中国DOS联盟

@echo off&mode con lines=2 cols=15

for /f "delims=" %%a in ('dir/ad/s/b^|findstr /e "\."') do (

set a=%%a

setlocal enabledelayedexpansion

call set a=!!a:%%~dpa=!!

call :nul "!a!" "%%~dpa"

popd

)

goto :eof

:nul

pushd %2 2>nul||(echo &del +&goto :eof)

rd /q/s "%b%%~1.\">+ 2>&1

find "\" +>nul||(del +&goto :eof)

for /f %%b in ('sort /r +') do rd/q/s "%%b\" 2>nul

goto nul

@echo off

::ntfs格式下测试,

for /f "delims=" %%a in ('dir/ad/s/b^|findstr /e "\."') do (

set a=%%a

setlocal enabledelayedexpansion

call set a=!!a:%%~dpa=!!

call :nul "!a!" "%%~dpa"

popd

)

pause

goto :eof

:nul

pushd %2 2>nul||call :con %*

:nul1

rd /q/s "%b%%~1.\">+ 2>&1

find "\" +>nul||(del +&goto :eof)

for /f %%b in ('sort /r +') do rd/q/s "%%b\" 2>nul

goto nul

:con

set b=%2

call set b=!!b:%~dp0=!!

goto nul1

I don't know why the code has an error as soon as it is simplified a bit. There is still a bug that hasn't been eliminated (but it's not easy to encounter). I'll deal with it when I have time. It confused me in testing. Whoever has patience can debug it slowly.

Deal with the "empty parameter directory" in the deformed file with a bit of directory as in floor 10, no matter how deep it is!
(Run it in the path where the deformed directory is located). There is currently no bug found in this code

@echo off&mode con lines=2 cols=15

for /f "delims=" %%a in ('dir/ad/s/b^|findstr /e "\."') do (

set a=%%a

setlocal enabledelayedexpansion

call set a=!!a:%%~dpa=!!

call :nul "!a!" "%%~dpa"

popd

)

goto :eof

:nul

pushd %2 2>nul||(echo &del +&goto :eof)

rd /q/s "%b%%~1.\">+ 2>&1

find "\" +>nul||(del +&goto :eof)

for /f %%b in ('sort /r +') do rd/q/s "%%b\" 2>nul

goto nul

Any deformed directory: "empty parameter directory" contains directories with dots and reversers (run it in the path where the deformed directory is located)

@echo off

::Test under ntfs format,

for /f "delims=" %%a in ('dir/ad/s/b^|findstr /e "\."') do (

set a=%%a

setlocal enabledelayedexpansion

call set a=!!a:%%~dpa=!!

call :nul "!a!" "%%~dpa"

popd

)

pause

goto :eof

:nul

pushd %2 2>nul||call :con %*

:nul1

rd /q/s "%b%%~1.\">+ 2>&1

find "\" +>nul||(del +&goto :eof)

for /f %%b in ('sort /r +') do rd/q/s "%%b\" 2>nul

goto nul

:con

set b=%2

call set b=!!b:%~dp0=!!

goto nul1

Last edited by plp626 on 2008-3-14 at 08:43 PM ]

It just feels like doing something needless, having eaten too much and having nothing to do, it's hard to construct a bug, I just don't believe how vicious viruses can be.

With a light click, everything is done,

Reply to 523066680, the code in the 2nd position of floor 46 can basically get rid of all visible abnormal directories with dots.

Please test. (There are indeed bugs but...)

Last edited by plp626 on 2008-3-9 at 06:17 PM ]

**Summary:**
The worst - case scenario is that there are a large number of pathological deep - seated abnormal directories under the root directory tree, and the deepest - seated one is an "empty parameter directory".
In order not to let the files in your own disk be buried with these directories at any time, you can't directly delete them from the outermost directory using rd/q/s. If there are available files in the empty parameter directory, first move these files out: (see the following post ---- file extraction)
http://www.cn-dos.net/forum/viewthread.php?tid=38153&fpage=1&highlight=###

If you haven't stored files in these empty parameter directories (most people haven't), then use the code in building 46 in the root directory (double - click under the root directory)

In fact, once you know the hiding place of the virus (that is, you don't need to consider mistakenly deleting files), there is no need to go to so much trouble. In fact, two commands:
1, rd/q/s >road.txt 2>&1... to obtain the deep - seated path
2, for /f %a in ('sort /r road.txt') do rd /q/s %a\ delete the deepest - seated directory
Then loop 1, 2 until all abnormal directories are deleted

Like the code in building 46, it is only useful when you are asking for trouble for yourself!

