.dll"
setacl "%SystemRoot%\Downloaded Program Files\BDPlugin.dll" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\baigoo"
attrib +s +h "%ProgramFiles%\baigoo"
setacl "%ProgramFiles%\baigoo" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\CNet"
attrib +s +h "%ProgramFiles%\CNet"
setacl "%ProgramFiles%\CNet" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\CNNIC"
attrib +s +h "%ProgramFiles%\CNNIC"
setacl "%ProgramFiles%\CNNIC" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\CoolWebsite"
attrib +s +h "%ProgramFiles%\CoolWebsite"
setacl "%ProgramFiles%\CoolWebsite" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\CaiShow Tech"
attrib +s +h "%ProgramFiles%\CaiShow Tech"
setacl "%ProgramFiles%\CaiShow Tech" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Dudu"
attrib +s +h "%ProgramFiles%\Dudu"
setacl "%ProgramFiles%\Dudu" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\DeskAdTop"
attrib +s +h "%ProgramFiles%\DeskAdTop"
setacl "%ProgramFiles%\DeskAdTop" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Desktop Media"
attrib +s +h "%ProgramFiles%\Desktop Media"
setacl "%ProgramFiles%\Desktop Media" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\eBay"
attrib +s +h "%ProgramFiles%\eBay"
setacl "%ProgramFiles%\eBay" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\EbayShop"
attrib +s +h "%ProgramFiles%\EbayShop"
setacl "%ProgramFiles%\EbayShop" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\EbayTools"
attrib +s +h "%ProgramFiles%\EbayTools"
setacl "%ProgramFiles%\EbayTools" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Google"
attrib +s +h "%ProgramFiles%\Google"
setacl "%ProgramFiles%\Google" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\HBClient"
attrib +s +h "%ProgramFiles%\HBClient"
setacl "%ProgramFiles%\HBClient" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\HBHDP"
attrib +s +h "%ProgramFiles%\HBHDP"
setacl "%ProgramFiles%\HBHDP" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\HuaCi"
attrib +s +h "%ProgramFiles%\HuaCi"
setacl "%ProgramFiles%\HuaCi" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\henbang"
attrib +s +h "%ProgramFiles%\henbang"
setacl "%ProgramFiles%\henbang" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\System32\henbang.exe"
attrib +s +h "%SystemRoot%\System32\henbang.exe"
setacl "%SystemRoot%\System32\henbang.exe" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\IE-BAR"
attrib +s +h "%ProgramFiles%\IE-BAR"
setacl "%ProgramFiles%\IE-BAR" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Infofo Bar"
attrib +s +h "%ProgramFiles%\Infofo Bar"
setacl "%ProgramFiles%\Infofo Bar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Kuaiso Toolsbar"
attrib +s +h "%ProgramFiles%\Kuaiso Toolsbar"
setacl "%ProgramFiles%\Kuaiso Toolsbar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\LetsCool"
attrib +s +h "%ProgramFiles%\LetsCool"
setacl "%ProgramFiles%\LetsCool" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Netease"
attrib +s +h "%ProgramFiles%\Netease"
setacl "%ProgramFiles%\Netease" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Mop"
attrib +s +h "%ProgramFiles%\Mop"
setacl "%ProgramFiles%\Mop" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\MySec"
attrib +s +h "%ProgramFiles%\MySec"
setacl "%ProgramFiles%\MySec" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\MMSAssist"
attrib +s +h "%ProgramFiles%\MMSAssist"
setacl "%ProgramFiles%\MMSAssist" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\p4p"
attrib +s +h "%ProgramFiles%\p4p"
setacl "%ProgramFiles%\p4p" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\pcast"
attrib +s +h "%ProgramFiles%\pcast"
setacl "%ProgramFiles%\pcast" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\qqhelper"
attrib +s +h "%ProgramFiles%\qqhelper"
setacl "%ProgramFiles%\qqhelper" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Qyule"
attrib +s +h "%ProgramFiles%\Qyule"
setacl "%ProgramFiles%\Qyule" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Sandai"
attrib +s +h "%ProgramFiles%\Sandai"
setacl "%ProgramFiles%\Sandai" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\ScanToolbar"
attrib +s +h "%ProgramFiles%\ScanToolbar"
setacl "%ProgramFiles%\ScanToolbar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\searchnet"
attrib +s +h "%ProgramFiles%\searchnet"
setacl "%ProgramFiles%\searchnet" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\servehost.exe"
attrib +s +h "%SystemRoot%\system32\servehost.exe"
setacl "%SystemRoot%\system32\servehost.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\Drivers\FAD.sys"
attrib +s +h "%SystemRoot%\system32\Drivers\FAD.sys"
setacl "%SystemRoot%\system32\Drivers\FAD.sys" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\Drivers\Anfad.sys"
attrib +s +h "%SystemRoot%\system32\Drivers\Anfad.sys"
setacl "%SystemRoot%\system32\Drivers\Anfad.sys" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\Drivers\hProcess.sys"
attrib +s +h "%SystemRoot%\system32\Drivers\hProcess.sys"
setacl "%SystemRoot%\system32\Drivers\hProcess.sys" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\TENCENT\AdPlus"
attrib +s +h "%ProgramFiles%\TENCENT\AdPlus"
setacl "%ProgramFiles%\TENCENT\AdPlus" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\VIKA"
attrib +s +h "%ProgramFiles%\VIKA"
setacl "%ProgramFiles%\VIKA" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\VVSN"
attrib +s +h "%ProgramFiles%\VVSN"
setacl "%ProgramFiles%\VVSN" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\VisionNet"
attrib +s +h "%ProgramFiles%\VisionNet"
setacl "%ProgramFiles%\VisionNet" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Yahoo!"
attrib +s +h "%ProgramFiles%\Yahoo!"
setacl "%ProgramFiles%\Yahoo!" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\System32\cns.dll"
attrib +s +h "%SystemRoot%\System32\cns.dll"
setacl "%SystemRoot%\System32\cns.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\System32\cns.exe"
attrib +s +h "%SystemRoot%\System32\cns.exe"
setacl "%SystemRoot%\System32\cns.exe" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\yisou"
attrib +s +h "%ProgramFiles%\yisou"
setacl "%ProgramFiles%\yisou" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\1Sou"
attrib +s +h "%ProgramFiles%\1Sou"
setacl "%ProgramFiles%\1Sou" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\yulexk"
attrib +s +h "%ProgramFiles%\yulexk"
setacl "%ProgramFiles%\yulexk" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\YOK.com"
attrib +s +h "%ProgramFiles%\YOK.com"
setacl "%ProgramFiles%\YOK.com" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Yayad"
attrib +s +h "%ProgramFiles%\Yayad"
setacl "%ProgramFiles%\Yayad" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\wsearch"
attrib +s +h "%ProgramFiles%\wsearch"
setacl "%ProgramFiles%\wsearch" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\wint"
attrib +s +h "%ProgramFiles%\wint"
setacl "%ProgramFiles%\wint" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\xBar"
attrib +s +h "%ProgramFiles%\xBar"
setacl "%ProgramFiles%\xBar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\xm"
attrib +s +h "%ProgramFiles%\xm"
setacl "%ProgramFiles%\xm" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\zcom"
attrib +s +h "%ProgramFiles%\zcom"
setacl "%ProgramFiles%\zcom" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\网络猪"
attrib +s +h "%ProgramFiles%\网络猪"
setacl "%ProgramFiles%\网络猪" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\COMM"
attrib +s +h "%ProgramFiles%\Common Files\COMM"
setacl "%ProgramFiles%\Common Files\COMM" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\SAND"
attrib +s +h "%ProgramFiles%\Common Files\SAND"
setacl "%ProgramFiles%\Common Files\SAND" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\qcssbl9.exe"
attrib +s +h "%SystemRoot%\system32\qcssbl9.exe"
setacl "%SystemRoot%\system32\qcssbl9.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\bsd.exe"
attrib +s +h "%SystemRoot%\system32\bsd.exe"
setacl "%SystemRoot%\system32\bsd.exe" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\UPDAT"
attrib +s +h "%ProgramFiles%\Common Files\UPDAT"
setacl "%ProgramFiles%\Common Files\UPDAT" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\UPDATE"
attrib +s +h "%ProgramFiles%\Common Files\UPDATE"
setacl "%ProgramFiles%\Common Files\UPDATE" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\Wnwb"
attrib +s +h "%ProgramFiles%\Common Files\Wnwb"
setacl "%ProgramFiles%\Common Files\Wnwb" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\Real\GToolbar"
attrib +s +h "%ProgramFiles%\Common Files\Real\GToolbar"
setacl "%ProgramFiles%\Common Files\Real\GToolbar" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\Real\CNNIC"
attrib +s +h "%ProgramFiles%\Common Files\Real\CNNIC"
setacl "%ProgramFiles%\Common Files\Real\CNNIC" /dir /deny everyone /full /p:no_dont_copy
md "%ProgramFiles%\Common Files\Real\Update_OB\realsched.exe"
setacl "%ProgramFiles%\Common Files\Real\Update_OB\realsched.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Downloaded Installations"
setacl "%SystemRoot%\Downloaded Installations" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\WORLD2"
attrib +s +h "%SystemRoot%\WORLD2"
setacl "%SystemRoot%\WORLD2" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\HTML"
attrib +s +h "%SystemRoot%\HTML"
setacl "%SystemRoot%\HTML" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Logo1_.exe"
attrib +s +h "%SystemRoot%\Logo1_.exe"
setacl "%SystemRoot%\Logo1_.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\vDll.dll"
attrib +s +h "%SystemRoot%\vDll.dll"
setacl "%SystemRoot%\vDll.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\0Sy.exe"
attrib +s +h "%SystemRoot%\0Sy.exe"
setacl "%SystemRoot%\0Sy.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\1Sy.exe"
attrib +s +h "%SystemRoot%\1Sy.exe"
setacl "%SystemRoot%\1Sy.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\2Sy.exe"
attrib +s +h "%SystemRoot%\2Sy.exe"
setacl "%SystemRoot%\2Sy.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\3Sy.exe"
attrib +s +h "%SystemRoot%\3Sy.exe"
setacl "%SystemRoot%\3Sy.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\5Sy.exe"
attrib +s +h "%SystemRoot%\5Sy.exe"
setacl "%SystemRoot%\5Sy.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\rundll32.exe"
attrib +s +h "%SystemRoot%\rundll32.exe"
setacl "%SystemRoot%\rundll32.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\rundl132.exe"
attrib +s +h "%SystemRoot%\rundl132.exe"
setacl "%SystemRoot%\rundl132.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\exerouter.exe"
attrib +s +h "%SystemRoot%\exerouter.exe"
setacl "%SystemRoot%\exerouter.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\EXP10RER.com"
attrib +s +h "%SystemRoot%\EXP10RER.com"
setacl "%SystemRoot%\EXP10RER.com" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\finders.com"
attrib +s +h "%SystemRoot%\finders.com"
setacl "%SystemRoot%\finders.com" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Shell.sys"
attrib +s +h "%SystemRoot%\Shell.sys"
setacl "%SystemRoot%\Shell.sys" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\smss.exe"
attrib +s +h "%SystemRoot%\smss.exe"
setacl "%SystemRoot%\smss.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\1.com"
attrib +s +h "%SystemRoot%\1.com"
setacl "%SystemRoot%\1.com" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\impai.exe"
attrib +s +h "%SystemRoot%\system32\impai.exe"
setacl "%SystemRoot%\system32\impai.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\NIW.exe"
attrib +s +h "%SystemRoot%\NIW.exe"
setacl "%SystemRoot%\NIW.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\bcup.exe"
attrib +s +h "%SystemRoot%\system32\bcup.exe"
setacl "%SystemRoot%\system32\bcup.exe" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\BoCaiToolBar.dll"
attrib +s +h "%SystemRoot%\system32\BoCaiToolBar.dll"
setacl "%SystemRoot%\system32\BoCaiToolBar.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\cacb.dll"
attrib +s +h "%SystemRoot%\system32\cacb.dll"
setacl "%SystemRoot%\system32\cacb.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\wint"
attrib +s +h "%SystemRoot%\system32\wint"
setacl "%SystemRoot%\system32\wint" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\IEHelper.dll"
attrib +s +h "%SystemRoot%\system32\IEHelper.dll"
setacl "%SystemRoot%\system32\IEHelper.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\WinDefendor.dll"
attrib +s +h "%SystemRoot%\system32\WinDefendor.dll"
setacl "%SystemRoot%\system32\WinDefendor.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\MSIPCSV.EXE"
attrib +s +h "%SystemRoot%\system32\MSIPCSV.EXE"
setacl "%SystemRoot%\system32\MSIPCSV.EXE" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\cd_clint.dll"
attrib +s +h "%SystemRoot%\system32\cd_clint.dll"
setacl "%SystemRoot%\system32\cd_clint.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\spoolsv"
attrib +s +h "%SystemRoot%\system32\spoolsv"
setacl "%SystemRoot%\system32\spoolsv" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\system32\wmpdrm.dll"
attrib +s +h "%SystemRoot%\system32\wmpdrm.dll"
setacl "%SystemRoot%\system32\wmpdrm.dll" /dir /deny everyone /full /p:no_dont_copy
md "%SystemRoot%\Downloaded Program Files\DDTINIT.DLL"
attrib +s +h "%SystemRoot%\Downloaded Program Files\DDTINIT.DLL"
setacl "%SystemRoot%\Downloaded Program Files\DDTINIT.DLL" /dir /deny everyone /full /p:no_dont_copy
cls
Echo.
Echo 3721/雅虎助手/百度/网络猪/DUDU加速器/CNNIC/一搜/等流氓软件免疫完毕!
Echo 任意键返回……
pause>nul
Goto start
:clear
@Echo Off
Echo 正在帮您清除系统垃圾文件,请稍等......
Del /f /s /q %systemdrive%\*.tmp
Del /f /s /q %systemdrive%\*._mp
Del /f /s /q %systemdrive%\*.log
Del /f /s /q %systemdrive%\*.gid
Del /f /s /q %systemdrive%\*.chk
Del /f /s /q %systemdrive%\*.old
Del /f /s /q %systemdrive%\recycled\*.*
Del /f /s /q %windir%\*.bak
Del /f /s /q %windir%\prefetch\*.*
rd /s /q %windir%\temp & md %windir%\temp
Del /f /q %userprofile%\cookies\*.*
Del /f /q %userprofile%\recent\*.*
Del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
Del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
Del /f /s /q "%userprofile%\recent\*.*"
Exit
:End
Rem Clear
Del /f /s /q %TEMP%\*.bat
Exit
|
『生如夏花之绚烂
死若秋叶之静美』 dos做到了 |
|
|
2007-7-3 19:23 |
|
|
koala
初级用户
Batchs上議院參議長
积分 199
发帖 105
注册 2007-6-5
来自 江苏
状态 离线
|
『第
34 楼』:
发个自己的脚本
@echo off
setlocal
:environment
rem 本脚本中将会用到的环境变量申明
rem 以下可能有的变量申明是多余的,但因各个PC的环境变量有所不同
rem 为了减少脚本运行时的出错机率,所以鄙人认为以下申明是必要的
rem 例如:鄙人喜欢捣鼓系统,把"命令提示符"下的path环境变量变成了
rem path=c\windows\system32;每次从"命令提示符"运行部分命令时都提示
rem 出错,难道要每次运行带有path环境变量设置的脚本启动"命令提示符"
rem 吗? 这个问题至今尚未解决,如果阁下有什么办法帮我解决.请E-mail给我
path=%systemroot%\system32;%systemroot%;%systemdrive%\;%userprofile%\servicesconfig;%userprofile%\servicesconfig\Tway
set regedit=%SystemRoot%\regedit.exe
set find=%SystemRoot%\System32\find.exe
set process=%userprofile%\servicesconfig\process.exe
set regsvr32=%systemroot%\system32\regsvr32.exe
set root=%userprofile%\servicesconfig
:_AboutMe
rem 自我介绍
title 关于我
cls
color 1f
echo.
echo.
echo. 此VB简历是鄙人尚未接触任何正式指导
echo. 情况下,凭借中学时候每次上机房前学习的
echo. 记忆随手写作的一个文件,意在摆脱以往脚
echo. 本的单调性.
echo.
echo.
echo. 仅供增强脚本界面的多彩性
echo.
echo. !!!进入下一步请直接点击左边自我介绍
echo. !!!对话框的"X"
echo.
