使启动项失效的批处理命令使启动项失效bat

使启动项失效的批处理命令使启动项失效bat 使启动项失效的批处理命令使启动项失效bat

使启动项失效批处理命令.双击运行即可[code]@echo offclsrem Copyright (C) 2003-05 Ansgar Wiechers & Torsten Mannrem Contact: admin@ntsvcfg.deremrem This program is free software; you can redistribute it and/or modify it underrem the terms of the GNU General Public License as published by the Free Software Foundation;rem either version 2 of the License, or (at your option) any later version.rem This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;rem without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.rem See the GNU General Public License for more details.remrem You should have received a copy of the GNU General Public License along with this program;rem if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,rem MA 02111-1307, USA.echo.REM Tested on ... WinXP_SP2REM Always basic XP64 SupportREM Modifications to BITS service (cause of v5 WindowsUpdate) - #discharged#REM Additional notices corresponding to DHCP issueREM Variables problems during RESTORE_DEFAULT usage fixedREM SMBDEVICEENABLED Restore Bug fixedREM Mod_history-09-27-2005**11-08-2005**11-29-2005**12-07-2005**12-18-2005

setlocal

REM *** INIT_VARS ***set CHK_SVC=YESset XPSP2=FALSEset SERVER=FALSEset NT_SERVER_CHK=TRUE

:STARTecho "svc2kXp.cmd" v2.2_build7b (18.12.2005), published under GNU GPLecho ================================================================set find=%SystemRoot%System32find.exeset regedit=%SystemRoot%regedit.exeif not exist "%find%" goto :NOFINDif not exist "%regedit%" goto :NOREGEDITif not "%1" == "%*" goto :SYNTAXif /I "%1"=="/?" goto :HELPif /I "%1"=="/help" goto :HELPif /I "%1"=="-h" goto :HELPif /I "%1"=="--help" goto :HELPif /I "%1"=="-?" goto :HELPif /I "%1"=="--?" goto :HELPif /I "%1"=="/fix" goto :FIXgoto :VERSION

:SYNTAXecho.echo.echo !!Syntax error!!echo ________________echo Es kann nur ein oder kein Parameter angegeben werden.echo.echo Only one or no parameter allowed.goto :QUIT

:HELPecho.echo -= Hilfe =-echo Parameter:echo /lan.......Einige Dienste fuer LAN-Betrieb werden nicht veraendert.echo /std.......Schliesst alle Ports, einige Dienste bleiben unveraendert.echo /all.......Setzt alle Vorschlaege nach www.ntsvcfg.de um (hardening).echo /restore...Nimmt die zuletzt vorgenommenen Aenderungen zurueck.echo /reLAN.....Reaktiviert Dienste, die fuer LAN-Betrieb benoetigt werden.echo /default...Setzt alle Diensteinstellungen auf urspr黱gliche Werte zur點k.echo.echo Parameters:echo /lan.......Some services needed for LAN-usage stay unchanged!echo /std.......Closes all Ports, but some services stay unchangedecho /all.......Changes all issues recommended by www.ntsvcfg.de ("hardening")echo /restore...Undo last changes.echo /reLAN.....Reactivates services required for LAN.echo /default...Restoring factory service settings (before first time usage)echo.echo example: svc2kxp.cmd /allecho.set /P CHS= [Press "G" for GNU GPL informations or "Q" for quit]?if /I "%CHS%"=="G" goto :GNU_GPLif /I "%CHS%"=="Q" goto :QUIT_EXTCLSgoto :HELP

:GNU_GPLCLSecho Informations about GNU-General Public License for "svc2kxp.cmd"echo ===============================================================echo.echo Copyright (C) 2003-05 Ansgar Wiechers, Torsten Mannecho Contact: admin@ntsvcfg.deecho.echo This program is free software; you can redistribute it and/or modify it underecho the terms of the GNU General Public License as published by the Free Softwareecho Foundation; either version 2 of the License, or (at your option) any laterecho version. This program is distributed in the hope that it will be useful, butecho WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY orecho FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for moreecho details.echo.echo You should have received a copy of the GNU General Public License along withecho this program; if not, write to the:echo.echo Free Software Foundation, Inc.echo 59 Temple Place, Suite 330echo Boston, MA 02111-1307, USA.echo.set /P CHS= [Press "H" for help or "Q" for quit]?CLSif /I "%CHS%"=="H" goto :HELPif /I "%CHS%"=="Q" goto :QUIT_EXTgoto GNU_GPL

