似水年华 2007-9-28 04:26 PM
深山红叶个人自用的安装光盘安全优化脚本
[code]
@echo off
REM +==========================================================================+
REM | 深山红叶系统安全优化 |
REM |--------------------------------------------------------------------------|
sc stop wscsvc>nul
rem 防止部分网页木马感染
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000566-0000-0010-8000-00AA006D2EA4} /f 2>nul
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D43FE01-F093-11CF-8940-00A0C9054228} /f 2>nul
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8} /f 2>nul
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5} /f 2>nul
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88D969EA-F192-11D4-A65F-0040963251E5} /f 2>nul
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F935DC22-1CF0-11D0-ADB9-00C04FD58A0B} /f 2>nul
REM 清理根目录下可能存在的、利用自动运行功能激活的有害程序,防止装好系统又马上中毒
For %%a In (c d e f g h i j k l m n o p q r s t u v w s y z) Do ATTRIB -R -H -S -A %%a:\AUTORUN.INF & Del /F /Q /A -R -H -S -A %%a:\AUTORUN.INF & ATTRIB -R -H -S -A %%a:\_desktop.ini & Del /F /Q /A -R -H -S -A %%a:\_desktop.ini
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveAutoRun /t REG_BINARY /d ffffff03 /f>nul 2>nul
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
reg add "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
reg add "HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
reg add "HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
reg add "HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f>nul 2>nul
rem 添加限制系统文件及常见病毒文件仿冒系统进程的策略
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /f /v DisallowRun /t REG_DWORD /d 0x00000001>nul 2>nul
set REGPATH=HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun
reg add %REGPATH% /v 1 /f /d " .exe">nul
reg add %REGPATH% /v 2 /f /d ".exe">nul
reg add %REGPATH% /v 3 /f /d "..exe"
reg add %REGPATH% /v 4 /f /d 0.exe>nul
reg add %REGPATH% /v 5 /f /d 1sass.exe>nul
reg add %REGPATH% /v 6 /f /d a1g.exe>nul
reg add %REGPATH% /v 7 /f /d alg.exe>nul
reg add %REGPATH% /v 8 /f /d aupdate.exe>nul
reg add %REGPATH% /v 9 /f /d autosys.exe>nul
reg add %REGPATH% /v 10 /f /d bind.exe>nul
reg add %REGPATH% /v 11 /f /d baidu.exe>nul
reg add %REGPATH% /v 12 /f /d c0nime.exe>nul
reg add %REGPATH% /v 13 /f /d CaiShow.exe>nul
reg add %REGPATH% /v 14 /f /d cmd.com"
reg add %REGPATH% /v 15 /f /d cnnic.exe>nul
reg add %REGPATH% /v 16 /f /d cns.exe>nul
reg add %REGPATH% /v 17 /f /d command.exe>nul
reg add %REGPATH% /v 18 /f /d cs.exe>nul
reg add %REGPATH% /v 19 /f /d csrss.exe>nul
reg add %REGPATH% /v 20 /f /d ctfm0n.exe>nul
reg add %REGPATH% /v 21 /f /d deskbar.exe>nul
reg add %REGPATH% /v 22 /f /d Desktop.exe>nul
reg add %REGPATH% /v 23 /f /d dllh0st.exe>nul
reg add %REGPATH% /v 24 /f /d dllsvc.exe>nul
reg add %REGPATH% /v 25 /f /d down(0).exe>nul
reg add %REGPATH% /v 26 /f /d down(1).exe>nul
reg add %REGPATH% /v 27 /f /d down(2).exe>nul
reg add %REGPATH% /v 28 /f /d down(3).exe>nul
reg add %REGPATH% /v 29 /f /d down(4).exe>nul
reg add %REGPATH% /v 30 /f /d down.exe>nul
reg add %REGPATH% /v 31 /f /d down1.exe>nul
reg add %REGPATH% /v 32 /f /d down2.exe>nul
reg add %REGPATH% /v 33 /f /d down3.exe>nul
reg add %REGPATH% /v 34 /f /d down4.exe>nul
reg add %REGPATH% /v 35 /f /d downfile.exe>nul
reg add %REGPATH% /v 36 /f /d downfile.exe>nul
reg add %REGPATH% /v 37 /f /d exp1orer.exe>nul
reg add %REGPATH% /v 38 /f /d exp1orer.exe>nul
reg add %REGPATH% /v 39 /f /d expiorer.exe>nul
reg add %REGPATH% /v 40 /f /d expl0rer.exe>nul
reg add %REGPATH% /v 41 /f /d explarer.exe>nul
reg add %REGPATH% /v 42 /f /d explorar.exe>nul
reg add %REGPATH% /v 43 /f /d explore.exe>nul
reg add %REGPATH% /v 44 /f /d explorer.com"