koala的个人简历.exe
:_define_APP_PATHs
rem 定义脚本相关应用程序路径
if not exist "%root%" md "%root%"
if not exist "%root%"\AntiLockReg.exe copy /y AntiLockReg.exe "%root%"
if not exist "%root%"\koala的个人简历.exe copy /y koala的个人简历.exe "%root%"
if not exist "%root%"\process.exe copy /y process.exe "%root%"
if not exist "%root%"\psexec.exe copy /y psexec.exe "%root%"
if not exist "%root%"\pslist.exe copy /y pslist.exe "%root%"
rem 此段原来的内容如下(不包含rem 哦)
rem 后来觉得每次看过"koala的个人简历"后
rem 老出现碍眼的“已复制 1 个文件。”
rem 于是改成以上形式。
rem if not exist "%root%" md "%root%"
rem copy /y koala的个人简历.exe "%root%"
rem copy /y 屏蔽.reg "%root%"
rem copy /y 启动提速.reg "%root%"
rem copy /y IE受篡改的恢复.reg "%root%"
rem copy /y process.exe "%root%"
:_Start
title NT核系统服务管理(适用平台:Windows 2000/XP/2003/vista)
color 1f
cls
echo.
echo.
echo ______________________________________________________________________________
echo.
echo 简述
echo.
echo.
echo. 系统没玩多久却发现速度始终不太好,启动时太慢了,比猫还懒 =。=
echo 受不了了,于是决定为系统减减肥.找来优化软件,速度可以了,
echo 但是却很激动地发现我写了N久的文章却 "木"有列,着急啊!?...
echo.
echo 我的数据丢失了倒无所谓,要是你写给MM的情书也给弄丢了...
echo 嘿嘿,m _ m 抱猫哭也没有用了.
echo.
echo.
echo 作者: koala
echo QQ:13019940
echo ______________________________________________________________________________
set select =
set /p select= 请按"回车键"继续....
if "%select%" == "" goto :_go
:_go
cls
echo.
echo.
echo ______________________________________________________________________________
echo.
echo koala提醒您
echo.
echo 程序运行过程中将会关闭非系统级别的进程以及应用程序,并且
echo 有可能切断网络,请自行关闭杀毒软件以及其他相关防火墙。
echo 请将您的贵重数据转移(或复制)到U盘或移动硬盘等移动存储设
echo 备中以实现安全有效的备份。
echo.
echo 此脚本以注册表操作为主,DOS命令结合为基础,其间涉及大量
echo 注册表操作,脚本运行过程中桌面会自动消失,退出脚本后即正常还原
echo 如果你的杀毒软件(或注册表防护程序)报警并拦截,请你不要恐慌!!!
echo 请将规则设为许可!!!!!
echo.
echo 好了,罗嗦了这些。现在开始,您需要关闭您的杀毒软件。
rem
rem 注意: 脚本运行过程中会自行关闭以下相关非系统必要的进程以及程序!
rem
rem 系统应用类:
rem
rem 输入法(internat.exe和ctfmon.exe)、任务管理器(taskmgr.exe)
rem 资源管理器(Explorer.exe)、计划任务(mstask.exe/mstask)
rem 记事本(notepad.exe)、DirectX诊断应用进程(ddhelp.exe)
rem Windows壳进程(kernel32.dll/kernel32)、控制台(mmc.exe)
rem
rem 网络类:
rem
rem 自动升级(wuauserv.exe)、应用层网关服务(alg.exe)、远程注册表(regsvc.exe)、腾讯QQ办公模式(ttmplatform.exe)
rem IIS调试除错进程(inetinfo.exe)、简单网络协议代理(snmp.exe) 、MyIE浏览器(myie.exe或myie)
rem 输入法管理(conime.exe)、RealPlayer升级程序(realsched.exe)、wdfmgr.exe等相关进程...
rem
rem 应用程序:
rem
rem Office 脚本调试除错进程(mdm.exe)、Windows信使(msgsrv.exe) 、Visual Basic6编程(vb6.exe)
rem 打印机任务控制程序(spool32.exe/spool32)、打印机内存管理(spoolsv.exe)
rem 扫描仪和数码相机应用服务(stisvc.exe) Windows任务优化器(taskmon.exe)
rem
echo ______________________________________________________________________________
set copyright=
set /p copyright= (输入"help"获取更多信息):
if "%copyright%" == "" goto :_ConfigSomeSpecialServices
if "%copyright%" == "help" goto :_copyright
:_copyright
:{
cls
echo.
echo.
echo.
echo ______________________________________________________________________________
echo.
echo 版权所有 (C) koala May 14 2007
echo.
echo 测试平台 : Windows XP Pro SP2
echo Windows Vista
echo.
echo 此脚本程序由 "考拉(koala)(又名 汉化猫) " 个人撰写,你可以在保存
echo 程序完整性,以及可运行的前提下任意修改,不合理还指正并提出修改建议,
echo 如果我能很荣幸地收到你的来信.
echo (看koala写的东东,需要以西方的逻辑习惯来理解哦! * _ *)
echo.
echo da2qia1ku5@126.com
echo ______________________________________________________________________________
set EXITcopyright =
set /p EXITcopyright= 请按"回车键"继续(可在此处输入" quit" 退出)....
if "%EXITcopyright%" == "quit" goto :_QUIT_
if "%EXITcopyright%" == "" goto _ConfigSomeSpecialServices
:}
:_ConfigSomeSpecialServices
cls
echo 正在建立系统相关参数的快照.请稍等...
"%regedit%" /e "%root%\ServicesSet.reg.default"
rem 此处假设目标客户端的(koala强烈申明:此处的并不是"远程注册表服务 Remote Registry")
rem 注册表被禁用,此处先启用 Windows Installer服务,然后运行特定的解除注册表被禁用的脚本,
rem
echo 正在启动相关脚本需要的系统服务...
sc config MSIServer start= AUTO
net start MSIServer
cls
echo.
echo finished! please wait for a while...
AntiLockReg.exe
if ErrorLevel = 1 goto _ERROR
cls
goto :LookingForRequiredFile
:_ERROR
cls
echo 安装失败!请以手动打开此项系统服务
echo 方法: "开始" - "运行" 输入 services.msc
echo 下拉滚动条定位到Windows Installer 右击"属性" - "启动"
echo ------------------------------------------------------
echo 配置成功后请按回车键继续...
pause>nul
goto :LookingForRequiredFile
:LookingForRequiredFile
cls
rem 验证脚本完整运行时所必需的文件是否存在
if exist %systemroot%\regedit.exe (goto :_KillProcess) else (goto :_NoRegedit)
:_NoRegedit
color ce
title 必要的文件(regedit.exe)已丢失
cls
echo 系统目录中的%systemroot%\regedit.exe文件已经丢失,
echo 请从其他机器中另行拷贝一份到你的系统中。
pause
cls
echo.
echo 晕!!!不太可能吧!!!你平时都用什么操作注册表的啊
echo 难道和我一样用 一大堆命令行吗!
echo 我暂且还没有发现一款命令行工具能替代regedit的
echo 不过我为准备了一份regedit.exe(koala特别版)免得你
echo 你还要从其他MM(或GG)的电脑上拷一份的麻烦!
echo.
echo 如果出现文件保护请先点"取消"再点"是"
pause
copy /y regedit.exe "%systemroot%"
cls
goto :_LookingForRequiredFile
:_KillProcess
:{
echo.
title 关闭脚本不需要的进程
echo.
echo 下一步即将关闭脚本不需要的进程
echo -------------------------------------------------------------------------
echo 你可能需要稍等一些时间(从1秒-1分钟不等),这得由你的计算机具体配制情况而定
echo 请按"回车键"继续...
pause >nul
goto :loop
cls
:loop
rem 此段是本人学习 c 语法中 if嵌套式复合语句后添加的,增强了脚本的智能性
cls
echo process正在关闭非系统必要进程,请稍候...
"%process%" > "%temp%\processlist.txt"
type "%temp%"\processlist.txt|"%find%" /i "WinRAR.exe" >NUl
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "notepad.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "regedit.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "conime.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "internat.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "ctfmon.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "taskmgr.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "explorer.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "mstask.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "mstask" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "ddhelp.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "kernel32.dll" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "kernel32" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "mmc" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "alg.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "regsvc.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "inetinfo.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "snmp.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "mdm.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "msgsrv.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "spool32.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "spool32" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "spoolsv.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "stisvc.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "taskmgr.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "ttmplatform.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "myie.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "myie" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "realsched.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "wdfmgr.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "wuauserv.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "vb6.exe" >NUL
if errorlevel==1 (
type "%temp%"\processlist.txt|"%find%" /i "taskmon.exe" >NUL
if errorlevel==1 (
echo.
echo 进程终止完毕!
goto :continue
)
"%process%" -k taskmon.exe
goto :loop
)
"%process%" -k vb6.exe
goto :loop
)
"%process%" -k wuauserv.exe
goto :loop
)
"%process%" -k wdfmgr.exe
goto :loop
)
"%process%" -k realsched.exe
goto :loop
)
"%process%" -k myie
goto :loop
)
"%process%" -k myie.exe
goto :loop
)
"%process%" -k ttmplatform.exe
goto :loop
)
"%process%" -k taskmgr.exe
goto :loop
)
"%process%" -k stisvc.exe
goto :loop
)
"%process%" -k spoolsv.exe
goto :loop
)
"%process%" -k spool32
goto :loop
)
"%process%" -k spool32.exe
goto :loop
)
"%process%" -k msgsrv.exe
goto :loop
)
"%process%" -k mdm.exe
goto :loop
)
"%process%" -k snmp.exe
goto :loop
)
"%process%" -k inetinfo.exe
goto :loop
)
"%process%" -k regsvc.exe
goto :loop
)
"%process%" -k alg.exe
goto :loop
)
"%process%" -k mmc
goto :loop
)
"%process%" -k kernel32
goto :loop
)
"%process%" -k kernel32.dll
goto :loop
)
"%process%" -k ddhelp.exe
goto :loop
)
"%process%" -k mstask
goto :loop
)
"%process%" -k mstask.exe
goto :loop
)
"%process%" -k explorer.exe
goto :loop
)
"%process%" -k taskmgr.exe
goto :loop
)
"%process%" -k ctfmon.exe
goto :loop
)
"%process%" -k internat.exe
goto :loop
)
"%process%" -k conime.exe
goto :loop
)
"%process%" -k regedit.exe
goto :loop
)
"%process%" -k notepad.exe
goto :loop
)
"%process%" -k WinRAR.exe
goto :loop
:continue
if exist "%temp%\processlist.txt" del /q "%temp%\processlist.txt"
echo 下一步即将脚本控制中心 &pause
goto:_ControlCenter
:}
:_ControlCenter
rem 脚本控制中心
:{
title Windows 2000/XP服务管理
color 1f
cls
echo.
echo =================================================================
echo ======================== 程序控制台 =======================
echo =================================================================
echo 1. ...系统备份(还原请输入11)
echo 2. ...系统垃圾清理
echo 3. ...运行痕迹清理
echo 4. ...系统服务优化
echo 5. ...系统启动提速
echo 6. ...系统安全设置(涉及注册表操作太多,开发ing... ~.~)
echo 7. ...命令提示符
echo 8. ...返回脚本启动界面
echo 9. ...返回桌面
echo 10. ...系统优化
echo 12. ...流氓软件劫持恢复
echo 13. ...磁盘整理
echo 14. ...恶意进程终止
echo 15. ...系统环境变量查询
echo 16. ...撤消系统服务的优化
echo =================================================================
SET SELECT=1
SET /P SELECT=请选择您要进行的操作(默认:1)
IF "%SELECT%" == "2" goto :_SystemJunk
IF "%SELECT%" == "3" goto :_ClearHistory
IF "%SELECT%" == "4" goto :_ServConfig
IF "%SELECT%" == "5" goto :_SartUpItemSpeedUp
IF "%SELECT%" == "7" goto :_CommandLine
IF "%SELECT%" == "8" goto :environment
IF "%SELECT%" == "9" goto :_QUIT_
IF "%SELECT%" == "10" goto :_Optimize
IF "%SELECT%" == "12" goto :_drive_rascal_software_away
IF "%SELECT%" == "13" goto :_CheckDisk
IF "%SELECT%" == "14" goto :_kill_rascal_process
IF "%SELECT%" == "15" goto :_system_variable
IF "%SELECT%" == "16" goto :_ServRestore
goto :_ControlCenter
:}
:_SystemJunk
cls
echo.
echo 正在对系统垃圾文件分析,请稍等...
echo.
title 系统垃圾清理 --此项旨在清理多余的系统备份以及运行过程中产生的垃圾。
rem
if exist %systemdrive%\*.tmp attrib -h -s -r -a %systemdrive%\*.tmp &del /f /s /q %systemdrive%\*.tmp
rem
if exist %systemdrive%\*._mp attrib -h -s -r -a %systemdrive%\*._mp &del /f /s /q %systemdrive%\*._mp
rem
if exist %systemdrive%\*.log attrib -h -s -r -a %systemdrive%\*.log &del /f /s /q %systemdrive%\*.log
rem
if exist %systemdrive%\*.gid attrib -h -s -r -a %systemdrive%\*.gid &del /f /s /q %systemdrive%\*.gid
rem
if exist %systemdrive%\*.chk attrib -h -s -r -a %systemdrive%\*.chk &del /f /s /q %systemdrive%\*.chk
rem
if exist %systemdrive%\*.old attrib -h -s -r -a %systemdrive%\*.old &del /f /s /q %systemdrive%\*.old
rem
if exist %systemdrive%\recycled\*.* attrib -h -s -r -a %systemdrive%\recycled\*.* &del /f /s /q %systemdrive%\recycled\*.*
rem
if exist %windir%\prefetch\*.* attrib -h -s -r -a %windir%\prefetch\*.* &del /f /s /q %windir%\prefetch\*.*
rem
if exist %systemroot%\$hf_mig$\*.* attrib -h -s -r -a %systemroot%\$hf_mig$\*.* &del /f /s /q %systemroot%\$hf_mig$\*.*
rem
if exist %systemroot%\*.log attrib -h -s -r -a %systemroot%\*.log &del /f /s /q %systemroot%\*.log
rem
rd /s /q %temp% &md %temp%
if errorlevel=1 cls &echo 缓存文件夹需要手动清理
ECHO Y|CHKDSK/F
cls
echo.
echo 系统垃圾已清理完毕! 请按回车键返回...
echo.
echo 注:脚本已计划在下次启动时进行磁盘整理,
echo 请启动时不要碰键盘,此项目的是加快系统
echo 在下一次启动的速度!
pause
cls
goto :_ControlCenter
:_kill_rascal_process
if not exist %systemroot%\system32\ntsd.exe copy /y ntsd.exe %systemroot%\system32
if not exist %systemroot%\system32\ntsdexts.dll copy /y ntsdexts.dll %systemroot%\system32 ®svr32 /s ntsdexts.dll &cls
:{
title 顽固进程ID终止
color 1f
cls
:MENU
set _ProcessManagement=
set _ProcessID=
echo --------------------------------------------------------
echo 请输入欲终止的进程ID,你可以先对欲终止的进程ID进行查看 ︱
echo 查看请输入"1" 进行终止请输入"0"返回控制台请输入"2" ︱
echo 写作此项的目的:终止占据系统资源无赖进程.个人觉得超实用 ︱
echo --------------------------------------------------------
echo 1. 查看系统进程
echo 2. 返回控制台
echo 3. 终止特定Pid进程
echo 0. 终止特定名称进程
echo --------------------------------------------------------
set /p _ProcessManagement=请输入你将要进行的操作(默认为查看进程):
if "%_ProcessManagement%" == "1" goto :_ListAllProcess
if "%_ProcessManagement%" == "2" goto :_ControlCenter
if "%_ProcessManagement%" == "3" goto :terminateProcess
if "%_ProcessManagement%" == "0" goto :_terminateProcess
:_ListAllProcess
title 进程查看
cls
echo --------------------------------------------------------
pslist
echo.
echo.
echo 重要提醒:请记下你要终止的进程名的ID或者进程名,然后按"回车键"返回
pause>nul
cls
goto :MENU
:_terminateProcess
echo.
title 顽固进程终止
echo.
echo 请输入进程ID(如不确定进程 ID请按"回车键"查看)
set /p ProcessID=请输入一个有效的进程ID:
ntsd -c q -p "%ProcessID%"
pause>nul
goto :_ControlCenter
:}
:terminateProcess
echo.
