首页 > 应用技术 > 使用regini命令行设置注册表权限禁止360访问注册表的办法

使用regini命令行设置注册表权限禁止360访问注册表的办法

首先将以下内容保存为文件anti360accessreg.ini

HKEY_LOCAL_MACHINE\SOFTWARE\360Safe [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\360softmgr [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\360SD [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\360se [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\LiveUpdate360 [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87515F61-A66C-4319-A0E0-D416CB8059E3} [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\360SafeLive.Update [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\360SafeLive.Update.2 [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B69F34DD-F0F9-42DC-9EDD-957187DA688D} [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Safemon.NavigatMon [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Safemon.NavigatMon.1 [2 8 19]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76C72A7C-C0A6-4171-B3E4-6BD181AF41B6} [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\360SelfProtection [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360netmon [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360SelfProtection [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BAPIDRV [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EfiMon [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HookPort [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qutmdserv [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\qutmipc [2 8 19]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ZhuDongFangYu [2 8 19]

然后运行cmd,移动到anti360accessreg.ini文件路径,输入 regini anti360accessreg.ini 即可。

附上说明文件
L
:hacker>regini 
usage
REGINI [-m machinename | –h hivefile hiveroot | –w Win95 Directory

              [-
i n] [-o outputWidth

              [-
btextFiles
… where: –m specifies a remote windows NT machine whose registry is to be manipula 
ted

       –
h specifies a specify local hive to manipulate

       –
w specifies the paths to a windows 95 system.dat and user.
dat files 
       
i n specifies the display indentation multiple.  Default 
is 4 
       
o outputWidth specifies how wide the output is to be.  By default 
the 
          outputWidth is set to the width of the console window 
if 
standard 
          output has not been redirected to a file
.  In the latter case, 
an 
          outputWidth of 240 is used
b specifies that REGINI should be backward compatible with older 
           versions of REGINI that did not strictly enforce line continuations 
           
and quoted strings SpecificallyREG_BINARYREG_RESOURCE_LIST 
and 
           
REG_RESOURCE_REQUIREMENTS_LIST data types did not need line 
           continuations after the first number that gave the size of the data

           
It just kept looking on following lines until it found enough data 
           values to equal the data length 
or hit invalid input.  
Quoted 
           strings were only allowed in REG_MULTI_SZ
.  
They could not be 
           specified around key 
or value names, or around values for REG_SZ 
or 
           
REG_EXPAND_SZ  Finally
the old REGINI did not support the semicolon 
           
as an end of line comment character
textFiles is one or more ANSI or Unicode text files with registry dataThe easiest way to understand the format of the input textFile is to use 
       
the REGDMP command with no arguments to dump the current contents of 
       your NT Registry to standard out
.  Redirect standard out to a file 
and 
       
this file is acceptable as 
input to REGINI 
           
Semicolon character is an endofline comment character
provided it 
           is the first non
blank character on a line .  All 
           characters from the backslash up to but not including the first 
           non
blank character of the next line are ignored.  If 
there is more 
           than one space before the line continuation character
it is 
           replaced by a single space
Indentation is used to indicate the tree structure of registry keys 
           The REGDMP program uses indentation in multiples of 4.  You may 
use 
           
hard tab characters for indentation
but embedded hard tab 
           characters are converted to a single space regardless of their 
           position 
, as 
they are associated with 
           the previous key at 
or above the value
‘s indentation level. t create a value with leading or 
           
trailing spacesan equal sign or an atsign in the value name

           
unless you put the name in quotes
Valid value types and format of data that follows areREG_SZ text 
              REG_EXPAND_SZ text 
              REG_MULTI_SZ 
“string1” “str””ing2” 
… 
              
REG_DATE mm/dd/yyyy HH:
MM DayOfWeek 
              REG_DWORD numberDWORD 
              REG_BINARY numberOfBytes numberDWORD
(s
)… 
              
