If you mean disabling the shields from the tray icon, then that's one of the reasons the password protection is there - if you set up a password, you can't automate it with similar tools (not knowing the password; actually, not even if you know it).
If you're talking about the self-defense prompt, then AutoHotkey or similar tools won't work (just like they wouldn't work e.g. for the UAC prompt) - you can try
Generally, you can try to stop avast! service via Service Manager (from the command-line) - you should get the mentioned prompt. For avast! UI process, there's no normal channel, you'd have to use some of the hacks you mentioned.
Okay, thanks. So I could use either 'net stop' or 'sc stop' (SC = service controller utility) to disable the shields but first get the user prompt to allow the disable. Apparently the popup alert is part of the shutdown method for the service (which is good and acceptable).
I ran "sc query" to see if there was a shorter service name than the display name but, nope, have to use "avast! Antivirus". So either of the following might work:
net stop "avast! Antivirus"
sc stop "avast! Antivirus"
Alas, they didn't work. Instead the return status was:
[SC] ControlService FAILED 101:
The service cannot accept control messages at this time.
This was because I already used the Services Manager (services.msc) and tried to stop it there. When Avast showed its popup prompt, I opted for “No” (do not disable shields). The problem is that Windows doesn't get an updated status from the service which results in Windows thinking the service is still in "stopping" state (STOP_PENDING). During that state, you cannot start or stop a service so a subsequent test would fail. This means if I elect to keep the service running that Windows continues to see it in a pending state. You have to restart the computer to get Windows unstuck from this service state. Can't use "taskkill /f /im "avastsvc.exe"" (get "access denied" status) since Avast protects itself from termination.
So after rebooting to get the service out of STOP_PENDING state, I stopped the service by running “sc stop “avast! Antivirus”” and selected “Yes” in the popup prompt. When I right-click on the Avast tray icon, yep, all shields are disabled. Since this was just stopping the service which is set to Automatic for startup on Windows load, it’ll be back and all shields up when I reboot (which is how to get out of Returnil’s safe mode with its disk virtualization).
So that’ll work as long as I don’t pick “No” in the popup prompt (which puts the service in pending state which means no further start or stop requests will be acknowledged). Since I’ll be manually instigating Returnil’s safe mode, I’ll see that popup prompt. If it were something scheduled or run without user intervention, Avast counts down on the “No” selection which means the service refuses to unload and it’ll get stuck in the STOP_PENDING state.
Thanks for that info. I didn’t look there because I had figured Avast’s self-protection would’ve prevented stopping its service. I didn’t even try because I presumed it wouldn’t work, but it does.