|
批处理实用命令
1、ARP本机绑定.bat
@echo off
if exist ipconfig.txt del ipconfig.txt
ipconfig /all >ipconfig.txt
if exist phyaddr.txt del phyaddr.txt
find "Physical Address" ipconfig.txt >phyaddr.txt
for /f "skip=2 tokens=12" %%M in (phyaddr.txt) do set Mac=%%M
if exist IPAddr.txt del IPaddr.txt
find "IP Address" ipconfig.txt >IPAddr.txt
for /f "skip=2 tokens=15" %%I in (IPAddr.txt) do set IP=%%I
arp -s %IP% %Mac%
del ipaddr.txt
del ipconfig.txt
del phyaddr.txt
exit
2、Autorun 病毒清除工具.CMD
@Echo Off
color 2f
title Autorun 病毒清除工具-By Phexon
Rem 杀进程
taskkill /F /IM SocksA.exe /IM SVOHOST.exe /IM AdobeR.exe /IM ravmone.exe /IM wincfgs.exe /IM doc.exe /IM rose.exe /IM sxs.exe /IM autorun.exe /IM KB20060111.exe /IM tel.xls.exe>nul 2>nul
:clearauto
cls
Echo.
Echo Autorun 病毒清除工具
Echo.
Echo.
Echo.
Echo 制作:Phexon
Echo.
Echo 本程序运行后自动清除每个盘符下面的Autorun病毒
Echo 本程序原理是基于读取每个盘符下的Autorun.inf相关字段
Echo.
Echo [1] 仅仅删除所有盘符下的 Autorun 病毒
Echo [2] 删除所有盘符下的 Autorun 病毒并且建立同名免疫目录(推荐!)
Echo [3] 禁用系统的 Autorun 机制以避免 Autorun 病毒的再次感染
Echo [4] 取消所有盘符的 Autorun 病毒免疫
Echo [5] 删除并免疫指定盘符的 Autorun 病毒
Echo [6] 取消免疫指定盘符
Echo [7] 恢复相关注册表项默认值
Echo [0] 退出
Echo.
Set /p clearslt= 请输入您的选择(1/2/3/4/5/6/7/0):
If "%clearslt%"=="" Goto clearauto
If "%clearslt%"=="1" Goto clearauto1
If "%clearslt%"=="2" Goto clearauto2
If "%clearslt%"=="3" Goto clearauto3
If "%clearslt%"=="4" Goto clearauto4
If "%clearslt%"=="5" Goto clearauto5
If "%clearslt%"=="6" Goto clearauto6
If "%clearslt%"=="7" Goto clearauto7
If "%clearslt%"=="0" Exit
:clearauto1
taskkill /F /IM SocksA.exe /IM SVOHOST.exe /IM AdobeR.exe /IM ravmone.exe /IM wincfgs.exe /IM doc.exe /IM rose.exe /IM sxs.exe /IM autorun.exe /IM KB20060111.exe /IM tel.xls.exe>nul 2>nul
For %%a In (C D E F G H I J K L M N O P Q R S T U V W X Y Z) Do (
fsutil fsinfo drivetype %%a: |find /i "固定驱动器" && (
For /f "tokens=2 delims==" %%b In (%%a:\autorun.inf) Do Del /a /f /q "%%a:\%%b" >nul 2>nul
Del /a /f /q %%a:\autorun.inf >nul 2>nul
) >nul 2>nul
fsutil fsinfo drivetype %%a: |find /i "可移动驱动器" && (
For /f "tokens=2 delims==" %%b In (%%a:\autorun.inf) Do Del /a /f /q "%%a:\%%b" >nul 2>nul
Del /a /f /q %%a:\autorun.inf >nul 2>nul
) >nul 2>nul
)
cls
Echo Autorun 病毒清除完毕,任意键返回……
pause>nul
Goto clearauto
:clearauto2
taskkill /F /IM SocksA.exe /IM SVOHOST.exe /IM AdobeR.exe /IM ravmone.exe /IM wincfgs.exe /IM doc.exe /IM rose.exe /IM sxs.exe /IM autorun.exe /IM KB20060111.exe /IM tel.xls.exe>nul 2>nul
For %%a In (C D E F G H I J K L M N O P Q R S T U V W X Y Z) Do (
fsutil fsinfo drivetype %%a: |find /i "固定驱动器" && (
For /f "tokens=2 delims==" %%b In (%%a:\autorun.inf) Do Del /a /f /q "%%a:\%%b" & md "%%a:\%%b\免疫目录不要删除!...\" & attrib +s +h +r "%%a:\%%b" & Echo Y|cacls "%%a:\%%b" /T /C /P everyone:N >nul 2>nul
