Нужен совет? Обратитесь за помощью к сообществу или специалистам.
Перейти к Avira Answers
???:Adware/EasyDownlo.A
?????????:05/10/2012
???:????????? ? ????????? ?? (ADSPY)
? ???????? ????????:???
?????????? ????? ?????????:?? ??????? ?? ????????
????????? ???????????????:??????
????????? ???????????:??????
?????? VDF:7.11.45.42 - 2012년 10월 5일 금요일
?????? IVDF:7.11.45.42 - 2012년 10월 5일 금요일

 ????? ????? ???????????????:
   • ??? ??????????? ????????? ???????????????


?????????? (?liases):
   •  Eset: NSIS/TrojanDownloader.Agent.NLH trojan
     Norman: Virus W32/Obfuscated_VPE.BVE.dropper


???????????? ???????:
   • Windows 2000
   • Windows XP
   • Windows 2003
    Windows Vista
    Windows Server 2008
    Windows 7


???????????:
   • ????????? ???????


????? ??????? ???????? ????????? ??????????:


 ????? ????????? ????????? ?????:

– ????? ????????????? ??? ?????????? ????????????? ? ????? ???? ???????.
   • %temp%\nsd3.tmp
   • %temp%\nst4.tmp\nsExec.dll
   • %temp%\nst4.tmp\ns5.tmp

 ?????? ??????????? ????????? ????? ???????:

[HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}]
   • "(Default)"="bho_project"

[HKCR\AppID\bho_project.DLL]
   • "AppID"="{186E19A3-B909-4F48-B687-BB81EB8BC7CE}"

[HKCR\CLSID\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}]
   • "(Default)"="VideoFileDownload"

[HKCR\CLSID\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}\InprocServer32]
   • "(Default)"="%PROGRAM FILES%\OpenApp\bho_project.dll"

[HKCR\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\0\win32]
   • "(Default)"="%PROGRAM FILES%\OpenApp\bho_project.dll"

[HKCR\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\FLAGS]
   • "(Default)"="0"

[HKCR\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\HELPDIR]
   • "(Default)"="%PROGRAM FILES%\OpenApp"

[HKLM\SOFTWARE\Classes\AppID\
   {186E19A3-B909-4F48-B687-BB81EB8BC7CE}]
   • "(Default)"="bho_project"

[HKLM\SOFTWARE\Classes\AppID\bho_project.DLL]
   • "AppID"="{186E19A3-B909-4F48-B687-BB81EB8BC7CE}"

[HKLM\SOFTWARE\Classes\CLSID\
   {BA0454C5-FD30-428E-8DB9-3FF87A612F64}]
   • "(Default)"="VideoFileDownload"

[HKLM\SOFTWARE\Classes\CLSID\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}\
   InprocServer32]
   • "(Default)"="%PROGRAM FILES%\OpenApp\bho_project.dll"

[HKLM\SOFTWARE\Classes\Interface\
   {3AE26843-9171-4F23-A8E5-5421701276A4}]
   • "(Default)"="Ibho_object"

[HKLM\SOFTWARE\Classes\TypeLib\
   {B00FE392-639D-4688-976E-A1BFF368CB96}\1.0]
   • "(Default)"="bho_project 1.0 Type Library"

[HKLM\SOFTWARE\Classes\TypeLib\
   {B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\0\win32]
   • "(Default)"="%PROGRAM FILES%\OpenApp\bho_project.dll"

[HKLM\SOFTWARE\Classes\TypeLib\
   {B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\FLAGS]
   • "(Default)"="0"

[HKLM\SOFTWARE\Classes\TypeLib\
   {B00FE392-639D-4688-976E-A1BFF368CB96}\1.0\HELPDIR]
   • "(Default)"="%PROGRAM FILES%\OpenApp"

[HKLM\SOFTWARE\Google\Chrome\Extensions\
   kincjchfokkeneeofpeefomkikfkiedl]
   • "path"="%PROGRAM FILES%\OpenApp\chromeaddon.crx"

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\
   ElevationPolicy\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}]
   • "AppName"="VFDInstall.exe"
   • "AppPath"="%PROGRAM FILES%\OpenApp"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
   Browser Helper Objects\{BA0454C5-FD30-428E-8DB9-3FF87A612F64}]
   • "(Default)"="BHO_PROJECT"
   • "NoExplorer"="dword:0x00000001"

 ?????? ???????? ??????????:
??? ???????? ?????????? ???????? ?????????? ??????????????? ???????? ?? ?????????? DNS ?????????:
   • cdn.secure**********.info
   • **********opy.eu
   • track.trk**********.info
   • track2.trk**********.info

Описание добавил Wensin Lee в(о) вторник, 9 октября 2012 г.
Описание обновил Wensin Lee в(о) вторник, 9 октября 2012 г.

Назад . . . .
https:// Это окно зашифровано для вашей безопасности.