| Lahace |
| | Ecco un buon antivirus fatto da me e un mio amico visto il tempo libero XD fatto ancora parecchio tempo fa ma dovrebbe ancora funzionare i source li posto pochi alla volta per chè sono molti (molti ._.) la maggior parte dei crediti ad Aaly eh!! Consiglio vivamente di scaricare il pacchetto per testarlo!! xD pacchetto completo -> www.megaupload.com/?d=TOJ42QJKVirusBuster.au3 CODICE #RequireAdmin #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_icon=..\..\..\..\immagini\icone\Icon Pack\Icone (ico)\Vista QS\Qs Unreal\UTSilver.ico #AutoIt3Wrapper_Compression=4 #AutoIt3Wrapper_Res_Comment=VirusBusters #AutoIt3Wrapper_Res_Description=Remove infected file #AutoIt3Wrapper_Res_Fileversion=0.0.2.5 #AutoIt3Wrapper_Res_LegalCopyright=Jugasoftİ #AutoIt3Wrapper_Res_Language=1040 #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.0.0 Author: Aaly and Lahace
Script Function: Delete infected file.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ProgressConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3>
#include "xXx\#INC#\W\WIN_DB.vib" #include "xXx\#INC#\S\SYS_DB.vib" #include "xXx\#INC#\F\FILE_DB.vib"
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;CONTROLLA LA VERSIONE Func Versione() Local $read,$conver,$read2,$conver2 Global $versione_DB,$versione
InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/version.vrs","xXx\Versione\version.vrs") $read = FileReadLine("xXx\Versione\version.vrs",1) $conver = BinaryToString($read) $versione_DB = $conver
If $versione_DB <> "0104" Then MsgBox(0,"System","New databse version is complete.") EndIf
$read2 = FileReadLine("xXx\Versione\C\version.vrs",1) $conver2 = BinaryToString($read2) $versione = $conver2
EndFunc ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;CONFIGURA IN CASO DI AGGIORNAMENTI Func Configure() Global $label,$avanzamento
GUICtrlSetData($label,"Configurazione aggiornamenti..") ShellExecute("AG.exe") GUICtrlSetData($avanzamento,15) Sleep(1500) GUICtrlSetData($avanzamento,40) Sleep(1500) GUICtrlSetData($avanzamento,57) Sleep(2500) GUICtrlSetData($avanzamento,80) Sleep(2500) FileDelete("AG.exe") GUICtrlSetData($avanzamento,100) GUICtrlSetData($label,"Configurazione completata.") Sleep(2500) EndFunc ;____________________________________________________________________________________________________________ ;____________________________________________________________________________________________________________| ;AVVERTE SE E' NECESSARIO UN MEMORY TEST Func Memory_Test()
If FileExists("xXx\#MT#\MemoryTest.log") Then
Else MsgBox(0,"System","E' consigliata una scansione della memoria con FileController.") EndIf
EndFunc ;____________________________________________________________________________________________________________ ;____________________________________________________________________________________________________________|
If FileExists("AG.exe") Then Configure() Sleep(1000) Versione() Sleep(1000) Memory_Test() Sleep(1000)
Else Versione() Sleep(200) Memory_Test() Sleep(200)
$gui = GUICreate("VirusBuster", 652, 233, 192, 124,0x80000000) GUICtrlCreateLabel("" , 0 , 0 , 652 , 10 , 1 , 0x00100000) GUISetBkColor(0x000000) $Pic1 = GUICtrlCreatePic("xXx\to_lo\Virus-Busters.jpg", 0, 0, 212, 244, BitOR($SS_NOTIFY,$WS_GROUP,$WS_CLIPSIBLINGS))
GUICtrlCreateLabel("VirusBuster v. 2.5",550,10,100,20) GUICtrlSetFont(-1, 8, 800, 0, "Comic Sans MS") GUICtrlSetColor(-1, 0x00FF00)
$db_version = GUICtrlCreateLabel("Current virus database version: "&$versione&"", 216, 113, 652, 20) GUICtrlSetFont(-1, 8, 800, 0, "Comic Sans MS") GUICtrlSetColor(-1, 0x00FF00)
$b_sys = GUICtrlCreateButton("", 289, 8, 23, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_sys,"Ultimo system log.") GUICtrlSetImage(-1, "xXx\to_lo\128.ico", -1)
$Gruppo = GUICtrlCreateGroup(" Control ", 224, 152, 417, 73) GUICtrlSetFont(-1, 8, 800, 0, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) Global $barra = GUICtrlCreateProgress(240, 200, 390, 17) $b1 = GUICtrlCreateButton("Scan Now", 240, 176, 81, 17, $WS_GROUP) GUICtrlSetTip($b1,"Esegui la scansione del pc.") $b2 = GUICtrlCreateButton("System file scan",325,176,81,17,$WS_GROUP) GUICtrlSetTip($b2,"Scansione file di sistema.") $b3 = GUICtrlCreateButton("Aggiorna file di sistema",410,176,131,17,$WS_GROUP) GUICtrlCreateGroup("", -99, -99, 1, 1)
;BOTTONI ALTI
$b_FAQ = GUICtrlCreateButton("", 224, 8, 25, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_FAQ,"Apre le FAQ.") GUICtrlSetImage(-1, "xXx\to_lo\121.ico", -1)
$b_db_version = GUICtrlCreateButton("Downlaod final database version ", 216, 136, 169, 17, $WS_GROUP) GUICtrlSetTip($b_db_version,"Scarica la versione finale del database.") GUICtrlSetFont(-1, 7, 800, 0, "Arial")
$b_log = GUICtrlCreateButton("", 256, 8, 25, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_log,"Apre ultimo scan log.") GUICtrlSetImage(-1, "xXx\to_lo\txt.ico", -1)
