PC¼¼ÀÌÆÛ ºü¸¥ ¸Þ´º


 PC¼¼ÀÌÆÛ ¸Þ´º ¾È³»
PC¼¼ÀÌÆÛ È¨
·Î±×ÀÎ (À¯·á»ç¿ëÀÚ)
ÇÁ·Î±×·¥ ¼Ò°³
ÇÁ·Î±×·¥ °¡À̵å
 - ±¸¸Å¹æ¹ý
 - »óÇ°±Ç°áÁ¦
 - ÀÚµ¿°áÁ¦ Ãë¼Ò
 - °Ë»ç¤ýÄ¡·á¹æ¹ý
 - ȯ°æ¼³Á¤
 - ÆÄÀϺ¹¿ø
¾Ç¼ºÄÚµå? ¹ÙÀÌ·¯½º?
 - ¾Ç¼ºÄÚµå¶õ?
 - ¹ÙÀÌ·¯½º¶õ?
 - ºÒÇÊ¿äÇÑ Á¤º¸¶õ?
º¸¾ÈÁ¤º¸
 - º¸¾ÈÄ®·³
 - MSº¸¾È±Ç°í¹®
°í°´Áö¿ø
 - °øÁö»çÇ×
 - ÀǽɵǴ ÆÄÀϽŰí
 - ÀæÀº Áú¹®¤ý´äº¯
 - 1:1»ó´ã

¹ÙÀÌ·¯½º À̸§ W32/Warezov.150844@mm ¹ÙÀÌ·¯½º Á¾·ù Worm
½ÇÇà ȯ°æ Windows Á¦ÀÛÁö ºÒºÐ¸í
¹ß°ßÀÏ 20060911 ¹ÙÀÌ·¯½ºÅ©±â 150,844 Byte
¸ÞÀÏ Á¦¸ñ Error, Good Day, Mail Delivery System, Mail Transaction Failed µîµî..
÷ºÎÆÄÀÏ
¹ÙÀÌ·¯½º Áõ»ó

 

*°¨¿° °æ·Î

°¨¿°µÈ ½Ã½ºÅÛ¿¡¼­ ¸ÞÀÏ ÁÖ¼Ò¸¦ ¼öÁýÇÏ¿© ÇØ´ç¿úÀ» ÷ºÎÇÏ¿© ¸ÞÀÏ·Î ÀüÆÄ µÈ´Ù.



*Áõ»ó



-ÆÄÀÏ »ý¼º

 

À©µµ¿ì Æú´õ¿¡ tsrv.exe¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì Æú´õ¿¡ tsrv.c ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì Æú´õ¿¡ tsrv.s ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì Æú´õ¿¡ tsrv.wax ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì Æú´õ¿¡ tsrv.dll ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.


- À©µµ¿ì Æú´õ?

-          À©µµ¿ì 95/98/ME/XP   -C:\Windows,

-          À©µµ¿ì NT/2000           - C:\WinNT

 

À©µµ¿ì ½Ã½ºÅÛ Æú´õ¿¡ msji449c14b7.dll ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì ½Ã½ºÅÛ Æú´õ¿¡ hpzl449c14b7.exe ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

À©µµ¿ì ½Ã½ºÅÛ Æú´õ¿¡ cmut449c14b7.dll ¶ó´Â ÆÄÀÏÀ» »ý¼ºÇÑ´Ù.

 

-À©µµ¿ì ½Ã½ºÅÛ Æú´õ?

-          À©µµ¿ì 95/98/ME/XP  - C:\Windows\System,

-          À©µµ¿ì NT/2000          -C:\WinNT\System32

-          À©µµ¿ì XP                  - C:\Windows\System32

 

»ý¼ºµÈ tsrv.dll ÆÄÀÏÀº ½ÇÇà ÁßÀÎ ¸ðµç ÇÁ·Î¼¼½º¿¡ °­Á¦·Î ÁÖÀԵǰí,

ÇÁ·Î¼¼½º¸¦ °¨Ãß´Â ±â´ÉÀ» °¡Áö°í ÀÖ´Ù.

¶ÇÇÑ tsrv.wax ÆÄÀÏÀº WAB ÆÄÀÏÀ» ÅëÇØ ÀÚ½ÅÀÌ º¸³¾ À̸ÞÀÏ ÁÖ¼Ò ¸®½ºÆ®¸¦ ¾ò´Â´Ù.

