¿¡ºê¸®Á¸¼Ò°³ | Á¦Ç°¼Ò°³ | °í°´¼¾ÅÍ | »çÀÌÆ®¸Ê | Home
°³ÀÎ°í°´ ¿©¼º°í°´ eº¸¾È¸¶ÄÏ À̺¥Æ®
°³ÀÎ°í°´±â¾÷°í°´
º¸¾ÈÁ¢¼Ó IDÀúÀå
AD ¹«·á·Î Ã¥¹Þ¾Æ°¡¼¼¿ä!


 
Adware/Sitelimit
 Á¾·ù
adware
 °¨¿°°æ·Î
ActiveX
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó
Adware/Sitelimit´Â ActiveX Çü½ÄÀ» ÃëÇØ »ç¿ëÀÚ¿¡°Ô ¼³Ä¡¸¦ À¯µµÇÏ°í,
¼³Ä¡ °úÁ¤¿¡¼­µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î ¼³Ä¡µÇ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, »ç¿ëÀÚ¿¡ Àǵµ¿Í »ó°ü¾øÀÌ »ç¿ëÀÚ ÀÔ·Â Á¤º¸¸¦ °¡·á ü¾î ÀڽŵéÀÌ ÀǵµÇÑ ½ÎÀÌÆ®·Î À̵¿½ÃÅ°´Â ¿ªÈ°À» ÇÑ´Ù,
¶ÇÇÑ, »ç¿ëÀÚ°¡ ÀÓÀÇ·Î »èÁ¦ ½Ãµµ ÇÒ °Ü¿ì ±ÇÇÑ ÀÎÁõÅ°¸¦ ¿ä±¸ ÇÔÀ¸·Î¼­ »èÁ¦¸¦ ¸øÇϵµ·Ï ÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù. (±âº» ±ÇÇÑ ÀÎÁõÅ°´Â : 1234 ÀÌ´Ù.)

ÀÌ´Â
1. À¥ ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â ½Ã½ºÅÛ ¼³Á¤À» º¯°æÇÏ´Â ÇàÀ§
2. Á¤»ó ÇÁ·Î±×·¥ÀÇ ¿î¿µÀ» ¹æÇØ, ÁßÁö ¶Ç´Â »èÁ¦ ÇÏ´Â ÇàÀ§
6. ÀÌ¿ëÀÚ°¡ ÇÁ·Î±×·¥À» Á¦°ÅÇϰųª Á¾·á½ÃÄѵµ ÇÁ·Î±×·¥(´çÇØ ÇÁ·Î±×·¥ÀÇ º¯Á¾ ÇÁ·Î±×·¥µµ Æ÷ÇÔ)ÀÌ Á¦°Å µÇ°Å³ª Á¾·áµÇÁö ¾Ê´Â ÇàÀ§


[»ý¼º ÆÄÀÏ]
%prog%\sitelimit\sitelimit.cfg
%prog%\sitelimit\sitelimit.exe
%prog%\sitelimit\slupd.exe
%prog%\sitelimit
%system%\SiteProt.dll
%system%\sluninstall.exe
%system%\SiteDB.dll
%system%\SiteDB_SW.dll
%system%\sw_deny.swb
%system%\sw_pass.swb


[»ý¼º ·¹Áö]
HKEY_CURRENT_USER\software\slexe
HKEY_CLASSES_ROOT\CLSID\{BA60E68E-2AD9-429D-BF9F-25D9DF25C767}
HKEY_CLASSES_ROOT\TypeLib\{B3B0D3BB-33A0-4954-9E55-AE1C5EAC0CFF}
HKEY_CLASSES_ROOT\Interface\{4F1A0C2D-D346-424B-AA9A-6263A91D70EC}
HKEY_CLASSES_ROOT\SiteProt.SiteProtObj
HKEY_CLASSES_ROOT\SiteProt.SiteProtObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\slimit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows-site security (KS82381)
HKEY_*_*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run slimit
HKEY_*_*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run À¯ÇØ»çÀÌÆ®Â÷´Ü




°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
»ç¿ëÀÚ µ¿ÀǾøÀÌ BHO·Î ¼³Ä¡µÇ¾î »ç¿ëÀÚ Å°¿öµå¸¦ °¨½ÃÇÏ´Â ¾Öµå¿þ¾îÀÌ´Ù.

 
 
Adware/Dialer.Egaccess
 Á¾·ù
adware
 °¨¿°°æ·Î
Downloader ÅëÇÑ °¨¿°
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó
Adware/Dialer.Egaccess´Â ´Ù¸¥ Downloader ÇÁ·Î±×·¥ÀÌ ÀÚµ¿À¸·Î ´Ù¿î ¹Þ´Â Çü½ÄÀ¸·Î ¼³Ä¡ À¯Æ÷ µÇ¸ç,
¼³Ä¡ °úÁ¤¿¡¼­µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î ¼³Ä¡µÇ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, ¹«´Ü Æ˾÷»ý¼º, ¹× ±¤°í¼º ÇàÀ§¸¦ Çϸç, ´Ù¸¥ ¹ÙÀÌ·¯½ºÀÇ °¨¿°¿¡ ³ëÃâ ½ÃŲ´Ù.


