¬d¬Ý§¹¾ãª©¥»: IE³Q¸j¬[(ªþhijackthis) ³¡¥÷³n¥óµLªk¶}±Ò

IE³Q¸j¬[(ªþhijackthis) ³¡¥÷³n¥óµLªk¶}±Ò

¸Ë¥ª­Ó³n¥ó¤§«á´N¥X²{¥ª¥H¤U°ÝÃD@@

­º­¶ÅÜ¥ª: [url=http://www.dao666.com/?cmd22]http://www.dao666.com/?cmd22[/url]
¦P®I®à­±¥X²{µLªk§R°£ªºIE±¶®|
¥H¤U¬O[b][color=#006327]hijackthis.log[/color][/b]
[url=http://www.sendspace.com/file/vzl0w5]http://www.sendspace.com/file/vzl0w5[/url]

°£¦¹¤§¥~
¦³D³n¥ó­øª¾ÂI¸Ñ¶}­ø¨ì
¨Ò¦p«öWindow Media Player´N·|¼u¥X¤@­Óµøµ¡¦p¤U:
[url=http://www.sendspace.com/file/837cup]http://www.sendspace.com/file/837cup[/url]
­ø¤î©O­Ó³n¥ó¥ò¦³³¡¥÷³n¥ó³£¦³¦P¼Ë±¡ªp

³Ì«á
¥­®É¥Î¶}¤j¹Ï¥Ü¼Ò¦¡
¥H«eD¹Ï¤ùÀɦP³¡¥÷¼v¤ùÀɳ£·|¦³­ÓÁY¹Ï
¦ý¨Ì®a¥þ³¡³£Åܦ¨°µ¹w³]ªº­·´º¹Ï
½Ð°Ý«Y«}³£«Y¦]¬°¤¤¥ª¬r©w¦³¨ä¥L°ÝÃD?
[url=http://img521.imageshack.us/i/19387662.jpg/]http://img521.imageshack.us/i/19387662.jpg/[/url]
[url=http://img706.imageshack.us/i/74977380.jpg/]http://img706.imageshack.us/i/74977380.jpg/[/url]

³Â·ÐÀ°¦£Ú»Ú»¦³«§°ÝÃD>_<
THANKS! :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-25 07:02 PM ½s¿è [/i]]

[u][color=red]Step 1 : ¤U¸ü¤Î°õ¦æ DDS[/color][/u]

[list][*]¤U¸ü [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS[/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]DDS[/color][*][color=blue]DDS[/color] ·|¦Û°Ê¹B§@¡A½Ð­@¤ßµ¥«Ý[*]µy«á [color=blue]DDS[/color] ·|¼u¥X¨â­Ó¤å¦rÀÉ [color=blue]DDS[/color]¡B[color=blue]Attach[/color]¡AÀx¦s¥¦­Ì[*]³Ì«á [color=blue]DDS[/color] ·|¦Û°Ê§¹µ²[/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ SystemLook[/color][/u]

[list][*]¤U¸ü [url=http://jpshortstuff.247fixes.com/SystemLook.exe][color=#000000]SystemLook[/color][/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]SystemLook[/color][*]©óµøµ¡¤º¶K¤W¥H¤U¤º®e¡AµM«á«ö [color=darkgreen]Look[/color]
[quote]
:reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace /s
[/quote][*]µM«á·|¼u¥X [color=blue]SystemLook[/color] ³ø§i¡A§â¥¦Àx¦s[/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]DDS[/color][*][color=#0000ff]Attach[/color][*][color=#0000ff]SystemLook[/color][/list]

1.HijackThis
[url]http://www.sendspace.com/file/arg9sb[/url]
2.DDS
[url]http://www.sendspace.com/file/d39j4x[/url]
3.Attach
[url]http://www.sendspace.com/file/ccj7my[/url]
4.SystemLook
[url]http://www.sendspace.com/file/fvzqo4[/url]

¨Ì®a¶}IE­Ó­º­¶«YYAHOO¥¿±`ªº
¦ý«ö­ÓD¶}­ø¨ì嘅³n¥ó±¶®|¨Ì®a´NµL¦A¼u­Ó­Óµøµ¡¥X¾¤,¥u«YµL¤ÏÀ³

®à­±¦³­Ó±¶®|«Y¤@«ö´N¼u­Óºô­¶"http://tao.uu116.com/tao.htm?sp"
¥t¤@­Ó±¶®|¤@«ö´N¼u­Óºô­¶"http://www.dao666.com/?vbsie"

¹Ï¤ù¤´µM«YµLÁY¹Ïªº

THANKS! :)

¹Ï¤ù°ÝÃD¤w¦Û¦æ¸Ñ¨M
¦ý¨ä¥L°ÝÃD¤´µM¦s¦b
THANKS :)

[u][color=red]Step 1 : §R°£ Registry[/color][/u]

[list][*]¤U¸ü [url=http://oldtimer.geekstogo.com/OTM.exe]OTM[/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]OTM[/color][*]½Æ»s¤U¦C¤å¦r¡A¨Ã¶K¤W©ó [color=darkgreen]Paste Instructions for Items to be Moved[/color] ¤§®Ø®æ¤º¡G
[quote]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{00000108-0000-0010-8000-00AA006DCCCC}]
[/quote][*]«ö¤@¤U [color=darkgreen]MoveIt![/color]¡A¦A«ö [color=darkgreen]OK[/color]¡A¨Ã­«·s±Ò°Ê¹q¸£[/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ ComboFix[/color][/u]

