教你巧妙分离带木马病毒文件 留下自己最爱

<H2>教你巧妙分离带木马病毒文件 留下自己最爱</H2>
<DIV class=t_msgfont id=postmessage_17244880>从<NOBR><B class=kgb onmouseover='isShowAds = false;isShowAds2 = false;isShowGg = true;InTextAds_GgLayer="_u7F51_u4E0A";KeyGate_ads.ShowGgAds(this,"_u7F51_u4E0A",event)' style="BORDER-TOP-WIDTH: 0px; PADDING-RIGHT: 0px; PADDING-LEFT: 0px; FONT-WEIGHT: normal; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; MARGIN: 0px; CURSOR: hand; COLOR: #ff8000; PADDING-TOP: 0px; BORDER-RIGHT-WIDTH: 0px; TEXT-DECORATION: underline" onclick='javascript:window.open("http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=B0Aw7PeLESM_DGZzkuQOa16CBDMGBkHTPzMD5CMCNtwGw6gEQCBgIIKy8kQooFDgAULCn9j1gncHbgcwFoAHHx9vxA7IBD2Jicy4zNjZ0aWFuLm5ldMgBAdoBLWh0dHA6Ly9iYnMuMzY2dGlhbi5uZXQvdGhyZWFkLTkwMzQxMS0xLTEuaHRtbKkCvcIT5B2hgz7IAtuX3weoAwHoA7sC6AOKA4gEAZAEAZgEAA&amp;num=8&amp;adurl=http://www.36578.com/home.htm%3Fsourceid%3D10929&amp;client=ca-pub-1681215984289622");GgKwClickStat("网上","36578.com","afc","2000072008");' onmouseout='isShowGg = false;InTextAds_GgLayer="_u7F51_u4E0A"'>网上</B></NOBR><SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CF%C2%D4%D8">下载</SPAN><SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CE%C4%BC%FE">文件</SPAN>，千小心万小心也会<NOBR><B class=kgb onmouseover='isShowAds = false;isShowAds2 = false;isShowGg = true;InTextAds_GgLayer="_u611F_u67D3";KeyGate_ads.ShowGgAds(this,"_u611F_u67D3",event)' style="BORDER-TOP-WIDTH: 0px; PADDING-RIGHT: 0px; PADDING-LEFT: 0px; FONT-WEIGHT: normal; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; MARGIN: 0px; CURSOR: hand; COLOR: #ff8000; PADDING-TOP: 0px; BORDER-RIGHT-WIDTH: 0px; TEXT-DECORATION: underline" onclick='javascript:window.open("http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=BMc7LPeLESM_DGZzkuQOa16CBDNHvkXWrwvqxCcCNtwHg1AMQARgBIKy8kQooFDgAUI3Uq60EYJ3B24HMBaABjf-k_AOyAQ9iYnMuMzY2dGlhbi5uZXTIAQHaAS1odHRwOi8vYmJzLjM2NnRpYW4ubmV0L3RocmVhZC05MDM0MTEtMS0xLmh0bWyAAgGpAr3CE-QdoYM-yAKjl8gHqAMB6AO7AugDigOIBAGQBAGYBAA&amp;num=1&amp;adurl=http://www.jieyinmei.cn/show.asp%3Fid%3D91&amp;client=ca-pub-1681215984289622");GgKwClickStat("感染","www.jieyinmei.cn/index.asp","afc","2000072008");' onmouseout='isShowGg = false;InTextAds_GgLayer="_u611F_u67D3"'>感染</B></NOBR><NOBR><B class=kgb onmouseover='isShowAds = false;isShowAds2 = false;isShowGg = true;InTextAds_GgLayer="_u75C5_u6BD2";KeyGate_ads.ShowGgAds(this,"_u75C5_u6BD2",event)' style="BORDER-TOP-WIDTH: 0px; PADDING-RIGHT: 0px; PADDING-LEFT: 0px; FONT-WEIGHT: normal; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; MARGIN: 0px; CURSOR: hand; COLOR: #ff8000; PADDING-TOP: 0px; BORDER-RIGHT-WIDTH: 0px; TEXT-DECORATION: underline" onclick='javascript:window.open("http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=BYQoOPeLESM_DGZzkuQOa16CBDIqMvE_0t73xA8CNtwGQThAFGAUgrLyRCigUOABQzdW2nwJgncHbgcwFoAGerc_-A7IBD2Jicy4zNjZ0aWFuLm5ldMgBAdoBLWh0dHA6Ly9iYnMuMzY2dGlhbi5uZXQvdGhyZWFkLTkwMzQxMS0xLTEuaHRtbIACAcgC7vXnA6gDAegDuwLoA4oDiAQBkAQBmAQA&amp;num=5&amp;adurl=http://www.pctools.com/cn/spyware-doctor-antivirus/%3Fref%3Dgoogle&amp;client=ca-pub-1681215984289622");GgKwClickStat("病毒","www.PCTools.com","afc","2000072008");' onmouseout='isShowGg = false;InTextAds_GgLayer="_u75C5_u6BD2"'>病毒</B></NOBR>。造成不小的麻烦。但是，如果我们知道了所<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CF%C2%D4%D8">下载</SPAN>的<SPAN class=t_tag onclick=tagshow(event) href="tag.php?name=%CE%C4%BC%FE">文件</SPAN>带病毒，但又不忍心删除它，怎么办？<BR>&nbsp; &nbsp; 下面教大家一个分离带木马的文件的方法。<BR><BR>第一步：用UltraEdit的十六进制方式打开绑定程序，选中第二个MZ到第三个MZ之间的内容(即第二个文件)，将该部分复制。然后新建一个文件，粘贴，<NOBR><B class=kgb onmouseover='isShowAds = false;isShowAds2 = false;isShowGg = true;InTextAds_GgLayer="_u4FDD_u5B58";KeyGate_ads.ShowGgAds(this,"_u4FDD_u5B58",event)' style="BORDER-TOP-WIDTH: 0px; PADDING-RIGHT: 0px; PADDING-LEFT: 0px; FONT-WEIGHT: normal; BORDER-LEFT-WIDTH: 0px; BORDER-BOTTOM-WIDTH: 0px; PADDING-BOTTOM: 0px; MARGIN: 0px; CURSOR: hand; COLOR: #ff8000; PADDING-TOP: 0px; BORDER-RIGHT-WIDTH: 0px; TEXT-DECORATION: underline" onclick='javascript:window.open("http://pagead2.googlesyndication.com/pagead/iclk?sa=l&amp;ai=BMc7LPeLESM_DGZzkuQOa16CBDNHvkXWrwvqxCcCNtwHg1AMQARgBIKy8kQooFDgAUI3Uq60EYJ3B24HMBaABjf-k_AOyAQ9iYnMuMzY2dGlhbi5uZXTIAQHaAS1odHRwOi8vYmJzLjM2NnRpYW4ubmV0L3RocmVhZC05MDM0MTEtMS0xLmh0bWyAAgGpAr3CE-QdoYM-yAKjl8gHqAMB6AO7AugDigOIBAGQBAGYBAA&amp;num=1&amp;adurl=http://www.jieyinmei.cn/show.asp%3Fid%3D91&amp;client=ca-pub-1681215984289622");GgKwClickStat("保存","www.jieyinmei.cn/index.asp","afc","2000072008");' onmouseout='isShowGg = false;InTextAds_GgLayer="_u4FDD_u5B58"'>保存</B></NOBR>为EXE文件。 <BR><BR>第二步：选中第三个MZ至文件末尾之间的内容(即第三个文件)，同样复制，新建文件后粘贴、保存为EXE文件。 <BR><BR>第三步：现在你要通过检查两个文件的图标及大小来判断哪个文件是所需的正常程序。一般来说，所需程序文件与捆绑后的图标一致，且文件体积较大的那个文件就是我们所要的原文件。</DIV>