AutoRun

Autorun helps you detect registrx autorun settings.

Usage

AutoRun:[value],[filename data],<advanced file parameters>

Examples

AutoRun:"AdRoarUpdate","<$WINDIR>\ARUpdate.exe","filesize=86016,md5=5F45E52554D022A757BA637E4E03B0A5"

This example searches registry Run keys (global and for all users) for entries named AdRoarUpdate, pointing to a file ARUpdate.exe inside the Windows folder, that matches the specified advanced file parameters.

Description

This parameter takes two to three parameters, with the third one highly recommended.

1. The first parameter specifies the name of the registry value to look for; this parameter can be used with Algo-Prefixes. AP
2. The second parameters takes a file path and name. It understands both Algo-Prefixes and path templates. AP PT
3. The third parameter allows you to specify advanced file parameters to limit the scan to entries that point to files that have specific contents. Since file names can be misleading and ambiguous, it is highly recommend to specify them.

See also

• AlgoPrefix
• Advanced file parameters
• Path templates
• Description templates

Similar commands

• AutoRunByFilename
• AutoRunByValue
• AutoStart