当前位置: 首页 > 图文教程 > 脚本技术 > DOS/BAT > 不错的批处理脚本实例代码 第二部分

DOS/BAT
每天按时 重启服务器 的批处理
Netsh 命令备份和恢复网络设置
批处理 Set 命令详解 让你理解set命令
cd命令 目录跳转
cmd tree命令 以树形格式罗列文件
dos 内容重定向符 >和>>
cmd if条件 条件判断
cmd goto命令 流程跳转
cmd copy命令 文件复制
cmd del命令 文件删除
cmd ren命令 重命名文件(夹)
cmd md命令 创建文件夹
cmd rd命令 删除文件夹
cmd move命令 移动文件(夹)
字符串查找 cmd find命令
常用的批处理实用技巧
批处理 添加隐藏用户代码
服务器 安全设置 批处理
WIN2003 服务器安全配置批处理文件
批处理 实现定时关机、注销、重启、锁定等功能

DOS/BAT 中的 不错的批处理脚本实例代码 第二部分


出处:互联网   整理: 软晨网(RuanChen.com)   发布: 2009-09-11   浏览: 46 ::
收藏到网摘: n/a


echo ----------------------------3.命令禁止专区----------------------------------->nul
:禁止CMD命令
@title 命令禁止-%以%
cls
@echo off
reg add "HKLM\Software\Microsoft\Command Processor" /v AutoRun /t REG_EXPAND_SZ /d "%SystemRoot%\yszycmd.cmd" /f>nul 2>nul 4>nul
dir %SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
goto jzcmd2%ERRORLEVEL%
:jzcmd20
find /i "doskey"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
goto jzcmd%ERRORLEVEL%
:jzcmd1
:jzcmd21
echo @echo off> %SystemRoot%\yszycmd.cmd
echo doskey doskey =echo doskey已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd
:jzcmd0
echo,
echo,
echo 请输入你要禁止的命令如:输入DIR然后回车=DIR命令禁止使用
echo -------------------------------------------------------------------------
echo 直接回车=刷新 按G=列表选择 按QQ=俺QQ空间 按Q=退出
echo -------------------------------------------------------------------------
echo 按B=去除所有禁止命令 按S=查看当前禁止的命令 按A=自定义不要禁止的命令
echo -------------------------------------------------------------------------
echo,
echo,
set jzcmd=
set /p jzcmd=
if /I "%jzcmd%"=="g" goto 列表选择
if /I "%jzcmd%"=="qq" start iexplore
if /I "%jzcmd%"=="" goto 禁止CMD命令
if /I "%jzcmd%"=="b" goto jzcmdbo
if /I "%jzcmd%"=="a" goto jzcmdzd
if /I "%jzcmd%"=="2" goto 禁止CMD命令
if /I "%jzcmd%"=="1" goto 禁止CMD命令
if /I "%jzcmd%"=="q" (exit)
if /I "%jzcmd%"=="s" goto jccmdck
%jzcmd% /?>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="9009" goto cmdmy
find /i "%jzcmd%"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="0" goto cmdyy
echo "%jzcmd%"|find /i" " >nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="0" goto cmdbb
echo doskey %jzcmd% =echo %jzcmd%已经禁止如有需要请联系管理员.>> %SystemRoot%\yszycmd.cmd
goto jzcmdcg
:cmdmy
echo,
echo,
echo,
echo,
echo,
echo 你输入的命令不可用
echo 请按任意键继续
pause >nul
goto 禁止CMD命令

:jzcmdcg
echo,
echo,
echo,
echo 已经禁止-请按任意键继续
pause >nul
goto 禁止CMD命令
:cmdbb
echo,
echo,
echo 此命令带空格.不可输入
echo 请按任意键继续
pause >nul
goto 禁止CMD命令

:jccmdck
cls
echo 以下是已经禁止的命令
echo,
echo,
for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i
echo -------------------------------------------------------------------------
echo,
echo,
echo,
echo,
goto jzcmd0

:cmdyy
echo,
echo,
echo,
echo,
echo ------------------此命令已经存在禁止列表中,不需多次禁止--------------------
echo 请按任意键继续
pause >nul
goto 禁止CMD命令

:jzcmdbo
cls
del %SystemRoot%\yszycmd.cmd
echo,
echo,
echo,
echo,
echo,
echo,
echo,
echo,
echo →◎→◎→◎→◎→◎→已经去除所有禁止命令←◎←◎←◎←◎←◎←
echo -------------------------------------------------------------------------
echo →◎→◎→◎→◎→◎→请按任意键继续←◎←◎←◎←◎←◎←
pause >nul
goto 禁止CMD命令

