Need help to create a batch file

Page 2 of 3 FirstFirst 123 LastLast

  1. Posts : 11,589
    Windows 10 Home x64 Version 21H2 Build 19044.1776
       #11

    zebal said:
    I think del command would be more suited for this task, not sure.
    Code:
    del FOLDER /Q /S
    At least this works to remove files that have invalid path characters. (which otherwise can't be removed by normal means)
    The following procedure can remove a file or folder that cannot be removed by normal means.

    my ditty about using RoboCopy to clear out a rogue file - TenForums

    Denis
      My Computer


  2. Posts : 1,244
    Windows 10 Pro x64 21H2 (Build: 19044.1415)
       #12

    Matthew Wai said:
    The following script can remove a folder that cannot be removed by normal means.

    Delete Folder in Windows 10
    I'm not that skilled with batch and don't understand all the code, but in addition to handling bad path characters, what else it does that could not be done with robocopy or del commands?

    Try3 said:
    The following procedure can remove a file or folder that cannot be removed by normal means.

    my ditty about using RoboCopy to clear out a rogue file - TenForums
    I saw that command somewhere on super user board some time ago, from what I understand it copies over directory tree discarding files? this is good trick!
      My Computer


  3. Posts : 7,484
    Windows 10 Home 20H2
       #13

    The script in Brink's tutorial uses RoboCopy to delete a folder that cannot be deleted by normal means.
      My Computer


  4. Posts : 11,589
    Windows 10 Home x64 Version 21H2 Build 19044.1776
       #14

    zebal said:
    I saw that command somewhere on super user board some time ago
    I'd be interested in seeing the link.

    zebal said:
    it copies over directory tree discarding files?
    In effect, yes.
    It robocopies the empty dummy source folder into the awkward target folder
    and uses the /MIR switch to ensure that only the empty dummy source folder contents are allowed to remain i.e. nothing is allowed to remain.

    Denis
      My Computer


  5. Posts : 1,244
    Windows 10 Pro x64 21H2 (Build: 19044.1415)
       #15

    @Matthew Wai

    I understand but "by normal means" could mean many things, one of which is bad path characters, I was assuming it handles something in addition to that. ex. file in use etc..

    - - - Updated - - -

    Try3 said:
    I'd be interested in seeing the link.
    Here it is straight from my bookmarks, however it is not the same but similar, [see answer 2]
    command line - Recursively delete empty directories in Windows - Super User

    It could probably be applied to copying a folder over non empty one, didn't test but that link remained in my head.
      My Computer


  6. Posts : 151
    Windows 10 Pro
    Thread Starter
       #16

    @Matthew Wai, @Megahertz, @Bree, @zebal, @Berton & @Try3

    firstly thanks all for all those replies & respective contributions to the OP, I posted this a month ago but then never got the chance to test this BAT, & to reply. Now that finally am done testing with the code today provided by @Matthew Wai, so reverting here

    My installed OS was 21h1.928 (19043.928) where windows defender was removed earlier, now today, I installed the new LCU 2021-04 CU+SSU KB5001391 [19041.964.1.12].msu, & after installation, the OS version currently is 19043.964

    & with that LCU, Windows defender returns, here are the filenames, folders & their locations for Defender

    Total Files (2+2=4):
    1. Name: SecurityHealthSystray.exe (2)
    Locations: C:\Windows\System32\ &
    C:\Windows\WinSxS\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec

    2. 2 manifest files

    Names: amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest,
    amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a.manifest

    Location: C:\Windows\WinSxS\Manifests\

    Folders (2):

    Names: amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.1_none_753cc0191556f0a2 &
    amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a

    Location: C:\Windows\WinSxS\

    Earlier in the OP, I forgot to mention some of the files & folder names & their location I wanna delete & listed here in my this post, so I create the BAT file with the help of your coded, added/modified little bit as per all the files & folder names & their respective locations added. then run that BAT as admin

    Result:

    Files (2+2)

    1. SecurityHealthSystray.exe (2)
    locations: C:\Windows\System32\ &
    C:\Windows\WinSxS\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec

    Result: After running the BAT: not deleted at the first attempt as the process SecurityHealthSystray.exe (Windows Defender) running, stopped the process tree via task manager, & in 2nd run of the BAT, deleted from both locations


    2. 2 manifest files
    Name: amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest,
    amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a.manifest

    Location: C:\Windows\WinSxS\Manifests\

    Result: Not deleted at first run, not even at 2nd run, after stopping/closing the WD process from TM & reboot.

    Folders (2):

    Names: amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.1_none_753cc0191556f0a2 &
    amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a

    Location: C:\Windows\WinSxS\

    Result: Both deleted when running the BAT for the first time, without stopping the process from Task Manager.

    So, from these results & finding, I need to re-configure the BAT like the following way

    Attaching the BAT file here for check & inspection

    Method 1:
    1. Stop the process from Task Manager first
    2. Take full permissions for all the files & folder I mentioned here under the current user & fully delete all.
    3. Delete this reg entry as well
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SecurityHealth"="%windir%\\system32\\SecurityHealthSystray.exe"

    4. Prompt user for a reboot to fully complete the process.
    5. Optional: after reboot, the BAT should run automatically one more time, just to check & confirm for any leftover file remaining & deletion. This step would not be required if all the files, folders & the reg key are positively deleted in 3rd step before reboot.

    Method 2:
    If, by any means, the defender process (SecurityHealthSystray.exe) can't be stopped fully via the BAT configuration, then

    1. First Del the reg key fully
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SecurityHealth"="%windir%\\system32\\SecurityHealthSystray.exe"
    & Auto reboot.

    2. After reboot, BAT should run automatically & take full permission of all the above-mentioned files & folders under the current user account & delete them completely.

    3. OPTIONAL: Just like STEP 5 in Method 1.

    Attaching my modded BAT here for check & modification

    Thanks in advance.

    WD Removal.zip
      My Computer


  7. Posts : 7,484
    Windows 10 Home 20H2
       #17

    SM03 said:
    the defender process (SecurityHealthSystray.exe) can't be stopped fully
    Try using the following line to end the process:

    WMIC process where name='SecurityHealthSystray.exe' Delete

    SM03 said:
    Result: Not deleted at first run, not even at 2nd run, after stopping/closing the WD process from TM & reboot.
    Try using NSudo: https://nsudo.m2team.org/
    Code:
    C:\NSudoC_x64.exe -U:T CMD /C DEL /F /Q "C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest"

    The following lines will disable and stop Microsoft Defender:

    C:\NSudoC_x64.exe -U:T SC config "WinDefend" start=Disabled
    C:\NSudoC_x64.exe -U:T SC stop "WinDefend"

    NSudo is a small tool that allows the commands to run as TrustedInstaller.
    Use it only if you know what you are doing.
    The file path can be changed at will.
    Last edited by Matthew Wai; 30 Apr 2021 at 06:32.
      My Computer


  8. Posts : 151
    Windows 10 Pro
    Thread Starter
       #18

    Matthew Wai said:
    Try using the following line to end the process:

    WMIC process where name='SecurityHealthSystray.exe' Delete

    Try using NSudo: www.tenforums.com/attachment.php?attachmentid=329717
    Code:
    C:\NSudoC_x64.exe -U:T CMD /C DEL /F /Q "C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest"

    The following lines will disable and stop Microsoft Defender:

    C:\NSudoC_x64.exe -U:T SC config "WinDefend" start=Disabled
    C:\NSudoC_x64.exe -U:T SC stop "WinDefend"

    NSudo is a small tool that allows the commands to run as TrustedInstaller.
    Use it only if you know what you are doing.
    The file path can be changed at will.
    hey, can you dl my attached batch & edit/update the necessary changes as per the requirement & re attached it?

    Sorry for asking if you mind, but am not that much good/confident in CMD/batch scripting so asking for your help.
      My Computer


  9. Posts : 7,484
    Windows 10 Home 20H2
       #19

    @SM03, extracts all from "Testing.zip" and run "Testing.cmd".
    See whether the following files will be deleted.
    Code:
    C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest
    C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a.manifest
    Last edited by Matthew Wai; 14 May 2021 at 05:09.
      My Computer


  10. Posts : 151
    Windows 10 Pro
    Thread Starter
       #20

    Matthew Wai said:
    @SM03, extracts all from "Testing.zip" and run "Testing.cmd".
    See whether the following files will be deleted.
    Code:
    C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso_31bf3856ad364e35_10.0.19041.746_none_9d44fd61d4c8aeec.manifest
    C:\Windows\WinSxS\Manifests\amd64_windows-securityhealth-sso.resources_31bf3856ad364e35_10.0.19041.1_en-gb_e06d5bd77127a68a.manifest
    Hey @Matthew Wai

    I am not seeing any 'testing.zip' here in this post of yours when I clicked on the hyperlinked 'testing.zip. it's showing this
    "Invalid Attachment specified. If you followed a valid link, please notify the administrator"

    I see the original posted date is 30th April, & now, this post just edited 2 days ago, so asking did you delete the attachment? can you share that again?

    @Brink , tagging you too, as it says "...if you followed a valid link, please notify the administrator"
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 10:51.
Find Us




Windows 10 Forums