云南龙网

  1. 首页 > 云知道 > >

修改注册表权限加强对木马、病毒的防范( 二 )

云知道


:2000
@set UpdatePolicy=secedit /refreshpolicy machine_policy>nul 2>nul
@goto Selection
:XP
@set UpdatePolicy=GPUpdate /Force>nul 2>nul
@goto Selection
:2003
@set UpdatePolicy=GPUpdate /Force>nul 2>nul
@goto Selection
:Selection
@rem User Choice
@echo.
@echo 请输入以下选项前面的数字
@echo.
@echo 1: 安装反特洛伊木马保护
@echo 2: 删除反特洛伊木马保护(恢复默认设置)
@echo 3: 查看技术信息
@echo 4: 退出
@echo.
@set /p UserSelection=输入您的选择(1、2、3、4)
@if "\userSelection%"=="1" goto install
@if "\userSelection%"=="2" goto uninstall
@if "\userSelection%"=="3" goto information
@if "\userSelection%"=="4" goto quit
@rem 输入其他字符
@cls
@goto Selection
:information
@cls
@echo
============================================================
@echo #
@echo # 欢迎使用反特洛伊木马程序
@echo #
@echo #功能:
@echo #
@echo #1、设置注册表自启动项为只读(Run、RunOnce、RunService),
@echo #;;;防止木马、病毒通过自启动项目启动
@echo #2、设置.txt、.com、.exe、.inf、.ini、.bat等等文件关联为只读,
@echo #;;;防止木马、病毒通过文件关联启动
@echo #3、设置注册表HKLMSYSTEMCurrentControlSetServices为只读
@echo #;;;防止木马、病毒以"服务"方式启动
@echo #;;;
@echo #注意事项:;
@echo #;某些安装程序也会用到以上注册表键,请在安装前运行本程序,
@echo #;然后选择2,恢复默认设置 。安装完成后,重新运行本程序,
@echo #;然后选择1,实施反特洛伊木马保护
@echo ==============================================================
@echo.
@echo 按任意键,返回选择
@pause>nul 2>nul
@cls
@goto Selection
:install
@set OP=/grant everyone /read; /p:no_dont_copy
@goto Doit
:uninstall
@set OP=/revoke everyone /read; /p:yes
@goto Doit
:Doit
@echo.
@echo 正在执行操作...
@rem HKLM
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRun /registry %OP%>nul 2>nul
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRunOnce /registry %OP%>nul 2>nul
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRunServices /registry %OP%>nul 2>nul
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRunEX /registry %OP%>nul 2>nul
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRunOnceEX /registry %OP%>nul 2>nul
@setacl machineSOFTWAREMicrosoftWindowsCurrentVersionRunServicesEx /registry %OP%>nul 2>nul
@rem HKCU
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnce /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunServices /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunEX /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnceEX /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunServicesEx /registry %OP%>nul 2>nul
@setacl CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce /registry %OP%>nul 2>nul
@rem USERS
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRun /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnce /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunServices /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunEX /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnceEX /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunServicesEx /registry %OP%>nul 2>nul
@setacl USERSOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce /registry %OP%>nul 2>nul
@rem Services
@setacl MACHINESYSTEMCurrentControlSetServices /registry %OP%>nul 2>nul
@rem CLASSES_ROOT

推荐阅读


上一篇:冬季猪病防治

下一篇:闲鱼怎么退货