2. Spreading path and symptoms of infection
This kind of malicious program adopted its download and installation methods through using shorten URL in any part of internet. We can easily see bunch of shorten URLs and even click those in case of.
Therefore, users who click those links without thinking need special attention about those malicious files.
In particular, this malicious program is masqueraded as one of Korean anti-virus software.
Downloaded malicious file is a set of SFX(self-extracting executable file), and shows brief additional adware explanation.
With the figure above, this connects certain domain server and tries to install.
After extracted, 2 files will be existed in following path. And several shortcuts for accessing affiliate marketing site will be created in Desktop.
Downloaded temp.zip(zip file) contains "alyac2.0.jpg" file and explanation and download path of "alyac V2.0 beta".
3. How to prevent
In this kind of malicious program is generated for advertisement and benefit of the company, it can damage or cost user.
To keep safe from this kind of malicious file we recommend user obey the safety precautions as following :
* nProtect Anti-Virus/Spyware 3.0 diagnosis screen