Sign in to follow this  
Followers 0
RogerRabbitsClone

autorun.inf not running compiled script

4 posts in this topic

so i wrote a script to install malewarebytes and run the definitions update.

#cs ----------------------------------------------------------------------------

for this to work, you must rename the malewarebytes installer "dun dun dun.exe" 
and put it in the same folder as this script or the compiled script

#ce ----------------------------------------------------------------------------

run ("dun dun dun.exe")
WinWaitActive ("[CLASS:TSelectLanguageForm]")
send ("{enter}")
WinWaitActive ("[CLASS:TWizardForm]", "Welcome to the Malwarebytes' Anti-Malware Setup Wizard")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "License Agreement")
send ("!A")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "Information")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "Select Destination Location")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "Select Start Menu Folder")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "Select Additional Tasks")
send ("!D")
send ("!N")
WinWaitActive ("[CLASS:TWizardForm]", "Ready to Install")
send ("!I")
WinWaitActive ("[CLASS:TWizardForm]", "Completing the Malwarebytes' Anti-Malware Setup Wizard")
send ("!F")

i found that if i put this on a flash drive i can beat the "anti-virus 2009-2010" virus into submission enough i can do a system restore. (it usually doesnt let you run antivirus and it actually takes over AVG and mcafee)

i dont know if theres a new strain or what, but i cant run this on an infected computer im working on. autoplay pops up but i cant actually access the flash drive.

so here was my plan, write an autorun.inf to run the compiled script.

[autorun]
icon = krusty.ico
shellexecute = auto mbam.exe
open = auto mbam.exe
run = auto mbam.exe

well, the autorun.inf doesnt run the program. not on this computer, or any other. ive checked the settings on the computers, but they have autorun/autoplay enabled.

does autoit inherently block the use of an autorun.inf once its compiled?


<--a good way to start you day

Share this post


Link to post
Share on other sites



No. AutoIt does no such thing.

Share this post


Link to post
Share on other sites

so then in theory, this autorun should open this compiled script?


<--a good way to start you day

Share this post


Link to post
Share on other sites

#4 ·  Posted (edited)

Supposed to be, not unless your infection has something it can do about it.

For disabling some viruses, I just resort to using ProcessExplorer and Autoruns, then using some stand alone scanners to hopefully clean the system. ClamWin does a good job unloading infected programs from memory, so you can try using its memory scan to kill it before you start cleaning the system.

EDIT: Note that it only works well when your critical Windows programs are not infected at all. If they are, ClamWin will unload them too, making you stuck with a blank screen.

Edited by omikron48

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0