Du brauchst Hilfe? Frage die Community oder wende dich an einen Experten.
Zu Avira Answers
Virus:Adware/InstallCore.1.12
Date discovered:15/02/2012
Type:Adware/Spyware
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:582.536 Bytes
MD5 checksum:d420892051c4495b6923e2cd2849113a
VDF version:7.11.23.26 - Wednesday, February 15, 2012
IVDF version:7.11.23.26 - Wednesday, February 15, 2012

 General ADWARE/ malware class description (en)
Method of propagation:
   • No own spreading routine


Aliases:
   •  Eset: Win32/InstallCore
   •  DrWeb: Adware.InstallCore.20


Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Right after execution the following information is displayed:


 Files  It creates the following directories:
   • C:\TEMP\ish423234\
   • C:\TEMP\is1438683437\



The following files are created:

– Non malicious files:
   • C:\TEMP\ish411640\defaultOffer\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\offer_html.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_html.dat
   • C:\TEMP\ish411640\bootstrap_6570.html
   • C:\TEMP\ICReinstall_ad.exe
   • %HOME%\Desktop\Continue FoxTabFLV Player Installation.lnk
   • C:\TEMP\is1438683437\4380116.cfg
   • C:\TEMP\is1438683437\673479180.cfg

– Temporary files that might be deleted afterwards:
   • C:\TEMP\000647F8.log
   • C:\Programme\is420125.log
   • C:\TEMP\0006693C.log
   • C:\TEMP\00066C39.log

 Miscellaneous Accesses internet resources:
   • os.solvefile.com
   • cdnus.solvefile.com
   • cdneu.solvefile.com

 File details Programming language:
The malware program was written in Delphi.

Die Beschreibung wurde erstellt von Martin Muench am Mittwoch, 15. Februar 2012
Die Beschreibung wurde geändert von Martin Muench am Mittwoch, 15. Februar 2012

zurück . . . .