$b_exit = GUICtrlCreateButton(" ", 384, 8, 25, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_exit,"Chiude il programma.") GUICtrlSetImage(-1, "xXx\to_lo\53.ico", -1)
$b_agg = GUICtrlCreateButton("", 320, 8, 25, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_agg,"Aggiorna VirusBuster.") GUICtrlSetImage(-1, "xXx\to_lo\Engrenage.ico", -1)
$b_file = GUICtrlCreateButton("", 352, 8, 25, 25, BitOR($BS_ICON,$WS_GROUP)) GUICtrlSetTip($b_file,"Esegui il test della memoria.") GUICtrlSetImage(-1, "xXx\to_lo\mydoc.ico", -1)
$Label = GUICtrlCreateLabel("Benvenuti in VirusBlaster, questo programma consente la rimozione di virus,"&@CRLF&"spyware,malware o altro che l'antivirus del computer non"&@CRLF&"è riuscito a togliere."&@CRLF&@CRLF&"Premete il bottone FAQ per saperne di più", 224, 40, 413, 69) GUICtrlSetFont(-1, 8, 400, 2, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) GUISetState(@SW_SHOW)
While 1 $nMsg = GUIGetMsg() Switch $nMsg
Case $b_exit ;SE PREMI EXIT Exit
Case $b_log ;SE PREMI LOG If FileExists("log\log.LOG") Then ShellExecute("log\log.LOG") Else MsgBox(0,"System","Il file log.LOG non esiste.") EndIf
Case $b_FAQ ;SE PREMI FAQ ShellExecute("TEXT\FAQ.txt")
Case $b_sys ;SE VUOI CERCARE NEL SISTEMA If FileExists("log\sys.LOG") Then ShellExecute("log\sys.LOG") Else MsgBox(0,"System","Il file sys.LOG non esiste.") EndIf
Case $b_db_version ;SE AGGIORNIAMO GLI ARCHIVI GUICtrlSetData($barra,10) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/F/FILE_DB.vib","xXx\#INC#\F\FILE_DB.vib") GUICtrlSetData($barra,20) Sleep(1000) GUICtrlSetData($barra,30) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/version.vrs","xXx\Versione\C\version.vrs") Sleep(1000) GUICtrlSetData($barra,42) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/version_P.vrs","xXx\Versione\C\version_P.vrs") Sleep(1000) GUICtrlSetData($barra,60) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/S/SYS_DB.vib","xXx\#INC#\S\SYS_DB.vib") Sleep(600) GUICtrlSetData($barra,70) Sleep(500) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_FAKE_ANT.vib","xXx\#INC#\W\WIN_DB_FAKE_ANT.vib") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_MSN_FAKE.vib","xXx\#INC#\W\WIN_DB_MSN_FAKE.vib") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB.vib","xXx\#INC#\W\WIN_DB.vib") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_SISTEMA.vib","xXx\#INC#\W\WIN_DB_SISTEMA.vib") GUICtrlSetData($barra,100) Sleep(700) MsgBox(0,"System - Aggiornamento","Aggiornamento completato.") GUICtrlSetData($barra,0)
Case $b_file ShellExecute("FileController.exe")
Case $b1 ;SE PREMIAMO SCAN NOW Inizio()
Case $b2 ;SE PREMIAMO SYSTEM FILE SCAN Inizio_sys()
Case $b3 ;SE PREMIAMO AHHIORNAMENTO SISTEMA Aggiornamento_Sistema()
Case $b_agg ShellExecute("Aggiornami.exe")
EndSwitch WEnd EndIf aggiornami.au3 CODICE #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_icon=..\cxp 3D v2 .ico #AutoIt3Wrapper_Res_Comment=Aggiorna il programma #AutoIt3Wrapper_Res_Description=Aggiorna il programma #AutoIt3Wrapper_Res_Fileversion=0.0.1.4 #AutoIt3Wrapper_Res_Fileversion_AutoIncrement=y #AutoIt3Wrapper_Res_Language=1040 #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.0.0 Author: Aaly
Script Function: Watch youtube video's on High Quality.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <GUIConstantsEx.au3> #include <AVIConstants.au3> #include <TreeViewConstants.au3> #include <File.au3>
$asd = GUICreate("Aggiornamento",230, 60) GUISetFont(10, 800, 2, "Comic Sans MS") GUISetBkColor(0x000000) $label2 = GUICtrlCreateInput("",10,35,210,18) GUICtrlSetState($label2,128) GUICtrlSetFont(-1, 7, 800, 2, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) GUICtrlSetBkColor(-1, 0x000000) $avanzamento = GUICtrlCreateProgress(10,10,210,20)
GUISetState(@SW_SHOW)
$read = FileReadLine("xXx\Versione\C\version_P.vrs",1) $conver = BinaryToString($read) $versione = $conver
If $versione = "0.0.2.5" Then MsgBox(0,"System","Possiedi già l'ultima versione del programma.") Exit
ElseIf $versione <> "0.0.2.5" Then #RequireAdmin GUICtrlSetData($label2,"Individuazione pacchetti..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500) GUICtrlSetData($label2,"Scaricamento di VB.exe in corso..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/VB.exe","VB.exe") GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500) GUICtrlSetData($label2,"Scaricamento di VB.exe completato.")
Sleep(2500)
GUICtrlSetData($label2,"Scaricamento di AG.exe in corso..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/AG.exe","AG.exe") GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500) GUICtrlSetData($label2,"Scaricamento di AG.exe completato.")
Sleep(2500)
GUICtrlSetData($label2,"Scaricamento di FC.exe in corso..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/FC.exe","FC.exe") GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500) GUICtrlSetData($label2,"Scaricamento di FC.exe completato.")
Sleep(2500)
GUICtrlSetData($label2,"Per procedere VirusBuster verrà chiuso.") ProcessClose("VirusBuster.exe") Sleep(2500) GUICtrlSetData($label2,"Inizio aggiornamento del file..") GUICtrlSetData($avanzamento,10) Sleep(700) GUICtrlSetData($avanzamento,20) Sleep(700) ShellExecute("VB.exe") ;INIZIA AD AGGIORNARE GUICtrlSetData($avanzamento,30) Sleep(700) GUICtrlSetData($avanzamento,40) ShellExecute("FC.exe") ;INIZIA AD AGGIORNARE Sleep(700) GUICtrlSetData($avanzamento,50) Sleep(700) GUICtrlSetData($avanzamento,80) Sleep(700) GUICtrlSetData($avanzamento,100) Sleep(2500) GUICtrlSetData($label2,"Aggiornamento completato.") Sleep(2500) GUICtrlSetData($label2,"Eliminazione degli archivi utilizzati in corso..") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/info.txt","TEXT\info.txt") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/FAQ.txt","TEXT\FAQ.txt") GUICtrlSetData($avanzamento,10) Sleep(700) GUICtrlSetData($avanzamento,20) Sleep(700) FileDelete("VB.exe") ;CANCELLA L'ARCHIVIO FileDelete("FC.exe") ;CANCELLA L'ARCHIVIO GUICtrlSetData($avanzamento,30) Sleep(700) GUICtrlSetData($avanzamento,40) Sleep(700) GUICtrlSetData($avanzamento,50) Sleep(700) GUICtrlSetData($avanzamento,80) Sleep(700) GUICtrlSetData($avanzamento,100) Sleep(2500) GUICtrlSetData($label2,"Rimozione completata.") Sleep(2500) GUICtrlSetData($label2,"Il programma verrà chiuso.") Sleep(2500) Exit
EndIf
While 1 $nMsg = GUIGetMsg() Switch $nMsg
Case $GUI_EVENT_CLOSE ;SE CHIUDI Exit
EndSwitch WEnd FileController.au3 CODICE #Region ;**** Directives created by AutoIt3Wrapper_GUI **** #AutoIt3Wrapper_icon=..\..\..\..\immagini\icone\Icon Pack\Icone (ico)\mydoc.ico #AutoIt3Wrapper_Res_Comment=Control Folder File #AutoIt3Wrapper_Res_Description=Control Folder File #AutoIt3Wrapper_Res_Fileversion=0.0.2.9 #AutoIt3Wrapper_Res_Fileversion_AutoIncrement=y #AutoIt3Wrapper_Res_LegalCopyright=Jugasoft #AutoIt3Wrapper_Res_Language=1040 #EndRegion ;**** Directives created by AutoIt3Wrapper_GUI **** #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.0.0 Author: Aaly
Script Function: Verify configuration file exist.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #include <GUIConstantsEx.au3> #include <AVIConstants.au3> #include <TreeViewConstants.au3> #include <File.au3>
#RequireAdmin
If FileExists("log\File.LOG") Then FileDelete("log\File.LOG") EndIf
FileWrite("xXx\#MT#\MemoryTest.log","")
Global $asd = GUICreate("Memory Test",230, 60) GUISetFont(10, 800, 2, "Comic Sans MS") GUISetBkColor(0x000000) Global $label = GUICtrlCreateInput("",10,35,210,18) GUICtrlSetState($label,128) GUICtrlSetFont(-1, 7, 800, 2, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) GUICtrlSetBkColor(-1, 0x000000) Global $avanzamento = GUICtrlCreateProgress(10,10,210,20)
GUISetState(@SW_SHOW)
GUICtrlSetData($label,"Caricamento memoria..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500) GUICtrlSetData($label,"Verifica dei file in corso..")
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;___________________VERIFICA DEGLI ARCHIVI___________________ ;____________________________________________________________
;ARCHIVIO DEI FILE DI SISTEMA If FileExists("xXx\#INC#\F\FILE_DB.vib") Then FileWrite("log\File.LOG","xXx\#INC#\F\FILE_DB.vib -Presente"&@CRLF&"")
;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\F\FILE_DB.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\F\FILE_DB.vib -Scaricato"&@CRLF&"") GUICtrlSetData($avanzamento,25) Sleep(500) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/F/FILE_DB.vib","xXx\#INC#\F\FILE_DB.vib") GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(2500)
EndIf ;_______________________________________________________ ;ARCHIVIO SCANSIONE DI SISTEMA If FileExists("xXx\#INC#\S\SYS_DB.vib") Then FileWrite("log\File.LOG","xXx\#INC#\S\SYS_DB.vib -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\S\SYS_DB.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\S\SYS_DB.vib -Scaricato"&@CRLF&"") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/S/SYS_DB.vib","xXx\#INC#\S\SYS_DB.vib") Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;____ARCHIVI VIRUS/SPYWARE/WORM/TROJAN/ ... ______ ;_________________________________________________ ;1________________________________________________ If FileExists("xXx\#INC#\W\WIN_DB.vib") Then FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB.vib -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\W\WIN_DB.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB.vib -Scaricato"&@CRLF&"") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB.vib","xXx\#INC#\W\WIN_DB.vib") Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;2________________________________________________ If FileExists("xXx\#INC#\W\WIN_DB_FAKE_ANT.vib") Then FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_FAKE_ANT.vib -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\W\WIN_DB_FAKE_ANT.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_FAKE_ANT.vib -Scaricato"&@CRLF&"") GUICtrlSetData($avanzamento,25) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_FAKE_ANT.vib","xXx\#INC#\W\WIN_DB_FAKE_ANT.vib") Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;3________________________________________________ If FileExists("xXx\#INC#\W\WIN_DB_MSN_FAKE.vib") Then FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_MSN_FAKE.vib -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\W\WIN_DB_MSN_FAKE.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_MSN_FAKE.vib -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_MSN_FAKE.vib","xXx\#INC#\W\WIN_DB_MSN_FAKE.vib") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;4________________________________________________ If FileExists("xXx\#INC#\W\WIN_DB_SISTEMA.vib") Then FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_SISTEMA.vib -Presente"&@CRLF&"")
;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\#INC#\W\WIN_DB_SISTEMA.vib - mancante") FileWrite("log\File.LOG","xXx\#INC#\W\WIN_DB_SISTEMA.vib -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/W/WIN_DB_SISTEMA.vib","xXx\#INC#\W\WIN_DB_SISTEMA.vib") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;FINE ARCHIVI______________________________________________________________________________ ;__________________________________________________________________________________________
GUICtrlSetData($label,"Archivi di memoria presenti.") Sleep(2500) GUICtrlSetData($label,"Verifica elementi grafici..")
