NerdFencer

This is a quick tool that I wrote for 2 reasons. 1) to have fun parsing strings 2) because I wish the obfuscator would do this This script is designed to be run AFTER the obfuscator has been run with the options "/cs=0 /cn=0 /cf=1 /cf=1 /sf=1 /sv=1" and has not been tested on anything else. It does a few fun things to reduce script size. 1) finds all global const numeric values and inlines them (also works for several levels of const ex: BitOr($SomeConst,SomeNumber) ) 2) renames variables to be short 3) removes some more excess white space My test script went from 22.3 kb (after obfuscator) to 13.0 kb I realize that this wont have a drastic effect on executable size, but its fun to mess around with. Possibly up next... 1) Simplifying math expressions in code ex: BitOr(WhatUsedToBeAConst,SomeRandomNumbers) 2) Shortening function names Global $file = "Your Script Here.au3" FileDelete("out.au3") Global $isworking = True Global $work = FileRead($file) While $isworking==True $work = PostOpConst($work) WEnd $work = PostOpVarNames($work) While 1 $work = StringReplace($work,@CR&@CR,@CR) If @extended==0 Then If StringRight($work,1)==@CR Then $work = StringTrimRight($work,1) EndIf ExitLoop EndIf WEnd FileWrite("out.au3",$work) Func PostOpVarNames($text) Local $fvars[1], $fto[1], $state = 0, $var, $found, $last = "" Local $chars = StringSplit($text,"",2) Local $out = "" For $char In $chars Switch $state Case 0 $out &= $char If $char=="'"Then $state = 1 ContinueLoop ElseIf $char=='"' Then $state = 2 ContinueLoop ElseIf $char=="$" Then $state = 3 $var = "$" ContinueLoop ElseIf $char==","Then $state = 4 ContinueLoop EndIf Case 1 $out &= $char If $char=="'" Then $state = 0 ContinueLoop EndIf Case 2 $out &= $char If $char=='"' Then $state = 0 ContinueLoop EndIf Case 3 If NotNameChar($char) Then $found = False For $i=0 To UBound($fvars)-2 If $var == $fvars[$i] Then $found = True $out &= $fto[$i] ExitLoop EndIf Next If Not($found) Then $last = GetNext($last) $fto[$i] = $last $out &= $last $fto[UBound($fto)-1] = $last $fvars[UBound($fvars)-1] = $var ReDim $fto[UBound($fto)+1] ReDim $fvars[UBound($fvars)+1] EndIf $state = 0 If $char == " " Then $state = 4 ContinueLoop EndIf $out &= $char If $char == "," Then $state = 4 ContinueLoop EndIf EndIf $var &= $char Case 4 If $char==" " Then ContinueLoop ElseIf $char=="=" Then $out &= $char ContinueLoop ElseIf $char=="_" Or Not(NotNameChar($char)) Then $out&=" "&$char $state = 0 ContinueLoop EndIf $out &= $char $state = 0 If $char=="'" Then $state = 1 If $char=='"' Then $state = 2 If $char=="$" Then $state = 3 $var = "$" EndIf EndSwitch Next Return $out EndFunc Func NotNameChar($char) $char = Asc($char) If $char>=Asc("0") And $char<=Asc("9") Then Return False If $char>=Asc("A") And $char<=Asc("Z") Then Return False If $char>=Asc("a") And $char<=Asc("z") Then Return False Return True EndFunc Func GetNext($string) If $string=="" Then Return "A" Local $last = Asc(StringRight($string,1)) If $last>=Asc("A") And $last<Asc("Z") Then Return StringTrimRight($string,1)&Chr($last+1) ElseIf $last==Asc("Z") Then Return StringTrimRight($string,1)&"0" ElseIf $last>=Asc("0") And $last<Asc("9") Then Return StringTrimRight($string,1)&Chr($last+1) ElseIf $last==Asc("9") Then Return $string&"A" EndIf Return $string&"A" EndFunc Func PostOpConst($text) Local $lines = StringSplit(StringReplace($text,@LF,""),@CR) Local $var, $elements, $stage, $line, $canuse Local $fvars[1], $flines[1], $fvals[1] For $i=1 To $lines[0] $line = $lines[$i] If StringLeft($line,12)=="Global Const" Then ; extract the variable name $var = "" $stage = False $line = StringTrimLeft($line,13) $elements = StringSplit($line,"",2) For $element In $elements If $element==" " Or $element=="=" Then ExitLoop Else $var&=$element EndIf Next $line = StringTrimLeft($line,3+StringLen($var)) ; see if we can use it $line = strip($line) If Number($line)<>0 Or $line=="0" Or StringLeft($line,2)=="0x" Then $fvars[UBound($fvars)-1] = $var $flines[UBound($flines)-1]= $i ; bugfix... stupid but needed If StringInStr($line,"+")==0 And StringInStr($line,"-")==0 Then $fvals[UBound($fvals)-1] = Number($line) Else $fvals[UBound($fvals)-1] = Execute($line) EndIf ReDim $fvars[UBound($fvars)+1] ReDim $flines[UBound($flines)+1] ReDim $fvals[UBound($fvals)+1] ElseIf StringLeft($line,6)=="BitOR(" And CanCondenseBitOR($line) Then $fvars[UBound($fvars)-1] = $var $flines[UBound($flines)-1]= $i $fvals[UBound($fvals)-1] = Execute($line) ReDim $fvars[UBound($fvars)+1] ReDim $flines[UBound($flines)+1] ReDim $fvals[UBound($fvals)+1] ElseIf StringLeft($line,9)=="BitShift(" And CanCondenseBitShift($line) Then $fvars[UBound($fvars)-1] = $var $flines[UBound($flines)-1]= $i $fvals[UBound($fvals)-1] = Execute($line) ReDim $fvars[UBound($fvars)+1] ReDim $flines[UBound($flines)+1] ReDim $fvals[UBound($fvals)+1] EndIf EndIf Next For $i=0 To UBound($fvals)-2 $text = StringReplace($text,$fvars[$i],$fvals[$i]) Next $lines = StringSplit(StringReplace($text,@LF,""),@CR) $text = "" For $i=1 To $lines[0] $canuse = True For $j=0 To UBound($fvals)-2 If $flines[$j]==$i Then $canuse = False ExitLoop EndIf Next If $canuse == True Then $text &= $lines[$i] & @CR EndIf Next If UBound($fvals) <= 1 Then $isworking = False EndIf Return $text EndFunc Func CanCondenseBitOR($string) Local $tmp = StringTrimLeft(StringTrimRight($string,1),6) If StringInStr($tmp,"(")==0 And StringInStr($tmp,")")==0 And StringInStr($tmp,"$")==0 Then Return @error==0 EndIf Return False EndFunc Func CanCondenseBitShift($string) Local $tmp = StringTrimLeft(StringTrimRight($string,1),9) If StringInStr($tmp,"(")==0 And StringInStr($tmp,")")==0 And StringInStr($tmp,"$")==0 Then Return @error==0 EndIf Return False EndFunc Func strip($string) Local $out = "", $state = 0 $string = StringSplit($string,"",2) For $char In $string Switch $state Case 0 If $char=="'" Or $char=='"' Then $state = 1 $out &= $char ContinueLoop EndIf If $char==" " Or $char==@TAB Then ContinueLoop EndIf If $char==";" Then ExitLoop EndIf $out &= $char Case 1 $out &= $char If $char=="'" Or $char=='"' Then $state = 0 ContinueLoop EndIf EndSwitch Next Return $out EndFunc Edit: fixed something stupid that I did for debugging Happy Scripting

