About autorun file on removable medias

Whenever one insert any media like CD in his computer, it senses the new CD and looks for a file in root of CD called autorun.inf. This is the first file gets excuted on insertion of any CD. It contains the command to be run for autoplay, and the icon to be shown while veiwing on file explorer.

It's a plain text file, which can be edited using any text editor, like notepad. It basically contains key=value pair for commands. Sample of autorun.inf file:

[autorun]
open=setup.exe
icon=setup.ico

some other commands which can be written on autorun.inf file
shellexecute=[filepath\]filename
UseAutoPlay=1

This setup.exe and setup.ico should be on root directory of CD.
To test the autorun created by you, refer to Disabling autorun autoplay, to enable autorun for any particular type of drive, for example you can enable for FIXED drives and then test on your C/D/E drives.

For more information on creation of autorun file please refer to wiki page.

Using android adb shell

To excute shell command using your pc, connect device to your system, and give command as "adb devices", to check whether device is connected properly or not.
Now you can excute "adb shell" command to access shell of your device.

All available shell commands for Android phones can be checked using below command:

adb shell ls /system/bin

rm : It's similar to rm command of Unix to remove files and directories.

rmdir : rmdir(rd) command removes an empty directoryon Unix, windows, DOS systems

Some important adb commands for android debugging

adb root       - To get root access on device, this will provide full permission to user
adb remount - Remounts /system partition on the device
adb push      - To push any file, into device file system.

e.g. adb push <local system path>\<filename> <path on device>/<filename>

adb pull:  To pull out file form the device

e.g. adb pull <path on device>/<filename> <local system path>\<filename>

adb shell       - To enter into device's command prompt, and to execute shell command for device.
adb install     - To install any apk file( application file)

 e.g adb install mytest.apk

adb uninstall  - To remove application
adb version   - To know the adb tool version
adb devices   - list of devices connected to adb
adb get-serialno - Prints serial number
adb start-server - Starts ADB server
adb kill-server   - Stops ADB deamon server
adb logcat         - Collects device Log

Removing Autorun Newfoder.exe virus from your system

To remove this virus please follow the below steps:

1. Search for autorun.inf file in your computer. If it's in read only mode, then change it by right clicking on it and then in properties uncheck the "Read Only" option.
2. Now open it in notepad and delete all data in it and save it.
3. Don't forget to change the status to "Read only" mode , so that virus can't modify it again.
4. Click on Start -> Run -> gpedit.msc.
5. User configuration -> Administrative template -> system -> Turn off autoplay -> Enable ( For all drives) refer to this link for more detail.
6. Start-> Run->msconfig
7. Startup tab & services -> search regsvr.exe and un-check all and click OK.
8. select exit without restart.
9. Control panel -> Scheduled tasks -> delete the Atl task, if listed there.
10. Start -> run -> regedit
11. Edit ->find -> search for regsvr.exe. Delete all regsvr.exe occurrences.
12. Don't delete Explorer.exe if regsvr.exe appears with it. Delete only regsvr.exe.
13. Goto [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] and modify value in Shell = Explorer.exe regsvr.exe and delete regsvr.exe from here.
15. Now search for all occurrences of regsvr.exe in your system and delete them.
16. Search for "svchost .exe" ( remember space between svchost & .exe) and delete all occurrences.
17. Also search for "*.exe" and remove all virus affected files, don't remove any legitimate file( any installer file).
18. Restart the system and enjoy..

For more detail on handling autorun.inf file, if you have option set for "don't show hidden files" and you are not able to see autorun.inf file then use following link for removing autorun.inf file.

How to remove autorun.inf file

Some more links you may be interested in:

How to enable opening of Drives after getting affected by autorun virus

Enabling task manager disabled by Autorun virus

Disabling Autorun/Autoplay using Registry editor

To get rid off virus affecting your system because of autoplay of drives please use below steps:
1. Type regedit on run prompt.
2. Navigate to below location:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
3. you will find a key value as "NoDriveTypeAutoRun" , which is one byte value.
4. Please set the value of key as "95" Hex value to disable autorun on removable media and Network drives.