reg add %REGPATH% /v 45 /f /d file.exe>nul
reg add %REGPATH% /v 46 /f /d FileUpdate.exe>nul
reg add %REGPATH% /v 47 /f /d Gamesetup.exe>nul
reg add %REGPATH% /v 48 /f /d gpedit.com"
reg add %REGPATH% /v 49 /f /d HELPSVC.exe>nul
reg add %REGPATH% /v 50 /f /d henbang.exe>nul
reg add %REGPATH% /v 51 /f /d hidserv.exe>nul
reg add %REGPATH% /v 52 /f /d host.exe>nul
reg add %REGPATH% /v 53 /f /d httpget.exe>nul
reg add %REGPATH% /v 54 /f /d IdnMail.exe>nul
reg add %REGPATH% /v 55 /f /d ie.exe>nul
reg add %REGPATH% /v 56 /f /d iebho.exe>nul
reg add %REGPATH% /v 57 /f /d iexp10re.exe>nul
reg add %REGPATH% /v 58 /f /d iexp1ore.exe>nul
reg add %REGPATH% /v 59 /f /d iexpl0re.exe>nul
reg add %REGPATH% /v 60 /f /d iexplore.com"
reg add %REGPATH% /v 61 /f /d iexplorer.exe>nul
reg add %REGPATH% /v 62 /f /d inetinfo.exe>nul
reg add %REGPATH% /v 63 /f /d inetinfoere.exe>nul
reg add %REGPATH% /v 64 /f /d internat.exe>nul
reg add %REGPATH% /v 65 /f /d internet.exe>nul
reg add %REGPATH% /v 66 /f /d intranet.exe>nul
reg add %REGPATH% /v 67 /f /d ipconfig.com"
reg add %REGPATH% /v 68 /f /d ixplore.exe>nul
reg add %REGPATH% /v 69 /f /d Launcher.exe>nul
reg add %REGPATH% /v 70 /f /d LoadService.exe>nul
reg add %REGPATH% /v 71 /f /d locator.exe>nul
reg add %REGPATH% /v 72 /f /d lsass.exe>nul
reg add %REGPATH% /v 73 /f /d microsoft.exe>nul
reg add %REGPATH% /v 74 /f /d msconfig.com"
reg add %REGPATH% /v 75 /f /d msdate.exe>nul
reg add %REGPATH% /v 76 /f /d msinst.exe>nul
reg add %REGPATH% /v 77 /f /d msmsgr.exe>nul
reg add %REGPATH% /v 78 /f /d msmsgs.com"
reg add %REGPATH% /v 79 /f /d msnmsngr.exe>nul
reg add %REGPATH% /v 80 /f /d msnsgr.exe>nul
reg add %REGPATH% /v 81 /f /d muma.exe>nul
reg add %REGPATH% /v 82 /f /d n0tepad.exe>nul
reg add %REGPATH% /v 83 /f /d netlogin.exe>nul
reg add %REGPATH% /v 84 /f /d netlogon.exe>nul
reg add %REGPATH% /v 85 /f /d netstart.exe>nul
reg add %REGPATH% /v 86 /f /d notepad.com"
reg add %REGPATH% /v 87 /f /d nt0skrnl.exe>nul
reg add %REGPATH% /v 88 /f /d ntoskrn1.exe>nul
reg add %REGPATH% /v 89 /f /d ntoskrnl.exe>nul
reg add %REGPATH% /v 90 /f /d pagefile.exe>nul
reg add %REGPATH% /v 91 /f /d pagefile.pif"
reg add %REGPATH% /v 92 /f /d ping.com"
reg add %REGPATH% /v 93 /f /d PopService.exe>nul
reg add %REGPATH% /v 94 /f /d qidong.exe>nul
reg add %REGPATH% /v 95 /f /d qqbiaoqing.exe>nul
reg add %REGPATH% /v 96 /f /d r_server.exe>nul
reg add %REGPATH% /v 97 /f /d realsched.exe>nul
reg add %REGPATH% /v 98 /f /d Recycled.exe>nul
reg add %REGPATH% /v 99 /f /d RECYCLER.exe>nul
reg add %REGPATH% /v 100 /f /d regedit.com"
reg add %REGPATH% /v 101 /f /d regsvr.exe>nul
reg add %REGPATH% /v 102 /f /d rnul32.exe>nul
reg add %REGPATH% /v 103 /f /d rund11.exe>nul
reg add %REGPATH% /v 104 /f /d Rund111.exe>nul
reg add %REGPATH% /v 105 /f /d rund1132.exe>nul
reg add %REGPATH% /v 106 /f /d rund1l32.exe>nul
reg add %REGPATH% /v 107 /f /d rundl132.exe>nul
reg add %REGPATH% /v 108 /f /d rundll.exe>nul
reg add %REGPATH% /v 109 /f /d Rundll.exe>nul
reg add %REGPATH% /v 110 /f /d rundll.exe>nul
reg add %REGPATH% /v 111 /f /d rundll32.com"
reg add %REGPATH% /v 112 /f /d rundll64.exe>nul
reg add %REGPATH% /v 113 /f /d Rundlll.exe>nul
reg add %REGPATH% /v 114 /f /d scvhost.exe>nul
reg add %REGPATH% /v 115 /f /d Server.exe>nul
reg add %REGPATH% /v 116 /f /d service.exe>nul
reg add %REGPATH% /v 117 /f /d servicer.exe>nul
reg add %REGPATH% /v 118 /f /d services.com"
reg add %REGPATH% /v 119 /f /d services.exe>nul
reg add %REGPATH% /v 120 /f /d Set_Reg.exe>nul
reg add %REGPATH% /v 121 /f /d SetReg.exe>nul
reg add %REGPATH% /v 122 /f /d sevrices.exe>nul
reg add %REGPATH% /v 123 /f /d sex.exe>nul