[list][*]½Ð¥ýÃö³¬©Ò¦³¨¾¬r³n¥ó¡AµM«á¤U¸ü [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]ComboFix[/url] ¦Ü®à­±[*]°õ¦æ [color=blue]ComboFix[/color]¡A[color=blue]ComboFix[/color] ·|¼u¥Xµøµ¡¡A«ö[color=darkgreen]½T©w[/color]¡A¦A«ö[color=darkgreen]¬O[/color][*][color=blue]ComboFix[/color] ·|¶i¦æ±½ºË¡A´Á¶¡¤Á¤Å°õ¦æ¨ä¥Lµ{¦¡©ÎÂIÀ» [color=blue]ComboFix[/color] µøµ¡[*]§¹¦¨±½ºË«á¡A[color=blue]ComboFix[/color] ¥i¯à·|­«·s±Ò°Ê¹q¸£¡A¨ä«á [color=blue]ComboFix[/color] ³ø§i·|¦Û°Ê¼u¥X[*]¸Ó³ø§i·|¦Û°ÊÀx¦s©ó [color=red]C:\ComboFix.txt[/color][/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]ComboFix[/color][/list]

[quote]­ì©«¥Ñ [i]anlth2010[/i] ©ó 2010-3-26 10:37 PM µoªí [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=245220567&ptid=11827503][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
Step 1 : §R°£ Registry

¤U¸ü OTM ¦Ü®à­±¡A¨Ã°õ¦æ OTM½Æ»s¤U¦C¤å¦r¡A¨Ã¶K¤W©ó Paste Instructions for Items to be Moved ¤§®Ø®æ¤º¡G
«ö¤@¤U MoveIt!¡A¦A«ö OK¡A¨Ã­«·s±Ò°Ê¹q¸£
Step 2 : ¤U¸ü¤Î°õ¦æ C ... [/quote]

­ø¦n·N«ä§r
§Ú­øÃÑÃö³¬­Ó¨¾¬r³n¥ó>_<
§Ú«Y¤u§@ºÞ²z­û>³B²zµ{§Ç>´z¥ª¨¾¬r³n¥ó(avast4.8)>¦A«öµ²§ô³B²zµ{§Ç
¦ýÊ\Åã¥Ü"µLªk¤¤¤îµ{¦¡ ³o¶µ¾Þ§@µLªk§¹¦¨¡C ¦s¨ú³Q©Ú¡C"
¨Ï¥ÎªÌ¦WºÙ"SYSTEM"
©w«Y«Y¨ä¥L¦a¤è«×Ãö³¬­Ó¨¾¬r³n¥óªº?@@
¦P®I¹q¸£¥k¤U¨¤­Ó¤u¨ã¦C³£µL¥ª¨¾¬r³n¥ó­Ó¤p¹Ï¥Ü(a)
¤§«e³£¥ò¦³ªº@@
³Â·Ð®Í
THANKS! :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-27 12:11 AM ½s¿è [/i]]

[quote]­ì©«¥Ñ [i]maggiechi[/i] ©ó 2010-3-26 11:14 PM µoªí [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=245225647&ptid=11827503][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]


­ø¦n·N«ä§r
§Ú­øÃÑÃö³¬­Ó¨¾¬r³n¥ó>_<
§Ú«Y¤u§@ºÞ²z­û>³B²zµ{§Ç>´z¥ª¨¾¬r³n¥ó(avast4.8)>¦A«öµ²§ô³B²zµ{§Ç
¦ýÊ\Åã¥Ü"µLªk¤¤¤îµ{¦¡ ³o¶µ¾Þ§@µLªk§¹¦¨¡C ¦s¨ú³Q©Ú¡C"
¨Ï¥ÎªÌ¦WºÙ"SYSTEM"
©w«Y«Y¨ä¥L¦a¤è«×Ãö³¬ ... [/quote]
°±¤î Avast! ªº¨¾Å@¥\¯à§Y¥i¡A¥t¥~ Icon ªº°ÝÃD¡A­«·s¦w¸Ë Avast! ¥ç¥i¥H¸Ñ¨M¡C

1.HijackThis
[url=http://www.sendspace.com/file/08mtme]http://www.sendspace.com/file/08mtme[/url]
2.ComboFix
[url=http://www.sendspace.com/file/pvy78u]http://www.sendspace.com/file/pvy78u[/url]

¨Ì®a®à­±¤S¦h¥ª­ÓIE±¶®|"Internet Explorer"
¤@CLICK­Ó­º­¶´N«Y"http://www.dao666.com/?cmd22"
¥t¥~­ì¥»­Ó¨â­Ó±¶®|³£¥ò«Y«×
¤@­Ó¤@CLICK­º­¶´N«Y"http://tao.uu116.com/tao.htm?sp"
­Ó±¶®|¦WºÙ«Y"¹CÀ¸ÁÈQ¹ô" <(²Åé¦r)
¥t¤@­Ó´N«Y"http://www.dao666.com/?vbsie"
µL±¶®|¦WºÙªº
¥»¨­ªºIE±¶®|¦P¶}©l¦C¤J­±ªºIE­º­¶³£«Y"[url=http://www.dao666.com/?cmd22]http://www.dao666.com/?cmd22[/url]"