:VERSIONecho Checking system version ...

if /I "%NT_SERVER_CHK%"=="FALSE" goto :SKIP_NT_SERVER_CHKREM Checking for running server version "%regedit%" /e "%TEMP%~svr.txt" "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlProductOptions" type "%TEMP%~svr.txt"|"%find%" /i "Server" >NUL if not errorlevel 1 set SERVER=TRUE type "%TEMP%~svr.txt"|"%find%" /i "LanMan" >NUL if not errorlevel 1 set SERVER=TRUE if exist "%TEMP%~svr.txt" del /F /Q "%TEMP%~svr.txt" if /I "%SERVER%"=="TRUE" goto :NTSERVER

:SKIP_NT_SERVER_CHK

ver | "%find%" /i "Windows 2000" > nulif not errorlevel 1 goto :OS2K

ver | "%find%" /i "Windows XP" > nulif not errorlevel 1 goto :OSXP

ver | "%find%" /i "Microsoft Windows [Version 5.2.3790]" > nulif not errorlevel 1 goto :OSXP64

echo !!Failed!!echo __________echo.echo Dieses Script ist nur unter Windows 2000 oder XP lauffaehig!echo.echo This script works only on Windows 2000/XP machines!echo.goto :QUIT

:NOFINDecho.echo !!Failed!!echo __________echo.echo Leider konnte folgende Datei nicht gefunden werden:echo.echo Sorry, but following file is missing:echo.echo.echo # %SystemRoot%System32FIND.EXEecho.echo.goto :QUIT

:NOREGEDITecho.echo !!Failed!!echo __________echo.echo Leider konnte folgende Datei nicht gefunden werden:echo.echo Sorry, but following file is missing:echo.echo.echo # %SystemRoot%REGEDIT.EXEecho.echo.goto :QUIT

:NTSERVERecho.echo !!Failed!!echo __________echo.echo Dieses Script unterstuetzt keine NT Server Versionen!echo.echo This script doesn't support NT server versions!echo.goto :QUIT

:OS2Krem Specific OS Detection Iset SYSTEM=2k

rem Testing for XP ServicePacks

"%regedit%" /e "%TEMP%~svclist.txt" "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion" type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 4" >NUL if errorlevel==1 (

type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 3" >NUL if errorlevel==1 (

type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 2" >NUL if errorlevel==1 (

type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 1" >NUL if errorlevel==1 (

echo !Windows 2000 [no or unknown Service Pack] detected! goto NO_2KSP )

echo !Windows 2000 [Service Pack 1] detected! goto :NO_2KSP )

echo !Windows 2000 [Service Pack 2] detected! goto :NO_2KSP )

echo !Windows 2000 [Service Pack 3] detected! goto :NO_2KSP )

echo !Windows 2000 [Service Pack 4] detected! goto :NO_2KSP

:NO_2kSPif exist "%TEMP%~svclist.txt" del /F /Q "%TEMP%~svclist.txt"goto :CONTINUE

:OSXPrem Specific OS detection IIset SYSTEM=xprem Testing for XP ServicePack 2

"%regedit%" /e "%TEMP%~svclist.txt" "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion" type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 2" >NUL if errorlevel==1 (

type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 1" >NUL if errorlevel==1 (

SET XPSP2=FALSE echo !Windows XP [no or unknown Service Pack] detected! goto NO_XPSP )

SET XPSP2=FALSE echo !Windows XP [Service Pack 1] detected! goto :NO_XPSP )

SET XPSP2=TRUE echo !Windows XP [ServicePack 2] detected! goto :NO_XPSP

:OSXP64rem Specific OS detection IIset SYSTEM=xprem Testing for XP ServicePack 2

"%regedit%" /e "%TEMP%~svclist.txt" "HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersion" type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 2" >NUL if errorlevel==1 (

type "%TEMP%~svclist.txt"|"%find%" /i "Service Pack 1" >NUL if errorlevel==1 (

SET XPSP2=FALSE echo !EXPERIMENTAL! Windows XP64 [no or unknown Service Pack] detected! goto NO_XPSP )

SET XPSP2=FALSE echo !EXPERIMENTAL! Windows XP64 [Service Pack 1] detected! goto :NO_XPSP )

SET XPSP2=TRUE echo !EXPERIMENTAL! Windows XP64 [ServicePack 2] detected! goto :NO_XPSP

