x-quisite

1. I also would like to ask, is it possible to force autoplay on PC which autoplay has been disabled? Is it ture, some PC disable autoplay using windows setting such as registry edit and there's another way which i don't really know the method. Just like nlite do when u tick to disabled autoplay. Although autoplay enable through windows setting or registry, but the autoplay will not run. do u know what kind of method they(nlite) use? 2. Another question, my friend's thumbdrive infected by virus. the effect of this virus will set permission to all the contain of the thumbdrive which disallowed any kind of modifying or deleting all the files in it. But the problem is the thumbdrive is using FAT system. So there's no security tab on the properties. i also try using command prompt by using "cacls", "icacls", registry setting method and all kind of take ownership method but they are no use. Of course i can't format the thumbdrive and convert system file. I got formatter from the manufacturer website but when i try to format it said "device info block corrupted". Worst, i even try ubuntu to delete file on the thumbdrive but no use.

thanks. it works as mention. i tested it and most of the virus can't change the permission. It's better than i have to change autorun.inf everytime i insert the thumbdrive to laboratory comp If u suggest "dont plug it into a system that isnt yours " than better said don't even buy the thumbdrive. i have to plug to PC that isn't me which must perform read and write function. understand the situation. i need to plug to unknown PC everyday with read and write function. That can't be help. Also i don't like wasting my time to encrypt and decrypt everytime i plug to PC. But if u suggest to encrypt the autorun.inf only ONCE and u sure the modified autorun.inf can run although it's encrypted, then please provide me with more detail instructions thank you

Actually i already mention above i use autorun.inf for icon, label n customize many things for my thumbdrive. It's simple virus but can be quite annoying. As far as i concern, those virus can't bypass ninja flashdisk, flash disinfector and any other software that protecting autorun.inf. Regarding 'sparda', all those software just use ntfs permission to done that. Back to the topic, my main concern here is to protect own modified autorun.inf regardless the method. And of course truecrypt isn't the one.

cacls autorun.inf /c /d administrators is it correct?

i have tried setting ntfs permission on autorun.inf file. It protect the autorun.inf file but unfortunately it still doesn't achieve my objective. The "modified" autorun.inf still unusable. Means when it protect, it just look like a blank autorun.inf. So in other word, i can't protect the 'modified' autorun.inf which consist icon and etc for my pendrive

thanks..but does it look like any other software? where it will protect the default autorun.inf. Not the one that i modified

don't u think u your statement above is not really accurate? coz what i mention, i can run the software before any malware infect the usb. The software only need to run 'once' to give special permission to the autorun. i try to remove the permission but it won't work easily. As example, ggreat give permission 'x' to the autorun.inf. I believe ntfs just can give permission read only,archive,hidden and system only. it really protect the autorun.inf. u should try it first. usb stick physically read only? how about if i want to write on the drive? simple script to restore the backup? can u suggest me with your script?

thanx 4 the reply yeah, my thumbdrive is ntfs and i know it won't help in any way..keep backup an restore? i think it's manual way..just asking for anybody know how all the software like ggreat,naevius, and so many others protect autorun.inf by creating special folder or special permission which can't be deleted easily..

Firstly, thanks h2oh4x! however, i can't run the program. when i try to run it, alert appear and said "Run-time error'76': Path not found" i use windows 7. i don't know if the others have same problem as me.

Actually i have ask this question in several forum but no one can give me the answer..kind of frustrated for so long.. Look like this forum have a lot of expert in programming n hacking, so just try my luck here. Here the case. I'm a student n have usb thumbdrive. so i always insert my usb to different pc in different lab. The virus inside all the PC really make me sick although it's simple. Coz i create my own autorun.inf (customize it for icon and etc), and when i insert it to the pc in the lab, the virus will change my autorun.inf. The best way i think is to protect the autorun.inf file. i try usb flash disinfector and ggreat usb antibody, which will protect autorun.inf. Usb flash disinfector will protect by creating special folder for autorun.inf i believe they call it 'lp3' method. ggreat usb antibody will add special attribute (x) to the autorun.inf. i try both of them, and it successfully protect the autorun.inf. But my problem is, i create my own autorun.inf (customize for icon and etc). Both of the program and i think all the program that protect autorun.inf will 'RESET' the autorun.inf to default before they protect it (for security purpose). I want my own autorun.inf (that i created) to be protected. Any idea? either by manual or program..

u know your instruction still too hard for someone moderate in comp to understand. I have take a look at your website. Just for suggestion, i think u should create program to decode lskdata.bin file. Although maybe it's hard, but it will be very useful. And u should write detail guide step by step (tutorial) on your website about decode the lskdata.bin manually. :-) i can't understand it. U mean if we just send any txt file size as keyboard input 50,000+, the program will 'clear' all the data before? actually i like to ask about the process of lanschool. From what i understand, it function like keylogger. But the PC is remotely connected right? So the log file is save only on the PC or it automatically send to technician (lecturer) PC?

Thanks.. Thanks too..what u mean by special or super edition? u have made some improvement compared to your previous lanschool manager? Anyway, i'll try both program.. Thanks again..you guys really helpful..nice to know u all

sorry to bring this topic back. just don't get it. let see below: i think someone has ask to reupload back the dead link for 'lanschool manager' by lyzon. it looks fine. but i just don't get it why there's no one reupload it. my college use only version 7.0.0.7. So i also really wanna try this application sorry, i can't find where this topic has been addressed. Can come out with a link? i belive your way is one of a good way. but with so many procedure, reboot and stuff like that, it just will attract people around us to see what we try to do. maybe not too flexible is the correct word well, if it possible, i just want to suggest that i think the best way is not by to uninstalled or crashing it, maybe just an application to fake it. the screen,application run and stuff like that. coz i believe the best way is the most 'silent' way.

sorry to bring this topic back. just don't get it. let see below: i think someone has ask to reupload back the dead link for 'lanschool manager' by lyzon. it looks fine. but i just don't get it why there's no one reupload it. my college use only version 7.0.0.7. So i also really wanna try this application sorry, i can't find where this topic has been addressed. Can come out with a link? i belive your way is one of a good way. but with so many procedure, reboot and stuff like that, it just will attract people around us to see what we try to do. maybe not too flexible is the correct word well, if it possible, i just want to suggest that i think the best way is not by to uninstalled or crashing it, maybe just an application to fake it. the screen,application run and stuff like that. coz i believe the best way is the most 'silent' way.

1. when i double click 'SBConfig-V2.0.18.exe' to setup setting, it include hacksaw setup..actually i made a guess that hacksaw will steal some information and send to email that has been set...is it right??i don't receive any email regarding this information..how can i know SMTP server and SMTP port..what should i fill there?? also what is the function of external ip url??what i should fill in there too?? 2. is the dump messenger password work?? i have try up to 4 pc, but the Dump messenger PW, Dump IE PW, Dump Cache and Dump LSA secrets fail to show any result..dump meessenger PW is for MSN or yahoo?? 3. anyone can come up with simple way to convert the "Key (Hex)" tosomething that i can understand??