«Y"ºô»Úºôµ¸¿ï¶µ"­Ó«×¸ûªð­º­¶°µYAHOO
¤§«á¦A¥´¶}¤SµL°ÝÃD
¦ý­«·s¶}¾÷¤§«á´N·|Åܪ𰵭Ӥº¦aºô

³¡¥÷³n¥ó«Y¶}©l¦C嘅±¶®|³£«YµL¤ÏÀ³

THANKS :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-27 07:16 PM ½s¿è [/i]]

[u][color=red]Step 1 : ¤U¸ü¤Î¦w¸Ë 360 ¦w¥þ½Ã¤h[/color][/u]

[list][*]¤U¸ü¤Î¦w¸Ë [color=blue]360 ¦w¥þ½Ã¤h[/color][*]¨Ï¥Î [color=blue]360 ¦w¥þ½Ã¤h[/color] ±½ºË¹q¸£[*]±½ºË§¹²¦«á¡A½ÐÂÔ°OÀx¦s±½ºË³ø§i[*][color=blue]360 ¦w¥þ½Ã¤h[/color] ¨Ï¥Î±Ð¾Ç¡G[url=http://computer.discuss.com.hk/viewthread.php?tid=944141]http://computer.discuss.com.hk/viewthread.php?tid=944141[/url][/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ SystemLook[/color][/u]

[list][*]¤U¸ü [url=http://jpshortstuff.247fixes.com/SystemLook.exe][color=#000000]SystemLook[/color][/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]SystemLook[/color][*]©óµøµ¡¤º¶K¤W¥H¤U¤º®e¡AµM«á«ö [color=darkgreen]Look[/color]
[quote]
:reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace /s
[/quote][*]µM«á·|¼u¥X [color=blue]SystemLook[/color] ³ø§i¡A§â¥¦Àx¦s[/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]SystemLook[/color][*][color=blue]360 ¦w¥þ½Ã¤h[/color][/list]

1.HijackThis
[url=http://www.sendspace.com/file/x53ew5]http://www.sendspace.com/file/x53ew5[/url]
2.SystemLook
[url=http://www.sendspace.com/file/1w9yjk]http://www.sendspace.com/file/1w9yjk[/url]
3.360 ¦w¥þ½Ã¤h
[url=http://www.sendspace.com/file/esvr85]http://www.sendspace.com/file/esvr85[/url]

®à­±¦WºÙ«Y"¹CÀ¸ÁÈQ¹ô"<(²Åé¦r)ªº±¶®|¤w®ø¥¢
¥t¤@­ÓIE±¶®|¥ç¤w¸g§R°£
¦ýµL¦WºÙªº±¶®|¤´µM«Y®à­±µLªk§R°£
[img]http://img130.imageshack.us/img130/8996/51480678.jpg[/img]

¶}©l¦C¤¤ªº³¡¥÷³n¥ó±¶®|¤´µM¬OµL¤ÏÀ³
¨Ò¦p: cyberlink dvd suite deluxe , Windows Media Player
[img]http://img682.imageshack.us/img682/3370/26080031.jpg[/img]

¥t¥~¥ò¦³­Ó°ÝÃD­øª¾Ãö­øÃö¨Æ
¶}©l¦Cªº²M³æµL§ó·s¨ì³Ìªñ¶}±Òªºµ{¦¡
§Y«Y¦³D³n¥ó§Ú³Ìªñ¦³¶}¹L¦ý­Ó²M³æ¥u«Y¤@ª½ºû«ù¦P¼Ë´X­Óµ{¦¡(³¡¥÷§ó¥[«Y³ÌªñµL¶}ªºµ{¦¡)
«Y"¤u§@¦C¤Î[¶}©l]¥\¯àªí¤º®e">[¶}©l]¥\¯àªí>Áô¨pÅv>¨â­Ó®æ¥J³£¦³TICKªº

­è­èµo²{¦pªG«ö®à­±ªº¸ê®Æ¦^¦¬µ©±¶®|
¥´¶}«á¦A«ö"²M²z¸ê®Æ¦^¦¬µ©"¤]¨S¦³¤ÏÀ³@@
­n«ö¥kÃì¤~¥i¥H¦¨¥\§R°£

¦P®I¥´¶}Windows ¤u§@ºÞ²z­û
¦³¦¨10­Ówscript.exe(Miscrosoft(R) Windows Based Script Host)¡A
5­Óreg.exe(µn¿ý¥D±±¥x¤u·|)
¦P®I6­Ócmd.exe(Windows ©R¥O³B²zµ{¦¡)¦P®É°õ¦æºò
½Ð°ÝÂI·|ËÝ嘅?
¦P¤¤¬r¦³µLÃö«Y¬[?@@
¥H¤Uªþ¤WWindows ¤u§@ºÞ²z­ûªº¹Ï¤ù
[url=http://www.sendspace.com/file/vpya0l]http://www.sendspace.com/file/vpya0l[/url]

