�ԸաӨѴ �� Flashy.exe �� Flash Drive ��ͧ

Run �� regedit��ź��Ѻ HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer ��ҹ�� --------> NoFolderOptions źNoFolderOptions �͡��¤�Ѻ ��ѹ��ҧ��Ҥ�Ѻ HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced ��ҹ�� --------> HideFileExt ź HideFileExt HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess ��ҹ�� -------->Start ź Start HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun ��ҹ�� --------> Flashy.exe ź Flashy.exe �͡��Ѻ ��ź systemID.pif ��Start MenuProgramsStartup systemID.pif ź systemID.pif �͡��¤�Ѻ 价�� Start--->Run �� msconfig 价��ᶺ startup ��͡��꡶١˹��systemID �͡��Ѻ ��ʵ��ͧ��ͧ�� Ctrl+Alt+Delete �٤�Ѻ��Flashy.exe�ѧ��㹹�� ա��稤�Ѻ ��ҡ��ͧ��ѹ��ҧ��ҷ��Ҩ��Դ��ͧ��ͧ��ʷء�� ͧ��仴�� User accounts ��ٿ��ʼ�ҹ��µ͹��ѧ��͡��Ѻ ��ͧ��ʷء��Ѻ �¡�� Run �� regedit ��仵��Ѻ HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon] ��ʵ�ԧ��Ѻ�ҡ��ա��ԡ��͡ New-->String value ��Ѻ "AutoAdminLogon"="1" "DefaultUserName"="��ͼ��Ф�Ѻ" "DefaultPassword"hacked" ��ѧ�ҡ�ӵ��鹵͹��ź��ʪ��Flashy.exe � C:WINDOWSsystem32 ��ͧ�Դ Show hidden File ��͹�Ф�Ѻ�֧�� ʵ�ǹ��ѹ��͹�� Ѻ��ʷ��ι��Ф�Ѻ ��ҡ�ͻ�ҹ�͡��ǡ��¤�Ѻ �ҡ��駢�ҧ��ҧ��¤�Ѻ �ҡ��ҹ��ʨҡ�ι��仵Դ��ͧ��㨹��ѹ�Ф��¾ѹ�� Ͷ��令�ԡ��ʼ��Դ��ѹ��Դ��ͧ�Ф�Ѻ �ͧ��Сѹ��Ѻ ��ѧ��Ҷ��Ѻ �ͺ�ء�ѹ�Ѻ ��Ŵ��Ǫ��format flashdrive�Ф�Ѻ www.unlimitpc.com/article/flashdrive/SP27213.exe http://www.savefile.com/projects/400096 ��礤��Ѻ ��Դ��ҧ��Ѻ http://www.yousendit.com/transfer.php?action=download&ufid=D6D4AE03712FAE95 ��ͧ��ҵ͹�Դ��ͧ��ѹ��Һ�ҧ http://www.yousendit.com/transfer.php?action=download&ufid=ACE331F3103D9D04 " />�ԸաӨѴ �� Flashy.exe �� Flash Drive ��ͧ
��Դ��繷�� : 10

�ԸաӨѴ �� Flashy.exe �� Flash Drive ��ͧ

��鹵͹��áӨѴ�� Flashy.exe

1. ��ҵ�ͧ��ͧ��ҷ�� Դ password �� boot ��͹ ��

�� Hirens BootCD 8.1 ��Ǣ�� pass.... ��͡�� 1. Act...

- �� ж�� patition ��ѹ�˹ ��ҡ��͡�

- �� ж�� Account ��ҧ pass �ѹ�˹ ��ҡ��͡�

- �� ͡�ҡ�� ҡ� reboot �� f8 �� Safe Mode

2. �� Safe Mode ��

- ��ԡ��ҷ�� My Computer > Properties > �� System Restore > ��͡ Turn off System Restore on all drives > OK

3. ��ԡ��ҷ�� Task Bar > Task Manager (�� Ctrl+Alt+Del) > �� Processes �ҵ�Ƿ�� Flashy.exe �� systemID.pif > End Process (�óն�ҵ�Ǩ��..)

4. �Դ Notepad ��ǡ�ͺ��ͤ��ҹ��ҧ��ҧ ૿�� killfrashy.bat

��૿�� Ѻ��Ť�ԡ�� killfrashy.bat ��¡��ѧ��Ƿӧҹ

--------------------------------------------------------

@ECHO OFF

REG delete HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem /v DisableRegistryTools /f

REG delete HKLMSoftwareMicrosoftWindowsCurrentVersionRun /v Flashy Bot /f

REG add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v Hidden /t REG_DWORD /d 2

REG add HKCUSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced /v HideFileExt /t REG_DWORD /d 0

REG add HKLMSYSTEMCurrentControlSetServicesSharedAccess /v Start /t REG_DWORD /d 2

--------------------------------------------------------

5. 价�� Start Menu All ProgramsStartup �� systemID.pif ��ź�� (��ԡ�� > Delete) 价�� C:WINDOWSsystem �� Flashy.exe ��ź��

