楼主: bluewing009
收起左侧

[原创工具] 批处理版系统安全工具【更新2012-01-20 更新 V3.30】 帖子正在修复

   关闭 [复制链接]
223311
发表于 2010-4-27 10:36:30 | 显示全部楼层
这东西挺不错,小而坚。
liulangzhecgr
发表于 2010-4-27 17:13:52 | 显示全部楼层
回复 31# bluewing009

我运行此程序全自动完成小消失!没有我选着余地!晕!
freepatch
发表于 2010-4-27 17:38:55 | 显示全部楼层
MS真正神一般的工具。希望楼主不断更新、完善。强烈支持!
liulangzhecgr
发表于 2010-4-27 17:47:42 | 显示全部楼层
本帖最后由 liulangzhecgr 于 2010-4-27 17:55 编辑

回复 31# bluewing009

不好意思!
我在用此论坛的组策略裸奔。。。用的是全局规则!
里边cmd.exe 权限为普通用户!故运行cmd.exe 有个限制!而没有正常运行!

不过检查启动项即选择C怎么窗口自动关闭?!
还有快速对照中如何制作标准文件?! test1.JPG
liulangzhecgr
发表于 2010-4-27 18:16:51 | 显示全部楼层
本帖最后由 liulangzhecgr 于 2010-4-27 18:33 编辑

检测启动项窗口自动关闭!
文件对照。。。
test1.JPG TEST2.JPG TEST3.JPG bc.JPG TEST4.JPG TEST5.JPG
liulangzhecgr
发表于 2010-4-27 18:27:37 | 显示全部楼层
标准记录存放在什么地方?!
bluewing009
 楼主| 发表于 2010-4-27 20:35:26 | 显示全部楼层
回复 37# liulangzhecgr
这个是通过列出system32文件名 记录,然后通过不同时间的比对完成的
首次使用需要更新记录作为标准记录,然后与这个对比发现不同

标准记录  %windir%\mark.txt

如果你的系统安全做得太敏感 %windir% 估计就会error了吧
bluewing009
 楼主| 发表于 2010-4-27 21:31:05 | 显示全部楼层
本帖最后由 bluewing009 于 2010-4-27 21:33 编辑

回复 liulangzhecgr

首先感谢您能对这个小工具进行测试....

说实话,bat有自身的局限性,相对于其他编程语言对系统的调用........
有时候.....用bat来写东西本来就有点力不从心的感觉....

再次非常感谢您能这么认真对这个小工具进行了测试

至于提到的问题:

1.C功能  我写东西是分开最后再整合,所以标签上本来是 “run_scan” 误写作“run scan”,今日的更新已经修改
2.E功能  已经提到E功能的具体实现原理,可能是您的系统过于敏感....



PS:今天升级到 卡饭_正式会员  皆大欢喜
evilangell
发表于 2010-4-27 22:49:22 | 显示全部楼层
这么多ECHO 干嘛用的??