­è­è­«·s¶}¾÷«á¥Î360¦w¥þ½Ã¤h¶i¦æ"¹q¸£ÅéÀË"
¦ýµo²{°·±d«ü¼Æ¥u¦³12¤À Åã¥Ü"§Aªº¹q¸£¤¤¦³ÄY­«ªº¦w¥þ°ÝÃD¡A½Ð¥ß§Y­×´_"
¤U­±¦³¬õ¦â"!"Åã¥Ü"µo²{¤ì°¨©Î°ª­·ÀI¤å¥ó"
§ÚCLICK¥ª"¥ß§Y²M°£"¨Ì®a­Ó360¤ì°¨¶³¬d±þ´NRUNºò±½ºË
©ú©ú¤µ¤é¤U¤È­Ó°}¶i¦æ"¹q¸£ÅéÀË"­Ó°·±d«ü¼Æ¥ò¦³98¤Àªº
ÂI¸ÑËݧ֤S·|¥X²{°ÝÃD嘅? >_<

THANKS :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-28 09:14 PM ½s¿è [/i]]

¤w¸g­«·s¥Î360¦w¥þ½Ã¤h±½ºË§¹²¦
²{¦b°·±d«ü¼Æ¬°98¤À

ªþ¤W·sªº³ø§i
1.HijackThis
[url]http://www.sendspace.com/file/0lg44h[/url]
3.360 ¦w¥þ½Ã¤h
[url]http://www.sendspace.com/file/r4939l[/url]

¦P®I§Ú¥»¨­¦³¥Î¶}clubbox¤U¸üÀÉ®×
[url]http://www.clubbox.co.kr/[/url]

¦ý¨Ì®a·Q¤U¸üÀÉ®×嘅®É­Ô
¥ý«á¼u¥X¥H¤U¨â­Óµøµ¡
[img]http://img175.imageshack.us/img175/7942/83509993.jpg[/img]

ËÝ«Y«}§Y«Y§Ú­ø¥i¥H¦A¥Îclubbox©O­Ó³n¥ó¤U¸üÀÉ®×?
¦]¬°¤§«e¥Î­Ó°}¦n¦ü³£µL©O­Ó°ÝÃD¥X²{@@

thanks :)

[u][color=red]Step 1 : ¤U¸ü¤Î¦w¸Ë Malwarebyte's Anti-Malware[/color][/u]

[list][*]¤U¸ü¤Î¦w¸Ë [color=blue]Malwarebyte's Anti-Malware[/color][*]¨Ï¥Î [color=blue]Malwarebyte's Anti-Malware[/color] ±½ºË¹q¸£[*]±½ºË§¹²¦«á¡A½ÐÂÔ°OÀx¦s±½ºË³ø§i[*][color=blue]Malwarebyte's Anti-Malware[/color] ¨Ï¥Î±Ð¾Ç¡G[url=http://computer.discuss.com.hk/viewthread.php?tid=944141]http://computer.discuss.com.hk/viewthread.php?tid=944141[/url][/list]
[u][color=red]Step 2 : §R°£ Registry[/color][/u]

[list][*]¤U¸ü [url=http://oldtimer.geekstogo.com/OTM.exe]OTM[/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]OTM[/color][*]½Æ»s¤U¦C¤å¦r¡A¨Ã¶K¤W©ó [color=darkgreen]Paste Instructions for Items to be Moved[/color] ¤§®Ø®æ¤º¡G
[quote]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{00000108-0000-0010-8000-00AA006DCCCC}]
[/quote][*]«ö¤@¤U [color=darkgreen]MoveIt![/color]¡A¦A«ö [color=darkgreen]OK[/color]¡A¨Ã­«·s±Ò°Ê¹q¸£[/list]
[u][color=red]Step 3 : ¨Ï¥Î VirusTotal ±½ºËÀÉ®×[/color][/u]

[list][*]µn¤J [url=http://www.virustotal.com/zh-tw/]VirusTotal[/url][*]¿ï¾Ü¤U¦CÀɮסG
[quote]
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
[/quote][*]«ö[color=darkgreen]µo°eÀÉ®×[/color]¡AÀÉ®×·|³Q¤W¸ü[*]µ¥«Ý§¹¦¨±½ºË«á¡A§â±½ºËµ²ªG½Æ»s¤ÎÀx¦s[/list]
[u][color=red]Step 4 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=#0000ff]VirusTotal[/color][*][color=blue]Malwarebyte's Anti-Malware[/color][/list]

1.HijackThis
[url]http://www.sendspace.com/file/07fmd1[/url]
2.VirusTotal (¦]¬°¤å¦rÀx¦s®æ¦¡¦n©Ç ©Ò¥H¤À¶}CAP¥ª¹Ï)
[url]http://www.sendspace.com/file/ey8y26[/url]
[url]http://www.sendspace.com/file/x89l2a[/url]
3.Malwarebyte's Anti-Malware
[url]http://www.sendspace.com/file/xb2qt6[/url]

®à­±µL¦WºÙªº±¶®|¤w®ø¥¢
IE°ò¥»¤W¥´¶}¤w¸gµL°ÝÃD«Y¦Û³]ªºYAHOO­º­¶

¦ý«Y¶}©l¦Cªº²M³æ,®à­±ªº¸ê®Æ¦^¦¬µ©±¶®|¦Pclubbox°ÝÃD¤´µM¦s¦b
¦pªG­øÃö¨Æªº¸Ü¦³¨ä¥L¤èªk¸Ñ¨M¶Ü?

thanks :)

­è­è¤@¶}IE¬ðµM­Ó­º­¶¤SÅܪ𰵭Ӥº¦aºô
µM«á­«·s¶}¾÷«áµo²{­Ó±¶®|¤S¥X²{ªð...
¤´µM³£«Y©O­ÓµL¦WºÙªº±¶®|
[img]http://img130.imageshack.us/img130/8996/51480678.jpg[/img]

·|­ø·|«Y¦³«§³n¥ó¦³°ÝÃD?

