|
|
 |
|
   |
|
|
|
| |
| Adware_Look2me |
|
| Á¾·ù |
|
|
|
°¨¿°°æ·Î
|
|
|
|
| Ä¡·á¹æ¹ý |
|
¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
 |
|
|
|
|
|
|
|
ÀÎÅÍ³Ý ÀͽºÇ÷η¯¸¦ ÅëÇØ Æ¯Á¤ »çÀÌÆ®¸¦ ¹æ¹®Çϸé Æ˾÷ ±¤°í¸¦ ¶ç¿ì´Â ¿ªÈ°À» ÇÑ´Ù.
ÆÄÀÏÀº À©µµ¿ì ½Ã½ºÅÛ Æú´õ(win9x: C:\Windows\System, win XP: C:\Windows\System32, win2000, NT : C:\WinNT\System32)¿¡ »ý¼ºÀÌ µÇ¸é,
i2420choef4c0.dll, toddd.dll, sQmlib.dll¿Í °°ÀÌ ÀÚ¸®¼ö ¾ø´Â ºÒƯÁ¤ ¼ýÀÚ¿Í ¹®ÀÚ Á¶ÇÕÀ¸·Î Çü¼ºµÈ´Ù.
·¹Áö°ªÀ¸·Î´Â
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\\indowsNT\CurrentVersion\Winlogon\Notify ¿¡ µî·Ï µÇ¾î Áö¸ç,
BHO(Browser Helper Objects)¿¡ µî·ÏµÇ¾î Á¸ÀçÇÏ´Â °æ¿ìµµ ÀÖ´Ù.
-- Look2me Sample --
C:\WINDOWS\System32\h60qlgd5160.dll
C:\WINDOWS\System32\qghumea.dll
C:\WINDOWS\System32\owbcconf.dll
C:\WINDOWS\System32\enr0l19m1.dll
C:\WINDOWS\System32\enr0k19m.dll
C:\WINDOWS\System32\r26ulcj91fo.dll
C:\WINDOWS\System32\r26ulcj91fo.dll
C:\WINDOWS\System32\hrl0053me.dll
C:\WINDOWS\System32\ragwizc.dll
C:\WINDOWS\System32\szbrccsp.dll
C:\WINDOWS\System32\azam0aj1edo.dll
C:\WINDOWS\System32\zagwizc.dll
C:\WINDOWS\System32\j06m0aj1edo.dll
C:\WINDOWS\System32\hqghumea.dll
C:\WINDOWS\System32\myvcr71.dll
C:\WINDOWS\System32\pldgen.dll
C:\WINDOWS\System32\fp0203doe.dll
C:\WINDOWS\System32\sQmlib.dll
C:\WINDOWS\System32\sxsldpc.dll
C:\WINDOWS\System32\k0080adued080.dll
C:\WINDOWS\System32\ir22l5fo1.dll
C:\WINDOWS\System32\m0280afued280.dll
C:\WINDOWS\System32\o666lgjs16o6.dll
C:\WINDOWS\System32\gp0ol3d31.dll
C:\WINDOWS\System32\i624lgfq162e.dll
-- Ä¡ ·á ¹æ ¹ý --
Look2me´Â º¯Á¾/½ÅÁ¾ÀÌ °è¼ÓÇؼ ³ª¿À°í ÀÖ´Â »óȲÀÌ´Ù.
Look2me·Î ÀǽÉÀÌ µÈ´Ù »ý°¢À̵Ǹé,
SpyVaccine, PCsaferµîÀ» ÀÌ¿ëÇÑ Ä¡·á°¡ °¡Àå ÁÁÀº ¹æ¹ýÀÌ´Ù.
½ÅÁ¾/º¯Á¾ÀÇ ÀÇÇÑ Ä¡·áÀÇ ¾î·Á¿òÀº ½Å°í󸮿¡ ÀÇÇØ ¼ºñ½º ¹ÞÀ»¼ö ÀÖ´Ù. |
|
|
|
| |
| |
| |
| Adware/SurfSidekick |
|
| Á¾·ù |
|
|
|
°¨¿°°æ·Î
|
|
|
|
| Ä¡·á¹æ¹ý |
|
¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
|
|
|
|
|
|
|
|
www.surfsidekick.com ¿¡¼ Á¦ÀÛ, ±¤°í ȸéÀ» ´Ù¿î·Îµå Çϸç, ½Ã½ºÅÛ Á¤º¸¸¦ Àü¼Û Çϱ⵵ ÇÑ´Ù.
ÇÁ·Î±×·¥ÀÌ ÀνºÅç µÇ¸é, Program Files Æú´õ¿¡ SurfSideKick Æú´õ¸¦ ¸¸µé°í ssk.exe(103,424 byte), sskcore.dll(253,440 byte), sskbho.dll(90,112 byte)À» »ý¼º ÇÑ´Ù.
¶ÇÇÑ À©µµ¿ì ½Ã½ºÅÛ Æú´õ¿¡ sskupdater3.exe, ??.tmp, SSK3_B5 Seedcorn 4.exe, ??.bat, repairs.dll À» »ý¼º ÇÑ´Ù.
±×¸®°í ´ÙÀ½ ó·³ ·¹Áö½ºÆ®¸®¸¦ ¼öÁ¤ÇÏ¿© ´ÙÀ½ ºÎÆýà ½ÇÇàµÇµµ·Ï ÇÑ´Ù.
HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\run Ç׸ñ¿¡
SurfSideKick = c:\program files\SurfSideKick\Ssk.exe
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run Ç׸ñ¿¡
SurfSideKick = c:\program files\SurfSideKick\Ssk.exe
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\URLSearchHooks Ç׸ñ¿¡
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Internet Explorer\UrlSearchHooks Ç׸ñ¿¡
{02EE5B04-F144-47BB-83FB-A60BD91B74A9}
{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076}
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\URLSearchHooks Ç׸ñ¿¡
{000AB0005-FF12-42C2-8DF5-39E12E5F9C91}
{02EE5B04-F144-47BB-83FB-A60BD91B74A9}
{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076}
±×¸®°í ´ÙÀ½ Ç׸ñÀ» »ý¼ºÇÑ´Ù.
HKEY_CLASSES_ROOT\CLSID\
{000AB0005-FF12-42C2-8DF5-39E12E5F9C91}
HKEY_CLASSES_ROOT\CLSID\
{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076}
HKEY_CLASSES_ROOT\CLSID\
{02EE5B04-F144-47BB-83FB-A60BD91B74A9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\Surf Sidekick
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\Surf Sidekick_is1
HKEY_CURRENT_USER\Software\SurfSideKick2
HKEY_CURRENT_USER\Software\SurfSideKick3
HKEY_LOCAL_MACHINE\SOFTWARE\SurfSideKick3 |
|
|
|
| |
| |
| |
| begin2search |
|
| Á¾·ù |
|
|
|
°¨¿°°æ·Î
|
|
|
|
| Ä¡·á¹æ¹ý |
|
¿¡ºê¸®Á¸ Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
|
|
|
|
|
|
|
|
ÀÎÅÍ³Ý ÀͽºÇ÷η¯¸¦ ÅëÇØ Æ¯Á¤ »çÀÌÆ®¸¦ ¹æ¹®Çϸé Æ˾÷ ±¤°í¸¦ ¶ç¿ì°í Åø¹Ù¸¦ »ý¼ºÇÑ´Ù.
¾Öµå¿þ¾î°¡ ½ÇÇàµÇ¸é À©µµ¿ì ½Ã½ºÅÛ Æú´õ(win9x: C:\Windows\System, win XP: C:\Windows\System32, win2000, NT : C:\WinNT\System32) ¿¡ reg6523.exe, winb2s32.dll, trgen¼ýÀÚ.dll, winbbb.dat, rtneg¼ýÀÚ.dll ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.
±×¸®°í c:\À©µµ¿ì Æú´õ\Downloaded Program Files ¿¡ winb2s32.infÆÄÀϵµ »ý¼ºÇÏ¸ç ´ÙÀ½°ú °°ÀÌ ·¹Áö½ºÆ®¸®¸¦ Ãß°¡ ÇÑ´Ù.
