diff --git a/scripts/auto_repairs.py b/scripts/auto_repairs.py index 00c5fa14..18ee80cc 100644 --- a/scripts/auto_repairs.py +++ b/scripts/auto_repairs.py @@ -62,6 +62,7 @@ BASE_MENUS = { MenuEntry('BleachBit', 'auto_bleachbit'), MenuEntry('HitmanPro', 'auto_hitmanpro'), MenuEntry('KVRT', 'auto_kvrt'), + MenuEntry('EmsisoftCmd', 'auto_emsisoft_cmd'), MenuEntry('Windows Defender', 'auto_microsoft_defender'), MenuEntry('Reboot', 'auto_reboot'), ), diff --git a/scripts/wk/cfg/tools.py b/scripts/wk/cfg/tools.py index 27e56796..a7b551d9 100644 --- a/scripts/wk/cfg/tools.py +++ b/scripts/wk/cfg/tools.py @@ -20,6 +20,8 @@ SOURCES = { 'Caffeine': 'http://www.zhornsoftware.co.uk/caffeine/caffeine.zip', 'ClassicStartSkin': 'http://www.classicshell.net/forum/download/file.php?id=3001&sid=9a195960d98fd754867dcb63d9315335', 'Du': 'https://download.sysinternals.com/files/DU.zip', + 'EmsisoftCmd32': 'https://dl.emsisoft.com/EmsisoftCommandlineScanner32.exe', + 'EmsisoftCmd64': 'https://dl.emsisoft.com/EmsisoftCommandlineScanner64.exe', 'ERUNT': 'http://www.aumha.org/downloads/erunt.zip', 'ESET AVRemover32': 'https://download.eset.com/com/eset/tools/installers/av_remover/latest/avremover_nt32_enu.exe', 'ESET AVRemover64': 'https://download.eset.com/com/eset/tools/installers/av_remover/latest/avremover_nt64_enu.exe', diff --git a/scripts/wk/repairs/win.py b/scripts/wk/repairs/win.py index 9526c410..7ef0e455 100644 --- a/scripts/wk/repairs/win.py +++ b/scripts/wk/repairs/win.py @@ -118,7 +118,9 @@ REG_UAC_DEFAULT_SETTINGS = { ), }, } -RKILL_WHITELIST = ( +SYSTEMDRIVE = os.environ.get('SYSTEMDRIVE', 'C:') +EMSISOFT_INSTALL_PATH = f'{SYSTEMDRIVE}/EmsisoftCmd' +WHITELIST = ( CONEMU_EXE, fr'{PROGRAMFILES_32}\TeamViewer\TeamViewer.exe', fr'{PROGRAMFILES_32}\TeamViewer\TeamViewer_Desktop.exe', @@ -128,7 +130,6 @@ RKILL_WHITELIST = ( fr'{PROGRAMFILES_32}\TeamViewer\tv_x64.exe', sys.executable, ) -SYSTEMDRIVE = os.environ.get('SYSTEMDRIVE', 'C:') WIDTH = 50 TRY_PRINT = TryAndPrint() TRY_PRINT.width = WIDTH @@ -643,6 +644,15 @@ def auto_dism(group, name): reboot() +def auto_emsisoft_cmd(group, name): + """Run EmisoftCmd.""" + TRY_PRINT.run('EmsisoftCmd (Install)...', install_emsisoft_cmd) + TRY_PRINT.run('EmsisoftCmd (Update)...', update_emsisoft_cmd) + result = TRY_PRINT.run('EmsisoftCmd (Scan)...', run_emsisoft_cmd_scan) + TRY_PRINT.run('EmsisoftCmd (Uninstall)...', uninstall_emsisoft_cmd) + save_settings(group, name, result=result) + + def auto_enable_regback(group, name): """Enable RegBack.""" result = TRY_PRINT.run( @@ -816,7 +826,12 @@ def fix_file_associations(): if item.suffix.lower() != '.reg': continue cmd = ['reg', 'import', str(item), f'/reg:{ARCH}'] - proc = run_program(cmd, check=False) + run_program(cmd, check=False) + + +def install_emsisoft_cmd(): + """Install EmsisoftCmd.""" + run_tool('EmsisoftCmd', 'EmsisoftCmd', '/S', cbin=True) def run_adwcleaner(): @@ -839,6 +854,39 @@ def run_bleachbit(cleaners, preview=True): log_path.with_suffix('.err').write_text(proc.stderr) +def run_emsisoft_cmd_scan(): + """Run EmsisoftCmd scan.""" + log_path = format_log_path( + log_name='EmsisoftCmd', timestamp=True, tool=True, + ) + log_path.parent.mkdir(parents=True, exist_ok=True) + quarantine_path = set_local_storage_path( + 'Quarantine', 'EmsisoftCmd', date=True, + ) + quarantine_path.mkdir(parents=True, exist_ok=True) + whitelist_path = log_path.with_suffix('.wl') + + # Create whitelist + whitelist_path.write_text('\n'.join(map(str, WHITELIST))) + + # Run Scan + cmd = [ + f'{EMSISOFT_INSTALL_PATH}/a2cmd.exe', '/directdiskaccess', + f'/f={SYSTEMDRIVE}', + '/rootkits', '/memory', '/traces', '/pup', '/archive', '/ntfs', '/delete', + f'/log="{log_path}"', + f'/quarantine="{quarantine_path}"', + f'/whitelist="{whitelist_path}"', + ] + if IN_CONEMU: + cmd.extend(['-new_console:nb', '-new_console:s33V']) + run_program(cmd, check=False, pipe=False) + sleep(1) + wait_for_procs('a2cmd.exe') + else: + run_program(cmd, check=False) + + def run_hitmanpro(): """Run HitmanPro scan.""" log_path = format_log_path(log_name='HitmanPro', timestamp=True, tool=True) @@ -935,7 +983,7 @@ def run_rkill(): log_path = format_log_path(log_name='RKill', timestamp=True, tool=True) log_path.parent.mkdir(parents=True, exist_ok=True) whitelist_path = log_path.with_suffix('.wl') - whitelist_path.write_text('\n'.join(map(str, RKILL_WHITELIST))) + whitelist_path.write_text('\n'.join(map(str, WHITELIST))) cmd_args = ( '-l', log_path, '-w', whitelist_path, @@ -964,6 +1012,39 @@ def run_tdsskiller(): run_tool('TDSSKiller', 'TDSSKiller', *cmd_args, download=True) +def uninstall_emsisoft_cmd(): + """Uninstall EmsisoftCmd. + + NOTE: An uninstaller is no longer provided? Just delete the folder I guess. + """ + cmd = [f'{EMSISOFT_INSTALL_PATH}/a2cmd.exe', '/uninstallservice'] + proc = popen_program(cmd) + proc.wait() + + # Stop service + try: + stop_service('epp') + except GenericError: + # Ignore and delete *most* of EmsisoftCmd + pass + + # Delete install dir + ## NOTE: Using ingore_errors=True in case service dll can't be removed. + delete_folder(EMSISOFT_INSTALL_PATH, force=True, ignore_errors=True) + + +def update_emsisoft_cmd(): + """Update EmsisoftCmd.""" + cmd = [f'{EMSISOFT_INSTALL_PATH}/a2cmd.exe', '/update'] + if IN_CONEMU: + cmd.extend(['-new_console:nb', '-new_console:s33V']) + run_program(cmd, check=False, pipe=False) + sleep(1) + wait_for_procs('a2cmd.exe') + else: + run_program(cmd, check=False) + + # OS Built-in Functions def create_system_restore_point(): """Create System Restore point."""