:jzcmdzd
cls
echo 以下是已经禁止的命令
echo,
echo,
for /f "skip=2 tokens=2" %%i in (%SystemRoot%\yszycmd.cmd) do echo →◎→◎→◎→◎→◎→ %%i
echo -------------------------------------------------------------------------
echo,
echo,
echo,
echo,
echo 请输入你要从禁止列表中去除的命令
echo G=返回禁止CMD命令 Q=退出
set zcmdzd=
set /p zcmdzd=
if /I "%zcmdzd%"=="g" goto 禁止CMD命令
if /I "%zcmdzd%"=="q" (exit)
if /I "%zcmdzd%"=="" goto jzcmdzd
%zcmdzd% /?>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="9009" goto cmdmy
find /i "%zcmdzd%"<%SystemRoot%\yszycmd.cmd>nul 2>nul 4>nul
if /I "%ERRORLEVEL%"=="1" goto jzcmdmy11
type %SystemRoot%\yszycmd.cmd|find /v /i "%zcmdzd%">%SystemRoot%\yszycmd1.cmd
del %SystemRoot%\yszycmd.cmd
ren %SystemRoot%\yszycmd1.cmd yszycmd.cmd
echo,
echo,
echo,
echo,
echo,
echo 已经从禁止列表中去除%zcmdzd%命令
echo 按任意键继续
pause >nul
goto jzcmdzd
:jzcmdmy11
echo,
echo,
echo,
echo,
echo 你输入的命令不存在禁止列表中-请确定后在来吧
echo 按任意键继续
pause >nul
goto jzcmdzd
:cmdmy
echo,
echo,
echo,
echo,
echo 你输入的不是命令-不要拿我来开唰哦
echo 按任意键继续
pause >nul
goto jzcmdzd

echo ----------------------------4.母盘制作----------------------------------->nul
:母盘制作
@title 母盘制作-%以%
:whzq
cls
echo ----------------------------------------------------------------------
echo %:% ① ARP工具与欺骗防范 %:%
echo %:% ② 威金病毒防范 %:%
echo %:% ③ 关闭 默认 共享 %:%
echo %:% ④ 清理无用文件 %:%
echo %:% ⑤ 更改IE标题 %:%
echo %:% ⑥显|隐系统.隐藏文件·夹%:%
echo %:% ⑦ 清除-桌面右键多余菜单 %:%
echo ───────────────────────────────────
echo 请输入你需要的对应值.
echo 按回车=刷新恢复列表 G=列表选择 QQ=俺QQ空间 Q=退出
:whzq1
gpupdate /force>nul
set whzq=""
set /p whzq=
if /i "%whzq%"=="1" goto arpff
if /i "%whzq%"=="2" goto wjbdff
if /i "%whzq%"=="3" goto gbgx
if /i "%whzq%"=="4" goto qlwj
if /i "%whzq%"=="5" goto ggie
if /i "%whzq%"=="6" goto xywj
if /i "%whzq%"=="7" goto qcyj
if /i "%whzq%"=="qq" start iexplore
if /i "%whzq%"=="q" goto exit
if /i "%whzq%"=="g" goto 列表选择
goto whzq

::---------------------① ARP工具与欺骗防范---------------------
:arpff
::使winpacp装不上.让网络执法管等没用
md %windir%\system32\packet.dll >nul 2>nul
md %windir%\system32\pthreadVC.dll >nul 2>nul
md %windir%\system32\wpcap.dll >nul 2>nul
md %windir%\system32\drivers\npf.sys >nul 2>nul
md %windir%\system32\npptools.dll >nul 2>nul
::使以上添加的文件本地用户名没权限访问
echo y|cacls.exe %windir%\system32\packet.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\pthreadVC.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\wpcap.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\drivers\npf.sys /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\system32\npptools.dll /d system administrator guest >nul 1>nul
echo ----------------------------------------------------------------------
echo 已经添加防范ARP欺骗与网络执法管等工具的文件
goto whzq1