reg add %REGPATH% /v 124 /f /d smss.exe>nul
reg add %REGPATH% /v 125 /f /d SoftUpdate.exe>nul
reg add %REGPATH% /v 126 /f /d sogou.exe>nul
reg add %REGPATH% /v 127 /f /d sp001sv.exe>nul
reg add %REGPATH% /v 128 /f /d sp00lsv.exe>nul
reg add %REGPATH% /v 129 /f /d spoo1sv.exe>nul
reg add %REGPATH% /v 130 /f /d sql.com"
reg add %REGPATH% /v 131 /f /d sv0host.exe>nul
reg add %REGPATH% /v 132 /f /d svch0st.exe>nul
reg add %REGPATH% /v 133 /f /d svoh0st.exe>nul
reg add %REGPATH% /v 134 /f /d svohost.exe>nul
reg add %REGPATH% /v 135 /f /d sxs.exe>nul
reg add %REGPATH% /v 136 /f /d sysmini.exe>nul
reg add %REGPATH% /v 137 /f /d system.exe>nul
reg add %REGPATH% /v 138 /f /d system32.exe>nul
reg add %REGPATH% /v 139 /f /d taskmgr.com"
reg add %REGPATH% /v 140 /f /d temp(1).exe>nul
reg add %REGPATH% /v 141 /f /d temp.exe>nul
reg add %REGPATH% /v 142 /f /d temp1.exe>nul
reg add %REGPATH% /v 143 /f /d temp2.exe>nul
reg add %REGPATH% /v 144 /f /d TIMP1atr0m.exe>nul
reg add %REGPATH% /v 145 /f /d TIMP1atrom.exe>nul
reg add %REGPATH% /v 146 /f /d TIMPlat0rm.exe>nul
reg add %REGPATH% /v 147 /f /d TIMPlatform.exe>nul
reg add %REGPATH% /v 148 /f /d TIMPlatr0m.exe>nul
reg add %REGPATH% /v 149 /f /d TIMPlatrom.exe>nul
reg add %REGPATH% /v 150 /f /d tmp.exe>nul
reg add %REGPATH% /v 151 /f /d tmp1.exe>nul
reg add %REGPATH% /v 152 /f /d tmp2.exe>nul
reg add %REGPATH% /v 153 /f /d toolbar.exe>nul
reg add %REGPATH% /v 154 /f /d VIPTray.exe>nul
reg add %REGPATH% /v 155 /f /d wdfmgr32.exe>nul
reg add %REGPATH% /v 156 /f /d win.exe>nul
reg add %REGPATH% /v 157 /f /d win10g0n.exe>nul
reg add %REGPATH% /v 158 /f /d win1ogon.exe>nul
reg add %REGPATH% /v 159 /f /d winampe.exe>nul
reg add %REGPATH% /v 160 /f /d wincfgs.exe>nul
reg add %REGPATH% /v 161 /f /d windows.exe>nul
reg add %REGPATH% /v 162 /f /d Winfile.exe>nul
reg add %REGPATH% /v 163 /f /d winl0g0n.exe>nul
reg add %REGPATH% /v 164 /f /d winl0gon.exe>nul
reg add %REGPATH% /v 165 /f /d winlog0n.exe>nul
reg add %REGPATH% /v 166 /f /d winlogin.com"
reg add %REGPATH% /v 167 /f /d winlogon.com"
reg add %REGPATH% /v 168 /f /d winlogon.exe>nul
reg add %REGPATH% /v 169 /f /d winmer.exe>nul
reg add %REGPATH% /v 170 /f /d winmon.exe>nul
reg add %REGPATH% /v 171 /f /d winrar.com"
reg add %REGPATH% /v 172 /f /d WinServer.exe>nul
reg add %REGPATH% /v 173 /f /d winsock.exe>nul
reg add %REGPATH% /v 174 /f /d winsys.exe>nul
reg add %REGPATH% /v 175 /f /d winup.exe>nul
reg add %REGPATH% /v 176 /f /d wow.exe>nul
reg add %REGPATH% /v 177 /f /d wsetup.exe>nul
reg add %REGPATH% /v 178 /f /d wuauc1t.exe>nul
reg add %REGPATH% /v 179 /f /d wuauclt.com"
reg add %REGPATH% /v 180 /f /d yahoo.exe>nul
reg add %REGPATH% /v 181 /f /d yascenter.exe>nul
reg add %REGPATH% /v 182 /f /d yule.exe>nul
reg add %REGPATH% /v 183 /f /d zazhi.exe>nul
reg add %REGPATH% /v 184 /f /d spoclsv.exe>nul
reg add %REGPATH% /v 185 /f /d explorea.exe>nul
reg add %REGPATH% /v 186 /f /d ctfnom.exe>nul
set REGPATH=
rem 添加防止从回收站或仿回收站的目录中直接运行可执行文件的策略
set REGPATH=HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths
set SFLAG=/v SaferFlags /t REG_DWORD /d 0x00000000 /f
set IDATA=/f /v ItemData /d "?:\Recyc?
reg add %REGPATH%\{00ffa5bf-abe7-4901-aacf-4f58aa31217a} %SFLAG%>nul
reg add %REGPATH%\{00ffa5bf-abe7-4901-aacf-4f58aa31217a} %IDATA%\*\*\*\*.*">nul
reg add %REGPATH%\{41fe7eed-c47a-46f6-840a-240796fd03cf} %SFLAG%>nul
reg add %REGPATH%\{41fe7eed-c47a-46f6-840a-240796fd03cf} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{4e93c91c-a40e-462e-9b89-3b0832d222d9} %SFLAG%>nul
reg add %REGPATH%\{4e93c91c-a40e-462e-9b89-3b0832d222d9} %IDATA%\*.*">nul
reg add %REGPATH%\{5bfc100b-d3fb-450e-88ec-6819ab56a9ff} %SFLAG%>nul
reg add %REGPATH%\{5bfc100b-d3fb-450e-88ec-6819ab56a9ff} %IDATA%\*\*\*\*.*">nul
reg add %REGPATH%\{5c5e2bcd-7057-43f4-830c-e4361d2afadd} %SFLAG%>nul
reg add %REGPATH%\{5c5e2bcd-7057-43f4-830c-e4361d2afadd} %IDATA%\*.*">nul
reg add %REGPATH%\{5f8ff865-0638-4c6e-98de-923e7bc6b330} %SFLAG%>nul
reg add %REGPATH%\{5f8ff865-0638-4c6e-98de-923e7bc6b330} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{649c1429-0e79-453c-abe9-b5682e035ae7} %SFLAG%>nul
reg add %REGPATH%\{649c1429-0e79-453c-abe9-b5682e035ae7} %IDATA%\*\*.*">nul
reg add %REGPATH%\{718f54b2-c669-4d7b-aeff-18d69f100034} %SFLAG%>nul
reg add %REGPATH%\{718f54b2-c669-4d7b-aeff-18d69f100034} %IDATA%\*\*.*">nul
reg add %REGPATH%\{8385d9d2-80c9-4ac1-a100-ed3e62863d97} %SFLAG%>nul
reg add %REGPATH%\{8385d9d2-80c9-4ac1-a100-ed3e62863d97} %IDATA%\*.*">nul
reg add %REGPATH%\{af2a4fcf-441c-421e-9663-52cd3502cfd7} %SFLAG%>nul
reg add %REGPATH%\{af2a4fcf-441c-421e-9663-52cd3502cfd7} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{b997f4b2-c037-4e97-b051-31f5d86df802} %SFLAG%>nul
reg add %REGPATH%\{b997f4b2-c037-4e97-b051-31f5d86df802} %IDATA%\*\*.*">nul
reg add %REGPATH%\{d4e7b6ff-d76f-407f-b8bb-ea0835f5babc} %SFLAG%>nul
reg add %REGPATH%\{d4e7b6ff-d76f-407f-b8bb-ea0835f5babc} /f /v ItemData /d "RECYC*.*">nul
rem 禁用简单文件共享
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v forceguest /t REG_DWORD /d 0x00000000 /f>nul
rem 禁止默认共享
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareServer /t REG_DWORD /d 0x00000000 /f>nul
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters /v AutoShareWks /t REG_DWORD /d 0x00000000 /f>nul
rem 禁用简单文件共享
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v forceguest /t REG_DWORD /d 0x00000000 /f>nul
rem 禁用IE中script错误报告
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "DisableScriptDebuggerIE" /d "yes" /f>nul
rem 显示友好http错误
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Friendly http errors" /d "no" /f>nul
rem 禁止显示script错误通知
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Error Dlg Displayed On Every Error" /d "no" /f>nul
rem 删除多余开机程序
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "PHIME2002ASync" /f>nul
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IMJPMIG8.1" /f>nul
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "PHIME2002A" /f>nul
rem 打开自动更新
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v "AUOptions" /t REG_DWORD /d 0x00000004 /f>nul
rem 关闭错误报告,但在发生严重错误时通知我
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting /v "DoReport" /t REG_DWORD /d 0x00000000 /f>nul
rem 禁用错误报告服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ERSvc /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 关闭系统还原
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" /v "DisableSR" /t REG_DWORD /d 0x00000001 /f>nul
rem 禁用索引服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CiSvc /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 禁用帮助支持中心
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\helpsvc /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 禁用安全中心
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 禁用Messenger服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 关闭计划任务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule /v "Start" /t REG_DWORD /d 0x00000004 /f>nul
rem 语言栏隐藏到任务拦
reg add HKEY_CURRENT_USER\Software\Microsoft\CTF\MSUTB /v "ShowDeskBand" /t REG_DWORD /d 0x00000001 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\CTF\LangBar /v "ShowStatus" /t REG_DWORD /d 0x00000004 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\CTF\LangBar /v "ExtraIconsOnMinimized" /t REG_DWORD /d 0x00000000 /f>nul
rem 在程序组中显示管理工具
