Precisa de ajuda? Peça à comunidade ou contrate um perito.
Acesse a Avira Answers
VrusAdware/InstallC.B.1
Data em que surgiu:29/03/2012
Tipo:Adware/Spyware
Includo na lista "In The Wild"No
Nvel de danos:Baixo
Nvel de distribuio:Baixo
Nvel de risco:Baixo
Verso VDF:7.11.26.84 - quinta-feira, 29 de março de 2012
Verso IVDF:7.11.26.84 - quinta-feira, 29 de março de 2012

 Vulgarmente Meio de transmisso:
   • No tem rotinas de propagao


Alias:
   •  Eset: a variant of Win32/InstallIQ application


Sistemas Operativos:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


Efeitos secundrios:
   • Altera o registo do Windows


Depois de executado visualizada a seguinte informao:


 Ficheiros So criados os seguintes ficheiros:

Ficheiros no maliciosos:
   • %temp%\pkg_11111632b0\wrapper.xml; %temp%\pkg_11111632b0\autorun.txt;
      %temp%\pkg_11111632b0\stub.log; %temp%\pkg_11111632b0\timings.txt;
      %temp%\pkg_11111632b0\detectionrules.dat;
      %temp%\pkg_11111632b0\SymCCIS.zip; %temp%\pkg_11111632b0\SymCCIS.dll;
      %temp%\pkg_11111632b0\AskTB\asktbdet.zip;
      %temp%\pkg_11111632b0\AskTB\ApnIC.dll;
      %temp%\pkg_11111632b0\AskTB\ApnStub.exe; %temp%\SymCCIS_CheckCriteria.txt;
      %temp%orary Internet Files\Content.IE5\G9YZGDQJ\SCC[1].dll;
      %temp%\SCCLog.txt; %temp%\pkg_11111632b0\ping.dat;
      %temp%\pkg_11111632b0\resource.installiq_v2e.pkg;
      %temp%\pkg_11111632b0\resource.product.iq.expertpdf7.pkg;
      %temp%\pkg_11111632b0\resource.disclosure.iq.asktoolbar_suite.pkg;
      %temp%\pkg_11111632b0\resource.disclosure.iq.smartpccleaner_r1_v1.pkg;
      %temp%\pkg_11111632b0\resource.disclosure.iq.drivergenius_r2_v1.pkg;
      %temp%\pkg_11111632b0\resource.disclosure.iq.ty_icon_v2.pkg;
      %temp%\pkg_11111632b0\disclosure.iq.ty_icon_v2.xml;
      %temp%\pkg_11111632b0\disclosure.iq.drivergenius_r2_v1.xml;
      %temp%\pkg_11111632b0\disclosure.iq.smartpccleaner_r1_v1.xml;
      %temp%\pkg_11111632b0\disclosure.iq.asktoolbar_suite.xml;
      %temp%\pkg_11111632b0\product.iq.expertpdf7.xml;
      %temp%\pkg_11111632b0\installiq_v2e.xsl;
      %temp%\pkg_11111632b0\installiq_v2e\disclosure.browseroptions.xml;
      %temp%\pkg_11111632b0\installiq_v2e\disclosure.cancel.xml;
      %temp%\pkg_11111632b0\installiq_v2e\disclosure.download.xml;
      %temp%\pkg_11111632b0\installiq_v2e\js\DD_belatedPNG_0.0.8a-min.js;
      %temp%\pkg_11111632b0\installiq_v2e\js\installiq.js;
      %temp%\pkg_11111632b0\installiq_v2e\js\jquery-1.8.0.min.js;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\accept_msg.gif;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\accept_pop.gif;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_close.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_install_roundbottom.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_install_tab.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_install_top.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_installcart_items.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_installcart_items_ul.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_installcartactive.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_installcartcount.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_installcartcount_active.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_header_l.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_installcart.gif;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_installcart.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_progress.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_steptitle_blue.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_iq_ui_wrap.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_min.