Del /a /f /q %%a:\autorun.inf & md "%%a:\autorun.inf\免疫目录不要删除!...\" & attrib +s +h +r %%a:\autorun.inf & Echo Y|cacls "%%a:\autorun.inf" /T /C /P everyone:N >nul 2>nul
) >nul 2>nul
fsutil fsinfo drivetype %%a: |find /i "可移动驱动器" && (
For /f "tokens=2 delims==" %%b In (%%a:\autorun.inf) Do Del /a /f /q "%%a:\%%b" & md "%%a:\%%b\免疫目录不要删除!...\" & attrib +s +h +r "%%a:\%%b" & Echo Y|cacls "%%a:\%%b" /T /C /P everyone:N >nul 2>nul
Del /a /f /q %%a:\autorun.inf & md "%%a:\autorun.inf\免疫目录不要删除!...\" & attrib +s +h +r %%a:\autorun.inf & Echo Y|cacls "%%a:\autorun.inf" /T /C /P everyone:N >nul 2>nul
) >nul 2>nul
)
cls
Echo Autorun 病毒清除并免疫完毕,任意键返回……
pause>nul
Goto clearauto
:clearauto3
cls
Echo.
Echo 正在停止相关服务……
Echo.
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f >nul 2>nul
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 0x000000ff /f >nul 2>nul
net stop ShellHWDetection >nul 2>nul
sc config ShellHWDetection start= disabled >nul 2>nul
Rem 添加防止从回收站或仿回收站的目录中直接运行可执行文件的策略
Set REGPATH=HKLM\SOFTWARE\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths
Set SFLAG=/v SaferFlags /t REG_DWORD /d 0x00000000 /f
Set IDATA=/f /v ItemData /d "?:\Recyc?
reg add %REGPATH%\{00ffa5bf-abe7-4901-aacf-4f58aa31217a} %SFLAG%>nul
reg add %REGPATH%\{00ffa5bf-abe7-4901-aacf-4f58aa31217a} %IDATA%\*\*\*\*.*">nul
reg add %REGPATH%\{41fe7eed-c47a-46f6-840a-240796fd03cf} %SFLAG%>nul
reg add %REGPATH%\{41fe7eed-c47a-46f6-840a-240796fd03cf} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{4e93c91c-a40e-462e-9b89-3b0832d222d9} %SFLAG%>nul
reg add %REGPATH%\{4e93c91c-a40e-462e-9b89-3b0832d222d9} %IDATA%\*.*">nul
reg add %REGPATH%\{5bfc100b-d3fb-450e-88ec-6819ab56a9ff} %SFLAG%>nul
reg add %REGPATH%\{5bfc100b-d3fb-450e-88ec-6819ab56a9ff} %IDATA%\*\*\*\*.*">nul
reg add %REGPATH%\{5c5e2bcd-7057-43f4-830c-e4361d2afadd} %SFLAG%>nul
reg add %REGPATH%\{5c5e2bcd-7057-43f4-830c-e4361d2afadd} %IDATA%\*.*">nul
reg add %REGPATH%\{5f8ff865-0638-4c6e-98de-923e7bc6b330} %SFLAG%>nul
reg add %REGPATH%\{5f8ff865-0638-4c6e-98de-923e7bc6b330} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{649c1429-0e79-453c-abe9-b5682e035ae7} %SFLAG%>nul
reg add %REGPATH%\{649c1429-0e79-453c-abe9-b5682e035ae7} %IDATA%\*\*.*">nul
reg add %REGPATH%\{718f54b2-c669-4d7b-aeff-18d69f100034} %SFLAG%>nul
reg add %REGPATH%\{718f54b2-c669-4d7b-aeff-18d69f100034} %IDATA%\*\*.*">nul
reg add %REGPATH%\{8385d9d2-80c9-4ac1-a100-ed3e62863d97} %SFLAG%>nul
reg add %REGPATH%\{8385d9d2-80c9-4ac1-a100-ed3e62863d97} %IDATA%\*.*">nul
reg add %REGPATH%\{af2a4fcf-441c-421e-9663-52cd3502cfd7} %SFLAG%>nul
reg add %REGPATH%\{af2a4fcf-441c-421e-9663-52cd3502cfd7} %IDATA%\*\*\*.*">nul
reg add %REGPATH%\{b997f4b2-c037-4e97-b051-31f5d86df802} %SFLAG%>nul
reg add %REGPATH%\{b997f4b2-c037-4e97-b051-31f5d86df802} %IDATA%\*\*.*">nul
reg add %REGPATH%\{d4e7b6ff-d76f-407f-b8bb-ea0835f5babc} %SFLAG%>nul
reg add %REGPATH%\{d4e7b6ff-d76f-407f-b8bb-ea0835f5babc} /f /v ItemData /d "RECYC*.*">nul
Rem 清除喜欢利用回收站的移动磁盘自动运行病毒
For %%a In (c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z) Do (
For %%b In (exe pif com) Do (
Echo Y|cacls "%%a:\Recycler\*.%%b" /C /T /P everyone:F>nul 2>nul&Echo Y|cacls "%%a:\Recycled\*.%%b" /C /T /P everyone:F>nul 2>nul&Echo Y|cacls "%%a:\Recycled\Recycled\*.%%b" /C /T /P everyone:F>nul 2>nul
Del /A /F /S /Q "%%a:\Recycler\*.%%b">nul 2>nul&Del /A /F /S /Q "%%a:\Recycled\*.%%b">nul 2>nul&Del /A /F /S /Q "%%a:\Recycled\Recycled\*.%%b">nul 2>nul
)
)>nul 2>nul
Echo.
Echo 相关服务已停止并禁用,任意键返回……
pause >nul
Goto clearauto
:clearauto4
For %%a In (C D E F G H I J K L M N O P Q R S T U V W X Y Z) Do (
fsutil fsinfo drivetype %%a: |find /i "固定驱动器" && (
cacls "%%a:\autorun.inf" /T /C /P everyone:F&Del /a /f /q "%%a:\autorun.inf" & rd /s /q "%%a:\autorun.inf">nul 2>nul
)>nul 2>nul
fsutil fsinfo drivetype %%a: |find /i "可移动驱动器" && (
cacls "%%a:\autorun.inf" /T /C /P everyone:F&Del /a /f /q "%%a:\autorun.inf" & rd /s /q "%%a:\autorun.inf">nul 2>nul
)>nul 2>nul
)
cls
Echo.
Echo 已经解除全部盘符的免疫,任意键返回……
pause>nul
Goto clearauto
:clearauto5
cls
Echo.
Set /p pf= 请输入盘符,如"F:"(不包括引号)
Echo 即将免疫%pf%盘……|find /i ":"||Set pf=%pf%:&&Echo 即将免疫%pf%盘……
taskkill /F /IM SocksA.exe /IM SVOHOST.exe /IM AdobeR.exe /IM ravmone.exe /IM wincfgs.exe /IM doc.exe /IM rose.exe /IM sxs.exe /IM autorun.exe /IM KB20060111.exe /IM tel.xls.exe>nul 2>nul
fsutil fsinfo drivetype %pf% |find /i "固定驱动器" && (
For /f "tokens=2 delims==" %%a In (%pf%\autorun.inf) Do Del /a /f /q "%pf%\%%a" & md "%pf%\%%a\免疫目录不要删除!...\" & attrib +s +h +r "%pf%\%%a" & Echo Y|cacls "%pf%\%%a" /T /C /P everyone:N >nul 2>nul
Del /a /f /q %pf%\autorun.inf & md "%pf%\autorun.inf\免疫目录不要删除!...\" & attrib +s +h +r %pf%\autorun.inf & Echo Y|cacls "%pf%\autorun.inf" /T /C /P everyone:N >nul 2>nul
Goto DoneclearAuto
) >nul 2>nul
fsutil fsinfo drivetype %pf% |find /i "可移动驱动器" && (
For /f "tokens=2 delims==" %%a In (%pf%\autorun.inf) Do Del /a /f /q "%pf%\%%a" & md "%pf%\%%a\免疫目录不要删除!...\" & attrib +s +h +r "%pf%\%%a" & Echo Y|cacls "%pf%\%%a" /T /C /P everyone:N >nul 2>nul
Del /a /f /q %pf%\autorun.inf & md "%pf%\autorun.inf\免疫目录不要删除!...\" & attrib +s +h +r %pf%\autorun.inf & Echo Y|cacls "%pf%\autorun.inf" /T /C /P everyone:N >nul 2>nul
Goto DoneclearAuto
) >nul 2>nul
Echo.