 

 

-·¹Áö½ºÆ®¸® µî·Ï
 ·¹Áö½ºÆ®¸®¿¡ ´ÙÀ½ value¸¦ µî·ÏÇØ À©µµ¿ì ±¸µ¿½Ã ÀÚµ¿ ½ÇÇàµÇµµ·Ï ¸¸µç´Ù.


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run


tsrv= À©µµ¿ì Æú´õ\tsrv.exe s   

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows


AppInit_DLLs = msji449c14b7.dll


°¨¿°µÈ ½Ã½ºÅÛÀº È£½ºÆ® ÆÄÀÏÀ» º¯°æÇÏ¿© º¸¾È °ü·Ã »çÀÌÆ®ÀÇ Á¢¼ÓÀ» ¹æÇØ, »ç¿ëÀÚ°¡ ¾Ç¼ºÄÚµåÀÇ Ä¡·á¸¦ ¹æÇØÇÑ´Ù.

 

È£½ºÆ® ÆÄÀÏ¿¡ Ãß°¡ÇÏ´Â ÁÖ¼Ò´Â ¾Æ·¡¿Í °°´Ù.

 

127.0.0.1 download.microsoft.com
127.0.0.1 go.microsoft.com
127.0.0.1 msdn.microsoft.com
127.0.0.1 office.microsoft.com
127.0.0.1 windowsupdate.microsoft.com
127.0.0.1 http://www.microsoft.com/downloads/Search.aspx?displaylang=en
127.0.0.1 avp.ru
127.0.0.1 www.avp.ru
127.0.0.1 http://avp.ru
127.0.0.1 http://www.avp.ru
127.0.0.1 kaspersky.ru
127.0.0.1 www.kaspersky.ru
127.0.0.1 http://kaspersky.ru
127.0.0.1 kaspersky.com
127.0.0.1 www.kaspersky.com
127.0.0.1 http://kaspersky.com
127.0.0.1 kaspersky-labs.com
127.0.0.1 www.kaspersky-labs.com
127.0.0.1 http://kaspersky-labs.com
127.0.0.1 avp.ru/download/
127.0.0.1 www.avp.ru/download/
127.0.0.1 http://www.avp.ru/download/
127.0.0.1 http://www.kaspersky.ru/updates/
127.0.0.1 http://www.kaspersky-labs.com/updates/
127.0.0.1 http://kaspersky.ru/updates/
127.0.0.1 http://kaspersky-labs.com/updates/
127.0.0.1 downloads1.kaspersky-labs.com
127.0.0.1 downloads2.kaspersky-labs.com
127.0.0.1 downloads3.kaspersky-labs.com
127.0.0.1 downloads4.kaspersky-labs.com
127.0.0.1 downloads5.kaspersky-labs.com
127.0.0.1 http://downloads1.kaspersky-labs.com
127.0.0.1 http://downloads2.kaspersky-labs.com
127.0.0.1 http://downloads3.kaspersky-labs.com
127.0.0.1 http://downloads4.kaspersky-labs.com
127.0.0.1 http://downloads5.kaspersky-labs.com
127.0.0.1 downloads1.kaspersky-labs.com/products/
127.0.0.1 downloads2.kaspersky-labs.com/products/
127.0.0.1 downloads3.kaspersky-labs.com/products/
127.0.0.1 downloads4.kaspersky-labs.com/products/
127.0.0.1 downloads5.kaspersky-labs.com/products/
127.0.0.1 http://downloads1.kaspersky-labs.com/products/
127.0.0.1 http://downloads2.kaspersky-labs.com/products/
127.0.0.1 http://downloads3.kaspersky-labs.com/products/
127.0.0.1 http://downloads4.kaspersky-labs.com/products/
127.0.0.1 http://downloads5.kaspersky-labs.com/products/
127.0.0.1 downloads1.kaspersky-labs.com/updates/
127.0.0.1 downloads2.kaspersky-labs.com/updates/
127.0.0.1 downloads3.kaspersky-labs.com/updates/
127.0.0.1 downloads4.kaspersky-labs.com/updates/
127.0.0.1 downloads5.kaspersky-labs.com/updates/
127.0.0.1 http://downloads1.kaspersky-labs.com/updates/
127.0.0.1 http://downloads2.kaspersky-labs.com/updates/
127.0.0.1 http://downloads3.kaspersky-labs.com/updates/
127.0.0.1 http://downloads4.kaspersky-labs.com/updates/
127.0.0.1 http://downloads5.kaspersky-labs.com/updates/
