ADWARE/Vittalia.AB
Virus: ADWARE/Vittalia.AB
Tanggal
ditemukan: 03/07/2013
Jenis: Adware /
Spyware
Di alam liar:
Tidak ada
Dilaporkan
Infeksi: Menengah
Distribusi
Potensi: Rendah
Kerusakan
Potensi: Rendah
VDF version:
7.11.88.138- Rabu, Juli 3, 2013
IVDF versi:
7.11.88.138 - Rabu, Juli 3, 2013
Umum
Metode
perbanyakan:
• Tidak rutin menyebarkan sendiri
Deteksi dengan anti virus lainnya :
• AVG: Startpage.TQC
• Eset: Win32/Vittalia.C
• DrWeb: Adware.Downware.744
Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7
Efek sampingnya:
• AVG: Startpage.TQC
• Eset: Win32/Vittalia.C
• DrWeb: Adware.Downware.744
Platforms / OS:
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7
Efek sampingnya:
Modifikasi Registry
Tepat setelah eksekusi Informasi berikut ini ditampilkan:
File
Berkas berikut dibuat:
– Temporary files that might be deleted afterwards:
• %HOME%\Application Data\temp\c12afondo.bmp.zip
• %HOME%\Local Settings\Application Data\temp\c12aheader.bmp.zip
– %HOME%\Local Settings\Application Data\temp\2.txt
– %HOME%\Local Settings\Application Data\temp\c12aInstaller.exe Furthermore it gets executed after it was fully created.
– %HOME%\Local Settings\Application Data\temp\c12aInstaller.INI Furthermore it gets executed after it was fully created.
Registry
kunci registri berikut
ditambahkan:
– [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_TAPISRV\0000\Control]
• "ActiveService"="TapiSrv"
– [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_RASMAN\0000\Control]
• "ActiveService"="RasMan"
0 Komentar:
Posting Komentar