THANKS :)

[u][color=red]Step 1 : ¤U¸ü¤Î°õ¦æ ComboFix[/color][/u]

[list][*]½Ð¥ýÃö³¬©Ò¦³¨¾¬r³n¥ó¡AµM«á¤U¸ü [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]ComboFix[/url] ¦Ü®à­±[*]°õ¦æ [color=blue]ComboFix[/color]¡A[color=blue]ComboFix[/color] ·|¼u¥Xµøµ¡¡A«ö[color=darkgreen]½T©w[/color]¡A¦A«ö[color=darkgreen]¬O[/color][*][color=blue]ComboFix[/color] ·|¶i¦æ±½ºË¡A´Á¶¡¤Á¤Å°õ¦æ¨ä¥Lµ{¦¡©ÎÂIÀ» [color=blue]ComboFix[/color] µøµ¡[*]§¹¦¨±½ºË«á¡A[color=blue]ComboFix[/color] ¥i¯à·|­«·s±Ò°Ê¹q¸£¡A¨ä«á [color=blue]ComboFix[/color] ³ø§i·|¦Û°Ê¼u¥X[*]¸Ó³ø§i·|¦Û°ÊÀx¦s©ó [color=red]C:\ComboFix.txt[/color][/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ SystemLook[/color][/u]

[list][*]¤U¸ü [url=http://jpshortstuff.247fixes.com/SystemLook.exe][color=#000000]SystemLook[/color][/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]SystemLook[/color][*]©óµøµ¡¤º¶K¤W¥H¤U¤º®e¡AµM«á«ö [color=darkgreen]Look[/color]
[quote]
:reg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace /s
[/quote][*]µM«á·|¼u¥X [color=blue]SystemLook[/color] ³ø§i¡A§â¥¦Àx¦s[/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]SystemLook[/color][*][color=blue]ComboFix[/color][/list]

1.HijackThis
[url=http://www.sendspace.com/file/xppp2k]http://www.sendspace.com/file/xppp2k[/url]
2.SystemLook
[url=http://www.sendspace.com/file/3jlts1]http://www.sendspace.com/file/3jlts1[/url]
3.ComboFix
[url=http://www.sendspace.com/file/degwge]http://www.sendspace.com/file/degwge[/url]

®à­±¨Ì®a¦h¥ª¤@­ÓIE±¶®|
¥´¶}«á­º­¶¬O¦Û³]ªºYAHOO­º­¶
¦ýµL¦WºÙªº±¶®|¤´µM¦s¦b

¥t¥~§Ú¨£ComboFix§R°£¥ª¥H¤U©O­Óµ{¦¡:
c:\program files\NamiRobot\DuTOol.exe
¦ý§Ú¦¨¤é³£­n¥Î©O­Ó³n¥ó¤U¸üÀÉ®×
§Y«Y©O­Óµ{¦¡¦³°ÝÃD?@@
¤£¹L¥H«e¥Î­Ó°}³£µL°ÝÃD
­ø¦n·N«ä³Â·Ð¨ì®ÉÂЮI¥i­ø¥i¥HÄ~Äò¥Î©O­Ó³n¥ó

thanks :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-30 08:44 PM ½s¿è [/i]]

[quote]­ì©«¥Ñ [i]maggiechi[/i] ©ó 2010-3-30 02:56 PM µoªí [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=245607494&ptid=11827503][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
1.HijackThis
[url=http://www.sendspace.com/file/xppp2k]http://www.sendspace.com/file/xppp2k[/url]
2.SystemLook
[url=http://www.sendspace.com/file/3jlts1]http://www.sendspace.com/file/3jlts1[/url]
3.ComboFix
[url=http://www.sendspace.com/file/degwge]http://www.sendspace.com/file/degwge[/url]

®à­±¨Ì®a¦h¥ª¤@­ÓIE±¶®|
¥´¶}«á­º­¶¬O¦Û³]ªºYA ... [/quote]
¥i¥H¡C¥u¬O ComboFix »~§R¤F¥¦¡C

[u][color=red]Step 1 : §R°£ Registry[/color][/u]

[list][*]¤U¸ü [url=http://oldtimer.geekstogo.com/OTM.exe]OTM[/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]OTM[/color][*]½Æ»s¤U¦C¤å¦r¡A¨Ã¶K¤W©ó [color=darkgreen]Paste Instructions for Items to be Moved[/color] ¤§®Ø®æ¤º¡G
[quote]
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{00000108-0000-0010-8000-00AA006DCCCC}]
[/quote][*]«ö¤@¤U [color=darkgreen]MoveIt![/color]¡A¦A«ö [color=darkgreen]OK[/color]¡A¨Ã­«·s±Ò°Ê¹q¸£[/list]
³Ì«á­«·s¦w¸Ë¤@¦¸ Internet Explorer¡A¬Ý¬ÝÁÙ¦³¨S¦³¨ä¥L°ÝÃD¡C