127.0.0.1 ftp://downloads1.kaspersky-labs.com
127.0.0.1 ftp://downloads2.kaspersky-labs.com
127.0.0.1 ftp://downloads3.kaspersky-labs.com
127.0.0.1 ftp://downloads4.kaspersky-labs.com
127.0.0.1 ftp://downloads5.kaspersky-labs.com
127.0.0.1 ftp://downloads1.kaspersky-labs.com/products/
127.0.0.1 ftp://downloads2.kaspersky-labs.com/products/
127.0.0.1 ftp://downloads3.kaspersky-labs.com/products/
127.0.0.1 ftp://downloads4.kaspersky-labs.com/products/
127.0.0.1 ftp://downloads5.kaspersky-labs.com/products/
127.0.0.1 ftp://downloads1.kaspersky-labs.com/updates/
127.0.0.1 ftp://downloads2.kaspersky-labs.com/updates/
127.0.0.1 ftp://downloads3.kaspersky-labs.com/updates/
127.0.0.1 ftp://downloads4.kaspersky-labs.com/updates/
127.0.0.1 ftp://downloads5.kaspersky-labs.com/updates/
127.0.0.1 http://updates.kaspersky-labs.com/updates/
127.0.0.1 http://updates1.kaspersky-labs.com/updates/
127.0.0.1 http://updates2.kaspersky-labs.com/updates/
127.0.0.1 http://updates3.kaspersky-labs.com/updates/
127.0.0.1 http://updates4.kaspersky-labs.com/updates/
127.0.0.1 ftp://updates.kaspersky-labs.com/updates/
127.0.0.1 ftp://updates1.kaspersky-labs.com/updates/
127.0.0.1 ftp://updates2.kaspersky-labs.com/updates/
127.0.0.1 ftp://updates3.kaspersky-labs.com/updates/
127.0.0.1 ftp://updates4.kaspersky-labs.com/updates/
127.0.0.1 viruslist.com
127.0.0.1 www.viruslist.com
127.0.0.1 http://viruslist.com
127.0.0.1 viruslist.ru
127.0.0.1 www.viruslist.ru
127.0.0.1 http://viruslist.ru
127.0.0.1 ftp://ftp.kasperskylab.ru/updates/
127.0.0.1 symantec.com
127.0.0.1 www.symantec.com
127.0.0.1 http://symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 http://customer.symantec.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 http://liveupdate.symantec.com
127.0.0.1 liveupdate.symantecliveupdate.com
127.0.0.1 http://liveupdate.symantecliveupdate.com
127.0.0.1 securityresponse.symantec.com
127.0.0.1 http://securityresponse.symantec.com
127.0.0.1 service1.symantec.com
127.0.0.1 http://service1.symantec.com
127.0.0.1 symantec.com/updates
127.0.0.1 http://symantec.com/updates
127.0.0.1 updates.symantec.com
127.0.0.1 http://updates.symantec.com
127.0.0.1 eset.com/
127.0.0.1 www.eset.com/
127.0.0.1 http://www.eset.com/
127.0.0.1 eset.com/products/index.php
127.0.0.1 www.eset.com/products/index.php
127.0.0.1 http://www.eset.com/products/index.php
127.0.0.1 eset.com/download/index.php
127.0.0.1 www.eset.com/download/index.php
127.0.0.1 http://www.eset.com/download/index.php
127.0.0.1 eset.com/joomla/
127.0.0.1 www.eset.com/joomla/
127.0.0.1 http://www.eset.com/joomla/
127.0.0.1 u3.eset.com/
127.0.0.1 http://u3.eset.com/
127.0.0.1 u4.eset.com/
127.0.0.1 http://u4.eset.com/
127.0.0.1 www.symantec.com/updates
Ä¡·á ¹æ¹ý Åͺ¸¹é½Å Á¦Ç°±ºÀ¸·Î Áø´Ü/Ä¡·á °¡´ÉÇÕ´Ï´Ù.
Á÷Á¢Ä¡·á¹æ¹ý