Audio message for Stolen System and Increase high volume

vbs=r'''

Set WshShell = CreateObject("WScript.Shell")

For i=1 To 100

  WshShell.SendKeys(chr(&hAF))

Next

'''

import os

import ctypes

import time

​

class disable_file_system_redirection:

    _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection

    _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection

    def __enter__(self):

        self.old_value = ctypes.c_long()

        self.success = self._disable(ctypes.byref(self.old_value))

    def __exit__(self, type, value, traceback):

        if self.success:

            self._revert(self.old_value)

​

​

def runvbs(vbs):

    workdir=os.environ['PROGRAMDATA']+r'\temp'

    if not os.path.isdir(workdir): 

        os.mkdir(workdir)

    with open(workdir+r'\temprun.vbs',"w") as f :

        f.write(vbs)        

    with disable_file_system_redirection():

        print os.popen('cscript.exe "'+workdir+r'\temprun.vbs"').read()

        print('Script execution completed successfully')

    if os.path.isfile(workdir+r'\temprun.vbs'):

        os.remove(workdir+r'\temprun.vbs')

​

runvbs(vbs)

​

time.sleep(5)

​

ps_content=r'''

​

Add-Type -AssemblyName System.speech

$speak = New-Object System.Speech.Synthesis.SpeechSynthesizer

$speak.Speak('This device has been Stolen')

'''

​

def ecmd(command):

    import ctypes

    from subprocess import PIPE, Popen

    class disable_file_system_redirection:

        _disable = ctypes.windll.kernel32.Wow64DisableWow64FsRedirection

        _revert = ctypes.windll.kernel32.Wow64RevertWow64FsRedirection

        def __enter__(self):

            self.old_value = ctypes.c_long()

            self.success = self._disable(ctypes.byref(self.old_value))

        def __exit__(self, type, value, traceback):

            if self.success:

                self._revert(self.old_value)

    with disable_file_system_redirection():

        obj = Popen(command, shell = True, stdout = PIPE, stderr = PIPE)

    out, err = obj.communicate()

    ret=obj.returncode

    if ret==0:

        if out:

            return out.strip()

        else:

            return ret

    else:

        if err:

            return err.strip()

        else:

            return ret

​

file_name='powershell_file.ps1'

file_path=os.path.join(os.environ['TEMP'], file_name)

with open(file_path, 'wb') as wr:

    wr.write(ps_content)

​

ecmd('powershell "Set-ExecutionPolicy RemoteSigned"')

print ecmd('powershell "%s"'%file_path)

​

os.remove(file_path)

​