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;ELEMENTI GRAFICI__________________________________________________________________________ ;__________________________________________________________________________________________
If FileExists("xXx\to_lo\53.ico") Then FileWrite("log\File.LOG","xXx\to_lo\53.ico -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\53.ico - mancante") FileWrite("log\File.LOG","xXx\to_lo\53.ico -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/53.ico","xXx\to_lo\53.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\121.ico") Then FileWrite("log\File.LOG","xXx\to_lo\121.ico -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\121.ico - mancante") FileWrite("log\File.LOG","xXx\to_lo\121.ico -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/121.ico","xXx\to_lo\121.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\128.ico") Then FileWrite("log\File.LOG","xXx\to_lo\128.ico -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\128.ico - mancante") FileWrite("log\File.LOG","xXx\to_lo\128.ico -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/128.ico","xXx\to_lo\128.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\txt.ico") Then FileWrite("log\File.LOG","xXx\to_lo\txt.ico -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\txt.ico - mancante") FileWrite("log\File.LOG","xXx\to_lo\txt.ico -Presente"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/txt.ico","xXx\to_lo\txt.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\Engrenage.ico") Then FileWrite("log\File.LOG","xXx\to_lo\Engrenage.ico -Presente"&@CRLF&"") ;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\Engrenage.ico - mancante") FileWrite("log\File.LOG","xXx\to_lo\Engrenage.ico -Scaricato"&@CRLF&"")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/Engrenage.ico","xXx\to_lo\Engrenage.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\Virus-Busters.jpg") Then FileWrite("log\File.LOG","xXx\to_lo\Virus-Busters.jpg -Presente"&@CRLF&"")
;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\Virus-Busters.jpg - mancante"&@CRLF&"") FileWrite("log\File.LOG","xXx\to_lo\Virus-Busters.jpg -Scaricato")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/Virus-Busters.jpg","xXx\to_lo\Virus-Busters.jpg") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf ;_______________________________________________________ If FileExists("xXx\to_lo\mydoc.ico") Then FileWrite("log\File.LOG","xXx\to_lo\mydoc.ico -Presente"&@CRLF&"")
;niente GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) Sleep(500) Else GUICtrlSetData($label,"xXx\to_lo\Virus-Busters.jpg - mancante"&@CRLF&"") FileWrite("log\File.LOG","xXx\to_lo\mydoc.ico -Scaricato")
GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/file/xXx/to_lo/mydoc.ico","xXx\to_lo\mydoc.ico") Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0)
EndIf
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;FINE ELEMENTI GRAFICI_____________________________________________________________________ ;__________________________________________________________________________________________
FileWriteLine("xXx\#MT#\MemoryTest.log","ScanLog Completato") MsgBox(0,"System","Il controllo dei file è stato concluso con successo.")
If ProcessExists("VirusBuster.exe") Then ProcessClose("VirusBuster.exe") EndIf
ShellExecute("VirusBuster.exe") ShellExecute("log\File.LOG") Exit
While 1 $nMsg = GUIGetMsg() Switch $nMsg
Case $GUI_EVENT_CLOSE ;SE CHIUDI Exit
EndSwitch WEnd primo virus che rimuove FILE_DB.au3 CODICE #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.0.0 Author: myName
Script Function: Template AutoIt script.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ProgressConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <AVIConstants.au3> #include <TreeViewConstants.au3> #include <File.au3>
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;INIZIA A CONTROLLARE
Func Aggiornamento_Sistema() Local $gui,$label,$procedi,$fermo,$avanzamento,$nMsg
$gui = GUICreate("Aggiornamento Sistema", 300, 195) GUICtrlSetFont(-1, 8, 400, 0, "Comic Sans MS") GUISetBkColor(0x000000) $label = GUICtrlCreateLabel("Questa funzione permette di aggiornare i"&@CRLF&"file di sistema."&@CRLF&"Il processo non sostituirà i file già presenti"&@CRLF&"ma aggiungerà quelli mancanti."&@CRLF&"Finito questo, il programma passerà"&@CRLF&"alla disattivazione e successivamente la"&@CRLF&"riattivazione di tutti gli elementi."&@CRLF&"Si vuole procedere?",0,0,300,110,0x0001) GUICtrlSetFont(-1, 8, 400, 0, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) GUICtrlSetBkColor(-1, 0x000000)
$procedi = GUICtrlCreateButton("Si, procedi.",50,120,80,20) $fermo = GUICtrlCreateButton("No, termina qui.",170,120,80,20)
$avanzamento = GUICtrlCreateProgress(10,150,280,20) $label2 = GUICtrlCreateInput("",10,173,280,18) GUICtrlSetState($label2,128) GUICtrlSetFont(-1, 7, 800, 2, "Comic Sans MS") GUICtrlSetColor(-1, 0xFFFFFF) GUICtrlSetBkColor(-1, 0x000000)
GUISetState(@SW_SHOW)
While 1 $nMsg = GUIGetMsg()
Switch $nMsg Case $GUI_EVENT_CLOSE Exit
Case $procedi #RequireAdmin GUICtrlSetData($label2,"Individuazione pacchetti..") GUICtrlSetData($avanzamento,25) Sleep(500) GUICtrlSetData($avanzamento,50) Sleep(500) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($label2,"Scaricamento sys.exe in corso..")
InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/sys.exe","sys.exe") GUICtrlSetData($avanzamento,15) Sleep(1100) GUICtrlSetData($avanzamento,30) Sleep(1000) GUICtrlSetData($avanzamento,67) Sleep(500) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($label2,"Scaricamento sys.exe completato.")