:NO_XPSPif exist "%TEMP%~svclist.txt" del /F /Q "%TEMP%~svclist.txt"goto :CONTINUE

:CONTINUE

REM Creating subdirectory "ntsvcfg" in userprofile if necessaryif not exist "%USERPROFILE%ntsvcfg*.*" mkdir "%USERPROFILE%ntsvcfg"

REM Moving old script backup files to ...%USERNAME%ntsvcfg : if exist "%USERPROFILE%dcom.reg" move /Y "%USERPROFILE%dcom.reg" "%USERPROFILE%ntsvcfgdcom.reg" if exist "%USERPROFILE%dcomp.reg" move /Y "%USERPROFILE%dcomp.reg" "%USERPROFILE%ntsvcfgdcomp.reg" if exist "%USERPROFILE%services.reg" move /Y "%USERPROFILE%services.reg" "%USERPROFILE%ntsvcfgservices.reg" if exist "%USERPROFILE%current_services_config.reg" move /Y "%USERPROFILE%current_services_config.reg" "%USERPROFILE%ntsvcfgcurrent_services_config.reg" if exist "%USERPROFILE%smb.reg" move /Y "%USERPROFILE%smb.reg" "%USERPROFILE%ntsvcfgsmb.reg" if exist "%USERPROFILE%FPRINT.REF" move /Y "%USERPROFILE%FPRINT.REF" "%USERPROFILE%ntsvcfgFPRINT.REF" if exist "%USERPROFILE%handler_aim.reg" move /Y "%USERPROFILE%handler_aim.reg" "%USERPROFILE%ntsvcfghandler_aim.reg" if exist "%USERPROFILE%handler_gopher.reg" move /Y "%USERPROFILE%handler_gopher.reg" "%USERPROFILE%ntsvcfghandler_gopher.reg" if exist "%USERPROFILE%handler_telnet.reg" move /Y "%USERPROFILE%handler_telnet.reg" "%USERPROFILE%ntsvcfghandler_telnet.reg" if exist "%USERPROFILE%services.reg.default" move /Y "%USERPROFILE%services.reg.default" "%USERPROFILE%ntsvcfgservices.reg.default" if exist "%USERPROFILE%dcom.reg.default" move /Y "%USERPROFILE%dcom.reg.default" "%USERPROFILE%ntsvcfgdcom.reg.default" if exist "%USERPROFILE%dcomp.reg.default" move /Y "%USERPROFILE%dcomp.reg.default" "%USERPROFILE%ntsvcfgdcomp.reg.default" if exist "%USERPROFILE%smb.reg.default" move /Y "%USERPROFILE%smb.reg.default" "%USERPROFILE%ntsvcfgsmb.reg.default" if exist "%USERPROFILE%handler_aim.reg.default" move /Y "%USERPROFILE%handler_aim.reg.default" "%USERPROFILE%ntsvcfghandler_aim.reg.default" if exist "%USERPROFILE%handler_gopher.reg.default" move /Y "%USERPROFILE%handler_gopher.reg.default" "%USERPROFILE%ntsvcfghandler_gopher.reg.default" if exist "%USERPROFILE%handler_telnet.reg.default" move /Y "%USERPROFILE%handler_telnet.reg.default" "%USERPROFILE%ntsvcfghandler_telnet.reg.default"

REM *****Declarations*****set SELECT="no"set SVC_BAK=%USERPROFILE%ntsvcfgservices.regset SVC_SAV=%USERPROFILE%ntsvcfgcurrent_services_config.regset DCOM_BAK=%USERPROFILE%ntsvcfgdcom.regset DCOMP_BAK=%USERPROFILE%ntsvcfgdcomp.regset SMB_BAK=%USERPROFILE%ntsvcfgsmb.regset DCOM_TMP=%TEMP%dcomoff.regset DCOMP_TMP=%TEMP%dcompoff.regset SMB_TMP=%TEMP%smboff.regset FPRINT=%USERPROFILE%ntsvcfgFPRINT.REFset HANDLER1=%USERPROFILE%ntsvcfghandler_aim.regset HANDLER2=%USERPROFILE%ntsvcfghandler_gopher.regset HANDLER3=%USERPROFILE%ntsvcfghandler_telnet.regset NB_TMP=%TEMP%nb_off.vbsset srctmp=%USERPROFILE%ntsvcfg~srcreate.vbsset DHCP_CHANGES="YES"