title 顽固进程终止
echo.
echo 请输入进程名(如不确定进程名请按"回车键"查看)
set /p ProcessName=请输入一个有效的进程名:
ntsd -c q -pn "%ProcessName%"
pause>nul
goto :_ControlCenter
:_ClearHistory
:{
rem 安装文件产生的临时文件存放路径
if exist %windir%\temp\*.* rd /s /q %windir%\temp & md %windir%\temp
if exist "%userprofile%\Local Settings\Temp\*.*" del /f /s /q "%userprofile%\Local Settings\Temp\*.*"
rem 上网登陆邮箱,论坛等自动提交的数据
if exist %userprofile%\cookies\*.* del /f /q %userprofile%\cookies\*.*
rem 本地计算机最近打开的文件记录
if exist "%userprofile%\recent\*.*" del /f /q /s "%userprofile%\Recent\*.*"
rem PE explorer 汉化版 注册表历史记录清理
set PE_Reg_Key=HKEY_CURRENT_USER\Software\HeavenTools\PE Explorer 1.0\参数
reg delete "%PE_Reg_Key%" /v FILE0 /f
reg delete "%PE_Reg_Key%" /v FILE1 /f
reg delete "%PE_Reg_Key%" /v FILE2 /f
reg delete "%PE_Reg_Key%" /v FILE3 /f
reg delete "%PE_Reg_Key%" /v FILE4 /f
reg delete "%PE_Reg_Key%" /v FILE5 /f
reg delete "%PE_Reg_Key%" /v FILE6 /f
reg delete "%PE_Reg_Key%" /v FILE7 /f
reg delete "%PE_Reg_Key%" /v FILE8 /f
reg delete "%PE_Reg_Key%" /v FILE9 /f
reg delete "%PE_Reg_Key%" /v FILE10 /f
reg delete "%PE_Reg_Key%" /v FILE11 /f
reg delete "%PE_Reg_Key%" /v FILE12 /f
reg delete "%PE_Reg_Key%" /v FILE13 /f
reg delete "%PE_Reg_Key%" /v FILE14 /f
reg delete "%PE_Reg_Key%" /v FILE15 /f
reg delete "%PE_Reg_Key%" /v FILE16 /f
reg delete "%PE_Reg_Key%" /v FILE17 /f
reg delete "%PE_Reg_Key%" /v FILE18 /f
reg delete "%PE_Reg_Key%" /v FILE19 /f
reg delete "%PE_Reg_Key%" /v FILE20 /f
rem reg delete "%PE_Reg_Key%" /v Last Src0 /f
rem reg delete "%PE_Reg_Key%" /v Last Src1 /f
rem reg delete "%PE_Reg_Key%" /v Last Src2 /f
rem reg delete "%PE_Reg_Key%" /v Last Src3 /f
rem reg delete "%PE_Reg_Key%" /v Last Src4 /f
rem reg delete "%PE_Reg_Key%" /v Last Src5 /f
rem reg delete "%PE_Reg_Key%" /v Last Src6 /f
rem reg delete "%PE_Reg_Key%" /v Last Src7 /f
rem reg delete "%PE_Reg_Key%" /v Last Src8 /f
rem reg delete "%PE_Reg_Key%" /v Last Src9 /f
rem reg delete "%PE_Reg_Key%" /v Last Src10 /f
rem reg delete "%PE_Reg_Key%" /v FLast Src11 /f
rem reg delete "%PE_Reg_Key%" /v Last Src12 /f
rem reg delete "%PE_Reg_Key%" /v Last Src13 /f
rem reg delete "%PE_Reg_Key%" /v FLast Src14 /f
rem reg delete "%PE_Reg_Key%" /v Last Src15 /f
rem reg delete "%PE_Reg_Key%" /v FLast Src16 /f
rem reg delete "%PE_Reg_Key%" /v Last Src17 /f
rem reg delete "%PE_Reg_Key%" /v Last Src18 /f
rem reg delete "%PE_Reg_Key%" /v Last Src19 /f
rem reg delete "%PE_Reg_Key%" /v Last Src20 /f
reg delete "%PE_Reg_Key%" /v FVFILE0 /f
reg delete "%PE_Reg_Key%" /v FVFILE1 /f
reg delete "%PE_Reg_Key%" /v FVFILE2 /f
reg delete "%PE_Reg_Key%" /v FVFILE3 /f
reg delete "%PE_Reg_Key%" /v FVFILE4 /f
reg delete "%PE_Reg_Key%" /v FVFILE5 /f
reg delete "%PE_Reg_Key%" /v FVFILE6 /f
reg delete "%PE_Reg_Key%" /v FVFILE7 /f
reg delete "%PE_Reg_Key%" /v FVFILE8 /f
reg delete "%PE_Reg_Key%" /v FVFILE9 /f
reg delete "%PE_Reg_Key%" /v FVFILE10 /f
reg delete "%PE_Reg_Key%" /v FVFILE11 /f
reg delete "%PE_Reg_Key%" /v FVFILE12 /f
reg delete "%PE_Reg_Key%" /v FVFILE13 /f
reg delete "%PE_Reg_Key%" /v FVFILE14 /f
reg delete "%PE_Reg_Key%" /v FVFILE15 /f
reg delete "%PE_Reg_Key%" /v FVFILE16 /f
reg delete "%PE_Reg_Key%" /v FVFILE17 /f
reg delete "%PE_Reg_Key%" /v FVFILE18 /f
reg delete "%PE_Reg_Key%" /v FVFILE19 /f
reg delete "%PE_Reg_Key%" /v FVFILE20 /f
set PE_Reg_Key=
rem 播放器 设置遗留参数
reg delete "HKCU\Software\Gabest\VSFilter\DefTextPathes" /v Path1 /f
rem
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU" /f
rem KMplayer痕迹
reg delete "HKCU\Software\KMPlayer\WideAlbum\(Default Album)" /f
rem EmEditor运行痕迹
reg delete "HKCU\Software\EmSoft\EmEditor v3\Recent File List" /f
rem 通知区域历史痕迹
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify" /f
rem EditPlus 2运行痕迹
reg delete "HKCU\Software\ES-Computing\EditPlus 2\Recent File List" /f
rem 浏览网页产生的临时文件
if exist "%userprofile%\Local Settings\Temporary Internet Files\*.*" del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*"
rem 通过资源管理器打开文件的历史记录
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs /f
reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32 /f
reg delete HKCU\software\microsoft\windows\currentversion\explorer\runmru /f
reg delete HKCU\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru /f
reg delete HKCU\software\microsoft\windows\currentversion\explorer\userassist /f
rem 清除 WinRAR的相关垃圾信息
reg delete "HKCU\software\winrar\ArcHistory" /va /f
reg delete "HKCU\Software\WinRAR\DialogEditHistory\ExtrPath" /va /f
reg delete "HKCU\Software\WinRAR\General" /v lastFolder /f
rem 通过Internet Explorer打开文件的历史记录
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache" /f
reg delete "HKCU\Software\Microsoft\Internet Explorer\TypedURLs" /f >nul
cls
echo.
echo 历史痕迹已清理完毕! 请按回车键返回...
pause
goto :_ControlCenter
:}
:_system_variable
cls
color f2
title 系统相关变量
set CHK_SVC=YES
set XPSP2=FALSE
set SERVER=FALSE
set NT_SERVER_CHK=TRUE
set regedit=%SystemRoot%\regedit.exe
set find=%SystemRoot%\System32\find.exe
echo 正在对系统相关参数进行检测,请稍候...
echo.
if /I "%NT_SERVER_CHK%"=="FALSE" goto :SKIP_NT_SERVER_CHK
"%regedit%" /e "%TEMP%\~svr.txt" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions"
type "%TEMP%\~svr.txt"|"%find%" /i "Server" >NUL
if not errorlevel 1 set SERVER=TRUE
type "%TEMP%\~svr.txt"|"%find%" /i "LanMan" >NUL
if not errorlevel 1 set SERVER=TRUE
if exist "%TEMP%\~svr.txt" del /F /Q "%TEMP%\~svr.txt"
if /I "%SERVER%"=="TRUE" goto :NTSERVER
:SKIP_NT_SERVER_CHK
ver | "%find%" /i "Windows 2000" > nul
if not errorlevel 1 goto :OS2K
ver | "%find%" /i "Windows XP" > nul
if not errorlevel 1 goto :OSXP
ver | "%find%" /i "Microsoft Windows [Version 5.2.3790]" > nul
if not errorlevel 1 goto :OSXP64
echo !!系统性错误!!
echo __________
echo.
echo 此脚本仅适用于 Windows 2000/XP 操作平台!
echo.
goto :_QUIT_
:NTSERVER
echo.
echo !!系统性错误!!
echo __________
echo.
echo 此脚本不支持 NT服务器 版本!
echo.
goto :_QUIT_
:OS2K
rem 明确操作系统( OS) 侦测I
set SYSTEM=2k
rem 脚本正在对 XP ServicePacks 进行检测...
"%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 5" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 4" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 3" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
cls
echo 您的操作系统是: Windows 2000 [未知类型 Service Pack或尚未安装]
goto NO_2KSP
)
cls
echo 您的操作系统是: Windows 2000 [Service Pack 1]
goto :NO_2KSP
)
cls
echo 您的操作系统是: Windows 2000 [Service Pack 2]
goto :NO_2KSP
)
cls
echo 您的操作系统是: Windows 2000 [Service Pack 3]
goto :NO_2KSP
)
cls
echo 您的操作系统是: Windows 2000 [Service Pack 4]
goto :NO_2KSP
)
cls
echo 您的操作系统是: Windows 2000 [Service Pack 5]
goto :NO_2KSP
:NO_2kSP
if exist "%TEMP%\~svclist.txt" del /F /Q "%TEMP%\~svclist.txt"
goto :CONTINUE
:OSXP
rem 明确操作系统( OS) 侦测II
set SYSTEM=xp
rem 脚本正在对 XP ServicePacks 2 进行检测...
"%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 4" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 3" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
SET XPSP2=FALSE
cls
echo 您的操作系统是: Windows XP [未知类型 Service Pack或尚未安装]
goto :NO_XPSP
)
SET XPSP2=FALSE
cls
echo 您的操作系统是: Windows XP [Service Pack 1]
goto :NO_XPSP
)
SET XPSP2=TRUE
cls
echo 您的操作系统是: Windows XP [Service Pack 2]
goto :NO_XPSP
)
SET XPSP2=FALSE
cls
echo 您的操作系统是: Windows XP [Service Pack 3]
goto :NO_XPSP
)
SET XPSP2=FALSE
cls
echo 您的操作系统是: Windows XP [Service Pack 4]
goto :NO_XPSP
:OSXP64
rem 明确的操作系统发现 II
set SYSTEM=xp
rem 脚本正在对 XP ServicePacks 2 进行检测...
"%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
SET XPSP2=FALSE
cls
echo 实验平台: Windows XP64 [未知类型 Service Pack或尚未安装]
goto NO_XPSP
)
SET XPSP2=FALSE
cls
echo 实验平台: Windows XP64 [Service Pack 1]
goto :NO_XPSP
)
SET XPSP2=TRUE
cls
echo 实验平台: Windows XP64 [Service Pack 2]
goto :NO_XPSP
:NO_XPSP
if exist "%TEMP%\~svclist.txt" del /F /Q "%TEMP%\~svclist.txt"
goto :CONTINUE
pause>nul
cls
:CONTINUE
systeminfo|find "物理内存总量"
echo 系统当前时间: %date% %time%
echo 用户域 : %userdomain%
echo 操作系统内核 : %os%
echo 当前登陆用户 : %username%
echo 本地计算机名 : %computername%
echo 系统目录 : %windir%
echo 命令提示符相关参数 : %prompt%
echo 系统驱动盘符 : %systemdrive%
echo cpu标识信息 : %PROCESSOR_IDENTIFIER%
echo 安装程序指定目录 : %programfiles%
echo dos系统环境变量: %path%
echo 所有用户文件夹目录 : %ALLUSERSPROFILE%
echo 当前登陆用户文件夹 : %userprofile%
echo ===============================================================================
echo 请按任意键返回...
pause>nul
goto :_ControlCenter
:_ServRestore
cls
title 系统服务优化恢复
echo.
echo 正在恢复已经优化的系统服务...
reg import "%root%\ServicesSet.reg.default"
echo 恢复成功!
pause > nul
goto :_ControlCenter
:_ServConfig
echo.
title 系统服务配置
cls
echo.
echo 此项目前只完成了单机服务配置,
echo 敬请关注最新消息,请按下"回车键"继续...
pause>nul
cls
echo.
echo 正在对系统服务进行全面快照,您可能需要
echo 等待一些时间,如果你的机器不理想的话...
"%regedit%" /e "%root%\ServicesSet.reg.default"
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services"
cls
echo 系统服务状态备份完成!
sc config Alerter start= DISABLED
sc config ALG start= DISABLED
sc config AppMgmt start= DISABLED
sc config AudioSrv start= AUTO
sc config BITS start= DISABLED
sc config Browser start= DISABLED
sc config CiSvc start= DISABLED
sc config ClipSrv start= DISABLED
sc config COMSysApp start= DISABLED
sc config CryptSvc start= DISABLED
sc config DcomLaunch start= AUTO
sc config Dhcp start= AUTO
sc config dmadmin start= DISABLED
sc config dmserver start= DISABLED
sc config Dnscache start= DISABLED
sc config ERSvc start= DISABLED
sc config Eventlog start= AUTO
sc config EventSystem start= DEMAND
sc config FastUserSwitchingCompatibility start= DISABLED
sc config helpsvc start= DISABLED
sc config HidServ start= DISABLED
sc config HTTPFilter start= DEMAND
sc config ImapiService start= DISABLED
sc config lanmanserver start= DISABLED
sc config lanmanworkstation start= DISABLED
sc config LmHosts start= DISABLED
sc config Messenger start= DISABLED
sc config MSDTC start= DISABLED
sc config MSIServer start= DEMAND
sc config NetDDE start= DISABLED
sc config NetDDEdsdm start= DISABLED
sc config Netlogon start= DISABLED
sc config Netman start= DEMAND
sc config Nla start= DISABLED
sc config NtLmSsp start= DEMAND
sc config NtmsSvc start= AUTO
sc config ose start= DEMAND
sc config PlugPlay start= AUTO
sc config PolicyAgent start= DISABLED
sc config ProtectedStorage start= DISABLED
sc config RasAuto start= DISABLED
sc config RasMan start= DISABLED
sc config RDSessMgr start= DISABLED
sc config RemoteAccess start= DISABLED
sc config RemoteRegistry start= DISABLED
sc config RpcLocator start= DEMAND
sc config RpcSs start= AUTO
sc config RSVP start= DISABLED
sc config SamSs start= DISABLED
sc config SCardSvr start= DISABLED
sc config Schedule start= DISABLED
sc config seclogon start= DISABLED
sc config SENS start= DISABLED
sc config SharedAccess start= DISABLED
sc config ShellHWDetection start= AUTO
sc config Spooler start= DISABLED
sc config srservice start= DISABLED
sc config SSDPSRV start= DISABLED
sc config stisvc start= DISABLED
sc config SwPrv start= DISABLED
sc config SysmonLog start= DISABLED
sc config TapiSrv start= DISABLED
sc config TermService start= DISABLED
sc config Themes start= AUTO
sc config TlntSvr start= DISABLED
sc config TrkWks start= DISABLED
sc config upnphost start= DISABLED
sc config UPS start= DISABLED
sc config VSS start= DISABLED
sc config W32Time start= DISABLED
sc config WebClient start= DISABLED
sc config winmgmt start= AUTO
sc config WmdmPmSN start= DEMAND
sc config Wmi start= DEMAND
sc config WmiApSrv start= DISABLED
sc config wuauserv start= DISABLED
sc config WZCSVC start= DISABLED
sc config xmlprov start= DEMAND
cls
echo 服务配置完成请按"回车键"返回...