Sleep(2500)
GUICtrlSetData($label2,"Scaricamento Active_System.bat in corso..") InetGet("ftp://myprogramming:**@ftp.myprogramming.altervista.org/VirusBlasters/Active_System.bat","Active_System.bat") GUICtrlSetData($avanzamento,25) Sleep(900) GUICtrlSetData($avanzamento,50) Sleep(800) GUICtrlSetData($avanzamento,67) Sleep(900) GUICtrlSetData($avanzamento,100) Sleep(700) GUICtrlSetData($avanzamento,0) GUICtrlSetData($label2,"Scaricamento Active_System.bat completato.")
Sleep(2500)
GUICtrlSetData($label2,"Inizio estrazione file in C:\Windows\System32..") ShellExecute("sys.exe") GUICtrlSetData($avanzamento,100) Sleep(100) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) Sleep(100) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(500) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0) GUICtrlSetData($avanzamento,100) Sleep(200) GUICtrlSetData($avanzamento,0)
GUICtrlSetData($label2,"Avvio del file Active_System.bat in corso..") Sleep(5000) GUICtrlSetData($label2,"Non muovere il mouse o premere tasti durante questa fase..") ShellExecute("Active_System.bat") Sleep(5000) GUICtrlSetData($avanzamento,25) Sleep(900) GUICtrlSetData($avanzamento,50) Sleep(800) GUICtrlSetData($avanzamento,67) Sleep(900) GUICtrlSetData($avanzamento,100) Sleep(700) GUICtrlSetData($avanzamento,0)
GUICtrlSetData($label2,"Aggiornamento di sistema completato.") Sleep(2000) GUICtrlSetData($label2,"Rimozione degli archivi utilizzati..") FileDelete("sys.exe") ;CANCELLA sys.exe GUICtrlSetData($avanzamento,25) Sleep(900) GUICtrlSetData($avanzamento,50) Sleep(800) GUICtrlSetData($avanzamento,67) FileDelete("Active_System.bat") ;CANCELLA Active_System.bat Sleep(900) GUICtrlSetData($avanzamento,100) Sleep(700) GUICtrlSetData($avanzamento,0)
GUICtrlSetData($label2,"Rimozione completata.") Sleep(2500) GUICtrlSetData($label2,"Il programma verrà chiuso.") Sleep(2500) Exit
Case $fermo GUICtrlSetData($label2,"Il programma verrà chiuso.") Sleep(2500)
EndSwitch WEnd EndFunc secondo virus SYS_DB.au3 CODICE #cs ----------------------------------------------------------------------------
AutoIt Version: 3.3.0.0 Author: myName
Script Function: Template AutoIt script.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ProgressConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <AVIConstants.au3> #include <TreeViewConstants.au3> #include <File.au3>
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;CONTROLLA SE ESISTONO FILE .LOG E LI CANCELLA Func Inizio_sys()
If FileExists("log\sys.LOG") Then FileDelete("log\sys.LOG") Scan_sys() Else Scan_sys()
EndIf EndFunc ;____________________________________________________________________________________________________________ ;____________________________________________________________________________________________________________| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;INIZIA A CONTROLLARE Func Scan_sys()
GUICtrlSetData($barra,10) GUICtrlSetData($barra,15) Sleep(1000) GUICtrlSetData($barra,50) Sleep(1000) GUICtrlSetData($barra,70) Sleep(500) GUICtrlSetData($barra,100) Sleep(700)
FileWrite("sys.LOG","Inizio scansione file di sistema ore:"&@HOUR&"."&@MIN&"."&@SEC&@CRLF&@CRLF&"") FileWrite("sys.LOG","[SISTEMA]"&@CRLF&"") ; SISTEMA ___________________________________________________________ ;______________________________________________________________________________________________________________ If FileExists("C:\Windows\System32\actskin4.ocx") Then FileWrite("sys.LOG","FILE1 > actskin4.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE1 > actskin4.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\Cnfgprts.ocx") Then FileWrite("sys.LOG","FILE2 > Cnfgprts.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE2 > Cnfgprts.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\COMCTL32.OCX") Then FileWrite("sys.LOG","FILE3 > COMCTL32.OCX >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE3 > COMCTL32.OCX >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\dmview.ocx") Then FileWrite("sys.LOG","FILE4 > dmview.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE4 > dmview.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\hhctrl.ocx") Then FileWrite("sys.LOG","FILE5 > hhctrl.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE5 > hhctrl.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\logui.ocx") Then FileWrite("sys.LOG","FILE6 > logui.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE6 > logui.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msdxm.ocx") Then FileWrite("sys.LOG","FILE7 > msdxm.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE7 > msdxm.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msscript.ocx") Then FileWrite("sys.LOG","FILE8 > msscript.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE8 > msscript.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\MSWINSCK.OCX") Then FileWrite("sys.LOG","FILE9 > MSWINSCK.OCX >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE9 > MSWINSCK.OCX >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\sysmon.ocx") Then FileWrite("sys.LOG","FILE10 > sysmon.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE10 > sysmon.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\tdc.ocx") Then FileWrite("sys.LOG","FILE11 > tdc.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE11 > tdc.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\wshom.ocx") Then FileWrite("sys.LOG","FILE12 > wshom.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE12 > wshom.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msflxgrd.ocx") Then FileWrite("sys.LOG","FILE13 > msflxgrd.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE13 > msflxgrd.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\comdlg32.ocx") Then FileWrite("sys.LOG","FILE14 > comdlg32.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE14 > comdlg32.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msinet.ocx") Then FileWrite("sys.LOG","FILE15 > msinet.