Board logo

标题: [系统增强] 注册表变更查找工具 [打印本页]

作者: 老刘1号    时间: 2017-10-19 13:06     标题: 注册表变更查找工具

本帖最后由 老刘1号 于 2017-10-19 13:15 编辑
老刘制作——注册表变更查找工具V1.0
用法:
Query——查询变更,生成New文件夹并与本地Old文件夹对比
Update——更新变更,用New文件夹替换Old文件夹
ReSet——重置,移除Old文件夹


首次运行请运行Query
Query.BAT
  1. @Echo Off&Cls
  2. Rem 老刘制作
  3. Rem KeyName=HKCR HKLM HKU HKCU HKCC
  4. Set "KeyName=HKCR HKLM HKU HKCU HKCC"
  5. Rem 初始化
  6. Setlocal ENABLEDELAYEDEXPANSION
  7. Echo Wscript.Echo Replace^(Wscript.Arguments(0),"*","㈨"^)>"!Temp!\$_Replace"
  8. Pushd "%~dp0"
  9. Rd /s /q New 2>nul
  10. Md New Old Log 2>nul
  11. Set /A Counter=0
  12. Rem 检测是否为第一次运行
  13. Rd Old 2>nul && Call :UpDate && Ren New Old && Md New
  14. Rem 主程序开始
  15. Set Log=".\Log\RegChanges - !Date:/=-! !Time:~,2!.!Time:~3,2!.Log"
  16. (
  17. Echo 特殊字符映射对照表
  18. Echo ㈠ = " "
  19. Echo ㈡ = "/"
  20. Echo ㈢ = ":"
  21. Echo ㈣ = "|"
  22. Echo ㈤ = "?"
  23. Echo ㈥ = """
  24. Echo ㈦ = "<"
  25. Echo ㈧ = ">"
  26. Echo ㈨ = "*"
  27. Echo.&Echo.
  28. )>!Log!
  29. Call :UpDate
  30. For %%a in (!KeyName!) Do Call :Compare1 "%%a"
  31. Del /F "!Temp!\$_Log" "!Temp!\$_Replace" 2>nul
  32. If !Counter! Equ 0 (
  33. Del /f !log! 2>nul
  34. Msg "!UserName!" "注册表更改查找完成!注册表无变化!"
  35. ) Else Start "" !log!
  36. Goto :Eof
  37. :UpDate 更新本地Data函数
  38. Cd New
  39. For %%a in (!KeyName!) Do (
  40. Md %%a 2>nul & Cd %%a
  41. For /F "Delims=\ Tokens=2" %%b in ('Reg Query %%a') Do (
  42. Set "Key=%%a\%%b"
  43. Title 获得!Key:"=\"!
  44. Set /p "=Get !Key:"=\"! -->"<nul
  45. Rem 替换特殊字符
  46. Set "FileName=%%b"
  47. Set "FileName=!FileName: =㈠!"
  48. Set "FileName=!FileName:/=㈡!"
  49. Set "FileName=!FileName::=㈢!"
  50. Set "FileName=!FileName:|=㈣!"
  51. Set "FileName=!FileName:?=㈤!"
  52. Set "FileName=!FileName:"=㈥!"
  53. Set "FileName=!FileName:<=㈦!"
  54. Set "FileName=!FileName:>=㈧!"
  55. Rem Set "FileName=!FileName:*=㈨!"
  56. For /f "Delims=" %%c in (
  57. 'Cscript -Nologo -E:Vbscript "!Temp!\$_Replace" "!FileName!"'
  58. ) Do Set "FileName=%%c"
  59. Rem 生成注册表信息
  60. Reg Export "!Key:"=\"!" "!FileName!.Reg" /Y
  61. )
  62. Cd ..
  63. )
  64. Cd ..
  65. Goto :Eof
  66. :Compare1 比较键值
  67. For /r ".\New\%~1" %%b in (*.Reg) Do (
  68. If Exist ".\Old\%~1\%%~nxb" (
  69. Call :Compare2 ".\New\%~1\%%~nxb" ".\Old\%~1\%%~nxb"
  70. ) Else (
  71. Set /A Counter+=1
  72. (Echo [事件!Counter!]新增次主键: "%~1\%%~nxb"&Echo.&Echo.)>>!Log!
  73. )
  74. )
  75. For /r ".\Old\%~1" %%b in (*.Reg) Do (
  76. If Not Exist ".\New\%~1\%%~nxb" (
  77. Set /A Counter+=1
  78. (Echo [事件!Counter!]次主键被移除: "%~1\%%~nxb"&Echo.&Echo.)>>!Log!
  79. )
  80. )
  81. Goto :Eof
  82. :Compare2 比较文件函数块
  83. Title 比对 "%~1" ^& "%~2"
  84. Fc /U /N "%~1" "%~2" >"!Temp!\$_Log"
  85. If ErrorLevel 1 (
  86. Set /A Counter+=1
  87. (Echo [事件!Counter!]次主键总体内容变更: -"%~1"- & -"%~2"-)>>!Log!
  88. Copy /A !Log!+"!Temp!\$_Log" !Log!
  89. (Echo. & Echo.)>>!Log!
  90. )
  91. Goto :Eof
复制代码
ReSet.BAT
  1. @Rd /s /q "%~dp0Old"
复制代码
Update.BAT
  1. @Rd /s /q "%~dp0Old"
  2. @Ren "%~dp0New" Old
复制代码





欢迎光临 批处理之家 (http://bathome.net./) Powered by Discuz! 7.2