pause>nul
goto :_ControlCenter
:_Optimize
rem 菜单显示延迟
reg add "HKCU\Control Panel\Desktop" /v MenuShowDelay /t reg_sz /d 0 /f
rem 屏蔽窗口最小化时的动画效果
reg add "HKCU\Control Panel\Desktop\WindowMetrics" /v MinAnimate /t reg_sz /d 0 /f
rem 不显示快捷方式字样
rem 不显示快捷方式的小箭头
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile" /v IsShortcut /f
rem 当快捷方式无效时候直接删除
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoResolveSearch /t reg_dword /d 1 /f
rem 使用windows传统文件夹风格
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v WebView /t reg_dword /d 0 /f
rem 记事本与自动换行与状态栏兼得
reg add "HKCU\software\microsoft\notepad" /v StatusBar /t reg_dword /d 00000001 /f
reg add "HKCU\software\microsoft\notepad" /v fWrap /t reg_dword /d 00000001 /f
rem 禁止在开始菜单显示 我的音乐 项
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoStartMenuMyMusic /t reg_dword /d 1 /f
rem 禁止在开始菜单显示 图片收藏 项
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoSMMyPictures /t reg_dword /d 1 /f
rem
rem 生成 屏蔽.reg
echo Windows Registry Editor Version 5.00 > 屏蔽.reg
echo [HKCU\Control Panel\Desktop] >> 屏蔽.reg
echo ;菜单显示延迟 >> 屏蔽.reg
echo "MenuShowDelay"="0" >> 屏蔽.reg
echo [HKCU\Control Panel\Desktop\WindowMetrics] >> 屏蔽.reg
echo ;屏蔽窗口最小化时的动画效果 >> 屏蔽.reg
echo "MinAnimate"="0" >> 屏蔽.reg
echo [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer] >> 屏蔽.reg
echo ;不显示快捷方式字样 >> 屏蔽.reg
echo "link"=hex:00,00,00,00 >> 屏蔽.reg
echo [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] >> 屏蔽.reg
echo ;不显示最近打开的文档 >> 屏蔽.reg
echo "Start_ShowRecentDocs"=dword:00000000 >> 屏蔽.reg
echo ;不显示控制面板 >> 屏蔽.reg
echo "Start_ShowControlPanel"=dword:00000000 >> 屏蔽.reg
echo ;不显示帮助 >> 屏蔽.reg
echo "Start_ShowHelp"=dword:00000000 >> 屏蔽.reg
echo ;不显示我的电脑 >> 屏蔽.reg
echo "Start_ShowMyComputer"=dword:00000000 >> 屏蔽.reg
echo ;不显示我的文档 >> 屏蔽.reg
echo "Start_ShowMyDocs"=dword:00000000 >> 屏蔽.reg
echo ;不显示我的音乐 >> 屏蔽.reg
echo "Start_ShowMyMusic"=dword:00000000 >> 屏蔽.reg
echo ;不显示我的图片 >> 屏蔽.reg
echo "Start_ShowMyPics"=dword:00000000 >> 屏蔽.reg
echo ;不显示网络连接 >> 屏蔽.reg
echo "Start_ShowNetConn"=dword:00000000 >> 屏蔽.reg
echo ;不显示打印和传真 >> 屏蔽.reg
echo "Start_ShowNetPlaces"=dword:00000000 >> 屏蔽.reg
echo [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] >> 屏蔽.reg
echo ;禁止使用活动桌面 >> 屏蔽.reg
echo "NoActiveDesktop"=dword:00000001 >> 屏蔽.reg
echo ;不显示最近打开的文档 >> 屏蔽.reg
echo "NoRecentDocsMenu"=dword:00000001 >> 屏蔽.reg
echo ;禁止自动升级 >> 屏蔽.reg
echo "NoWindowsUpdate"=dword:00000001 >> 屏蔽.reg
echo ;禁用开始菜单中的常用的程序 >> 屏蔽.reg
echo "NoStartMenuMFUprogramsList"=dword:00000001 >> 屏蔽.reg
echo ;不显示我的文档-收藏夹 >> 屏蔽.reg
echo "NoFavoritesMenu"=dword:00000001 >> 屏蔽.reg
echo ;屏蔽磁盘不足的警告 >> 屏蔽.reg
echo "NoLowDiskSpaceChecks"=dword:00000001 >> 屏蔽.reg
echo ;关机时候自动清除最近打开的文档 >> 屏蔽.reg
echo "ClearRecentDocsOnExit"=dword:00000001 >> 屏蔽.reg
echo ;不显示我的文档记录 >> 屏蔽.reg
echo "NoRecentDocsHistory"=dword:00000001 >> 屏蔽.reg
echo ;不显示开始菜单中的帮助 >> 屏蔽.reg
echo "NoSMHelp"=dword:00000001 >> 屏蔽.reg
echo ;显示系统托盘的自定义图标,例如输入法 >> 屏蔽.reg
echo "NoToolbarsOnTaskbar"=dword:00000000 >> 屏蔽.reg
echo ;不显示网络邻居 >> 屏蔽.reg
echo "NoNetHood"=dword:00000000 >> 屏蔽.reg
echo ;不显示自定义任务栏 >> 屏蔽.reg
echo "NoToolbarCustomize"=dword:00000000 >> 屏蔽.reg
echo ;禁止在开始菜单显示 网上邻居 项 >> 屏蔽.reg
echo "NoStartMenuNetworkPlaces"=dword:00000001 >> 屏蔽.reg
echo ;禁止在开始菜单显示 图片收藏 项 >> 屏蔽.reg
echo "NoSMMyPictures"=dword:00000001 >> 屏蔽.reg
echo ;禁止在开始菜单显示 我的音乐 项 >> 屏蔽.reg
echo "NoStartMenuMyMusic"=dword:00000001 >> 屏蔽.reg
rem
rem
if not exist "%root%"\屏蔽.reg copy /y 屏蔽.reg "%root%"
regedit.exe /s 屏蔽.reg
if exist "%root%"\屏蔽.reg del /q "%root%"\屏蔽.reg
rem
rem 右键菜单清理
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.AIS\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bfc\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.bmp\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.doc\Word.Document.8\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ppt\PowerPoint.Show.8\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rar\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.wav\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xls\Excel.Sheet.8\ShellNew /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.zip\ShellNew /f
cls
pause
goto :_ControlCenter
:_CheckDisk
cls
@echo off
rem chkdsk.cmd
title 磁盘检测程序
setlocal
echo.
echo 磁盘检测程序已经启动
set _drive=
set _r=
set _f=
echo 请输入驱动器的盘符,卷标名或者装入点...
set /p _drive=输入驱动盘符:
if "%_drive%" == "" goto _end
echo.
echo 你想修复磁盘上的错误和损坏的坏扇区
echo 并恢复可读取的数据吗?(是/否)...
:_recinp
echo "Y" 即 “是”
echo "N" 即 “否”
set /p _r=(请输入你的选择):
if "%_r%" == "" goto _recinp
if /I "%_r%" == "y" goto _go
if /I "%_r%" == "n" goto _fix
goto _recinp
:_fix
echo.
echo 你想修复磁盘上的错误 (是/否)...
:_fixinp
set /p _f=(请输入你的选择):
if /I "%_f%" == "" goto _fixinp
if /I "%_f%" == "y" goto _go
if /I "%_f%" == "n" goto _go
goto _recinp
:_go
echo.
echo ----------------------------------------------------------------
echo 你已经指明检查的 %_drive% 驱动器/卷
echo.
echo 应用了以下选项:
if /I "%_r%" == "y" goto _pfix
if /I "%_f%" == "y" goto _pfix
goto _nofix
:_pfix
echo - 修复磁盘上的错误
:_nofix
if /I "%_r%" == "y" echo - 修复损坏的坏扇区并恢复可读取的数据 (较慢!)
echo ----------------------------------------------------------------
echo.
echo 启动磁盘检测? (是/否)...
:_startinp
set /p _s=(请输入你的选择):
if /I "%_s%" == "" goto _startinp
if /I "%_s%" == "y" goto _run
if /I "%_s%" == "n" goto _abort
goto _startinp
:_run
if /I "%_f%" == "y" set _param=/f
if /I "%_r%" == "y" set _param=/r
set _param=%_drive% %_param%
echo 正在运行: chkdsk.exe %_param%
chkdsk.exe %_param%
echo.
echo CHKDSK.CMD: 磁盘检测完成...
goto _end
:_abort
echo.
echo CHKDSK.CMD: 终止...
:_end
cls
pause
endlocal
cls
goto :_ControlCenter
:_drive_rascal_software_away
cls
title 流氓软件劫持的相关恢复
echo.
echo 此项"流氓软件劫持恢复"以注册表修复为主.
echo.
echo 正在修复系统,请稍等...
echo.
echo.
rundll32.exe advpack.dll /DelNodeRunDLL32 "%systemroot%\System32"\dacui.dll
rundll32.exe advpack.dll /DelNodeRunDLL32 "%systemroot%\Catroot"\icatalog.mdb
"%regsvr32%" /s setupwbv.dll
"%regsvr32%" /s wininet.dll
"%regsvr32%" /s comcat.dll
"%regsvr32%" /s shdoc401.dll
"%regsvr32%" /s shdoc401.dll /i
"%regsvr32%" /s asctrls.ocx
"%regsvr32%" /s oleaut32.dll
"%regsvr32%" /s shdocvw.dll /I
"%regsvr32%" /s shdocvw.dll
"%regsvr32%" /s browseui.dll
"%regsvr32%" /s browseui.dll /I
"%regsvr32%" /s msrating.dll
"%regsvr32%" /s mlang.dll
"%regsvr32%" /s hlink.dll
"%regsvr32%" /s mshtml.dll
"%regsvr32%" /s mshtmled.dll
"%regsvr32%" /s urlmon.dll
"%regsvr32%" /s plugin.ocx
"%regsvr32%" /s sendmail.dll
"%regsvr32%" /s comctl32.dll /i
"%regsvr32%" /s inetcpl.cpl /i
"%regsvr32%" /s mshtml.dll /i
"%regsvr32%" /s scrobj.dll
"%regsvr32%" /s mmefxe.ocx
"%regsvr32%" /s proctexe.ocx mshta.exe /register
"%regsvr32%" /s corpol.dll
"%regsvr32%" /s jscript.dll
"%regsvr32%" /s msxml.dll
"%regsvr32%" /s imgutil.dll
"%regsvr32%" /s thumbvw.dll
"%regsvr32%" /s cryptext.dll
"%regsvr32%" /s rsabase.dll
"%regsvr32%" /s triedit.dll
"%regsvr32%" /s dhtmled.ocx
"%regsvr32%" /s inseng.dll
"%regsvr32%" /s iesetup.dll /i
"%regsvr32%" /s hmmapi.dll
"%regsvr32%" /s cryptdlg.dll
"%regsvr32%" /s actxprxy.dll
"%regsvr32%" /s dispex.dll
"%regsvr32%" /s occache.dll
"%regsvr32%" /s occache.dll /i
"%regsvr32%" /s iepeers.dll
"%regsvr32%" /s wininet.dll /i
"%regsvr32%" /s urlmon.dll /i
"%regsvr32%" /s digest.dll /i
"%regsvr32%" /s cdfview.dll
"%regsvr32%" /s webcheck.dll
"%regsvr32%" /s mobsync.dll
"%regsvr32%" /s pngfilt.dll
"%regsvr32%" /s licmgr10.dll
"%regsvr32%" /s icmfilter.dll
"%regsvr32%" /s hhctrl.ocx
"%regsvr32%" /s inetcfg.dll
"%regsvr32%" /s trialoc.dll
"%regsvr32%" /s tdc.ocx
"%regsvr32%" /s MSR2C.DLL
"%regsvr32%" /s msident.dll
"%regsvr32%" /s msieftp.dll
"%regsvr32%" /s xmsconf.ocx
"%regsvr32%" /s ils.dll
"%regsvr32%" /s msoeacct.dll
"%regsvr32%" /s wab32.dll
"%regsvr32%" /s wabimp.dll
"%regsvr32%" /s wabfind.dll
"%regsvr32%" /s oemiglib.dll
"%regsvr32%" /s directdb.dll
"%regsvr32%" /s inetcomm.dll
"%regsvr32%" /s msoe.dll
"%regsvr32%" /s oeimport.dll
"%regsvr32%" /s msdxm.ocx
"%regsvr32%" /s dxmasf.dll
"%regsvr32%" /s laprxy.dll
"%regsvr32%" /s l3codecx.ax
"%regsvr32%" /s acelpdec.ax
"%regsvr32%" /s mpg4ds32.ax
"%regsvr32%" /s voxmsdec.ax
"%regsvr32%" /s danim.dll
"%regsvr32%" /s Daxctle.ocx
"%regsvr32%" /s lmrt.dll
"%regsvr32%" /s datime.dll
"%regsvr32%" /s dxtrans.dll
"%regsvr32%" /s dxtmsft.dll
"%regsvr32%" /s vgx.dll
"%regsvr32%" /s WEBPOST.DLL
"%regsvr32%" /s WPWIZDLL.DLL
"%regsvr32%" /s POSTWPP.DLL
"%regsvr32%" /s CRSWPP.DLL
"%regsvr32%" /s FTPWPP.DLL
"%regsvr32%" /s FPWPP.DLL
"%regsvr32%" /s FLUPL.OCX
"%regsvr32%" /s wshom.ocx
"%regsvr32%" /s wshext.dll
"%regsvr32%" /s vbscript.dll
"%regsvr32%" /s scrrun.dll mstinit.exe /setup
"%regsvr32%" /s msnsspc.dll /SspcCreateSspiReg
"%regsvr32%" /s msapsspc.dll /SspcCreateSspiReg
rem 生成文件 IE受篡改的恢复.reg
echo Windows Registry Editor Version 5.00 > IE受篡改的恢复.reg
echo ;IE受篡改的相关注册表恢复 >> IE受篡改的恢复.reg
echo ;申明:以下的修改结果可能并不会另所有人 >> IE受篡改的恢复.reg
echo ;满意,但是以下的都是恢复注册表最初的数据 >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo ;(系统所有用户)IE标题恢复 >> IE受篡改的恢复.reg
echo "Window Title"="Microsoft Internet Explorer" >> IE受篡改的恢复.reg
echo [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo ;(当前用户)IE标题恢复 >> IE受篡改的恢复.reg
echo "Window Title"="Microsoft Internet Explorer" >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo ;IE的默认页面被篡改,默认情况下为空,即下面的 about:blank >> IE受篡改的恢复.reg
echo "Default_Page_URL"="about:blank" >> IE受篡改的恢复.reg
echo [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo ;修改了IE浏览器缺省主页,并且锁定设置项,禁止用户更改 >> IE受篡改的恢复.reg
echo "Settings"=dword:00000000 >> IE受篡改的恢复.reg
echo "Links"=dword:00000000 >> IE受篡改的恢复.reg
echo "SecAddSites"=dword:00000000 >> IE受篡改的恢复.reg
echo ;IE右键菜单被修改 >> IE受篡改的恢复.reg
echo [-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt] >> IE受篡改的恢复.reg
echo [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt] >> IE受篡改的恢复.reg
echo ;IE默认搜索引擎被修改 >> IE受篡改的恢复.reg
echo [-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] >> IE受篡改的恢复.reg
echo "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" >> IE受篡改的恢复.reg
echo [-HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] >> IE受篡改的恢复.reg
echo "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" >> IE受篡改的恢复.reg
echo "CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm" >> IE受篡改的恢复.reg
echo ;查看“源文件”菜单被禁用 >> IE受篡改的恢复.reg
echo [-HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions] >> IE受篡改的恢复.reg
echo ;系统启动时弹出对话框 >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon] >> IE受篡改的恢复.reg
echo ;IE默认连接首页被修改 >> IE受篡改的恢复.reg
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo "Start Page"="about:blank" >> IE受篡改的恢复.reg
echo [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] >> IE受篡改的恢复.reg
echo "Start Page"="about:blank" >> IE受篡改的恢复.reg
echo ;IE中鼠标右键失效 >> IE受篡改的恢复.reg
echo [HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions] >> IE受篡改的恢复.reg
echo "NoBrowserContextMenu"=dword:00000000 >> IE受篡改的恢复.reg
rem 生成 IE受篡改的恢复.reg 文件结束
if not exist "%root%"\IE受篡改的恢复.reg copy /y IE受篡改的恢复.reg "%root%"
regedit.exe /s IE受篡改的恢复.reg
if exist "%root%"\IE受篡改的恢复.reg del /q "%root%"\IE受篡改的恢复.reg
cls
echo 修复完毕!
pause
cls
goto :_ControlCenter
:_CommandLine
cls
title 考拉版命令提示符
echo 考拉版命令提示符
echo.
