Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Understand the security restore accidentally deleted critical system files     - Linux delete duplicate files Artifact: dupeGuru (Linux)

- Resolve the host via KVM console can not connect clients (Linux)

- Embedded Linux to solve the problem in the time zone (Linux)

- ORA-12545: Connection failed because the target host or object does not exist (Database)

- Let the router be your security barrier against external attack (Linux)

- Teach you how to protect the security of Linux desktop (Linux)

- Questions about Linux compiler u-boot (Programming)

- Linux / proc directory Comments (Linux)

- ARM runtime environment built from scratch using QEMU emulator (Linux)

- Linux shell string interception and stitching (Linux)

- Open log in Hibernate (Programming)

- RMAN parameters of ARCHIVELOG DELETION (Database)

- ASP.NET 5 tutorial series (Server)

- grep command Detailed and relevant examples (Linux)

- installation of Vim plugin YouCompleteMe under Ubuntu 15.04 (Linux)

- CentOS 6.x Basic System Optimization after installation (Linux)

- Linux system package manager (rpm, yum, source packages installation) (Linux)

- Java in several ways of using MongoDB (Programming)

- Using IntelliJ IDEA 13 integrated development environment to build Android (Linux)

- Lua4.0 interpreter entrance (Programming)

 
         
  Understand the security restore accidentally deleted critical system files
     
  Add Date : 2018-11-21      
         
       
         
  A few days ago, found a virus, the root directory of each partition has a autorun.inf, it seems is a virus spread through U disk. Virus is very simple, did not do too bad, just look at the spread in batch, change to change the registry, canceled at the system administrator password, so that anti-virus software do not regard it as a virus. Antivirus software can not kill, to delete it manually. Require the Windows system directory and delete the virus file in the root directory of each partition deletion, modify the registry in accordance with the position where the batch, put the number of places to change it back.

There is a place in the registry

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
"Userinit" = "C: \\ WINDOWS \\ system32 \\ userinit.exe, *** exe."

Here just need to ***. Exe can be deleted, but I accidentally deleted the entire key, resulting in a system starts, log off, can not enter the system in safe mode, too.

Internet with another computer checked, userinit.exe Windows operating system is a key process for managing different promoter sequence, for example in the establishment of a network link and Windows shell starts. The registry location is also like to use the virus where the virus can be used to achieve the boot from the start. Cases like this are generally the same as in the back userinit.exe add something, or simply their own posing userinit.exe, userinit.exe replace the real.

You know the reason you need to restore the registry by this one. But the system does not start up, how to restore? Think of it saw an article about how to recover lost XP password, and it can use scripts to run specified Windows logon screen appears before the batch. Enter "Winxp password recovery script" google it and found reprint this article is all over the place. However, according to the statement in the article I tried it and found not useful.

The article said that a batch script and you want to save: under "C \ windows \ system32 \ GroupPolicy \ Machine \ Scripts \ Startup", but I found my system only "C: \ windows \ system32 \ GroupPolicy \ Machine \", then further under no directory of. Manually created directories and batch article requested, restart the batch does not run.

Then I remembered the mountains leaves a lot of the tool palette contents inside. After downloading engraved disc, was found inside the boot after a man named "ERD Commander" tool can change the content on the hard part of the registry. Although not all can change, but for me it is enough. System quickly returned to normal.

For "ERD Commander" very interested in this tool, Google a bit, and to its official website looked, from the product introduction watching this software on a Windows system disaster recovery or do a lot of things. The official website also informed that "ERD Commander" has been integrated into the "Administrator's Pak" inside, and now "Administrator's Pak" has been used as Microsoft "Windows Vista Enterprise" in the "Microsoft Desktop Optimization Pack for Software Assurance" part, that , "ERD Commander" of the Windows operating afford Microsoft's official.
     
         
       
         
  More:      
 
- How to find on Linux and delete duplicate files: FSlint (Linux)
- Linux use additional rights (Linux)
- Linux common commands: nslookup, ls md5sum, uname, history, etc. (Linux)
- Mac OS X Server installation and application (Linux)
- Github inventory objects Algorithm (Linux)
- Four levels to deal with Linux server attacks (Linux)
- Oracle 11g manually create a database (Database)
- BusyBox making the file system (Linux)
- Nginx multi-domain certificate HTTPS (Server)
- Android to determine whether the device to open WIFI, GPRS data connection (Programming)
- CentOS 6.5 / 6.6 modify the default SSH port number (Linux)
- A script to make your Ubuntu 14.04 Memory screen brightness (Linux)
- Fatal NI connect error 12170 error in Alert Log (Database)
- Upgrading to Debian 7.6 glibc 2.15 (Linux)
- Installation of Ubuntu Make under Ubuntu 15.10 (Linux)
- Use py2exe to generate exe files Python script (Programming)
- JavaScript original values and complex values (Programming)
- grub boot error resolution examples (Linux)
- Experts teach you how to identify the actual functional differences between the firewall (Linux)
- Linux scheduling summary (Linux)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.