|
½ÇÇà ÆÄÀÏÀ» °¨¿°½ÃÅ°´Â W32/Nimda@MM°ú ºñ½ÁÇÑ ¹æ½ÄÀ¸·Î
ÆÄÀÏÀ» °¨¿°½ÃÅ°¸ç ¸ÞÀÏ°ú KaZaA, eDonkey2000 µîÀÇ P2P ÇÁ·Î±×·¥À» ÅëÇØ
ÀüÆÄ µÈ´Ù.
¹ÙÀÌ·¯½ºÀÇ º»Ã¼´Â º¼·£µå»çÀÇ µ¨ÆÄÀÌ·Î ÀÛ¼º µÇ¾úÀ¸¸ç ¹ÙÀÌ·¯½º¸¦ ½ÇÇà ÇÏ
¸é ´ÙÀ½°ú °°Àº ÆÄÀÏÀÌ À©µµ¿ì Æú´õ(Win 9x : c:\windows, Win2000 :
C:\Winnt) »ý¼º ÇÑ´Ù.
appboost.exe
appboost.reg
appboost.vbs
appbsvc.exe
appbsvc.exe ÆÄÀÏÀº ÀÀ¿ëÇÁ·Î±×·¥ÀÌ °¨¿°µÈ °ÍÀ̸ç, ¹ÙÀÌ·¯½ºÀÇ º»Ã¼ÀÎ
appboost.exeÆÄÀÏÀº ´ÙÀ½°ú °°ÀÌ ·¹Áö½ºÆ®¸®¿¡ µî·ÏµÇ¾î ÆÄÀÏÀ» ½ÇÇà ÇÒ¶§
¹ÙÀÌ·¯½º°¡ ¸ÕÀú ½ÇÇà µÇµµ·Ï Á¶ÀÛÇÑ´Ù.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\comfile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\batfile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cmdfile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\piffile\shell\open\command
°¢ °¢ Ç׸ñ¿¡
Win 9xÀÇ °æ¿ì : c:\windows\appboost.exe "%1" %*
Win 2000ÀÇ °æ¿ì : c:\windows\appboost.exe "%1" %*
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\scrfile\shell\open\command
Ç׸ñ¿¡
Win 9xÀÇ °æ¿ì : c:\windows\appboost.exe "%1"/S %*
Win 2000ÀÇ °æ¿ì : c:\windows\appboost.exe "%1"/S %*
HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Run
Ç׸ñ¿¡
Win 9xÀÇ °æ¿ì : (±âº»°ª) regedit.exe /s appboost.reg
Win 2000ÀÇ °æ¿ì : (±âº»°ª) regedit.exe /s appboost.reg
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunService
s
Ç׸ñ¿¡
Win 9xÀÇ °æ¿ì : (±âº»°ª) regedit.exe /s appboost.reg
Win 2000ÀÇ °æ¿ì : (±âº»°ª) regedit.exe /s appboost.reg
°¨¿°µÇ´Â ÆÄÀÏÀº ·¹Áö½ºÆ®¸®¸¦ º¯°æÇÏ´Â bat, scr, exe, pif, com µîÀÇ È®
ÀåÀÚ¸¦ °¡Áö´Â ÆÄÀϵéÀ̸ç, ÇÑ±Û À©µµ¿ì ½Ã½ºÅÛÁß ÁÖ·Î 2000 °è¿¿¡¼ À©µµ
¿ì ½Ã½ºÅÛ ÆÄÀÏ¿¡ °¨¿°µÉ °æ¿ì Á¤»óÀûÀ¸·Î ºÎÆõÇÁö ¾Ê´Â Çö»óµµ ¹ß»ýÇÏ¿´
´Ù.
Âü°íÀûÀ¸·Î ÀÌ ¹ÙÀÌ·¯½ºÀÇ ¿øÇüÀº ´ÙÀ½°ú °°Àº ÇÁ·Î±×·¥ÀÇ ÇÁ·Î¼¼½º¸¦ Á¾
·á ÇÏ´Â ±â´ÉÀ» °¡Áö°í ÀÖÀ¸¸ç, º¯Á¾µµ °°Àº ±â´ÉÀ» °¡Áö°í ÀÖÀ» °ÍÀ¸·Î Ãß
Ãø µÈ´Ù.
AVP32
AVPCC
ZONEALARM
WEBTRAP
NOD32
SWEEP95
AVSYNMGR
PCCWIN98
NRESQ32
IOMON98
NSCHED32
AVPTC
LUCOMSERVER
NSCHEDNT
AVE32
IAMAPP
NSPLUGIN
AVCONSOL
ATRACK
NAV
FP-WIN
IAMSERV
NAVAPSVC
DVP95
PCFWALLICON
NAVAPW32
F-AGNT95
TDS2-98
NAVLU32
CLAW95
TDS2-NT
NAVRUNR
NVC95
VSECOMR
NAVW32
SCAN
NISSERV
AVPM
VIRUS
NISUM
ALERTSVC
LOCKDOWN2000
F-PROT
AMON
NORTON
AOL
MCAFEE
AVPCC
ANTIVIR
AVPM
FIREWAL
N32SCANW
VET95
NAVWNT
SAFEWEB
ANTIVIR
WEBSCANX
AVPUPD
ICMON
AVGCTRL
CFINET
AVWIN95
AVP.EXE
SCAN32
VSHWIN32
AMON.EXE
F-STOPW
PCCIOMON
F-PROT95
PCCMAIN
ACKWIN32
POP3TRAP
|
|
|