REM *****Options*****set SCHEDULER_ENABLED=NOset UseXPSysRestore=YESset RESTORE=NOset SVC_MOD=NOset USE_FPRINT=YESset Deactivate_NetBIOS=YESset RESTORE_MODE=2

REM *****APP_PATHs******set NET=%SystemRoot%system32net.exeset SC=%SystemRoot%system32sc.exeset FC=%SystemRoot%system32fc.exeset IPCONFIG=%SystemRoot%system32ipconfig.exe

echo Checking available permissions: [local], please wait ..."%net%" user "%USERNAME%" 2> nul | "%find%" /i "admin" | "%find%" /i /v "name" > nulif errorlevel 1 ( echo " " " : [domain], please wait ... "%net%" user "%USERNAME%" /domain 2> nul | "%find%" /i "admin" | "%find%" /i /v "name" > nul if errorlevel 1 ( echo. echo Failed! echo __________ echo Leider verfuegen Sie nicht ueber die erforderlichen Rechte! echo Melden Sie sich bitte als Administrator an. echo. echo Sorry but you don't have the permissions required for this task. echo Please login as Administrator. echo. goto :END ) )

set IMPORT_OLD_FILES=FALSErem searching for sc.exeif not exist "%FPRINT%" echo Checking for presence of SC.EXE ..."%sc%" qc > nul 2>&1if errorlevel 1 ( echo !!Failed!! echo __________ echo Die notwendige Datei SC.EXE konnte leider nicht unter echo [%SystemRoot%SYSTEM32] gefunden werden. echo Bitte laden Sie sich diese Datei von der unten genannten Adresse herunter: echo. echo SC.EXE couldn't be found in [%SystemRoot%SYSTEM32]. echo Please download it from following location: echo. echo. echo -= ftp://ftp.microsoft.com/reskit/win2000/sc.zip =- echo. echo Self-installing SC.EXE echo ====================== echo svx2kxp.cmd kann versuchen, die notwendige Datei selbst zu installieren. echo Hierzu benoetigen Sie eine bestehende Internetverbindung. echo. echo svc2kxp.cmd may try to download the required file SC.EXE itself if an echo active internet connection exists. goto :SC_DOWNLOAD )

if /I "%1"=="/all" ( set SELECT="/all" goto :SKIP_MENUE )

if /I "%1"=="/relan" ( set SELECT="/relan" goto :SKIP_MENUE )

if /I "%1"=="/std" ( set SELECT="/std" goto :SKIP_MENUE )

if /I "%1"=="/default" goto :RESTORE_DEFAULTS

rem checking for modified servicesif /I %CHK_SVC%==YES ( if /I %USE_FPRINT%==YES ( if exist "%FPRINT%" ( rem Creating fingerprint of current service settings... if exist "%USERPROFILE%ntsvcfgsvc2cmp.sav" del /F /Q "%USERPROFILE%ntsvcfgsvc2cmp.sav" "%sc%" query type= service state= all bufsize= 8192 | %FIND% "SERVICE_NAME" >%TEMP%~svclist.txt for /F "tokens=1*" %%a in (%TEMP%~svclist.txt) do ( echo %%b >>"%USERPROFILE%ntsvcfgsvc2cmp.sav" "%sc%" query "%%b" | %FIND% "STATE" >>"%USERPROFILE%ntsvcfgsvc2cmp.sav" "%sc%" qc "%%b" | %FIND% "DISPLAY_NAME" >>"%USERPROFILE%ntsvcfgsvc2cmp.sav" "%SC%" qc "%%b" | %FIND% "START_TYPE" >>"%USERPROFILE%ntsvcfgsvc2cmp.sav" echo. >> "%USERPROFILE%ntsvcfgsvc2cmp.sav" ) del "%TEMP%~svclist.txt"

"%FC%" "%FPRINT%" "%USERPROFILE%ntsvcfgsvc2cmp.sav" >NUL if errorlevel 1 goto :DIFF goto OK

:DIFF echo Checking for modified services ... failed-services maybe modified! [E]valuate set SVC_MOD=YES goto :MOD_END

:OK echo Checking for modified services ... OK set SVC_MOD=NO if exist "%USERPROFILE%ntsvcfgsvc2cmp.sav" del /F /Q "%USERPROFILE%ntsvcfgsvc2cmp.sav" goto :MOD_END