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE15 > msinet.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\mswinsck.ocx") Then FileWrite("sys.LOG","FILE16 > mswinsck.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE16 > mswinsck.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\mscomctl.ocx") Then FileWrite("sys.LOG","FILE17 > mscomctl.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE17 > mscomctl.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msdatlst.ocx") Then FileWrite("sys.LOG","FILE18 > msdatlst.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE18 > msdatlst.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msflxgrd.ocx") Then FileWrite("sys.LOG","FILE19 > msflxgrd.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE19 > msflxgrd.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msmask32.ocx") Then FileWrite("sys.LOG","FILE20 > msmask32.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE20 > msmask32.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\tabctl32.ocx") Then FileWrite("sys.LOG","FILE21 > tabctl32.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE21 > tabctl32.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\mscomm32.ocx") Then FileWrite("sys.LOG","FILE22 > mscomm32.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE22 > mscomm32.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msdatgrd.ocx") Then FileWrite("sys.LOG","FILE23 > msdatgrd.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE23 > msdatgrd.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\mscomct2.ocx") Then FileWrite("sys.LOG","FILE24 > mscomct2.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE24 > mscomct2.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\mshflxgd.ocx") Then FileWrite("sys.LOG","FILE25 > mshflxgd.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE25 > mshflxgd.ocx >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msadodc.ocx") Then FileWrite("sys.LOG","FILE26 > msadodc.ocx >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE26 > msadodc.ocx >MANCANTE"&@CRLF&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------
FileWrite("sys.LOG","[LIBRERIE]"&@CRLF&"") ; LIBRERIE ___________________________________________________________ ;________________________________________________________________________________________________________________ If FileExists("C:\Windows\System32\msderun.dll") Then FileWrite("sys.LOG","FILE1 > msderun.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE1 > msderun.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msbind.dll") Then FileWrite("sys.LOG","FILE2 > msbind.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE2 > msbind.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msdbrptr.dll") Then FileWrite("sys.LOG","FILE3 > msdbrptr.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE3 > msdbrptr.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msvbvm60.dll") Then FileWrite("sys.LOG","FILE4 > msvbvm60.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE4 > msvbvm60.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\olepro32.dll") Then FileWrite("sys.LOG","FILE5 > olepro32.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE5 > olepro32.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\comcat.dll") Then FileWrite("sys.LOG","FILE6 > comcat.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE6 > comcat.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------ If FileExists("C:\Windows\System32\msstdfmt.dll") Then FileWrite("sys.LOG","FILE7 > msstdfmt.dll >PRESENTE"&@CRLF&"") Else FileWrite("sys.LOG","FILE7 > msstdfmt.dll >MANCANTE"&@CRLF&"") EndIf ;------------------------------------------------------------------------------------------------
FileWrite("sys.LOG","Scansione finita alle:"&@HOUR&"."&@MIN&"."&@SEC&@CRLF&@CRLF&"")
MsgBox(0,"System","Completato.") MsgBox(0,"System","In presenza di uno o più file mancanti e consigliato utilizzare l'aggiornamento di sistema.") ShellExecute("sys.LOG") GUICtrlSetData($barra,0) EndFunc 3° virus WIN_DB.au3 CODICE #cs ----------------------------------------------------------------------------
WIN_DB version 0060 Author: Aaly
Script Function: Remove virus and infected file.
#ce ----------------------------------------------------------------------------
; Script Start - Add your code below here
#include <ButtonConstants.au3> #include <GUIConstantsEx.au3> #include <ProgressConstants.au3> #include <StaticConstants.au3> #include <WindowsConstants.au3> #include <AVIConstants.au3> #include <TreeViewConstants.au3> #include <File.au3>
#include "WIN_DB_SISTEMA.vib" #include "WIN_DB_FAKE_ANT.vib" #include "WIN_DB_MSN_FAKE.vib"
;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;CONTROLLA SE ESISTONO FILE .LOG E LI CANCELLA Func Inizio()
If FileExists("log.LOG") Then FileDelete("log.LOG") Scan() Else Scan()
EndIf EndFunc ;____________________________________________________________________________________________________________ ;____________________________________________________________________________________________________________| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ| ;ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ ;INIZIA A CONTROLLARE Func Scan() Global $barra
FileWrite("log.LOG","Inizio scansione ore:"&@HOUR&"."&@MIN&"."&@SEC&@CRLF&@CRLF&"")
GUICtrlSetData($barra,10) GUICtrlSetData($barra,20) Sleep(1000) WIN_DB_SISTEMA() GUICtrlSetData($barra,60) Sleep(1000) WIN_DB_FAKE_ANT() GUICtrlSetData($barra,70) Sleep(500) WIN_DB_MSN_FAKE() GUICtrlSetData($barra,100) Sleep(1000)
MsgBox(0,"System","Creazione del file .LOG completata.") ShellExecute("log.LOG") GUICtrlSetData($barra,0)
EndFunc 5° virus WIN_DB_FAKE_ANT.au3 CODICE #cs ----------------------------------------------------------------------------
WIN_DB version 0060 Author: Aaly
Script Function: Remove virus and infected file.
#ce ----------------------------------------------------------------------------
Func WIN_DB_FAKE_ANT() FileWrite("log.LOG",""&@CRLF&"[FAKE ANTIVIRUS]"&@CRLF&"") ; FINTI ANTIVIRUS_________________________________________________________________________ ;___________________________________________________________________________________________________________________________________________________ ;VirusRemover 2008
If ProcessExists("VirusRemover2008.exe") Then ProcessClose("VirusRemover2008.exe")
FileWrite("log.LOG","SCAN1 > VirusRemover2008.exe è stato trovato nel pc. Si passerà quindi alla rimozione."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\VirusRemover2008 -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\VirusRemover2008 -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\VirusRemover2008 -> DELETE."&@CRLF&"")
RegDelete("HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\VirusRemover2008 -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\VirusRemover2008 -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\VirusRemover2008") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\VirusRemover2008 -> DELETE."&@CRLF&"")
If FileExists("C:\Users\"&@UserName&"\Desktop\Viruses.bdt") Then FileDelete("C:\Users\"&@UserName&"\Desktop\Viruses.bdt") FileWrite("log.LOG","C:\Users\"&@UserName&"\Desktop\Viruses.bdt -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\"&@UserName&"\Desktop\VirusRemover2008.lnk") Then FileDelete("C:\Users\"&@UserName&"\Desktop\VirusRemover2008.lnk") FileWrite("log.LOG","C:\Users\"&@UserName&"\Desktop\VirusRemover2008.lnk -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("c:\Program Files\VirusRemover2008\VRM2008.exe") Then FileDelete("c:\Program Files\VirusRemover2008\VRM2008.exe") FileWrite("log.LOG","c:\Program Files\VirusRemover2008\VRM2008.exe -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("c:\Program Files\VirusRemover2008\Viruses.bdt") Then FileDelete("c:\Program Files\VirusRemover2008\Viruses.bdt") DirRemove("c:\Program Files\VirusRemover2008") FileWrite("log.LOG","c:\Program Files\VirusRemover2008\Viruses.bdt -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008") Then FileDelete("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008") FileWrite("log.LOG","C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008 -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008") Then FileDelete("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008") FileWrite("log.LOG","C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008 -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk") Then FileDelete("C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite") Then FileDelete("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf If FileExists("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite") Then FileDelete("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf FileWrite("log.LOG","Fake Virus: VirusRemover2008 Eliminato con successo."&@CRLF&"") FileWrite("log.LOG","E' consigliato disinstallare le ultime folder:"&@CRLF&"") FileWrite("log.LOG","Start > Impostazioni > Pannello di controllo > Aggiungi/rimuovi programmi: VirusRemover2008"&@CRLF&"") Else FileWrite("log.LOG","SCAN1 > Fake Virus: VirusRemover2008 -> Non presente.."&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ ;VirusRemover 2009 If ProcessExists("VirusRemover.exe") Then ProcessClose("VirusRemover.exe") ProcessClose("ExtSecurityCenter.exe")
FileWrite("log.LOG","SCAN2 > VirusRemover2009.exe è stato trovato nel pc. Si passerà quindi alla rimozione."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\Software\{5222008A-DD62-49c7-A735-7BD18ECC7350}") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\Software\{5222008A-DD62-49c7-A735-7BD18ECC7350} -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\Software\ExtSecurityCenter") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\Software\ExtSecurityCenter -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\Software\ExtSecurityCenter\WebMonNotifier") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\Software\ExtSecurityCenter\WebMonNotifier -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PropSummary") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PropSummary -> DELETE."&@CRLF&"") RegDelete("HKEY_CURRENT_USER\Software\VirusRemover2009") FileWrite("log.LOG","REMOVE REG KEY > HKEY_CURRENT_USER\Software\VirusRemover2009 -> DELETE."&@CRLF&"")
RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\{5222008A-DD62-49c7-A735-7BD18ECC7350}") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\{5222008A-DD62-49c7-A735-7BD18ECC7350} -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2009") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusRemover2009 -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2009") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\VirusRemover2009 -> DELETE."&@CRLF&"") RegDelete('HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "3P_UVSM 1.0.5.0"') FileWrite("log.LOG",'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "3P_UVSM 1.0.5.0" -> DELETE.'&@CRLF&'') RegDelete('HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "VirusRemover2009"') FileWrite("log.LOG",'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "VirusRemover2009" -> DELETE.'&@CRLF&'')
DirRemove("c:\Programmi\VirusRemover2009") FileWrite("log.LOG","c:\Programmi\VirusRemover2009 -> Folder removed -> DELETE"&@CRLF&"") DirRemove("c:\Program Files\VirusRemover2009") FileWrite("log.LOG","c:\Program Files\VirusRemover2009 -> Folder removed -> DELETE"&@CRLF&"")
If FileExists("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite") Then FileDelete("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\kj6it60e.default\cookies.sqlite -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf If FileExists("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite") Then FileDelete("C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\s1jqw0bz.default\cookies.sqlite -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\"&@UserName&"\Desktop\Viruses.bdt") Then FileDelete("C:\Users\"&@UserName&"\Desktop\Viruses.bdt") FileWrite("log.LOG","C:\Users\"&@UserName&"\Desktop\Viruses.bdt -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\"&@UserName&"\Desktop\VirusRemover2009.lnk") Then FileDelete("C:\Users\"&@UserName&"\Desktop\VirusRemover2009.lnk") FileWrite("log.LOG","C:\Users\"&@UserName&"\Desktop\VirusRemover2008.lnk -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2009") Then FileDelete("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2009") FileWrite("log.LOG","C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008 -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2009") Then FileDelete("C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2009") FileWrite("log.LOG","C:\users\pc\appdata\roaming\microsoft\windows\start menu\Programs\VirusRemover2008 -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2009.lnk") Then FileDelete("C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2009.lnk") FileWrite("log.LOG","C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirusRemover2009.lnk -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf FileWrite("log.LOG","Fake Virus: VirusRemover2009 Eliminato con successo."&@CRLF&"") FileWrite("log.LOG","E' consigliato disinstallare le ultime folder:"&@CRLF&"") FileWrite("log.LOG","Start > Impostazioni > Pannello di controllo > Aggiungi/rimuovi programmi: VirusRemover2009"&@CRLF&"") Else FileWrite("log.LOG","SCAN2 > Fake Virus: VirusRemover2009 -> Non presente."&@CRLF&"") EndIf
;___________________________________________________________________________________________________________________________________________________ ;Personal Antivirus If ProcessExists("iv.exe") Then ProcessClose("iv.exe")
FileWrite("log.LOG","SCAN3 > Personal Antivirus.exe è stato trovato nel pc. Si passerà quindi alla rimozione."&@CRLF&"")
RegDelete("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1 -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE -> DELETE."&@CRLF&"") RegDelete("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine") FileWrite("log.LOG","REMOVE REG KEY > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine -> DELETE."&@CRLF&"")
RegDelete("HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer PrS") FileWrite('log.LOG','REMOVE REG KEY > HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PrS" -> DELETE.'&@CRLF&'') RegDelete('HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus"') FileWrite('log.LOG','REMOVE REG KEY > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Personal Antivirus" -> DELETE.'&@CRLF&'')
If FileExists("C:\users\"&@UserName&"\appdata\Personal Antivirus") Then DirRemove("C:\users\"&@UserName&"\appdata\Personal Antivirus") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\log.txt") Then FileDelete("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\log.txt") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\log.txt -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\pguard.ini") Then FileDelete("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\pguard.ini") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\pguard.ini -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\services.exe") Then FileDelete("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\services.exe") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\services.exe -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\pc\appdata\roaming\microsoft\Internet Explorer\iv.exe") Then FileDelete("C:\users\pc\appdata\roaming\microsoft\Internet Explorer\iv.exe") FileWrite("log.LOG","C:\users\pc\appdata\roaming\microsoft\Internet Explorer\iv.exe -> A variant of Win32/FakeAntivirus -> DELETE"&@CRLF&"") EndIf
If FileExists("C:\Programmi\Personal Antivirus") Then DirRemove("C:\Programmi\Personal Antivirus") FileWrite("log.LOG","C:\Programmi\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\Program Files\Personal Antivirus") Then DirRemove("C:\Program Files\Personal Antivirus") FileWrite("log.LOG","C:\Program Files\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\Documents\Personal Antivirus") Then DirRemove("C:\users\"&@UserName&"\Documents\Personal Antivirus") FileWrite("log.LOG","C:\users\"&@UserName&"\Documents\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus") Then DirRemove("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus") Then DirRemove("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk") Then FileDelete("C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk") FileWrite("log.LOG","C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk") Then FileDelete("C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk") FileWrite("log.LOG","C:\users\"&@UserName&"\Desktop\Personal Antivirus.lnk -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus.lnk") Then DirRemove("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus.lnk") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Programs\Personal Antivirus.lnk -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf
If FileExists("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus.lnk") Then DirRemove("C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus.lnk") FileWrite("log.LOG","C:\users\"&@UserName&"\appdata\roaming\microsoft\Windows\Start Menu\Personal Antivirus.lnk -> A variant of Win32/FakeAntivirus -> FOLDER DELETE"&@CRLF&"") EndIf FileWrite("log.LOG","Fake Virus: Personal Antivirus Eliminato con successo."&@CRLF&"") FileWrite("log.LOG","E' consigliato disinstallare le ultime folder:"&@CRLF&"") FileWrite("log.LOG","Start > Impostazioni > Pannello di controllo > Aggiungi/rimuovi programmi: Personal Antivirus"&@CRLF&"") Else FileWrite("log.LOG","SCAN3 > Fake Virus: Personal Antivirus -> Non presente."&@CRLF&"") EndIf
EndFunc 6°virus WIN_DB_MSN_FAKE.au3 CODICE #cs ----------------------------------------------------------------------------
WIN_DB version 0060 Author: Aaly
Script Function: Remove virus and infected file.
#ce ----------------------------------------------------------------------------
Func WIN_DB_MSN_FAKE()
FileWrite("log.LOG",""&@CRLF&"[MSN SPYWARE]"&@CRLF&"") ; MSN SPYWARE________________________________________________________________________________ ;___________________________________________________________________________________________________________________________________________________ ;VIRUS MSN Ruba la password If FileExists("C:\Users\"&@UserName&"\"&@UserName&".exe") Then FileWrite("log.LOG","SCAN1 > C:\Users\"&@UserName&"\"&@UserName&".exe -> A variant of Win32/Wigon.KT trojan -> DELETE"&@CRLF&"") FileDelete("C:\Users\"&@UserName&"\"&@UserName&".exe") Else FileWrite("log.LOG","SCAN1 > Clean"&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ ;VIRUS MSN Smoky.exe If FileExists("C:\Users\"&@UserName&"\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FQBMR65\smoky.exe") Then FileWrite("log.LOG","SCAN2 > C:\Users\"&@UserName&"\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FQBMR65\smoky.exe -> IRC/SdBot trojan -> DELETE"&@CRLF&"") FileDelete("C:\Users\"&@UserName&"\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7FQBMR65\smoky.exe") Else FileWrite("log.LOG","SCAN2 > Clean"&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ ;VIRUS MSN inshtallf.exe If FileExists("c:\windows\temp\inshtallf.exe") Then FileWrite("log.LOG","SCAN3 > c:\windows\temp\inshtallf.exe -> IRC/SdBot trojan -> DELETE"&@CRLF&"") FileDelete("c:\windows\temp\inshtallf.exe") Else FileWrite("log.LOG","SCAN3 > Clean"&@CRLF&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ FileWrite("log.LOG","Scansione finita alle:"&@HOUR&"."&@MIN&"."&@SEC&@CRLF&@CRLF&"")
EndFunc 7° virus WIN_DB_SISTEMA CODICE #cs ----------------------------------------------------------------------------
WIN_DB version 0060 Author: Aaly
Script Function: Remove virus and infected file.
#ce ----------------------------------------------------------------------------
Func WIN_DB_SISTEMA()
FileWrite("log.LOG","[SISTEMA]"&@CRLF&"") ; SISTEMA ________________________________________________________________________________________________ ;___________________________________________________________________________________________________________________________________________________ ;Malfunzionamento del sistema If FileExists("C:\Windows\System32\drivers\ksi32sk.sys") Then FileWrite("log.LOG","SCAN1 > C:\Windows\System32\drivers\ksi32sk.sys -> MSN.TrojanDownloader.Wigon.BS trojan -> DELETE"&@CRLF&"") FileDelete("C:\Windows\System32\drivers\ksi32sk.sys") Else FileWrite("log.LOG","SCAN1 > Clean"&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ ;Boot.com - scarica trojan If FileExists("C:\resycled") Then FileWrite("log.LOG","SCAN2 > C:\resycled -> Trojan.DNSChanger -> DELETE"&@CRLF&"") DirRemove("C:\resycled") Else FileWrite("log.LOG","SCAN2 > Clean"&@CRLF&"") EndIf ;___________________________________________________________________________________________________________________________________________________ ;Driver altamente difettoso If FileExists("C:\Program Files\Advantage") Then FileWrite("log.LOG","SCAN3 > C:\Program Files\Advantage -> Adware.Advantage -> DELETE"&@CRLF&"") DirRemove("C:\Program Files\Advantage") Else FileWrite("log.LOG","SCAN3 > Clean"&@CRLF&"") EndIf
EndFunc e con questo è tutto o.o Edited by Lahace - 1/5/2010, 10:11
| | |
| |
|