ÀÌ´Â
4) ´Ù¸¥ ÇÁ·Î±×·¥À» ´Ù¿î·ÎµåÇÏ¿© ¼³Ä¡ ÇÏ°Ô ÇÏ´Â ÇàÀ§
5) ÀÌ¿ëÀÚ°¡ ÇÁ·Î±×·¥À» Á¦°ÅÇϰųª Á¾·á½ÃÄѵµ ´çÇØ ÇÁ·Î±×·¥
(´çÇØ ÇÁ·Î±×·¥ÀÇ º¯Á¾ ÇÁ·Î±×·¥µµ Æ÷ÇÔ)ÀÌ Á¦°Å µÇ°Å³ª Á¾·á µÇÁö ¾Ê´Â ÇàÀ§
¿¡ ¼ÓÇÑ´Ù.

[»ý¼º ÆÄÀÏ]
%dpf%\\EGDACCESS.inf
%system%\\EGDACCESS?????.dll



[»ý¼º ·¹Áö]
HKEY_CLASSES_ROOT\CLSID\{04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7}
HKEY_CLASSES_ROOT\CLSID\{07C9CFC7-DE33-4A0C-9FFB-CDFBA843B157}
HKEY_CLASSES_ROOT\CLSID\{3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B}
HKEY_CLASSES_ROOT\CLSID\{8D8BAF56-B581-4B90-A549-C4AC6B03F1BB}
HKEY_CLASSES_ROOT\CLSID\{95460ABD-946A-46FF-9F56-268718323EEE}
HKEY_CLASSES_ROOT\CLSID\{BA749BC1-143E-430D-B1DA-1D2AF67A3658}
HKEY_CLASSES_ROOT\CLSID\{C2481ED1-9896-4D49-AE90-69858DFDE446}
HKEY_CLASSES_ROOT\CLSID\{87C1805D-C5AE-4455-AB39-E245BB516136}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8D8BAF56-B581-4B90-A549-C4AC6B03F1BB}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C2481ED1-9896-4D49-AE90-69858DFDE446}
dpf%\\EGDACCESS?????.dll
HKEY_*_*\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Instant Access



[´Ù¿î·Îµå À§Ä¡]
http://scripts.downloadv3.com/binaries/EGDAccess/EGDACCESS_1073_XP.cab

°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
»ç¿ëÀÚ µ¿ÀǾøÀÌ BHO·Î ¼³Ä¡µÇ¾î »ç¿ëÀÚ Å°¿öµå¸¦ °¨½ÃÇÏ´Â ¾Öµå¿þ¾îÀÌ´Ù.
 
 
Adware/Linkpage
 Á¾·ù
adware
 °¨¿°°æ·Î
ÀÌ»ó½ÎÀÌÆ® ¹æ¹® ½Ã ¼³Ä¡
 Ä¡·á¹æ¹ý

¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.

 
Áõ»ó
Adware/Linkpage´Â »ç¿ëÀÚÀÇ µ¿ÀÇ ¾øÀÌ ½ÃÀÛ¸Þ´º¿Í, ½ÃÀÛÇÁ·Î±×·¥¿¡
¹«´ÜÀ¸·Î ¸µÅ©¾ÆÀÌÄÜÀ» »ý¼ºÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
Ưº°ÇÑ µ¿ÀÇ ¾øÀÌ ¾Ç¼ºÄÚµå¿Í ÇÔ²² ¼³Ä¡µÇ¾î »ç¿ëÀÚÀÇ Á¢¼Ó À¯µµ ¿ªÈ°À» ÇÑ´Ù.

ÀÌ´Â
1) ÀÌ¿ëÀÚÀÇ µ¿ÀÇ ¾øÀÌ ¶Ç´Â ÀÌ¿ëÀÚ¸¦ ¼Ó¿© ¼³Ä¡µÇ´Â ÇàÀ§¿¡ ÇØ´çÇÏ¿© ¾Ç¼ºÄÚµå·Î ±ÔÁ¤ÇÑ´Ù.

[»ý¼º ÆÄÀÏ]
%startmenu%»óÀÇ ±¤°í¼º ¾ÆÀÌÄܵé
%program%»óÀÇ ±¤°í¼º ¾ÆÀÌÄܵé


[»ý¼º ·¹Áö]



°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º


 
 
¹«´ÜÀüÀç¤ý¹èÆ÷±ÝÁö
¿¡ºê¸®Á¸¿¡¼­ Á¦°øÇÏ´Â ¸ðµç ÄÁÅÙÃ÷ Á¤º¸¿¡ ´ëÇÑ ÀúÀÛ±ÇÀº ¿¡ºê¸®Á¸ÀÇ ¼ÒÀ¯ÀÌ¸ç °ü·Ã¹ýÀÇ º¸È£¸¦ ¹Þ½À´Ï´Ù.
¿¡ºê¸®Á¸ÀÇ »çÀü Çã°¡ ¾øÀÌ ¿¡ºê¸®Á¸ ÄÁÅÙÃ÷¸¦ ¹«´ÜÀ¸·Î ÀüÀç, ¹èÆ÷¸¦ ±ÝÁöµÇ¾î ÀÖ½À´Ï´Ù.
À̸¦ À§¹ÝÇÏ´Â °æ¿ì ¼ÕÇعè»óÀÇ ´ë»ó ¶Ç´Â ¹Î.Çü»ç»óÀÇ ¹ýÀû ¼Ò¼Û ´ë»óÀÌ µÉ ¼ö ÀÖ½À´Ï´Ù.
                                                                 * ¿¡ºê¸®Á¸ Á¤º¸ ÀÌ¿ë ¹®ÀÇ : greenking@everyzone.com
   | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40