hackoo

RKCMD.bat

Feb 19th, 2017
585
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @echo off
  2. Title Download the last version of RogueKillerCMD and perform a scan by Hackoo 2017
  3. REM First release on 20/02/2017 @ 06:15
  4. REM Update on 27/02/2017 @ 01:10 Check if PowerShell v2 is installed or not on Windows XP
  5. REM Many thanks to Curson for providing me more informations about RogueKillerCMD to update this script
  6. REM https://forum.adlice.com/index.php?topic=3299.msg7343#msg7343
  7. Color 9E & Mode con cols=100 lines=3
  8. :::::::::::::::::::::::::::::::::::::::::
  9. :: Automatically check & get admin rights
  10. :::::::::::::::::::::::::::::::::::::::::
  11. REM  --> Check for permissions
  12. Reg query "HKU\S-1-5-19\Environment" >nul 2>&1
  13. REM --> If error flag set, we do not have admin.
  14. if '%errorlevel%' NEQ '0' (
  15. Echo.
  16. ECHO                      **************************************
  17. ECHO                       Running Admin shell... Please wait...
  18. ECHO                      **************************************
  19.  
  20.     goto UACPrompt
  21. ) else ( goto gotAdmin )
  22.  
  23. :UACPrompt
  24.     echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
  25.     set params = %*:"=""
  26.    echo UAC.ShellExecute "cmd.exe", "/c ""%~s0"" %params%", "", "runas", 1 >> "%temp%\getadmin.vbs"
  27.  
  28.    "%temp%\getadmin.vbs"
  29.    del "%temp%\getadmin.vbs"
  30.    exit /B
  31.  
  32. :gotAdmin
  33. ::::::::::::::::::::::::::::
  34. ::START
  35. ::::::::::::::::::::::::::::
  36. REM If PowerShell 2 is not installed, this script will automatically download and install it.
  37. REM Only works on XP SP3 with .NET 3.5. Only for dev boxes, not designed for servers.
  38. REM Based on http://blog.codeassassin.com/2009/12/10/no-web-browser-need-powershell/
  39. REM This portion of script is copied from this URL : https://gist.github.com/tathamoddie/509197
  40.  
  41. ver | find "XP" > nul
  42. if %ERRORLEVEL% neq 0 goto not_xp
  43.  
  44. ver | find "5.1.2600" > nul
  45. if %ERRORLEVEL% neq 0 goto not_xp_sp3
  46.  
  47. if not exist "%systemroot%\microsoft.net\framework\v3.5\csc.exe" goto not_netfx_35
  48.  
  49. if not exist "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" goto install
  50.  
  51. "%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe" -command "exit $PSVersionTable.PSVersion.Major"
  52. set PSVer=%errorlevel%
  53. if %PSVer% geq 2 goto already_installed
  54.  
  55. echo PowerShell %PSVer% is currently installed (but will be upgraded)
  56. pause
  57.  
  58. :install
  59. echo PowerShell 2 is required for this script but is not installed on your machine.
  60. echo It will now be installed automatically.
  61. pause
  62. echo Downloading PowerShell 2
  63. echo class Program { public static void Main() { >"%~dpn0.cs"
  64. echo using (var wc = new System.Net.WebClient()) { >>"%~dpn0.cs"
  65. echo wc.UseDefaultCredentials = true; >>"%~dpn0.cs"
  66. echo wc.Proxy.Credentials = System.Net.CredentialCache.DefaultCredentials; >>"%~dpn0.cs"
  67. echo wc.DownloadFile(@"http://download.microsoft.com/download/E/C/E/ECE99583-2003-455D-B681-68DB610B44A4/WindowsXP-KB968930-x86-ENG.exe", @"%~dpn0.installer.exe");}}} >>"%~dpn0.cs"
  68. "%systemroot%\microsoft.net\framework\v3.5\csc.exe" /nologo /out:"%~dpn0.exe" "%~dpn0.cs"
  69. Start /wait "%~dpn0.exe"
  70. if %errorlevel% neq 0 goto :EOF
  71. echo Installing PowerShell 2
  72. "%~dpn0.installer.exe"
  73. set InstallResult=%errorlevel%
  74. if %InstallResult% neq 0 goto install_failed
  75. del "%~dpn0.cs"
  76. del "%~dpn0.exe"
  77. del "%~dpn0.installer.exe"
  78. goto :EOF
  79.  
  80. :install_failed
  81. echo PowerShell 2 installation failed.
  82. exit 1
  83. goto :EOF
  84.  
  85. :not_xp
  86. echo This script only expects to work on XP, which is not your OS.
  87. echo Install PowerShell manually from http://microsoft.com/powershell
  88. goto :MainScript
  89. exit 1
  90.  
  91. :not_xp_sp3
  92. echo This script requires XP SP3. Install now from:
  93. echo http://www.microsoft.com/downloads/details.aspx?familyid=2FCDE6CE-B5FB-4488-8C50-FE22559D164E
  94. exit 1
  95. goto :EOF
  96.  
  97. :not_netfx_35
  98. echo This script requires .NET Framework 3.5. Install now from:
  99. echo http://www.microsoft.com/downloads/details.aspx?FamilyId=333325FD-AE52-4E35-B531-508D977D32A6
  100. exit 1
  101. goto :EOF
  102.  
  103. :already_installed
  104. echo PowerShell 2 or higher is already installed at %SystemRoot%\system32\WindowsPowerShell\
  105. goto :MainScript
  106. ::****************************************************************************************************
  107. :MainScript
  108. Title Download the last version of RogueKillerCMD and perform a scan by Hackoo 2017
  109. REM Initialize our variables
  110. Set "RKCMD="
  111. Set "URL="
  112. REM Determine if the OS is (32/64 bits) to set the correct URL for the download.
  113. IF /I "%PROCESSOR_ARCHITECTURE%"=="x86" (
  114.         Set "URL=http://download.adlice.com/RogueKillerCMD/RogueKillerCMD.exe"
  115.     ) else (
  116.         Set "URL=http://download.adlice.com/RogueKillerCMD/RogueKillerCMDX64.exe"
  117. )
  118. REM To extract the name of the file to be download from the URL.
  119. For %%F in (%URL%) Do (
  120.     Set "RKCMD=%%~nxF"
  121.     Set "RKCMD_Name=%%~nF"
  122. )
  123. REM If there is any previous version of RogueKillerCMD we delete it.
  124. If Exist "%Temp%\%RKCMD%" Del "%Temp%\%RKCMD%"
  125. REM We download the last version of RogueKillerCMD from its original web site.
  126. If Not Exist "%Temp%\%RKCMD%" (
  127. echo(
  128. echo      Please wait a while ... Downloading the last version of "%RKCMD_Name%" is in progress ...
  129.     Call:Download "%URL%" "%Temp%\%RKCMD%"
  130.     Call:ReportName
  131. )
  132. REM We Call "RogueKillerCMD" to perform a scan and get its report in html format.
  133. Title %Date% @ %Time%   Please wait...   Scanning with "%RKCMD_Name%" is in progress ...
  134. Color 0E & Mode con cols=100 lines=15
  135. Call "%Temp%\%RKCMD%" -scan -dont_ask -params "-nokill -autodelete -nopop -nodriver -reportformat html -reportpath """%Report%""""
  136. Start "" "%Report%"
  137. Exit
  138. ::*********************************************************************************
  139. :Download <url> <File>
  140. Powershell.exe -command "(New-Object System.Net.WebClient).DownloadFile('%1','%2')"
  141. exit /b
  142. ::*********************************************************************************
  143. :ReportName
  144. for /f "delims=" %%a in ('wmic OS Get localdatetime  ^| find "."') do set "dt=%%a"
  145. set datestamp=%dt:~0,8%
  146. set timestamp=%dt:~8,6%
  147. set YYYY=%dt:~0,4%
  148. set MM=%dt:~4,2%
  149. set DD=%dt:~6,2%
  150. set HH=%dt:~8,2%
  151. set Min=%dt:~10,2%
  152. set Sec=%dt:~12,2%
  153. set "stamp=%DD%-%MM%-%YYYY%_%HH%_%Min%"
  154. Set "Report=%~dp0RK_Report_%stamp%.html"
  155. Exit /b
  156. ::*********************************************************************************
RAW Paste Data