echo                         欢迎使用 bat 版 系统安全工具
echo.
echo   此工具全部使用 Windows 自带的系统命令进行工作,适用于安全软件无法打开的情况
echo.
echo.
echo.
echo                     您是第一次使用,正在进行初始化,请稍后
echo.
echo.
if exist %temp%\blvk.tmp del /q/f/s %temp%\blvk.tmp>nul 2>nul
if exist %temp%\BL.tmp del /q/f/s %temp%\BL.tmp>nul 2>nul
if not exist "%ProgramFiles%\bat kill" md "%ProgramFiles%\bat kill"
set a=^set /p=■%b%^<nul^&ping/n 0 127.1^>nul^&
set/p=      <nul&&%a%%a%
Echo e 100 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 >>%temp%\blvk.tmp
Echo e 110 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 130 00 00 00 00 00 00 00 00 00 00 00 00 E0 00 00 00 >>%temp%\blvk.tmp
Echo e 140 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 >>%temp%\blvk.tmp
Echo e 150 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F >>%temp%\blvk.tmp
Echo e 160 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 >>%temp%\blvk.tmp
Echo e 170 6D 6F 64 65 2E 0D 0D 0A 24 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 180 EB 56 4A BF AF 37 24 EC AF 37 24 EC AF 37 24 EC >>%temp%\blvk.tmp
Echo e 190 55 13 39 EC AD 37 24 EC 55 13 64 EC A0 37 24 EC >>%temp%\blvk.tmp
Echo e 1A0 55 14 3D EC AC 37 24 EC AF 37 25 EC 95 37 24 EC >>%temp%\blvk.tmp
Echo e 1B0 55 13 38 EC FB 37 24 EC 55 13 19 EC AE 37 24 EC >>%temp%\blvk.tmp
Echo e 1C0 52 69 63 68 AF 37 24 EC 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 1D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 1E0 50 45 00 00 4C 01 03 00 BB 65 9C 3E 00 00 00 00 >>%temp%\blvk.tmp
Echo e 1F0 00 00 00 00 E0 00 0F 01 0B 01 07 00 00 80 00 00 >>%temp%\blvk.tmp
Echo e 200 00 40 00 00 00 00 00 00 00 27 00 00 00 10 00 00 >>%temp%\blvk.tmp
Echo e 210 00 90 00 00 00 00 40 00 00 10 00 00 00 10 00 00 >>%temp%\blvk.tmp
Echo e 220 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 230 00 D0 00 00 00 10 00 00 00 00 00 00 03 00 00 00 >>%temp%\blvk.tmp
Echo e 240 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 >>%temp%\blvk.tmp
Echo e 250 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 260 DC 9F 00 00 28 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 280 00 00 00 00 00 00 00 00 F0 90 00 00 1C 00 00 00 >>%temp%\blvk.tmp
Echo e 290 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 2A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 2B0 00 00 00 00 00 00 00 00 00 90 00 00 E8 00 00 00 >>%temp%\blvk.tmp
Echo e 2C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 2D0 00 00 00 00 00 00 00 00 2E 74 65 78 74 00 00 00 >>%temp%\blvk.tmp
Echo e 2E0 94 7E 00 00 00 10 00 00 00 80 00 00 00 10 00 00 >>%temp%\blvk.tmp
Echo e 2F0 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 >>%temp%\blvk.tmp
Echo e 300 2E 72 64 61 74 61 00 00 D8 14 00 00 00 90 00 00 >>%temp%\blvk.tmp
Echo e 310 00 20 00 00 00 90 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 320 00 00 00 00 40 00 00 40 2E 64 61 74 61 00 00 00 >>%temp%\blvk.tmp
Echo e 330 44 1C 00 00 00 B0 00 00 00 10 00 00 00 B0 00 00 >>%temp%\blvk.tmp
Echo e 340 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 C0 >>%temp%\blvk.tmp
Echo e 350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 3A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 3B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 3C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
Echo e 3D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >>%temp%\blvk.tmp
................
................

Echo rcx>>%temp%\blvk.tmp
Echo C000>>%temp%\blvk.tmp
Echo n %temp%\BL.tmp>>%temp%\blvk.tmp
Echo w>>%temp%\blvk.tmp
Echo q>>%temp%\blvk.tmp
@debug<%temp%\blvk.tmp>nul 2>nul
bluewing009
 楼主| 发表于 2010-4-28 07:49:33 | 显示全部楼层
回复 40# evilangell

这些echo 主要是为了debug 服务的,
为了生成一个组件md5.exe 检测md5值....

说过了.. A功能很鸡肋...... 因为 识别方式是靠 md5 值来的~~~~

这个 debug 占了很大一块地方.....无奈

所以说嘛~ bat 自身的确有很多 无奈的地方
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-12-22 23:41 , Processed in 0.092646 second(s), 16 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表