CODE: [Copy to clipboard]
@echo off
color 2f
Set Prog=瓦斯曲-自启动(目录&注册表键值)保护
Set L1= ╭───────────────────╮
Set L2= ╭─┤%Prog% ├─╮
Set L3= │ ╰───────────────────╯ │
Set L4= │==============================================│
Set L5= │ 仅供网友们交流 翻版不究 │
Set L6= ╰───────────────────────╯
Title 瓦斯曲-自启动(目录&注册表键值)保护
set ofn=[1 17 8]reg query "HKEY_LOCAL_MACHINE\SOFTWARE\WSQ" /s |find /I "AUTORUNR" >nul 2>nul||set ofn=[8]if "%ofn%"=="[1 17 8]" (
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\WSQ" /f /v "AUTORUNR" >nul 2>nul
set caclsRF=F
set endr=取消
)
if "%ofn%"=="[8]" (
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\WSQ" /v "AUTORUNR" /t reg_sz /d "瓦斯曲-自启动(目录&注册表键值)保护" /f >nul 2>nul
set caclsRF=R
set endr=启动
)
:::===============================================================
Echo %endr%自启动目录权限保护 ……
Echo %endr%自启动目录权限保护 ……>>list
echo Y|cacls "%USERPROFILE%\「开始」菜单\程序\启动" /T /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%ALLUSERSPROFILE%\「开始」菜单\程序\启动" /T /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
:::===============================================================
Echo %endr%重要文件权限保护 ……
Echo %endr%重要文件权限保护 ……>>list
echo Y|cacls "%SystemRoot%\system32\autoexec.nt" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\system32\config.nt" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\system32\winstart.bat" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\system32\dosstart.bat" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemDrive%\autoexec.bat" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemDrive%\config.sys" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemDrive%\NTDETECT.COM" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemDrive%\ntldr" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemDrive%\boot.ini" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\win.ini" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\system.ini" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\system32\system32\drivers\etc\hosts" /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
Echo %endr%%SystemRoot%目录权限保护 ……
Echo %endr%%SystemRoot%目录权限保护 ……>>list
Cacls "%SystemRoot%" /T /E /C /R Administrator >nul 2>nul
echo Y|cacls "%SystemRoot%" /T /C /E /P Administrators:%caclsRF%>nul 2>nul
echo Y|cacls "%SystemRoot%\Temp" /T /C /E /P Administrators:F>nul 2>nul
:::===============================================================
Echo %endr%策略权限保护 ……
Echo %endr%策略权限保护 ……>>list
echo Y|cacls "%SystemRoot%\system32\grouppolicy" /T /C /P everyone:R Administrators:%caclsRF% SYSTEM:%caclsRF%>nul 2>nul
:::===============================================================
Echo %endr%危险命令权限保护 ……
CALL :end
echo 请按任意键退出. . .&&pause>nul
:end
Echo.
Echo.
Echo.
Echo.
Echo %L1%
Echo %L2%
Echo %L3%
Echo │ │
Echo │你的自启动(目录&注册表键值)保护已经%endr% ! │
Echo │ │
Echo %L4%
Echo %L5%
Echo %L6%
goto :eof
这只是部分测试代码