BKDR_TURKOJAN.KO
別名:
Trojan:Win32/Boaxxe.E(Microsoft), Trojan.Win32.Reveton.ca (v)(Sunbelt), Backdoor.Win32.Turkojan(Ikarus), Win32/Boaxxe.A trojan(Eset)
プラットフォーム:
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
危険度:
ダメージ度:
感染力:
感染確認数:
マルウェアタイプ:
バックドア型
破壊活動の有無:
なし
暗号化:
感染報告の有無 :
はい
概要
マルウェアは、他のマルウェアまたはグレイウェアのパッケージとともにコンポーネントとして、コンピュータに侵入します。
詳細
ファイルサイズ 189,992 bytes
タイプ DLL
メモリ常駐 はい
発見日 2013年3月4日
侵入方法
マルウェアは、他のマルウェアまたはグレイウェアのパッケージとともにコンポーネントとして、コンピュータに侵入します。
自動実行方法
マルウェアは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\{random}\Parameters
ServiceDll = "{malware path}\{malware name}.dll"
マルウェアは、以下のレジストリキーを追加し、自身を Browser Helper Object(BHO)として登録します。これにより、Internet Explorer(IE)が起動するとマルウェアが自動実行されます。
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{GUID}
他のシステム変更
マルウェアは、以下のレジストリキーを追加します。
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\{random}
その他
マルウェアは、以下の不正なWebサイトにアクセスします。
- {BLOCKED}shore.com
- {BLOCKED}lcheck.com
- {BLOCKED}lanet.com
- {BLOCKED}horse.com
- {BLOCKED}n.net
- {BLOCKED}tar.com
- {BLOCKED}ish.net
- {BLOCKED}treason.com
- {BLOCKED}ansfer.com
- {BLOCKED}tuwitz.com
- {BLOCKED}indepot.net
- {BLOCKED}aples.com
- {BLOCKED}ryfrost.com
- {BLOCKED}c.com
- {BLOCKED}edit.com
- {BLOCKED}nn.com
- {BLOCKED}oor.com
- {BLOCKED}i-full.com
- {BLOCKED}run.com
- {BLOCKED}mediate.com
- {BLOCKED}ssom.com
- {BLOCKED}ak.com
- {BLOCKED}lieveit.com
- {BLOCKED}2u.com
- {BLOCKED}eplica.com
- {BLOCKED}ess.net
- {BLOCKED}ker.com
- {BLOCKED}ccess.com
- {BLOCKED}buys.com
- {BLOCKED}tiative.com
- {BLOCKED}esa.com
- {BLOCKED}rchfire.com
- {BLOCKED}ckx.com
- {BLOCKED}cap.com
- {BLOCKED}online.com
- {BLOCKED}ac.com
- {BLOCKED}word.net
- {BLOCKED}urg.com
- {BLOCKED}neye.com
- {BLOCKED}ltway.com
- {BLOCKED}ne.com
- {BLOCKED}ndon.net
- {BLOCKED}b.com
- {BLOCKED}s.biz
- {BLOCKED}table.com
- {BLOCKED}lime.com
- {BLOCKED}soar.com
- {BLOCKED}urcut.com
- {BLOCKED}fish.net
- {BLOCKED}amily.net
- {BLOCKED}iolins.com
- {BLOCKED}works.com
- {BLOCKED}days.com
- {BLOCKED}game.com
- {BLOCKED}ye.com
- {BLOCKED}ac.com
- {BLOCKED}aveline.com
- {BLOCKED}rgunman.com
- {BLOCKED}moon.net
- {BLOCKED}urdream.com
- {BLOCKED}ards.net
- {BLOCKED}o-gsm.com
- {BLOCKED}pring.com
- {BLOCKED}s.net
- {BLOCKED}.net
- {BLOCKED}.com
- {BLOCKED}et
- {BLOCKED}night.com
- {BLOCKED}g.com
- {BLOCKED}uce.com
- {BLOCKED}com
- {BLOCKED}.biz
- {BLOCKED}om
- {BLOCKED}es.net
- {BLOCKED}ulators.com
- {BLOCKED}rn.biz
- {BLOCKED}nteses.com
- {BLOCKED}deals.com
- {BLOCKED}.com
- {BLOCKED}nsub.com
- {BLOCKED}dplate.com
- {BLOCKED}oviemax.com
- {BLOCKED}iseit.net
- {BLOCKED}.com
- {BLOCKED}rooster.com
- {BLOCKED}lcasino.com
- {BLOCKED}z
- {BLOCKED}c.net
- {BLOCKED}phant.com
- {BLOCKED}le.com
- {BLOCKED}le.net
- {BLOCKED}resta.com
- {BLOCKED}lmovies.com
- {BLOCKED}kturtle.com
- {BLOCKED}lis.com
- {BLOCKED}tomnews.com
- {BLOCKED}loans.com
- {BLOCKED}lsclub.com
- {BLOCKED}ita.com
- {BLOCKED}isit.com
- {BLOCKED}id.com
- {BLOCKED}plus.info
- {BLOCKED}defever.com
- {BLOCKED}zbalbas.com
- {BLOCKED}lazes.com
- {BLOCKED}o.com
- {BLOCKED}nnf.com
- {BLOCKED}subway.com
- {BLOCKED}sicte.com
- {BLOCKED}.com
- {BLOCKED}gist.com
- {BLOCKED}ncsnack.com
- {BLOCKED}et
- {BLOCKED}ud.com
- {BLOCKED}xtrous.com
- {BLOCKED}ok.com
- {BLOCKED}ds.net
- {BLOCKED}.com
- {BLOCKED}er.com
- {BLOCKED}com
- {BLOCKED}iz
- {BLOCKED}rno.com
- {BLOCKED}.net
- {BLOCKED}la.com
- {BLOCKED}ette.com
- {BLOCKED}pex.com
- {BLOCKED}enate.net
- {BLOCKED}day.com
- {BLOCKED}inia.com
- {BLOCKED}rm.com
- {BLOCKED}cean.com
- {BLOCKED}ss.com
- {BLOCKED}sus.com
- {BLOCKED}eakdown.com
- {BLOCKED}.com
- {BLOCKED}hebaby.com
- {BLOCKED}ure.com
- {BLOCKED}ayused.com
- {BLOCKED}gair.com
- {BLOCKED}gcarpet.com
- {BLOCKED}l.com
- {BLOCKED}.com
- {BLOCKED}rmill.com
- {BLOCKED}an.com
- {BLOCKED}dge.com
- {BLOCKED}lutong.net
- {BLOCKED}odi.com
- {BLOCKED}tter.com
- {BLOCKED}ynamic.com
- {BLOCKED}orm.com
- {BLOCKED}gpool.com
- {BLOCKED}ephant.com
- {BLOCKED}xmedia.com
- {BLOCKED}4-gifts.com
- {BLOCKED}ormoney.biz
- {BLOCKED}utup.info
- {BLOCKED}ve.com
- {BLOCKED}pencil.com
- {BLOCKED}ncradle.com
- {BLOCKED}satel.com
- {BLOCKED}e.net
- {BLOCKED}andwine.com
- {BLOCKED}oothie.com
- {BLOCKED}rapida.com
- {BLOCKED}zone.com
- {BLOCKED}steak.com
- {BLOCKED}does.net
- {BLOCKED}ind.com
- {BLOCKED}z.com
- {BLOCKED}ueshoes.com
- {BLOCKED}tcash.com
- {BLOCKED}cks.net
- {BLOCKED}blaze.com
- {BLOCKED}da.com
- {BLOCKED}ndwitch.com
- {BLOCKED}agull.com
- {BLOCKED}upspoon.com
- {BLOCKED}ordfish.com
- {BLOCKED}es.com
- {BLOCKED}egather.com
- {BLOCKED}rmaker.info
- {BLOCKED}shoot.com
- {BLOCKED}sure.com
- {BLOCKED}obacco.com
- {BLOCKED}lplain.com
- {BLOCKED}radise.net
- {BLOCKED}orce.com
- {BLOCKED}ittens.com
- {BLOCKED}guru.com
- {BLOCKED}.biz
- {BLOCKED}berry.net
- {BLOCKED}ppos.com
- {BLOCKED}ons.com
- {BLOCKED}s.com
- {BLOCKED}oom.com
- {BLOCKED}atosky.com
- {BLOCKED}anket.com
- {BLOCKED}ryin.com
- {BLOCKED}space.info
- {BLOCKED}ew.com
- {BLOCKED}map.info
- {BLOCKED}hernow.com
- {BLOCKED}yersred.com
- {BLOCKED}l.com
- {BLOCKED}com
- {BLOCKED}k.com
- {BLOCKED}owhow.net
- {BLOCKED}mpton.com
- {BLOCKED}.com
- {BLOCKED}rballet.com
- {BLOCKED}onbyzer.com
- {BLOCKED}.com
- {BLOCKED}com
- {BLOCKED}.net
- {BLOCKED}biz
- {BLOCKED}.net
- {BLOCKED}aned.com
- {BLOCKED}chutt.net
- {BLOCKED}lick.com
- {BLOCKED}ind.com
- {BLOCKED}esoaked.com
- {BLOCKED}fers.biz
- {BLOCKED}scowboy.com
- {BLOCKED}-invest.com
- {BLOCKED}nhands.com
- {BLOCKED}dea.com
- {BLOCKED}knig.net
- {BLOCKED}l.com
- {BLOCKED}pots.net
- {BLOCKED}nk.com
- {BLOCKED}horus.com
- {BLOCKED}iskey.com
- {BLOCKED}.biz
- {BLOCKED}es.com
- {BLOCKED}mta.com
- {BLOCKED}iew.com
- {BLOCKED}lining.com
- {BLOCKED}network.com
- {BLOCKED}ab.com
- {BLOCKED}.com
- {BLOCKED}ino.biz
- {BLOCKED}gmist.com
- {BLOCKED}a.net
- {BLOCKED}ms.biz
- {BLOCKED}nite.com
- {BLOCKED}.com
- {BLOCKED}d.info
- {BLOCKED}ject.info
- {BLOCKED}hina.net
- {BLOCKED}alux.com
- {BLOCKED}icker.com
- {BLOCKED}ilfleet.net
- {BLOCKED}ze.com
- {BLOCKED}general.com
- {BLOCKED}uk.com
- {BLOCKED}rblue.com
- {BLOCKED}le-corp.com
- {BLOCKED}ight.com
- {BLOCKED}lynx.com
- {BLOCKED}einvest.net
- {BLOCKED}lect.com
- {BLOCKED}oker.com
- {BLOCKED}me.net
- {BLOCKED}ar.net
- {BLOCKED}ver.com
- {BLOCKED}enbank.com
- {BLOCKED}ort.com
- {BLOCKED}post.net
- {BLOCKED}ect.com
- {BLOCKED}arlie.com
- {BLOCKED}rest.info
- {BLOCKED}urvey.net
- {BLOCKED}com
- {BLOCKED}et
- {BLOCKED}p.com
- {BLOCKED}freek.com
- {BLOCKED}extiles.com
- {BLOCKED}stems.com
- {BLOCKED}arvest.com
- {BLOCKED}nda.com
- {BLOCKED}ponline.net
- {BLOCKED}ugs.com
- {BLOCKED}hirl.com
- {BLOCKED}ia.com
- {BLOCKED}om
- {BLOCKED}odstuff.com
- {BLOCKED}mania.com
- {BLOCKED}.com
- {BLOCKED}net.com
- {BLOCKED}iles.net
- {BLOCKED}info
- {BLOCKED}orcall.info
- {BLOCKED}esite.com
- {BLOCKED}nfo
- {BLOCKED}.com
- {BLOCKED}expo.com
- {BLOCKED}s.com
- {BLOCKED}s.com
- {BLOCKED}iixxxx.net
- {BLOCKED}com
- {BLOCKED}ck.com
- {BLOCKED}ash.com
- {BLOCKED}alice.com
- {BLOCKED}esponse.net
- {BLOCKED}nessed.com
- {BLOCKED}tches.net
- {BLOCKED}loo.com
- {BLOCKED}oof.com
- {BLOCKED}ink.com
- {BLOCKED}ntnews.com
- {BLOCKED}et.net
- {BLOCKED}ebags.com
- {BLOCKED}-x.com
- {BLOCKED}hoose.com
- {BLOCKED}etvalue.net
- {BLOCKED}ewcars.com
- {BLOCKED}ipple.com
- {BLOCKED}dtrisha.com
- {BLOCKED}a.biz
- {BLOCKED}ws.com
- {BLOCKED}om
- {BLOCKED}al.com
- {BLOCKED}fjungle.com
- {BLOCKED}asthap.com
- {BLOCKED}.info
- {BLOCKED}a.net
- {BLOCKED}o.net
- {BLOCKED}ches.com
- {BLOCKED}nly.com
- {BLOCKED}ora.info
- {BLOCKED}beaches.com
- {BLOCKED}ronng.com
- {BLOCKED}tter.com
- {BLOCKED}xs.com
- {BLOCKED}.info
- {BLOCKED}com
- {BLOCKED}rewards.net
- {BLOCKED}ydiner.net
- {BLOCKED}thy.com
- {BLOCKED}.net
- {BLOCKED}yhot.info
- {BLOCKED}ainpets.com
- {BLOCKED}.com
- {BLOCKED}p.net
- {BLOCKED}ntune.com
- {BLOCKED}ull.net
- {BLOCKED}xtiles.com
- {BLOCKED}usname.com
- {BLOCKED}utlet.com
- {BLOCKED}e.com
- {BLOCKED}lue.net
- {BLOCKED}ower.com
- {BLOCKED}.com
- {BLOCKED}ds.com
- {BLOCKED}ghtsite.com
- {BLOCKED}ight.com
- {BLOCKED}com
- {BLOCKED}lackcum.com
- {BLOCKED}acast.com
- {BLOCKED}lis.com
- {BLOCKED}tiveon.com
- {BLOCKED}nceqa.com
- {BLOCKED}euro.net
- {BLOCKED}iz.4t.com
- {BLOCKED}ion.com
- {BLOCKED}aggie.com
- {BLOCKED}orabcs.com
- {BLOCKED}orspick.com
- {BLOCKED}osting.net
- {BLOCKED}tdirect.com
- {BLOCKED}dclass.com
- {BLOCKED}old.net
- {BLOCKED}om
- {BLOCKED}glecn.com
- {BLOCKED}u.com
- {BLOCKED}s.com
- {BLOCKED}ocks.com
- {BLOCKED}lfaden.com
- {BLOCKED}com
- {BLOCKED}imbos.com
- {BLOCKED}o.com
- {BLOCKED}s.net
- {BLOCKED}om
- {BLOCKED}cash.biz
- {BLOCKED}eys.com
- {BLOCKED}l.com
- {BLOCKED}yer.net
- {BLOCKED}.com
- {BLOCKED}info
- {BLOCKED}o.com
- {BLOCKED}at.com
- {BLOCKED}com
- {BLOCKED}eous.com
- {BLOCKED}a.biz
- {BLOCKED}ingdom.com
- {BLOCKED}otears.com
- {BLOCKED}usic.info
- {BLOCKED}city.com
- {BLOCKED}ilk.com
- {BLOCKED}ush.com
- {BLOCKED}iveedge.com
- {BLOCKED}w.com
- {BLOCKED}wn.com
- {BLOCKED}.net
- {BLOCKED}forum.com
- {BLOCKED}l.com
- {BLOCKED}over.net
- {BLOCKED}ique.com
- {BLOCKED}ango.com
- {BLOCKED}mails.com
- {BLOCKED}n.com
- {BLOCKED}ymeds.com
- {BLOCKED}ken.com
- {BLOCKED}n.com
- {BLOCKED}creamie.com
- {BLOCKED}ewipe.com
- {BLOCKED}st.com
- {BLOCKED}our.com
- {BLOCKED}com
- {BLOCKED}illas.com
- {BLOCKED}.com
- {BLOCKED}erceive.com
- {BLOCKED}sor.com
- {BLOCKED}eorder.com
- {BLOCKED}nkforav.com
- {BLOCKED}x.info
- {BLOCKED}nup.com
- {BLOCKED}oftware.com
- {BLOCKED}umbo.com
- {BLOCKED}.com
- {BLOCKED}ri.biz
- {BLOCKED}net
- {BLOCKED}loro.com
- {BLOCKED}.com
- {BLOCKED}n.info
- {BLOCKED}ade.com
- {BLOCKED}eaties.com
- {BLOCKED}ks.info
- {BLOCKED}.com
- {BLOCKED}dnabil.net
- {BLOCKED}k-b.net
- {BLOCKED}n.info
- {BLOCKED}i.com
- {BLOCKED}.com
- {BLOCKED}nforyou.net
- {BLOCKED}glilly.com
- {BLOCKED}ge-live.net
- {BLOCKED}oop.net
- {BLOCKED}ymuck.net
- {BLOCKED}iran.com
- {BLOCKED}on-cd.com
- {BLOCKED}uccess.com
- {BLOCKED}onworld.com
- {BLOCKED}yfamily.com
- {BLOCKED}actor.com
- {BLOCKED}ynews.info
- {BLOCKED}com
- {BLOCKED}ta.com
- {BLOCKED}ser.com
- {BLOCKED}web.com
- {BLOCKED}meleon.com
- {BLOCKED}itelist.com
- {BLOCKED}z4you.com
- {BLOCKED}euk.com
- {BLOCKED}net
- {BLOCKED}idge.com
- {BLOCKED}elds.com
- {BLOCKED}atlife.info
- {BLOCKED}efund.com
- {BLOCKED}ktoday.com
- {BLOCKED}movie.com
- {BLOCKED}plink.com
- {BLOCKED}ewalks.com
- {BLOCKED}wnet.com
- {BLOCKED}rting.com
- {BLOCKED}ist.com