REG_NONE (same format as REG_BINARY

              
REG_RESOURCE_LIST (same format as REG_BINARY

              
REG_RESOURCE_REQUIREMENTS (same format as REG_BINARY

              
REG_RESOURCE_REQUIREMENTS_LIST (same format as REG_BINARY

              
REG_FULL_RESOURCE_DESCRIPTOR (same format as REG_BINARY

              
REG_QWORD numberQWORD 
              REG_MULTISZ_FILE fileName 
              REG_BINARYFILE fileName 
If no value type is specified, default 
is REG_SZ For REG_SZ and REG_EXPAND_SZ, if you want leading or trailing spaces 
           in the value text
surround the text with quotes.  
The value text 
           can contain any number of imbedded quotes
, and 
REGINI will ignore 
           them
, as it only looks at the first and last character for 
quote 
           characters
REG_MULTI_SZeach component string is surrounded by quotes.  If 
           
you want an imbedded quote characterthen double quote it, as 
in 
           string2 above
REG_BINARYthe value data consists of one or more numbers The 
           
default base for numbers is decimal.  
Hexidecimal may be specified 
           by using 0x prefix
.  The first number is the number of data bytes

           
excluding the first number.  
After the first number must come enough 
           numbers to fill the value
.  Each number represents one DWORD or 

           bytes
.  So if 
the first number was 0x5 you would need two more 
           numbers after that to fill the 5 bytes
.  
The high order 3 bytes 
           of the second DWORD would be ignored
Whenever specifying a registry patheither on the command line 
       
or in an input filethe following prefix strings can be used
HKEY_LOCAL_MACHINE 
            HKEY_USERS 
            HKEY_CURRENT_USER 
            USER
Each of these strings can stand alone as the key name or be followed 
          a backslash 
and a subkey path
REGININo textFile specified

       –

       Some general rules are

           Backslash character is a line continuation character

           Values should come before child keys

           For key names, leading and trailing space characters are ignored and 
           not included in the key name, unless the key name is surrounded by 
           quotes.  Imbedded spaces are part of a key name. 

           Key names can be followed by an Access Control List (ACL) which is a 
           series of decimal numbers, separated by spaces, bracketed by a 
           square brackets (e.g.  [8 4 17]).  The valid numbers and their 
           meanings are: 

              1  – Administrators Full Access 
              2  – Administrators Read Access 
              3  – Administrators Read and Write Access 
              4  – Administrators Read, Write and Delete Access 
              5  – Creator Full Access 
              6  – Creator Read and Write Access 
              7  – World Full Access 
              8  – World Read Access 
              9  – World Read and Write Access 
              10 – World Read, Write and Delete Access 
              11 – Power Users Full Access 
              12 – Power Users Read and Write Access 
              13 – Power Users Read, Write and Delete Access 
              14 – System Operators Full Access 
              15 – System Operators Read and Write Access 
              16 – System Operators Read, Write and Delete Access 
              17 – System Full Access 
              18 – System Read and Write Access 
              19 – System Read Access 
              20 – Administrators Read, Write and Execute Access 
              21 – Interactive User Full Access 
              22 – Interactive User Read and Write Access 
              23 – Interactive User Read, Write and Delete Access 

           If there is an equal sign on the same line as a left square bracket 
           then the equal sign takes precedence, and the line is treated as a 
           registry value.  If the text between the square brackets is the 
           string DELETE with no spaces, then REGINI will delete the key and 
           any values and keys under it. 

           For registry values, the syntax is: 

              value Name = type data 

           Leading spaces, spaces on either side of the equal sign and spaces 
           between the type keyword and data are ignored, unless the value name 
           is surrounded by quotes.  If the text to the right of the equal sign 
           is the string DELETE, then REGINI will delete the value. 

           The value name may be left off or be specified by an at-sign 
           character which is the same thing, namely the empty value name.  So 
           the following two lines are identical: 

              = type data 
              @ = type data 

           This syntax means that you can’

           For 

           For

3.48K
分类: 应用技术 标签: