çµèå
åä¸è½ä¸ºread(written)çé®é¢ï¼è§£å³æ¥éª¤å¦ä¸ï¼
1ã硬件ä¸çåå ï¼ä¸»è¦æ¯å
åæ¡ä¸å
¼å®¹ï¼æ´æ¢å
åã
2ãç³»ç»æå
¶å®è½¯ä»¶å¼èµ·çï¼å¯ç¨ä¸è¿°æ¹æ³å¤çï¼
ï¼1ï¼ç³»ç»æ¬èº«æé®é¢ï¼åæ¶å®è£
å®æ¹åè¡çè¡¥ä¸ï¼å¿
è¦æ¶åèç³»ç»ghoståºå°å®è£
www.ghost008.com/jiaocheng/æç¨éè£
ç³»ç»ã
ï¼2ï¼ç
æ¯é®é¢ï¼ææ¯ ï¼ææ¯è½¯ä»¶ä¸å
¶å®è½¯ä»¶å²çªï¼å¸è½½æé®é¢ç软件ã
ï¼3ï¼è¿è¡regeditè¿å
¥æ³¨å表, å¨HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ä¸ï¼åºè¯¥åªæä¸ä¸ªæ£å¸¸çé®å¼{AEB6717E-7E19-11d0-97EE-00C04FD91972}, å°å
¶ä»çå é¤ã
3.ç¨360å®å
¨å«å£«ä¸çç³»ç»æ¥æç®±ï¼è¿è¡ä¸ä¸ï¼å°±å¯ä»¥è§£å³ã
4.çµèå
³æºï¼ç¶ååå¼æºï¼ä¸åæF8ï¼æ¾å°æåä¸æ¬¡æ£ç¡®é
ç½®ï¼ç¡®å®ï¼å³å¯ã