需要修復電腦?
聘請專家
Nume:ADWARE/Instoolbar.A
Descoperit pe data de:21/12/2012
Tip:Adware
ITW:Da
Numar infectii raportate:Scazut spre mediu
Potential de raspandire:Scazut
Potential de distrugere:Scazut
Fisier static:Da
Marime:163.416 Bytes
Versiune VDF:7.11.54.138 - 2012年12月21日星期五
Versiune IVDF:7.11.54.138 - 2012年12月21日星期五

 General Metoda de raspandire:
   • Nu are rutina proprie de raspandire


Alias:
   •  Eset: Win32/Somoto.A
   •  DrWeb: Adware.Somoto.8


Sistem de operare:
   • Windows 2000
   • Windows XP
   • Windows 2003
   • Windows Vista
   • Windows Server 2008
   • Windows 7


Efecte secundare:
   • Creeaza fisiere
   • Modificari in registri


Dupa activare, ruleaza un program Windows care afiseaza urmatoarea fereastra:


 Fisiere Sunt create fisierele:

– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
– %PROGRAM FILES%\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

 Registrii sistemului Inregistreaza un browser helper object (BHO) prin adaugarea urmatoarei chei in registri:

Fisierul DLL inregistrat schimba pagina de start pentru Internet Explorer in: http://mystart.incredibar.com/mb205?a=6R8P5qGc1H&i=26
– HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
   Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
   • @="Incredibar.com Helper Object"
   • "NoExplorer"=dword:00000001

說明撰寫者 Alexander Bauer 開啟 2012年12月23日星期日
說明更新者 Alexander Bauer 開啟 2012年12月23日星期日

返回 . . . .

© 2013 Avira Operations GmbH & Co. KG. 保留所有權利.

我的帳戶

https:// 為了你的安全,此視窗已加密。