Microsoft Office 2007 Enterprise System security m

At present, U disk virus is rather severe, just about all U-disk with the virus, the root directory includes a autorun.inf. More right-click menu As we used to use double-click to open the disk, but now we double-click, in most cases not open U disk,Microsoft Office Professional Plus 2010, but towards the techniques established through the autorun.inf inside the car play. So for lots of people, highly troublesome. The reality is, the virus Autorun.inf You'll find four ways using basic


OPEN = filename.exe instantly. XPSP2
But for a lot of people and Vista people, Autorun has turn out to be AutoPlay, do not immediately run it, it is going to pop-up window say that you need to do.


shellAutocommand = filename.exe shell = Auto
modify the context menu. The default boot entry is changed using the virus. But this time as long as the consumer correct click around the icon and right away discovered flaws. Intelligent virus will change the default entry name, but in case you uncover non-Chinese in the technique right from the garbled menu much more or Chinese,Microsoft Office 2010 Professional Plus, you are going to feel what's it?


shellexecute = filename.exe
ShellExecute =.... just phone ShellExecuteA / W perform tries to open U root directory, the virus will run automatically. This is to handle those who use Win + R who lost the opening drive.


shellopen = Open (& O) shellopenCommand = filename.EXE shellopenDefault = 1 shellexplore = Resource Manager (& X)
this confusion is greater, the emergence of a new form. Appropriate menu a single can not see the problem, but within the non-Chinese system, betrays itself. Suddenly appear garbled in Chinese of course, could not escape his stuff.
the face of this danger, mainly the fourth, rely solely on Explorer itself, has been difficult to determine whether the removable disk poisoning. In this case,Microsoft Office 2007 Enterprise, some many people according to their own experience, made the
immunization approach, on removable disks and hard drives

1, the same title as the directory

directory in Windows, is a special file, and two the same directory under the file can not be the same title. Then, create a directory
2, autorun.inf file identify directory under the illegal

Some viruses joined the fault tolerance code is generated autorun.inf autorun.inf before you attempt to delete the directory. Under the Windows NT Win32 subsystem, such as directory query purpose is unable to query the contents of these directories will return an error. However, deletion in the directory ought to be progressively removed the entire tree under which, it have to check the contents of each subdirectory under it. Therefore, in the There are similar use of Native API to create the directory applying the DOS reserved title (for example, con,Office 2007 Download, lpt1, prn, etc.) can also achieve a similar purpose.
3, NTFS access control

hackers, virus writers also know Windows,Microsoft Office 2010 Professional, these functions can be regarded as Bug. They can do a system scan the directory and discovered the last byte of a directory identify is '.' Is by visiting the .
Therefore, even low-level file program based access control approach emerged. The U disk, mobile hard disk formatted as NTFS file program, create the Autorun.inf directory, set the directory for any people do not have any authority, not only can not remove the virus, can not even list the directory contents. However, this approach is not suitable for music players and the like generally do not support the NTFS device.
These three steps than the step by step can be described as exciting. But the biggest problem is not how to prevent the formation of this autorun.inf, but instead the method itself, Explorer vulnerability. Virus writers will soon make a much more powerful plan.