Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @echo off
- set oldversion=1.3.1
- set spy_removed=0
- :zero_check
- set /p checkupdate=Check For Updates? Y/N:
- if %checkupdate%==Y goto update_download
- if %checkupdate%==N goto first_check
- goto zero_check
- :first_check
- IF EXIST "threats_removed.bat" CALL "threats_removed.bat"
- title AntiRogue v1.3
- echo AntiRogue v1.3 Booting Please Wait
- ping localhost >nul
- echo Loading Rogue Software Location Database
- call patch_list.bat
- ping localhost >nul
- echo Boot Sucsessful
- ping localhost >nul
- echo AntiRogue is an AntiMalware Program specificly designed to aid in the process
- echo Of eliminating Rogue Security Software
- echo Current Support
- echo.
- echo CleanThis
- echo ThinkPoint
- echo Strong Malware Defender
- echo VirusHeat
- echo SpywareQuake
- :check_startup
- set StartupFolder="%AppData%\Microsoft\Windows\Start Menu\Programs\Startup"
- If Exist %StartupFolder%\AntiRogue.lnk Goto allowregedit
- set StartupFolder="%UserProfile%\Start Menu\Programs\Startup"
- If Exist %StartupFolder%\AntiRogue.lnk Goto allowregedit
- set /p copystart=Copy AntiRogue To Startup? Y/N:
- IF %copystart%==N goto allowregedit
- IF %copystart%==Y goto copy_startup
- goto check_startup
- :copy_startup
- CD /D %~dp0
- IF NOT EXIST "AntiRogue.lnk" echo You need to Manually Create a Shortcut first
- IF NOT EXIST "AntiRogue.lnk" pause
- IF NOT EXIST "AntiRogue.lnk" goto allowregedit
- set StartupFolder=%AppData%\Microsoft\Windows\Start Menu\Programs\Startup
- If Exist "%StartupFolder%\AntiRogue.lnk" Goto allowregedit
- Set StartupFolder=%UserProfile%\Start Menu\Programs\Startup
- If Exist "%StartupFolder%\AntiRogue.lnk" Goto allowregedit
- :FoundStartup
- copy "AntiRogue.lnk" "%StartupFolder%"
- :allowregedit
- set /p allowreg=Allow Registry? Y/N:
- if %allowreg%==Y goto startreg_scan
- if %allowreg%==N goto search1
- goto allowregedit
- pause
- goto search
- :startreg_scan
- set /p startscan=Start Registry Scanner? Y/N:
- IF %startscan%==Y start reg_scan.bat
- IF %startscan%==Y goto search
- IF %startscan%==N goto search
- goto startreg_scan
- :search2
- set regallow=1
- goto search
- :search1
- set regallow=0
- goto search
- :search
- cls
- color 0A
- echo Status: Clean
- IF EXIST "threats_removed.bat" CALL "threats_removed.bat"
- IF EXIST "reg_cleans.bat" CALL "reg_cleans.bat"
- IF EXIST "threats_removed.bat" ECHO Rogues Eliminated: %threat_count%
- IF EXIST "reg_cleans.bat" ECHO Registries Fixed: %reg_clean%
