Stop Virus From Running Automatically

Stop Virus From Running Automatically Many worms and trojans make changes to the registry to so that it can automatically start whenever you boot up your computer and also to avoid easy detection by disabling Windows Task Manager, Registry Editor and etc... You can easily restore all those tools by using Remove Restriction Tool (RRT). I just recently found out that a virus can actually make some changes on your registry so that the virus will run automatically whenever you execute a file. Imagine, the virus will be loaded each time you run an executable (EXE) or a batch (BAT) file. Just last week I was cleaning a computer that was infected by Brontok. After finished scanning, cleaning the virus and restoring the changes made by virus, the Symantec Antivirus Corporate Edition still pops up notification stating that Brontok virus is found and automatically deleted. This happens EVERY TIME I run an executable file. Now I found out how it works and also how to disable the virus from running automatically whenever I run any file. This happens when a virus change one or more of the shell\open\command keys. If these keys are changed, the worm or Trojan will run each time that you run certain files. For example, if the \exefile\shell\open\command key is changed, the threat will run each time that you run any .exe file. This may also stop you from running the Registry Editor to try to fix this. They may also change a registry value so that you cannot run the Registry Editor at all. I've done a test by adding Notepad.exe path in \exefile\shell\open\command key. Then I tried running any EXE file, it will launch the EXE file with notepad! For Brontok virus, it loads a backdoor file called "shell.exe". You won't even notice anything abnormal when you run an EXE file. Main link to the post below: http://visitformoney.blogspot.com/2007/07/stop-virus-from-running-automatically.html