:MOD_END REM ) ) )set CHK_SVC=NO

if /I "%1"=="/restore" goto :RESTORE

:MENUEif /I "%1"=="/lan" goto :SKIP_MENUEecho.echo -= Auswahl / Overview =-echo.echo Bitte waehlen sie einen Punkt aus, den sie ausfuehren moechten:echo.echo (1) LAN: Einige Dienste fuer LAN-Betrieb werden nicht veraendert.echo (2) Standard: Schliesst alle Ports, aber einige Dienste bleiben unveraendert.echo (3) ALL: Setzt alle Vorschlaege nach www.ntsvcfg.de um (hardening).echo (4) Restore: Nimmt die zuletzt vorgenommenen Aenderungen zurueck.echo ______________________________________________________________________________echo.echo Please choose one task you want to do:echo.echo (1) LAN: Some services needed for LAN-usage stay unchangedecho (2) Standard: Close ports but some services stay unchangedecho (3) ALL: Making all changes described at www.ntsvcfg.de (hardening)echo (4) restore: Restores last changes made.echo.set /P CHS= Bitte waehlen Sie/Please choose: [1],[2],[3],[4], [M]ore options or [Q]uit?

if /I "%CHS%"=="1" ( set SELECT="/lan" goto :SKIP_MENUE )

if /I "%CHS%"=="2" ( set SELECT="/std" goto :SKIP_MENUE )

if /I "%CHS%"=="3" ( set SELECT="/all" goto :SKIP_MENUE )

if /I "%CHS%"=="4" goto :RESTOREif /I "%CHS%"=="R" goto :RESTOREif /I "%CHS%"=="M" goto :MORE_OPTIONSif /I "%SVC_MOD%"=="YES" if /I "%CHS%"=="E" goto :EVALUATE_SERVICESif /I "%CHS%"=="G" goto :CREATING_NEW_FINGERPRINTif /I "%CHS%"=="Q" goto :QUITclsgoto :START

:SKIP_MENUE

rem Checking if old restorefiles exists.rem if it is so old files will be restored before new changesif not exist "%SVC_BAK%" goto :NO_RESTOREif /I %RESTORE_MODE%==3 goto :NO_RESTOREif /I %RESTORE_MODE%==4 goto :NO_RESTOREset RESTORE=YESecho.echo _______________________________________________________________________echo.echo [Selected Restore Mode: %RESTORE_MODE%]echo.echo # Achtung: Alte Sicherungsdateien gefunden!echo.echo "Svc2kXp.cmd" wurde schon einmal ausgefuehrt. Damit neue Aenderungenecho korrekt durchgefuehrt werden koennen, werden die Sicherungsdateienecho eingespielt.echo.echo.echo Attention: old restore-files found!echo.echo This program runs not for the first time. To apply all new changesecho correctly old restore files will used to get an definite state.echo.echo.echo # Starting restore ...goto RESTORE_EXT

:NO_RESTORErem query if taskplaner should runif /I "%SYSTEM%"=="2k" goto :SKIP_SQUERYif /I "%SYSTEM%"=="xp" ( if /I %SELECT%=="" goto :SKIP_SQUERY if /I %SELECT%=="/all" goto :SKIP_SQUERY if /I %XPSP2%==True ( set SCHEDULER_ENABLED=YES goto :SKIP_SQUERY )

)

echo.echo.echo Rueckfrage / Queryecho ==================echo.echo Soll der Dienst "Taskplaner" beendet werden?echo.echo Wenn sie zeitgesteuerten Aufgaben [z.B. Antiviren-Updates] oder die automati-echo sche Erstellung von Systemwiederherstellungspunkten nicht benoetigen, drueckenecho Sie eine BELIEBIGE TASTE, um auch Port 135 [RPC] sowie Port 1025 [Taskplaner]echo zu schliessen [empfohlen!]. Andernfalls druecken Sie "N"!echo.echo.echo Should the "scheduler service" be disabled?echo.echo If you have time-controlled tasks [i.e. AV-Updates] or you will not setecho automatic system restore points press ANY KEY TO CONTINUE to close port 135echo [RPC] and port 1025 [scheduler] instantly. Otherwise press "N"echo ___________________________________________echo.set /P UNDO= Taskplaner beenden - Close scheduler [y/n]?if /I "%UNDO%"=="n" set SCHEDULER_ENABLED=YES