- goto search3
- color 07
- :search3
- title Status: Clean
- IF EXIST "BAT_Patches\spyfound.bat" goto SPY_REGFOUND
- IF EXIST "BAT_Patches\angfound.bat" goto ANG_REGFOUND
- IF EXIST "BAT_Patches\malfound.bat" goto MAL_REGFOUND
- IF EXIST %virusheat1% goto VH_ALERT
- IF EXIST %virusheat2% goto VH_ALERT
- IF EXIST %virusheat3% goto VH_ALERT
- IF EXIST %virusheat4% goto VH_ALERT
- IF EXIST %cleanthis% goto CLEAN_ALERT
- IF EXIST %ang1% goto ANG_ALERT
- IF EXIST %ang2% goto ANG_ALERT
- IF EXIST %ang3% goto ANG_ALERT
- IF EXIST %ang4% goto ANG_ALERT
- IF EXIST %spyquake1% goto SPYQUAKE_ALERT
- IF EXIST %spyquake2% goto SPYQUAKE_ALERT
- IF EXIST %spyquake3% goto SPYQUAKE_ALERT
- IF EXIST %thinkpoint1% goto THINKPOINT_ALERT
- IF EXIST %thinkpoint2% goto THINKPOINT_ALERT
- IF EXIST %thinkpoint3% goto THINKPOINT_ALERT
- IF EXIST %mal_defend1% goto MALDEFEND_ALERT
- IF EXIST %mal_defend2% goto MALDEFEND_ALERT
- IF EXIST %mal_defend3% goto MALDEFEND_ALERT
- IF EXIST %mal_defend4% goto MALDEFEND_ALERT
- IF EXIST %mal_defend5% goto MALDEFEND_ALERT
- IF EXIST %mal_defend6% goto MALDEFEND_ALERT
- IF EXIST %sheriff1% goto SHERIFF_ALERT
- IF EXIST %sheriff2% goto SHERIFF_ALERT
- IF EXIST %sheriff3% goto SHERIFF_ALERT
- IF EXIST %sheriff4% goto SHERIFF_ALERT
- IF EXIST %sheriff5% goto SHERIFF_ALERT
- IF EXIST %sheriff6% goto SHERIFF_ALERT
- IF EXIST %sheriff7% goto SHERIFF_ALERT
- IF EXIST %sheriff8% goto SHERIFF_ALERT
- IF EXIST %sheriff9% goto SHERIFF_ALERT
- goto search3
- :SHERIFF_ALERT
- set virus=SpySheriff Oh Dear :(
- set removal_link=sheriff_remove
- set task1="winstall.exe"
- set task2="wp.exe"
- goto ALERT
- pause
- :CLEAN_ALERT
- set virus=CleanThis
- set removal_link=clean_remove
- set task="gog.exe"
- goto ALERT
- :ANG_ALERT
- set virus=ANG_AntiVirus
- set removal_link=ang_remove
- set task1="angpd.exe"
- set task2="mcdk.exe"
- set task3="rkgnd.exe"
- set task4="wsd.exe"
- goto ALERT
- :SPYQUAKE_ALERT
- set virus=SpywareQuake
- set removal_link=spyquake_remove
- set task1="SpywareQuake.exe"
- set task2="Spy-Quake2.exe"
- set task3="SpywareQuaked.exe"
- goto ALERT
- :THINKPOINT_ALERT
- set virus=ThinkPoint
- set removal_link=thinkpoint_remove
- set task1="hotfix.exe"
- set task2="thinkpoint.exe"
- set task3="bbotxxxxxx.exe"
- goto ALERT
- :MALDEFEND_ALERT
- set virus=Malware Defender
- set removal_link=maldefend_remove
- goto ALERT
- :VH_ALERT
- set virus=VirusHeat
- set removal_link=vh_remove
- goto ALERT
- :ALERT
- cls
- color 0C
- title ALERT!!! MALWARE FOUND!!!