- {BLOCKED}flavors.com
- {BLOCKED}slipper.com
- {BLOCKED}zhida.com
- {BLOCKED}ty.com
- {BLOCKED}.com
- {BLOCKED}ct.com
- {BLOCKED}zh.info
- {BLOCKED}.com
- {BLOCKED}ns.com
- {BLOCKED}ess.com
- {BLOCKED}usives.com
- {BLOCKED}4golf.com
- {BLOCKED}nted.com
- {BLOCKED}et
- {BLOCKED}sbraid.com
- {BLOCKED}kids.net
- {BLOCKED}nac.com
- {BLOCKED}.com
- {BLOCKED}gshop.com
- {BLOCKED}com
- {BLOCKED}a-b.net
- {BLOCKED}a-d.net
- {BLOCKED}w.com
- {BLOCKED}gue.com
- {BLOCKED}com
- {BLOCKED}ware.info
- {BLOCKED}his.com
- {BLOCKED}c.info
- {BLOCKED}ar.com
- {BLOCKED}abs.net
- {BLOCKED}e.net
- {BLOCKED}ill.net
- {BLOCKED}istint.com
- {BLOCKED}pclub.com
- {BLOCKED}werty.com
- {BLOCKED}an.com
- {BLOCKED}.com
- {BLOCKED}.com
- {BLOCKED}misst.com
- {BLOCKED}sky.com
- {BLOCKED}og.com
- {BLOCKED}od.com
- {BLOCKED}rly.com
- {BLOCKED}ird.com
- {BLOCKED}ub.com
- {BLOCKED}r.info
- {BLOCKED}nkk.info
- {BLOCKED}rweb.com
- {BLOCKED}fts.com
- {BLOCKED}ka.com
- {BLOCKED}e.net
- {BLOCKED}rvalue.net
- {BLOCKED}.info
- {BLOCKED}lm.com
- {BLOCKED}ogs.net
- {BLOCKED}lum.com
- {BLOCKED}wiw.com
- {BLOCKED}k-c.net
- {BLOCKED}rhy.com
- {BLOCKED}ex.com
- {BLOCKED}like.com
- {BLOCKED}rchfire.com
- {BLOCKED}tedway.com
- {BLOCKED}wline.com
- {BLOCKED}ngold.com
- {BLOCKED}om
- {BLOCKED}.com
- {BLOCKED}et
- {BLOCKED}om
- {BLOCKED}ytrue.com
- {BLOCKED}ender.net
- {BLOCKED}emblem.com
- {BLOCKED}d.net
- {BLOCKED}till.com
- {BLOCKED}ian.net
- {BLOCKED}lly.com
- {BLOCKED}flashy.com
- {BLOCKED}soffers.com
- {BLOCKED}ife.com
- {BLOCKED}.com
- {BLOCKED}to.info
- {BLOCKED}4l.com
- {BLOCKED}gie.com
- {BLOCKED}nesdb.com
- {BLOCKED}usc.com
- {BLOCKED}ork.com
- {BLOCKED}nd.com
- {BLOCKED}ands.com
- {BLOCKED}a.com
- {BLOCKED}lsdaily.com
- {BLOCKED}ers.info
- {BLOCKED}nkey.com
- {BLOCKED}deals.com
- {BLOCKED}dhonest.com
- {BLOCKED}s.com
- {BLOCKED}asket.com
- {BLOCKED}finding.com
- {BLOCKED}ehammer.com
- {BLOCKED}netsafe.com
- {BLOCKED}news.net
- {BLOCKED}ee.com
- {BLOCKED}.info
- {BLOCKED}e.com
- {BLOCKED}hu.com
- {BLOCKED}pics.net
- {BLOCKED}ldoors.com
- {BLOCKED}claymix.com
- {BLOCKED}maker.com
- {BLOCKED}toget.com
- {BLOCKED}crumet.com
- {BLOCKED}lly.com
- {BLOCKED}com
- {BLOCKED}nvegies.com
- {BLOCKED}nnetta.com
- {BLOCKED}m.com
- {BLOCKED}olution.biz
- {BLOCKED}.com
- {BLOCKED}ieday.com
- {BLOCKED}lac.com
- {BLOCKED}pe.com
- {BLOCKED}4u.net
- {BLOCKED}ockstar.com
- {BLOCKED}g.com
- {BLOCKED}olt.com
- {BLOCKED}beans.com
- {BLOCKED}lovers.net
- {BLOCKED}nny.com
- {BLOCKED}lives.com
- {BLOCKED}uture.com
- {BLOCKED}omain.com
- {BLOCKED}vasi.com
- {BLOCKED}npoker.com
- {BLOCKED}oorstop.com
