Download Admin

Kategorie: Adware und PUAs Schutz verfügbar seit:07 Nov 2011 18:50:56 (GMT)
Typ: Unspecified PUA Zuletzt aktualisiert:20 Jul 2014 10:15:14 (GMT)

Download Kostenloses Virus Removal Tool downloaden – Finden Sie Bedrohungen, die Ihre Virenschutzsoftware übersehen hat

Download Admin is an installer which bundles legitimate applications with offers for additional third party applications that may be unwanted by the user. Such third party applications are typically installed onto users’ computers by default, but may include an option to ‘opt-out’ during or after the installation process.

Examples of Download Admin include:

Example 1

File Information

Size
792K
SHA-1
001a627df937e2be6ef0fe4be1a1bb92aa4ce24d
MD5
8e13ef8c228d644cabfa11bc0921d53f
CRC-32
dc89d8de
File type
Windows executable
First seen
2014-04-15

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\version.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\stepBG.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\lua51.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\nsisunz.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\json.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket\tp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\IntegratedOffer.lua
    Size
    43K
    SHA-1
    d87f173564c0418ac3c4fb5a28d0ba04551d1d70
    MD5
    bf7ea3647e9d40ac9f3a47ce92a73711
    CRC-32
    0016ec59
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\packaged_app.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\sandbox.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\acceptGreen2x.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\bg4.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\ok.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\DownloadThread.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\win32_constants.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\nsis7z.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\index.html
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\scheduler.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\service_registry.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\icon_folder.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\decline_offer_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\headerBG.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\mod.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\cancel.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\install_now_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\DALogo2.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\res\common.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\utils.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\offers.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\uninstall.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\minimise.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\step_off.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\uistate.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\truste.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\UACInfo.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\close.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\core.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\next.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\defs.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\wininet_h.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin.zip
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\__web.xml
    Size
    13K
    SHA-1
    af4b932c46adcfa1d62235c8bb3ebc0154bca468
    MD5
    d29bdb898c3a5f56ad6962f9a7f63c59
    CRC-32
    ad98190b
    File type
    Extensible Markup Language (XML)
    First seen
    2014-04-15
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\wintypes.lua
  • c:\Documents and Settings\test user\My Documents\My Videos\Desktop.ini
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\progress.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\skip_all_offers_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\step_on.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\BrowserControl.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\notifyicon.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\DALogo.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\processfreefile.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\bit.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\un.package.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\AdvancedTests.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\back.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\browserutils.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\callbackproxy.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\definitions.lua
    Size
    9.7K
    SHA-1
    bd10f31bbe65e4292725bd8bcc028705575e2ae2
    MD5
    c22998007db23ae38f578421628fc4f7
    CRC-32
    7e3a6cf1
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\DownloadList.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\res\knockout.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\bundleinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\eagerinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\cancel.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\wininet\compat.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\env.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\options.json
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaXml_lib.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\mime.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\Events.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\extension.tlb
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\downloads.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\ffi.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\skin\decline.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\FloatingProgress.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\socket\core.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\luaxml.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\res\jquery.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\GuiInit.lua
    Size
    155K
    SHA-1
    22bc9a63b3ee17f997000dc9968a58cb07e9c66a
    MD5
    581cd72a3dcbb09b79dcdb6ffd6350ce
    CRC-32
    a70d2af8
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\skin\res\common.js
    Size
    99K
    SHA-1
    fdb788157fbc2865f97e4bbc25d4dd649317254c
    MD5
    b87b71c2952dd5f08e4ea9ea1ccf8311
    CRC-32
    5443567d
    File type
    JavaScript
    First seen
    2014-05-14
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaBridge.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\luacom.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\lua\socket\smtp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsr4.tmp\LuaSocket\mime\core.dll
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    Administrative Tools
    c:\Documents and Settings\test user\Start Menu\Programs\Administrative Tools
HTTP Requests
  • http://mirror.mirror-files.com/skins/da/11132013/DownloadAdmin-Google-Wide-nocancel.zip
  • http://service.downloadadmin.com/env
  • http://service.downloadadmin.com/install
DNS Requests
  • mirror.mirror-files.com
  • service.downloadadmin.com

Example 2

File Information

Size
793K
SHA-1
0074130e7095c610cbabfc096a4d9be9d3c5cbe1
MD5
f8f1a812465f5cf1777bf6ca644312db
CRC-32
1346f6f0
File type
Windows executable
First seen
2014-03-21