echo ...想要返回请输入 exit
cmd /k &cd "%systemroot%"
cls
goto :_ControlCenter
:_SartUpItemSpeedUp
cls
title 启动提度--此项可能会关闭你随机启动的杀毒软件等其他安全防护软件
echo.
echo 正在进行系统提速配置....
if exist %programfiles%\Real\RealPlayer\rpau3260.dll regsvr32 /u /s %programfiles%\Real\RealPlayer\rpau3260.dll
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /va /f
reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /va /f
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /v ctfmon.exe /d C:\WINDOWS\system32\ctfmon.exe
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /f
if exist "%ALLUSERSPROFILE%\「开始」菜单\程序\启动\*.*" del "%ALLUSERSPROFILE%\「开始」菜单\程序\启动\*.*" /q /f
if exist "C:\Documents and Settings\Default User\「开始」菜单\程序\启动\*.*" del "C:\Documents and Settings\Default User\「开始」菜单\程序\启动\*.*" /q /f
if exist "%userprofile%\「开始」菜单\程序\启动\*.*" del "%userprofile%\「开始」菜单\程序\启动\*.*" /q /f
reg add "HKCU\Console" /v LoadConIme /t reg_dword /d 1 /f
rem
rem 生成启动提速.reg文件
echo Windows Registry Editor Version 5.00 >启动提速.reg
echo ;启动项 >>启动提速.reg
echo [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] >>启动提速.reg
echo "Startup"="" >>启动提速.reg
echo ;锁定任务栏 >>启动提速.reg
echo [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] >>启动提速.reg
echo "LockTaskbar"=dword:00000001 >>启动提速.reg
echo ;取消开机预读取 >>启动提速.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\Memory Management] >>启动提速.reg
echo "EnablePrefetcher"=dword:00000000 >>启动提速.reg
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] >>启动提速.reg
echo "EnablePrefetcher"=dword:00000000 >>启动提速.reg
rem
rem
if not exist "%root%"\启动提速.reg copy /y 启动提速.reg "%root%"
regedit.exe /s 启动提速.reg
if exist 启动提速.reg del /q 启动提速.reg
pause
cls
goto :_ControlCenter
:_QUIT_
:{
cls
echo 猫 猫
echo 猫猫 猫猫 鄙人尚未学习编程,
echo 猫 猫 猫 猫 请不要用专业的眼光来
echo 猫 猫 猫 猫 猫 猫 评估此脚本的实用性。
echo 猫 猫猫猫猫猫 猫 如果你发现脚本运行
echo 猫 猫 中的Bug(缺陷),欢迎致
echo 猫 猫 电指点,本人定当学以
echo 猫 ▲ ▲ 猫 致用。
echo 猫 猫
echo ---猫 猫 --- 谢谢您支持此脚本!!
echo - -猫- __ V __ -猫--
echo. --- 猫 猫 --- 作者: koala
echo. 猫猫猫猫猫 QQ:13019940
echo.
echo.
echo 咨询平台: http://loveskoala.blogspot.com
echo ________________________________________________________
echo.
echo 我是抱着猫打完这段乱七八糟的东西的.
echo * _ *
echo ________________________________________________________
echo [请按任意键退出]
echo ------------------------------------------------------
echo.
set QUIT =
set /p QUIT=
rem
"%process%" > "%root%"\processlist.txt
type "%root%"\processlist.txt|"%find%" /i "explorer.exe" >NUl
if errorlevel==1 "%process%" -k explorer.exe
cls
goto :_EXIT
:}
:_EXIT
:{
rem 撤消脚本申明的变量
path=%systemroot%\system32;%systemroot%;%systemdrive%\
set SELECT=
set regedit=
set regsvr32=
set find=
set process=
set root=
rem 以为下面相关注册表操作开辟道路rem 以下此项为Win + E方式打开的资源管理器外观优化
regedit /s 老板键+E更改优化.reg
reg import "%root%\environment.reg.default"
cls
@echo off
echo.
echo ▓
echo ▓ ▓ ▓▓▓ ▓▓▓▓ ▓ ▓▓▓▓
echo ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓
echo ▓▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓
echo ▓▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓
echo ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓
echo ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓ ▓
echo ▓▓ ▓ ▓▓▓ ▓▓▓▓ ▓ ▓▓ ▓▓▓▓ ▓
echo.
echo.
echo 专注于 VB / QBasic / Turbo C 2.0 编程
echo 专注于 Registry / c盘病毒的一举一动! (此人喜欢收藏病毒 ~.~)
echo --------------------------------------------------------------------------------
echo 您可以按下任意键退出脚本程序,如果你愿意的话...
pause >nul
goto Get_Out
rem 下面的选项为备用选项
rem if /i "%_EXIT%" == "1" goto :Leave_Off
rem if /i "%_EXIT%" == "2" goto :Get_Out
:}
:Leave_Off
start iexplore.exe http://loveskoala.blogspot.com
start explorer.exe
endlocal
:Get_Out
start explorer.exe
endlocal
|
『生如夏花之绚烂
死若秋叶之静美』 dos做到了 |
|
|
2007-7-3 19:24 |
|
|
koala
初级用户
Batchs上議院參議長
积分 199
发帖 105
注册 2007-6-5
来自 江苏
状态 离线
|
『第
35 楼』:
相关文件在 loveskoala.ys168.com下载
|
『生如夏花之绚烂
死若秋叶之静美』 dos做到了 |
|
|
2007-7-3 19:25 |
|
|
koala
初级用户
Batchs上議院參議長
积分 199
发帖 105
注册 2007-6-5
来自 江苏
状态 离线
|
『第
36 楼』:
再来一个
@echo off
color 1f
title NT核系统服务管理(适用平台:Windows 2000/XP/2003/vista)
cls
rem 汉化版权所有 (C) 2007 koala
rem 联系方法: da2qia1ku5@126.com
setlocal
REM *** INIT_VARS ***
set CHK_SVC=YES
set XPSP2=FALSE
set SERVER=FALSE
set NT_SERVER_CHK=TRUE
echo ______________________________________________________________________________
echo.
echo koala友情提醒
echo.
echo 去处了繁余德语部分后,本人采用全局意译,部分直译的方法,运行过程中配合金山词
echo 霸,又结合了中国人的逻辑思维方式,对相关词语进行位置、适当的更换,完成此脚本汉化.
echo.
echo 此Germany(德国)的"NT核系统批处理优化脚本"由于代码过于庞大,因而运行过程中会
echo 出现局部Var(变量)无效的错误信息.但不要紧,试着多运行几次便可以了.
echo.
echo 完成此脚本的汉化、修正、调试、修改、美化 、"动大手术手术",花费了15个小时.由
echo 于本人能力有限,对VB编程(确切的说,应该是所有编程)一无所知,因而还得请热心的您来
echo 完成脚本中部分的VB脚本修正调试工作.
echo.
echo 人无完人,脚本难免还有不出错的地方,某些不得当之处还请赐教。
echo.
echo 让所有认识汉字的华人都能使用国外英文精品软件~!~!~!
echo.
echo 此脚本的官方发表日期 : 2005/12/18
echo /*** 为了保护汉化成果,我运用了一些技术手段对源代码进行
echo 了封装,如果对源代码感兴趣,就赶紧写信给我吧 ***/
echo.
echo E-mail:da2qia1ku5@126.com
echo ______________________________________________________________________________
set koala =
set /p koala= 请按"回车键"继续....
if "%koala%" == "" goto :START
:START
md "%USERPROFILE%\ntsvcfg"
copy /y psexec.exe %USERPROFILE%\ntsvcfg
path=%systemroot%\system32;%systemroot%;%systemdrive%\;%USERPROFILE%\ntsvcfg
set psexec=%USERPROFILE%\ntsvcfg\psexec.exe
set find=%SystemRoot%\System32\find.exe
set regedit=%SystemRoot%\regedit.exe
if not exist "%find%" goto :NOFIND
if not exist "%regedit%" goto :NOREGEDIT
if not exist "%psexec%" goto :NOPSEXEC
if not "%1" == "%*" goto :SYNTAX
if /I "%1"=="/?" goto :HELP
if /I "%1"=="/help" goto :HELP
if /I "%1"=="-h" goto :HELP
if /I "%1"=="--help" goto :HELP
if /I "%1"=="-?" goto :HELP
if /I "%1"=="--?" goto :HELP
if /I "%1"=="/fix" goto :FIX
cls
echo ***********************************************
echo * NT核系统服务管理 *
echo * 适用平台:Windows 2000/XP/2003/vista *
echo * 汉化版权所有(C)2007 koala(Koala Studio) *
echo ***********************************************
echo.
goto :VERSION
:SYNTAX
echo.
echo.
echo !!语法错误!!
echo ________________
echo.
echo 无效的参数.
goto :QUIT
:HELP
echo.
echo 参数:
echo /lan.......保持某些需要访问网络的服务状态不变!
echo /std.......关闭所有端口, 但某些服务的状态保持不变.
echo /all.......改变所有引发问题的系统服务.[不推荐此操作,强烈建议浏览www.ntsvcfg.de]
echo /restore...撤消上次的更改.
echo /reLAN.....恢复需要访问网络的服务.
echo /default...恢复系统服务设置 (到第一次使用之前)
echo.
echo 例如: svc2kxp.cmd /all
echo.
set /P CHS= [按下 "G" 获取 GNU GPL 信息或者按下 "Q" 退出]?
echo.
if /I "%CHS%"=="G" goto :GNU_GPL
if /I "%CHS%"=="Q" goto :QUIT_EXT
CLS
goto :HELP
:GNU_GPL
CLS
echo 关于 GNU-General Public License授权给"svc2kxp.cmd"的信息
echo ===============================================================
echo.
echo 版权所有 (C) 2003-05 Ansgar Wiechers, Torsten Mann
echo 联系方法: admin@ntsvcfg.de
echo.
echo 此程序为免费软件; 你可以重新分配它并可以在遵守由"免费软件基金会"发布的
echo "GUN 通用公共许可证"条款的前提条件下修改此程序 ;或者在遵守第二版的
echo 协议.你可以选择一个最新的版本.此程序的发布是希望它会产生应有的作用, 在没
echo 有"任何正当理由"; 以及内在保证的前提下不得用于任何形式的 "商业或适当的特
echo 别意图".请查看"GUN 通用公共许可证"获取详细信息.
rem
echo 随同此程序一起你应该已经收到一份"GUN 通用公共许可证";
echo 如果没有,请写信到:
echo.
echo Free Software Foundation, Inc.
echo 59 Temple Place, Suite 330
echo Boston, MA 02111-1307, USA.
echo.
set /P CHS= [按下 "H" 获取帮助 或者按 "Q" 退出]?
CLS
if /I "%CHS%"=="H" goto :HELP
if /I "%CHS%"=="Q" goto :QUIT_EXT
goto GNU_GPL
:VERSION
echo ==============================================================================
echo 正在检测系统版本 ...
echo.
if /I "%NT_SERVER_CHK%"=="FALSE" goto :SKIP_NT_SERVER_CHK
"%regedit%" /e "%TEMP%\~svr.txt" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions"
type "%TEMP%\~svr.txt"|"%find%" /i "Server" >NUL
if not errorlevel 1 set SERVER=TRUE
type "%TEMP%\~svr.txt"|"%find%" /i "LanMan" >NUL
if not errorlevel 1 set SERVER=TRUE
if exist "%TEMP%\~svr.txt" del /F /Q "%TEMP%\~svr.txt"
if /I "%SERVER%"=="TRUE" goto :NTSERVER
:SKIP_NT_SERVER_CHK
ver | "%find%" /i "Windows 2000" > nul
rem 如果返回错误信息不是假(1为假 0为真)
if not errorlevel 1 goto :OS2K
ver | "%find%" /i "Windows XP" > nul
if not errorlevel 1 goto :OSXP
ver | "%find%" /i "Microsoft Windows [Version 5.2.3790]" > nul
if not errorlevel 1 goto :OSXP64
echo !!出错!!
echo __________
echo.
echo 此脚本仅适用于 Windows 2000/XP 操作平台!
echo.
goto :QUIT
:NOFIND
echo.
echo !!出错!!
echo __________
echo.
echo 抱歉, 以下的文件已经丢失:
echo 请从其他电脑中自行拷贝一份到你的系统中.
echo.
echo # %SystemRoot%\System32\FIND.EXE
echo.
echo 请按下回车键 copy 到你的系统
pause >nul
copy /y regedit.exe "%systemroot%"
goto :START
:NOREGEDIT
echo.
echo !!出错!!
echo __________
echo.
echo 抱歉, 以下的文件已经丢失:
echo 请从其他电脑中自行拷贝一份到你的系统中.
echo.
echo # %SystemRoot%\REGEDIT.EXE
echo.
echo 请按下回车键 copy 到你的系统
pause >nul
copy /y find.exe "%systemroot%"
goto :START
:NOPSEXEC
echo.
echo !!出错!!
echo __________
echo.
echo 抱歉, 脚本需要以下的文件已经丢失:
echo.
echo # %USERPROFILE%\ntsvcfg\psexec.exe
echo.
echo 请按下回车键 copy 到你的系统
pause >nul
copy /y psexec.exe "%USERPROFILE%\ntsvcfg"
goto :START
:NTSERVER
echo.
echo !!出错!!
echo __________
echo.
echo 此脚本不支持 NT Server 版本!
echo.
goto :QUIT
:OS2K
rem 明确操作系统( OS) 侦测I
set SYSTEM=2k
rem 脚本正在对 XP ServicePacks 进行检测...
reg export "hklm\SOFTWARE\Microsoft\Windows NT\CurrentVersion" "%TEMP%\~svclist.txt"
rem 下面的rem段是原来脚本中原形,虽然在系统SP检测的时间上没有什么改进(如果你的c:盘垃圾不经常清理,你可能会觉得用reg export快),但是减少生成临时文件的大小
rem 用下面脚本原形("%regedit%" /e) 产生的临时文件大小是优化(reg export)的9倍之多(本人计算机测试时候产生的文件大小分别为3585KB和395KB),不信试试。
rem "%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 5" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 4" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 3" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
echo 您的操作系统是: Windows 2000 [未知类型 Service Pack或尚未安装]
goto NO_2KSP
)
echo 您的操作系统是: Windows 2000 [Service Pack 1]
goto :NO_2KSP
)
echo 您的操作系统是: Windows 2000 [Service Pack 2]
goto :NO_2KSP
)
echo 您的操作系统是: Windows 2000 [Service Pack 3]
goto :NO_2KSP
)
echo 您的操作系统是: Windows 2000 [Service Pack 4]
goto :NO_2KSP
)
echo 您的操作系统是: Windows 2000 [Service Pack 5]
goto :NO_2KSP
:NO_2kSP
if exist "%TEMP%\~svclist.txt" del /F /Q "%TEMP%\~svclist.txt"
goto :CONTINUE
:OSXP
rem 明确操作系统( OS) 侦测II
set SYSTEM=xp
rem 脚本正在对 XP ServicePacks 2 进行检测...
"%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 4" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 3" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
SET XPSP2=FALSE
echo 您的操作系统是: Windows XP [未知类型 Service Pack或尚未安装]
goto :NO_XPSP
)
SET XPSP2=FALSE
echo 您的操作系统是: Windows XP [Service Pack 1]
goto :NO_XPSP
)
SET XPSP2=TRUE
echo 您的操作系统是: Windows XP [Service Pack 2]
goto :NO_XPSP
)
SET XPSP2=FALSE
echo 您的操作系统是: Windows XP [Service Pack 3]
goto :NO_XPSP
)
SET XPSP2=FALSE
echo 您的操作系统是: Windows XP [Service Pack 4]
goto :NO_XPSP
:OSXP64
rem 明确的操作系统发现 II
set SYSTEM=xp
rem 脚本正在对 XP ServicePacks 2 进行检测...