Regedit

5. Be very careful while modifying reg values. Below table will explain you to understand the meaning of bits to set for disabling any type of media.

Value              Meaning
0x1/0x80   Disables AutoRun on drives of unknown type
0x4            Disables AutoRun on removable drives
0x8            Disables AutoRun on fixed drives
0x10          Disables AutoRun on network drives
0x20          Disables AutoRun on CD-ROM drives
0x40          Disables AutoRun on RAM disks
0xFF         Disables AutoRun on all kinds of drives

If any of the bit is set into this hex valye, that type of drive will be disabled for autorun.
Bit    Type of Drive
0/7    UNKNOWN
1       NO ROOT DIR
2       REMOVABLE
3       FIXED
4       REMOTE
5       CDROM
6       RAMDISK

For setting values you must always add 0x80 to the value of drive you want to set for.
A few examples for setting values:
for removable drives: 0x80 + 0x04 = 0x84 ( Hexadecimal addition)
for removable & fixed drives : 0x80 + 0x04 + 0x08 = 0x8C
for removable + fixed drives +CD ROM = 0x80 + 0x04 + 0x08 +0x20 = 0xAC(1010 1100)

For changing Autorun option using Group policy please refer to following links:

Disabling autoplay option in Windows XP using Group Policy
turning-off-autoplay-on-all-drives

Disabling autoplay option in Windows XP using Group Policy

Use following option to disable autoplay in ur system:
1. type gpedit.msc in run window and enter.
2. then goto Computer configuration->Administrative template -> System 

3. Then in right side u will find Turn off autoplay 

4. Double click on that and check "enabled" and select for "all drives"

5. Now click on apply and OK.
6. Similarly follow above steps step 3 to step 5 for 
    User configuration ->Administrative template -> System 


7. This setting for "User Configuration" is must. 


Steps for Advanced Users / System Admins:
if you want to Modify using registry edit then please goto this link.
Disabling Autoplay_Autorun using Registry editor for Advanced Users


Now when you insert any pendrive or any other media it will not be played automatically and you will be safe from Viruses.

Cygwin Installation

Cygwin is

• a collection of tools which provide Linux kind of environment for windows.
• a DLL which provides substantial Linux API functionality. 

This can be downloaded and installed from Cygwin website. Click Here to download.

While you are installing it will ask for package downloading, which you can download from internet or if you already have downloaded then you can give the local path. Now it will ask for packages to be installed. Just select the packages for installation.

For more information refer to this site.

It provides many linux tools like ls 

LS: unix command for listing files and directories

ls is a command to list files and directories in Unix and unix like systems.

if it is invoked without any arguments then will list files and folders in current working directory in bare format. In this bare format its difficult to distinguish files and folders and other parameters.

FORMAT: ls [Options] [Filename]

Following are the most common options to be used with "ls".

-a :  Include all files even which are starting with "."(Hidden files in Unix ), by default they are ignored.

-l  : Long format, lists permissions in unix format, size, owner , date modified etc.

-F : Appends a character to reveal the type of file e.g. * for executables '/' for directory
-R : list recursively all the directories and files

-d : list directories instead of content

-t : sort by modification time

-h : Print size in human readable format like 1M, 4G ( Use with -l)

Example: 

For listing files and directories with their parameters like size permissions and all.

> ls -l 

For listing in as ls -l along with size in human readable format..

>ls -h -l

Note: ls can also be used in windows environment with cygwin installation.

CACLS command for windows changing mode permission

It is a command line utility which displays and modify Access Control Lists (ACLs) in windows environment(Microsoft windows NT) of files and folders. An Access Control List is a list of permissions for securable object, such as a file or folder, that controls who can access it.

 

XCACLS.exe : It's a updated version for cacls for windows 2000 and later.

 

CACLS filename [/T] [/E] [/C] [/G user:perm] [/P user:perm [...]] [/D user [...]]

 

Options:

filename: Name of the file to be modify ( * wildcard for all files )

/T            Changes ACLs of specified files in the current directory and all subdirectories.

