Thursday, November 23, 2023

Beware of REVIL on Windows

 https://twitter.com/AShukuhi/status/1718827335942570394


https://www.bleepingcomputer.com/news/security/revil-ransomware-now-changes-password-to-auto-login-in-safe-mode/


THE CURE=



CMD

Žeži-Žeži.bat

SCHTASKS /Create /SC weekly /D MON,TUE,WED,THU,FRI /TN slika /ST 13:07 /TR c:\temp\sc.exe

rem https://ss64.com/nt/schtasks.html

rem SCHTASKS /Query

rem SCHTASKS /Delete /TN "slika" /f


---------------


Using a command prompt

  1. Open “Run” with [Windows] + [R].
  2. Type “cmd” and press [Ctrl] + [Shift] + [Enter].
  3. Type “net user administrator /active:yes”.
  4. The administrator account is now activated.
  5. To deactivate: “net user administrator /active:no”.



----------------------------

SHIFT + F10

----------------------------
utilman.exe
cmd.exe

No comments:

Post a Comment

Beogradsko programiranje=