Echo 您所输入的盘符不存在或者是只读设备,
Echo 请重新输入
Goto clearauto5
:DoneclearAuto
cls
Echo.
Echo 指定的磁盘 %pf% 已经成功进行了 Autorun 病毒的清除及免疫
Echo.
Echo [1] 继续免疫其他磁盘
Echo [0] 返回主菜单
Set /p choice= 请输入您的选择(1/0):
If %choice%="" Goto DoneclearAuto
If %choice%="1" Goto clearauto5
If %choice%="0" Goto clearauto
:clearauto6
cls
Echo.
Set /p pf= 请输入盘符,如"F:"(不包括引号)
Echo 即将取消免疫%pf%盘……|find /i ":"||Set pf=%pf%:&&Echo 即将取消免疫%pf%盘……
fsutil fsinfo drivetype %pf% |find /i "固定驱动器" && (
cacls "%pf%\autorun.inf" /T /C /P everyone:F&Del /a /f /q "%pf%\autorun.inf" & rd /s /q "%pf%\autorun.inf">nul 2>nul
Goto DoneUnauto
)>nul 2>nul
fsutil fsinfo drivetype %pf% |find /i "可移动驱动器" && (
cacls "%pf%\autorun.inf" /T /C /P everyone:F&Del /a /f /q "%pf%\autorun.inf" & rd /s /q "%pf%\autorun.inf">nul 2>nul
Goto DoneUnauto
)>nul 2>nul
Echo.
Echo 您所输入的盘符不存在或者是只读设备,
Echo 请重新输入
Goto clearauto6
:DoneUnauto
cls
Echo.
Echo 指定的磁盘 %pf% 已经成功解除了 Autorun 病毒免疫
Echo.
Echo [1] 继续解除免疫其他磁盘
Echo [0] 返回主菜单
Set choice=
Set /p choice= 请输入您的选择(1/0):
If %choice%="" Goto DoneUnauto
If %choice%="1" Goto clearauto6
If %choice%="0" Goto clearauto
:clearauto7
cls
Rem 防止在资源管理器中彻底隐藏文件、禁止文件等
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL" /v CheckedValue /t REG_DWORD /d 0x00000001 /f>nul 2>nul
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2" /f>nul 2>nul
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /f>nul 2>nul
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v DisallowRun /f>nul 2>nul
Rem 防止转移启动组位置
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v Startup /d "%USERPROFILE%\「开始」菜单\程序\启动" /f>nul 2>nul
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "Common Startup" /d "%ALLUSERSPROFILE%\「开始」菜单\程序\启动" /f>nul 2>nul
Echo.
Echo 相关注册表恢复完毕,任意键返回……
pause>nul
Goto clearauto
3、C盘转换为NTFS格式.cmd
@ ECHO OFF
@ ECHO.
@ ECHO. 说 明
@ ECHO ---------------------------------------------------------------
@ ECHO NTFS格式是WinXP推荐使用的格式。转换为NTFS格式能提高硬盘存储的
@ ECHO 效率,并可设置访问权限以保护文件。但NTFS格式的分区在DOS/WIN9X
@ ECHO 下均不能被识别,可能会给初级用户造成不便。如无必要请不要转换。
@ ECHO ---------------------------------------------------------------
@ ECHO.
convert c:/fs:ntfs
4、查看进程使用的端口.bat
@echo off
color 1f
Title XP端口-进程查询
setlocal enabledelayedexpansion
echo ╔- -╗
echo 本机开放的端口及使用该端口的进程
echo ╚- -╝
echo ------------------------------------
echo 端口号 进程名称
ECHO TCP协议:
::利用netstat命令找出使用TCP协议通信的端口,并将结果分割;
::将第二个参数(IP加端口)传给%%i,第五个参数(PID号)传给%%j;
for /F "usebackq skip=4 tokens=2,5" %%i in (`"netstat -ano -p TCP"`) do (
call :Assoc %%i TCP %%j
echo !TCP_Port! !TCP_Proc_Name!