reg add HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "StartMenuAdminTools" /d "YES" /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "StartMenuAdminTools" /d "YES" /f>nul
rem 显示所有文件扩展名
reg add HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "HideFileExt" /t REG_DWORD /d 0x00000000 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v "HideFileExt" /t REG_DWORD /d 0x00000000 /f>nul
rem 显示桌面系统图标
rem 我的文档
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{450D8FBA-AD25-11D0-98A8-0800361B1103}" /t REG_DWORD /d 0x00000000 /f>nul
rem 我的电脑
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d 0x00000000 /f>nul
rem 网络邻居
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{208D2C60-3AEA-1069-A2D7-08002B30309D}" /t REG_DWORD /d 0x00000000 /f>nul
rem Internet Explorer
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{871C5380-42A0-1069-A2EA-08002B30309D}" /t REG_DWORD /d 0x00000000 /f>nul
rem 回收站
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d 0x00000000 /f>nul
rem 禁止启动时候弹出错误信息
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Windows /v "NoPopUpsOnBoot" /d "1" /f>nul
rem 系统失败
rem 不将事件写入系统日志
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl /v "LogEvent" /t REG_DWORD /d 0x00000000 /f>nul
rem 不发送管理警报
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl /v "SendAlert" /t REG_DWORD /d 0x00000000 /f>nul
rem 禁止自动重启
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl /v "AutoReboot" /t REG_DWORD /d 0x00000000 /f>nul
rem 不写入调试信息
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl /v "CrashDumpEnabled" /t REG_DWORD /d 0x00000000 /f>nul
rem 让Winodws进行最大限度搜索,包括隐藏文件夹
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer /v "link" /t REG_DWORD /d 0x00000000 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer /v "SearchSystemDirs" /t REG_DWORD /d 0x00000000 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer /v "SearchHidden" /t REG_DWORD /d 0x00000000 /f>nul
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer /v "IncludeSubFolders" /t REG_DWORD /d 0x00000000 /f>nul
rem 禁用搜索助手并使用高级所搜
reg add "HKEY_CURRENT_USER\Software\Microsoft\Search Assistant" /v "Actor" /d "" /f>nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Search Assistant" /v "SocialUI" /t REG_DWORD /d 0x00000000 /f>nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Search Assistant" /v "UsageCount" /t REG_DWORD /d 0x00000000 /f>nul
reg add "HKEY_CURRENT_USER\Software\Microsoft\Search Assistant" /v "UseAdvancedSearchAlways" /t REG_DWORD /d 0x00000001 /f>nul
rem 当文件没有关联的打开程序时,禁止从网络上去搜索打开类型
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "NoInternetOpenWith" /t REG_DWORD /d 0x00000001 /f>nul
rem 安装驱动时不搜索Windows Update
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" /v "DontSearchWindowsUpdate" /t REG_DWORD /d 0x00000001 /f>nul
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" /v "DontPromptForWindowsUpdate" /t REG_DWORD /d 0x00000001v /f>nul
rem 计算机用户登录前打开Num Lock键
reg add "HKEY_USERS\.DEFAULT\Control Panel\Keyboard" /v "InitialKeyboardIndicators" /d "2" /f>nul
rem 加快关机速度
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control /v WaitToKillServiceTimeout /d 3000 /f>nul
rem 禁用桌面清理向导
reg add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz /v NoRun /t REG_DWORD /d 0x00000001 /f>nul
rem 通过删除共享的计划任务加速网络邻居的浏览
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace\{D6277990-4C6A-11CF-8D87-00AA0060F5BF}" /f>nul
rem 删除快捷方式上的箭头
reg delete HKEY_CLASSES_ROOT\lnkfile /v IsShortcut /f>nul
rem 禁止Windows漫游气球提醒
reg add "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour" /v RunCount /t REG_DWORD /d 0x00000000 /f>nul
rem 禁用IMAPI光盘刻录服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ImapiService /v Start /t REG_DWORD /d 0x00000004 /f>nul
