Solve cmd command line disabling

1. [HKEY_CURRENT_USER \ SOFTWARE \ Policies \ Microsoft \ WINDOWS \ SYSTEM \ disablecmd]
Background: "the command prompt has been disabled by the system administrator" has been encountered? Many viruses disable CMD in this way.
Usage: this is a key value of type REG_DWORD
CMD can be used without this value
When the data is 1 or 2, the command prompt "the command prompt has been disabled by the system administrator" is displayed when CMD is enabled"
CMD is also available when its data is other numbers
Solution: Find this item in the Registration Table editor (regedit.exe) and delete it.
Life
Line: Reg Delete "HKEY_CURRENT_USER \ SOFTWARE \ Policies \ Microsoft \ Windows
\ System "/V" disablecmd "/F (of course, since your cmd has been hijacked by an image, how can I open cmd? Enter this command in "run)

2. [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ command processor \ autorun]
[HKEY_CURRENT_USER \ Software \ Microsoft \ command processor \ autorun]
Background: This is the auto-start item of CMD. When you open the CMD and batch processing scripts, CMD will first check the data of these two key values. if one or both of them exist, the data of these two key values is executed first. Some viruses set this value as their own path so that the user can run the virus body before opening cmd.
Usage: this is a key value of Type REG_SZ, as long as the data is one or more valid commands.
CMD checks HKLM first, then hkcu
Solution: Do not double-click or directly add cmd to the command line. Instead, add A/D parameter. CMD will not check the two key values in the Registration Table editor (regedit.exe, set its value to null. You can also delete it.
Command Line: Reg Delete "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ command processor"/V "autorun"/F
Reg Delete "HKEY_CURRENT_USER \ Software \ Microsoft \ command processor"/V "autorun"/F
3. [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Image File Execution options \ cmd.exe \ debugger]
Background: Image hijacking technology, I believe everyone has heard of it... that is the era of AV terminator. It enables users to open the virus body when they kill software. Since it can also be hijacked, what is the difficulty of a small cmd?
Usage: this is a key value of the type REG_SZ. As long as the data is a string of any line (not a null character), the CMD cannot be opened. Instead, the CMD cannot be found. if the data is a valid file path, the file will be opened when CMD is opened.
Solution: Find this item in the Registration Table editor (regedit.exe) and delete it.
Command Line: Reg Delete "HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Image File Execution options \ cmd.exe"/F