中国DOS联盟

@echo off
echo 浏览器加载项
reg query "HKLM\Software\Microsoft\Internet Explorer\Extensions" /s >>111.txt
pause

出来的效果是这样的
! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
ButtonText REG_SZ 启动迅雷5
Exec REG_SZ C:\Program Files\Thunder Network\Thunder\Thunder.exe
Icon REG_SZ C:\Program Files\Thunder Network\Thunder\Program\Thunder.ico
HotIcon REG_SZ C:\Program Files\Thunder Network\Thunder\Program\Thunder.ico
MenuStatusBar REG_SZ 启动迅雷5
MenuText REG_SZ 启动迅雷5
CLSID REG_SZ {1FBA04EE-3024-11D2-8F1F-0000F87ABD16}
Default Visible REG_SZ Yes

而我仅仅想要获取成这样
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions

能用FOR命令实现这样的提取么？我对FOR命令不懂，希望帮忙下

@echo off

for /f "tokens=3" %%i in ('REG QUERY "HKLM\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}" ^| FIND /I "Exec"') DO echo %%i

pause

如果通过HKLM\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}可以直接获取的%%i就是C:\Program Files\Thunder Network\Thunder\Thunder.exe

呵呵，兄弟并没完全理解我的意思，而且写的那代码运行后只显示C:\Program

我的意思是列举 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

启动项目下的所有启动程序，因为并没有固定的名字，所以要生成临时文件，然后用FOR命令将我需要的信息提取出来到特定文件里

如
@echo off
echo 浏览器加载项
reg query "HKLM\Software\Microsoft\Internet Explorer\Extensions" /s >>111.txt
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /s >>111.txt
reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /s >>111.txt
pause

我只要获得下面的内容，别的东西多余的都过滤掉

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}
Exec REG_SZ C:\Program Files\Thunder Network\Thunder\Thunder.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Userinit REG_SZ C:\WINDOWS\system32\userinit.exe,
UIHost REG_EXPAND_SZ logonui.exe

应该比较有难度。。。

@echo off&set a=HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft

for /f "skip=4 delims=" %%a in ('REG QUERY "%a%\Internet Explorer\Extensions"') DO for /f "skip=3 tokens=1,2*" %%i in ('REG QUERY "%%a" /v exec') DO echo %%i %%j %%k

echo %a%\Windows\CurrentVersion\Run

for /f "tokens=1,2*" %%i in ('REG QUERY %a%\Windows\CurrentVersion\Run') DO if not "%%j"=="" echo %%i %%j %%k

echo %a%\Windows NT\CurrentVersion\Winlogon

for /f "tokens=1,2*" %%i in ('REG QUERY "%a%\Windows NT\CurrentVersion\Winlogon"') DO (

if /i "%%i"=="UIHost" echo %%i %%j %%k

if /i "%%i"=="Userinit" echo %%i %%j %%k)

pause

Last edited by Hanyeguxing on 2009-10-8 at 22:54 ]