§A¦n
¤£¦n·N«ä
½Ð°Ý¦p¦ó­«·s¦w¸ËInternet Explorer?
¦]¬°¤WºôÚ»¨ì¤S¸ÜVista­ø¥i¥H§R°£IEªº@@
§Ú«Y¥ÎVista , Internet Explorer 8.0.6001.18882

¥t¥~·Q½Ð°Ýªð¤§«e#12­Ó°ÝÃD
¥i­ø¥i¥HÄ~Äò¥Îclubbox¤U¸üÀɮתº?
[url=http://www.clubbox.co.kr/]http://www.clubbox.co.kr/[/url]
¦]¬°¤@¥´¶}360¦w¥þ½Ã¤h´N¦³µøµ¡¼u¥X(¹Ï¤ù¤w¶K©ó#12)
³Â·Ð§A¤F¤£¦n·N«ä

³Ì«á·Q½Ð°Ý®I
¦]¬°¶}©l¦C¤J­±¦³d±¶®|¥¢®Ä
¦n¦üªþÄÝÀ³¥Îµ{¦¡¤J­±嘅notepad,windows explorer,command prompt³£¥Î­ø¨ì
¦³«§¤èªk¥i¥H­«·s«Ø¥ßªðd±¶®|?

thanks :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-3-31 12:06 PM ½s¿è [/i]]

[quote]­ì©«¥Ñ [i]maggiechi[/i] ©ó 2010-3-31 11:27 AM µoªí [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=245707031&ptid=11827503][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
§A¦n
¤£¦n·N«ä
½Ð°Ý¦p¦ó­«·s¦w¸ËInternet Explorer?
¦]¬°¤WºôÚ»¨ì¤S¸ÜVista­ø¥i¥H§R°£IEªº@@
§Ú«Y¥ÎVista , Internet Explorer 8.0.6001.18882
[/quote]
§A¥i¥H¥ý«ì´_ Internet Explorer 7¡A¦A­«·s¦w¸Ë Internet Explorer 8¡C
[quote]
¥t¥~·Q½Ð°Ýªð¤§«e#12­Ó°ÝÃD
¥i­ø¥i¥HÄ~Äò¥Îclubbox¤U¸üÀɮתº?
[url=http://www.clubbox.co.kr/]http://www.clubbox.co.kr/[/url]
¦]¬°¤@¥´¶}360¦w¥þ½Ã¤h´N¦³µøµ¡¼u¥X(¹Ï¤ù¤w¶K©ó#12)
³Â·Ð§A¤F¤£¦n·N«ä
[/quote]
¥i¥H¡C¥u¬O 360 ¦w¥þ½Ã¤h»~§P¡C

§A¥i¥H§â¸ÓÀÉ®×¥[¤J 360 ¦w¥þ½Ã¤h¸Ìªº¥Õ¦W³æ¡]¦n¹³¬O¦³³o­Ó¥\¯à¡^¡C¦p¨S¦³¡A´N²¾°£ 360 ¦w¥þ½Ã¤h¡C
[quote]
³Ì«á·Q½Ð°Ý®I
¦]¬°¶}©l¦C¤J­±¦³d±¶®|¥¢®Ä
¦n¦üªþÄÝÀ³¥Îµ{¦¡¤J­±嘅notepad,windows explorer,command prompt³£¥Î­ø¨ì
¦³«§¤èªk¥i¥H­«·s«Ø¥ßªðd±¶®|?
[/quote]
³o­Ó§Ú¤£¤Ó²M·¡¡C

§A¦n
¤£¦n·N«ä
½Ð°Ý­n¦p¦ó«ì´_ Internet Explorer 7ªº?
¦]¬°«ö·Óºô¤Wªº¤èªk³£­ø±o@@
THANKS :)

­ø¦n·N«ä
¤µ¤Ñ§¹¦¨¤F#18ªº¨BÆJ«á
­ÓµL¦WºÙIE±¶®|©ú©ú¤w¸g®ø¥¢
¦ý­è­è¤S¬ðµM¥X²{ªð«Y®à­±
¤§«á­«ÂÐ#18 OTMªº¨BÆJ­«·s¶}¾÷«á
­Ó±¶®|«Y®ø¥¢¥ª¦ýÂIª¾¤@¥´¶}­ÓIE¤SÅܪ𰵳̪ì­Ó¤º¦aºô
­n«Yºô»Úºôµ¸¿ï¶µ­Ó«×§ïªð­º­¶¥ý±o
¦ý§ï§¹¤§«á¤SµL¨Æ@@
¤£¹L¤§«á¦³¦³®É·|Åܪ𰵭Ӥº¦aºô¦P®I­ÓµL¦WºÙ±¶®|¤S¥X²{ªð«Y®à­±
ÂI¸Ñ­Ó°ÝÃD·|¤£°±­«ÂÐ嘅?
¨ä¹ê«Y«}¥u¦³­«¸ËIE¥ý¥i¥H¸Ñ¨M­Ó°ÝÃD?@@
THANKS :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-4-1 04:36 PM ½s¿è [/i]]

