I'm in a bit of a pickle here.
I created a .bat file that works great in Windows 7, here it is:
#echo off
cd ./Tasks
set CurrentDir=%cd%
schtasks /create /xml "%CurrentDir%/Scheduled Restart, Shutdown.xml" /tn "Callcenter Tasks\Scheduled restart"
schtasks /create /xml "%CurrentDir%/Scheduled Restart, Shutdown (part 2).xml" /tn "Callcenter Tasks\Scheduled restart part 2"
exit /b 0
The .bat file is on a network drive.
As you can see it will change the dir to ./Tasks inside the folder from which it was executed.
Next of it will set a parameter that %CurrentDir% is it's current dir. :-)
So now I can run a path like this:
"%CurrentDir%/Scheduled Restart, Shutdown (part 2).xml"
instead of
Z:/Tasks/Tasks/Scheduled Restart, Shutdown (part 2).xml
(A full path)
Which can help a lot in certain circumstances.
Like i said, the script works great in Windows 7, but when running it from Windows 8 it gives me an error since the path is incorrect.
Somehow, windows 8 keeps the path from C:/Windows/System32 instead of the path from which the .bat was executed.
How to solve this, any suggestions, ideas?
Help will be greatly appreciated.
Seems like you might be having a problem with the Linkedconnections feature on win8
Try setting this regkey and see if it works:
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLinkedConnections /t REG_DWORD /d 00000001 /f
Source
Related
SCHTASKS /create /S $strComputer /tn "David\Start Gecko" /tr
"'C:\eQube-Tools\Batch and Registry Files\gecko.bat'" /sc once /sd
01/01/2099 /st 01:00 /u Boss /p *password* /RU SYSTEM
pause
SCHTASKS /run /S $strComputer /tn "David\Start Gecko"
So, I have a problem with running the batch file this creates, it says it's running on the task scheduler on the remote pc, but nothing happens. But the odd thing is: if I locally create a "basic task" it runs fine both remotely and running it by hand at that pc.
My question is there any way to have it know you want to create a "basic task" I've looked at the switches but can't find anything for /create, I also tried the /xml but this is something I plan to create, use then destroy so simpler the better.
** the reason I'm using SCHtasks is because I had a lot of issues with redirect errors trying to run it directly using powershell.
Specs
All win 7 WORKGROUP
All have matching Admin Accounts with matching password
Firewall set to allow remote sch tasks
Batch file is on remote pc
the batch file I'm trying to run
#echo off
c:
cd \eQube-Tools\Batch and Registry Files
start virtualhelpscreen.exe
:top
c:
cd \gecko
timeout 12 /nobreak
gecko.exe
cls
goto :top
SCHTASKS /create /S $strComputer /xml "filesavedtomainpc" /tn "David\Start Gecko"
one issue left is it not forcing full screen like it does when you run the batch file but that might be down to the program, for now the question I asked is answered.
I've noticed that my command line didn't start anymore, it just immediately minimized and closed itself upon running. I suspect this is due to a virus or at least some kind of malicious program having been executed. I found the following code inside my registry. It seems legible but my knowledge of batch / the command line is limited. Can anyone tell me what it does?
#mode 20,5 & tasklist /FI "IMAGENAME eq SoundModule.exe" 2>NUL | find /I /N "SoundModule.exe">NUL && exit & if exist "C:\Users\Leon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" ( start /MIN "" "C:\Users\Leon\AppData\Roaming\Microsoft\SoundModule\SoundModule.exe" & tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit ) else ( tasklist /FI "IMAGENAME eq explorer.exe" 2>NUL | find /I /N "explorer.exe">NUL && exit & explorer.exe & exit )
According to this reddit thread, it's a "vmprotected cryptocurrency miner".
You most likely got it if you installed anything you downloaded from the torrent network, for example a popular game released in the past few weeks :^)
The following SO thread contains part of the solution: CMD.exe closes immediately after calling (Win7 64)
The malicious party added an AutoRun directive via registry to the Windows Command Processor (cmd.exe usually), which you need to remove from any of the following locations it's present in:
Computer\HKEY_CURRENT_USER\Software\Microsoft\Command Processor
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor
What the directive does is to execute SoundModule.exe and then explorer.exe (if not already started).
According to the other reply in this thread, they set %comspec% to run at startup, via Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon.
So on startup, it's running %comspec% (instead of the default Windows Explorer), which itself on start first runs SoundModule.exe and then explorer.exe. Not sure why they did it this way, anyone who makes use of cmd.exe was bound to figure it out and spread the word.
There are at least two confirmed VirusTotal records for this file: [1], [2]
I had the same program on my computer, check Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon for the shell value which is most likely "%comspec%" (which makes sense why it was just cmd running on startup since %comspec% is cmd.exe) and change it to "explorer.exe"
Run regedit
Go to HKLM\Software\Microsoft\Command Processor\ or HKEY_CURRENT_USER\Software\Microsoft\Command Processor\ or HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor\
For some reason there was AUTORUN key with "EXIT" inside.
Remove the AutoRun key and cmd will work fine.
Then check Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon for the shell value which is most likely "%comspec%" (which makes sense why it was just cmd running on startup since %comspec% is cmd.exe) and change it to "explorer.exe" as the user above said.
