·¹Áö½ºÆ®¸®¸¦ º¯°æÇÔÀ¸·Î¼ ½ÃÀÛ ¸Þ´º¿¡ À¥ »çÀÌÆ®¸¦ Ãß°¡ÇÒ ¼ö ÀÖ´Ù. »ç½Ç ÀÌ ÆÁÀº À¯¿ë¼ºº¸´Ù´Â Àç¹Ì¸¦ À§ÇÑ °ÍÀÌ´Ù. Áï, ·¹Áö½ºÆ®¸®¸¦ º¯°æ, ÀÚ½ÅÀÇ ÄÄÇ»ÅÍ°¡ ³²µé°ú ´Ù¸£°Ô º¸ÀÌ±æ ¿øÇÏ´Â »ç¶÷À» À§ÇÑ °ÍÀÌ´Ù.
ÀýÂ÷´Â ´ÙÀ½°ú °°´Ù.
- ½ÃÀÛ/½ÇÇà/regedit¸¦ ÀÔ·ÂÇÏ°í È®ÀÎÀ» Ŭ¸¯ÇÑ´Ù.
- ´ÙÀ½ ·¹Áö½ºÆ®¸®·Î À̵¿ÇÑ´Ù.
HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}
- ¿ìÃø ÆгÎÀÇ ±âº»°ªÀ» µÎ¹ø Ŭ¸¯ÇÏ°í, ½ÃÀÛ ¸Þ´º¿¡ Ãâ·ÂÇÒ ¸Þ´º À̸§À» ÀÔ·ÂÇÑ´Ù
¿¹: OSÀÇ ºñ¹Ð
- ÁÂÃø ÆгÎÀÇ DefaultIcon¸¦ Ŭ¸¯ÇÑ´Ù.
- ¿ìÃø ÆгÎÀÇ ±âº»°ªÀ» Ŭ¸¯ÇÏ°í, Ãâ·ÂµÈ ¸Þ´ºÀÇ ¾ÆÀÌÄÜÀ» ÁöÁ¤ÇÑ´Ù.
¿¹: %SystemRoot%\\system32\\shell32.dll,-47
- ÁÂÃø ÆгÎÀÇ Instance\InitPropertyBagÀ» Ŭ¸¯ÇÏ°í, REG_SZÇüÀÇ °ªµéÀ» ´ÙÀ½°ú °°ÀÌ ¼³Á¤ÇÑ´Ù.
°ª | ¼³Á¤°ª | ¼³¸í |
CLSID | {13709620-C279-11CE-A49E-444553540000} | ÁöÁ¤µÈ °ªÀ» ÀÔ·Â |
method | ShellExecute | ÁöÁ¤µÈ °ªÀ» ÀÔ·Â |
Command | qaos.com | ÀÓÀÇÀÇ ¹®ÀÚ¿ |
Param1 | http://qaos.com/ | Á¢¼ÓÇÏ·Á´Â À¥»çÀÌÆ®ÀÇ ÁÖ¼Ò |
- ·Î±×¿ÀÇÁ/·Î±×¿Â ÇÑ´Ù.
Âü°í: ·¹Áö½ºÆ®¸® ÆíÁýÀÌ ºÒÆíÇÑ »ç¶÷µéÀº ´ÙÀ½ ·¹Áö½ºÆ®¸®¸¦ WebStartMenu.reg¿Í unWebStartMenu.reg·Î ÀúÀåÇÑ ÈÄ »ç¿ëÇÏ¸é µÈ´Ù.
- ½ÃÀÛ ¸Þ´º¿¡ À¥»çÀÌÆ® Ãß°¡(WebStartMenu.reg)
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}]
@="OSÀÇ ºñ¹Ð"
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]
@="%SystemRoot%\\system32\\shell32.dll,-47"
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}\Instance\InitPropertyBag]
"CLSID"="{13709620-C279-11CE-A49E-444553540000}"
"method"="ShellExecute"
"Command"="qaos"
"Param1"="http://qaos.com/"
- ½Ã»è ¸Þ´º¿¡¼ À¥»çÀÌÆ® »èÁ¦(unWebStartMenu.reg)
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]
@=""
[HKEY_CLASSES_ROOT\CLSID\{2559a1f6-21d7-11d4-bdaf-00c04f60b9f0}\Instance\InitPropertyBag]
"CLSID"="{13709620-C279-11CE-A49E-444553540000}"
"method"="ShellExecute"
"Command"=""
"Param1"=""