악성코드 분석이나 포렌직 시 많이 이용되는 Sysinternals Tool을 최신버전으로 자동으로 업데이트 해주는 배치파일 입니다.
출처 : http://sysadmingeek.com/articles/batch-script-to-auto-update-sysinternals-tools/
@ECHO OFF
TITLE Sysinternals Updater
ECHO Sysintenals Updater
ECHO Written by: Jason Faulkner
ECHO SysadminGeek.com
ECHO.
ECHO.
SETLOCAL ENABLEDELAYEDEXPANSION
SET SysInternalsTools="%Temp%\SysInternalsTools.tmp.txt"
SET CurrentTasks="%Temp%\CurrentTasks.tmp.txt"
SET StartWhenFinished="%Temp%\StartWhenFinished.tmp.txt"
ECHO Detected directory: %~dp0
%~d0
CD %~p0
ECHO.
ECHO.
ECHO Downloading current tool list...
SET LiveShare=\live.sysinternals.com\tools
START /MIN %LiveShare%
DIR %LiveShare% /B > %SysInternalsTools%
TASKLIST > %CurrentTasks%
ECHO ;Terminated tools > %StartWhenFinished%
ECHO.
ECHO Updating installed SysInternals tools
FOR /F %%A IN ('DIR /B') DO (
FOR /F "usebackq" %%B IN (%SysInternalsTools%) DO (
IF /I [%%A]==[%%B] (
ECHO Updating %%A
FOR /F "usebackq" %%C IN (%CurrentTasks%) DO (
IF /I [%%A]==[%%C] (
ECHO %%C is currently running, killing process - queue restart
ECHO %%C >> %StartWhenFinished%
TASKKILL /IM %%A /T /F
)
)
XCOPY %LiveShare%\%%B %%A /Y
ECHO.
)
)
)
ECHO.
ECHO Resuming killed tasks
FOR /F "usebackq skip=1" %%A IN (%StartWhenFinished%) DO (
ECHO Starting %%A
START "Sysinternals Tool" "%%A"
)
IF EXIST %SysInternalsTools% DEL %SysInternalsTools%
IF EXIST %CurrentTasks% DEL %CurrentTasks%
IF EXIST %StartWhenFinished% DEL %StartWhenFinished%
ENDLOCAL
ECHO.
PAUSE