Home IT Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Understand the security restore accidentally deleted critical system files     - CentOS / RHEL 6 was repeated prohibited under the SNMP connection log (Server)

- Ubuntu 14.04 / 14.10 how to install FFmpeg 2.5.1 (Linux)

- To install Redis under Linux (Database)

- RHEL5 stalled due to power service error system can not start (Linux)

- How to understand the difference between synchronous and asynchronous non-blocking blocking (Programming)

- Performance issues under CentOS 6.5 VLAN devices (Linux)

- Import and export myloader accelerate mydumper (Database)

- Java Virtual Machine Basics (Programming)

- After the first remote installation GlassFish Web to remotely access their back office management system error solution appears (Server)

- Learning Linux coding style (Programming)

- The ORA-01113 error is handled with BBED without archiving (Database)

- Ubuntu users to install household financial management tools HomeBank 5.0.0 (Linux)

- Get the Linux device PCI ID method (Linux)

- How to use SHA256 checksum files download (Linux)

- Lua study notes under ubuntu (Linux)

- Boost notes --Thread - problems encountered in the initial use on Ubuntu (Programming)

- cat command uses the Linux redirection merge files (Linux)

- CentOS Set the Mono environment variable (Server)

- JSON data normalization (normalize) (Programming)

- RHEL5.8 physical opportunities to Read-only file system (Linux)

  Understand the security restore accidentally deleted critical system files
  Add Date : 2018-11-21      
  A few days ago, found a virus, the root directory of each partition has a autorun.inf, it seems is a virus spread through U disk. Virus is very simple, did not do too bad, just look at the spread in batch, change to change the registry, canceled at the system administrator password, so that anti-virus software do not regard it as a virus. Antivirus software can not kill, to delete it manually. Require the Windows system directory and delete the virus file in the root directory of each partition deletion, modify the registry in accordance with the position where the batch, put the number of places to change it back.

There is a place in the registry

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
"Userinit" = "C: \\ WINDOWS \\ system32 \\ userinit.exe, *** exe."

Here just need to ***. Exe can be deleted, but I accidentally deleted the entire key, resulting in a system starts, log off, can not enter the system in safe mode, too.

Internet with another computer checked, userinit.exe Windows operating system is a key process for managing different promoter sequence, for example in the establishment of a network link and Windows shell starts. The registry location is also like to use the virus where the virus can be used to achieve the boot from the start. Cases like this are generally the same as in the back userinit.exe add something, or simply their own posing userinit.exe, userinit.exe replace the real.

You know the reason you need to restore the registry by this one. But the system does not start up, how to restore? Think of it saw an article about how to recover lost XP password, and it can use scripts to run specified Windows logon screen appears before the batch. Enter "Winxp password recovery script" google it and found reprint this article is all over the place. However, according to the statement in the article I tried it and found not useful.

The article said that a batch script and you want to save: under "C \ windows \ system32 \ GroupPolicy \ Machine \ Scripts \ Startup", but I found my system only "C: \ windows \ system32 \ GroupPolicy \ Machine \", then further under no directory of. Manually created directories and batch article requested, restart the batch does not run.

Then I remembered the mountains leaves a lot of the tool palette contents inside. After downloading engraved disc, was found inside the boot after a man named "ERD Commander" tool can change the content on the hard part of the registry. Although not all can change, but for me it is enough. System quickly returned to normal.

For "ERD Commander" very interested in this tool, Google a bit, and to its official website looked, from the product introduction watching this software on a Windows system disaster recovery or do a lot of things. The official website also informed that "ERD Commander" has been integrated into the "Administrator's Pak" inside, and now "Administrator's Pak" has been used as Microsoft "Windows Vista Enterprise" in the "Microsoft Desktop Optimization Pack for Software Assurance" part, that , "ERD Commander" of the Windows operating afford Microsoft's official.
- Learning the Linux powerful network management capabilities (Linux)
- MongoDB3.0.6 wiredtiger MMAPv1 (Database)
- Examples of RAID levels and achieve Operational Details (Linux)
- DB2 manually create a library (Database)
- To use Linux to create a secure managed gateway (Linux)
- How to Install Cantata MPD 1.3.3 for Ubuntu and Derived Version Users (Linux)
- linux raid levels and concepts introduced (Linux)
- Forwarding module with Apache reverse proxy server (Server)
- ORA-38856: Unable instance UNNAMED_INSTANCE_2 (redo thread 2) marked enabled (Database)
- Android using SVG vector graphics to create cool animation effects (Programming)
- Based on Google Cloud Storage Mirroring open Maven Central Repository (Server)
- Installing PHP Memcache extension under Linux (Server)
- Use dump restore mode fast backup and recovery system FreeBSD (Linux)
- Advanced permissions Linux file system settings (Linux)
- Teach you how to protect the security of Linux desktop (Linux)
- Installation image conversion tool on your Ubuntu Converseen 0.8.1 (Linux)
- How to set up FTP server on Linux (Server)
- CentOS6.5 install SVN & visual management tools iF.SVNAdmin (Server)
- Linux Getting Started Tutorial: Ubuntu laptop screen brightness adjustment (Linux)
- How to use the Linux terminal Git commands (Linux)
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.