6. ��鹵͹��áӨѴ Flashy.exe > Restart ��ͧ

��

��ͧ�� regedit ��

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer"NoFolderOptions" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced"HideFileExt" = "1"

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced"Hidden" = "2"

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess"Start" = "4"

--------------------------------------------------------------------------------

Brontok �ѧ��ѹ�ѧ��µ��ա��
��ʵ�ǹ��·��ش�ӧҹ��Ƿ��ش��ҷ��м��Ҥ�Ѻ ��Ӥѭ�Դ��ҡ ��¡��ա(Brontok)�ա��Ѻ��͹��ʵ��˹�Ѵ��Ẻ��Ѵ ��ҹ��㨤�Ѻ��繤��á��ҷҧ��3�׹(��͹��¤�Ѻ)��ҹ��ͧ��ͧ��ͧ��ͧ��ǹФ�Ѻ �ͧ��Google�鹤��Flashy.exe.�Ԥ�Ѻ��դ��ʢ��Ҷ��º��¤�Ѻ�ҡ��Ǻ��ʴ��¹Ф�Ѻ��ҵԴ��ʵ�ǹ�� з��Թ��Ѻ
��ѹ�ж��ʼ�ҹ ��駷��
��ʼ�ҹ��ʤ�� hacked
��Թ��ҡ��Ҧ��ʡѹ��Ѻ
�ѹ�Ѻ�á��ش��÷ӧҹ�ͧ�ѹ��͹��Ѻ
�� Ctrl+Alt+Delete ��͡��ԡFlashy.exe ��Ǥ�ԡ End Process �ç��ҧ��Ѻ
��ǵ͹��ѹ��ش��÷ӧҹ��Ǥ�Ѻ ��ҵ�ͧ��regedit ��ѧ��ѹ�Դ��ҡ��ͧ��Unhookexec.inf ��Ф�Ѻ �Ŵ��ͤ�ѹ��͹ ��Ŵ��ҡ��駹��Ѻ
http://securityresponse.symantec.com/avcenter/UnHookExec.inf

��Ŵ��ǡ��ԡ�� ͡ Install��Ѻ
�� 价�� Start--->Run �� regedit��ź��Ѻ
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesExplorer ��ҹ�� --------> NoFolderOptions
źNoFolderOptions �͡��¤�Ѻ ��ѹ��ҧ��Ҥ�Ѻ

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced ��ҹ�� --------> HideFileExt
ź HideFileExt

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccess ��ҹ�� -------->Start
ź Start

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun ��ҹ�� --------> Flashy.exe
ź Flashy.exe �͡��Ѻ

��ź systemID.pif ��Start MenuProgramsStartup systemID.pif
ź systemID.pif �͡��¤�Ѻ

价�� Start--->Run �� msconfig 价��ᶺ startup ��͡��꡶١˹��systemID �͡��Ѻ

��ʵ��ͧ��ͧ�� Ctrl+Alt+Delete �٤�Ѻ��Flashy.exe�ѧ��㹹�� ա��稤�Ѻ

��ҡ��ͧ��ѹ��ҧ��ҷ��Ҩ��Դ��ͧ��ͧ��ʷء��

��ͧ��仴�� User accounts ��ٿ��ʼ�ҹ��µ͹��ѧ��͡��Ѻ ��ͧ��ʷء��Ѻ �¡��
�� Run �� regedit ��仵��Ѻ
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
��ʵ�ԧ��Ѻ�ҡ��ա��ԡ��͡ New-->String value
��Ѻ

"AutoAdminLogon"="1"
"DefaultUserName"="��ͼ��Ф�Ѻ"
"DefaultPassword"hacked"

��ѧ�ҡ�ӵ��鹵͹��ź��ʪ��Flashy.exe � C:WINDOWSsystem32 ��ͧ�Դ Show hidden File ��͹�Ф�Ѻ�֧�� ʵ�ǹ��ѹ��͹��

��Ѻ��ʷ��ι��Ф�Ѻ ��ҡ�ͻ�ҹ�͡��ǡ��¤�Ѻ �ҡ��駢�ҧ��ҧ��¤�Ѻ �ҡ��ҹ��ʨҡ�ι��仵Դ��ͧ��㨹��ѹ�Ф��¾ѹ�� Ͷ��令�ԡ��ʼ��Դ��ѹ��Դ��ͧ�Ф�Ѻ �ͧ��Сѹ��Ѻ ��ѧ��Ҷ��Ѻ �ͺ�ء�ѹ�Ѻ

��Ŵ��Ǫ��format flashdrive�Ф�Ѻ

www.unlimitpc.com/article/flashdrive/SP27213.exe

http://www.savefile.com/projects/400096

��礤��Ѻ ��Դ��ҧ��Ѻ

http://www.yousendit.com/transfer.php?action=download&ufid=D6D4AE03712FAE95

��ͧ��ҵ͹�Դ��ͧ��ѹ��Һ�ҧ

http://www.yousendit.com/transfer.php?action=download&ufid=ACE331F3103D9D04

Posted by : KKY , Date : 2006-08-17 , Time : 20:45:35 , From IP : 172.29.7.62

��Դ��繷�� : 1

Thanks
however I want to know how I kill the "Brontok" ?
any advice ?

Posted by : ask , Date : 2006-08-17 , Time : 20:58:08 , From IP : 172.29.3.168

��Դ��繷�� : 2

Flashy.exe ��ö�ҡѺ Handy drive ��Ҥ�Ѻ �� ҹ��͹�� Handy ��Դ�� Flashy.exe ��ǹ�� ѧ䧡��ź��ŧ��ͧ ��ա�ѹ˹��Դ ��ҡ�� Դ��ͧ�� Admin ��Ƿ��ѹ�� Password �� ͡��õ�ҧ � �� Hidden �֧��ͧ��ҫ�͹��˹ ��Setting ��ëѡ��ҧ��Ф�Ѻ
ú�ǹ��º͡˹��¹Ф�Ѻ
�ͺ�س�ҡ�Ѻ

Posted by : �� , Date : 2006-08-23 , Time : 11:10:36 , From IP : 192.168.49.140

��Դ��繷�� : 3

�ոչ��Ф�Ѻ��ͺ��ͧ��͹��ͧ˹��¤��Ẻ��Ф�Ѻ��ҡ��¢ͺ�س�ҡ��Ф�Ѻ��Ѻ Key ��ѹ

Posted by : �ͺ�ҡ , E-mail : (-) ,
Date : 2006-08-28 , Time : 18:05:39 , From IP : 125.24.130.121

��Դ��繷�� : 4

�ú͡�� Nod32 ź��Ѻ �ѹ��ԧ��Ф�Ѻ��ź�� ѹ��ͧ�ҡ�� ѹ�� Nod32 ��¤�Ѻ �ѹ��ʷ�� ҹ��

****** ��Щй�� ͹��Դ�� ᡹��ʡ�͹�ء��駹�Ф�Ѻ
��繹�� Ǻ͡��仴��¤�Ѻ ******

��. �� Nod32 ��Ѻ��Ҵ��ҡ��Ѻ ��Ҥ��᡹��Ǥ��ѹ��Ѻ ��Ҩ��ͧ�ѹ��ͺ��ҡ��ش��Ѻ (��ʷ��Nod32�� ᡹��ʵ��й�Ф�Ѻ)

Posted by : ��֡��ʵ�� ҢҤ��֡�� , Date : 2006-10-04 , Time : 12:22:21 , From IP : sqcache1.kku.ac.th

��Դ��繷�� : 5

�ӨѴ�ѹ�� ԡ��
�س��ö��ǹ��Ŵ

1.��Ǧ�� Flashy ��ͧ
2.��Ǧ�� Flashy ��ι��

�� www.trackerx90.th.gs

Posted by : trackerx90 , Date : 2006-11-01 , Time : 17:42:48 , From IP : 203.113.41.133

��Դ��繷�� : 6

��䧴դ�� ѹ�Դ �ι�� ѧ䧴�
��ú�ǹ��Ը��ҷ��Ф�� kanoi_boom@hotmail.com �ͺ�س��

Posted by : �ա�� , Date : 2007-01-07 , Time : 10:51:54 , From IP : 202.28.35.1

��Դ��繷�� : 7

��ҡ��Ѻ ��բ��ö��¤��Ѻ �͹��ⴹ��͹�ѹ��Ѻ ��Ф�Ѻ��Һ͡�Դ��Ҵ�ѧ䧢��´��¹Ф�Ѻ ��Ҽ�� Mcafee 10 ��Ф�Ѻ ��Ǿ��Դ��ͧ�� ѹ�п�ͧ��
Found Trojan �繪�Դ New malware.j ��Ѻ �ѧ䧪��Ը��ҷ��
dome_turbo@hotmail.com ��¹Ф�Ѻ �ͺ�س�ҡ��Ѻ

Posted by : �� , E-mail : (dome_turbo@hotmail.com) ,
Date : 2007-03-05 , Time : 23:03:50 , From IP : DIAL278-NAS216.anet.

��Դ��繷�� : 8

�͹��ⴹ��͹�ѹ��Ѻ ��Ǿ��Դ��ͧ�� ѹ�п�ͧ��
Found Trojan �繪�Դ New malware.j ��Ѻ �ѧ䧪��Ը��ҷ��
wizardercho@yahoo.com ��¹Ф�Ѻ �ͺ�س�ҡ��Ѻ ú�ǹ˹��¹Ф�Ѻ �ͺ�س��Ѻ

Posted by : Mr.Cho , E-mail : (wizardercho@yahoo.com) ,
Date : 2007-03-12 , Time : 12:26:21 , From IP : 203.154.145.10

��Դ��繷�� : 9

��Դ��繷�� : 10

��繨ҡ Social Network : Facebook

ʧǹ�Է��ʴ��Դ��Ѻ ��Ҫԡ��ҹ��

>>>>> Page loaded: 0.006 seconds. <<<<<

�ԸաӨѴ ����� Flashy.exe �������� Flash Drive ������������ͧ

�ԸաӨѴ �� Flashy.exe �� Flash Drive ��ͧ