中国DOS联盟

注册表禁止ＥＸＥ文件， 有一个文本文件里面保存要禁的exe文件． 1.com 1.exe 2.com 2.exe 3.com 3.exe 4.com 4.exe 5.com 5.exe 6.com 6.exe IEXPLORE.Sys Ravdm.exe sxs.exe system16.sys 要如何写成批处理．导进去注册表后．显示如下． [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun] "1"="1.com" "2"="1.exe" "3"="2.com" "4"="2.exe" "5"="3.com" "6"="3.exe" "7"="4.com" "8"="4.exe" "9"="5.com" "10"="5.exe" "11"="6.com" "12"="6.exe" "13"="IEXPLORE.Sys" "14"="Ravdm.exe" "15"="sxs.exe" "16"="system16.sys" for 语句可以读出文件里的每一行．．如何读取行号呢？．．．谢谢了． [ Last edited by HAT on 2008-11-19 at 13:26 ]

　　关于获取行号和对应的文本，可以用下面的代码：　　对注册表比较陌生，本人暂时帮不上什么忙。

尺有所短，寸有所长，学好CMD没商量。 考虑问题复杂化，解决问题简洁化。

觉得做这个用vbs好点 用readline一行行读到文件尾,同时写入注册表

@echo off set num=0 setlocal enabledelayedexpansion for /f "delims=" %%i in (texe.txt) do ( set /a num+=1 reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun /v !num! /t REG_SZ /d %%i /f ) 试了下．．行了．谢谢．．版主

Originally posted by zerocq at 2006-11-5 04:59: 觉得做这个用vbs好点 用readline一行行读到文件尾,同时写入注册表