rem 禁用Messenger服务(屏蔽局域网垃圾信息,而不会影响你的Windows/MSN Messenger)
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Messenger /v Start /t REG_DWORD /d 0x00000004 /f>nul
rem 禁用Remote Registry服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteRegistry /v Start /t REG_DWORD /d 0x00000004 /f>nul
rem 禁止远程修改注册表
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg /v "RemoteRegAccess" /t REG_DWORD /d 0x00000001 /f>nul
rem 禁用SSDP Discovery服务
reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SSDPSRV /v Start /t REG_DWORD /d 0x00000004 /f>nul
rem 转移用户文件夹
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Favorites /d "D:\我的文档\收藏夹" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Cache /d "D:\我的文档\Temporary Internet Files" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Personal /d "D:\我的文档" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "My Pictures" /d "D:\我的文档\我的图片" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Desktop /d "D:\我的文档\桌面" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "My Music" /d "D:\我的文档\我的音乐" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "My Video" /d "D:\我的文档\我的电影" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Cookies /d "D:\我的文档\Temporary Internet Files\Cookies" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v History /d "D:\我的文档\Temporary Internet Files\History" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Favorites /d "D:\我的文档\收藏夹" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Cache /d "D:\我的文档\Temporary Internet Files" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Personal /d "D:\我的文档" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v "My Pictures" /d "D:\我的文档\我的图片" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Desktop /d "D:\我的文档\桌面" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v "My Music" /d "D:\我的文档\我的音乐" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v "My Video" /d "D:\我的文档\我的电影" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Cookies /d "D:\我的文档\Temporary Internet Files\Cookies" /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v History /d "D:\我的文档\Temporary Internet Files\History" /f>nul
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DocFolderPaths" /v Administrator /d "D:\我的文档" /f>nul
reg add "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Personal /d "D:\我的文档" /f>nul
reg add "HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v Personal /d "D:\我的文档" /f>nul
rem 优化显示效果
reg add "HKCU\Control Panel\Desktop" /v DragFullWindows /d 0 /f>nul
reg add "HKCU\Control Panel\Desktop" /v "FontSmoothing" /d 0 /f>nul
reg add "HKCU\Control Panel\Desktop" /v "UserPreferencesMask" /t REG_BINARY /D b0120180 /f>nul
reg add "HKCU\Control Panel\Desktop\WindowMetrics" /v "MinAnimate" /d 0 /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ListviewAlphaSelect" /t REG_DWORD /d 0x00000000 /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ListviewWatermark" /t REG_DWORD /d 0x00000000 /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarAnimations" /t REG_DWORD /d 0x00000000 /f>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\VisualEffects" /v "VisualFXSetting" /t REG_DWORD /d 0x00000003 /f>nul
rem 锁定常用文件关联
set Regread=-ot reg -actn ace -ace "n:Everyonerem m:setrem p:fullrem i:so"
set Regreada=-ot reg -actn ace -ace "n:Administratorsrem m:setrem p:fullrem i:so"
