推荐个 CMD 命令补全工具:https://github.com/chrisant996/clink
1. 批处理文件自动请求UAC权限
将以下代码写在批处理开头以实现运行时自动请求UAC权限:
1
2
3
4
5
6
7
8
9
| @echo off
if not "%1"=="am_admin" (
powercmd -Command "Start-Process -Verb RunAs -FilePath '%0' -ArgumentList 'am_admin'"
exit /b
)
:: 业务逻辑代码写在下面
pause
|
2. 禁用UAC
1
2
3
4
5
| reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorAdmin" /t reg_dword /d 0 /F
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t reg_dword /d 0 /F
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "PromptOnSecureDesktop" /t reg_dword /d 0 /F
|
3. 打开文件资源管理器默认时显示设备和驱动器
1
| REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v LaunchTo /t REG_DWORD /d 1 /f
|
4. 开启文件扩展名显示
1
| reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v HideFileExt /t REG_DWORD /d 0 /f
|
5. 开启”显示隐藏的文件、文件夹和驱动器”
1
| reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t REG_DWORD /d 1 /f
|
6. 开启任务栏时钟精确到秒
1
| reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSecondsInSystemClock /t REG_DWORD /d 1 /f
|
7. 隐藏资源管理器的快速访问
1
2
| reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v HubMode /t REG_DWORD /d 1 /f
taskkill /f /im explorer.exe & explorer.exe
|
8. 关闭”隐藏受保护的操作系统文件
1
| reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowSuperHidden /t REG_DWORD /d 1 /f
|
9. 关闭Windows 10安全中心”实时保护”:
1
| REG ADD "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v DisableRealtimeMonitoring /t REG_DWORD /d 1 /f
|
10. 开启Windows 10安全中心”实时保护”
1
| REG DELETE "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v DisableRealtimeMonitoring /f
|
11. 启用剪贴板历史记录:
1
| cmd /c "REG ADD HKEY_CURRENT_USER\Software\Microsoft\Clipboard /v "EnableClipboardHistory" /t REG_DWORD /d 1"
|
12. 开启 RDP 服务
1
| REG ADD HKLM\SYSTEM\CurrentControlSet\Control\Terminal" "Server /v fDenyTSConnections /t REG_DWORD /d 00000000 /f
|
13. 防火墙放行 RDP 流量
1
| netsh advfirewall firewall add rule name="Allow Remote Desktop" action=allow dir=in protocol=TCP localport=3389
|
14. 关闭防火墙
1
| netsh advfirewall set allprofiles state off
|
15. 查看防火墙状态
1
| netsh advfirewall show allprofiles
|
16. 开启移动热点
1
| powershell -ExecutionPolicy Bypass "$connectionProfile = [Windows.Networking.Connectivity.NetworkInformation,Windows.Networking.Connectivity,ContentType=WindowsRuntime]::GetInternetConnectionProfile(); $tetheringManager = [Windows.Networking.NetworkOperators.NetworkOperatorTetheringManager,Windows.Networking.NetworkOperators,ContentType=WindowsRuntime]::CreateFromConnectionProfile($connectionProfile); $tetheringManager.StartTetheringAsync();"
|
17. 修改Windows暂停更新时间为5000天
1
| reg add “HKLM\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings” /v “FlightSettingsMaxPauseDays” /t REG_DWORD /d “5000” /f
|
18. DISM 修复系统映像
1
2
3
4
5
6
7
8
| :: 快速检查系统映像是否被损坏,并且这个损坏是否可以被修复
DISM.exe /Online /Cleanup-image /Checkhealth
:: 深度扫描系统映像,检查是否存在损坏的组件
DISM.exe /Online /Cleanup-image /Scanhealth
:: 自动修复找到的系统映像中的损坏组件
DISM.exe /Online /Cleanup-image /Restorehealth
|
19. 去除快捷方式小箭头
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| :; 去除小箭头
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Icons" /v 29 /d "%systemroot%\system32\imageres.dll,197" /t reg_sz /f
taskkill /f /im explorer.exe
attrib -s -r -h "%userprofile%\AppData\Local\iconcache.db"
del "%userprofile%\AppData\Local\iconcache.db" /f /q
start explorer
pause
:: 恢复小箭头
reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Icons" /v 29 /f
taskkill /f /im explorer.exe
attrib -s -r -h "%userprofile%\AppData\Local\iconcache.db"
del "%userprofile%\AppData\Local\iconcache.db" /f /q
start explorer
pause
|
20. 切换投影模式
1
2
3
4
5
6
| DisplaySwitch [1-4]
:: 1 = /仅电脑屏幕
:: 2 = /复制
:: 3 = /扩展
:: 4 = 仅第二屏幕
