Login or Register to Ask a Question and Join Our Community


Malware Advisories (RSS)

Vbs_autorun.bqp

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Malware Advisories (RSS) Vbs_autorun.bqp
# 1  
Old 08-01-2008
Vbs_autorun.bqp
This Visual Basic script (VBScript) may be dropped by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

This VBScript drops a file. It then executes a Windows component. This VBScript modifies a registry entry to enable its automatic execution at every system startup. It also deletes a registry key.

This malicious VBScript copies a file into various system folders. It then sets the Internet Explorer home page and window title to blank by creating registry entries.

It drops copies of itself in all physical and removable drives. It also drops an AUTORUN.INF file to automatically execute its dropped copies when the said drives are accessed.



More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

pppoe-connect

PPPOE-CONNECT(8)					      System Manager's Manual						  PPPOE-CONNECT(8)

NAME

       pppoe-connect - Shell script to manage a PPPoE link

SYNOPSIS

       pppoe-connect [config_file]

       pppoe-connect interface user [config_file]

DESCRIPTION

       pppoe-connect  is  a  shell  script  which  manages a PPPoE connection using the Roaring Penguin user-space PPPoE client.  If you omit con-
       fig_file, the default file /etc/ppp/pppoe.conf is used.	If you supply interface and user, then they override the  Ethernet  interface  and
       user-name settings in the configuration file.

       Note that normally, you should not invoke pppoe-connect directly.  Instead, use pppoe-start to bring up the PPPoE connection.

       pppoe-connect  first  reads a configuration file.  It then brings up a PPPoE connection.  If the connection ever drops, a message is logged
       to syslog, and pppoe-connect re-establishes the connection.  In addition, each time the connection is dropped  or  cannot  be  established,
       pppoe-connect executes the script /etc/ppp/pppoe-lost if it exists and is executable.

       The shell script pppoe-stop causes pppoe-connect to break out of its loop, bring the connection down, and exit.

TECHNICAL DETAILS

       pppoe-connect uses the following shell variables from the configuration file:

       ETH    The Ethernet interface connected to the DSL modem (for example, eth0).

       USER   The PPPoE user-id (for example, b1xxnxnx@sympatico.ca).

       PIDFILE
	      A file in which to write the process-ID of the pppoe-connect process (for example, /var/run/pppoe.pid).  Two additional files ($PID-
	      FILE.pppd and $PIDFILE.pppoe) hold the process-ID's of the pppd and pppoe processes, respectively.

       By using different configuration files with different PIDFILE settings, you can manage multiple PPPoE connections.  Just specify  the  con-
       figuration file as an argument to pppoe-start and pppoe-stop.

AUTHOR

       pppoe-connect was written by David F. Skoll <dfs@roaringpenguin.com>.

       The pppoe home page is http://www.roaringpenguin.com/pppoe/.

SEE ALSO

       pppoe(8),  pppoe-start(8),  pppoe-stop(8), pppd(8), pppoe.conf(5), pppoe-setup(8), pppoe-status(8), pppoe-sniff(8), pppoe-server(8), pppoe-
       relay(8)

4th Berkeley Distribution					 21 February 2000						  PPPOE-CONNECT(8)