这个能不能给个代码看看啊．．，，．

这些都是病毒木马的程序．．虽然改名了还是可以运行．但是多少有点用处．． 我禁的exe文件名～～～ Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "DisallowRun"=dword:00000001 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun] "2"="2.COM" "3"="3.COM" "4"="4.COM" "5"="5.COM" "6"="6.COM" "7"="1.EXE" "8"="2.EXE" "9"="3.EXE" "10"="4.EXE" "11"="5.EXE" "12"="6.EXE" "13"="AD.EXE" "14"="927.EXE" "15"="923.EXE" "16"="0SY.EXE" "1"="1.COM" "17"="1SY.EXE" "18"="2SY.EXE" "19"="3SY.EXE" "20"="4SY.EXE" "21"="GO1.EXE" "22"="5SY.EXE" "23"="TOTO.EXE" "24"="IEPRO.EXE" "25"="PODCASTBAR.EXE" "26"="TUOTU.EXE" "27"="BIZG2.EXE" "28"="TEMP.EXE" "29"="5001.EXE" "30"="5002.EXE" "31"="5003.EXE" "32"="199016.EXE" "33"="6007AD.EXE" "34"="110140.EXE" "35"="110141.EXE" "36"="110142.EXE" "37"="110143.EXE" "38"="102564.EXE" "39"="101380.EXE" "40"="HUACAI905.EXE" "41"="SETUP_YH0017.EXE" "42"="NEW7F.TMP.EXE" "43"="2014HKCMD.EXE" "44"="RGE7.EXE" "45"="TEMP1.EXE" "46"="13528.EXE" "47"="HUACAI905.EXE" "48"="HOSTS.EXE" "49"="CNT.EXE" "50"="ADPOP.EXE" "51"="JIJY.EXE" "52"="JIJY1.EXE" "53"="JIJY2.EXE" "54"="JIJY3.EXE" "55"="NONSENSER.COM" "56"="101577.EXE" "57"="199019002.EXE" "58"="8144SOHU.EXE" "59"="SETUP-XXQ.EXE" "60"="SETUP6007.EXE" "61"="SETUP-240.EXE" "62"="01XB1100_1.8_SETUP.EXE" "63"="YLIVE.EXE" "64"="MSHOST.EXE" "65"="D444.COM" "66"="B642.COM" "67"="A841.COM" "68"="SEFINSTALL017.EXE" "69"="MINIPPGOU.EXE" "70"="PPGOU0610_CNS_YASSIST.EXE" "71"="CDNUP.EXE" "72"="KPUPDATE.EXE" "73"="BDCJ01.EXE" "74"="SETUP_L0029.EXE" "75"="YBAR.EXE" "76"="YYBAR.EXE" "77"="RMASERVER.EXE" "78"="RACCESS.EXE" "79"="SYSMINI.EXE" "80"="BDCJ01.EXE" "81"="K16281159285256.EXE" "82"="SETUP_KUBAO.EXE" "83"="SKYMMSTP017.EXE" "84"="BBMAO_1002_XXXX.EXE" "85"="OPRAR.EXE" "86"="EXEROUTER.EXE" "87"="EXERT.EXE" "88"="EXP10RER.COM" "89"="FINDERS.COM" "90"="G0LD.COM" "91"="LOGO1_.EXE" "92"="RUNDL132.EXE" "93"="SMSS.EXE" "94"="SVCHS0T.EXE" "95"="WINL0GON.EXE" "96"="BL.EXE" "97"="DISKCHECK.EXE" "98"="SVOHOST.EXE" "99"="SVCH0ST.EXE" "100"="SETUPCMD.EXE" "101"="BBKY_KEY.EXE" "102"="INTERNAT4.EXE" "103"="VEEVRG.EXE" "104"="MOI.COM" "105"="GIMM.EXE" "106"="W7349.COM" "107"="W64499.COM" "108"="XXXXXX.EXE" "109"="SECP.EXE" "110"="SEARCHCAR.EXE" "111"="SOFTBOX.EXE" "112"="SETUPCMD030.EXE" "113"="RUN.EXE" "114"="BIND_40211.EXE" "115"="DN_FOR_SC.EXE" "116"="RICH564.EXE" "117"="PPRICH.EXE" "118"="MTSAXINSTALLER.EXE" "119"="SSETUP.EXE" "120"="3256LONS.EXE" "121"="3205LONS.EXE" "122"="3103LONS.EXE" "123"="MRUP.EXE" "124"="KUCOSETUPNO3.EXE" "125"="KW_RG_LYRIC_057.EXE" "126"="DOALDER.EXE" "127"="SKYMMSTP.EXE" "128"="XP10C.TMP.EXE" "129"="XP10F.TMP.EXE" "130"="PIAOXUE.COM.EXE" "131"="199016.EXE" "132"="YASSISTSE.EXE" "133"="SXS.EXE" "134"="KUBAO.EXE" "135"="PAGEFILE.PIF" "136"="DOWNL.EXE" "137"="MTMP.EXE" "138"="MUMA.EXE" "139"="QYULE.EXE" "140"="P2PSVR.EXE" "141"="CTFMON32.EXE" "142"="WINLOGIN.EXE" "143"="180AX.EXE" "144"="JMW.EXE" "145"="ADAWARE.EXE" "146"="AQADCUP.EXE" "147"="ARUPDATE.EXE" "148"="AVSERVE" "149"="180AX.EXE" "150"="ACTALERT.EXE" "151"="ADAWARE.EXE" "152"="ALCHEM.EXE" "153"="ALEVIR.EXE" "154"="AQADCUP.EXE" "155"="ARCHIVE.EXE" "156"="ARR.EXE" "157"="ARUPDATE.EXE" "158"="ASM.EXE" "159"="AV.EXE" "160"="AVSERVE.EXE" "161"="AVSERVE2.EXE" "162"="BACKWEB.EXE" "163"="BARGAINS.EXE" "164"="BASFIPM.EXE" "165"="BELT.EXE" "166"="BIPREP.EXE" "167"="BLSS.EXE" "168"="BOKJA.EXE" "169"="BOOTCONF.EXE" "170"="BPC.EXE" "171"="BRASIL.EXE" "172"="BRIDGE.DLL" "173"="BUDDY.EXE" "174"="BUGSFIX.EXE" "175"="BUNDLE.EXE" "176"="BVT.EXE" "177"="CASHBACK.EXE" "178"="CDAENGINE" "179"="CMD32.EXE" "180"="CMESYS.EXE" "181"="CONIME.EXE" "182"="CONSCORR.EXE" "183"="CRSS.EXE" "184"="CXTPLS.EXE" "185"="DATEMANAGER.EXE" "186"="DCOMX.EXE" "187"="DESKTOP.EXE" "188