Call Volume Issues
Due to unprecedented and unforeseen congestion being experienced across carrier voice networks throughout Australia, many networks are experiencing unexpected congestion which is resulting in some Outbound and Inbound calls failing. We are load balancing outbound calls to different carriers. If your having issues please email support@screwlooseit.com.au and we move your outbound call routes to different providers.
Close

Blog

Simple Virus Cleaner

This is a little batch file that should aid in the cleanup of computers that have been locked out by malware.

Its a work in progress, so check back as this script evolves.
Please let us know if your experiences with this script as I will continue to work on it.

*** NOTE:
This will clean-out your start-up programs.
They will be backed up into a registry file so you can restore them later once the virus is removed.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
@echo off
echo Creating backup folder...
mkdir backups
 
echo Removing policy restrictions...
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRun /t REG_DWORD /d 0 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v NoDispCPL /t REG_DWORD /d 0 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v DisallowRun /t REG_DWORD /d 0 /f
reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /f
reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run /f
 
echo Backing up Startup Applications...
reg export HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "backups\HKCU Runs.reg"
reg export HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "backups\HKLM Runs.reg"
 
echo Removing Startup Applications...
reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f
reg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f
 
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /f
 
echo Removing RunOnce entries...
reg delete HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /f
reg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /f
reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /f
reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /f
 
echo Showing Hidden Files...
reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 1 /f
 
echo Repairing Explorer Shell...
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell /t REG_SZ /d Explorer.exe /f
reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\shell" /f
 
echo Repairing Safemode...
reg add HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot /v AlternateShell /t REG_SZ /d "cmd.exe" /f
 
echo Rebooting...
shutdown /f /r /t 00

Posted in: Scripts

Leave a Comment (0) ↓

Leave a Comment