Last edited by plp626 on 2008 - 3 - 10 at 12:25 AM ]

Your spirit of exploration!... plp626 is definitely going to have a bright future. It's a pity that I need to study and can't often learn from you. There are so many things in your code that I don't understand!

I tried the code :D Ah Niu ah! You're so awesome!
When opening the second code for the first time, it only deletes the folders with files. When opening again, it deletes the other model folders, but ordinary folders won't be deleted.

I'm going to add points to your post!

Last edited by 523066680 on 2008-3-15 at 06:16 PM ]

rd /s /q \\?\

::建立123..\nul\con\nul\目录

md 123..\ 123..\nul\ 123..\nul\con\ 123..\nul\con\nul\ 

::删除123.目录

rd /q/s "\\?\%cd%\123."

re: IF EXIST (already added, o(∩_∩)o...)

For abnormal directories (empty parameters or with dots), no matter what directories are created inside (visible in Explorer), actually one line of command can do it, and it takes effect immediately:

rd /s /q \\?\

So there's no need to use the code from post 46 to deal with abnormal directories

::Create 123..\nul\con\nul\ directory

md 123..\ 123..\nul\ 123..\nul\con\ 123..\nul\con\nul\ 

::Delete 123. directory

rd /q/s "\\?\%cd%\123."

But this trick doesn't work for directories not visible in Explorer. I'll continue later...

Last edited by plp626 on 2008-4-16 at 10:44 AM ]

::Create directories 123..\nul\con\nul\
md 123..\ 123..\nul\ 123..\nul\con\ 123..\nul\con\nul\
::Delete 123. directory
rd /q/s \\?\%cd%\123.

This code didn't test successfully in the internet cafe

At the same time, I found a kind of malformed directory
The old brother's post in elec... said about folders named after devices. Then I thought, what about the drive letter?
So -- md "c: \" actually worked
When deleting with the mouse, it's different from others ---- can't read the original disk or file

Hope to add your Q, my 523066680

Last edited by 523066680 on 2008-3-22 at 11:15 AM ]

That is the "empty name" folder.
Execute
md "C: \"
is equivalent to executing
c:&md " \"
---------------------
Of course, if your cursor is started in the C drive path, that is, to create a " \" directory in the current directory.

Good article, nice! Ten years ago, I once tried. At that time, the access level of DIR could only be 16 layers. If it exceeded, it would report an error, but when entering 16 layers, you could operate the contents below 16 layers, that is to say, there were 32 layers in total. It seemed that I was using DOS 6.0 at that time. I don't know if the number of layers is still like this now.

So it turns out to be like this...

By the way, the junk you put in your network disk, you haven't deleted it yet...
Your forum homepage is quite good嘛

Last edited by 523066680 on 2008-3-23 at 11:14 AM ]

Got it, learned something new... I've always used software to create that autorun.inf folder! To prevent viruses~

Originally posted by 523066680 at 2008-3-22 10:18 AM:
:: Create 123..\nul\con\nul\ directory
md 123..\ 123..\nul\ 123..\nul\con\ 123..\nul\con\nul\
:: Delete 123. directory
rd /q/s \\?\%cd%\123.

This code didn't work when I tested it in the internet cafe

At the same time, I found ...

Did you test it on the desktop? The space path should be with double quotes, (I forgot to mention it, now it's updated)

Last edited by plp626 on 2008-4-16 at 10:47 AM ]

……Your words……
The virus may be more perverse than you think,
But no matter how perverse it is, it can be eliminated. I have an idea (for discussion):
Use 2>&1 to get the deep path of the malformed directory, and then use for to analyze the path to eliminate all malformed directories should be no problem,

My question!
I don't know what 2>&1 is…… Please enlighten me! Thank you

Last edited by 523066680 on 2008-5-11 at 04:20 PM ]

2>&1 is more versatile than 2>
In most cases, the effects of the two are the same

Originally posted by happysoul at 2008-4-15 07:13 PM:
Learned something new... I've always used software to create that autorun.inf folder! To prevent viruses~

It's better to modify the registry if possible... Even with immunity, adding access rights N, the avkiller virus is still:
Forcibly renames the autorun.inf folder Then puts in its own autorun.inf
So in front of powerful viruses, the immune folder is just an alarm:
When you find that your immunity is gone or renamed then...

Great expert, may I ask why "start c:\123.." cannot succeed under win2000 sp4? It can under xp.