Aliases of Adware.Cinmus (AKA): 스파이웨어, 애드웨어 소개..


Aliases of Adware.Cinmus (AKA): 스파이웨어, 애드웨어 소개..

요즘 이 스파이웨어가 이슈가 되고 있는것 같네요..

아래는 보안업체의 패치 정보인데...  관련 이슈가 대두되고 있나 봅니다.

9482: Spyware: Cinmus Browser Plugin Download

      2.2 Category: Policy

      2.5 Category: Spyware

      Description:

      This filter detects the download of Cinmus adware browser

      plugin.

      Use of RECOMMENDED action as category setting will:

      Disable this filter.

 

9483: Spyware: Cinmus Browser Plugin Search Hijack Attempt

      2.2 Category: Policy

      2.5 Category: Spyware

      Description:

      This filter detects a search hijack attempt by the Cinmus

      adware browser plugin.

      Use of RECOMMENDED action as category setting will:

      Disable this filter.

 

9484: Spyware: Cinmus Browser Plugin Search Hijack Attempt

      2.2 Category: Policy

      2.5 Category: Spyware

      Description:

      This filter detects a search hijack attempt by the Cinmus

      adware browser plugin.

      Use of RECOMMENDED action as category setting will:

      Disable this filter.





Detecting Adware.Cinmus

The following symptoms signal that your computer is very likely to be infected with Adware.Cinmus.

PC is working very slowly
Adware.Cinmus can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with Adware.Cinmus.

New desktop shortcuts have appeared or the home page has changed
Adware.Cinmus can tamper with your Internet settings or redirect your default home page to unwanted web sites. Adware.Cinmus may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC
Adware.Cinmus may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox
Adware.Cinmus may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam, and other types of unsolicited e-mail to other people.

이건 감염 시 나타 날 수 있는 증상들 입니다.


[Kaspersky] AdWare.Win32.Cinmus.a, AdWare.Win32.Cinmus.b
[McAfee] Adware.Cinmus, Adware-Cinmus
[Other] Cinmus.AA.dropper, Trojan:Win32/Cinmeng, Trojan.Cinmeng
이건 보안 업체 별로 명명한 명칭들이네요..

이       름

Adware.Cinmus(pbhealth.dll)

분       류

Adware

위  험  도

감염 증상

1. 사용자 동의없이 BHO로 설치되어 사용자 키워드를 감시하는 애드웨어이다.

설치 파일

정       보

\Kler\pbhealth.dll

레지스트리

등 록 정 보

\CLSID\{285AB8C6-FB22-4D17-8834-064E2BA0A6F0}

\Interface\{385AB8C4-FB22-4D17-8834-064E2BA0A6F0}

\TypeLib\{385AB8C5-FB22-4D17-8834-064E2BA0A6F0}

http://avscan.ipop.co.kr/spyware_info/view.html?no=1277&table_name=update_board


이건 한국 업체에서 소개한 자료네요.. 링크를 참고하세요.


아래는 치료방법입니다.

외국의 자료를 바탕으로 보면...
출처 : http://www.exterminate-it.com/malpedia/remove-adware-cinmus#howfiles

For instructions on deleting the Adware.Cinmus registry keys and registry values, see How to Remove Adware.Cinmus from the Windows Registry.

For instructions on deleting the Adware.Cinmus files and folders,
see How to Delete Adware.Cinmus Files (.exe, .dll, etc.)

이렇게 레지스트리 키와 관련 파일을 삭제하라고 나옵니다.  위에 링크한 출처를 따라가서 해보세요..