修改注册表权限加强对木马、病毒的防范(3) @rem 输入其他字符@cls@goto Selection
:information@cls@echo
============================================================@echo #@echo # 欢迎使用反特洛伊木马程序@echo #@echo #功能:@echo # @echo # 1、设置注册表自启动项为只读(Run、RunOnce、RunService),@echo # 防止木马、病毒通过自启动项目启动@echo # 2、设置.txt、.com、.exe、.inf、.ini、.bat等等文件关联为只读,@echo # 防止木马、病毒通过文件关联启动@echo # 3、设置注册表HKLM\SYSTEM\CurrentControlSet\Services为只读@echo # 防止木马、病毒以"服务"方式启动@echo # @echo #注意事项: @echo # 某些安装程序也会用到以上注册表键,请在安装前运行本程序,@echo # 然后选择2,恢复默认设置。安装完成后,重新运行本程序,@echo # 然后选择1,实施反特洛伊木马保护@echo ==============================================================@echo.@echo 按任意键,返回选择@pause>nul 2>nul@cls@goto Selection:install@set OP=/grant everyone /read /p:no_dont_copy@goto Doit:uninstall@set OP=/revoke everyone /read /p:yes@goto Doit
:Doit@echo.@echo 正在执行操作...@rem HKLM@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /registry %OP%>nul 2>nul@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /registry %OP%>nul 2>nul@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices /registry %OP%>nul 2>nul@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunEX /registry %OP%>nul 2>nul@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEX /registry %OP%>nul 2>nul@setacl machine\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesEx /registry %OP%>nul 2>nul
@rem HKCU@setacl CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /registry %OP%>nul 2>nul@setacl CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /registry %OP%>nul 2>nul
