General_Redneck
2008-08-13, 01:27
There are constantly times where bugs like Smitfraud-C or something simular has disabled things from tabs in the display properties, to changeing the time format to army time with "Virus Alert!!" after it. Registry editing priveliges have been taken away, taskmanager as been taken away... and this is with an Administrator user. is there a way you can incorporate something of the following registry entries into your scans?
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"Wallpaper"=""
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"Wallpaper"=""
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ActiveWndTrkTimeout"=dword:00000000
"AutoEndTasks"="0"
"CaretWidth"=dword:00000001
"CoolSwitch"="1"
"CoolSwitchColumns"="7"
"CoolSwitchRows"="3"
"CursorBlinkRate"="530"
"DragFullWindows"="2"
"DragHeight"="4"
"DragWidth"="4"
"FontSmoothing"="2"
"FontSmoothingOrientation"=dword:00000001
"FontSmoothingType"=dword:00000001
"ForegroundFlashCount"=dword:00000003
"ForegroundLockTimeout"=dword:00030d40
"GridGranularity"="0"
"HungAppTimeout"="5000"
"LowPowerActive"="0"
"LowPowerTimeOut"="0"
"MenuShowDelay"="400"
"PaintDesktopVersion"=dword:00000000
"Pattern"="(None)"
"PowerOffActive"="0"
"PowerOffTimeOut"="0"
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="600"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="logon.scr"
"TileWallpaper"="0"
"UserPreferencesMask"=hex:9e,3e,03,80
"WaitToKillAppTimeout"="20000"
"Wallpaper"="(None)"
"WallpaperStyle"="2"
"OriginalWallpaper"=""
"WheelScrollLines"="3"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDrives"=dword:00000000
"NoSetFolders"=dword:00000000
"DisableTaskMgr"=dword:00000000
"NoStartMenuMorePrograms"=dword:00000000
"NoToolbarCustomize"=dword:00000000
"StartMenuLogoff"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDrives"=dword:00000000
"NoSetFolders"=dword:00000000
"DisableTaskMgr"=dword:00000000
"NoStartMenuMorePrograms"=dword:00000000
"NoToolbarCustomize"=dword:00000000
"StartMenuLogoff"=dword:00000000
These are all things I've had to fix that Malware has done to one machine or another here at the shop and I just have registry imports that I can use. I just thought I may be convenient for others to share the glory and none of the pain.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"Wallpaper"=""
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"Wallpaper"=""
"NoDispBackgroundPage"=dword:00000000
"NoDispScrSavPage"=dword:00000000
"NoDispCPL"=dword:00000000
"NoDispAppearancePage"=dword:00000000
"NoDispSettingsPage"=dword:00000000
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
"ActiveWndTrkTimeout"=dword:00000000
"AutoEndTasks"="0"
"CaretWidth"=dword:00000001
"CoolSwitch"="1"
"CoolSwitchColumns"="7"
"CoolSwitchRows"="3"
"CursorBlinkRate"="530"
"DragFullWindows"="2"
"DragHeight"="4"
"DragWidth"="4"
"FontSmoothing"="2"
"FontSmoothingOrientation"=dword:00000001
"FontSmoothingType"=dword:00000001
"ForegroundFlashCount"=dword:00000003
"ForegroundLockTimeout"=dword:00030d40
"GridGranularity"="0"
"HungAppTimeout"="5000"
"LowPowerActive"="0"
"LowPowerTimeOut"="0"
"MenuShowDelay"="400"
"PaintDesktopVersion"=dword:00000000
"Pattern"="(None)"
"PowerOffActive"="0"
"PowerOffTimeOut"="0"
"ScreenSaverIsSecure"="0"
"ScreenSaveTimeOut"="600"
"ScreenSaveActive"="1"
"SCRNSAVE.EXE"="logon.scr"
"TileWallpaper"="0"
"UserPreferencesMask"=hex:9e,3e,03,80
"WaitToKillAppTimeout"="20000"
"Wallpaper"="(None)"
"WallpaperStyle"="2"
"OriginalWallpaper"=""
"WheelScrollLines"="3"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDrives"=dword:00000000
"NoSetFolders"=dword:00000000
"DisableTaskMgr"=dword:00000000
"NoStartMenuMorePrograms"=dword:00000000
"NoToolbarCustomize"=dword:00000000
"StartMenuLogoff"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDrives"=dword:00000000
"NoSetFolders"=dword:00000000
"DisableTaskMgr"=dword:00000000
"NoStartMenuMorePrograms"=dword:00000000
"NoToolbarCustomize"=dword:00000000
"StartMenuLogoff"=dword:00000000
These are all things I've had to fix that Malware has done to one machine or another here at the shop and I just have registry imports that I can use. I just thought I may be convenient for others to share the glory and none of the pain.