¿¡ºê¸®Á¸¼Ò°³ | Á¦Ç°¼Ò°³ | °í°´¼¾ÅÍ | »çÀÌÆ®¸Ê | Home
°³ÀÎ°í°´ ¿©¼º°í°´ eº¸¾È¸¶ÄÏ À̺¥Æ®
°³ÀÎ°í°´±â¾÷°í°´
º¸¾ÈÁ¢¼Ó IDÀúÀå
AD ¹«·á·Î Ã¥¹Þ¾Æ°¡¼¼¿ä!


 
Adware/Toolbar.Shopping
 Á¾·ù
Toolbar
 °¨¿°°æ·Î
ActiveX
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó
Adware/Toolbar.Shopping´Â ActiveX Çü½ÄÀ» ÃëÇØ »ç¿ëÀÚ¿¡°Ô ¼³Ä¡¸¦ À¯µµÇÏ°í,
¼³Ä¡ °úÁ¤¿¡¼­µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î ¼³Ä¡µµ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, ÃÖ¼ÒÇÑÀÇ Ç¥½Ã ÀÌ¿Ü¿¡´Â ÇÁ·Î±×·¥ ¼³Ä¡¸¦ ¾Ë¾Æº¼¼ö ¾øµµ·Ï Çϸç,
»ç¿ëÀÚ µ¿ÀÇ ¾øÀÌ À¥»çÀÌÆ®ÀÇ ¼³Á¤¹× ±âº» ±â´ÉÀ» º¯°æ ÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.

ÀÌ´Â
1) À¥ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â ½Ã½ºÅÛ ¼³Á¤ º¯°æÇÏ´Â ÇàÀ§
¿¡ ÇØ´çÇÏ¿©, ¾Ç¼ºÄÚµå·Î ±¸ºÐ µÈ´Ù.

[»ý¼º ÆÄÀÏ]
%prog%\point2\point2.dll
%prog%\point2\getinfo.dll
%prog%\point2\point2.exe
%prog%\point2\uninstall.exe
%prog%\point2


[»ý¼º ·¹Áö]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30D46EA4-27D2-4105-9334-57A6E62F8853}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C206F54C-05B2-4018-A192-A6881412FBA8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA5BEC4A-5661-48DD-9342-DD2AABB21002}
HKEY_CLASSES_ROOT\TypeLib\{C58F7745-AD95-4E15-B254-52C9F21DF13C}
HKEY_CLASSES_ROOT\TypeLib\{EE0E568E-F83F-44AA-B4AC-F928EEF6436F}
HKEY_CLASSES_ROOT\Interface\{36440905-E2B4-4F0E-8A51-23949C96DF2E}
HKEY_CLASSES_ROOT\Interface\{6F564AAA-452E-4FEE-AB0C-6F1F6EA0AECB}
HKEY_CLASSES_ROOT\Interface\{AFFF4D6B-7075-46EC-98BF-86BA3740C517}
HKEY_CLASSES_ROOT\Interface\{1EEFCA0A-4094-4C54-AF97-A9849560F022}
HKEY_CLASSES_ROOT\Interface\{E877C33A-8057-43E9-982B-6F51E7DFF05A}
HKEY_CLASSES_ROOT\Getinfo.Util
HKEY_CLASSES_ROOT\Getinfo.Util.1
HKEY_CLASSES_ROOT\Point2.ViewSource
HKEY_CLASSES_ROOT\Point2.ViewSource.1
HKEY_CLASSES_ROOT\Point2.ToolBar
HKEY_CLASSES_ROOT\Point2.ToolBar.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\point2



°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
 
 
Adware/BHO.Hprt
 Á¾·ù
adware
 °¨¿°°æ·Î
ƯÁ¤ »çÀÌÆ®
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó
Adware/BHO.Hprt´Â BHO Çü½ÄÀ¸·Î »ç¿ëÀÚ µ¿ÀÇ ¾øÀÌ ¼³Ä¡ ÈÄ ÀÎÅÍ³Ý ¿¬°á ½Ã
°í°´µéÀÇ Á¤º¸ °¨½Ã ¹× ÀÎÅÍ³Ý ¼³Á¤ º¯°æÀ» ÇÏ´Â ¾Ç¼ºÄÚµå ÀÌ´Ù.


ÀÌ´Â
1) À¥ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â ½Ã½ºÅÛ ¼³Á¤ º¯°æÇÏ´Â ÇàÀ§
¿¡ ÇØ´çÇÏ¿©, ¾Ç¼ºÄÚµå·Î ±¸ºÐ µÈ´Ù.