- {BLOCKED}ercall.com
- {BLOCKED}efrosen.com
- {BLOCKED}esource.net
- {BLOCKED}on.com
- {BLOCKED}aonline.com
- {BLOCKED}neband.com
- {BLOCKED}hods.com
- {BLOCKED}.com
- {BLOCKED}levin.com
- {BLOCKED}iolaw.biz
- {BLOCKED}oney.com
- {BLOCKED}4ever.com
- {BLOCKED}world.com
- {BLOCKED}aims.com
- {BLOCKED}.info
- {BLOCKED}ove.com
- {BLOCKED}eisnoon.com
- {BLOCKED}haze.com
- {BLOCKED}almice.com
- {BLOCKED}house.com
- {BLOCKED}.com
- {BLOCKED}tygoat.com
- {BLOCKED}kstate.com
- {BLOCKED}nebox.com
- {BLOCKED}emore.com
- {BLOCKED}edtimes.com
- {BLOCKED}lrug.com
- {BLOCKED}reeze.com
- {BLOCKED}rpitch.net
- {BLOCKED}atio.com
- {BLOCKED}ga.com
- {BLOCKED}.com
- {BLOCKED}erpin.com
- {BLOCKED}ds.com
- {BLOCKED}s.com
- {BLOCKED}ecurity.com
- {BLOCKED}o.net
- {BLOCKED}ats.com
- {BLOCKED}leget.com
- {BLOCKED}ealdo.com
- {BLOCKED}h.net
- {BLOCKED}port.com
- {BLOCKED}legant.net
- {BLOCKED}zines.com
- {BLOCKED}.com
- {BLOCKED}atcost.com
- {BLOCKED}vote.com
- {BLOCKED}l.com
- {BLOCKED}.com
- {BLOCKED}.com
- {BLOCKED}ib.com
- {BLOCKED}tor.com
- {BLOCKED}ose.com
- {BLOCKED}trace.com
- {BLOCKED}medic.com
- {BLOCKED}t.net
- {BLOCKED}tuff.com
- {BLOCKED}eamfor.com
- {BLOCKED}ellow.com
- {BLOCKED}upiter.com
- {BLOCKED}.com
- {BLOCKED}com
- {BLOCKED}com
- {BLOCKED}ce4free.biz
- {BLOCKED}c.net
- {BLOCKED}nquests.com
- {BLOCKED}rhappy.com
- {BLOCKED}ickets.com
- {BLOCKED}ime.net
- {BLOCKED}setting.com
- {BLOCKED}rogtell.com
- {BLOCKED}ft.info
- {BLOCKED}ign.com
- {BLOCKED}thought.com
- {BLOCKED}lking.com
- {BLOCKED}uall.com
- {BLOCKED}ewards.net
- {BLOCKED}reezone.com
- {BLOCKED}.com
- {BLOCKED}p.com
- {BLOCKED}ngslist.com
- {BLOCKED}posal.com
- {BLOCKED}.com
- {BLOCKED}yy.com
- {BLOCKED}.net
- {BLOCKED}nsider.com
- {BLOCKED}memore.com
- {BLOCKED}ormdoor.com
- {BLOCKED}ole.com
- {BLOCKED}t.net
対応方法
対応検索エンジン: 9.300
初回 VSAPI パターンバージョン 9.178.02
初回 VSAPI パターンリリース日 2012年6月11日
VSAPI OPR パターンバージョン 9.179.00
VSAPI OPR パターンリリース日 2012年6月12日
手順 1
Windows XP、Windows Vista および Windows 7 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。
手順 2
Windowsをセーフモードで再起動します。
[ 詳細 ]
手順 3
このレジストリキーを削除します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
- {random}
- {random}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
- {GUID}
- {GUID}
手順 4
このレジストリ値を削除します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters
- ServiceDll = "{malware path}\{malware name}.dll"
- ServiceDll = "{malware path}\{malware name}.dll"
手順 5
コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「BKDR_TURKOJAN.KO」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。
ご利用はいかがでしたか? アンケートにご協力ください