Disable Run Commands
Results 1 to 10 of 10

Thread: Disable Run Commands

  1. #1
    Senior Member
    Join Date
    Sep 2003
    Posts
    279

    Disable Run Commands

    As many people have noticed most if not all virii put a key in your registry so that they may still "live" after you reboot your system.

    Here are a couple of ways you can set your registry to deni specific startup methods on your computer. This in return will allow to to "kill" a virus simply by restarting you computer after detecting a running one.

    First Find: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
    Explorer]

    Value Names:
    -DisableLocalMachineRun
    -DisableLocalMachineRunOnce
    -DisableCurrentUserRun
    -DisableCurrentUserRunOnce

    Data Types: REG_DWORD (DWORD Value)

    Value Data: (0 = enable run, 1 = disable run)

    Examples:
    [Name]--------------------------------[Type]-----------------[Data]
    DisableLocalMachineRun_______REG_DWORD_____1
    DisableLocalMachineRunOnce___REG_DWORD_____1
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

  2. #2
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    For those who do not want to mess with the Registry, or more likely, are advising non-computer literate folks, please try

    http://www.diamondcs.com.au


    It is a worth a visit site, and you can download their Registry protector software, that intercepts attempts to edit the Registry. I has done the business for me on more than one occasion

    Cheers

    EDIT I have already mentioned WinPatrol from BillP Studios. Another nice little addition to your second line of defence.

  3. #3
    Senior Member
    Join Date
    Sep 2003
    Posts
    279
    I also belive that the function in Ad-Aware 6.0 called Ad-Watch will also block keys being written to Startup in your registry.
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Hi spools.exe,

    You are obviously a highly competent technically "savvy" person. I generally have to "mind the store" and deal with basically computer illiterate persons.

    That is why I tend to go for the ready made "TV dinner" solutions.

    We would probably make an excellent team?......................I haven't killed and eaten a User yet


    You are right about AdAware, but that is their commercial version AFAIK.

    WinPatrol will protect your start-up, your browser homepage and so on, and is free for private use.

    My nick should tell you......."nihil" means "nothing" in Latin. That is usually the budget I am given, hence my like for freeware/no cost shareware, or write it yourself.

    I like your posts and only attempt to add value if I know of a ready made solution that would be safe to deploy in a non-technical enviromnent.


    Cheers

  5. #5
    Senior Member
    Join Date
    Sep 2003
    Posts
    279
    We would probably make an excellent team?......................I haven't killed and eaten a User yet
    From what i hear they don't taste as good as they sound.
    AntiOnline Quick Forum Version 2b Click Here
    10010101000000110010001100111

  6. #6
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Location
    Huson Mt.
    Posts
    1,752
    nihil
    Does not work (says address can not be found.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Ooops!,


    Sorry about that folks, it is:

    http://www.diamondcs.com.au

    It is an interesting site anyway, so please have a look

    Spools.exe....................you could be right................in the past I have just pushed them to the side of the plate and eaten the vegetables


    Once again, sorry about the dud link


    Cheers,

    Johnno

  8. #8
    Member
    Join Date
    Sep 2002
    Posts
    77
    From what i hear they don't taste as good as they sound.
    lol

    I don't think I've ever heard a user that actually sounds good. Usually they sound a bit... well, I'm sure you all know!
    \"Death is more universal than life; everyone dies but not everyone lives.\"
    A. Sachs

  9. #9
    Senior Member
    Join Date
    Sep 2003
    Posts
    126
    I've noticed that every theard I've looked at today has this "retard button" (I think thats how it is spelled) posting trash. Is there a way to shut him/her down without killing an otherwise good theard.
    [Shadow] have you ever noticed work is like a tree full of monkeys you look down and all you see is monkeys below you then you look up and all you see is a bunch of *******s above[/shadow]

  10. #10
    Member
    Join Date
    Aug 2002
    Posts
    57
    Assign positive AP to this thread!
    Send an email to the admins!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •