diff --git a/Windows-security-check/Windows-security-check.bat b/Windows-security-check/Windows-security-check.bat new file mode 100644 index 0000000..2b8ffed --- /dev/null +++ b/Windows-security-check/Windows-security-check.bat @@ -0,0 +1,113 @@ +@echo off + +echo "Windows???????? v0.1" +echo "??:ym" + +if exist d:\????\ ( + + echo + +) else ( + +md d:\????\ + +) + +if not exist d:\????\ md d:\????\ + + + +echo "??????" + +systeminfo >d:\????\????.log + +echo "??????" + +netstat -anb >d:\????\????.log + +echo "????" + +tasklist&net start >d:\????\????.log + +echo "??????" + +wmic process get name,executablepath,processid >d:\????\??????.log + +echo "??????" + +net share >d:\????\??????.log + +echo "??????" + +net user & net localgroup administrators >d:\????\??????.log + +echo "??????" + +echo HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names [1 2 19]>d:\regg.ini&echo HKEY_LOCAL_MACHINE\SAM\SAM\ [1 2 19] >>d:\regg.ini & regini d:\regg.ini® query HKEY_LOCAL_MACHINE\SAM\SAM\Domains\Account\Users\Names >d:\????\??????.log&del d:\regg.ini + +echo "????????" + +reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run & reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run >d:\????\????????.log + +echo "??????" + +secedit /export /cfg LocalGroupPolicy&type LocalGroupPolicy >d:\????\??????.log + +echo "IE???????" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Internet" "Explorer\TypedURLs >d:\????\IE???????.log + +echo "???????" + +reg query HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL /s /v DisPlayname >d:\????\???????.log + +echo "??????" + +reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows" "NT\CurrentVersion\SvcHost /s /v netsvcs® query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows" "NT\CurrentVersion\SvcHost /s /v LocalService >d:\????\??????.log + +echo "????" + +netstat -a >d:\????\????.log + +echo "CMD??" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU >d:\????\CMD??.log + +echo "??????" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths >d:\????\??????.log + +echo "??????2" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\* /v * >d:\????\??????2.log + +echo "????" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU >d:\????\????.log + +echo "????" + +reg query HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU >d:\????\????.log + +echo "C???????" + +echo "????????????1,?????????0,?????2?,??????????" + +echo "???????!" + +set /p var=find /c /i "this program" c:\* c:\Inetpub\* C:\Users\Administrator\Desktop\* c:\temp\* >d:\????\??????.log + +%var% + +if %ERRORLEVEL% == 0 goto yes + +goto no + +:yes + +exit + +:no + +find /c /i "this program" c:\* c:\wmpub\* c:\Inetpub\* C:\Documents and Settings\Administrator\??\* >d:\????\??????.log +echo "*****************ym***********************************" \ No newline at end of file