/E            Edit ACL instead of replacing it.

/C            Continue on access denied errors.

/G user:perm  Grant specified user access rights.

/P user:perm  Replace specified user's access rights.

/D user       Deny specified user access.--

 

Perm can be:

N  None

R  Read

W  Write

C  Change (write)

F  Full control

 

Examples:

1: to replace ACL with Full access permission to current directory and all subdirectories for user "test"

>cacls * /T /P test:F

2. To edit ACL for particular user "test" with Change access for abc.text file without changing other permission.

> cacls abc.text /E test:C

 

Also look for chmod a linux command for changing file permissions.

 

chmod in perl: setting file permissions

Changes the permission of the specified list of files. First argument should be numerical octal value. Returns number of files successfully changed.

usage is as follow:

$result = chmod 0777, "file1.txt","file2.txt";
chmod 0755, @filelist;
$mode  = 0655; chmod $mode, @filelist;

$mode = "0655"; chmod oct($mode), @filelist;
$mode = "0655"; chmod $mode, @filelist; # Not a good usage Should avoid, instead use above method

How to decide mode octal value:
mode is of 4 octal digits e.g. 0754, equivalent to (userID)(user)(group)(Other)
0755: u: full, GO: read and execute
0777: all : full permission
0555: all : read and execute

 symbolic representation of file permissions:

Representation	Class	Description
u	User	Owner
g	Group	Members of file group
o	Others	Neither owner nor group
a	All	Everyone

Octal notation:

Octal	System	Description
0	---	No permission
1	--x	execute
2	-w-	write
3	-wx	Write and execute
4	r--	Read
5	r-x	Read and execute
6	rw-	Read and write
7	rwx	Read, write and execute

setting mode permission from command line

type following command in command prompt.
chmod {mode} filename, file2, file3

In C language its used as:
int chmod(const char *File_path, mode_t mode_value);

How to decide mode octal value:
mode is of 4 octal digits e.g. 0754, equivalent to (userID)(user)(group)(Other)

0755: u: full, GO: read and execute

0777: all : full permission

0555: all : read and execute


 symbolic representation of file permissions:

Representation	Class	Description
u	User	Owner
g	Group	Members of file group
o	Others	Neither owner nor group
a	All	Everyone

Octal notation:

Octal	System	Description
0	---	No permission
1	--x	execute
2	-w-	write
3	-wx	Write and execute
4	r--	Read
5	r-x	Read and execute
6	rw-	Read and write
7	rwx	Read, write and execute

These octal values are decided based on binary position of R W X.
R W X
0  0  0
0  0  1 : execute
0  1  0 : Write
1  0  0 : Read

Ex: changing permission for files in whole directory recursively as read, write, execute
chmod -R -v 777 ./*

reference: chmod

Converting POD To html ( Plain Old Documentation to HTML Conversion)

First you should know what is POD, so for Writing Documentation in Perl Modules Check Article "Plain OLD Documentation". After reading this article you will know what is POD and then point comes to convert it to distributable format i.e. html format, so no one will have to look into your perl code and one can know what all is there in that particular module.

There is a module in Perl Called as "pod2html" which gives details on how to convert pod to html.
 Following is the command line for converting pod 2 html :

 pod2html --help --htmlroot= --infile=

                           --outfile=  --podpath=:...:

                           --podroot= --libpods=:...:

                           --recurse --norecurse --verbos

                           --index --noindex --title=

--htmlroot: Root path when creating HTML File from pod.

--infile: Specify the pod file name to convert to html 

--outfile: HTML Filename to be created, if not given then output will go to STDOUT

--index : Creates index at TOP of HTML File (Default)

--noindex: Oppsite of "--index", don't create index at top

--recurse: Recurse into subdirectories specified in podpath(default)

--norecurse: Do not recurse

--title: Title of resulting HTML File

--verbose: Display progress messages

--podroot: Base directory for finding library pods



Example: pod2html --infile=Test.pm --outfile=Test.html --header --index --backlink="Go Back to Top"

 For further study: POD::HTML,  Plain OLD Documentation