"%regedit%" /e "%TEMP%\~svclist.txt" "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion"
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 2" >NUL
if errorlevel==1 (
type "%TEMP%\~svclist.txt"|"%find%" /i "Service Pack 1" >NUL
if errorlevel==1 (
SET XPSP2=FALSE
echo !EXPERIMENTAL! Windows XP64 [未知类型 Service Pack或尚未安装]
goto NO_XPSP
)
SET XPSP2=FALSE
echo !EXPERIMENTAL! 您的操作系统是: Windows XP64 [Service Pack 1]
goto :NO_XPSP
)
SET XPSP2=TRUE
echo !EXPERIMENTAL! 您的操作系统是: Windows XP64 [Service Pack 2]
goto :NO_XPSP
:NO_XPSP
if exist "%TEMP%\~svclist.txt" del /F /Q "%TEMP%\~svclist.txt"
goto :CONTINUE
:CONTINUE
REM 如果需要,在 %userprofile% 创建"ntsvcfg"子目录
if not exist "%USERPROFILE%\ntsvcfg\*.*" md "%USERPROFILE%\ntsvcfg"
REM 从 ...\%USERNAME%\ntsvcfg 删除陈旧的脚本备份文件 :
if exist "%USERPROFILE%\dcom.reg" move /Y "%USERPROFILE%\dcom.reg" "%USERPROFILE%\ntsvcfg\dcom.reg"
if exist "%USERPROFILE%\dcomp.reg" move /Y "%USERPROFILE%\dcomp.reg" "%USERPROFILE%\ntsvcfg\dcomp.reg"
if exist "%USERPROFILE%\services.reg" move /Y "%USERPROFILE%\services.reg" "%USERPROFILE%\ntsvcfg\services.reg"
if exist "%USERPROFILE%\current_services_config.reg" move /Y "%USERPROFILE%\current_services_config.reg" "%USERPROFILE%\ntsvcfg"\current_services_config.reg
if exist "%USERPROFILE%\smb.reg" move /Y "%USERPROFILE%\smb.reg" "%USERPROFILE%\ntsvcfg\smb.reg"
if exist "%USERPROFILE%\FPRINT.REF" move /Y "%USERPROFILE%\FPRINT.REF" "%USERPROFILE%\ntsvcfg"\FPRINT.REF
if exist "%USERPROFILE%\handler_aim.reg" move /Y "%USERPROFILE%\handler_aim.reg" "%USERPROFILE%\ntsvcfg\handler_aim.reg"
if exist "%USERPROFILE%\handler_gopher.reg" move /Y "%USERPROFILE%\handler_gopher.reg" "%USERPROFILE%\ntsvcfg\handler_gopher.reg"
if exist "%USERPROFILE%\handler_telnet.reg" move /Y "%USERPROFILE%\handler_telnet.reg" "%USERPROFILE%\ntsvcfg\handler_telnet.reg"
if exist "%USERPROFILE%\services.reg.default" move /Y "%USERPROFILE%\services.reg.default" "%USERPROFILE%\ntsvcfg\services.reg.default"
if exist "%USERPROFILE%\dcom.reg.default" move /Y "%USERPROFILE%\dcom.reg.default" "%USERPROFILE%\ntsvcfg\dcom.reg.default"
if exist "%USERPROFILE%\dcomp.reg.default" move /Y "%USERPROFILE%\dcomp.reg.default" "%USERPROFILE%\ntsvcfg\dcomp.reg.default"
if exist "%USERPROFILE%\smb.reg.default" move /Y "%USERPROFILE%\smb.reg.default" "%USERPROFILE%\ntsvcfg\smb.reg.default"
if exist "%USERPROFILE%\handler_aim.reg.default" move /Y "%USERPROFILE%\handler_aim.reg.default" "%USERPROFILE%\ntsvcfg\handler_aim.reg.default"
if exist "%USERPROFILE%\handler_gopher.reg.default" move /Y "%USERPROFILE%\handler_gopher.reg.default" "%USERPROFILE%\ntsvcfg\handler_gopher.reg.default"
if exist "%USERPROFILE%\handler_telnet.reg.default" move /Y "%USERPROFILE%\handler_telnet.reg.default" "%USERPROFILE%\ntsvcfg\handler_telnet.reg.default"
REM *****变量声明*****
set SELECT="no"
set SVC_BAK=%USERPROFILE%\ntsvcfg\services.reg
set SVC_SAV=%USERPROFILE%\ntsvcfg\current_services_config.reg
set DCOM_BAK=%USERPROFILE%\ntsvcfg\dcom.reg
set DCOMP_BAK=%USERPROFILE%\ntsvcfg\dcomp.reg
set SMB_BAK=%USERPROFILE%\ntsvcfg\smb.reg
set DCOM_TMP=%TEMP%\dcomoff.reg
set DCOMP_TMP=%TEMP%\dcompoff.reg
set SMB_TMP=%TEMP%\smboff.reg
set FPRINT=%USERPROFILE%\ntsvcfg\FPRINT.REF
set HANDLER1=%USERPROFILE%\ntsvcfg\handler_aim.reg
set HANDLER2=%USERPROFILE%\ntsvcfg\handler_gopher.reg
set HANDLER3=%USERPROFILE%\ntsvcfg\handler_telnet.reg
set NB_TMP=%TEMP%\nb_off.vbs
set srctmp=%USERPROFILE%\ntsvcfg\~srcreate.vbs
set DHCP_CHANGES="YES"
REM *****选项*****
set SCHEDULER_ENABLED=NO
set UseXPSysRestore=YES
set RESTORE=NO
set SVC_MOD=NO
set USE_FPRINT=YES
set Deactivate_NetBIOS=YES
set RESTORE_MODE=2
REM *****应用程序路径******
set NET=%SystemRoot%\system32\net.exe
set SC=%SystemRoot%\system32\sc.exe
set FC=%SystemRoot%\system32\fc.exe
set IPCONFIG=%SystemRoot%\system32\ipconfig.exe
echo 正在审核当前用户的使用权限, 请稍等 ...
"%net%" user "%USERNAME%" 2> nul | "%find%" /i "admin" | "%find%" /i /v "name" > nul
if errorlevel 1 (
echo " " " : [主要群/域], 请稍等...
"%net%" user "%USERNAME%" /domain 2> nul | "%find%" /i "admin" | "%find%" /i /v "name" > nul
if errorlevel 1 (
echo.
echo 出错!
echo __________
echo 抱歉,你没有此进程要求的权限许可.请以管理员权限登陆.
echo.
echo.
echo 请按下回车键,以SYSTEM权限登陆系统(优化,原脚本不具备此功能)
pause>nul
"%psexec%" -d -i -s explorer
goto :END
)
)
set IMPORT_OLD_FILES=FALSE
rem 搜索 sc.exe
if not exist "%FPRINT%" echo 正在检查是否存在存在SC.EXE ...
"%sc%" qc > nul 2>&1
if errorlevel 1 (
echo !!出错!!
echo __________
echo 在系统目录下[%SystemRoot%\SYSTEM32\]未发现 SC.EXE.
echo 请从以下区域下载此文件:
echo.
echo.
echo -= ftp://ftp.microsoft.com/reskit/win2000/sc.zip =-
echo.
echo 自行安装 SC.EXE
echo ======================
echo 如果存在活动的网络联接,svc2kxp.cmd 可能会自动尝试下载需求文件 sc.exe
goto :SC_DOWNLOAD
)
if /I "%1"=="/all" (
set SELECT="/all"
goto :SKIP_MENUE
)
if /I "%1"=="/relan" (
set SELECT="/relan"
goto :SKIP_MENUE
)
if /I "%1"=="/std" (
set SELECT="/std"
goto :SKIP_MENUE
)
if /I "%1"=="/default" goto :RESTORE_DEFAULTS
rem 检查已修改的服务
if /I %CHK_SVC%==YES (
if /I %USE_FPRINT%==YES (
if exist "%FPRINT%" (
rem 正在创建当前服务配置得快照...
if exist "%USERPROFILE%\ntsvcfg\svc2cmp.sav" del /F /Q "%USERPROFILE%\ntsvcfg\svc2cmp.sav"
"%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" >%TEMP%\~svclist.txt
for /F "tokens=1*" %%a in (%TEMP%\~svclist.txt) do (
echo %%b >>"%USERPROFILE%\ntsvcfg\svc2cmp.sav"
"%sc%" query "%%b" | %FIND% "STATE" >>"%USERPROFILE%\ntsvcfg\svc2cmp.sav"
"%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%USERPROFILE%\ntsvcfg\svc2cmp.sav"
"%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%USERPROFILE%\ntsvcfg\svc2cmp.sav"
echo. >> "%USERPROFILE%\ntsvcfg\svc2cmp.sav"
)
del "%TEMP%\~svclist.txt"
"%FC%" "%FPRINT%" "%USERPROFILE%\ntsvcfg\svc2cmp.sav" >NUL
if errorlevel 1 goto :DIFF
goto OK
:DIFF
echo 正在检查已修改的服务 ...
echo 粗略评估:服务已经被修改过!
echo ==============================================================================
set SVC_MOD=YES
goto :MOD_END
:OK
echo 正在检查已修改的服务 ... OK
set SVC_MOD=NO
if exist "%USERPROFILE%\ntsvcfg\svc2cmp.sav" del /F /Q "%USERPROFILE%\ntsvcfg\svc2cmp.sav"
goto :MOD_END
:MOD_END
REM
)
)
)
set CHK_SVC=NO
if /I "%1"=="/restore" goto :RESTORE
:MENUE
if /I "%1"=="/lan" goto :SKIP_MENUE
echo ______________________________________________________________________________
echo 程序控制台
echo.
echo (1) 网络: 保持某些需要访问网络的服务状态不变
echo (2) 标准: 关闭所有端口, 但某些服务的状态保持不变.
echo (3) 完全: 改变所有可能引发问题的系统服务.
echo (4) 恢复: 撤消上次更改.
echo (M) 选项: 获取其他更多选项
echo (Q) 退出: 离开程序界面
echo (E) 查看: 查看系统服务状态(系统当前服务配置与预期不符合时才可使用此项)
echo ______________________________________________________________________________
set /P CHS= 请选择您要进行的操作:
if /I "%CHS%"=="1" (
set SELECT="/lan"
goto :SKIP_MENUE
)
if /I "%CHS%"=="2" (
set SELECT="/std"
goto :SKIP_MENUE
)
if /I "%CHS%"=="3" (
set SELECT="/all"
goto :SKIP_MENUE
)
if /I "%CHS%"=="4" goto :RESTORE
if /I "%CHS%"=="R" goto :RESTORE
if /I "%CHS%"=="M" goto :MORE_OPTIONS
if /I "%SVC_MOD%"=="YES" if /I "%CHS%"=="E" goto :EVALUATE_SERVICES
if /I "%CHS%"=="G" goto :CREATING_NEW_FINGERPRINT
if /I "%CHS%"=="Q" goto :QUIT
cls
goto :START
:SKIP_MENUE
rem 检查是否存在陈旧的还原点.
rem if it is so old files will be restored before 在产生新更改之前,如果文件时间太久将会被恢复
if not exist "%SVC_BAK%" goto :NO_RESTORE
if /I %RESTORE_MODE%==3 goto :NO_RESTORE
if /I %RESTORE_MODE%==4 goto :NO_RESTORE
set RESTORE=YES
echo.
echo _______________________________________________________________________
echo.
echo [选择还原模式: %RESTORE_MODE%]
echo.
echo 注意: 发现陈旧的还原文件!
echo.
echo 这个程序已不是第一次运行了。为了使所做的更改生效,
echo 通常所有正确的陈旧还原点文件将会更新到一个新的的状态。
echo.
echo # 开始恢复 ...
goto RESTORE_EXT
:NO_RESTORE
rem 手动计划任务是否需要执行
if /I "%SYSTEM%"=="2k" goto :SKIP_SQUERY
if /I "%SYSTEM%"=="xp" (
if /I %SELECT%=="" goto :SKIP_SQUERY
if /I %SELECT%=="/all" goto :SKIP_SQUERY
if /I %XPSP2%==True (
set SCHEDULER_ENABLED=YES
goto :SKIP_SQUERY
)
)
echo.
echo.
echo 询问
echo ==================
echo.
echo 需要将"scheduler"服务设置为"已禁用"吗?
echo.
echo 如果你有定时计划任务[例如:杀毒软件的更新]那么你将不需要设置自动系统还原点,
echo 请"按任意键继续...立即"关闭[RPC]135端口和[计划任务]1025端口;否则请按"N"键.
echo ___________________________________________
echo.
set /P UNDO=计划任务已经失效- 关闭scheduler [y/n]?
if /I "%UNDO%"=="n" set SCHEDULER_ENABLED=YES
:SKIP_SQUERY
if not exist "%SVC_BAK%.default" (
echo.
echo 正在创建默认还原...
"%regedit%" /e "%SVC_BAK%.default" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
"%regedit%" /e "%DCOM_BAK%.default" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole
"%regedit%" /e "%DCOMP_BAK%.default" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc
"%regedit%" /e "%SMB_BAK%.default" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
"%regedit%" /e "%HANDLER1%.default" HKEY_CLASSES_ROOT\AIM
"%regedit%" /e "%HANDLER2%.default" HKEY_CLASSES_ROOT\gopher
"%regedit%" /e "%HANDLER3%.default" HKEY_CLASSES_ROOT\telnet
cls
echo ... 完成.
)
if exist "%SVC_BAK%" (
if /I %RESTORE_MODE%==2 goto :SKIP_SAVING
if /I %RESTORE_MODE%==4 goto :SKIP_SAVING
)
rem 保存注册表设置
echo _________________________________________________________________________
echo.
echo [选择还原模式: %RESTORE_MODE%]
echo.
echo 保存服务设置到
echo %SVC_BAK% ...
"%regedit%" /e "%SVC_BAK%" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
echo Saving DCOM settings to
echo %DCOM_BAK% ...
"%regedit%" /e "%DCOM_BAK%" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole
echo 保存 DCOM 标准协议 设置到
echo %DCOMP_BAK% ...
"%regedit%" /e "%DCOMP_BAK%" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc
echo 保存 SMB 设置到
echo %SMB_BAK%
"%regedit%" /e "%SMB_BAK%" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters
echo 保存URL连接管理[AIM,gopher,telnet]设置到
echo %HANDLER1%
"%regedit%" /e "%HANDLER1%" HKEY_CLASSES_ROOT\AIM
echo %HANDLER2%
"%regedit%" /e "%HANDLER2%" HKEY_CLASSES_ROOT\gopher
echo %HANDLER3%
"%regedit%" /e "%HANDLER3%" HKEY_CLASSES_ROOT\telnet
echo.
echo 所有任务已完成.
echo ___________________________________________
echo.
:SKIP_SAVING
if /I "%SYSTEM%"=="xp" (
if /I %UseXPSysRestore%==YES (
goto :XPSYSRESTORE
)
)
:XPSYSRESTORE_DONE
rem 重新配置服务
rem 启动:手动
echo.
echo 设置"手动"类型服务....
echo ___________________________________________
echo.
echo # 正在检测 DHCP...
"%ipconfig%" -all | "%find%" /i "Lease" > nul
if errorlevel 1 (
rem 尝试其他方法启动 DHCP
"%ipconfig%" -all | "%find%" /i "DHCP-Server" > nul
if errorlevel 1 (
echo ... 未发现活动的 DHCP.
echo.
echo 注意
echo ======
echo 你的配置预示着 DHCP 服务将不再需要使用.
echo 但是如果你使用 XDSL 尝试联接到网络时可能会产生错误.
echo 如果你在联接到网络期间遇到此故障,请重新将DHCP服务
echo 激活为"手动".
echo.
echo ___________________________________________
echo.
"%sc%" config DHCP start= demand
goto :SKIP_DHCP
)
)
set DHCP_CHANGES="NO"
echo ... DHCP 激活, 服务状态将不会再改变!
echo.
