Jump to content
Sign in to follow this  
BlazerV60

Has anyone ever created a Virus Scanner with AutoIt?

Recommended Posts

I searched through the forum but couldn't find any, then again I didn't search THAT deep.

Anyone know of any?

Would be pretty cool if someone created a virus scanner with AutoIt and continuously update it.

 

Share this post


Link to post
Share on other sites

Leave it to the experts methinks.


UDF List:

 
_AdapterConnections()_AlwaysRun()_AppMon()_AppMonEx()_ArrayFilter/_ArrayReduce_BinaryBin()_CheckMsgBox()_CmdLineRaw()_ContextMenu()_ConvertLHWebColor()/_ConvertSHWebColor()_DesktopDimensions()_DisplayPassword()_DotNet_Load()/_DotNet_Unload()_Fibonacci()_FileCompare()_FileCompareContents()_FileNameByHandle()_FilePrefix/SRE()_FindInFile()_GetBackgroundColor()/_SetBackgroundColor()_GetConrolID()_GetCtrlClass()_GetDirectoryFormat()_GetDriveMediaType()_GetFilename()/_GetFilenameExt()_GetHardwareID()_GetIP()_GetIP_Country()_GetOSLanguage()_GetSavedSource()_GetStringSize()_GetSystemPaths()_GetURLImage()_GIFImage()_GoogleWeather()_GUICtrlCreateGroup()_GUICtrlListBox_CreateArray()_GUICtrlListView_CreateArray()_GUICtrlListView_SaveCSV()_GUICtrlListView_SaveHTML()_GUICtrlListView_SaveTxt()_GUICtrlListView_SaveXML()_GUICtrlMenu_Recent()_GUICtrlMenu_SetItemImage()_GUICtrlTreeView_CreateArray()_GUIDisable()_GUIImageList_SetIconFromHandle()_GUIRegisterMsg()_GUISetIcon()_Icon_Clear()/_Icon_Set()_IdleTime()_InetGet()_InetGetGUI()_InetGetProgress()_IPDetails()_IsFileOlder()_IsGUID()_IsHex()_IsPalindrome()_IsRegKey()_IsStringRegExp()_IsSystemDrive()_IsUPX()_IsValidType()_IsWebColor()_Language()_Log()_MicrosoftInternetConnectivity()_MSDNDataType()_PathFull/GetRelative/Split()_PathSplitEx()_PrintFromArray()_ProgressSetMarquee()_ReDim()_RockPaperScissors()/_RockPaperScissorsLizardSpock()_ScrollingCredits_SelfDelete()_SelfRename()_SelfUpdate()_SendTo()_ShellAll()_ShellFile()_ShellFolder()_SingletonHWID()_SingletonPID()_Startup()_StringCompact()_StringIsValid()_StringRegExpMetaCharacters()_StringReplaceWholeWord()_StringStripChars()_Temperature()_TrialPeriod()_UKToUSDate()/_USToUKDate()_WinAPI_Create_CTL_CODE()_WinAPI_CreateGUID()_WMIDateStringToDate()/_DateToWMIDateString()Au3 script parsingAutoIt SearchAutoIt3 PortableAutoIt3WrapperToPragmaAutoItWinGetTitle()/AutoItWinSetTitle()CodingDirToHTML5FileInstallrFileReadLastChars()GeoIP databaseGUI - Only Close ButtonGUI ExamplesGUICtrlDeleteImage()GUICtrlGetBkColor()GUICtrlGetStyle()GUIEventsGUIGetBkColor()Int_Parse() & Int_TryParse()IsISBN()LockFile()Mapping CtrlIDsOOP in AutoItParseHeadersToSciTE()PasswordValidPasteBinPosts Per DayPreExpandProtect GlobalsQueue()Resource UpdateResourcesExSciTE JumpSettings INISHELLHOOKShunting-YardSignature CreatorStack()Stopwatch()StringAddLF()/StringStripLF()StringEOLToCRLF()VSCROLLWM_COPYDATAMore Examples...

Updated: 22/04/2018

Share this post


Link to post
Share on other sites

The upkeep on that would be ridiculous.


,-. .--. ________ .-. .-. ,---. ,-. .-. .-. .-.
|(| / /\ \ |\ /| |__ __||| | | || .-' | |/ / \ \_/ )/
(_) / /__\ \ |(\ / | )| | | `-' | | `-. | | / __ \ (_)
| | | __ | (_)\/ | (_) | | .-. | | .-' | | \ |__| ) (
| | | | |)| | \ / | | | | | |)| | `--. | |) \ | |
`-' |_| (_) | |\/| | `-' /( (_)/( __.' |((_)-' /(_|
'-' '-' (__) (__) (_) (__)

Share this post


Link to post
Share on other sites

I searched through the forum but couldn't find any, then again I didn't search THAT deep.

Anyone know of any?

Would be pretty cool if someone created a virus scanner with AutoIt and continuously update it.

 

I love your enthusiasm, but this is an extremely BAD idea for a host of reasons

1. AutoIt is a simple scripting language. Antivirus software is something that has to get into the nooks an crannies of the OS. AutoIt can't do this.

2. Updating. The updates you get from the Antivirus companies is worked on by a team of people full time. They have labs where they set viruses loose so they can study them, disassemble then when possible, and figure out how they work so they can stop them from infecting your rig.

3. being bug free as QUICKLY as possible. This same host of engineers has to release code that is as bug free as possible and as fast as possible. In some cases in a matter of hours. This is a very stressful task.

I can keep going but you get the idea. Keep thinking of how to use AutoIt for you daily needs as well as for something fun.

Share this post


Link to post
Share on other sites

I have used AutoIt for removing a specific virus/malware, but as MBALZESHARI points out, AutoIt is not a practical language for a virus scanner.

Before switching to Kaspersky, we used to wait days (sometimes weeks) after a zero-day infection to get signature files from Symantec.  Since waiting was not an option, we used AutoIt to create our own cleanup scripts for each specific infection.  I eventually several of them into one cleanup script, but once the list of malware I would handle got so long, the script was no longer able to respond quickly enough the stop the malware from respawning.

It is a nice practice if you want to learn some of the ways that malware/viruses infect your system, and how to remove them, but it would never replace a commercial product.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By MiKa666
      Hi all,
      I'm developing a tool for exploratively testing another software. For that I wanna cover all the GUI functionality from that software and verify everything works as intended. But now I've a problem which I couldnt solve so far.
      One thing that software I'm testing does, is to load up either a single picture or a series of pictures. Depending on how much pictures got loaded, further actions will be proceeded...
      This loaded pictures are schon within a ToolbarWindow and they're clickable. What I need to know is, how much pictures are in this ToolbarWindow...
      Can anybody provide me a tip on how to achive this?
      Would be amazing!!
      BR,
      Mic
    • By meety
      Hello!
      wingettext function can get the text content of the IE browser page, but the text content of the page cannot be obtained in the chrome browser? What should I do?
    • By DirtyJohny
      Hi everyone.Need rewrite this function how in еxample.
      Original:
      #RequireAdmin #NoTrayIcon Opt("MustDeclareVars",1) Func _a() Local $sls=ObjGet("winmgmts:{impersonationLevel=impersonate," _ &"authenticationLevel=Pkt}!\\"& _ @ComputerName&'\root\wmi'),$lss=$sls.ExecQuery _ ('SELECT * FROM WmiMonitorID'), _ $lll,$sll,$sss="",$lsl,$lls,$i,$z For $z In $lss $lsl=$z.UserFriendlyName For $i=0 To Ubound($lsl)-1 if ($lsl[$i]) Then $lll&=Chr($lsl[$i]) Next $lls=$z.SerialNumberID For $i=0 To Ubound($lls)-1 if ($lls[$i]) Then $sll&=Chr($lls[$i]) Next $sss&="Model"&@TAB&@TAB&": "&$lll&@CR&"Serial Number"&@TAB&": "&$sll&@CR&@CR $lll="" $sll="" Next MsgBox(262144,'Monitors '&$lss.Count,$sss&" "&@CR) $lss=Null $sls=Null EndFunc _a() Example:
      Func _InfoPC() Local $ObjService = ObjGet('winmgmts:{impersonationLevel = impersonate}!\\' & @ComputerName & '\root\cimv2') Local $ObjMB = $ObjService.ExecQuery('SELECT * FROM Win32_BaseBoard', 'WQL', 0x30) If IsObj($ObjService) Then For $objItemMB In $ObjMB $sInfo &= @TAB & 'Motherboard: ...... ' & $objItemMB.Product & @CRLF I'm beginner in this sphere and need  you all speak easy and simply because i'm Russian.Thanks)
    • By Deshanur
      Am trying to automate injecting credential on the login form for all kind of Web application for IE. I know how to identify the form name by viewing the source code and using the method - _IEFormGetObjByName($ie, $form_Name).
      I would like to know how to identify or get the form object for the web app where there is no form name tag for example below, for the is I have used - _IEFormGetCollection($ie, 0) to get the form object.
      My Question is does it work for all kind of application "_IEFormGetCollection($ie, 0)" how to identify Index value? is it always 0? is there any better solution?
      The final solution am looking for is find out form object, get the username, password field and inject credential and submit the form.
      How to find out index value? for the forms which does not have form name field.
      $login_form = _IEFormGetCollection($ie, 0) $email_field = _IEFormElementGetObjByName($login_form, $form_UserName) $pass_field = _IEFormElementGetObjByName($login_form, $form_password) $login_button = _IEFormElementGetObjByName($login_form, $form_submitbutton) _IEFormElementSetValue($email_field, $CmdLine[2]) _IEFormElementSetValue($pass_field, $CmdLine[3]) ControlSend($hwnd, "", "[CLASS:Internet Explorer_Server; INSTANCE:1]","{Enter}") OR This works fine if the form has form name. $login_form = _IEFormGetObjByName($ie, $form_Name) $email_field = _IEFormElementGetObjByName($login_form, $form_UserName) $pass_field = _IEFormElementGetObjByName($login_form, $form_password) $login_button = _IEFormElementGetObjByName($login_form, $form_submitbutton) _IEFormElementSetValue($email_field, $CmdLine[2]) _IEFormElementSetValue($pass_field, $CmdLine[3]) ControlSend($hwnd, "", "[CLASS:Internet Explorer_Server; INSTANCE:1]","{Enter}")
    • By JuanFelipe
      Hello guys!
      I have a problem with a script, in the past I made a program and it worked perfect, I recently used it again and it already stands still in one step, the problem is a Javascript event that changed but now I cannot execute it.
       
      <td colspan="2" align="center"><input type="button" id="Buscar" name="Buscar" value="Buscar" onclick="javascript:enviarForma(document.obtenercasosPersonaPorDocumento,'0');" class="boton"></td>  
      Previously I used this code and it worked, but now it does nothing
      $botonconsulta = _IEGetObjByName($oIE,"Buscar") _IEAction($botonconsulta, 'click') _IELoadWait($oIE)  
      Now I have tried the following codes but none works.
       
      ;==================== 1 _IEHeadInsertEventScript($oIE, "document", "onclick", "javascript:enviarForma(document.obtenercasosPersonaPorDocumento,'0');") ControlClick("SUPER CELAC", "", "[CLASS:Internet Explorer_Server; INSTANCE:1]") _IELoadWait($oIE) ;==================== 2 $forma = $oIE.document.obtenercasosPersonaPorDocumento $oIE.Navigate("JavaScript:enviarForma("&$forma&",""0"");") _IELoadWait($oIE) ;==================== 3 $boton = _IEGetObjById($oIE, "Buscar") $boton.document.parentwindow.execScript("enviarForma(document.obtenercasosPersonaPorDocumento,'0');", "javascript") I hope you can guide me, because I think the error is in the parameters that the javascript function receives but I don't know how to send it, here I leave the first part of the JavaScript function.
      function enviarForma(frm,tipoForma){ var bExisteDatoConsulta = false; var bError=true; var mensajeError=""; switch (tipoForma) { //--Forma documento case "0": if (validar_campo_no_vacio_no_print(frm.numeroDocumento)) { if (!isNum(frm.numeroDocumento.value)) { bError = false; mensajeError += "El número de documento debe ser un valor numérico\n"; } bExisteDatoConsulta = true; } else { mensajeError += "Debe digitar un número de documento\n"; } break;  Thanks!
×
×
  • Create New...