Adware/Dropper.Dpnetk32´Â ActiveX Çü½ÄÀ» ÃëÇϸç,
ƯÁ¤ »çÀÌÆ®¿¡ Á¢¼Ó ½Ã »ç¿ëÀÚÀÇ ÀÇ»ç¿Í °ü°è¾øÀÌ ¼³Ä¡ µÇ¸ç,
¼³Ä¡ °úÁ¤¿¡¼µµ ¼³Ä¡°úÁ¤À» Ç¥½Ã ÇÏÁö ¾Ê´Â µî ÀºÆóÀûÀ¸·Î
¼³Ä¡µµ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
¼³Ä¡ ÀÌÈÄ, ·¹Áö½ºÆ®¸® ½ÃÀÛ Ç׸ñ¿¡ µî·ÏµÇ¾î ÀÛµ¿ÇÏ°í
´Ù¸¥ ¾Ç¼ºÄÚµåµéÀ» Drop ÇÑ´Ù.
¶ÇÇÑ Æ¯Á¤ »çÀÌÆ®¿¡ Á¢¼Ó ½Ã »ç¿ëÀÚ°¡ À̵¿ ÇÑ »çÀÌÆ®¿¡¼
¸µÅ©½ÃŲ °Í ó·³ À§Àå ÇÏ¿©
´Ù¸¥ ¾ÇÀÇÀûÀÎ ÇÁ·Î±×·¥À» »ç¿ëÀÚ¿¡°Ô ¹«ÀǽÄÀûÀ¸·Î
´Ù¿î·Îµå ¹Þµµ·Ï ÇÏ´Â ¾Ç¼ºÄÚµåÀÌ´Ù.
ÀÌ´Â
1) À¥ºê¶ó¿ìÀúÀÇ È¨ÆäÀÌÁö ¼³Á¤À̳ª °Ë»ö ¼³Á¤À» º¯°æ ¶Ç´Â
½Ã½ºÅÛ ¼³Á¤ º¯°æÇÏ´Â ÇàÀ§
2) ƯÁ¤ »çÀÌÆ®ÀÇ ¸í¿¹¸¦ ȸ¼Õ ½ÃÅ°´Â ÇàÀ§
3) »ç¿ëÀÚÀÇ Àǵµ¿Í »ó°ü ¾øÀÌ ÀºÆóÀûÀÎ ¼³Ä¡ °üÁ¤ ¾øÀÌ
¼³Ä¡µÈ ÇàÀ§¿¡ ÇØ´çÇÏ¿©, ¾Ç¼ºÄÚµå·Î ±¸ºÐ µÈ´Ù.
-ƯÁ¤ »çÀÌÆ® Á¢¼Ó ½Ã ÇØ´ç »çÀÌÆ®¿Í ¹«°üÇÏ°Ô ¸µÅ©¸¦ °É¾î
À¯ÇØÁ¤º¸¸¦ À¯Æ÷ÇÏ´Â °Íó·³ º¸ÀÌ°Ô ÇÔ
[»ý¼º ÆÄÀÏ]
%system%\dpnetk32.dll
%system%\scmsg.dll
%system%\scrun.exe
%system%\dpnetk32.dll
%system%\shellexp.dll
%system%\d3dref92.sys
%system%\softntmp0103.dll
%system%\a.exe
%system%\saycode.ini
%system%\sysubs8.sys
- c:\windows\system32 Æú´õ¿¡ ¾Ç¼º ÆÄÀÏÀ»
´Ù¿î·Îµå ÇÔ
[»ý¼º ·¹Áö]
Microsoft.DirectMusic.Dpnet32
Microsoft.DirectMusic.Dpnet32.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E79A1FC3-
E75F-464b-993C-8D539BC3678F}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\
ActiveX Compatibility\{BBF122A7-8A4D-45B5-9E00-0F68BC87C904}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurredntVersion
\Ext\Stats\{E79A1FC3-E75F-464B-993C-8D539BC3678F}
HKEY_CLASSES_ROOT\TypeLib\{A6B0F76D-F060-4AD3-9F9A-
31E047763ED6}
HKEY_CLASSES_ROOT\Interface\{B22907DB-4D33-4658-
9814-BA1767C12420}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig
\startupreg\SAYCODE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current
Version\Run SAYCODE
- ÀÎÅÍ³Ý ¼³Á¤¸¦ º¯°æÇÏ¿© ÀͽºÇ÷η¯ ½ÇÇà½Ã ÀÚµ¿À¸·Î ·ÎµùµÇ°Ô ÇÔ
°æ·Î´Â ¾Æ·¡¸¦ ÂüÁ¶ ÇÑ´Ù.
%windows%
c:\windows
%program%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º\ÇÁ·Î±×·¥
%system%
C:\windows\system32
%prog%
C:\Program Files
%currentuser%
C:\Documents and Settings\(username)
%startmenu%
C:\Documents and Settings\(username)\½ÃÀÛ ¸Þ´º
|