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\callbackproxy.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\lua51.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\sandbox.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\nsisunz.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\browserutils.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\FloatingProgress.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\bit.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\wintypes.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\BrowserControl.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\AdvancedTests.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\bundleinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\json.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\definitions.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\mime\core.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\DownloadThread.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\downloads.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\env.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\skin\res\common.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\uistate.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\eagerinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaBridge.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\ffi.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\service_registry.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\extension.tlb
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\GuiInit.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket\smtp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\IntegratedOffer.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\packaged_app.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\skin\res\common.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\skin\res\jquery.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\socket\core.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\skin\res\knockout.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket\tp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\luacom.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaXml_lib.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\notifyicon.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\processfreefile.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\mime.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\DownloadList.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\Events.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\compat.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\nsis7z.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\luaxml.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\scheduler.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\version.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\utils.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\win32_constants.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\un.package.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\LuaSocket\lua\socket\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\UACInfo.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\wininet_h.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\defs.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nsg4.tmp\wininet\core.lua
  • c:\Documents and Settings\test user\My Documents\My Videos\Desktop.ini
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    Administrative Tools
    c:\Documents and Settings\test user\Start Menu\Programs\Administrative Tools
HTTP Requests
  • http://service.downloadadmin.com/install
DNS Requests
  • service.downloadadmin.com

Example 3

File Information

Size
792K
SHA-1
03fc9c60fa68db2e2bd6da7b1b4e4e1436676c3f
MD5
802f97b3dcbb638d3cffed991c4aaba0
CRC-32
76b1e322
File type
application/x-ms-dos-executable
First seen
2014-04-15

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\res\common.js
    Size
    99K
    SHA-1
    fdb788157fbc2865f97e4bbc25d4dd649317254c
    MD5
    b87b71c2952dd5f08e4ea9ea1ccf8311
    CRC-32
    5443567d
    File type
    JavaScript
    First seen
    2014-05-14
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\BrowserControl.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\notifyicon.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\definitions.lua
    Size
    9.7K
    SHA-1
    bd10f31bbe65e4292725bd8bcc028705575e2ae2
    MD5
    c22998007db23ae38f578421628fc4f7
    CRC-32
    7e3a6cf1
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\bit.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\cancel.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\core.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\browserutils.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\AdvancedTests.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\callbackproxy.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\bundleinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket\tp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\GuiInit.lua
    Size
    155K
    SHA-1
    22bc9a63b3ee17f997000dc9968a58cb07e9c66a
    MD5
    581cd72a3dcbb09b79dcdb6ffd6350ce
    CRC-32
    a70d2af8
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\nsisunz.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\sandbox.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\packaged_app.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\res\common.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\nsis7z.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\DownloadList.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\eagerinstall.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\Events.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\DownloadThread.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\env.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\acceptGreen2x.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\extension.tlb
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\ffi.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\FloatingProgress.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\res\jquery.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaBridge.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\utils.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\processfreefile.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\cancel.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\luaxml.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\DALogo.jpg
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\IntegratedOffer.lua
    Size
    43K
    SHA-1
    d87f173564c0418ac3c4fb5a28d0ba04551d1d70
    MD5
    bf7ea3647e9d40ac9f3a47ce92a73711
    CRC-32
    0016ec59
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2014-04-10
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\ok.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\mod.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\luacom.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket\smtp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\mime\core.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\json.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\mime.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\icon_folder.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\progress.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\socket\core.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\bg4.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaXml_lib.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\downloads.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\back.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\offers.css
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\service_registry.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\decline.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\options.json
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\index.html
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\defs.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\scheduler.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\decline_offer_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\LuaSocket\lua\socket\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\headerBG.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\DALogo2.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\install_now_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\minimise.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\compat.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\lua51.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\next.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\stepBG.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\close.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\step_on.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\step_off.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\truste.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\UACInfo.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\skip_all_offers_btn.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\skin\uninstall.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\version.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin\res\knockout.js
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\un.package.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\ftp.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\win32_constants.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\url.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\uistate.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\wininet_h.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\ltn12.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\wintypes.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\wininet\http.lua
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\__web.xml
  • c:\Documents and Settings\test user\Local Settings\Temp\nse4.tmp\skin.zip
  • c:\Documents and Settings\test user\My Documents\My Videos\Desktop.ini
Registry Keys Modified
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
    Administrative Tools
    c:\Documents and Settings\test user\Start Menu\Programs\Administrative Tools
HTTP Requests
  • http://mirror.mirror-files.com/skins/da/11132013/DownloadAdmin-Google-Wide-nocancel.zip
  • http://service.downloadadmin.com/env
  • http://service.downloadadmin.com/install
DNS Requests
  • mirror.mirror-files.com
  • service.downloadadmin.com

Download Sophos Produkte kostenlos testen
Jetzt downloaden