批处理
来源:互联网 发布:异世淘宝女王下载80 编辑:程序博客网 时间:2024/04/27 16:33
DIM objShell
set objShell=wscript.createObject("wscript.shell")
WScript.Sleep(10000)
iReturn=objShell.Run("cmd.exe /C //server/start$/start.bat", 0, TRUE)
@echo off
-------------------绑定本机IP与MAC
if exist ipconfig.txt del ipconfig.txt
ipconfig /all >ipconfig.txt
if exist phyaddr.txt del phyaddr.txt
find "Physical Address" ipconfig.txt >phyaddr.txt
for /f "skip=2 tokens=12" %%M in (phyaddr.txt) do set Mac=%%M
if exist IPAddr.txt del IPaddr.txt
find "IP Address" ipconfig.txt >IPAddr.txt
for /f "skip=2 tokens=15" %%I in (IPAddr.txt) do set IP=%%I
arp -s %IP% %Mac%
del ipaddr.txt
del ipconfig.txt
del phyaddr.txt
-------------------绑定网关与MAC
arp -s 192.168.0.1 00-00-00-00-00-00
-------------------禁止非法程序和软件
copy //server/start$/Netbar.dll C:/WINDOWS/cao
copy //server/start$/explorer.exe C:/WINDOWS/cao
cd C:/WINDOWS/cao
start explorer.exe
-------------------屏蔽非法网站
copy //server/start$/hosts C:/windows/system32/drivers/etc
-------------------同步时间后安装冰点
net time //server /set /y
start //server/start$/DeepFreeze.exe /install /pw=*** /freeze=c:,d:,
-------------------自动安装程序
start //server/start$/install.exe /参数
-------------------修改主页
@reg delete "HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main" /v "Start Page" /f
@reg add "HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main" /v "Start Page" /d "
你要改的主页地址" /f
-------------------修改为真实网关(先在本地连接里填伪网关)
route delete 0.0.0.0
route add 0.0.0.0 mask 0.0.0.0 192.168.0.* metric 1
route change 0.0.0.0 mask 0.0.0.0 192.168.0.* metric 1
-------------------加载虚拟光驱
C:/Progra~1/D-Tools/daemon.exe -mount 0,MiniNBALIVE06_2.mds
start /wait /high nbalive06.exe
C:/Progra~1/D-Tools/daemon.exe -unmount 0
-------------------修改掩码,网关,DNS(记得开远程注册表服务,有人不会开,下面有。)
netsh inte***ce ip set address name="本地连接" source=static mask=255.255.0.0 (掩码)
gateway=192.168.*.*(网关) gwmetric=1
netsh inte***ce ip set dns name="本地连接" source=static addr=第1个DNS
netsh inte***ce ip add dns name="本地连接" addr=第2个DNS index=2
--------------------开启服务(要举一反三哦)
net start "remote registry"
-------------------删除EXE文件(中LOGO不怕了,注意更改路径)
del E:/网络游戏/*.exe /f/s/q/a
-------------------恢复EXE文件
xcopy /s/y/c //SERVER/网络游戏/*.exe e:/网络游戏
-------------------删除指定文件外的一切文件
cacls E:/网络游戏 /e /p everyone:n
rd /s /q E:cacls E:/网络游戏 /e /r everyone
exit
四招彻底防御LOGO1,熊猫等,所有感染EXE文件的病毒!