Edit: I also found that it was a cryptocurrency mining virus located at %appdata%\Microsoft\SoundModule or SoundMixer on my case.
You should probably delete this file too.
For reference, I will add that I was able to verify that my issue was the Autorun registry key by using Win-R to bring up the "Run" dialog, and typing cmd /d (which disables any autorun per the windows docs [https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/cmd] . This successfully opened a command prompt window.
Inspecting the registry, my HKEY_CURRENT_USER\Software\Microsoft\Command Processor had Autorun as Type=REG_SZ and Data=if exist. I made a restore point, then renamed that key to AutorunOld ... and then I was able to open a command prompt without issue.
I created a schedulded task in windows in order to launch a .bat file at start or on remote sollicitation. I created it through command lines from my remote computer (I couldn't do it from the target computer itself, it raised an error ... ).
I used the following command :
schtasks /create /S \\<remote_pc> /U <my_login> /P <my_pwd> /tn Launch_simulators_on_start /sc ONSTART /tr C:\Users\SIMULATEUR\Desktop\StartAll.bat
I can launch this task from the computer itself or remotely, it works as expected.
However, I would like it to launch on computer restart and when I restart the computer, nothing happens.
Is there a particular option that should be set at creation ? if so, online help is not explicit
has anyone been through this kind of issue ?
thank you
Alexandre
Create a New trigger with a condition of 'At StartUp'. This will run the task on every start\restart of the machine.
I have a batch file that I run from a flash drive. This file attempts to
1. Close 2 programs
2. Update data on the computer based on the data on the flash drive
3. Restart the programs
The code in this batch is:
taskkill /IM "MyProgram".exe
taskkill /f /fi "imagename eq MyProgram.exe"
copy e:\File1.xml C:\Folder\SubFolder1\Themes\Data\File1.xml /Y
copy e:\File2.xml C:\Folder\SubFolder1\Themes\Data\File2.xml /Y
copy e:\File3.xml C:\Folder\SubFolder2\Themes\Data\File3.xml /Y
copy e:\File4.xml C:\Folder\SubFolder2\Themes\Data\File4.xml /Y
start /MAX "" "C:\Folder\SubFolder2\MyProgram.exe"
start /MAX "" "C:\Folder\SubFolder1\MyProgram.exe"
The first two steps work fine, with the commands that are on lines 1-6. My issue starts with step 3 and the commands on lines 7 and 8.
Is there something wrong with the batch commands?
EDIT: After digging a little more, I have found that the programs appear to be starting in the background. When looking at task manager, the programs appear in the "Background Processes" section instead of showing in the foreground as expected.
What I believe is happening is your program does not know where the configuration files are located because the working directory is where the batch file started itself. So your program is looking for its files on your usb drive. By using the /D option with the START command it will switch the working directory to whatever path you set it to.
start "" /MAX /D "C:\Folder\SubFolder2\" MyProgram.exe
I've created a batch file to copy files from my machine to a backup machine. The batch file is this:
#echo off
cd D:\Backup
echo %date% %time% - Starting backup process. >> D:\Backup\backup_log.txt
xcopy D:\T\Source I:\AREA\USER\Backup\T\Source /s/d/y/c/v/r/i/e >> D:\Backup\backup_log.txt
echo %date% %time% - Stopping backup process. >> D:\Backup\backup_log.txt
exit
When running this bat file as command line, it copies all the new files and folders from source folder to a destination folder. Makes an update of the Source folder in I:\AREA\USER\Backup\T\Source. This is what I want.
D:\Backup>Backup.bat
But when I configure the same bat execution using Windows Task Scheduler, the scheduler runs without any errors but doesn't copy/update the new files.
I'm using Windows 7. I've made some tests and with this scenario, I can't see where the problem is. Maybe some configuration on Task Scheduler. I've read the information of the xcopy parameters. But with these parameters work in command line, why it doesn't work using windows scheduler?
Any help?
Thanks!
Filipe
Edit1: I've found something that can help to parse the error. If, in the Task Scheduler, I select the option Run only when user is logged on, it works. But when I select the other option Run whether user is logged on or not, it doesn't work.
Well... I resolve my problem with this.
The bat file is:
#echo off
cd D:\Backup
echo %date% %time% - Starting backup process. >> D:\Backup\backup_log.txt
xcopy "D:\T\Source" "I:\AREA\USER\Backup\T\Source" /D /E /C /R /H /I /K /Y /V >> D:\Backup\backup_log.txt
echo %date% %time% - Stopping backup process. >> D:\Backup\backup_log.txt
exit
In the Task Scheduler, I've changed the General tab and check "Run only when user is logged on".
I don't know, but in my understanding, the "Run whether user is logged on or not" should work when the user is logged.
I had a similar issue running bat file with XCOPY via Task Scheduler with "Run whether user is logged on or not" set. The ussue was that I have a network location \\domain mapped as disc D: thus my cmd was like
XCOPY /d /y \\192.168.1.1\Data D:\Data
It was running fine just by executing bat file, but task runner didn't copy anything. I've changed it to
XCOPY /d /y \\192.168.1.1\Data \\domain\Data
And everything was fine since then.