)
ECHO UDP协议:
for /F "usebackq skip=4 tokens=2,4" %%i in (`"netstat -ano -p UDP"`) do (
call :Assoc %%i UDP %%j
echo !UDP_Port! !UDP_Proc_Name!
)
echo 按任意键退出
pause>nul
:Assoc
::对%1(第一个参数)进行分割,将第二个参数传给%%e。在本程序中,%1即为上面的%%i(形式为:IP:端口号)
for /F "tokens=2 delims=:" %%e in ("%1") do (
set %2_Port=%%e
)
:: 查询PID等于%3(第三个参数)的进程,并将结果传给变量?_Proc_Name,?代表UDP或者TCP;
for /F "skip=2 usebackq delims=, tokens=1" %%a in (`"Tasklist /FI "PID eq %3" /FO CSV"`) do (
::%%~a表示去掉%%a外面的引号,因为上述命令的结果是用括号括起来的。
set %2_Proc_Name=%%~a
)
1、查看网关的MAC地址.bat
@echo off
set /p getway="请输入网关IP地址:"%getway%
arp -a|find "%getway% "
pause
2、断开网络联结.bat
rasphone -h adsl
3、清除所有多余的桌面右键菜单.cmd
@ ECHO OFF
@ ECHO.
@ ECHO.
@ ECHO. 说 明
@ ECHO -----------------------------------------------------------------------
@ ECHO 很多显卡在装了驱动之后,桌面右键会多出一项或多项菜单,这些功能并不实用,
@ ECHO 还会拖慢右键的弹出速度,以Intel的集成显卡为甚。迟纯的反应速度严重地影响
@ ECHO 了使用者的心情。我们最好清除它。
@ ECHO -----------------------------------------------------------------------
PAUSE
regsvr32 /u /s igfxpph.dll
reg delete HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers /f
reg add HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\new /ve /d {D969A300-E7FF-11d0-A93B-00A0C90F2719}
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v HotKeysCmds /f
reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v IgfxTray /f
4、显示IP配置.bat
@echo off
::调用格式:
call :select "ip address" "ip"
call :select "Physical Address" "mac"
call :select "Default Gateway" "gateway"
call :select "DNS Servers" "dns"
call :select "Description" "netcard"
:: 演示效果
echo IP地址:%ip%
echo MAC地址:%mac%
echo DNS服务器:%dns%
echo 网关:%gateway%
echo NETCARD:%netcard%
pause>nul
goto :eof
::**************************************************************
:: 解析ipconfig命令输出通用函数
::**************************************************************
:select
for /f "tokens=2 delims=:" %%i in ('ipconfig /all ^| findstr /i /c:%1') do if not "!%~2!" == "" set "%~2=%%i"
goto :eof
5、显示自己的IP.bat
@echo off
for /f "tokens=15" %%i in ('ipconfig ^| find /i "ip address"') do set ip=%%i
echo %ip%
pause
6、中文显示ping结果.bat
@echo off
color f2
echo.
set for=于
set of=的
set with=用
set in=(以
set data:=数据
set milli-seconds:=毫秒为单位)
set Approximate=大约
set times=时间:
set round=来回
set trip=行程
set Reply=应答
set from=来自
set bytes=字节
set time=时间:
set timed=时间
set out=超过
set statistics=统计
set Packets:=包:
set Sent=已发送=
set Received=已收到=
set Lost=已丢失=
set loss)=丢失)
set Minimum=最小值=
set Maximum=最大值=
set Average=平均值=
set TTL=TTL=
setlocal enabledelayedexpansion
set a=
set/p a=请输入要ping的网址或IP
for /f "delims=" %%i in ('ping %a%') do (
set ret=
for %%a in (%%i) do if defined %%a (set ret=!ret!!%%a!) else set ret=!ret! %%a
if not "!ret!"=="" (set ret=!ret:time=时间! && echo !ret!) else echo.
)
pause>nul
7、自动改回主页.bat
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Start Page" /t reg_sz /d http://hi.baidu.com/xxcxz /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Default_Page_URL" /t reg_sz /d http://hi.baidu.com/xxcxz /f
pause
|
