|
|
|
|
 |
|
| ¹ÙÀÌ·¯½º
À̸§ |
JS/Fortnight |
¹ÙÀÌ·¯½º
Á¾·ù |
Script Virus |
| ½ÇÇà
ȯ°æ |
Win9x, Win2000, NT |
Á¦ÀÛÁö |
ºÒºÐ¸í |
| ¹ß°ßÀÏ |
20020514 |
¹ÙÀÌ·¯½ºÅ©±â |
2,735 Bytes |
| ¸ÞÀÏ
Á¦¸ñ |
¾øÀ½ |
| ÷ºÎÆÄÀÏ |
¾øÀ½ |
| Áõ»ó |
°¨¿°µÈ ¸ÞÀÏÀ» ÅëÇؼ ÀüÆĵǸç ÀͽºÇ÷η¯ÀÇ Ãʱâ À¥ ÁÖ¼Ò¸¦
¼ºÀÎ ½ÎÀÌÆ®·Î ¹Ù²ã ³õ´Â´Ù.
´ÙÀ½À¸·Î c:\Program Files\sign.htm ÆÄÀÏÀ» »ý¼º ÇÑ´Ù.
ÀÌ ÆÄÀÏÀº ¼ºÀνÎÀÌÆ®¿¡ ¸µÅ©µÈ ÆÄÀÏ·Î ´ÙÀ½°ú °°ÀÌ ·¹Áö½ºÆ®¸®¿¡ µî·Ï µÈ
´Ù.
HKEY_CURRENT_USER\Identities\[µðÆúÆ® À¯Àú ID]\Software\Microsoft\
Outlook Express\5.0\signatures\10101010Ç׸ñ »ý¼º
file - c:\Program Files\sign.htm
name - signature
type - 2
HKEY_CURRENT_USER\Identities\[µðÆúÆ® À¯Àú ID]\Software\Microsoft\
Outlook Express\5.0\
Signature Flags 3 ¼³Á¤
<ÀͽºÇ÷η¯ÀÇ °æ¿ì>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\
Start Page - http://www.rawtocash.net/adv/sex.htm ¼³Á¤
<³Ý½ºÄÉÀÌÇÁÀÏ °æ¿ì>
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\
Home Page - http://www.rawtocash.net/adv/sex.htm ¼³Á¤
|
|
Ä¡·á ¹æ¹ý |
Åͺ¸¹é½Å Ai, Åͺ¸¹é½Å 2001 ¶Ç´Â Åͺ¸¹é½Å OnlineÀ¸·Î Ä¡·á°¡´ÉÇÕ´Ï´Ù.
<Ä¡·áÈÄ ´ÙÀ½°ú °°ÀÌ ·¹Áö½ºÆ®¸®¸¦ Á÷Á¢ ¼öÁ¤>
1. [½ÃÀÛ]->[½ÇÇà]À» Ŭ¸¯ -> regedit ÀÔ·Â -> [È®ÀÎ]
2. ´ÙÀ½ÀÇ ·¹Áö½ºÆ®¸® Å°¸¦ ¼±ÅÃÇÑ´Ù.
HKEY_CURRENT_USER\Identities\[µðÆúÆ® À¯Àú ID]\Software\Microsoft\
Outlook Express\5.0\signatures\
¿¡¼ signatures Å°¸¦ »èÁ¦ÇÑ´Ù.
3. HKEY_CURRENT_USER\Identities\[µðÆúÆ® À¯Àú ID]\Software\Microsoft\
Outlook Express\5.0\
È¸é ¿ìÃø¿¡¼, Signature Flags 3 °ªÀ» ã¾Æ »èÁ¦ÇÑ´Ù.
<Ä¡·áÈÄ ´ÙÀ½ÀÇ º¸¾È ÆÐÄ¡¸¦ Àû¿ë>
Microsoft VM ActiveXÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇϹǷΠ¾Æ·¡ÀÇ ÁÖ¼Ò¿¡¼ ÆÐÄ¡¸¦ ¹Þ¾Æ
¼³Ä¡ÇØ¾ß ÇÑ´Ù.
http://www.microsoft.com/technet/security/bulletin/ms00-075.asp
ÃÖ±ÙÀÇ º¯Á¾Àº ´ÙÀ½ÀÇ ÆÐÄ¡¸¦ ¼öÇàÇØ¾ß ¿øõÀûÀ¸·Î ¸·À» ¼ö ÀÖ´Ù.
http://www.microsoft.com/korea/technet/security/bulletin/security_bulletins/ms03-011.asp |
|
Á÷Á¢Ä¡·á¹æ¹ý |
|
|
|
