The autorun. inf file helps spread viruses. The virus first copies itself to the USB flash drive, and then creates an autorun. inf. When you double-click the USB flash drive, the virus in the USB flash drive runs according to the settings in autorun. inf. As long as we can p
According to the author: in view of the full introduction of autorun on the Internet. there are not many articles about the inf function. I found an autorun article on the official Microsoft website's official website, called "inf. description of inf in English. This article is written by the translator and the author himself. (Thanks to the excellent articles provided by the author)
======= I am a separato
The other day, my sister used a USB flash drive to bring back a virus named "autorun Storm" from school. After being poisoned, double-clicking any drive letter will pop up a form, and some Trojans may be downloaded.
Clear method:
Shut down the wscript.exe process in the Resource ManagerShow all hidden files and system filesSearch Autorun .*Delete all searched f
Turning off the hard drive Autorun function is one of the effective ways to prevent hackers from invading. The purpose of this article is to open the puzzle of hard disk Autorun function and the way to turn off the function.
On the Start menu, enter regedit in run, open Registry Editor, and expand to hkey_current_user\software\ Microsoft\windows\currentversion\policies\exploer The primary key, find "NoDriv
, so that the current system of newly added equipment real-time monitoring, and through the parameters of the function of the specific content of the judgment, you can realize the monitoring of the U disk.2 . Find out if there is a Autorun.inf file in the USB stick, and if so, the name of the self-initiated virus program after parsing the contents of the "open" statement in the file. Parse the contents of the Autorun.inf file, you can use GetPrivatePr
Enter Regedit in "run" in the "Start" menu, open the Registry Editor, expand to the HKEY_CURRENT_USERSoftwareMicrosoft \ Windows \ CurrentVersion \ Policies \ Exploer primary key, and find "NoDriveTypeAutoRun" in the right pane ", this key determines whether to perform the AutoRun function of the CDROM or hard disk.Double-click "NoDriveTypeAutoRun". By default (that is, you have not disabled the AutoRun fun
1. autorun. inf is a file used to manipulate the disk behavior in windows. It must be placed in the root directory of the disc. Some operations are also applicable to hard disks.2. autorun. inf can be disabled. The method is as follows:Click Start> Run and enter regedit or regedt32 in the text box. Expand HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ exploer in sequence. T
In the previous article, Autorun is very useful. The trouble is that others may use it to do bad things. Someone else may use it to run his dangerous program, steal information or even destroy the device, or even your own Autorun may be infected with viruses. One way to deal with this is to put Autorun in a directory that is not easy to guess and give it a strang
A forum is infected with worm. win32.autorun. eyh
The forum page contains code:/------/
Hxxp: // www.5 ** 4 * z ** c.cn/1*%7aq/q.jsOutput code:/---
Hxxp: // M **. SF * S3 ** wws.cn/03/x4.htmCode included:/------/
Hxxp: // M **. SF * S3 ** wws.cn/03/google.htmA previously unknown encryption method is used. The first part of the code is:/------/
Its function is to check the browser software. If it is an Internet browser, ie.swf is displayed, and ff.swf
After the autorun Trojan is installed and the system is reinstalled, the drive D, E, and drive F cannot be opened by double-clicking
1. Check in cmd that there is no Autorun file in the root directory of each disk. This indicates that the virus has been cleared!
2. If the folder option cannot be changedStart> RUN> regeditFind the path hkey_classes_root/drive/sh
Autorun. inf and registry NoDriveTypeAutoRun key values
Binary digits
8
7
6
5
4
3
2
1
Type
1
RAMDISK
CDROM
REMOTE
FIXED
REMOVABLE
NO_ROOT_DIR
UNKNOWN
Name
Memory
Optical Drive
Network ing
Hard Disk
Mobile storage
No drive letter
Unrecognized
Decimal Value
128
64
32
16
8
4
2
1
Most common USB flash drives are immune to the registry, and directories with special file names are generated on the USB flash drives. Provides an alternative dynamic immune method.
The specific memory string in the Shell32.dll module of the Process Explorer can achieve the dynamic immunity automatically executed by the USB flash drive.
Shell32.dll version: 6.0.2800.1873
Imagebase: 7CD00000
. Text: 7CD8A162 push eax; lpString1. Text: 7CD8A163 call ds: lstrcpynW. Text: 7CD8A169 push offset aAuto
As you know, the personalized icons of the CD and the designated programs automatically run on the CD after the CD is put into the optical drive are all through the Autorun under the root directory of the CD. if the inf file is set, manually Write Autorun. the inf file is not only troublesome and error-prone, but you can easily edit the personalized Autorun with
ubuntu14.04 boot Autorun application-ydt_lwj column-Blog channel-csdn.net
Under Ubuntu there are many ways to start the program automatically, in the different process of booting can launch different programs. If you run the program automatically at boot-up, it is modified by placing the
???? /ETC/RC or
???? /ETC/RC.D or
???? /etc/rc?. D
?? The script file in the directory allows Init to start other programs automatically. For example: Edi
Through the U disk transmission of the virus Sxs.exe power has always been very large, once n a computer was his downfall ~ ~ Its variant is also increasingly refurbished, the pattern white ~ ~ Computer engine room and poisoned ... Each letter has hidden files, the icon is Conan head Sxs.exe and autorun, virus system into the xeklsk.exe.
Hidden files cannot be di
Four, this is I think testng very good point ~ ~ ~ really great, testng there is a way, so that users can be in the testng XML file and directly into the code, but there are drawbacks, if you forget to pass,,, the code will directly ignore this methodSpecifically, this is@Parameters ({"URL", "PORT"})@Test (groups = {"Checkintest"})public void TestMethod4 (String url,string PORT) { System.err.println ("
. Always use absolute paths when creating links.3. The focus of this approach is not that test is stored in the/ETC/INIT.D directory (typically we will have the script automatically started with the system in this directory), but instead the link file created S900test placed in the/ETC/RC.D/RC3.D directory.Reason:1. Operating level:[Email protected] rc.d]# RunLevelN 32.inittab Default configuration:L0:0:WAIT:/ETC/RC.D/RC 0L1:1:WAIT:/ETC/RC.D/RC 1L2:2:WAIT:/ETC/RC.D/RC 2L3:3:WAIT:/ETC/RC.D/RC 3 (
Since the release of the "write a WORM.WIN32.VB.FW virus kill" and " virus Rundll.exe Release and source sharing " two articles in the virus specifically killed, my virus specifically kill VBS template also began to consider perfect. This time, the "Hosts file restore function module " and "
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.