Etikett: virus (Sida 2 av 2)

Smitta i datorn

I g?r kv?ll r?kade jag ut f?r en liten smitta i min maskin, “Virusscan 2008”, eller en variant. Som vanligt n?r man f?rs?ker rensa en smittad maskin s? brukar man vara sp?rrad fr?n att starta registret.

Spara ner koden h?r nere som en .vbc fil och k?r den s? f?r du access till registret. Smittan ?r nu borta och jag har l?rt mig lite till, en sak jag l?rt mig ?r att inte riktigt lita p? virusprogram :-)  Det varnade inte alls.

’Enable/Disable Registry Editing tools
’© Doug Knox – rev 12/06/99

Option Explicit

’Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools are now "

’This section tries to read the registry key value. If not present an
’error is generated.  Normal error return should be 0 if value is
’present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
’Create the registry key value for DisableRegistryTools with value 0
    WSHShell.RegWrite p, 0, itemtype
End If

’If the key is present, or was created, it is toggled
’Confirmations can be disabled by commenting out
’the two MyBox lines below

If n = 0 Then
    n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
    n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If

Kolla om du ?r smittad med Linux/Rst-B Backdoor

Om du har h?llit lite koll p? vad som h?nder i Linuxv?rlden s? har du nog inte ung?tt att det cirkulerar en smitta som ?r r?tt ot?ck..

S? h?r kan du kolla om du ?r smittad, fr?n Howtoforge.com

cd /usr/local/sbin
sudo wget http://www.sophos.com/support/cleaners/detection_tool.tar.gz
sudo tar xvfz detection_tool.tar.gz
sudo ln -s detection_tool/pre-compiled/detection_tool rst_detection_tool
sudo rm detection_tool.tar.gz

Sen f?r att kolla, k?r du: sudo rst_detection_tool /

Nyare inlägg »

© 2024 Editio Princeps

Tema av Anders NorenUpp ↑