- echo Status: Infected
- echo Threatening Malware: %virus%
- ping localhost >nul
- goto %removal_link%
- :clean_remove
- title Removing CleanThis Please Wait
- TASKKILL /F /IM %task% /FI "STATUS eq RUNNING"
- IF EXIST %cleanthis% del %cleanthis%
- IF NOT EXIST %cleanthis% echo Threat Removed
- IF NOT EXIST %cleanthis% set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto cleanreg
- :ang_remove
- title Removing ANG AntiVirus Please Wait
- TASKKILL /F /IM %task1% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task2% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task3% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task4% /FI "STATUS eq RUNNING"
- IF EXIST %ang1% vbs %ang_vbs%
- IF EXIST %ang2% vbs %ang_vbs%
- IF EXIST %ang3% vbs %ang_vbs%
- IF EXIST %ang4% vbs %ang_vbs%
- ping localhost >nul
- set ang_removed=0
- IF NOT EXIST %ang1% set /a ang_removed=%ang_removed%+1
- IF NOT EXIST %ang2% set /a ang_removed=%ang_removed%+1
- IF NOT EXIST %ang3% set /a ang_removed=%ang_removed%+1
- IF NOT EXIST %ang4% set /a ang_removed=%ang_removed%+1
- IF %ang_removed%==4 echo Threat Removed
- IF %ang_removed%==4 set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto angreg
- :spyquake_remove
- title Removing SpywareQuake Please Wait
- TASKKILL /F /IM %task1% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task2% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task3% /FI "STATUS eq RUNNING"
- IF EXIST %spyquake1% vbs %spyquake_vbs%
- IF EXIST %spyquake2% vbs %spyquake_vbs%
- IF EXIST %spyqauke3% vbs %spyquake_vbs%
- ping localhost >nul
- IF NOT EXIST %spyquake1% set /a spy_removed=%spy_removed%+1
- IF NOT EXIST %spyquake2% set /a spy_removed=%spy_removed%+1
- IF NOT EXIST %spyquake3% set /a spy_removed=%spy_removed%+1
- IF %spy_removed%==3 echo Threat Removed
- IF %spy_removed%==3 set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- pause
- IF NOT %regallow%==1 goto search
- goto spyreg
- :thinkpoint_remove
- title Removing ThinkPoint Please Wait
- TASKKILL /F /IM %task1% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task2% /FI "STATUS eq RUNNING"
- TASKKILL /F /IM %task3% /FI "STATUS eq RUNNING"
- IF EXIST %thinkpoint1% del %thinkpoint1%
- IF EXIST %thinkpoint2% del %thinkpoint2%
- IF EXIST %thinkpoint3% vbs %thinkpoint_vbs%
- ping localhost >nul
- set think_removed=0
- IF NOT EXIST %thinkpoint1% SET /a think_removed=%think_removed%+1
- IF NOT EXIST %thinkpoint2% SET /a think_removed=%think_removed%+1
- IF NOT EXIST %thinkpoint3% SET /a think_removed=%think_removed%+1
- IF %think_removed%==3 echo Threat Removed
- IF %think_removed%==3 set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto thinkreg
- :maldefend_remove
- title Removing Malware Defender Please Wait
- echo Eliminating Strong Malware Defender
- echo We Have Better support for Malware Defender Now
- IF EXIST %mal_defend1% DEL %mal_defend1%
- IF EXIST %mal_defend2% DEL %mal_defend2%
- IF EXIST %mal_defend3% DEL %mal_defend3%
- IF EXIST %mal_defend4% DEL %mal_defend4%
- IF EXIST %mal_defend5% DEL %mal_defend5%
- IF EXIST %mal_defend6% DEL %mal_defend6%
- set maldefend_removed=0
- IF NOT EXIST %mal_defend1% set /a maldefend_removed=%maldefend_removed%+1
- IF NOT EXIST %mal_defend2% set /a maldefend_removed=%maldefend_removed%+1
- IF NOT EXIST %mal_defend3% set /a maldefend_removed=%maldefend_removed%+1
- IF NOT EXIST %mal_defend4% set /a maldefend_removed=%maldefend_removed%+1
- IF NOT EXIST %mal_defend5% set /a maldefend_removed=%maldefend_removed%+1
- IF NOT EXIST %mal_defend6% set /a maldefend_removed=%maldefend_removed%+1
- IF %maldefend_removed%==6 echo Threat Removed
- IF %maldefend_removed%==6 set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto maldefendreg
- :vh_remove
- title Removing VirusHeat Please Wait
- echo Removing VirusHeat
- IF EXIST %virusheat1% vbs %virusheat_vbs%
- IF EXIST %virusheat2% vbs %virusheat_vbs%
- IF EXIST %virusheat3% vbs %virusheat_vbs%
- IF EXIST %virusheat4% vbs %virusheat_vbs%
- set vh_removed=0
- IF NOT EXIST %virusheat1% set /a vh_removed=%vh_removed%+1