::---------------------② 威金病毒防范---------------------
:wjbdff
md %windir%\Logo1_.exe >nul 2>nul
md %windir%\rundl132.exe >nul 2>nul
md %windir%\0Sy.exe >nul 2>nul
md %windir%\vDll.dll >nul 2>nul
md %windir%\1Sy.exe >nul 2>nul
md %windir%\2Sy.exe >nul 2>nul
md %windir%\rundll32.exe >nul 2>nul
md %windir%\3Sy.exe >nul 2>nul
md %windir%\5Sy.exe >nul 2>nul
md %windir%\1.com >nul 2>nul
md %windir%\exerouter.exe >nul 2>nul
md %windir%\EXP10RER.com >nul 2>nul
md %windir%\finders.com >nul 2>nul
md %windir%\Shell.sys >nul 2>nul
md %windir%\smss.exe >nul 2>nul
echo y|cacls.exe %windir%\Logo1_.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\rundl132.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\0Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\vDll.dll /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\1Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\2Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\rundll32.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\3Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\5Sy.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\1.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\exerouter.exe /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\EXP10RER.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\finders.com /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\Shell.sys /d system administrator guest >nul 1>nul
echo y|cacls.exe %windir%\smss.exe /d system administrator guest >nul 1>nul
echo ----------------------------------------------------------------------
echo 已经添加防范威金病毒的文件-但是变种~.exe尚是没办法
goto whzq1
::---------------------③ 关闭 默认 共享---------------------
:gbgx
net share c$ /delete 2>nul
net share d$ /delete 2>nul
net share e$ /delete 2>nul
net share f$ /delete 2>nul
net share g$ /delete 2>nul
net share h$ /delete 2>nul
net share g$ /delete 2>nul
net share admin$ /delete 2>nul
net share i$ /delete 2>nul
echo Windows Registry Editor Version 5.00> c:/delshare.reg
REG ADD HKLM\SYSTEM\CurrentControlSet\Control\LSA /v RestrictAnonymous /t REG_DWORD /d 1 /F >nul
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareWks /t REG_DWORD /d 0 /F >nul
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t REG_DWORD /d 0 /F >nul
echo ----------------------------------------------------------------------
echo 已经关闭默认共享.
goto whzq1
::---------------------④ 清理无用文件---------------------
:qlwj
echo 正在清除系统垃圾文件,请稍等......
del /f /s /q %systemdrive%\*.tmp >nul 2>nul
del /f /s /q %systemdrive%\*._mp >nul 2>nul
del /f /s /q %systemdrive%\*.log >nul 2>nul
del /f /s /q %systemdrive%\*.gid >nul 2>nul
del /f /s /q %systemdrive%\*.chk >nul 2>nul
del /f /s /q %systemdrive%\*.old >nul 2>nul
del /f /s /q %systemdrive%\recycled\*.* >nul 2>nul
del /f /s /q %windir%\*.bak >nul 2>nul
del /f /s /q %windir%\prefetch\*.* >nul 2>nul
rd /s /q %windir%\temp & md %windir%\temp >nul 2>nul
del /f /q %userprofile%\cookies\*.* >nul 2>nul
del /f /q %userprofile%\recent\*.* >nul 2>nul
del /f /s /q "%userprofile%\Local Settings\Temporary Internet Files\*.*" >nul 2>nul
del /f /s /q "%userprofile%\Local Settings\Temp\*.*" >nul 2>nul
del /f /s /q "%userprofile%\recent\*.*" >nul 2>nul
echo ----------------------------------------------------------------------
echo 系统垃圾文件已经清理完成.
goto whzq1
::---------------------⑤ 更改IE标题 ---------------------
:ggie
set yszy=""
echo -------------------请输入你需要的IE标题.复制进去也行-------------------
echo ------------------- 直接回车=母盘专区 Q=退出 -------------------
set /p yszy=
if /i "%yszy%"=="""" (goto whzq)
if /i "%yszy%"=="q" (exit)
REG ADD "HKCU\SOFTWARE\Microsoft\Internet Explorer\Main" /v "Window Title" /t REG_SZ /d "%yszy%" /F >nul
echo ----------------------------------------------------------------------
echo IE标题已经更改为 %yszy%.
goto whzq1
::--------------------- ⑥显|隐系统.隐藏文件·夹 --------------------
:xywj
set yszy=""
echo -------------------输入X显示 输入Y隐藏-------------------
echo ------------------- 直接回车与乱输入=母盘专区 Q=退出 -------------------
set /p yszy=
if /i "%yszy%"=="""" (goto whzq)
if /i "%yszy%"=="x" (set xy=1 &set yszy=显示 &goto xywj1)
if /i "%yszy%"=="y" (set xy=0 &set yszy=隐藏 &goto xywj1)
if /i "%yszy%"=="q" (exit)
goto whzq
:xywj1
REG ADD HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ /v Hidden /t REG_DWORD /d %xy% /F >nul
echo ----------------------------------------------------------------------
echo 系统·隐藏.文件.文件夹已经 %yszy%.刷新即可见到状态.
goto whzq1
::---------------------⑦ 清除-桌面右键多余菜单 --------------------
:qcyj
regsvr32 /u /s igfxpph.dll >nul 2>nul
reg delete HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers /f >nul
reg add HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\new /ve /d {D969A300-E7FF-11d0-A93B-00A0C90F2719} >nul
echo ----------------------------------------------------------------------
echo 桌面多余右键菜单已清除完成.
goto whzq1