HKEY_CLASSES_ROOT\dsktrf.amo
HKEY_CLASSES_ROOT\dsktrf.amo.1
HKEY_CLASSES_ROOT\dsktrf.iiittt
HKEY_CLASSES_ROOT\dsktrf.iiittt.1
HKEY_CLASSES_ROOT\dsktrf.momo
HKEY_CLASSES_ROOT\dsktrf.momo.1
HKEY_CLASSES_ROOT\dsktrf.ohb
HKEY_CLASSES_ROOT\dsktrf.ohb.1
HKEY_CLASSES_ROOT\trfdsk.amo
HKEY_CLASSES_ROOT\trfdsk.amo.1
HKEY_CLASSES_ROOT\trfdsk.iiittt
HKEY_CLASSES_ROOT\trfdsk.iiittt.1
HKEY_CLASSES_ROOT\trfdsk.momo
HKEY_CLASSES_ROOT\trfdsk.momo.1
HKEY_CLASSES_ROOT\trfdsk.ohb
HKEY_CLASSES_ROOT\trfdsk.ohb.1
HKEY_CLASSES_ROOT\winb2s.dbi
HKEY_CLASSES_ROOT\winb2s.dbi.1
HKEY_CLASSES_ROOT\winb2s.iiittt
HKEY_CLASSES_ROOT\winb2s.iiittt.1
HKEY_CLASSES_ROOT\winb2s.momo
HKEY_CLASSES_ROOT\winb2s.momo.1
HKEY_CLASSES_ROOT\winb2s.ohb
HKEY_CLASSES_ROOT\winb2s.ohb.1
HKEY_CLASSES_ROOT\winb2s.amo
HKEY_CLASSES_ROOT\winb2s.amo.1
HKEY_CLASSES_ROOT\CLSID\
{07e9cdf4-20d2-46b1-b681-663968f527ce}
HKEY_CLASSES_ROOT\CLSID\
{0962DA67-DB64-465C-8CD7-CBB357CAF825}
HKEY_CLASSES_ROOT\CLSID\
{09c14745-90fd-42d1-9276-4924d7dbc274}
HKEY_CLASSES_ROOT\CLSID\
{22B720C7-5FA6-40A8-9F8F-8584BF669690}
HKEY_CLASSES_ROOT\CLSID\
{356B2BD0-D206-4E21-8C85-C6F49409C6A9}
HKEY_CLASSES_ROOT\CLSID\
{486145B0-37D1-428B-B3E1-26D26F690C79}
HKEY_CLASSES_ROOT\CLSID\
{4d568f0f-8ac9-40ab-88b7-415134c78777}
HKEY_CLASSES_ROOT\CLSID\
{52ADD86D-9561-4C40-B561-4204DBC139D1}
HKEY_CLASSES_ROOT\CLSID\
{52fe5233-367c-4efb-bdd7-0be4d212c107}
HKEY_CLASSES_ROOT\CLSID\
{6024FCD5-91FC-4DC7-8481-63EABD5051D8}
HKEY_CLASSES_ROOT\CLSID\
{62631E26-B5A1-4AC4-A3AE-1CB72C6819C5}
HKEY_CLASSES_ROOT\CLSID\
{7c5e5671-7a1d-4ae8-91f0-496adf2825f7}
HKEY_CLASSES_ROOT\CLSID\
{82F55658-CA6D-4754-B313-5DCAAFA0BB42}
HKEY_CLASSES_ROOT\CLSID\
{999A06FF-10EF-4A29-8640-69E99882C26B}
HKEY_CLASSES_ROOT\CLSID\
{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
HKEY_CLASSES_ROOT\CLSID\
{E4776F3A-6936-4A9C-B2DA-E57C239FD2F8}
HKEY_CLASSES_ROOT\CLSID\
{FF81672F-13FF-401F-8662-6E895C564CC4}
HKEY_CLASSES_ROOT\Interface\
{018C5406-AEE6-4A68-980F-2CEB1E9416FB}
HKEY_CLASSES_ROOT\Interface\
{02B577D5-2212-42F3-AD51-2F6A9AE43233}
HKEY_CLASSES_ROOT\Interface\
{0A7FC040-F84A-4AD7-9439-798B6C0F861E}
HKEY_CLASSES_ROOT\Interface\
{17973BD7-959C-4D8A-8B2F-AB200E20A75E}
HKEY_CLASSES_ROOT\Interface\
{32A9D21F-F510-44DC-9EA6-0456EDA04668}
HKEY_CLASSES_ROOT\Interface\
{35AE618D-45F7-4AA7-A373-300DCB98858A}
HKEY_CLASSES_ROOT\Interface\
{42F58F60-9299-4564-9ABD-8E9324844560}
HKEY_CLASSES_ROOT\Interface\
{4562B6F3-DAF8-464E-87B7-5464575F0D6A}
HKEY_CLASSES_ROOT\Interface\
{6FE4AADF-EDAC-4037-9164-0B60179A4F12}
HKEY_CLASSES_ROOT\Interface\
{696D1AF8-D0FF-42FD-BD8D-D0B20D64F508}
HKEY_CLASSES_ROOT\Interface\
{71C456DD-F55B-46CE-ADCF-53D5899B8F79}
HKEY_CLASSES_ROOT\Interface\
{806FCA2B-146F-4DC3-9CE7-3C576FEA15C3}
HKEY_CLASSES_ROOT\Interface\
{8FC08358-3634-44C7-A8F2-96DC7F39ACD2}
HKEY_CLASSES_ROOT\Interface\
{A797A41D-F9F0-4A32-B9B5-AF927CB5AE54}
HKEY_CLASSES_ROOT\Interface\
{B12508AD-CA55-4238-8DB3-55808BA6915A}
HKEY_CLASSES_ROOT\Interface\
{BF7CB2C3-55B6-44C1-9615-920D004C27F7}
HKEY_CLASSES_ROOT\Interface\
{C93CC79D-02D5-45B0-BE39-7F5B0E5DDA31}
HKEY_CLASSES_ROOT\Interface\
{CB08E48A-FE7E-4F13-8593-B7AE6EC81D83}
HKEY_CLASSES_ROOT\Interface\
{DA4B919F-B757-4E32-8D79-DEC5C2704C4B}
HKEY_CLASSES_ROOT\Interface\
{DE53FA5D-11CC-4CB5-8D8E-EB5AA59C1E5A}
HKEY_CLASSES_ROOT\Interface\
{E38924F7-F290-4C13-BEEC-E8C587F58128}
HKEY_CLASSES_ROOT\Interface\
{EF90EB04-44C3-4AE5-9D01-C8DEF134D82A}
HKEY_CLASSES_ROOT\Interface\
{F912C325-5B26-4AD6-BF39-84370833E972}
HKEY_CLASSES_ROOT\Interface\
{FA82A7EC-2AFC-4EE0-8F83-3229F7C6437E}
HKEY_CLASSES_ROOT\TypeLib\
{081DE2F6-927B-4AA9-88C1-F531C9387383}
HKEY_CLASSES_ROOT\TypeLib\
{45782901-BA9F-422D-B231-BCB6487FAC4B}
HKEY_CLASSES_ROOT\TypeLib\
{64440E59-A0DD-421C-AA4B-268141D764BB}
HKEY_CLASSES_ROOT\TypeLib\
{DA15C9A2-C30A-4761-922A-5DFE7C9A1F67}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Browser Helper Objects\{22B720C7-5FA6-40A8-9F8F-8584BF669690}
HKEY_LOCAL_MACHINE\Software\Microsoft\
Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d568f0f-8ac9-40ab-88b7-415134c78777}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Browser Helper Objects\{999A06FF-10EF-4A29-8640-69E99882C26B}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB5B2BC6-F957-4D8A-BE67-83F3EC58BA01}
HKEY_CURRENT_USER\Software\6w23hdcsgt
HKEY_CURRENT_USER\Software\_trgen
HKEY_CURRENT_USER\Software\_rtneg
HKEY_CURRENT_USER\Software\_rtneg2
HKEY_CURRENT_USER\Software\_rtneg3
HKEY_CURRENT_USER\Software\_dsktptr
HKEY_CURRENT_USER\Software\aaa_soft
HKEY_CURRENT_USER\Software\drelkge789AEF5
HKEY_CURRENT_USER\eeennn
HKEY_CURRENT_USER\Software\RecordNRip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\"
{52FE5233-367C-4EFB-BDD7-0BE4D212C107}"
±×¸®°í ´ÙÀ½°ú °°Àº ¸µÅ©¸¦ »ý¼ºÇÑ´Ù.
Download Free Movies.url
Download Free Movies.url
Download Free Music.url
Download Movies.url
Download MP3s.url
Free Bose Stereo.url
Free IBM Laptop.url
Free IBM ThinkPad.url
Free Platinum Card.url
Free Sony PS3.url
Free XBox 360.url
Gambling Board.url
Hot Sexy Mamma.url
Kill All Spyware.url
Kill Evidence.url
Kill Spyware.url
Kill Viruses.url
Kmart Smart Card.url
Party Poker.url
Play Bingo.url
Popup Blocker.url
Popup Killer.url
Rate Me.url
Rate My Body.url
Record Music.url
SexSearch.url
Sexy Ringtones.url
Spyware Killer.url
Spyware Remover.url
Virus Hunter.url
YAHOOOOO!.url |
|
|
|
| |
| |
| |
| ¹«´ÜÀüÀç¤ý¹èÆ÷±ÝÁö |
|
¿¡ºê¸®Á¸¿¡¼ Á¦°øÇÏ´Â ¸ðµç ÄÁÅÙÃ÷ Á¤º¸¿¡ ´ëÇÑ ÀúÀÛ±ÇÀº ¿¡ºê¸®Á¸ÀÇ ¼ÒÀ¯ÀÌ¸ç °ü·Ã¹ýÀÇ º¸È£¸¦ ¹Þ½À´Ï´Ù.
¿¡ºê¸®Á¸ÀÇ »çÀü Çã°¡ ¾øÀÌ ¿¡ºê¸®Á¸ ÄÁÅÙÃ÷¸¦ ¹«´ÜÀ¸·Î ÀüÀç, ¹èÆ÷¸¦ ±ÝÁöµÇ¾î ÀÖ½À´Ï´Ù.
À̸¦ À§¹ÝÇÏ´Â °æ¿ì ¼ÕÇعè»óÀÇ ´ë»ó ¶Ç´Â ¹Î.Çü»ç»óÀÇ ¹ýÀû ¼Ò¼Û ´ë»óÀÌ µÉ ¼ö ÀÖ½À´Ï´Ù.
* ¿¡ºê¸®Á¸ Á¤º¸ ÀÌ¿ë ¹®ÀÇ : greenking@everyzone.com |
|
|
|
|
|
|
|
|
|
|
Home 