@CiscoZombie I'm not entirely certain what portions of the script would mess up on windows Vista. @AutomatedDefaults Thats why I put checkboxes So you can do what you want and no more @All I have put together a small team for this summer. We are going to rebuild AutoClean from the ground up in C++. I know that many people may not agree with the language change, but we need something faster. C++ will allow us to make more features native instead of downloaded and to create features not feasible in AutoIt, such as native rogue-ware removal. This time through, all the developers have different versions of windows including XP, Vista, and 7. With the increase in developers (from 1 to 3) we will have a better ability to debug and prevent errors from reaching distributed versions, especially with OS compatibility. We expect to have the first public alpha release out by the end of June. All work will be open source -Matt

Try booting into ERD Commander and restore to an earlier point (http://www.sermerane.com/dosya/ERD.Commander.rar)

I have only tested it in 32 bit OS's. Whatever the problem is, it is probably a 64 bit compatibility issue. What options did you use?

When you compile a script with AutoIt, the compiler automatically collects all required files.

Thanks for the glowing review I just updated the source to version 2.5.1 to address a security vulnerability in cmd.exe There are 2 registry locations (not used by any legitimate program I can find) that give the path to executables for cmd.exe to run before allowing the user to enter commands. The new option (located in the security tab) deletes these keys if they exist.

@navajow Thanks, but that mod is not very compatible. It only accounts for xp installations in which the user profile directories are in the default location. It will break on windows Vista and 7. It will also not work when someone changes their profile name (the directory stays the same but the username changes). Some sort of mod that makes CCleaner work on all user profiles may show up in the final version before the total rewrite, but it will be based on registry profiles not directories. @M1MO5 Thanks for the feedback. 1. Unfortunately ComboFix has intentionally made its use very hard to automate. It also breaks on all 64 bit os' 2. SmitFraudFix encounters compatibility issues on OSs after XP. 3. You are most likely using 64 bit windows 7. Try recompiling with the 64 bit AutoIt. One of the purposes of the rewrite (mentioned in earlier post) that I am sketching out is to allow for an efficient item removal interpreter. With this, I plan to add some interesting native features to the rewrite... 1. Native temp cleaning (eventually... hopefully... as comprehensive as CCleaner's but with multi-user support) 2. Bloat-ware Removal (just like a checkbox to uninstall a whole slew of bloat-ware/crapware) 3. Rogueware removal (this is the only thing i know of that AutoClean is missing before it becomes a full replacement for ComboFix and SmitFraudFix) All of these would use the same internal definitions format and feed through the same routine, but have different definitions.

Updated to version 2.5 This should fix all the bugs that I know about including the line 66 error and the fault in the Registry backup checkbox.

Sorry about that I overhauled too much stuff in 2.4 without properly testing it. I will be coming out with 2.5 today or tomorrow with all of these bugs fixed.

Don't bother If you kept the registry backup checkbox checked, then you should have a folder in your C:\windows directory named RegBackups. Pick a subfolder with a date that you like, and run "ERDNT.EXE". After that, reboot.

can you get the acd back from the recycle bin?

@finalversion AutoClean should have generated a revert file (.acd extension). Edit: placed in the 'logs' directory Drag that on top of the executable to fix your problem This will undo service settings changes and autorun deletions. In the source code... src\files\AutoRuns.ini delete the line that says... HotKeysCmds=C:\Windows\system32\hkcmd.exe Rerun the autoruns prune feature and your volume keys should still work I have already fixed this bug for the next release.

Can someone that had the line 66 error please post some way that their computer was messed up (if you know). I am trying to replicate the problem to fix it.

This coming weekend I will attempt to release a version that fixes all known bugs. After that, I must pause development until May 11. On June 15, I will release the last major version update in the 2.x line (there will most likely be some minor updates after this, but nothing ground-breaking). In august, I hope to unveil version 3.0, which will be a complete rewrite of AutoClean with MANY new features and a drastic performance increase.