|
rundll.exe
파일rundll.exe은 우리의 데이타베이스안에 아직.
rundll.exe은 뒤에 오는 보고안에 발견되었다:
|
Backdoor.LoxoScam |
기술적 세부사항 ...It attempts to replace %windir%Rundll.exe and C:Progra~1Micros~1OfficeFindfast.exe with the file Exec.hlp.... ...It modifies the value from LoadPowerProfile Rundll32.exe powerprof.dll,LoadCurrentPwrScheme... ...to LoadPowerProfile Rundll.exe powerprof.dll,LoadCurrentPwrScheme... 제거 지시 ...%windir%Sys.bat if they exist. Restore Rundll.exe and Findfast.exe. Reverse the changes that it... ...%windir%Sys.bat if they exist. To restore Rundll.exe and Findfast.exe: Using Windows Explorer, copy... ...If the vlaue LoadPowerProfile Rundll.exe powerprof.dll,LoadCurrentPwrScheme... ...exists, modiify it to LoadPowerProfile Rundll32.exe powerprof.dll,LoadCurrentPwrScheme... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.loxoscam.html |
Backdoor.SchoolBus.B |
기술적 세부사항 ...Copies code that is contained in the Trojan as %System%Rundll.exe. NOTES:... ...C:WindowsSystem32 (Windows XP). Rundll.exe itself is a Trojan. It attempts to do the following:... ...%System%Explorer.exe (This file is executed by Rundll.exe, and is used to send system information to a hacker.)... ...Adds the value: rundll "c:windowssystem
undll.exe"... ...Adds the values: rundll "c:windowssystem
undll.exe"... ...rundll32 "c:windowssystem
undll32.exe" to the registry key:... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsActive Setup Installed ComponentsRundll Creates the WindowsVCM folder... 제거 지시 ...right pane, delete the value: rundll "c:windowssystem
undll.exe"... ...HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsActive Setup Installed ComponentsRundll In the right pane, delete... ...the value: rundll "c:windowssystem
undll.exe"... ...rundll32 "c:windowssystem
undll32.exe" Exit the Registry Editor.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.schoolbus.b.html |
Backdoor.LittleWitch.B |
Backdoor.LittleWitch.B에 관하여 ...to a compromised computer. The presence of the file Rundll.exe is an indicator of a possible infection.... 기술적 세부사항 ...It copies itself as %system%Rundll.exe. It creates the file %windir%Usr.dat.... ...The Trojan creates the value Rundll Rundll.exe in the registry key... 제거 지시 ...Scroll through the list, and look for Rundll.exe. If you find the file, click... ...right pane, delete the value Rundll Rundll.exe Exit the Registry Editor.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.littlewitch.b.html |
Backdoor.LittleWitch.C |
Backdoor.LittleWitch.B에 관하여 ...The presence of the file, Rundll.exe, in the %System% folder is an indicator of a possible infection.... 기술적 세부사항 ...Copies itself as %System%Rundll.exe. Creates the file, %Windir%Usr.dat.... ...Creates the value: Rundll Rundll.exe in the registry key:... 제거 지시 ...Scroll through the list and look for Rundll.exe. If you find the file, click... ...right pane, delete the value: Rundll Rundll.exe Exit the Registry Editor.... 근원: http://securityresponse.symantec.com/avcenter/venc/data/backdoor.littlewitch.c.html |
W32.Bajar.Worm.Int |
기술적 세부사항 ...The .vbs script also deletes the file C:WindowsRundll.exe. Finally, after executing the... 제거 지시 ...If the worm deleted Autoexec.bat, Rundll.exe (Windows 95/98/Me only), or Regedit.exe, you must restore them from a clean backup... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.bajar.worm.int.html |
VBS.Bajar.B@mm |
위협 평가 ...deletes c:windowssystemWsock32.dll, c:windows
undll.exe, c:windows
undll32.exe, and overwrites other system files.... 기술적 세부사항 ...C:WindowsSystemWsock32.dll C:WindowsRundll32.exe C:WindowsRundll.exe... 근원: http://securityresponse.symantec.com/avcenter/venc/data/vbs.bajar.b@mm.html |
W32.Bajar.B@mm |
위협 평가 ...deletes c:windowssystemWsock32.dll, c:windows
undll.exe, c:windows
undll32.exe, and overwrites other system files.... 기술적 세부사항 ...C:WindowsSystemWsock32.dll C:WindowsRundll32.exe C:WindowsRundll.exe... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w32.bajar.b@mm.html |
VBS.Over.Trojan |
기술적 세부사항 ...User.exe Rundll.exe Rundll32.exe... 근원: http://securityresponse.symantec.com/avcenter/venc/data/vbs.over.trojan.html |
Trojan.Zeraf |
기술적 세부사항 ...C:WindowsSystem.ini C:WindowsRundll.exe C:WindowsRundll32.exe... 근원: http://securityresponse.symantec.com/avcenter/venc/data/trojan.zeraf.html |
W97M.Mandir.A |
기술적 세부사항 ...SystemTrays rundll.exe user,exitwindows to the registry key... 제거 지시 ...SystemTrays rundll.exe user,exitwindows Click Registry, and then click... ...... 근원: http://securityresponse.symantec.com/avcenter/venc/data/w97m.mandir.a.html |
|
|