FYI
2007-06-10, 04:04 PM
Strings - Sysinternals (http://www.microsoft.com/technet/sysinternals/utilities/Strings.mspx)
Working on NT and Win2K means that executables and object files will many times have embedded UNICODE strings that you cannot easily see with a standard ASCII strings or grep programs. So we decided to roll our own. Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters. Note that it works under Windows 95 as well.
不知道您是否曾遇上以下的困擾 - 不確定某個程式是否病毒? 以往小弟也沒有什麼好方法, 首先檢查嫌疑犯的屬性以便查出公司名稱, 如果不成再由Google 搜尋相關訊息, 再不成則丟到筆記本, 以肉眼檢查是否有可辨認的文字, 但是這樣很不方便而且沒有效率, "The Case of the Unknown Autostart - Mark's Blog" (http://blogs.technet.com/markrussinovich/archive/2007/05/21/1010621.aspx) 的作者說明了網友可能遇到的類似問題, 並且介紹 "Strings" 這個小程式, 雖然不是十全十美, 不過或多或少會有點幫助
Mark's Blog (http://blogs.technet.com/markrussinovich/)
贊助商連結
Working on NT and Win2K means that executables and object files will many times have embedded UNICODE strings that you cannot easily see with a standard ASCII strings or grep programs. So we decided to roll our own. Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters. Note that it works under Windows 95 as well.
不知道您是否曾遇上以下的困擾 - 不確定某個程式是否病毒? 以往小弟也沒有什麼好方法, 首先檢查嫌疑犯的屬性以便查出公司名稱, 如果不成再由Google 搜尋相關訊息, 再不成則丟到筆記本, 以肉眼檢查是否有可辨認的文字, 但是這樣很不方便而且沒有效率, "The Case of the Unknown Autostart - Mark's Blog" (http://blogs.technet.com/markrussinovich/archive/2007/05/21/1010621.aspx) 的作者說明了網友可能遇到的類似問題, 並且介紹 "Strings" 這個小程式, 雖然不是十全十美, 不過或多或少會有點幫助
Mark's Blog (http://blogs.technet.com/markrussinovich/)
贊助商連結