[»ý¼º ÆÄÀÏ]
%system%\hprt.dll


[»ý¼º ·¹Áö]
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{768C22B7-B27E-4126-B6CE-5939DFCA4651}


°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
 
 
Adware/Dropper.Dpnetk32
 Á¾·ù
adware
 °¨¿°°æ·Î
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó

Adware/Dropper.Dpnetk32´Â ActiveX Çü½ÄÀ» ÃëÇϸç, 
ƯÁ¤ »çÀÌÆ®¿¡ Á¢¼Ó ½Ã »ç¿ëÀÚÀÇ ÀÇ»ç¿Í °ü°è¾øÀÌ ¼³Ä¡ µÇ¸ç,
¼³Ä¡ °úÁ¤¿¡¼­µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î 
¼³Ä¡µµ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, ·¹Áö½ºÆ®¸® ½ÃÀÛ Ç׸ñ¿¡ µî·ÏµÇ¾î ÀÛµ¿ÇÏ°í 
´Ù¸¥ ¾Ç¼ºÄÚµåµéÀ» Drop ÇÑ´Ù. 
¶ÇÇÑ Æ¯Á¤ »çÀÌÆ®¿¡ Á¢¼Ó ½Ã »ç¿ëÀÚ°¡ À̵¿ ÇÑ »çÀÌÆ®¿¡¼­ 
¸µÅ©½ÃŲ °Í ó·³ À§Àå ÇÏ¿© 
´Ù¸¥ ¾ÇÀÇÀûÀÎ ÇÁ·Î±×·¥À» »ç¿ëÀÚ¿¡°Ô ¹«ÀǽÄÀûÀ¸·Î 
´Ù¿î·Îµå ¹Þµµ·Ï ÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù. 

ÀÌ´Â
1) À¥ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â 
½Ã½ºÅÛ ¼³Á¤ º¯°æÇÏ´Â ÇàÀ§ 
2) ƯÁ¤ »çÀÌÆ®ÀÇ ¸í¿¹¸¦ ȸ¼Õ ½ÃÅ°´Â ÇàÀ§ 
3) »ç¿ëÀÚÀÇ Àǵµ¿Í »ó°ü ¾øÀÌ ÀºÆóÀûÀÎ ¼³Ä¡ °üÁ¤ ¾øÀÌ 
¼³Ä¡µÈ ÇàÀ§¿¡ ÇØ´çÇÏ¿©, ¾Ç¼ºÄÚµå·Î ±¸ºÐ µÈ´Ù. 



-ƯÁ¤ »çÀÌÆ® Á¢¼Ó ½Ã ÇØ´ç »çÀÌÆ®¿Í ¹«°üÇÏ°Ô ¸µÅ©¸¦ °É¾î 
À¯ÇØÁ¤º¸¸¦ À¯Æ÷ÇÏ´Â °Íó·³ º¸ÀÌ°Ô ÇÔ

[»ý¼º ÆÄÀÏ] 
%system%\dpnetk32.dll
%system%\scmsg.dll
%system%\scrun.exe
%system%\dpnetk32.dll
%system%\shellexp.dll
%system%\d3dref92.sys
%system%\softntmp0103.dll
%system%\a.exe
%system%\saycode.ini
%system%\sysubs8.sys


- c:\windows\system32 Æú´õ¿¡ ¾Ç¼º ÆÄÀÏÀ» 
´Ù¿î·Îµå ÇÔ


[»ý¼º ·¹Áö] 
Microsoft.DirectMusic.Dpnet32 
Microsoft.DirectMusic.Dpnet32.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E79A1FC3-
E75F-464b-993C-8D539BC3678F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\
ActiveX Compatibility\{BBF122A7-8A4D-45B5-9E00-0F68BC87C904}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurredntVersion
\Ext\Stats\{E79A1FC3-E75F-464B-993C-8D539BC3678F}
HKEY_CLASSES_ROOT\TypeLib\{A6B0F76D-F060-4AD3-9F9A-
31E047763ED6}
HKEY_CLASSES_ROOT\Interface\{B22907DB-4D33-4658-
9814-BA1767C12420}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig
\startupreg\SAYCODE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current
Version\Run SAYCODE 


- ÀÎÅÍ³Ý ¼³Á¤¸¦ º¯°æÇÏ¿© ÀͽºÇ÷η¯ ½ÇÇà½Ã ÀÚµ¿À¸·Î ·ÎµùµÇ°Ô ÇÔ



°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù. 
%windows% 
c:\windows 
%program% 
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥ 
%system% 
C:\windows\system32 
%prog% 
C:\Program Files 
%currentuser% 
C:\Documents and Settings\(username) 
%startmenu% 
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º

 
 
¹«´ÜÀüÀç¤ý¹èÆ÷±ÝÁö
¿¡ºê¸®Á¸¿¡¼­ Á¦°øÇÏ´Â ¸ðµç ÄÁÅÙÃ÷ Á¤º¸¿¡ ´ëÇÑ ÀúÀÛ±ÇÀº ¿¡ºê¸®Á¸ÀÇ ¼ÒÀ¯ÀÌ¸ç °ü·Ã¹ýÀÇ º¸È£¸¦ ¹Þ½À´Ï´Ù.
¿¡ºê¸®Á¸ÀÇ »çÀü Çã°¡ ¾øÀÌ ¿¡ºê¸®Á¸ ÄÁÅÙÃ÷¸¦ ¹«´ÜÀ¸·Î ÀüÀç, ¹èÆ÷¸¦ ±ÝÁöµÇ¾î ÀÖ½À´Ï´Ù.
À̸¦ À§¹ÝÇÏ´Â °æ¿ì ¼ÕÇعè»óÀÇ ´ë»ó ¶Ç´Â ¹Î.Çü»ç»óÀÇ ¹ýÀû ¼Ò¼Û ´ë»óÀÌ µÉ ¼ö ÀÖ½À´Ï´Ù.
                                                                 * ¿¡ºê¸®Á¸ Á¤º¸ ÀÌ¿ë ¹®ÀÇ : greenking@everyzone.com
   | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40