Jump to content
Sign in to follow this  
Unc3nZureD

New Project [Anti-AutoRun]

Recommended Posts

Unc3nZureD

Some days ago I started to make a quite interesting and useful program. I called it "Anti-AutoRun". It automatically scans your Auto-run entries, and alert you if something happens. (New entry or entry deleted). I started with the @Startupdir and @StartupCommonDir.

First, log every current entry into 4 different ini file.

#include <File.au3>
Func Startup()
FileDelete(@ScriptDir & "\CommonFileEngine.ini")
FileDelete(@ScriptDir & "\CommonRegEngine.ini")
FileDelete(@ScriptDir & "\UserFileEngine.ini")
FileDelete(@ScriptDir & "\UserRegEngine.ini")$USF = _FileListToArray(@StartupDir, "*", 1)
$CSF = _FileListToArray(@StartupCommonDir, "*", 1)
$Count = 0
While 1
  $Count = $Count + 1
  IniWrite(@ScriptDir & "\UserFileEngine.ini", $USF[$Count], "Enabled", 1)
  If $Count = $USF[0] Then ExitLoop
WEnd$Count = 0
While 1
  $Count = $Count + 1
  IniWrite(@ScriptDir & "\CommonFileEngine.ini", $CSF[$Count], "Enabled", 1)
  If $Count = $CSF[0] Then ExitLoop
WEnd$Count = 0
While 1
  $Count = $Count + 1
  $Max = RegEnumVal("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", 1)
  $var = RegEnumVal("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", $Count)
  If @error <> 0 Then ExitLoop
  $read = RegRead("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run", $var)
  IniWrite(@ScriptDir & "\UserRegEngine.ini", $var, "Value", $read)
  If $Count = $Max Then ExitLoop
WEnd$Count = 0
While 1
  $Count = $Count + 1
  $Max = RegEnumVal("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run", 1)
  $var = RegEnumVal("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run", $Count)
  If @error <> 0 Then ExitLoop
  $read = RegRead("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run", $var)
  IniWrite(@ScriptDir & "\CommonRegEngine.ini", $var, "Value", $read)
  If $Count = $Max Then ExitLoop
WEnd
EndFunc

It works quite nice. Now 1st have to scan the files. Lets do it with some simple While & WEnd (I know I could use Do Until or For, next but I rather like the While command)

So here's the current source code:

While 1
$Count = 0
While 1
  $Count = $Count + 1
  $User = _FileListToArray(@StartupDir, "*", 1)
  $Read = IniRead(@ScriptDir & "\UserFileEngine.ini", $User[$Count], "Enabled", 0)
  If $Read = 0 Then
   $Type = "User Startup Directory"
   $Path = @StartupDir
   $Name = $User[$Count]
   _Warning()
  EndIf
  If $Count = $User[0] Then ExitLoop
  Sleep(500)
WEnd
$Count = 0
While 1
  $Count = $Count + 1
  $User = _FileListToArray(@StartupCommonDir, "*", 1)
  $Read = IniRead(@ScriptDir & "\UserFileEngine.ini", $User[$Count], "Enabled", 0)
  If $Read = 0 Then
   $Type = "Common Startup Directory"
   $Path = @StartupCommonDir
   $Name = $User[$Count]
   _Warning()
  EndIf
  If $Count = $User[0] Then ExitLoop
  Sleep(500)
WEnd
WEnd

The code above is quite buggy, I would like to get some help how to improve it.

Oh and almost forgot:

If it finds an additional entry then here's the GUI:

Func _Warning()
$Form1 = GUICreate("Modification found", 212, 212, 192, 124)
$Label1 = GUICtrlCreateLabel("Type:", 16, 112, 31, 17)
$Label2 = GUICtrlCreateLabel($Type, 56, 112, 154, 17)
$Pic1 = GUICtrlCreatePic("C:\Documents and Settings\Rendszergazda\Asztal\AAR ZureD\lerror.bmp", 56, 0, 100, 100)
$Label3 = GUICtrlCreateLabel("Name:", 16, 128, 35, 17)
$Label4 = GUICtrlCreateLabel($Name, 56, 128, 154, 17)
$Button1 = GUICtrlCreateButton("Apply", 64, 176, 75, 25)
$Checkbox1 = GUICtrlCreateCheckbox("Delete Entry", 16, 152, 81, 17)
GUISetState(@SW_SHOW)
While 1
  $nMsg = GUIGetMsg()
  Switch $nMsg
   Case $Button1
    $Delete = BitAnd(GUICtrlRead($Checkbox1),$GUI_CHECKED)
    If $Delete = 1 Then
     FileDelete($Path & "\" & $User[$Count])
     GUICtrlDelete($Form1)
     Startup()
     ExitLoop
    EndIf
  EndSwitch
WEnd
EndFunc

I have the most problem with the Arrays :S Any idea?

Thanks: Unc3nZureD

(Sorry but now I have to turn off my computer so I can't answer the quiestions yet.)

(All of the au3 & Resources are attached in a zip file)

Anti-AutoRUN.zip

Share this post


Link to post
Share on other sites
Unc3nZureD

I think It's more clear if I use them separated.

1) User's Registry entries

2) Common Registry Entries

3) User's Startup Files' name

4) Common Startup Files' name

Just to clear the question: I would like t ask for some rescue ideas how to not to get so many 'Array is undefined' error.

Edited by Unc3nZureD

Share this post


Link to post
Share on other sites
Unc3nZureD

Today I checked the source, and found some error. Now it works, but still got error if I delete any entry manually while my program is running. I'm working on how to solve it, if you have any nice idea then please post it :)

AAR_fixed.zip

Edited by Unc3nZureD

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×