Friday, July 30, 2010

"Random eight-digit" Beware of your U disk



The virus a "hijacking image" technology, the virus running, will generate a random numbers and letters composed by the 8-bit name of the virus process and try to close the variety of anti-virus software, firewalls and security tools to process, making an extremely difficult virus. Virus in the root directory of each partition generated Autorun.inf and random 8-bit EXE, the user double-click the hard drive to activate the virus. The virus also through U disk, MP3, mobile hard drives and other removable storage spread, spread very rapidly.

Image hijacking "technology that is currently widely used virus virus technology. Viruses using the technology of some antivirus and security software screen, when the computer user to perform the procedure to be shielded, the virus can lead to the implementation of the goals is empty, this to evade anti-virus software to kill.

According to reports, "random 8-digit" virus Trojan-like virus, using Delphi language, through the UPX packers processing tools. Virus running, make the system run slower, and the virus will try to close the variety of anti-virus software and firewall processes, so that users can not open the antivirus software and virus database can not be upgraded. Virus will shield the Registry Editor and msconfig other variety of security tools, to create difficulties for users to manually killing the virus. The virus will be downloaded from the specified URL Trojan variety of online games can be stolen, including World of Warcraft, Legend of the world, journey, including several online game account and password, games for the network equipment constitutes a significant threat.

Prevention and treatment measures:

1. Protect your U disk, MP3, mobile hard drives and other removable storage usage, when the external U disk access computer, please do not rush to double-click to open, be sure to read the anti-virus treatment, suggested a U disk virus immune function antivirus software, such as U-disk shield KV2007 unique technology that can drive the virus immune to all U U disk by double-clicking to run.

2. Lay the patch to the system, especially in MS06-014 and MS07-17 The two patches, most of the pages currently Trojans are two holes through the invasion to the computers inside.

3. To update anti-virus software virus database, so that regular upgrades, regular anti-virus.

4. Install the software to go to regular website, avoid software installation package is bundled into the Trojan.







Recommended links:



Ps3 Movie Formats



Refused to applaud for the rotten tomatoes



Jie Mi, Need to find DDR2 memory particles



REVIEWS Recreation



UIM PHS Market Price Of 700 Yuan More Than Today



My Favorite Languages Education



Expert Math And Scientific Tools



convert dvd to wmv



How to enhance THE productivity of textile and garment factories?



IPTV will be better than "the right to license the Move"



Emergency Plan issued: plan ahead, so that no terrible disaster



Corporate governance reasons to cure what



Best Audio CD Burners



Ts files



Hou Ziqiang: CCTV Spring Festival Evening Show The Fate Of P2P To Be The Wave Of IMS Solutions



"Abnormal" Jason Jiang: year one is moral DERAILMENT



ape FILES



Wednesday, July 21, 2010

Was brilliant: Ten-man weapon crack revealed inside story of classical



Factors affecting the development of shared software, many have been illegally sharing software crack can be said the number one enemy. Then the resulting difficulties in sharing software cracker who live in the end with those weapons? Today, so let me take you to see the mysterious ten categories of commonly used software cracker, which is shareware top ten killer!

First, debugging tools for soft-ice class and trw2000

soft-ice is widely recognized as the best trace debug tools. Use soft-ice can easily keep track of a software or monitoring software debug errors generated, it has dos, window3.1, win95/98/nt/2000 / each platform version. This version is the software used for debugging, tracing, debugging tools, in the cracker into the hands of the most horrible cracking tool; trw2000 is the Chinese people write their own debugging software is fully compatible with soft-ice the instructions, because now Many software can detect soft-ice presence, while trw2000 testing have sent many, many cracker so now it became a favorite.

trw2000 solve specific software has been optimized to track the debugger in windows, tracking more powerful; can set various breakpoints, breakpoint types, and more; it can be as complete as some shelling tool to remove the shell of the encryption automatically generated exe file, so it's cracked stronger, in the hands of crack development of the shared software bigger threat. It also under the dos version, called tr.

Second, disassemble tool wdasm8.93 Gold Edition and hiew

often the soft-ice cracker and trw2000 compared Tulong Dao, will then be compared to Heavenly Sword wdasm8.93. wdasm8.93 can easily disassemble the program, the program flow static analysis can also be dynamic analysis program. General version of the original based on the number of crackers has developed wdasm8.93 Gold Edition, stepped up a string of Chinese extraction. On the threat of domestic sharing software also greater. For example, this is fun fun Landlords sharing software, with a gold version of its disassembly can see the registration code, common version can not, you do not it powerful? Hiew is a hex tool, in addition to its ordinary hex system function, it also a feature that can disassemble file, and can modify the program in assembly instructions, use it to modify the program, convenient! This is the cracker have used static disassembly tool.

Third, visual basic debugging tools smartcheck

This is specifically for visual basic program debugger, program execution because vb is interpreted in essence, they just call vbrunxxx.dll the function, so vb executable file is a pseudo code program in vbxxx.dll inside the implementation. If the track with the soft-ice debugger which can only be used in vbdll play around, see something of value, and code quality is not high, the structure is still very complicated.

Of course, as long as the understanding of their characteristics with a soft-ice can also break, but the emergence of smartcheck greatly facilitate the cracker. smartcheck is numega company exports a great interpretation of the implementation process of debugging tools, the latest version is v6.03. It is very easy to use, you even do not know assembly language can easily manage it. Vb program which can be recorded in the implementation of the action completely, so that those who break easily break most of the vb program.

4, hex editor ultraedit

Hex hex editor can edit the file, modify the contents of the file. Although hiew is a hex tool is, but it is dos interface, many were prepared to make a break under a windows tool, such tools are many, such as: ultraedit, winhex, hex workshop, among which more ultraedit a unique and easy to operate, more finished version is available, it is very good hex editor, we recommend that you also find a use with.

5, registry monitoring tools

There are regshot, regmon or regsnap so. Microsoft operating systems, many settings are stored in the registry, windows registry is the core database tables stored in a variety of parameters, the direct control of the windows startup, loading hardware drivers as well as some windows applications normal operation. In the application software installed, there may be some of the necessary information into them, such as installation time, frequency of use, registration code, etc..

regshot, regmon monitor registry changes or regsnap is a tool through which to understand, monitor the application of the action in the registry, crack dealers often use them to monitor application in the registry changes.

6, file monitoring tool filemon

Can monitor the system operating conditions specified in the file, such as which file to open the specified file, which closed file, the data on which files to read and so on. Through it, any files you specify to monitor any read, write, open the other file operations can be monitored over it and provide full reporting information. Crack often use filemon monitor file system in order to understand the program at startup, shut down or verify registration code what to do when the hands and feet, and thus decrypt accordingly.

7, shell tools procdump

Now a lot of software plus a shell, "shell" is a dedicated to the protection software is not illegal to modify or decompile the program. They are usually run before, to get control, and then complete their task of protecting software. After packers in the tracking software when you can not see the real hex code, so you can serve the purpose of protecting software.

procdump is a tool to deal with software packers in the shelling, which can be stripped of many types of shells, but also files really are, and then modify the contents of the documents so much easier. Because it allows users to write their own script files, so use it off the shell software version packers. It also is an excellent tool for pe format changes, is an indispensable tool for shelling!

8, detection of file type tool

Such tools are typ, gtw, fileinfo and shock-2000. They are used to detect the type of software is packers, which can easily shock of 2000 to find any shell entry point encryption, including encryption shell asprotect and Phantom can. Such software is generally used with procdump and debugging software, and use them to find the program packers type, with procdump or soft-ice, trw2000 shelling.

9 resource Trainer exescope

exescope is a tool to modify software resources, and powerful. exescope in the absence of resource files to analyze, display different information, rewriting the executable file resources, including (exe, dll, ocx) and so on. It can be edited directly using vc + + and delphi compiled program resources, including menus, dialog boxes, string tables, etc., is a common tool in software localization. The hands of the crack, it is often used to modify the file resources in the menus, dialog boxes, string tables, etc., to solve the needs of the information displayed (such as changing the copyright information, etc.), modify the software in order to achieve the purpose.

10, api call query tool api spy

As the name suggests, this program is to detect what software is called api. windows api is called when the program executes a function, with the under dos int (interrupt) almost, windows provide many of these functions allow programmers to apply, the main purpose is to cut software development time, we develop software to facilitate.

api spy api call for such a monitoring software, which lets you view what the application calls the api, so as to arrive on the api call crackers useful information through these api calls to set the breakpoint to achieve the purpose of cracking software. It can work in windows95/98/nt/2000 platform.

Well, shareware top ten killers introduce you finished, how to deal with them is your things. Be noted is that the software mentioned above are all "legitimate" software, but in the hands of different users have played a different purpose. Would like a gun in the hands of the people's army is defending the homeland and the weapons, in all sorts of the wrong hands is a weapon, do not produce this software on to these stereotypes Oh!







Recommended links:



3DS MAX Examples of lighting and lighting effects



REGISTRY modification Guide (3)



Youtube Movie to Laptops Tools



Fax Tools Reviews



Astrology Or BIORHYTHMS Or Mystic Specialist



Comment Converters And Optimizers



Guide Registry Tools



flac to mp3 CONVERTER free



Xilisoft Audio Converter



Flv To Mp3 Converter



PowerFish iPod Backup



Learning Centers: RHCE Exam On The 30 Main Directions



flv to mp3 CONVERTER free download



Dealers also need to plan



ps3 Movie formats



Some knowledge of JSP syntax