Perl/Linux Brontox Remover
08Mar06
Here is a simple perl/linux (should work on cygwin) script to wipe out Brontox from your flash disk.
#!/usr/bin/perl
$brontoxMD5 = '9f472b33711035a5174f4f7f2ea5398f';
$deleted = 0;
foreach (`find -name '*exe'`) {
. . chomp;
. . @path = split /\//;
. . $path[-2] =~ s/[[]()+*]/$1/g;
. . if ($path[-1] =~ /^$path[-2]/) {
. . . . if (`md5sum '$_' | cut -d" " -f1` == $brontoxMD5) {
. . . . . . print "Removing: $_n";
. . . . . . `rm '$_'`;
. . . . . . $deleted++;
. . . . }
. . }
}
print "$deleted files removed\n";
Don’t mind the dots, I cant post ‘whitespaces’ to WordPress. It’s just there for the sake of code indentation.
Run the code at the root directory of your brontox-infected flash-disk.
Filed under: Internet | 12 Comments
-
Flickr Photos
More Photos
Ka, script loe gue coba di system gue (di Mac OS X), tapi ada error di regexnya. Errornya:
[ravens:~] rezmuh%
Nested quantifiers in regex; marked by
Brr~ *gebuk wordpress* backslashnya pada ilang2 gitu dari regexnya!
Try this one:
$path[-2] =~ s/[\[\]\(\)\+\*]/\\$1/g;
I would like to remove the brontok, BRONTOK.A[10] which always pop up when i open the yahoo mail.and this bother me a lot ..please let me know how to remove this completely?please help
email me at mheme_brant@yahoo.com.ph
thanks
amy
I would like to remove the brontok, BRONTOK.A[10] which always pop up when i open the yahoo mail.and this bother me a lot ..please let me know how to remove this completely?please help
hi,
pls i need help to clean a virus called brontok A(10) by jowobot#VM community in malaysia. pls send the solutiom to my box
thanks,
Hi
I have the same problem as amy.Plz help me
thanks a lot
Leila
plz..help.when i on my laptop…the black box always come out..so how????
Note: If you download mozilla firefox,brontok will opened in new tab, so it don’t ganggu you.
For more soalan plese go to http://answers.yahoo.com
you can ask question there, Note= I masih belum merdeka from brontok because I dun know how to delete it.
Brontok : Brontak : Memberontak : Pemberontak = kesimpulanya : Virus brontok mungkin di buat oleh
pemberontak Indonesia. Pemberontak : Anti Kerajaan.
Message :
BRONTOK.A[14]
– Hentikan kebobrokan di negeri ini –
1. Penjarakan Koruptor, Penyelundup, Tukang Suap, & Bandar NARKOBA
( Send to “NUSAKAMBANGAN”)
2. Stop Free Sex, Aborsi, & Prostitusi
( Go To HELL )
3. Stop pencemaran lingkungan, pembakaran hutan & perburuan liar.
4. SAY NO TO DRUGS !!!
– KIAMAT SUDAH DEKAT –
Terinspirasi oleh:
Elang Brontok (Spizaetus Cirrhatus) yang hampir punah
[ By: HVM31 ]
– JowoBot #VM Community –
!!! Akan Kubuat Mereka (VM lokal yg cengeng & bodoh) Terkapar !!!
Dari segi bahasa, sah ia buatan Indonesia. Pencipta virus ini mungkin Hacker yang handal serta berbakat.
Lokasi virus : C:\Documents and Settings\(nama account)\My Documents\My Pictures\about.Brontok.A.html
Muncul di : Internet Explore, Mozila dan lain lain sistem pelayaran Internet
Waktu Virus : Setiap pukul 3.00pm, 6.00pm, 9.00pm, 12.00pm, 3.00am, 6.00am, 9.00am, 12.00am.
Pencipta : [ By: HVM31 ] — JowoBot #VM Community — Warna : Kuning ~Message :
!!! Akan Kubuat Mereka (VM lokalyg cengeng & bodoh) Terkapar !!!
Bahasa : Teruk
Background : Hijau
Nama Penuh: BRONTOK.A[14] Warna : Merah
Bahasa : Teruk
Permehatian Berserta inferens : (PBI)
1)Kiamat sudah dekat, Filem Kiamat Sudah Dekat, mungkin ada kaitan.
2)( Send to “NUSAKAMBANGAN”) mungkin SMS ataupun syarikat telefon.
3)[ By: HVM31 ] — JowoBot #VM Community — mungkin orang Jawa.
Misteri Brontok
Kita boleh mendelete brontok dengan pergi lokasinya. Tetapi ia akan ada balik apabila waktu nya tiba.
Kesimpulan : Dengan cara delete tak berkesan
PBI : Mungkin ada Engine yang meletak kan virus brontok ke lokasi nya apabila tiba waktunya, Engine masih belum dikenal pasi. Ia tidak boleh dikesan oleh
Norton Anti-Virus Spywere. (nama account)
please help e remove brontoxA|10|.
my problem is that computer is brontok virus so iam found the sulotion is brontok virus please help me
i have the same problem this virus bugs whenever i open any site and sunfor nearly say5-10 mins
i have same problem