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_progress_holder.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\bg_progress_softwarecount.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\btn_addons.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\btn_medium.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ico_cart.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ico_cart_active.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ico_help.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ico_installiq.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ico_legalmark.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ie9_dl_disc.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\ie9_dl_disc_single.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\img_progressbar_bg.png;
      %temp%\pkg_11111632b0\installiq_v2e\template_skin\img_progressbar_top.png;
      %temp%\pkg_11111632b0\product.iq.expertpdf7\tn_expertpdf7.png;
      %temp%\pkg_11111632b0\product.iq.expertpdf7\bg_expertpdf7.jpg;
      %temp%\pkg_11111632b0\disclosure.iq.asktoolbar_suite\asktoolbar_bg.jpg;
      %temp%\pkg_11111632b0\view.welcome.xml;
      %temp%\pkg_11111632b0\welcomestats.dat; %temp%\VGX3.tmp; %temp%\VGX4.tmp;
      %temp%\VGX5.tmp; %temp%\VGX6.tmp; %temp%\VGX7.tmp; %temp%\VGX8.tmp;
      %temp%\VGX9.tmp; %temp%\VGXA.tmp; %temp%\VGXB.tmp; %temp%\VGXC.tmp;
      %temp%\pkg_11111632b0\view.disclosure.iq.asktoolbar_suite.xml;
      %temp%\VGXD.tmp; %temp%\VGXE.tmp; %temp%\VGXF.tmp; %temp%\VGX10.tmp;
      %temp%\VGX11.tmp; %temp%\VGX12.tmp; %temp%\VGX13.tmp; %temp%\VGX14.tmp;
      %temp%\VGX15.tmp; %temp%\VGX16.tmp;
      %temp%\pkg_11111632b0\view.disclosure.iq.smartpccleaner_r1_v1.xml;
      %temp%\VGX17.tmp; %temp%\VGX18.tmp; %temp%\VGX19.tmp; %temp%\VGX1A.tmp;
      %temp%\VGX1B.tmp; %temp%\VGX1C.tmp; %temp%\VGX1D.tmp; %temp%\VGX1E.tmp;
      %temp%\VGX1F.tmp; %temp%\VGX20.tmp;
      %temp%\pkg_11111632b0\view.disclosure.iq.drivergenius_r2_v1.xml;
      %temp%\VGX21.tmp; %temp%\VGX22.tmp; %temp%\VGX23.tmp; %temp%\VGX24.tmp;
      %temp%\VGX25.tmp; %temp%\VGX26.tmp; %temp%\VGX27.tmp; %temp%\VGX28.tmp;
      %temp%\VGX29.tmp; %temp%\VGX2A.tmp;
      %temp%\pkg_11111632b0\view.browseroptions.xml; %temp%\VGX2B.tmp;
      %temp%\VGX2C.tmp; %temp%\VGX2D.tmp; %temp%\VGX2E.tmp; %temp%\VGX2F.tmp;
      %temp%\VGX30.tmp; %temp%\VGX31.tmp; %temp%\VGX32.tmp; %temp%\VGX33.tmp;
      %temp%\VGX34.tmp; %temp%\pkg_11111632b0\view.download.xml;
      %temp%\VGX35.tmp; %temp%\VGX36.tmp; %temp%\VGX37.tmp; %temp%\VGX38.tmp;
      %temp%\VGX39.tmp; %temp%\VGX3A.tmp; %temp%\VGX3B.tmp; %temp%\VGX3C.tmp;
      %temp%\VGX3D.tmp; %temp%\VGX3E.tmp

– Ficheiros temporrios que poderam ser apagados mais tarde:
   • %temp%\SCC.dll
   • %temp%\pkg_11111632b0\SCC.dll

 Registry (Registo do Windows) Adiciona a seguinte chave ao registo do Windows para executar o servio ao iniciar o sistema:

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
   • "Name"="sample.exe"
   • "ID"=dword:504def0a



So adicionadas as seguintes chaves ao registo:

[HKLM\SOFTWARE\Microsoft\Direct3D\MostRecentApplication]
   • "Name"="sample.exe"

[HKLM\SOFTWARE\Freeze.com\Installer]
   • "test"=-

 Informaes diversas Ligao internet:
Para conferir a sua ligao internet so contatados os seguintes servidores de DNS :
   • dl.install**********.com
   • dl6.iq7**********load.com
   • dl6.iq8**********load.com
   • dl2.iq8**********load.com

Descrição enviada por Wensin Lee em quinta-feira, 27 de setembro de 2012
Descrição atualizada por Wensin Lee em quinta-feira, 27 de setembro de 2012

Voltar . . . .
https:// Esta janela é criptografada para sua segurança.