[u][color=red]Step 1 : ¤U¸ü¤Î°õ¦æ ComboFix[/color][/u]

[list][*]½Ð¥ýÃö³¬©Ò¦³¨¾¬r³n¥ó¡AµM«á¤U¸ü [url=http://download.bleepingcomputer.com/sUBs/ComboFix.exe]ComboFix[/url] ¦Ü®à­±[*]°õ¦æ [color=blue]ComboFix[/color]¡A[color=blue]ComboFix[/color] ·|¼u¥Xµøµ¡¡A«ö[color=darkgreen]½T©w[/color]¡A¦A«ö[color=darkgreen]¬O[/color][*][color=blue]ComboFix[/color] ·|¶i¦æ±½ºË¡A´Á¶¡¤Á¤Å°õ¦æ¨ä¥Lµ{¦¡©ÎÂIÀ» [color=blue]ComboFix[/color] µøµ¡[*]§¹¦¨±½ºË«á¡A[color=blue]ComboFix[/color] ¥i¯à·|­«·s±Ò°Ê¹q¸£¡A¨ä«á [color=blue]ComboFix[/color] ³ø§i·|¦Û°Ê¼u¥X[*]¸Ó³ø§i·|¦Û°ÊÀx¦s©ó [color=red]C:\ComboFix.txt[/color][/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ SREng[/color][/u]

[list][*]¤U¸ü [url=http://www.kztechs.com/sreng/download.html]SREng[/url] ¦Ü®à­±¡A¨Ã¸ÑÀ£ÁYÀÉ®×[*]°õ¦æ [color=blue]SREng[/color]¡A¨Ã«ö¤@¤U[color=darkgreen]´¼¼z±½ºË[/color][*]«ö¤@¤U[color=darkgreen]±½ºË[/color]¡A[color=blue]SREng[/color] ·|¶i¦æ±½ºË¡A½Ð­@¤ßµ¥«Ý[*]«ö[color=darkgreen]«O¦s³ø§i[/color]¡A¨ÃÀx¦s¥¦[/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð²­z¤@¤U»Õ¤U¹q¸£ªºª¬ªp[*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]HijackThis[/color][*][color=blue]ComboFix[/color][*][color=#0000ff]SREng[/color][/list]

1.HijackThis
[url]http://www.sendspace.com/file/no9gus[/url]
2.ComboFix
[url]http://www.sendspace.com/file/rnggmi[/url]
3.SREng
[url]http://www.sendspace.com/file/tdxqyf[/url]

®à­±¦h¤F¤@­ÓIE±¶®|
¦ý¥kÁ䪺¤º®e¸û­ì¥»ªºIE±¶®|¤Ö
¥H¤U¬°¹Ï¤ù:
[img]http://img28.imageshack.us/img28/8503/24151462.jpg[/img]

¥t¥~½Ð°Ý­n¦p¦ó«ì´_IE 7©O?
THANKS :)

­è­è¤@¥´¶}IE
­º­¶¤SÅܦ¨¤F¥H¤U³o­Óºô­¶:
[url=http://www.dao666.com/?cmd22]http://www.dao666.com/?cmd22[/url] / [url=http://www.9281.net/?cmd22]http://www.9281.net/?cmd22[/url]
»Ý­n¦Û¦æ³]©wªð­º­¶
¦A¥´¶}¼È®É¤SµL°ÝÃD

¦P®I¨Ì®a­ø¥i¥Hª½±µDOUBLE CLICK¥´¶}"§Úªº¹q¸£"
µL½×«Y¶}©l¦C¤J­±ªº"¹q¸£"©Î®à­±¤W"§Úªº¹q¸£"±¶®|
«ö¤U«á¼u¥X"¹q¸£ºÞ²z"ªºµøµ¡
­n¶}¤å¥ó§¨¤§«á¦A«Y®ÇÃ䪺¨Ó¾ð«¬¥Ø¿ý«ö¥ý±o
©ÎªÌ­n¥kÁä¦A«ö"¶}±Ò"¥ý¥i¥H¦¨¥\¥´¶}"§Úªº¹q¸£"
¦]¬°¬Q±ß¨Ï¥Î®É¨ÃµL°ÝÃDªº
«Y§¹¦¨±½ºË«á¥ýµo²{µLªk¥´¶}..
·Ð½Ð§iª¾¸Ñ¨M¤èªk>_<

¹q¸£­«·s±Ò°Ê«á¥»¨­®à­±·sªºIE±¶®|
¤SÅܦ¨¨S¦³¦WºÙªº±¶®|..

THANKS :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-4-2 11:39 AM ½s¿è [/i]]

§ó·sHijackThis
[url=http://www.sendspace.com/file/h176rf]http://www.sendspace.com/file/h176rf[/url]

¥Ñ©ó²{¦b¥u¯à¥Î¥kÁ䥴¶}"§Úªº¹q¸£"
©Ò¥H¹Á®É¥H¤U¨â­Ó¤èªk
¦ý°ÝÃD¤´¥¼¸Ñ¨M
½Ð°Ý¬~­ø¬~«Y¹q¸£¤J­±§R°£ªð¤§«e©Ò¿é¤Jªº¤º®e?
¦P®I­è­è¤WºôÚ»¹L¸Ü©O­Ó±¡ªp¥i¯à«Y¤¤¥ª¬r
½Ð°Ý¦³«§¤èªk¥i¥H¸Ñ¨M?
THANKS :)

1¡^¡B¥´¶}°O¨Æ¥»,±N¥H¤U¤º®e²K¥[¨ì°O¨Æ¥»¤¤¡A¨Ã«O¦s¬°AAA.bat¤å¥ó,µM«á¥´¶},¨Ì¦¸ÂI½T©w§Y¥i(¦pÁÙ¤£¥i¥H½Ð¸Õ¤U²Ä¤GºØ¤èªk);

regsvr32 appwiz.cpl
regsvr32 mshtml.dll
regsvr32 jscript.dll
regsvr32 msi.dll
regsvr32 "C:\Program Files\Common Files\System\Ole DB\Oledb32.dll"
regsvr32 "C:\Program Files\Common Files\System\Ado\Msado15.dll"
regsvr32 mshtmled.dll
regsvr32 /i shdocvw.dll
regsvr32 /i shell32.dll

2¡^¡B¦pªG¥H¤WÁÙ¤£¯à­×´_,½Ð±N¤U­±¤º®e´_¨î¨ì°O¨Æ¥»¤¤,¨Ã«O¦s¬°yezi.reg¤å¥ó µM«á¥´¶};

Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\Open\command]
@="\"%1\" %*"

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-4-2 05:53 PM ½s¿è [/i]]

¦³¾÷·|¬O¯f¬r­×§ï¤F¨t²ÎÀɮסA¥i¯à»Ý­n¤@°¦ Windows CD ¶i¦æ­×´_¡C

[u][color=red]Step 1 : ¨Ï¥Î F-Secure Online Scanner ±½ºË¹q¸£[/color][/u]

[list][*]¨Ï¥Î [color=blue]F-Secure Online Scanner[/color] ±½ºË¹q¸£[*]±½ºË§¹²¦«á¡A½ÐÂÔ°OÀx¦s±½ºË³ø§i[*][color=blue]F-Secure Online Scanner[/color] ¨Ï¥Î±Ð¾Ç¡G[url=http://computer.discuss.com.hk/viewthread.php?tid=944141]http://computer.discuss.com.hk/viewthread.php?tid=944141[/url][/list]
[u][color=red]Step 2 : ¤U¸ü¤Î°õ¦æ DDS[/color][/u]

[list][*]¤U¸ü [url=http://download.bleepingcomputer.com/sUBs/dds.scr]DDS[/url] ¦Ü®à­±¡A¨Ã°õ¦æ [color=blue]DDS[/color][*][color=blue]DDS[/color] ·|¦Û°Ê¹B§@¡A½Ð­@¤ßµ¥«Ý[*]µy«á [color=blue]DDS[/color] ·|¼u¥X¨â­Ó¤å¦rÀÉ [color=blue]DDS[/color]¡B[color=blue]Attach[/color]¡AÀx¦s¥¦­Ì[*]³Ì«á [color=blue]DDS[/color] ·|¦Û°Ê§¹µ²[/list]
[u][color=red]Step 3 : ²­z±¡ªp¤Î¶K¤W³ø§i[/color][/u]

[list][*]½Ð¤W¶Ç¤U¦C³ø§i¦Ü [url=http://www.sendspace.com/]Sendspace[/url]¡G[/list]
[list=1][*][color=blue]DDS[/color][*][color=#0000ff]Attach[/color][*][color=#0000ff]F-Secure Online Scanner[/color][/list]

§A¦n
¦ý¦]¬°§Ú¹q¸£«Y¦¨³¡¶Rªð¾¤­ø«Y¬ä¾÷ªº
©Ò¥H¨S¦³ªþ°eWindows CD
½Ð°Ý·|­ø·|¦³¨ä¥L¤èªk©O?

¥t¥~·Q½Ð°Ý³¡¹q¸£¼È®É·|­ø·|¦³«§¤j°ÝÃDªº?
¦P®I±½ºËªº¨BÆJ§Ú·|¦b©ú¤Ñ¸Õªº
thanks :)

[[i] ¥»©«³Ì«á¥Ñ maggiechi ©ó 2010-4-2 10:54 PM ½s¿è [/i]]

1.DDS
[url]http://www.sendspace.com/file/ne4go2[/url]
2.Attach
[url]http://www.sendspace.com/file/z8pyh3[/url]
3.F-Secure Online Scanner
[url]http://www.sendspace.com/file/m9isf7[/url]

thanks :)

[quote]­ì©«¥Ñ [i]maggiechi[/i] ©ó 2010-4-2 10:29 PM µoªí [url=http://computer.discuss.com.hk/redirect.php?goto=findpost&pid=245995000&ptid=11827503][img]http://computer.discuss.com.hk/images/common/back.gif[/img][/url]
¥t¥~·Q½Ð°Ý³¡¹q¸£¼È®É·|­ø·|¦³«§¤j°ÝÃDªº?
[/quote]
À³¸Ó¤£·|¦³¡C²{¦b±¡ªp¦p¦ó¡H