Results 1 to 2 of 2

Thread: ถามหน่อยครับเกี่ยวกับ sub7

  1. 07-06-2006, 01:25 AM #1
    Anonymous
    Guest

    ถามหน่อยครับเกี่ยวกับ sub7

    อยากทราบว่าถ้ามีแมงตัวนี้อยู่ในเครื่อง เราสามารถที่ทำการหามันแล้วแก้ไขได้ไหมครับ ถามพี่ๆ เซียนทั้งหลายที่เคารพครับ
    Reply With Quote Reply With Quote
  2. 07-06-2006, 10:22 AM #2
    asylu3
    asylu3 is offline
    Administrator asylu3's Avatar
    Join Date
    Jun 2000
    Location
    Thailand
    Posts
    3,557

    Re: ถามหน่อยครับเกี่ยวกับ sub7

    The order to remove this trojan is complicated by the depth to which the trojan hooks the operating system.
    One trick that AVERT has discovered is to rename the registry editing program from their original .EXE to a .COM extension (as in REGEDIT.COM). This will by pass the limitations created by removing the trojan prior to editing the registry. This will allow you to remove references of trojans and Internet worms.

    To repair the registry via a registry script file, download this UNDO.REG file, and open it.

    --- Manual Removal Instructions ---

    1) Identify and note the files associated with this trojan as detected by the scanner.

    2) Click START|RUN, type

    COMMAND /C COPY %WINDIR%REGEDIT.EXE %WINDIR%REGEDIT.COM
    and hit ENTER
    3) Click START|RUN, type REGEDIT.COM and hit ENTER

    4) Remove references to the trojan from these keys of the registry

    HKCRexefileshellopencommand

    HKLMSoftwareCLASSESexefile
    shellopencommand

    They should contain only the value not including brackets
    [''%1'' %*].

    5) If applicable, remove any keys that run the main trojan under

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindows
    CurrentVersionRunServices

    HKEY_LOCAL_MACHINESoftwareMicrosoftWindows
    CurrentVersionRun

    HKEY_LOCAL_MACHINESoftwareMicrosoftActive Setup
    Installed ComponentsKeyName

    6) If applicable, delete the registry key if it exists

    HKEY_CLASSES_ROOT.dl

    and exit Regedit

    7) If applicable, edit WIN.INI and remove the reference to the trojan from the run= line in the [windows] section.

    8) If applicable, edit SYSTEM.INI and remove the reference to the trojan from the shell= line in the [boot] section. It should just contain the file EXPLORER.EXE.

    9) Restart the system.

    10) Delete the trojan program(s). If all is well the files should be deleted OK. If you get an error message saying that windows is unable to delete the file because it is in use, then you have made an error in the above procedure. Repeat steps 1 to 9 and try again.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. แจกโปรแกรม SuB7 V.2.1.5 ::::::::;;;;;;;;;;(O_O)
    By nirvana02 in forum Ethical Hacking for Padawan
    Replies: 0
    Last Post: 16-07-2009, 02:19 AM
  2. โปรแกรม SUB7 ครับเข้ามาดูเอา
    By akiraangle in forum แนะนำ Software ต่างๆ
    Replies: 2
    Last Post: 09-04-2009, 10:31 PM
  3. วิธีใช้ sub7 (ซ้ำขอโทษด้วยอย่าแบนนะ)
    By toeifly in forum Hacking, Exploit Articles/Tutorial/Techniques
    Replies: 0
    Last Post: 27-08-2007, 11:00 PM
  4. ใครมีโปรแกรม Sub7 แบบไม่มีไวรัสบ้างครับ
    By Drive02 in forum Newbie / Starter Hacker
    Replies: 0
    Last Post: 13-07-2007, 10:27 PM
  5. เซียน sub7 ช่วยทีครับ
    By Anonymous in forum Hacking, Exploit Articles/Tutorial/Techniques
    Replies: 7
    Last Post: 05-03-2007, 11:17 AM

Members who have read this thread : 0

Actions : (View-Readers)

There are no names to display.

Members who have read this thread: 0

There are no members to list at the moment.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Hide Hack By vFCoders