PCの修理が必要ですか?
専門家に頼む
????ADWARE/InstallMat.D
????06/11/2012
????????
????????
?????
???????
????????????
?????????????
????????~ 280 000 ???
VDF???????7.11.49.22 - 2012年11月6日火曜日
IVDF???????7.11.49.22 - 2012年11月6日火曜日

 ???? ADWARE/ malware class description (jp)
????
   • ????????????


??
   •  Symantec: Downloader
   •  McAfee: Generic PUP.x!bxk
     Avast: Skodna.Generic.AFC
     PCTools: Downloader.Generic
   •  Eset Win32/InstallMate
     DrWeb: Adware.Downware.448
     Norman: W32/Suspicious_Gen4.BGZMA


????????/OS?
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows 7


???
   • ???????????
   • ?????????

 ???? ???????????????

??????????
   • C:\Documents and Settings\Administrator\Local
      Settings\Temp\Tsu%8??????????%.dll; C:\Documents
      and Settings\Administrator\Local
      Settings\Temp\%8??????????%.dat; C:\Documents
      and Settings\Administrator\Local
      Settings\Temp\%8??????????%\_Setup.dll;
      C:\Documents and Settings\Administrator\Local
      Settings\Temp\%8??????????%\Setup.ico;
      C:\Documents and Settings\Administrator\Local
      Settings\Temp\%8??????????%\_Setupx.dll;
      C:\Documents and Settings\Administrator\Local
      Settings\Temp\%8??????????%\Setup.exe;
      %ALLUSERSPROFILE%\TSR8.tmp; %ALLUSERSPROFILE%\Application Data\TSR9.tmp;
      %ALLUSERSPROFILE%\Application Data\TSRA.tmp; %ALLUSERSPROFILE%\Application
      Data\TSRB.tmp; %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\_Setup.dll;
      %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\Setup.ico;
      %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\_Setupx.dll;
      %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\Setup.exe;
      %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\TsuDll.dll;
      C:\Documents and Settings\Administrator\Local
      Settings\Temp\%8??????????%\x86\regsvr32.exe;
      C:\Documents and Settings\Administrator\Local
      Settings\Temp\%8??????????%\x64\regsvr32.exe;
      %ALLUSERSPROFILE%\Application
      Data\InstallMate\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\Setup.dat;
      C:\Documents and Settings\Administrator\Local Settings\Temp\sample.log




??????????????????

?????????????????????????
   • %ALLUSERSPROFILE%\Application Data\Premium\Agent\Agent.exe

 ????? ???????????????????

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
   {F46AD279-DAAF-44D1-9E83-6D44907CAA50}]
   • "UninstallString"="C:\DOCUME~1\\ALLUSE~1\\APPLIC~1\\INSTAL~1\\{F46AD~1\\Setup.exe /remove /q0"
   • "QuietUninstallString"="C:\DOCUME~1\\ALLUSE~1\\APPLIC~1\\INSTAL~1\\{F46AD~1\\Setup.exe /remove /q"
   • "ModifyPath"="C:\DOCUME~1\\ALLUSE~1\\APPLIC~1\\INSTAL~1\\{F46AD~1\\Setup.exe /q0"
   • "Version"=dword:01000000
   • "VersionMajor"=dword:00000001
   • "VersionMinor"=dword:00000000
   • "EstimatedSize"=dword:000000e4
   • "Language"=dword:00000409
   • "TSAware"=dword:00000001
   • "TinFolder"="C:\Documents and Settings\\All Users\\Application Data\\InstallMate\\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}"
   • "TinVersion"="7022"
   • "InstallDate"="20121204"
   • "InstallLocation"=" %ALLUSERSPROFILE%\\Application Data\\Premium\\Agent"
   • "InstallSource"="C:\%?????????????????%"
   • "DisplayIcon"=" %ALLUSERSPROFILE%\\Application Data\\InstallMate\\{F46AD279-DAAF-44D1-9E83-6D44907CAA50}\\Setup.ico"
   • "DisplayName"="Agent"
   • "DisplayVersion"="1.0"
   • "Publisher"="Premium"
   • "TizPath"="C:\%?????????????????% \\%????? ????%"
   • "CategoryName"="Bflix"

説明の挿入者 Elias Lan の 2012年12月6日木曜日
説明の更新者 Elias Lan の 2012年12月6日木曜日

戻る . . . .
https:// このウィンドウは暗号化されています。