标题: [系统增强] 注册表变更查找工具 [打印本页]
作者: 老刘1号 时间: 2017-10-19 13:06 标题: 注册表变更查找工具
本帖最后由 老刘1号 于 2017-10-19 13:15 编辑
老刘制作——注册表变更查找工具V1.0
用法:
Query——查询变更,生成New文件夹并与本地Old文件夹对比
Update——更新变更,用New文件夹替换Old文件夹
ReSet——重置,移除Old文件夹
首次运行请运行Query
Query.BAT- @Echo Off&Cls
- Rem 老刘制作
- Rem KeyName=HKCR HKLM HKU HKCU HKCC
- Set "KeyName=HKCR HKLM HKU HKCU HKCC"
-
- Rem 初始化
- Setlocal ENABLEDELAYEDEXPANSION
- Echo Wscript.Echo Replace^(Wscript.Arguments(0),"*","㈨"^)>"!Temp!\$_Replace"
- Pushd "%~dp0"
- Rd /s /q New 2>nul
- Md New Old Log 2>nul
- Set /A Counter=0
- Rem 检测是否为第一次运行
- Rd Old 2>nul && Call :UpDate && Ren New Old && Md New
- Rem 主程序开始
- Set Log=".\Log\RegChanges - !Date:/=-! !Time:~,2!.!Time:~3,2!.Log"
- (
- Echo 特殊字符映射对照表
- Echo ㈠ = " "
- Echo ㈡ = "/"
- Echo ㈢ = ":"
- Echo ㈣ = "|"
- Echo ㈤ = "?"
- Echo ㈥ = """
- Echo ㈦ = "<"
- Echo ㈧ = ">"
- Echo ㈨ = "*"
- Echo.&Echo.
- )>!Log!
- Call :UpDate
- For %%a in (!KeyName!) Do Call :Compare1 "%%a"
- Del /F "!Temp!\$_Log" "!Temp!\$_Replace" 2>nul
- If !Counter! Equ 0 (
- Del /f !log! 2>nul
- Msg "!UserName!" "注册表更改查找完成!注册表无变化!"
- ) Else Start "" !log!
- Goto :Eof
-
- :UpDate 更新本地Data函数
- Cd New
- For %%a in (!KeyName!) Do (
- Md %%a 2>nul & Cd %%a
- For /F "Delims=\ Tokens=2" %%b in ('Reg Query %%a') Do (
- Set "Key=%%a\%%b"
- Title 获得!Key:"=\"!
- Set /p "=Get !Key:"=\"! -->"<nul
- Rem 替换特殊字符
- Set "FileName=%%b"
- Set "FileName=!FileName: =㈠!"
- Set "FileName=!FileName:/=㈡!"
- Set "FileName=!FileName::=㈢!"
- Set "FileName=!FileName:|=㈣!"
- Set "FileName=!FileName:?=㈤!"
- Set "FileName=!FileName:"=㈥!"
- Set "FileName=!FileName:<=㈦!"
- Set "FileName=!FileName:>=㈧!"
- Rem Set "FileName=!FileName:*=㈨!"
- For /f "Delims=" %%c in (
- 'Cscript -Nologo -E:Vbscript "!Temp!\$_Replace" "!FileName!"'
- ) Do Set "FileName=%%c"
- Rem 生成注册表信息
- Reg Export "!Key:"=\"!" "!FileName!.Reg" /Y
- )
- Cd ..
- )
- Cd ..
- Goto :Eof
-
- :Compare1 比较键值
- For /r ".\New\%~1" %%b in (*.Reg) Do (
- If Exist ".\Old\%~1\%%~nxb" (
- Call :Compare2 ".\New\%~1\%%~nxb" ".\Old\%~1\%%~nxb"
- ) Else (
- Set /A Counter+=1
- (Echo [事件!Counter!]新增次主键: "%~1\%%~nxb"&Echo.&Echo.)>>!Log!
- )
- )
- For /r ".\Old\%~1" %%b in (*.Reg) Do (
- If Not Exist ".\New\%~1\%%~nxb" (
- Set /A Counter+=1
- (Echo [事件!Counter!]次主键被移除: "%~1\%%~nxb"&Echo.&Echo.)>>!Log!
- )
- )
- Goto :Eof
-
- :Compare2 比较文件函数块
- Title 比对 "%~1" ^& "%~2"
- Fc /U /N "%~1" "%~2" >"!Temp!\$_Log"
- If ErrorLevel 1 (
- Set /A Counter+=1
- (Echo [事件!Counter!]次主键总体内容变更: -"%~1"- & -"%~2"-)>>!Log!
- Copy /A !Log!+"!Temp!\$_Log" !Log!
- (Echo. & Echo.)>>!Log!
- )
- Goto :Eof
复制代码
ReSet.BAT复制代码
Update.BAT- @Rd /s /q "%~dp0Old"
- @Ren "%~dp0New" Old
复制代码
欢迎光临 批处理之家 (http://bathome.net./) |
Powered by Discuz! 7.2 |