11 replies to this topic

[DarkPhoeniX]

Hi I need some help i want a script for Autoruns:
http://technet.micro...ernals/bb963902
its a nice app that can help you disable Registry entrys of drivers or files that may stop a computer from starting up...
I only found a console script version for XPlive
I need a script for the GUI version for vistaPE (or compatible)
I need it to work like the Hijackthis script that is downloaded with the vistaPE,where it loads the registry of the host PC(installed OS) from the vistaPE environment.

Please Help, I have no idea how the registry of the host PC will get loaded when ruining Autoruns from vistaPE

[homes32]

Hi I need some help i want a script for Autoruns:
http://technet.micro...ernals/bb963902
its a nice app that can help you disable Registry entrys of drivers or files that may stop a computer from starting up...
I only found a console script version for XPlive
I need a script for the GUI version for vistaPE (or compatible)
I need it to work like the Hijackthis script that is downloaded with the vistaPE,where it loads the registry of the host PC(installed OS) from the vistaPE environment.

Please Help, I have no idea how the registry of the host PC will get loaded when ruining Autoruns from vistaPE

when looking for a script always check the Downloads>App Scripts section 1st before posting.
in your case the script you are looking for is here: Sysinternals Suite
When running from PE you need to choose "Analyze Offline System" from the file menu in Autoruns to use it on an offline(host) system.

-Homes32

[pscEx]

You can also use the independent script which is included in nativeEx_easyPE.

To avoid long download etc., here the script code(sorry about format, 'CodeBox' seems to be no longer available):

[main]

Title=AutoRuns

Description=AutoRuns will be added on the project

Selected=True

Level=5

Version=9

Author=Peter Schlang

Date=2010-SEP-11

Download_Level=2

History 6=psc removed unnecessary quotes

History 7=psc changed to logging by [OnProcessExit]

Certification=eb569f87a48b17016cbc0956eed35e70

CertifiedBy=psc

NoWarning=False

Certification81=800bf2b17310414cefcf4a0b8eb8ee37



[variables]

%ProgramTitle%=AutoRuns

%ProgramEXE%=%ProgramTitle%.exe

%ProgramFolder%=%ProgramTitle%



[UploadClean]

SectionDeletes=EncodedFile-Folder-autoruns.exe

KeyDeletes=Folder,autoruns.exe

InterfaceClean=@_CInterface



[_CInterface]

Interface=pFileBox1



[process]

RunFromRam,True

RegHiveLoad,WB-Default,%target_sys%\config\default

RegWrite,HKLM,0x3,WB-Default\Software\Sysinternals\%ProgramTitle%,Settings,bc,02,00,00,16,00,00,00,16,00,00,00,58,02,00,00,9b,01,00,00,23,00,00,00,5a,00,00,00,5a,00,00,00,82,00,00,00,c8,00,00,00,46,00,00,00,96,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,02,00,00,00,00,00,00,00,00,01,01,01,00,00,00,01,00,00,f5,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,90,01,00,00,00,00,00,00,03,02,01,22,41,72,69,61,6c,00,73,20,53,65,72,69,66,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,ff,ff,ff,00,ff,00,00,00,00,01,00,01,01,00,00,00

RegWrite,HKLM,0x3,WB-Default\Software\Sysinternals\%ProgramTitle%,InFilters,2a,00,00

RegWrite,HKLM,0x3,WB-Default\Software\Sysinternals\%ProgramTitle%,ExFilters,00

RegWrite,HKLM,0x3,WB-Default\Software\Sysinternals\%ProgramTitle%,HiFilters,00

RegHiveUnLoad,WB-Default

Unpack

Add_Shortcut,StartMenu,Develop



[Attach]

Encode,%ScriptFile%,Folder,%pFileBox1%



[AuthorEncoded]

autoruns_ico_65.ico=434,579

Logo=autoruns_ico_65.ico



[Interface]

pButton1=Attach,1,8,261,42,80,25,Attach

pFileBox1=V:\System\Autoruns\autoruns.exe,1,13,32,38,200,28,file

pTextLabel1="Before the first use you must attach AutoRuns.exe!",1,1,33,14,462,18,9,Bold

RunFromLocation="Run from Boot Disk",1,4,33,76,150,21,"Run from Settings Drive","Run from Boot Disk"

Peter

[al_jo]

when looking for a script always check the Downloads>App Scripts section 1st before posting.
in your case the script you are looking for is here: Sysinternals Suite
When running from PE you need to choose "Analyze Offline System" from the file menu in Autoruns to use it on an offline(host) system.

-Homes32

The download link takes me here:
http://reboot.pro/in...ds&showfile=302
So I’ve made a “standalone” script for the latest Autoruns:
http://al-jo.zxq.net...10.06.Script.7z
Tested and working in VistaPE

[homes32]

The download link takes me here:
http://reboot.pro/in...ds&showfile=302

ah yes so it does. Looks like the old download area got lost in the site move.
here is my personal copy. its no doubt been slightly modified but it should work for you until the links come back up and you can get the "official" release if you like.

regards,
Homes32

[al_jo]

ah yes so it does. Looks like the old download area got lost in the site move.
here is my personal copy. its no doubt been slightly modified but it should work for you until the links come back up and you can get the "official" release if you like.

regards,
Homes32

Thanks a lot but did you miss that I’ve already made a new script for the latest Autoruns?
And that the TS request was about Autoruns? Not the suite!

[homes32]

Thanks a lot but did you miss that I’ve already made a new script for the latest Autoruns?
And that the TS request was about Autoruns? Not the suite!

No I didn't miss that. The fact that you made another script did not change the fact that the link to JonF's was broken.
Autoruns is part of the Sysinternals Suite. therefore the sysinternals suite script is relevant. In the script interface all programs can be selected/deselected based on your needs. So if the original poster only wants autoruns, he only needs to select autoruns. He is perfectly free to choose whatever script he thinks will suite him best.


on another note I noticed your script includes an embedded copy of autoruns.exe which is a violation of sysinternals EULA. (as you are distributing their software) just something to be aware of. not a personal attack on you.

regards,

Homes32

[DarkPhoeniX]

Thanx a LOT for your quick response ppl...
I did not know their was a Sysinternals Suite!
I will look in to it now...
i always used the Sysinternals apps separately
thanx again!!!

[al_jo]

on another note I noticed your script includes an embedded copy of autoruns.exe which is a violation of sysinternals EULA. (as you are distributing their software) just something to be aware of. not a personal attack on you.

regards,

Homes32

You are really scaring me!
And as I don’t want to spend 200 years in prison because of this unforgiveable crime,
the Autoruns script is deleted now.
But before it was deleted, somebody mailed me this link:
http://www.mediafire...w2ddla8esztbiuu

[pscEx]

@al_jo!

You are a professional Joker!
And I like jokers

Peter

[homes32]

good to see a sense of humor!

[al_jo]

The autoruns script is now attach freed (downloads instead), and while on it, I also made a new script for Bginfo that do not autostart by default when running a PE!
Scripts is here:
http://al-jo.zxq.net/autoruns.7z
http://al-jo.zxq.net/Bginfo.7z