Precisa de ajuda? Peça à comunidade ou contrate um perito.
Acesse a Avira Answers
Virus:Adware/InstallCore.1.12
Date discovered:15/02/2012
Type:Adware/Spyware
In the wild:No
Reported Infections:Low
Distribution Potential:Low
Damage Potential:Low
Static file:Yes
File size:582.536 Bytes
MD5 checksum:d420892051c4495b6923e2cd2849113a
VDF version:7.11.23.26 - Wednesday, February 15, 2012
IVDF version:7.11.23.26 - Wednesday, February 15, 2012

 General ADWARE/ malware class description (en)
Method of propagation:
   • No own spreading routine


Aliases:
   •  Eset: Win32/InstallCore
   •  DrWeb: Adware.InstallCore.20


Platforms / OS:
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Right after execution the following information is displayed:


 Files  It creates the following directories:
   • C:\TEMP\ish423234\
   • C:\TEMP\is1438683437\



The following files are created:

– Non malicious files:
   • C:\TEMP\ish411640\defaultOffer\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\offer_html.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_code.dat
   • C:\TEMP\ish411640\defaultOffer\US\offer_html.dat
   • C:\TEMP\ish411640\bootstrap_6570.html
   • C:\TEMP\ICReinstall_ad.exe
   • %HOME%\Desktop\Continue FoxTabFLV Player Installation.lnk
   • C:\TEMP\is1438683437\4380116.cfg
   • C:\TEMP\is1438683437\673479180.cfg

– Temporary files that might be deleted afterwards:
   • C:\TEMP\000647F8.log
   • C:\Programme\is420125.log
   • C:\TEMP\0006693C.log
   • C:\TEMP\00066C39.log

 Miscellaneous Accesses internet resources:
   • os.solvefile.com
   • cdnus.solvefile.com
   • cdneu.solvefile.com

 File details Programming language:
The malware program was written in Delphi.

Descrição enviada por Martin Muench em quarta-feira, 15 de fevereiro de 2012
Descrição atualizada por Martin Muench em quarta-feira, 15 de fevereiro de 2012

Voltar . . . .
https:// Esta janela é criptografada para sua segurança.