- IF NOT EXIST %virusheat2% set /a vh_removed=%vh_removed%+1
- IF NOT EXIST %virusheat3% set /a vh_removed=%vh_removed%+1
- IF NOT EXIST %virusheat4% set /a vh_removed=%vh_removed%+1
- IF %vh_removed%==4 echo Threat Removed
- IF %vh_removed%==4 set /a threat_count=%threat_count%+1
- echo set threat_count-%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto vhreg
- :sheriff_remove
- title Removing SpySheriff Please Wait
- echo Removing SpySheriff
- IF EXIST %sheriff1% vbs %sheriff_vbs%
- IF EXIST %sheriff2% vbs %sheriff_vbs%
- IF EXIST %sheriff3% vbs %sheriff_vbs%
- IF EXIST %sheriff4% vbs %sheriff_vbs%
- IF EXIST %sheriff5% vbs %sheriff_vbs%
- IF EXIST %sheriff6% vbs %sheriff_vbs%
- IF EXIST %sheriff7% vbs %sheriff_vbs%
- IF EXIST %sheriff8% vbs %sheriff_vbs%
- IF EXIST %sheriff9% vbs %sheriff_vbs%
- set sheriff_removed=0
- ping localhost >nul
- IF NOT EXIST %sheriff1% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff2% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff3% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff4% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff5% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff6% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff7% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff8% set /a sheriff_removed=%sheriff_removed%+1
- IF NOT EXIST %sheriff9% set /a sheriff_removed=%sheriff_removed%+1
- IF %sheriff_removed%==9 echo Threat Removed
- IF %sheriff_removed%==9 set /a threat_count=%threat_count%+1
- echo set threat_count=%threat_count% > threats_removed.bat
- ping localhost >nul
- IF NOT %regallow%==1 goto search
- goto sheriffreg
- :cleanreg
- title Fixing Registries
- echo Fixing Registries with the remove_cleanthis.reg Patch
- regedit %clean_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :angreg
- title Fixing Registries
- echo Fixing Registries with the remove_ang.reg Patch
- regedit %ang_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :spyreg
- title Fixing Registries
- echo Fixing Registries with the remove_spyquake.reg Patch
- regedit %spyquake_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :thinkreg
- title Fixing Registries
- echo Fixing Registries with the remove_thinkpoint.reg Patch
- regedit %thinkpoint_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :maldefendreg
- title Fixing Registries
- echo Fixing Registries with the remove_maldefend.reg Patch
- regedit %maldefend_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :vhreg
- title Fixing registries
- echo Fixing Registries with the remove_vh.reg Patch
- regedit %virusheat_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :sheriffreg
- title Fixing Registries
- echo Fixing Registries with the remove_sheriff.reg Patch
- regedit %sheriff_reg%
- set /a reg_clean=%reg_clean%+1
- echo set reg_clean=%reg_clean% > reg_cleans.bat
- echo Fixed
- ping localhost >nul
- goto search
- :SPY_REGFOUND
- title Found Registry
- color 0C
- echo We Found a Registry
- regedit %spyquake_reg%
- echo We Fixed the registry
- ping localhost >nul
- IF EXIST "BAT_Patches\spyfound.bat" del "BAT_Patches\spyfound.bat"
- goto search
- :ANG_REGFOUND
- title Found Registry
- color 0C
- echo We Found a Registry
- regedit %ang_reg%
- echo We Fixed the registry
- ping localhost >nul
- IF EXIST "BAT_Patches\angfound.bat" del "BAT_Patches\angfound.bat"
- goto search
- :MAL_REGFOUND
- title Found Registry
- color 0C
- echo We Found a Registry
- regedit %maldefend_reg%
- echo We Fixed the registry
- ping localhost >nul
- IF EXIST "BAT_Patches\malfound.bat" del "BAT_Patches\malfound.bat"
- goto search
- :update_download
- wget http://pastebin.com/raw.php?i=LRFgxZxz
- REN "raw.php?i=LRFgxZxz" "update.bat"
- call update.bat
- IF %oldversion% LSS %newversion% goto updating
- echo No New Updates
- pause
- goto first_check
- :updating
- wget %download_link%
- echo Sucsessfully Downloaded AntiRogue v%newversion%
- echo Please Unzip this new version and use it
- pause
- exit
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement