Windows应急-常用命令

Xiaoxiao Lv4
  2024-11-21 17:29:57 2024-11-21 17:29:57 Created   2024-12-07 07:30:36 2024-12-07 07:30:36 Updated    98 Words  1 Mins  

everything搜索文件

certutil -hashfile 文件 查看文件MD5

netstat -ano 查看tcp连接

宏病毒

win+r regedit
计算机\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
查看启动项

for /F “tokens=*” %1 in (‘wevtutil.exe el’) DO wevtutil.exe cl “%1”
立即删除所有类型的Windows事件日志。

wevtutil.exe cl System 来清除系统日志
wevtutil.exe cl Application 来清除应用程序日志

5shift粘滞键

  • Title: Windows应急-常用命令
  • Author: Xiaoxiao
  • Created at : 2024-11-21 17:29:57
  • Updated at : 2024-12-07 07:30:36
  • Link: https://blog.xh8.shop/2024/11/21/Windows应急-常用命令/
  • License: This work is licensed under CC BY-NC-SA 4.0.
On this page
Windows应急-常用命令