You can analyze almost all autorun viruses from the following code:
Open Notepad
Copy the Code below
>>>>>>
echo "Run in HKLM" > %SYSTEMROOT%\tofile.txtREG EXPORT HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "Runonce in HKLM" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "RunonceEX in HKLM" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "Winlogon in HKLM" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "Run in HKCU" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKCU\Software\Microsoft\Windows\CurrentVersion\Run %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "InternetSettings in HKCU" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
echo "Explorer in HKCU" >> %SYSTEMROOT%\tofile.txtREG EXPORT HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer %SYSTEMROOT%\tofile1.txttype %SYSTEMROOT%\tofile1.txt >> %SYSTEMROOT%\tofile.txt
>>>>>>
Save it as abc.bat anywhere you like.
Double Click on the file
Now go to Start>Run and Type : notepad %SYSTEMROOT%\tofile.txt
Happy Removal of Autorun Viruses...
Subscribe to:
Post Comments (Atom)
2 comments:
I read and employ your tips on Escape from Autotun. But it does not work! Now tell me alternative ways!!!
If this didn't worked then don't worry, you can download from here http://www.google.com/search?q=Download+Autorun+Eater
It kills maximum type of autorun viruses.
Post a Comment