SetACL -on "HKEY_CLASSES_ROOT\*" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.exe" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\exefile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.txt" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\txtfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.cmd" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\cmdfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.chm" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\chm.file\shell\open\command" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.com" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\comfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.scr" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\scrfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.reg" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\regfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.hlp" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\hlpfile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.pif" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\piffile" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.ini" %Regread%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\inifile" %Regread%>nul 2>nul
rem ----
SetACL -on "HKEY_CLASSES_ROOT\*" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.exe" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\exefile\shell\open\command" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.txt" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\txtfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.cmd" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\cmdfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.chm" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\chm.file\shell\open\command" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.com" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\comfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.scr" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\scrfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.reg" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\regfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.hlp" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\hlpfile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.pif" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\piffile" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\.ini" %Regreada%>nul 2>nul
SetACL -on "HKEY_CLASSES_ROOT\inifile" %Regreada%>nul 2>nul
rem 锁定命令行自动加载
SetACL -on "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" %Regread%>nul 2>nul
SetACL -on "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" %Regreada%>nul 2>nul
SetACL -on "HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor" %Regread%>nul 2>nul
SetACL -on "HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor" %Regreada%>nul 2>nul
rem 防止资源管理器工具栏被修改
SetACL -on "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist" %Regread%>nul 2>nul
SetACL -on "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist" %Regreada%>nul 2>nul
rem 防止注册表编辑器和任务管理器被禁用
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableRegistryTools /t REG_DWORD /d 0x00000000 /f>nul 2>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableTaskMgr /t REG_DWORD /d 0x00000000 /f>nul 2>nul
SetACL -on "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" %Regread%>nul 2>nul
SetACL -on "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System" %Regreada%>nul 2>nul
rem 文件清理
del /Q /F %SystemRoot%\SET*.TMP>nul
del /Q /F %SystemRoot%\Prefetch\*.*>nul
del %SystemRoot%\System32\setacl.exe>nul
del %SystemRoot%\System32\cmdow.exe>nul
rd /q /s C:\OEM
rd /q /s C:\D
del c:\*.exe
del %0
EXIT
[/code]
一般修改版的安装光盘都可能用到批处理来实现某些自动操作。
这里提供一套本人自用的与安全相关的系统优化脚本,仅供大家参考。
具体使用方法比较简单,你整合到现有的脚本中即可,也可另外通过在Winnt.sif的Runonce段中加载。细节就不写了,免得有班门弄斧之嫌:)
Setacl工具同时附上。
来自 完美者 深山红叶
sy9931 2008-9-22 10:19 AM
谢谢分享!yct15