|
21. 删除Chrome被托管状态
官方说明:https://support.google.com/chrome/a/answer/9844476?hl=zh-Hans#zippy=%2Cwindows
1
2
3
4
5
6
7
8
9
10
11
12
13
| :: 删除注册表项
reg delete "HKEY_CURRENT_USER\Software\Google\Chrome" /f
reg delete "HKEY_CURRENT_USER\Software\Policies\Google\Chrome" /f
reg delete "HKEY_LOCAL_MACHINE\Software\Google\Chrome" /f
reg delete "HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome" /f
reg delete "HKEY_LOCAL_MACHINE\Software\Policies\Google\Update" /f
reg delete "HKEY_LOCAL_MACHINE\Software\WOW6432Node\Google\Enrollment" /f
:: 在注册表项中删除名为 CloudManagementEnrollmentToken 的值
reg delete "HKEY_LOCAL_MACHINE\Software\WOW6432Node\Google\Update\ClientState\{430FD4D0-B729-4F61-AA34-91526481799D}" /v CloudManagementEnrollmentToken /f
:: 删除 Google 更新写入缓存的云政策的目录
rmdir /s /q "%ProgramFiles(x86)%\Google\Policies"
|
22. 允许/禁止被Ping
1
2
3
4
5
6
| :: 禁止被Ping
netsh advfirewall firewall add rule name="禁止入站的IPv4回显请求" protocol=icmpv4:8,any dir=in action=block
:: 允许被Ping
netsh advfirewall firewall delete rule name="禁止入站的IPv4回显请求"
netsh advfirewall firewall add rule name="允许入站的IPv4回显请求" protocol=icmpv4:8,any dir=in action=allow
|
23. 家庭版W11激活本地组策略编辑器
新建.bat批处理文件,复制以下内容,保存后以管理员身份运行:
1
2
3
4
5
6
| @echo off
pushd "%~dp0"
dir /b C:\Windows\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientExtensions-Package~3*.mum >List.txt
dir /b C:\Windows\servicing\Packages\Microsoft-Windows-GroupPolicy-ClientTools-Package~3*.mum >>List.txt
for /f %%i in ('findstr /i . List.txt 2^>nul') do dism /online /norestart /add-package:"C:\Windows\servicing\Packages\%%i"
pause
|
24. 清除图标缓存
解决快捷方式等图标显示空白的问题:
1
2
3
| dir "%localappdata%\Iconcache.db" /A:H
powershell Remove-Item -Path "%localappdata%\IconCache.db" -Force
taskkill /F /IM explorer.exe & start explorer.exe
|
25. 屏幕打印网络信息
平时打开vmware的windows虚拟机时,做的第一件事就是打开cmd敲ipconfig查看IP地址,然后再到物理机上访问虚拟机的相关服务。但这样就略微繁琐,其实可以直接新建一个.bat文件,填入以下内容,以后直接双击运行即可打印网络信息:
1
2
3
| @echo off
powershell ipconfig /all
pause
|
26. 关闭Windows 11的Defender
首先到Windows Defender中关闭所有防护功能,然后新建.reg文件,内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| Windows Registry Editor Version 5.00
; 关闭 Microsoft Defender
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=dword:00000001
"DisableRealtimeMonitoring"=dword:00000001
"DisableAntiVirus"=dword:00000001
"DisableSpecialRunningModes"=dword:00000001
"DisableRoutinelyTakingAction"=dword:00000001
"ServiceKeepAlive"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"=dword:00000001
"DisableOnAccessProtection"=dword:00000001
"DisableRealtimeMonitoring"=dword:00000001
"DisableScanOnRealtimeEnable"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates]
"ForceUpdateFromMU"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet]
"DisableBlockAtFirstSeen"=dword:00000001
|
双击运行即可关闭Windows 11的Defender,无需重启:
并且任务管理器中的Antimalware Service Executable服务也会被禁用。
如果需要重新开启,则要再次修改.reg文件中的内容如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
| Windows Registry Editor Version 5.00
; 删除 Microsoft Defender 相关设置
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=-
"DisableRealtimeMonitoring"=-
"DisableAntiVirus"=-
"DisableSpecialRunningModes"=-
"DisableRoutinelyTakingAction"=-
"ServiceKeepAlive"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableBehaviorMonitoring"=-
"DisableOnAccessProtection"=-
"DisableRealtimeMonitoring"=-
"DisableScanOnRealtimeEnable"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates]
"ForceUpdateFromMU"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet]
"DisableBlockAtFirstSeen"=-
|
保存并运行即可重新开启Windows 11的Defender。
如果需要彻底删除Windows Defender,推荐参考此项目:https://github.com/ionuttbara/windows-defender-remover
