Registry image hijacking get to any program.- Vulnerability warning-the black bar safety net

2009-07-08T00:00:00
ID MYHACK58:62200923795
Type myhack58
Reporter 佚名
Modified 2009-07-08T00:00:00

Description

Below we to shield a program KAVSVC. EXE, for example, the method of operation is as follows:

The first step: first create the following text file, enter the following, Save As 1. reg

|

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSVC.EXE] "Debugger"="d:\1.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KAVSVC.EXE] "Debugger"="d:\1.exe"


The second step: double click to import the reg file, OK.

Third step: point“Start→Run”, 输入KAVSVC.EXE the.

Tips: 1. exe can be any useless file, we feel free to create a text file after the extension. txt changed to. exe