Created
July 19, 2024 13:08
-
-
Save nullenc0de/26e40978614ec7f8b12337c175a0269e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
setlocal enabledelayedexpansion | |
REM Check if BitLocker is enabled on drive C: | |
manage-bde -status C: | findstr /i "Conversion Status:\s*Fully Encrypted" | |
if %errorlevel% neq 0 ( | |
echo BitLocker is not enabled on drive C:. | |
goto continue | |
) else ( | |
echo BitLocker is enabled on drive C:. | |
REM Prompt for BitLocker recovery key | |
:prompt_for_key | |
set /p "key=Enter your BitLocker recovery key: " | |
if "!key!"=="" ( | |
echo BitLocker recovery key cannot be empty. | |
goto prompt_for_key | |
) | |
REM Unlock the BitLocker-encrypted drive | |
manage-bde -unlock C: -RecoveryPassword "!key!" | |
if %errorlevel% neq 0 ( | |
echo Failed to unlock BitLocker drive | |
pause | |
exit /b 1 | |
) | |
REM Disable BitLocker protection temporarily (optional) | |
manage-bde -protectors -disable C: | |
if %errorlevel% neq 0 ( | |
echo Failed to disable BitLocker protection | |
pause | |
exit /b 1 | |
) | |
) | |
:continue | |
REM Navigate to the CrowdStrike drivers directory | |
cd /d C:\Windows\System32\drivers\CrowdStrike | |
if %errorlevel% neq 0 ( | |
echo Failed to navigate to CrowdStrike directory | |
pause | |
exit /b 1 | |
) | |
REM Locate and delete the file matching "C-00000291*.sys" | |
for %%f in (C-00000291*.sys) do ( | |
del %%f | |
if %errorlevel% neq 0 ( | |
echo Failed to delete file %%f | |
pause | |
exit /b 1 | |
) | |
) | |
REM Re-enable BitLocker protection | |
if defined key ( | |
manage-bde -protectors -enable C: | |
if %errorlevel% neq 0 ( | |
echo Failed to re-enable BitLocker protection | |
pause | |
exit /b 1 | |
) | |
) | |
REM Reboot the system | |
shutdown /r /t 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment