forked from anic17/Batch-Antivirus
-
Notifications
You must be signed in to change notification settings - Fork 0
/
USBScan.bat
51 lines (46 loc) · 1.34 KB
/
USBScan.bat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
::BAV_:[email protected]:anic17/Batch-Antivirus.git
@echo off
setlocal EnableDelayedExpansion
title Batch Antivirus USB Scanner
set "drives=ABCDEFGHIJKLMNOPQRSTUVWXYZ"
set /a scancount=0,threats=0
for /f %%A in ('copy /Z "%~dpf0" nul') do set "CR=%%A"
for %%# in (A B C D E F G H I J K L M N O P Q R S T U V W X Y Z) do (
if exist %%#: (
echo.Scanning drive %%#:
set /a scancount+=1
call :search "%%#:"
)
)
echo.
echo Scanned !scancount! drives, found !threats! threat(s)
echo.
echo.Press any key to quit...
pause>nul
endlocal | exit /b !threats!
:search <disk>
set "drive=%~1"
attrib -h -s "!drive!\autorun.inf" >nul 2>&1
if exist "!drive!\autorun.inf" (
pushd "!drive!"
for /f "tokens=1,2* delims==" %%A in ('findstr /ric:"Open.*=" "%~1\autorun.inf"') do for /f "delims=" %%# in ("%%~B") do (
call :scanfile "%%~f#"
)
popd
)
goto :EOF
:scanfile
set "filescan=%~1"
call "%~dp0DeepScan.bat" "!filescan!" --verbose --novirustotal
set detectionratio=%errorlevel%
if !detectionratio! geq 20 (
for /f %%A in ('sha256 "!filescan!"') do set hash=%%A
set "hash=!hash:\=!"
set /a threats+=1
for /f "tokens=1* delims=:" %%A in ('findstr /c:"!hash!" "%~dp0VirusDataBaseHash.bav"') do (
if "%%A"=="!hash!" (
echo Malware detected in '!filescan!' ^(drive %~d1^) ^| Detection name: %%B
)
)
)
goto :EOF