不错的批处理脚本实例代码 第二部分
echo ----------------------------3.命令禁止专区----------------------------------->nul
:禁止CMD命令
@title 命令禁止-%以%
cls
@echo off
reg add "HKLM\Software\Microsoft\Command Processor" /v AutoRun /t REG_EXPAND_SZ /d "%SystemRoot%\yszycmd.cmd" /f>nul 2>nul 4>nul
dir %SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
goto jzcmd2%ERRORLEVEL%
:jzcmd20
find /i "doskey"%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
goto jzcmd%ERRORLEVEL%
:jzcmd1
:jzcmd21
echo @echo off> %SystemRoot%\yszycmd.cmd
echo doskey doskey =echo doskey已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd
:jzcmd0
echo,
echo,
echo 请输入你要禁止的命令如:输入DIR然后回车=DIR命令禁止使用
echo -------------------------------------------------------------------------
echo 直接回车=刷新 按G=列表选择 按QQ=俺QQ空间 按Q=退出
echo -------------------------------------------------------------------------
echo 按B=去除所有禁止命令 按S=查看当前禁止的命令 按A=自定义不要禁止的命令
echo -------------------------------------------------------------------------
echo,
echo,
set jzcmd=
set /p jzcmd=
if /I "%jzcmd%"=="g" goto 列表选择
if /I "%jzcmd%"=="qq" start iexplore
if /I "%jzcmd%"=="" goto 禁止CMD命令
if /I "%jzcmd%"=="b" goto jzcmdbo
if /I "%jzcmd%"=="a" goto jzcmdzd
if /I "%jzcmd%"=="2" goto 禁止CMD命令
if /I "%jzcmd%"=="1" goto 禁止CMD命令
if /I "%jzcmd%"=="q" (exit)
if /I "%jzcmd%"=="s" goto jccmdck
%jzcmd% /?>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="9009" goto cmdmy
find /i "%jzcmd%"%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="0" goto cmdyy
echo "%jzcmd%"|find /i" " >nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="0" goto cmdbb
echo doskey %jzcmd% =echo %jzcmd%已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd
goto jzcmdcg
:cmdmy
echo,
echo,
echo,
echo,
echo,
echo 你输入的命令不可用
echo 请按任意键继续
pause >nul
goto 禁止CMD命令
:jzcmdcg
echo,
echo,
echo,
echo 已经禁止-请按任意键继续
pause >nul
goto 禁止CMD命令
:cmdbb
echo,
echo,
echo 此命令带空格.不可输入
echo 请按任意键继续
pause >nul
goto 禁止CMD命令
:jccmdck
cls
echo 以下是已经禁止的命令
echo,
echo,
for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i
echo -------------------------------------------------------------------------
echo,
echo,
echo,
echo,
goto jzcmd0
:cmdyy
echo,
echo,
echo,
echo,
echo ------------------此命令已经存在禁止列表中,不需多次禁止--------------------
echo 请按任意键继续
pause >nul
goto 禁止CMD命令
:jzcmdbo
cls
del %SystemRoot%\yszycmd.cmd
echo,
echo,
echo,
echo,
echo,
echo,
echo,
echo,
echo →◎→◎→◎→◎→◎→已经去除所有禁止命令←◎←◎←◎←◎←◎←
echo -------------------------------------------------------------------------
echo →◎→◎→◎→◎→◎→请按任意键继续←◎←◎←◎←◎←◎←
pause >nul
goto 禁止CMD命令
:jzcmdzd
cls
echo 以下是已经禁止的命令
echo,
echo,
for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i
echo -------------------------------------------------------------------------
echo,
echo,
echo,
echo,
echo 请输入你要从禁止列表中去除的命令
echo G=返回禁止CMD命令 Q=退出
set zcmdzd=
set /p zcmdzd=
if /I "%zcmdzd%"=="g" goto 禁止CMD命令
if /I "%zcmdzd%"=="q" (exit)
if /I "%zcmdzd%"=="" goto jzcmdzd
%zcmdzd% /?>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="9009" goto cmdmy
find /i "%zcmdzd%"%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="1" goto jzcmdmy11
type %SystemRoot%\yszycmd.cmd|find /v /i "%zcmdzd%">%SystemRoot%\yszycmd1.cmd
del %SystemRoot%\yszycmd.cmd
ren %SystemRoot%\yszycmd1.cmd yszycmd.cmd
echo,
echo,
echo,
echo,
echo,
echo 已经从禁止列表中去除%zcmdzd%命令
echo 按任意键继续
pause >nul
goto jzcmdzd
:jzcmdmy11
echo,
echo,
echo,
echo,
echo 你输入的命令不存在禁止列表中-请确定后在来吧
echo 按任意键继续
pause >nul
goto jzcmdzd
:cmdmy
echo,
echo,
echo,
echo,
echo 你输入的不是命令-不要拿我来开唰哦
echo 按任意键继续
pause >nul
goto jzcmdzd
echo ----------------------------4.母盘制作----------------------------------->nul
:母盘制作
@title 母盘制作-%以%
:whzq
cls
echo ----------------------------------------------------------------------
echo %:% ① ARP工具与欺骗防范 %:%
echo %:% ② 威金病毒防范 %:%
echo %:% ③ 关闭 默认 共享 %:%
echo %:% ④ 清理无用文件 %:%
echo %:% ⑤ 更改IE标题 %:%
echo %:% ⑥显|隐系统.隐藏文件·夹%:%
echo %:% ⑦ 清除-桌面右键多余菜单 %:%
echo ───────────────────────────────────
echo 请输入你需要的对应值.
echo 按回车=刷新恢复列表 G=列表选择 QQ=俺QQ空间 Q=退出
:whzq1
gpupdate /force>nul
set whzq=""
set /p whzq=
if /i "%whzq%"=="1" goto arpff
if /i "%whzq%"=="2" goto wjbdff
if /i "%whzq%"=="3" goto gbgx
if /i "%whzq%"=="4" goto qlwj
if /i "%whzq%"=="5" goto ggie
if /i "%whzq%"=="6" goto xywj
if /i "%whzq%"=="7" goto qcyj
if /i "%whzq%"=="qq" start iexplore
if /i "%whzq%"=="q" goto exit
if /i "%whzq%"=="g" goto 列表选择
goto whzq
::---------------------① ARP工具与欺骗防范---------------------
:arpff
::使winpacp装不上.让网络执法管等没用
md %windir%\system32\packet.dll >nul 2>nul
md %windir%\system32\pthreadVC.dll >nul 2>nul
md %windir%\system32\wpcap.dll >nul 2>nul
md %windir%\system32\drivers\npf.sys >nul 2>nul
md %windir%\system32\npptools.dll >nul 2>nul
::使以上添加的文件本地用户名没权限访问
echo y|cacls.exe %windir%\system32\packet.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\pthreadVC.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\wpcap.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\drivers\npf.sys /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\npptools.dll /d system administrator guest >nul 1>nul
echo ----------------------------------------------------------------------
echo 已经添加防范ARP欺骗与网络执法管等工具的文件
goto whzq1
::---------------------② 威金病毒防范---------------------
:wjbdff
md %windir%\Logo1_.exe >nul 2>nul
md %windir%\rundl132.exe >nul 2>nul
md %windir%\0Sy.exe >nul 2>nul
md %windir%\vDll.dll >nul 2>nul
md %windir%\1Sy.exe >nul 2>nul
md %windir%\2Sy.exe >nul 2>nul
md %windir%\rundll32.exe >nul 2>nul
md %windir%\3Sy.exe >nul 2>nul
md %windir%\5Sy.exe >nul 2>nul
md %windir%\1.com >nul 2>nul
md %windir%\exerouter.exe >nul 2>nul
md %windir%\EXP10RER.com >nul 2>nul
md %windir%\finders.com >nul 2>nul
md %windir%\Shell.sys >nul 2>nul
md %windir%\smss.exe >nul 2>nul
echo y|cacls.exe %windir%\Logo1_.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\rundl132.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\0Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\vDll.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\1Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\2Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\rundll32.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\3Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\5Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\1.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\exerouter.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\EXP10RER.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\finders.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\Shell.sys /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\smss.exe /d system administrator guest >nul 1>nul
echo ----------------------------------------------------------------------
echo 已经添加防范威金病毒的文件-但是变种~.exe尚是没办法
goto whzq1
::---------------------③ 关闭 默认 共享---------------------
:gbgx
net share c$ /delete 2>nul
net share d$ /delete 2>nul
net share e$ /delete 2>nul
net share f$ /delete 2>nul
net share g$ /delete 2>nul
net share h$ /delete 2>nul
net share g$ /delete 2>nul
net share admin$ /delete 2>nul
net share i$ /delete 2>nul
echo Windows Registry Editor Version 5.00> c:/delshare.reg
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\LSA /v RestrictAnonymous /t REG_DWORD /d 1 /F >nul
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareWks /t REG_DWORD /d 0 /F >nul
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t REG_DWORD /d 0 /F >nul
echo ----------------------------------------------------------------------
echo 已经关闭默认共享.
goto whzq1
::---------------------④ 清理无用文件---------------------
:qlwj
echo 正在清除系统垃圾文件,请稍等......
del /f /s /q %systemdrive%\*.tmp >nul 2>nul
del /f /s /q %systemdrive%\*._mp >nul 2>nul
del /f /s /q %systemdrive%\*.log >nul 2>nul
del /f /s /q %systemdrive%\*.gid >nul 2>nul
del /f /s /q %systemdrive%\*.chk >nul 2>nul
del /f /s /q %systemdrive%\*.old >nul 2>nul
del /f /s /q %systemdrive%\recycled\*.* >nul 2>nul
del /f /s /q %windir%\*.bak >nul 2>nul
del /f /s /q %windir%\prefetch\*.* >nul 2>nul
rd /s /q %windir%\temp md %windir%\temp >nul 2>nul
del /f /q %userprofile%\cookies\*.* >nul 2>nul
del /f /q %userprofile%\recent\*.* >nul 2>nul
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*" >nul 2>nul
del /f /s /q "%userprofile%\Local Settings\Temp\*.*" >nul 2>nul
del /f /s /q "%userprofile%\recent\*.*" >nul 2>nul
echo ----------------------------------------------------------------------
echo 系统垃圾文件已经清理完成.
goto whzq1
::---------------------⑤ 更改IE标题 ---------------------
:ggie
set yszy=""
echo -------------------请输入你需要的IE标题.复制进去也行-------------------
echo ------------------- 直接回车=母盘专区 Q=退出 -------------------
set /p yszy=
if /i "%yszy%"=="""" (goto whzq)
if /i "%yszy%"=="q" (exit)
REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "%yszy%" /F >nul
echo ----------------------------------------------------------------------
echo IE标题已经更改为 %yszy%.
goto whzq1
::--------------------- ⑥显|隐系统.隐藏文件·夹 --------------------
:xywj
set yszy=""
echo -------------------输入X显示 输入Y隐藏-------------------
echo ------------------- 直接回车与乱输入=母盘专区 Q=退出 -------------------
set /p yszy=
if /i "%yszy%"=="""" (goto whzq)
if /i "%yszy%"=="x" (set xy=1 set yszy=显示 goto xywj1)
if /i "%yszy%"=="y" (set xy=0 set yszy=隐藏 goto xywj1)
if /i "%yszy%"=="q" (exit)
goto whzq
:xywj1
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\&;/v Hidden /t REG_DWORD /d %xy% /F >nul
echo ----------------------------------------------------------------------
echo 系统·隐藏.文件.文件夹已经 %yszy%.刷新即可见到状态.
goto whzq1
::---------------------⑦ 清除-桌面右键多余菜单 --------------------
:qcyj
regsvr32 /u /s igfxpph.dll >nul 2>nul
reg delete HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers /f >nul
reg add HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\new /ve /d {D969A300-E7FF-11d0-A93B-00A0C90F2719} >nul
echo ----------------------------------------------------------------------
echo 桌面多余右键菜单已清除完成.
goto whzq1