Self Deleting exe
I was searching around for a self-deleting exe technique. There is one here on VBC (70747) but it has a few problems... it doesn't work on a 64-bit OS (easily fixed), creates a remote thread that can look suspicious to real-time AV. So, this is my version of that code. Basically, we create a child notepad process in a suspended state, overwrite its entry point and resume the process, whereupon the overwritten code waits until our process terminates and then deletes the exe file. Note well, the process that's to have its exe file deleted must have sufficient permission to do so. e.g. if the exe file is being run from "/Program Files/" (for example) on Vista or Windows 7, then it will have to be running with Administrator permissions in order to self-delete.
(6(6 Vote))