Elieder Posted June 1, 2014 Share Posted June 1, 2014 (edited) I'm new here... first some biography to make my intentions clear... in the last weeks I found autoit like a very powerful language to make my job easy (system cleaning, "no-formating" troubleshooting), so I decided it give a try, and convert all my batch files to au3 files. Scripts like stopping service from bloatware programs, unused or useless Windows services, resolve Windows/network errors with registry modifications, removing virus, pups and adware-like programs (a long list of other Windows problems here), etc. In the virus and PUPs prevention, I started to create a folder on %ProgramFiles (x86)% (or just %ProgramFiles% on 32 bits machines), with write protection... so: REM COPIED FROM MY BATCH SCRIPT! md "%folder%" icacls "%folder%" /deny *S-1-1-0:(OI)(CI)W Prevents all adware with %folder% name from being installed on that folder. And works fine! BUT, there are some that has different names, like first character capitalized, or just a duplicated char, or "_01, _02" in the end of name.. just to avoid this way of protection commonly used by security programs (that searches files and folders by its "fixed" names). And, it's very incovenient to have thousand of folders in %ProgramFIles%, so, I had another idea. And we finally reach the first (and only kkk) question... Is there a way that I can create a program that can block a folder creation? Because if yes, I will try to create a "ProgramFiles Firewall" that with some regex and a database of adware names, block unwanted folder from being created... I'm already warned that maybe it's a kernel level task... (and sorry for my possible english errors, I'm just learning) Edited June 1, 2014 by Elieder Link to comment Share on other sites More sharing options...
Moderators JLogan3o13 Posted June 1, 2014 Moderators Share Posted June 1, 2014 Not only are you looking at a kernel level task, but malware in general is constantly evolving. You would have to constantly be updating your database with new definitions. What you're talking about writing is anti-malware software. I'm not sure AutoIt (much as I love it) is the language you should even attempt this in, and really not sure - with the questions you are asking already, if it is a project you should be undertaking. Sounds like you're in for a lot of headache and frustration. "Profanity is the last vestige of the feeble mind. For the man who cannot express himself forcibly through intellect must do so through shock and awe" - Spencer W. Kimball How to get your question answered on this forum! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now