From faeb0c98ba364e29c58e8e11eaae9c32b6d3e6de Mon Sep 17 00:00:00 2001
From: sherobbedmyboots <drewstaples1@gmail.com>
Date: Fri, 15 Sep 2017 20:07:54 -0500
Subject: [PATCH] make current processes lowercase

---
 Tools/Evasion/evasion_common/gamemaker.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Tools/Evasion/evasion_common/gamemaker.py b/Tools/Evasion/evasion_common/gamemaker.py
index 98d26ed..c507f9e 100644
--- a/Tools/Evasion/evasion_common/gamemaker.py
+++ b/Tools/Evasion/evasion_common/gamemaker.py
@@ -241,7 +241,7 @@ def senecas_games(evasion_payload):
             check_code += '\t' * num_tabs_required + '_, ' + current_processes + ' = win32pdh.EnumObjectItems(None,None,\'process\', win32pdh.PERF_DETAIL_WIZARD)\n'
             check_code += '\t' * num_tabs_required + 'for ' + process + ' in ' + current_processes + ':\n'
             check_code += '\t' * num_tabs_required + '\tfor ' + sandbox_proc + ' in ' + bad_procs + ':\n'
-            check_code += '\t' * num_tabs_required + '\t\tif ' + sandbox_proc + ' in str(' + process + '):\n'
+            check_code += '\t' * num_tabs_required + '\t\tif ' + sandbox_proc + ' in str(' + process + '.lower()):\n'
             check_code += '\t' * num_tabs_required + '\t\t\t' + sandbox_exist + '.append(' + process + ')\n'
             check_code += '\t' * num_tabs_required + '\t\t\tbreak\n'
             check_code += '\t' * num_tabs_required + 'if not ' + sandbox_exist + ':\n'