ADW_INSTALCOR.GA
AdWare.Win32.InstallCore.f (Kaspersky)
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Tipo de grayware:
Adware
Destrutivo:
Não
Criptografado:
In the Wild:
Sim
Visão geral
Wird möglicherweise manuell von einem Benutzer installiert.
Detalhes técnicos
Übertragungsdetails
Wird möglicherweise manuell von einem Benutzer installiert.
Installation
Schleust die folgenden Dateien ein:
- %Program Files%\Tweaks\FileOpener\7z.dll
- %Program Files%\Tweaks\FileOpener\fileopener.exe
- %Program Files%\Tweaks\FileOpener\uninstall.exe
- %User Temp%\is{10-digit number}\{7-digit number}_stp.EXE
- %User Temp%\is{10-digit number}\{7-digit number}_stp.EXE.part
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\FileOpener (Windows Vista and higher versions)
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\FileOpener\FileOpener.lnk (Windows Vista and higher versions)
- %All Users Profile%\Microsoft\Windows\Start Menu\Programs\FileOpener\uninstall.lnk (Windows Vista and higher versions)
- %System Root%\Users\Public\Desktop\FileOpener.lnk (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\1DAF2884EC4DFA96BA4A58D4DBC9C406 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\223DE96EE265046957A660ED7C9DD9E7_EFF9B9BA98DEAA773F261FA85A0B1771 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\4309200C3DBAD0F6F0DFACE9165FD092 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\4997483CBD49861D6724DB29797AB22C_458D4C6BAE4D25B811086B585FFD701D (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\8059E9A0D314877E40FE93D8CCFB3C69_DDFBEA63B17F0C1BF12B1E83E3936D7B (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\AC9005F5466BD463DF06D711B370595F (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\EB2C4AB8B68FFA4B7733A9139239A396_D76DB901EE986B889F30D8CC06229E2D (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\1DAF2884EC4DFA96BA4A58D4DBC9C406 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\223DE96EE265046957A660ED7C9DD9E7_EFF9B9BA98DEAA773F261FA85A0B1771 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\4309200C3DBAD0F6F0DFACE9165FD092 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\49514950C94E8026A2B06312597DFF49_569BD946168DB279A65378F7D088CFD0 (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\4997483CBD49861D6724DB29797AB22C_458D4C6BAE4D25B811086B585FFD701D (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\8059E9A0D314877E40FE93D8CCFB3C69_DDFBEA63B17F0C1BF12B1E83E3936D7B (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\AC9005F5466BD463DF06D711B370595F (Windows Vista and higher versions)
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\EB2C4AB8B68FFA4B7733A9139239A396_D76DB901EE986B889F30D8CC06229E2D (Windows Vista and higher versions)
- %All Users Profile%\Desktop\FileOpener.lnk (Versions lower than Windows Vista)
- %All Users Profile%\Start Menu\Programs\FileOpener (Versions lower than Windows Vista)
- %All Users Profile%\Start Menu\Programs\FileOpener\FileOpener.lnk (Versions lower than Windows Vista)
- %All Users Profile%\Start Menu\Programs\FileOpener\uninstall.lnk (Versions lower than Windows Vista)
- %Application Data%\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 (Versions lower than Windows Vista)
- %Application Data%\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 (Versions lower than Windows Vista)
- %Application Data%\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 (Versions lower than Windows Vista)
- %Application Data%\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 (Versions lower than Windows Vista)
(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.. %System Root% ist der Stammordner, normalerweise C:\. Dort befindet sich auch das Betriebssystem.. %Application Data% ist der Ordner 'Anwendungsdaten' für den aktuellen Benutzer, normalerweise C:\Windows\Profile\{Benutzername}\Anwendungsdaten unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername}\Anwendungsdaten unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Anwendungsdaten unter Windows 2000, XP und Server 2003.)
Erstellt die folgenden Ordner:
- %Program Files%\Tweaks
- %Program Files%\Tweaks\FileOpener
- %User Temp%\is{10-digit number}
(Hinweis: %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.)
Andere Systemänderungen
Fügt die folgenden Registrierungsschlüssel hinzu:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
2796BAE63F1801E277261BA0D77770028F20EEE4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
91C6D6EE3E8AC86384E548C299295C756C817B81 (Windows Vista and higher versions)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
D4DE20D05E66FC53FE1A50882C78DB2852CAE474 (Windows Vista and higher versions)
Fügt die folgenden Registrierungseinträge hinzu:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
2796BAE63F1801E277261BA0D77770028F20EEE4
Blob = "{hex value}"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
91C6D6EE3E8AC86384E548C299295C756C817B81
Blob = "{hex value}" (Windows Vista and higher versions)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
SystemCertificates\AuthRoot\Certificates\
D4DE20D05E66FC53FE1A50882C78DB2852CAE474
Blob = "{hex value}" (Windows Vista and higher versions)
Andere Details
Fügt die folgenden Registrierungseinträge hinzu, um der Systemsteuerung eine Deinstallationsoption hinzuzufügen:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
DisplayName = "FileOpener"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
UninstallString = ""%Program Files%\Tweaks\FileOpener\uninstall.exe""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
QuietUninstallString = ""%Program Files%\Tweaks\FileOpener\uninstall.exe" /S"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
InstallLocation = ""%Program Files%\Tweaks\FileOpener""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
DisplayIcon = ""%Program Files%\Tweaks\FileOpener\fileopener.exe""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
Publisher = "Tweaks"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
HelpLink = "http://{BLOCKED}le-opener.com/uninstall.html"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
URLUpdateInfo = "http://{BLOCKED}ile-opener"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
URLInfoAbout = "http://{BLOCKED}ile-opener"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
DisplayVersion = "1.1.1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
AlsoInstalled = ""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
VersionMajor = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
VersionMinor = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
NoModify = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
NoRepair = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Tweaks FileOpener
EstimatedSize = "16233"