"="DIRECTS.EXE" "189"="DIVX.EXE" "190"="DLLREG.EXE" "191"="DMSERVER.EXE" "192"="DPI.EXE" "193"="DSSAGENT.EXE" "194"="DVDKEYAUTH.EXE" "195"="EMSW.EXE" "196"="EXDL.EXE" "197"="EXEC.EXE" "198"="EXP.EXE" "199"="EXPLORE.EXE" "200"="EXPLORED.EXE" "201"="FASH.EXE" "202"="FFISEARCH.EXE" "203"="FNTLDR.EXE" "204"="FSG_4104.EXE" "205"="FVPROTECT.EXE" "206"="GATOR.EXE" "207"="GMT.EXE" "208"="GOIDR.EXE" "209"="HBINST.EXE" "210"="HBSRV.EXE" "211"="HWCLOCK.EXE" "212"="HXDL.EXE" "213"="HXIUL.EXE" "214"="IEDLL.EXE" "215"="IEDRIVER.EXE" "216"="IEHOST.EXE" "217"="IEXPLORER.EXE" "218"="INFUS.EXE" "219"="INFWIN.EXE" "220"="INTDEL.EXE" "221"="ISASS.EXE" "222"="ISTSVC.EXE" "223"="JAWA32.EXE" "224"="JDBGMRG.EXE" "225"="KAZZA.EXE" "226"="KEENVALUE.EXE" "227"="KERNEL32.EXE" "228"="LASS.EXE" "229"="LMU.EXE" "230"="LOADER.EXE" "231"="LSSAS.EXE" "232"="MAPISVC32.EXE" "233"="MARIO.EXE" "234"="MD.EXE" "235"="MFIN32.EXE" "236"="MMOD.EXE" "237"="MOSTAT.EXE" "238"="MSAPP.EXE" "239"="MSBB.EXE" "240"="MSBLAST.EXE" "241"="MSCACHE.EXE" "242"="MSCCN32.EXE" "243"="MSCMAN.EXE" "244"="MSDM.EXE" "245"="MSGFIX.EXE" "246"="MSIEXEC16.EXE" "247"="MSINFO.EXE" "248"="MSLAGENT.EXE" "249"="MSLAUGH.EXE" "250"="MSMC.EXE" "251"="MSMGT.EXE" "252"="MSMSGRI32.EXE" "253"="MSN.EXE" "254"="MSREXE.EXE" "255"="MSSVC32.EXE" "256"="MSSYS.EXE" "257"="MSVXD.EXE" "258"="MWSOEMON.EXE" "259"="MWSVM.EXE" "260"="NETD32.EXE" "261"="NLS.EXE" "262"="NSSYS32.EXE" "263"="NSTASK32.EXE" "264"="NSUPDATE.EXE" "265"="NTFS64.EXE" "266"="NTOSA32.EXE" "267"="OMNISCIENT.EXE" "268"="ONSRVR.EXE" "269"="OPTIMIZE.EXE" "270"="P2PNETWORKING.EXE" "271"="PCSVC.EXE" "272"="PGMONITR.EXE" "273"="PIB.EXE" "274"="POWERSCAN.EXE" "275"="PRIZESURFER.EXE" "276"="PRMT.EXE" "277"="PRMVR.EXE" "278"="RAY.EXE" "279"="RB32.EXE" "280"="RCSYNC.EXE" "281"="RK.EXE" "282"="RUN32DLL.EXE" "283"="RUNDLL16.EXE" "284"="RUXDLL32.EXE" "285"="SAAP.EXE" "286"="SAHAGENT.EXE" "287"="SAIE.EXE" "288"="SAIS.EXE" "289"="SALM.EXE" "290"="SATMAT.EXE" "291"="SAVE.EXE" "292"="SAVENOW.EXE" "293"="SCAM32.EXE" "294"="SCRSVR.EXE" "295"="SCVHOST.EXE" "296"="SEARCHUPDATE33.EXE" "297"="SEARCHUPGRADER.EXE" "298"="SOAP.EXE" "299"="SPOLER.EXE" "300"="SSK.EXE" "301"="STCLOADER.EXE" "302"="SUSP.EXE" "303"="SVC.EXE" "304"="SYNCROAD.EXE" "305"="SYSFIT.EXE" "306"="SYSTEM.EXE" "307"="SYSTEM32.EXE" "308"="TB_SETUP.EXE" "309"="TBPS.EXE" "310"="TEEKIDS.EXE" "311"="TIBS3.EXE" "312"="TRICKLER.EXE" "313"="TS.EXE" "314"="TS2.EXE" "315"="TSA.EXE" "316"="TSADBOT.EXE" "317"="TSL.EXE" "318"="TSM2.EXE" "319"="TVM.EXE" "320"="TVMD.EXE" "321"="TVTMD.EXE" "322"="UPDATER.EXE" "323"="UPDMGR.EXE" "324"="VVSN.EXE" "325"="WAST.EXE" "326"="WEB.EXE" "327"="WEBDAV.EXE" "328"="WEBREBATES.EXE" "329"="WEBREBATES0.EXE" "330"="WIN-BUGSFIX.EXE" "331"="WIN_UPD2.EXE" "332"="WIN32.EXE" "333"="WIN32US.EXE" "334"="WINACTIVE.EXE" "335"="WINAD.EXE" "336"="WINADALT.EXE" "337"="WINADCTL.EXE" "338"="WINADTOOLS.EXE" "339"="WINDIRECT.EXE" "340"="WINDOWS.EXE" "341"="WINGO.EXE" "342"="WININETD.EXE" "343"="WININIT.EXE" "344"="WINLOCK.EXE" "345"="WINLOGIN.EXE" "346"="WINMAIN.EXE" "347"="WINNET.EXE" "348"="WINPPR32.EXE" "349"="WINRARSHELL32.EXE" "350"="WINRATCHET.EXE" "351"="WINSCHED.EXE" "352"="WINSERVN.EXE" "353"="WINSHOST.EXE" "354"="WINSSK32.EXE" "355"="WINSTART.EXE" "356"="WINSTART001.EXE" "357"="WINSTATKEEP.EXE" "358"="WINTASKAD.EXE" "359"="WINTIME.EXE" "360"="WINTSK32.EXE" "361"="WINUPDATE.EXE" "362"="WINUPDT.EXE" "363"="WINUPDTL.EXE" "364"="WINXP.EXE" "365"="WMON32.EXE" "366"="WNAD.EXE" "367"="WO.EXE" "368"="WOVAX.EXE" "369"="WSUP.EXE" "370"="WSXSVC.EXE" "371"="WTOOLSA.EXE" "372"="WTOOLSA.EXE" "373"="WTOOLSS.EXE" "374"="WUAMGRD.EXE" "375"="WUPDATE.EXE" "376"="WUPDATER.EXE" "377"="WUPDMGR.EXE" "378"="WUPDT.EXE"

这个就是组策略禁止运行程序

　　既然你都给出reg内容了，那就很好办了：前6行用echo直接写入一个reg文件，然后，把第6行之后的内容用2F的代码来追加就可以了。

尺有所短，寸有所长，学好CMD没商量。 考虑问题复杂化，解决问题简洁化。

是啊．组策略禁止运行程序 ．这些从网盟里找到的．．有一个Ｎ人总结出来的病毒或者是其他广告木马盗名什么的进程名．．．不过只是给出进程名．．一个一个来好难啊．．版主的@echo off set num=0 setlocal enabledelayedexpansion for /f "delims=" %%i in (test.txt) do ( set /a num+=1 echo "!num!"="%%i" ) pause 这个不错．可以生成""=""这种格式 杀毒软件虽然好．．要是内存不多的话．开着杀软速度有点慢吧．．虽然病毒名千变万化．不过还是有点用的．．． [ Last edited by zerostudy on 2006-11-5 at 05:36 AM ]

Originally posted by zerostudy at 2006-11-5 05:33: 是啊．组策略禁止运行程序 ．这些从网盟里找到的．．有一个Ｎ人总结出来的病毒或者是其他广告木马盗名什么的进程名．．．不过只是给出进程名..

网盟=wglm??? 这个用在网吧还是起作用的,个人用吗,用处不大

学习了!