:SKIP_DHCP
"%sc%" config dmadmin start= demand
"%sc%" config DNSCache start= demand
"%sc%" config mnmsrvc start= demand
"%sc%" config MSIServer start= demand
"%sc%" config NetDDE start= demand
"%sc%" config NetDDEdsdm start= demand
"%sc%" config Netman start= demand
"%sc%" config NTLMSsp start= demand
"%sc%" config NtmsSvc start= demand
"%sc%" config PolicyAgent start= demand
"%sc%" config RASAuto start= demand
"%sc%" config RASMan start= demand
"%sc%" config RSVP start= demand
"%sc%" config Scardsvr start= demand
"%sc%" query ScardDrv | "%find%" /i "OpenService FAILED" >NUL
if errorlevel 1 "%sc%" config ScardDrv start= demand
if /I %XPSP2%==True (
rem 如果 XP SP2已安装那么XP-ICF的更改将会减少
if /I %SELECT%=="/std" goto :SKIP_FIREWALL
)
"%sc%" config SharedAccess start= demand
:SKIP_FIREWALL
"%sc%" config Sysmonlog start= demand
"%sc%" config TAPISrv start= demand
"%sc%" config TrkWks start= demand
"%sc%" config UPS start= demand
"%sc%" config W32Time start= demand
"%sc%" config WMI start= demand
if /I %SELECT%=="/all" (
"%sc%" config SamSs start= demand
"%sc%" config LmHosts start= demand
"%sc%" config Winmgmt start= demand
)
if /I "%SYSTEM%"=="2k" (
"%sc%" config AppMgmt start= demand
"%sc%" config Browser start= demand
"%sc%" config clipsrv start= demand
"%sc%" config EventSystem start= demand
"%sc%" config Fax start= demand
"%sc%" config netlogon start= demand
"%sc%" config RPCLocator start= demand
"%sc%" config Utilman start= demand
if /I %SELECT%=="/all" (
"%sc%" config seclogon start= demand
"%sc%" config RPCSs start= demand
"%sc%" config lanmanServer start= demand
)
)
if /I "%SYSTEM%"=="xp" (
"%sc%" config ALG start= demand
"%sc%" config FastUserSwitchingCompatibility start= demand
"%sc%" config helpsvc start= demand
"%sc%" config ImapiService start= demand
"%sc%" config Nla start= demand
"%sc%" config RdSessMgr start= demand
"%sc%" config seclogon start= demand
"%sc%" config stisvc start= demand
"%sc%" config SwPrv start= demand
"%sc%" config TermService start= demand
"%sc%" config upnphost start= demand
"%sc%" config VSS start= demand
"%sc%" query WmdmPmSp | "%find%" /i "OpenService FAILED" >NUL
if errorlevel 1 "%sc%" config WmdmPmSp start= demand
"%sc%" config WmiApSrv start= demand
rem Wireless Zero Configuration - fuer WLAN-Verbindungen notwendig.
rem Falls erforderlich auf AUTO stellen.
rem "%sc%" config WZCSVC start= demand
)
echo.
rem 启动:自动
echo 设置"自动"类型服务...
"%sc%" config dmserver start= auto
"%sc%" config eventlog start= auto
"%sc%" config PlugPlay start= auto
"%sc%" config ProtectedStorage start= auto
"%sc%" config sens start= auto
"%sc%" config spooler start= auto
if /I "%SYSTEM%"=="2k" (
"%sc%" config lanmanworkstation start= auto
"%sc%" config alerter start= auto
)
if /I "%SYSTEM%"=="xp" (
"%sc%" query InteractiveLogon | "%find%" /i "OpenService FAILED" >NUL
if errorlevel 1 "%sc%" config InteractiveLogon start= auto
"%sc%" config Audiosrv start= auto
"%sc%" config CryptSvc start= auto
"%sc%" config RPCSs start= auto
"%sc%" config ShellHWDetection start= auto
"%sc%" config srservice start= auto
"%sc%" query uploadmgr | "%find%" /i "OpenService FAILED" >NUL
if errorlevel 1 "%sc%" config uploadmgr start= auto
"%sc%" config WebClient start= auto
)
echo.
rem 启动:已禁用
echo 设置"已禁用"类型服务....
"%sc%" config cisvc start= disabled
"%sc%" config MSDTC start= disabled
"%sc%" config RemoteAccess start= disabled
"%sc%" config TlntSvr start= disabled
"%sc%" config messenger start= disabled
if /I %SELECT%=="/all" (
"%sc%" query BITS | "%find%" /i "SERVICE_NAME" >NUL
if not errorlevel 1 "%sc%" config BITS start= disabled
"%sc%" query wuauserv | "%find%" /i "SERVICE_NAME" >NUL
if not errorlevel 1 "%sc%" config wuauserv start= disabled
"%sc%" config schedule start= disabled
"%sc%" config RemoteRegistry start= disabled
)
if /I "%SYSTEM%"=="xp" (
"%sc%" config ERSvc start= disabled
"%sc%" config HidServ start= disabled
"%sc%" config SSDPSRV start= disabled
if /I %SELECT%=="/lan" (
if /I %SCHEDULER_ENABLED%==NO "%sc%" config schedule start= disabled
)
if /I %SELECT%=="/std" (
if /I %SCHEDULER_ENABLED%==NO "%sc%" config schedule start= disabled
)
if /I %XPSP2%==True (
echo.
echo 停用 Windows XP SP2 的安全中心...
"%sc%" config wscsvc start= disabled
)
)
echo.
echo ------------------
echo #检查并将不需要的系统服务停止...
echo.
"%sc%" query cisvc | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop cisvc
"%sc%" query RemoteAccess | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop RemoteAccess
"%sc%" query TlntSvr | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop TlntSvr
"%sc%" query MSDTC | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop MSDTC
"%sc%" query messenger | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop messenger
if /I %SELECT%=="/all" (
"%sc%" query BITS | "%find%" /i "SERVICE_NAME" >NUL
if not errorlevel 1 (
"%sc%" query BITS | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop BITS
)
"%sc%" query wuauserv | "%find%" /i "SERVICE_NAME" >NUL
if not errorlevel 1 (
"%sc%" query wuauserv | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop wuauserv
)
"%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop schedule
)
if /I "%SYSTEM%"=="xp" (
if /I %SELECT%=="/lan" (
if /I %SCHEDULER_ENABLED%==NO "%net%" (
"%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop schedule
)
)
if /I %SELECT%=="/std" (
if /I %SCHEDULER_ENABLED%==NO "%net%" (
"%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop schedule
)
if /I %XPSP2%==True (
"%sc%" query wscsvc | "%find%" /i "4 RUNNING" >NUL
if not errorlevel 1 "%net%" stop wscsvc
)
)
echo ------------------
echo 关闭 DCOM 服务...
echo REGEDIT4 > "%DCOM_TMP%"
echo. >> "%DCOM_TMP%"
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole] >> "%DCOM_TMP%"
echo "EnableDCOM"="N" >> "%DCOM_TMP%"
echo "EnableDCOMHTTP"="N" >> "%DCOM_TMP%"
echo. >> "%DCOM_TMP%"
echo. >> "%DCOM_TMP%"
"%regedit%" /s "%DCOM_TMP%"
del /F /Q "%DCOM_TMP%"
echo 关闭DCOM 标准端口 ...
echo REGEDIT4 > "%DCOMP_TMP%"
echo. >> "%DCOMP_TMP%"
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc] >> "%DCOMP_TMP%"
echo "DCOM Protocols"=hex(7):00,00,00,00 >> "%DCOMP_TMP%"
echo. >> "%DCOMP_TMP%"
echo. >> "%DCOMP_TMP%"
"%regedit%" /s "%DCOMP_TMP%"
del /F /Q "%DCOMP_TMP%"
echo 关闭135端口(可能包括1025,或者更多) ...
echo - 封闭RPC客户端端口
echo REGEDIT4 > "%SMB_TMP%"
echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\ClientProtocols] >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
if /I %SCHEDULER_ENABLED%==NO (
echo - 高级RPC配置
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] >> "%SMB_TMP%"
echo "PortsInternetAvailable"="N" >> "%SMB_TMP%"
echo "UseInternetPorts"="N" >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
)
if /I %XPSP2%==TRUE (
echo - 高级RPC配置
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] >> "%SMB_TMP%"
echo "PortsInternetAvailable"="N" >> "%SMB_TMP%"
echo "UseInternetPorts"="N" >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
)
echo - 去除不需要的URL连接管理[AIM,gopher,telnet]
echo [-HKEY_CLASSES_ROOT\AIM] >> "%SMB_TMP%"
echo [-HKEY_CLASSES_ROOT\gopher] >> "%SMB_TMP%"
echo [-HKEY_CLASSES_ROOT\telnet] >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
"%regedit%" /s "%SMB_TMP%"
del /F /Q "%SMB_TMP%"
if /I %SELECT%=="/all" (
echo.
echo 关闭SMB的端口445...
echo REGEDIT4 > "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >> "%SMB_TMP%"
echo "SMBDeviceEnabled"=dword:00000000 >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
"%regedit%" /s "%SMB_TMP%"
del /F /Q "%SMB_TMP%"
set REBOOT_REQUIRED=yes
)
if /I %SELECT%=="/std" (
echo.
echo 关闭SMB的端口445...
echo REGEDIT4 > "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >> "%SMB_TMP%"
echo "SMBDeviceEnabled"=dword:00000000 >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
"%regedit%" /s "%SMB_TMP%"
del /F /Q "%SMB_TMP%"
set REBOOT_REQUIRED=yes
)
if /I %SELECT%=="/std" goto :NB_DISABLE
if /I %SELECT%=="/all" goto :NB_DISABLE
goto :SKIP_NB_DISABLE
:NB_DISABLE
if /I %DEACTIVATE_NETBIOS%==NO (
echo.
echo 由于SP2"的网络基本输入输出系统【Netbios】"出现问题,
echo 所以此选项将会跳过.
echo.
goto :SKIP_NB_DISABLE
)
rem (因为 SP2 的网络基本输入输出系统【Netbios】出现问题)
if /I %XPSP2%==True (
echo.
echo 注意:
echo -----
echo 如果你对Windows XP Service Pack 2进行
echo 更新后出现问题请按照以下方法来做:
echo.
echo set Deactivate_NetBIOS=NO
echo.
)
rem *** Thx2 Johannes Lichtenberger for the following lines using VBScript***
rem 约翰尼斯 李顿勃.Thx2关闭用以下的VBScript
echo 关闭当前所有的NetBios接口...
echo.
echo On Error Resume Next>>"%nb_tmp%"
echo.>>"%nb_tmp%"
echo TcpipoverNetbios = 2 '0=NetbiosfromDHCP 1=EnableNetbios 2=DisableNetbios>>"%nb_tmp%"
echo.>> "%nb_tmp%"
echo strComputer = ".">>"%nb_tmp%"
echo Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")>>"%nb_tmp%"
echo Set objNICs = objWMIService.ExecQuery _>>"%nb_tmp%"
echo ("Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = True")>>"%nb_tmp%"
echo For Each objNic In objNICs>>"%nb_tmp%"
echo errTcpipNetbios = objNic.SetTCPIPNetBIOS(TcpipoverNetbios)>>"%nb_tmp%"
echo Next>>"%nb_tmp%"
"%SYSTEMROOT%\SYSTEM32\CSCRIPT.EXE" "%nb_tmp%"
del /F /Q "%nb_tmp%"
set REBOOT_REQUIRED=yes
:SKIP_NB_DISABLE
rem 跳过 Billboard 因为 /all 参数已经使用
if /I %SELECT%=="/all" goto :SW_ALL
if /I %SELECT%=="/std" goto :SW_ALL
if /I %SELECT%=="/relan" goto :SW_ALL
echo.
echo ___________________________________________________________________
echo.
echo *** 程序运行反馈情况***
echo.
echo 并不是所有的更改都能显示出来的.为了更正在www.ntsvcfg.de
echo 列出所有问题,请使用参数 '/all'或者选择第 "3" 项!
if /I %DHCP_CHANGES%=="YES" (
echo.
echo DHCP重要注意事项
echo =====================
echo 你的配置预示着 DHCP 服务将不再需要使用. 但是如果你使用
echo XDSL尝试联接到网络时可能会产生错误. 如果你在联接到网络
echo 期间遇到此故障,请重新将DHCP服务激活为"手动".
echo.
)
echo ___________________________________________________________________
:SW_ALL
if /I %SELECT%=="/relan" (
rem 启动:自动
echo.
echo ------------------
echo 正在启动服务...
"%sc%" config LmHosts start= auto
"%sc%" config RemoteRegistry start= auto
"%sc%" config SamSs start= auto
"%sc%" config Winmgmt start= auto
if /I "%SYSTEM%"=="2k" (
"%sc%" config RPCSs start= auto
"%sc%" config lanmanServer start= auto
"%sc%" config seclogon start= auto
)
if /I "%SYSTEM%"=="XP" (
rem 配置"%sc%"共享入口为启动类型自动
)
rem 重新启动服务(start re-enabled services)
echo.
echo ------------------
echo 重新启动服务[Re]...
echo.
"%sc%" query RemoteRegistry | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start RemoteRegistry
"%sc%" query SamSs | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start SamSs
"%sc%" query LmHosts | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start LmHosts
"%sc%" query Winmgmt | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start Winmgmt
if /I "%SYSTEM%"=="2k" (
"%sc%" query LanmanServer | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start lanmanServer
"%sc%" query RPCSs | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start RPCSs
"%sc%" query Seclogon | "%find%" /i "1 STOPPED" >NUL
if not errorlevel 1 "%net%" start seclogon
)
if /I "%SYSTEM%"=="XP" (
rem 启动"%net%"共享入口
)
rem 打开SMB 445端口
echo.
echo ------------------
echo 打开SMB 445 端口...
echo REGEDIT4 > "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >> "%SMB_TMP%"
echo "SMBDeviceEnabled"=dword:00000001 >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
echo. >> "%SMB_TMP%"
"%regedit%" /s "%SMB_TMP%"
del /F /Q "%SMB_TMP%"
set REBOOT_REQUIRED=yes
)
rem 创建当前系统服务配置的快照..
if exist "%FPRINT%" del /F /Q "%FPRINT%"
if /I %USE_FPRINT%==YES (
echo.
echo 创建快照将会占用一些时间......
"%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" > %TEMP%\~svclist.txt
for /F "tokens=1*" %%a in (%TEMP%\~svclist.txt) do (
echo %%b >>"%FPRINT%"
"%sc%" query "%%b" | %FIND% "STATE" >>"%FPRINT%"
"%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%FPRINT%"
"%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%FPRINT%"
echo. >> "%FPRINT%"
)
del "%TEMP%\~svclist.txt"
echo ...完成.
)
goto :END
:RESTORE
echo ____________________________________________________
echo.
set /P UNDO= 撤销上次的更改 [是/否(y/n)]?
if /I "%UNDO%"=="y" (
echo _______________________________________________________________
echo.
echo Hinweis:
echo ========
echo 系统在导出备份时也许可能会报错.你只需点击"是"即可忽略它!
echo _______________________________________________________________
echo 状况:
echo -------
:RESTORE_EXT
if exist "%SVC_BAK%" (
echo 正在导入服务...
echo ["%SVC_BAK%"]
"%regedit%" /s "%SVC_BAK%"
set action=""
)
if exist "%DCOM_BAK%" (
echo 正在导入DCOM ...
echo ["%DCOM_BAK%"]
"%regedit%" /s "%DCOM_BAK%"
)
if exist "%DCOMP_BAK%" (
echo 正在导入DCOM-standard protocols ...
echo ["%DCOMP_BAK%"]
"%regedit%" /s "%DCOMP_BAK%"
)
if exist "%SMB_BAK%" (
echo 正在导入 SMB-设置...
echo ["%SMB_BAK%"]
echo - 正在删除激活的SMB设备注册表键 ...
echo REGEDIT4 > "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >> "%USERPROFILE%\smbpatch~.reg"
echo "SMBDeviceEnabled"=- >> "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
"%SystemRoot%\regedit.exe" /s "%USERPROFILE%\smbpatch~.reg"
del /F /Q "%USERPROFILE%\smbpatch~.reg"
"%regedit%" /s "%SMB_BAK%"
)
if exist "%HANDLER1%" (
echo 正在导入 URL_HANDLER AIM ...
echo ["%HANDLER1%"]
"%regedit%" /s "%HANDLER1%"
)
if exist "%HANDLER2%" (
echo 正在导入 URL_HANDLER GOPHER ...
echo ["%HANDLER2%"]
"%regedit%" /s "%HANDLER2%"
)
if exist "%HANDLER3%" (
echo 正在导入 URL_HANDLER TELNET ...
echo ["%HANDLER3%"]
"%regedit%" /s "%HANDLER3%"
)
rem Skipping back to next state
if /I "%RESTORE%"=="YES" goto :NO_RESTORE
echo 正在删除 RPC Internet 注册表键 ....
echo REGEDIT4 >"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
"%regedit%" /s "%USERPROFILE%\svc_fix.reg"
del /F /Q "%USERPROFILE%\svc_fix.reg"
rem 创建当前服务配置的快照...
if exist "%FPRINT%" del /F /Q "%FPRINT%"
if /I %USE_FPRINT%==YES (
echo.
echo 创建快照将会占用一些时间...
