标题: 注册表FOR命令应用 [打印本页]
作者: luckboy45 时间: 2009-10-8 19:05 标题: 注册表FOR命令应用
| Quote: | |
|
出来的效果是这样的
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
ButtonText REG_SZ 启动迅雷5
Exec REG_SZ C:\Program Files\Thunder Network\Thunder\Thunder.exe
Icon REG_SZ C:\Program Files\Thunder Network\Thunder\Program\Thunder.ico
HotIcon REG_SZ C:\Program Files\Thunder Network\Thunder\Program\Thunder.ico
MenuStatusBar REG_SZ 启动迅雷5
MenuText REG_SZ 启动迅雷5
CLSID REG_SZ {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
Default Visible REG_SZ Yes
而我仅仅想要获取成这样
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions
[{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} ] [C:\Program Files\Thunder Network\Thunder\Thunder.exe]
能用FOR命令实现这样的提取么?我对FOR命令不懂,希望帮忙下
作者: Hanyeguxing 时间: 2009-10-8 20:52
@echo off
for /f "tokens=3" %%i in ('REG QUERY "HKLM\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}" ^| FIND /I "Exec"') DO echo %%i
pause
如果通过HKLM\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}可以直接获取的%%i就是C:\Program Files\Thunder Network\Thunder\Thunder.exefor /f "tokens=3" %%i in ('REG QUERY "HKLM\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}" ^| FIND /I "Exec"') DO echo %%i
pause
作者: luckboy45 时间: 2009-10-8 21:20
呵呵,兄弟并没完全理解我的意思,而且写的那代码运行后只显示C:\Program
我的意思是列举 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
启动项目下的所有启动程序,因为并没有固定的名字,所以要生成临时文件,然后用FOR命令将我需要的信息提取出来到特定文件里
如
@echo off
echo 浏览器加载项
reg query "HKLM\Software\Microsoft\Internet Explorer\Extensions" /s >>111.txt
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /s >>111.txt
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /s >>111.txt
pause
我只要获得下面的内容,别的东西多余的都过滤掉
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
Exec REG_SZ C:\Program Files\Thunder Network\Thunder\Thunder.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
UIHost REG_EXPAND_SZ logonui.exe
应该比较有难度。。。
作者: Hanyeguxing 时间: 2009-10-8 21:36
@echo off&set a=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
for /f "skip=4 delims=" %%a in ('REG QUERY "%a%\Internet Explorer\Extensions"') DO for /f "skip=3 tokens=1,2*" %%i in ('REG QUERY "%%a" /v exec') DO echo %%i %%j %%k
echo %a%\Windows\CurrentVersion\Run
for /f "tokens=1,2*" %%i in ('REG QUERY %a%\Windows\CurrentVersion\Run') DO if not "%%j"=="" echo %%i %%j %%k
echo %a%\Windows NT\CurrentVersion\Winlogon
for /f "tokens=1,2*" %%i in ('REG QUERY "%a%\Windows NT\CurrentVersion\Winlogon"') DO (
if /i "%%i"=="UIHost" echo %%i %%j %%k
if /i "%%i"=="Userinit" echo %%i %%j %%k)
pause
[ Last edited by Hanyeguxing on 2009-10-8 at 22:54 ]for /f "skip=4 delims=" %%a in ('REG QUERY "%a%\Internet Explorer\Extensions"') DO for /f "skip=3 tokens=1,2*" %%i in ('REG QUERY "%%a" /v exec') DO echo %%i %%j %%k
echo %a%\Windows\CurrentVersion\Run
for /f "tokens=1,2*" %%i in ('REG QUERY %a%\Windows\CurrentVersion\Run') DO if not "%%j"=="" echo %%i %%j %%k
echo %a%\Windows NT\CurrentVersion\Winlogon
for /f "tokens=1,2*" %%i in ('REG QUERY "%a%\Windows NT\CurrentVersion\Winlogon"') DO (
if /i "%%i"=="UIHost" echo %%i %%j %%k
if /i "%%i"=="Userinit" echo %%i %%j %%k)
pause