:SKIP_SQUERY

if not exist "%SVC_BAK%.default" ( echo. echo Creating backup of defaults ... "%regedit%" /e "%SVC_BAK%.default" HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices "%regedit%" /e "%DCOM_BAK%.default" HKEY_LOCAL_MACHINESOFTWAREMicrosoftOle "%regedit%" /e "%DCOMP_BAK%.default" HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpc "%regedit%" /e "%SMB_BAK%.default" HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParameters "%regedit%" /e "%HANDLER1%.default" HKEY_CLASSES_ROOTAIM "%regedit%" /e "%HANDLER2%.default" HKEY_CLASSES_ROOTgopher "%regedit%" /e "%HANDLER3%.default" HKEY_CLASSES_ROOTtelnet echo ... done. )

if exist "%SVC_BAK%" ( if /I %RESTORE_MODE%==2 goto :SKIP_SAVING if /I %RESTORE_MODE%==4 goto :SKIP_SAVING )

rem saving registry settingsecho _________________________________________________________________________echo.echo [Selected Restore Mode: %RESTORE_MODE%]echo.echo Saving services settings toecho %SVC_BAK% ..."%regedit%" /e "%SVC_BAK%" HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesecho Saving DCOM settings toecho %DCOM_BAK% ..."%regedit%" /e "%DCOM_BAK%" HKEY_LOCAL_MACHINESOFTWAREMicrosoftOleecho Saving DCOM standard protocols settings toecho %DCOMP_BAK% ..."%regedit%" /e "%DCOMP_BAK%" HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcecho Saving SMB settings toecho %SMB_BAK%"%regedit%" /e "%SMB_BAK%" HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParametersecho Saving URL-Handler [AIM, GOPHER, TELNET] toecho %HANDLER1%"%regedit%" /e "%HANDLER1%" HKEY_CLASSES_ROOTAIMecho %HANDLER2%"%regedit%" /e "%HANDLER2%" HKEY_CLASSES_ROOTgopherecho %HANDLER3%"%regedit%" /e "%HANDLER3%" HKEY_CLASSES_ROOTtelnetecho.

echo All done.echo ___________________________________________echo.

:SKIP_SAVING

if /I "%SYSTEM%"=="xp" ( if /I %UseXPSysRestore%==YES ( goto :XPSYSRESTORE ) ):XPSYSRESTORE_DONE

rem reconfigure servicesrem startup: demandecho.echo Setting services to "demand" ...

echo ___________________________________________echo.echo # Checking DHCP ..."%ipconfig%" -all | "%find%" /i "Lease" > nulif errorlevel 1 ( rem trying other method for DHCP "%ipconfig%" -all | "%find%" /i "DHCP-Server" > nul if errorlevel 1 ( echo ... no active DHCP found. echo. echo Hinweis echo ======= echo Ihre Konfiguration deutet an, das kein DHCP benoetigt wird. Falls echo Sie dennoch einen DSL-Internetzugang besitzen und DHCP irrtuemlich echo deaktivert wurde, kann es nach einem Neustart zu Problemen mit der echo Internetverbindung kommen. Starten sie zur Problembehebung den echo DHCP-Dienst manuell neu. echo. echo Notice echo ====== echo Your configuration indicates that DHCP no longer will be required. echo But if you use a DSL internet connection this choice probably echo might be wrong. If you experiences problems during accessing the echo internet please re-activate the "DHCP Service" manually. echo. echo ___________________________________________ echo. "%sc%" config DHCP start= demand goto :SKIP_DHCP ))set DHCP_CHANGES="NO"echo ... DHCP active, status of service will NOT be changed!echo.

:SKIP_DHCP"%sc%" config dmadmin start= demand"%sc%" config DNSCache start= demand"%sc%" config mnmsrvc start= demand"%sc%" config MSIServer start= demand"%sc%" config NetDDE start= demand"%sc%" config NetDDEdsdm start= demand"%sc%" config Netman start= demand"%sc%" config NTLMSsp start= demand"%sc%" config NtmsSvc start= demand"%sc%" config PolicyAgent start= demand"%sc%" config RASAuto start= demand"%sc%" config RASMan start= demand"%sc%" config RSVP start= demand"%sc%" config Scardsvr start= demand

"%sc%" query ScardDrv | "%find%" /i "OpenService FAILED" >NULif errorlevel 1 "%sc%" config ScardDrv start= demand

if /I %XPSP2%==True ( rem If XP SP2 is installed there are less changes to XP-ICF if /I %SELECT%=="/std" goto :SKIP_FIREWALL )"%sc%" config SharedAccess start= demand

:SKIP_FIREWALL"%sc%" config Sysmonlog start= demand"%sc%" config TAPISrv start= demand"%sc%" config TrkWks start= demand"%sc%" config UPS start= demand"%sc%" config W32Time start= demand"%sc%" config WMI start= demand

if /I %SELECT%=="/all" ( "%sc%" config SamSs start= demand "%sc%" config LmHosts start= demand "%sc%" config Winmgmt start= demand )

if /I "%SYSTEM%"=="2k" ( "%sc%" config AppMgmt start= demand "%sc%" config Browser start= demand "%sc%" config clipsrv start= demand "%sc%" config EventSystem start= demand "%sc%" config Fax start= demand "%sc%" config netlogon start= demand "%sc%" config RPCLocator start= demand "%sc%" config Utilman start= demand if /I %SELECT%=="/all" ( "%sc%" config seclogon start= demand "%sc%" config RPCSs start= demand "%sc%" config lanmanServer start= demand ) )

if /I "%SYSTEM%"=="xp" ( "%sc%" config ALG start= demand "%sc%" config FastUserSwitchingCompatibility start= demand "%sc%" config helpsvc start= demand "%sc%" config ImapiService start= demand "%sc%" config Nla start= demand "%sc%" config RdSessMgr start= demand "%sc%" config seclogon start= demand "%sc%" config stisvc start= demand "%sc%" config SwPrv start= demand "%sc%" config TermService start= demand "%sc%" config upnphost start= demand "%sc%" config VSS start= demand

"%sc%" query WmdmPmSp | "%find%" /i "OpenService FAILED" >NUL if errorlevel 1 "%sc%" config WmdmPmSp start= demand

"%sc%" config WmiApSrv start= demand rem Wireless Zero Configuration - fuer WLAN-Verbindungen notwendig. rem Falls erforderlich auf AUTO stellen. rem "%sc%" config WZCSVC start= demand )echo.

rem startup: autoecho Setting services to "auto" ..."%sc%" config dmserver start= auto"%sc%" config eventlog start= auto"%sc%" config PlugPlay start= auto"%sc%" config ProtectedStorage start= auto"%sc%" config sens start= auto"%sc%" config spooler start= auto

if /I "%SYSTEM%"=="2k" ( "%sc%" config lanmanworkstation start= auto "%sc%" config alerter start= auto )

if /I "%SYSTEM%"=="xp" ( "%sc%" query InteractiveLogon | "%find%" /i "OpenService FAILED" >NUL if errorlevel 1 "%sc%" config InteractiveLogon start= auto "%sc%" config Audiosrv start= auto "%sc%" config CryptSvc start= auto "%sc%" config RPCSs start= auto "%sc%" config ShellHWDetection start= auto "%sc%" config srservice start= auto "%sc%" query uploadmgr | "%find%" /i "OpenService FAILED" >NUL if errorlevel 1 "%sc%" config uploadmgr start= auto "%sc%" config WebClient start= auto )echo.

rem startup: disabledecho Setting services to "disabled" ..."%sc%" config cisvc start= disabled"%sc%" config MSDTC start= disabled"%sc%" config RemoteAccess start= disabled"%sc%" config TlntSvr start= disabled"%sc%" config messenger start= disabled

if /I %SELECT%=="/all" ( "%sc%" query BITS | "%find%" /i "SERVICE_NAME" >NUL if not errorlevel 1 "%sc%" config BITS start= disabled "%sc%" query wuauserv | "%find%" /i "SERVICE_NAME" >NUL if not errorlevel 1 "%sc%" config wuauserv start= disabled "%sc%" config schedule start= disabled "%sc%" config RemoteRegistry start= disabled )

if /I "%SYSTEM%"=="xp" ( "%sc%" config ERSvc start= disabled "%sc%" config HidServ start= disabled "%sc%" config SSDPSRV start= disabled

if /I %SELECT%=="/lan" ( if /I %SCHEDULER_ENABLED%==NO "%sc%" config schedule start= disabled )

if /I %SELECT%=="/std" ( if /I %SCHEDULER_ENABLED%==NO "%sc%" config schedule start= disabled )

if /I %XPSP2%==True ( echo. echo XPSP2: Disabling Security Center ... "%sc%" config wscsvc start= disabled ) )

echo.echo ------------------echo # Checking and stopping unnecessary system services ...echo."%sc%" query cisvc | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop cisvc"%sc%" query RemoteAccess | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop RemoteAccess"%sc%" query TlntSvr | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop TlntSvr"%sc%" query MSDTC | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop MSDTC"%sc%" query messenger | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop messenger

if /I %SELECT%=="/all" ( "%sc%" query BITS | "%find%" /i "SERVICE_NAME" >NUL if not errorlevel 1 ( "%sc%" query BITS | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop BITS ) "%sc%" query wuauserv | "%find%" /i "SERVICE_NAME" >NUL if not errorlevel 1 ( "%sc%" query wuauserv | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop wuauserv ) "%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop schedule )

if /I "%SYSTEM%"=="xp" ( if /I %SELECT%=="/lan" ( if /I %SCHEDULER_ENABLED%==NO "%net%" ( "%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop schedule ) )

if /I %SELECT%=="/std" ( if /I %SCHEDULER_ENABLED%==NO "%net%" ( "%sc%" query schedule | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop schedule )

if /I %XPSP2%==True ( "%sc%" query wscsvc | "%find%" /i "4 RUNNING" >NUL if not errorlevel 1 "%net%" stop wscsvc )

)

echo ------------------echo Disabling DCOM ...echo REGEDIT4 > "%DCOM_TMP%"echo. >> "%DCOM_TMP%"echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftOle] >> "%DCOM_TMP%"echo "EnableDCOM"="N" >> "%DCOM_TMP%"echo "EnableDCOMHTTP"="N" >> "%DCOM_TMP%"echo. >> "%DCOM_TMP%"echo. >> "%DCOM_TMP%""%regedit%" /s "%DCOM_TMP%"del /F /Q "%DCOM_TMP%"

echo Disabling DCOM standard protocols ...echo REGEDIT4 > "%DCOMP_TMP%"echo. >> "%DCOMP_TMP%"echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpc] >> "%DCOMP_TMP%"echo "DCOM Protocols"=hex(7):00,00,00,00 >> "%DCOMP_TMP%"echo. >> "%DCOMP_TMP%"echo. >> "%DCOMP_TMP%""%regedit%" /s "%DCOMP_TMP%"del /F /Q "%DCOMP_TMP%"

echo Disabling port 135 (maybe 1025 too) ... echo - Removing RPC Client Protocols echo REGEDIT4 > "%SMB_TMP%" echo [-HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcClientProtocols] >> "%SMB_TMP%" echo. >> "%SMB_TMP%"

if /I %SCHEDULER_ENABLED%==NO ( echo - Advanced RPC Configuration echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcInternet] >> "%SMB_TMP%" echo "PortsInternetAvailable"="N" >> "%SMB_TMP%" echo "UseInternetPorts"="N" >> "%SMB_TMP%" echo. >> "%SMB_TMP%" )

if /I %XPSP2%==TRUE ( echo - Advanced RPC Configuration echo [HKEY_LOCAL_MACHINESOFTWAREMicrosoftRpcInternet] >> "%SMB_TMP%" echo "PortsInternetAvailable"="N" >> "%SMB_TMP%" echo "UseInternetPorts"="N" >> "%SMB_TMP%" echo. >> "%SMB_TMP%" )

echo - Removing needless URL Handler [AIM,gopher,telnet] echo [-HKEY_CLASSES_ROOTAIM] >> "%SMB_TMP%" echo [-HKEY_CLASSES_ROOTgopher] >> "%SMB_TMP%" echo [-HKEY_CLASSES_ROOTtelnet] >> "%SMB_TMP%" echo. >> "%SMB_TMP%" echo. >> "%SMB_TMP%" "%regedit%" /s "%SMB_TMP%" del /F /Q "%SMB_TMP%"

if /I %SELECT%=="/all" ( echo. echo Disabling SMB port 445 ... echo REGEDIT4 > "%SMB_TMP%" echo. >> "%SMB_TMP%" echo [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesNetBTParameters] >> "%SMB_TMP%" echo "SMBDeviceEnabled"=dword:00000000 >> "%SMB_TMP%" echo. >> "%SMB_TMP%" echo. >> "%SMB_TMP%" "%regedit%" /s "%SMB_TMP%" del /F /Q "%SMB_TMP%" set REBOOT_REQUIRED=ye

警告：运行BAT源码是一种危险的动作，如果你不熟悉，请不要尝试！