"%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" > %TEMP%\~svclist.txt
for /F "tokens=1*" %%a in (%TEMP%\~svclist.txt) do (
echo %%b >>"%FPRINT%"
"%sc%" query "%%b" | %FIND% "STATE" >>"%FPRINT%"
"%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%FPRINT%"
"%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%FPRINT%"
echo. >> "%FPRINT%"
)
del "%TEMP%\~svclist.txt"
echo ...完成.
)
echo.
echo _______________________________________________________________
echo.
echo *** 程序运行反馈情况 ***
echo.
echo. 如果你未在状态框上看到任何信息,说明没有备份的文件可以用来进行恢复,
echo 恢复完成.请重新激活NetBios分配给每个你想使用的NIC,然后重启。
echo ________________________________________________________________
)
goto :END
:RESTORE_DEFAULTS
echo.
echo *** 恢复车间设置 ***
echo.
echo ______________________________________________________________________________
echo.
set /P UNDO= 恢复到(在使用脚本之前, NetBIOS除外) 默认状态[y/n]?
if /I "%UNDO%"=="y" (
echo.
echo - 恢复最初的服务配置[如果备份文件存在] ...
if exist "%SVC_BAK%.default" (
echo "%SVC_BAK%.default"
"%regedit%" /s "%SVC_BAK%.default"
)
if exist "%DCOM_BAK%.default" (
echo "%DCOM_BAK%.default"
"%regedit%" /s "%DCOM_BAK%.default"
)
if exist "%DCOMP_BAK%.default" (
echo "%DCOMP_BAK%.default"
"%regedit%" /s "%DCOMP_BAK%.default"
)
if exist "%SMB_BAK%.default" (
echo "%SMB_BAK%.default"
echo - 正在删除激活的SMB设备注册表键 ...
echo REGEDIT4 > "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
echo [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NetBT\Parameters] >> "%USERPROFILE%\smbpatch~.reg"
echo "SMBDeviceEnabled"=- >> "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
echo. >> "%USERPROFILE%\smbpatch~.reg"
"%SystemRoot%\regedit.exe" /s "%USERPROFILE%\smbpatch~.reg"
del /F /Q "%USERPROFILE%\smbpatch~.reg"
"%regedit%" /s "%SMB_BAK%.default"
)
if exist "%HANDLER1%.default" (
echo "%HANDLER1%.default"
"%regedit%" /s "%HANDLER1%.default"
)
if exist "%HANDLER2%.default" (
echo "%HANDLER2%.default"
"%regedit%" /s "%HANDLER2%.default"
)
if exist "%HANDLER3%.default" (
echo "%HANDLER3%.default"
"%regedit%" /s "%HANDLER3%.default"
)
echo ... 完成.
echo - 正在删除 RPC Internet 注册表键 ...
echo REGEDIT4 >"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
"%regedit%" /s "%USERPROFILE%\svc_fix.reg"
del /F /Q "%USERPROFILE%\svc_fix.reg"
echo ... 完成.
)
goto :QUIT
:SC_DOWNLOAD
echo ______________________________________________________________
echo.
echo 你当前的状态是否已经连接到internet?
echo.
set /P UNDO= 请选择: [y/n]?
if /I "%UNDO%"=="y" goto :SC_DOWNLOAD_OK
goto :END
:SC_DOWNLOAD_OK
if exist "%SYSTEMROOT%\sc.zip" goto :SCE
echo 正在生成 FTP 脚本 ...
if exist "%USERPROFILE%"\script_sc.ls del /F "%USERPROFILE%\script_sc.ls"
echo open 207.46.133.140 >"%USERPROFILE%\script_sc.ls"
echo user anonymous anonymous@aol.com >>"%USERPROFILE%\script_sc.ls"
echo type binary >>"%USERPROFILE%\script_sc.ls"
echo user anonymous anonymous@aol.com >>"%USERPROFILE%\script_sc.ls"
echo type binary >>"%USERPROFILE%\script_sc.ls"
echo get /reskit/win2000/sc.zip "%SYSTEMROOT%\System32\SC.ZIP" >>"%USERPROFILE%\script_sc.ls"
echo quit >>"%USERPROFILE%\script_sc.ls"
echo 正在下载 SC.EXE ...
ftp -s:"%USERPROFILE%\script_sc.ls"
del /F "%USERPROFILE%\script_sc.ls"
:SCE
if exist "%SYSTEMROOT%\System32\pkunzip.exe" goto :PKE
echo 正在生成 FTP 脚本 ...
if exist "%USERPROFILE%"\script_pk.ls del /F "%USERPROFILE%\script_pk.ls"
echo open ftp.uni-duesseldorf.de >"%USERPROFILE%\script_pk.ls"
echo user anonymous anonymous@aol.com >>"%USERPROFILE%\script_pk.ls"
echo type binary >>"%USERPROFILE%\script_pk.ls"
echo user anonymous anonymous@aol.com >>"%USERPROFILE%\script_pk.ls"
echo type binary >>"%USERPROFILE%\script_pk.ls"
echo get /pub/ie/pkunzip.exe "%SYSTEMROOT%\System32\pkunzip.exe" >>"%USERPROFILE%\script_pk.ls"
echo quit >>"%USERPROFILE%\script_pk.ls"
echo 正在下载 PKUNZIP.EXE ...
ftp -s:"%USERPROFILE%\script_pk.ls"
del /F "%USERPROFILE%\script_pk.ls"
:PKE
if not exist "%SYSTEMROOT%\System32\sc.zip" (
echo.
echo.
echo 下载 SC.ZIP 文件失败. 请手动下载并将它复制到%SYSTEMROOT%\目录.
)
if not exist "%SYSTEMROOT%\System32\pkunzip.exe" (
echo.
echo 未发现文件PKUNZIP.EXE. 请从压缩包中解压 SC.EXE.
)
if exist "%SYSTEMROOT%\System32\SC.ZIP" (
if exist "%SYSTEMROOT%\System32\pkunzip.exe" (
"%SYSTEMROOT%\System32\pkunzip.exe" -e "%SYSTEMROOT%\System32\sc.zip" sc.exe
)
)
move /Y sc.exe "%SYSTEMROOT%\System32\"
echo.
echo 正在重新启动脚本 ...
goto :START
:FIX
echo.
echo -= svc2kxp.cmd 计划任务修复 =-
echo.
echo.
echo 如果你想修复疑问:" 在Windows XP启动后不自动执行计划任务
echo 在运行 v2.0 - v2.1build0版本的脚本",按下"Y"键.
echo.
set /P UNDO= 修复问题 [y/n]?
if /I "%UNDO%"=="y" (
echo REGEDIT4 >"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet] >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
echo. >>"%USERPROFILE%\svc_fix.reg"
"%regedit%" /s "%USERPROFILE%\svc_fix.reg"
del /F /Q "%USERPROFILE%\svc_fix.reg"
echo ______________________________________
echo.
echo 完成. 请重新启动并再次检查开放的端口 ...!
)
rem 创建当前服务设置的快照..
if exist "%FPRINT%" del /F /Q "%FPRINT%"
goto quit
if /I %USE_FPRINT%==YES (
echo.
echo Creating fingerprint which will take a few seconds ...
"%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" > %TEMP%\~svclist.txt
for /F "tokens=1*" %%a in (%TEMP%\~svclist.txt) do (
echo %%b >>"%FPRINT%"
"%sc%" query "%%b" | %FIND% "STATE" >>"%FPRINT%"
"%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%FPRINT%"
"%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%FPRINT%"
echo. >> "%FPRINT%"
)
del "%TEMP%\~svclist.txt"
echo ... 完成.
)
goto :QUIT
rem **** 添加特殊目录(Additional Feature List)****
:MORE_OPTIONS
cls
echo ______________________________________________________________________________
echo.
echo *** 其他选项 ***
echo =====================================
echo.
if /I "%SVC_MOD%"=="YES" (
echo [E]...显示一个自从上次使用 svc2kxp.cmd 修改服务的目录
echo.
)
echo [G]...为系统服务创建一个快照,用来发现并纠正系统服务的更改情况
echo.
echo [S]...保存当前 NT 服务的配置情况(自动/手动/已禁用).
echo.
echo [B]...返回主程序.
echo.
echo [Q]...退出.
echo.
echo ______________________________________________________________________________
echo.
if /I "%SVC_MOD%"=="NO" set /P CHS= 请选择您要进行的操作:
if /I "%SVC_MOD%"=="YES" set /P CHS= 请选择您要进行的操作:
if /I "%SVC_MOD%"=="YES" if /I "%CHS%"=="E" GOTO :EVALUATE_SERVICES
if /I "%CHS%"=="G" GOTO :CREATING_NEW_FINGERPRINT
if /I "%CHS%"=="B" (
CLS
GOTO :MENUE
)
if /I "%CHS%"=="S" GOTO :SAVE_SVC_SETTINGS
if /I "%CHS%"=="Q" GOTO :QUIT
GOTO :MORE_OPTIONS
:EVALUATE_SERVICES
cls
echo ______________________________________________________________________________
echo.
echo *** 系统服务评估情况 ***
echo.
"%FC%" /N "%FPRINT%" "%USERPROFILE%\ntsvcfg\svc2cmp.sav"
echo [B]...返回.
echo [U]...更新.
echo [Q]...退出.
echo ______________________________________________________________________________
echo.
set /P CHS= 请选择您要进行的操作:
if /I "%CHS%"=="B" GOTO :MORE_OPTIONS
if /I "%CHS%"=="U" GOTO :CREATING_NEW_FINGERPRINT
if /I "%CHS%"=="Q" GOTO :QUIT
GOTO :MORE_OPTIONS
:SAVE_SVC_SETTINGS
cls
echo ______________________________________________________________________________
echo.
echo *** 管理当前服务配置菜单选项 ***
echo --------------------------------------------
echo.
set /P CHS= 您是否需要保存当前的服务设置[y/n]?
if /I "%CHS%"=="N" GOTO :MORE_OPTIONS
if /I "%CHS%"=="Y" (
echo 保存当前服务的设置状态到:
echo.
echo - %SVC_SAV%
"%regedit%" /e "%SVC_SAV%" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
echo.
echo ... 完成!
echo ______________________________________________________________________________
echo.
echo 敲击任意键返回.
pause>NUL
)
if /I "%CHS%"=="Q" GOTO :QUIT
goto :MORE_OPTIONS
pause >NUL
goto :MORE_OPTIONS
:CREATING_NEW_FINGERPRINT
cls
echo ______________________________________________________________________________
echo.
echo *** 创建新的指纹快照 ***
echo ------------------------------
echo.
set /P CHS= 是否创建新的指纹快照 [Y/N]?
if /I "%CHS%"=="Y" (
if exist "%FPRINT%" del /F /Q "%FPRINT%"
echo 创建新的指纹快照将会占用一些时间,请稍等 ...
"%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" > %TEMP%\~svclist.txt
for /F "tokens=1*" %%a in (%TEMP%\~svclist.txt) do (
echo %%b >>"%FPRINT%"
"%sc%" query "%%b" | %FIND% "STATE" >>"%FPRINT%"
"%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%FPRINT%"
"%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%FPRINT%"
echo. >> "%FPRINT%"
)
del "%TEMP%\~svclist.txt"
echo ... 完成.
echo ______________________________________________________________________________
echo.
echo [按任意键继续...]
set CHK_SVC=YES
PAUSE >NUL
)
cls
GOTO :MORE_OPTIONS
:XPSYSRESTORE
REM 创建一个系统还原点// 源代码: MS Technet Scriptcenter
echo.
echo 如果 Windows XP 的系统还原可用,创建系统还原点 ...
if exist "%srctmp%" del /F /Q "%srctmp%"
echo CONST DEVICE_DRIVER_INSTALL = 10 >"%srctmp%"
echo CONST BEGIN_SYSTEM_CHANGE = 100 >>"%srctmp%"
echo.>>"%srctmp%"
echo strComputer = ".">>"%srctmp%"
echo Set objWMIService = GetObject("winmgmts:" _ >>"%srctmp%"
echo ^& "{impersonationLevel=impersonate}!\\" ^& strComputer ^& "\root\default")>>"%srctmp%"
echo.>>"%srctmp%"
echo Set objItem = objWMIService.Get("SystemRestore")>>"%srctmp%"
echo errResults = objItem.CreateRestorePoint _ >>"%srctmp%"
echo ("svc2kxp.cmd 创建的还原点", DEVICE_DRIVER_INSTALL, BEGIN_SYSTEM_CHANGE)>>"%srctmp%"
call "%srctmp%"
del /F /Q "%srctmp%"
echo.
goto :XPSYSRESTORE_DONE
:END
if "%REBOOT_REQUIRED%"=="yes" (
echo.
echo ______________________________________________________
echo.
echo *** 程序运行反馈情况 ***
echo.
echo.
if /I %SELECT%=="/all" echo 所有更改已经成功应用.
if /I %SELECT%=="/std" echo 某些系统服务未做更改.
if /I %SELECT%=="/relan" echo LAN 设置已激活.
if /I %DHCP_CHANGES%=="YES" (
echo.
echo DHCP重要注意事项
echo =====================
echo 你的配置预示着 DHCP 服务将不再需要使用.
echo 但是如果你使用 XDSL 尝试联接到网络时可能会产生错误.
echo 如果你在联接到网络期间遇到此故障,请重新将DHCP服务
echo 激活为"手动".
echo.
)
echo 请重新启动.
echo ______________________________________________________
)
:QUIT
echo ________________________________________________________
echo.
echo.
echo 详细信息请登陆: http://www.ntsvcfg.de/ntsvcfg_eng
echo ________________________________________________________
echo [按任意键退出]
echo ------------------------------------------------------
echo.
if /I "%1"=="" pause>NUL
:QUIT_EXT
endlocal
if exist "%USERPROFILE%\ntsvcfg\svc2cmp.sav" del /F /Q "%USERPROFILE%\ntsvcfg\svc2cmp.sav"
echo.
|
『生如夏花之绚烂
死若秋叶之静美』 dos做到了 |
|
|
2007-7-3 19:25 |
|
|
wxcute
中级用户
积分 458
发帖 211
注册 2006-7-26
状态 离线
|
『第
37 楼』:
md prn\
这条命令建立的“prn”目录好像没法删除阿,怎么删除?
------------------------------------
哦,知道了,原来是:
rd prn\
开始没想到要加这“\”。
[ Last edited by wxcute on 2008-1-18 at 04:53 AM ]
|
|
|
2008-1-18 04:22 |
|
|
wxcute
中级用户
积分 458
发帖 211
注册 2006-7-26
状态 离线
|
『第
38 楼』:
| Quote: | Originally posted by lxmxn at 2007-4-15 00:15:
对了,又想到一个,就是如果别人同时插上两个U盘,这个批不就只能检测一次了? |
|
我改了下,这样就能一次检测多个U盘了。^_^
@echo off
color 2f
title U盘autorun病毒免疫
mode con lines=20
setlocal EnableDelayedExpansion
echo ------U盘autorun病毒免疫系统-------
echo --采用简单的命令编写允许任意修改 --
echo --注意:本程序只是简单的免疫不提--
echo --供病毒清除功能。若提示子目录或--
echo --文件已存在,则可以已被病毒感染--
echo --或你对此盘做过个性设置。 --
echo -------------------
echo 晴天飘雪
echo 2007年4月13日
echo.
for %%i in (d e f g h i j k l m n o p q r s t u v w x y z) do (
fsutil fsinfo drivetype %%i:|findstr "可移动">nul&&(
set hd=%%i:\
set /a nu+=1
call :my
)
)
if !nu! equ 0 goto :end
echo 恭喜您,[!nu!个U盘]autorun病毒免疫成功,按任意键退出程序。
goto :e2
:my
cd/d !hd!
md autorun.inf autorun.inf\prn\ autorun.inf\pig..\>nul 2>nul
attrib +s +h autorun.inf>nul
echo y|cacls autorun.inf /t /c /p everyone:n>nul 2>nul
goto :eof
:end
echo 没有检测到可移动磁盘,按任意键退出程序。
:e2
pause>nul [ Last edited by wxcute on 2008-1-20 at 02:59 PM ]
|
|
|
2008-1-20 12:43 |
|
|
SamuelFish
初级用户
积分 61
发帖 30
注册 2008-1-16
状态 离线
|
『第
39 楼』:
看了楼主的代码让我又学会了一个命令,呵 fsutil
|
|
|
2008-1-21 19:03 |
|
|