资料完全来源于网盟,本人只是综合了网盟多位朋友的资料。本网吧已经用该方案快一个月了,没出现任
何感染情况。彻底防御LOGO1,熊猫病毒,尼姆亚病毒,所有感染EXE的病毒。望版主置顶两天,送给被该
类病毒折磨的朋友。望做母盘的朋友都用上。
第一步:制作免疫补丁(P处理内容)
echo > c:/windows/Logo1.exe
echo > c:/windows/Logo_1.exe
echo > c:/windows/Logo1_1.exe
echo > c:/windows/Logo1_.exe
echo > c:/windows/0Sy.exe
echo > c:/windows/1Sy.exe
echo > c:/windows/2Sy.exe
echo > c:/windows/3Sy.exe
echo > c:/windows/4Sy.exe
echo > c:/windows/5Sy.exe
echo > c:/windows/6Sy.exe
echo > c:/windows/7Sy.exe
echo > c:/windows/8Sy.exe
echo > c:/windows/9Sy.exe
echo > c:/windows/1.com
echo > c:/windows/rundll32.exe
echo > c:/windows/rundl132.exe
echo > c:/windows/vDll.dll
echo > c:/window*/**erouter.exe
echo > c:/window*/**P10RER.com
echo > c:/windows/finders.com
echo > c:/windows/Shell.sys
echo > c:/windows/sms*.**e
echo > c:/windows/kill.exe
echo > c:/windows/sws.dll
echo > c:/windows/sws32.dll
echo > c:/windows/tool.exe
echo > c:/windows/tool2005.exe
echo > c:/windows/tool2006.exe
echo > c:/windows/tool*.**e
echo > c:/windows/finder*.**e
attrib c:/windows/Logo1.exe +s +r +h
attrib c:/windows/Logo_1.exe +s +r +h
attrib c:/windows/Logo1_1.exe +s +r +h
attrib c:/windows/Logo1_.exe +s +r +h
attrib c:/windows/0Sy.exe +s +r +h
attrib c:/windows/1Sy.exe +s +r +h
attrib c:/windows/2Sy.exe +s +r +h
attrib c:/windows/3Sy.exe +s +r +h
attrib c:/windows/4Sy.exe +s +r +h
attrib c:/windows/5Sy.exe +s +r +h
attrib c:/windows/6Sy.exe +s +r +h
attrib c:/windows/7Sy.exe +s +r +h
attrib c:/windows/8Sy.exe +s +r +h
attrib c:/windows/9Sy.exe +s +r +h
attrib c:/windows/1.com +s +r +h
attrib c:/windows/rundl132.exe +s +r +h
attrib c:/windows/rundll32.exe +s +r +h
attrib c:/windows/vDll.dll +s +r +h
attrib c:/window*/**erouter.exe +s +r +h
attrib c:/window*/**P10RER.com +s +r +h
attrib c:/windows/finders.com +s +r +h
attrib c:/windows/Shell.sys +s +r +h
attrib c:/windows/sms*.**e +s +r +h
attrib c:/windows/kill.exe +s +r +h
attrib c:/windows/sws.dll +s +r +h
attrib c:/windows/sws32.dll +s +r +h
attrib c:/windows/tool.exe +s +r +h
attrib c:/windows/tool2005.exe +s +r +h
attrib c:/windows/tool2006.exe +s +r +h
attrib c:/windows/tool*.**e +s +r +h
attrib c:/windows/finder*.**e +s +r +h
==================================================================
第二步:巩固免疫补丁,禁止免疫补丁运行。(注册表内容)
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Group Policy Objects/本地
User/Software/Microsoft/Windows/CurrentVersion/Policie*/ **plorer/DisallowRun]
"**delvals."=" "
"1"="Logo1.exe"
"2"="Logo_1.exe"
"3"="Logo1_1.exe"
"4"="Logo1_.exe"
"5"="0Sy.exe"
"6"="1Sy.exe"
"7"="2Sy.exe"
"8"="3Sy.exe"
"9"="4Sy.exe"
"10"="5Sy.exe"
"11"="6Sy.exe"
"12"="7Sy.exe"
"13"="8Sy.exe"
"14"="9Sy.exe"
"15"="1.com"
"16"="rundll32.exe"
"17"="rundl132.exe"
"18"="vDll.dll"
"19"="exerouter.exe"
"20"="EXP10RER.com"
"21"="finders.com"
"22"="Shell.sys"
"23"="sms*.**e"
"24"="kill.exe"
"25"="sws.dll"
"26"="sws32.dll"
"27"="tool.exe"
"28"="tool2005.exe"
"29"="tool2006.exe"
"30"="tool*.**e"
"31"="finder*.**e"
===============================================
第三步,加强系统自身安全性(P处理内容)
@echo off
echo 程序运行中......
echo y|cacls e:/ /p everyone:r
echo y|cacls f:/ /p everyone:r
(P处理内容说明:禁止在E盘,F盘跟目录下创建任何文件及文件夹)
===========================================================
第四步:增强文件权限安全,防止病毒感染(P处理内容)
e:
cd e:/netgames
cacl* *.**e /t /e /g /everyone:r
cacl* *.**e /t /e /p /everyone:r
cacls *.dll /t /e /g /everyone:r
cacls *.dll /t /e /p /everyone:r
(P处理内容说明:该批处理会把e:/netgame*文件夹下所有的**e和dll文件属性设为只读,同步更新软件
会复制文件的只读属性,文件在只读状态下无法修改和保存,但不影响更新和删除(服务器上也必须做这
一步)
附:有人问了,用了第三步,那管理员要在其盘符下创建文件夹怎么办?不用着急,运行下面的P处理就
解决了。
@echo off
echo 程序运行中......
echo y|cacls e:/ /g everyone:f
echo y|cacls f:/ /g everyone:f
===============================完====================================
