Vittalia

Categoria: Adware e PUA Opzioni di protezione ora disponibili:22 lug 2015 09:19:07 (GMT)
Tipo: Adware Ultimo aggiornamento:15 dic 2017 03:46:17 (GMT)

Download Scaricate il nostro Virus Removal Tool: è gratis! - Scoprite le minacce che sono sfuggite al vostro antivirus

Examples of Vittalia include:

Example 1

File Information

Size
5.0M
SHA-1
011f98074a30d024b9ef80e1e86ffe7148931129
MD5
d70ab35fd5e19aaed0d8493b879a2707
CRC-32
a0d66b81
File type
Windows executable
First seen
2017-05-25

Runtime Analysis

Registry Keys Created
  • HKLM\SOFTWARE\Vittalia\AxtanInstaller\versions\671726
    LogoUrl
    http://median.eazel.com/uploads/installer_logos/programs/91/230691/69633.png
Processes Created
  • c:\Documents and Settings\test user\local settings\application data\temp\8a32installer.exe
HTTP Requests
  • http://www.dlgeovt.com/abcde.php
  • http://xmlinstcp.ddbbvt.eu/cmd/precompiled.html
  • http://xmlinstcp.ffbbvt.eu/cmd/api.php
  • http://xmlinstcp.ffbbvt.eu/cmd/geo.php
  • http://xmlinstcp.ffbbvt.eu/cmd/report.php
DNS Requests
  • www.dlgeovt.com
  • xmlinstcp.ddbbvt.eu
  • xmlinstcp.ffbbvt.eu

Example 2

File Information

Size
808K
SHA-1
0566603c3712b6b1348b70019cdcd9722b9cfb44
MD5
bf3c357bda2698007223be99a2ce0de2
CRC-32
c6a38c7f
File type
Windows executable
First seen
2016-01-27

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\nsd3.tmp\nxs.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\ff0e79e53f645f29984fd42cdea7e2a6.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\34a11dd8ea3105f6dfb8b652fdd23d59

Example 3

File Information

Size
5.0M
SHA-1
0b3c86ce01454a2203d71ca1306f43c9249e1374
MD5
03e612d800eccce39f712bb0bac0c467
CRC-32
7bf8aef8
File type
Windows executable
First seen
2014-06-20

Runtime Analysis

Dropped Files
  • c:\Documents and Settings\test user\Local Settings\Temp\square_weatherapp.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\44c2fondo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\bubblefootball_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\hao123_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\buenosearch_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\falcon_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mockup_softwareupdater.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\44c2header.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\logo_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\44c2Installer.exe
  • c:\Documents and Settings\test user\Local Settings\Temp\tubedimmer_sample.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_es.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsURL.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\config.xml
  • c:\Documents and Settings\test user\Local Settings\Application Data\temp\44c2Installer.INI
    Size
    770
    SHA-1
    c454b4c657272e364fb9ebbd440b61b850e73c31
    MD5
    212db2d432d4e179caf28b1dae2f609d
    CRC-32
    1eb76e57
    File type
    ASCII text / 8-bit Unicode Transformation Format
    First seen
    2017-07-27
  • c:\Documents and Settings\test user\Local Settings\Temp\square_optimizerpro.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_driverscanner.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\System.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\square_falcon.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\3dboxes_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_en.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\logo-highliteapp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsDialogs.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_jp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_softpublisher_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\passwidget_image3.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\bubbledock_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_it.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_utilsbar.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_freesofttoday.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_aartemis.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\modern-wizard.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\plushd_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_fr.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_tr.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_pt.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mobogenie_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_name.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\ajax_loader.gif
  • c:\Documents and Settings\test user\Local Settings\Temp\logo-kingbrowse.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_donottrackme.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\freesofttoday_image1_pl.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\instloffer.exe
    Size
    643K
    SHA-1
    8fbb64ba3d28cab166d3bb9d46634a28425011ac
    MD5
    2143ec290a9ae30eb186b0424f8b955c
    CRC-32
    4a3cd071
    File type
    Windows executable
    First seen
    2007-09-21
  • c:\Documents and Settings\test user\Local Settings\Temp\costmin_developer_moreinfo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_interstat.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\lollipop_moreinfo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_vbates.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\ButtonEvent.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\tb_utilsbar.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_adducky_tp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\license.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\square_mobogenie_softpublisher.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\searchprotect_conduit_text.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\mypcbackup_softpublisher_title.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\moreinfo_driverscanner.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\optimizerpro_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\modern-header.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\sharpsavings_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\version.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\pricepeep_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_sharpsavings.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsBR.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pcfaster.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mysearchdial_chrome_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\mysearchdial_msie_firefox_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsArray.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\richtext1.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\tkDecript.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\nsm3.tmp\nsMath.dll
  • c:\Documents and Settings\test user\Local Settings\Temp\square_mypcbackup_softpublisher.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_boxore_tp.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\pcfaster_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_passwidget.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_bubbledock.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_lollipop.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\irobinhood_image1.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\snapdov2_terms.rtf
  • c:\Documents and Settings\test user\Local Settings\Temp\square_webstroller_softpublisher.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\pricemeter_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pcspeedup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_mypcbackup.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\systemspeedup_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_irobinhood.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_plushd.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_saveclicker_developer.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_tubedimmer.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_vuupc.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_pricepeep.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_softwareupdater.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\square_saveclicker.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\tubedimmer_logo.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\widdit_big_image.bmp
  • c:\Documents and Settings\test user\Local Settings\Temp\vuupc_offerscreen.bmp
Registry Keys Created
  • HKLM\SOFTWARE\Vittalia\AxtanInstaller\versions\659356
    LogoUrl
    http://median.eazel.com/uploads/installer_logos/programs/79/227179/66048.png
  • HKLM\SOFTWARE\Vittalia\AxtanInstaller
    enduser_id
    73327664
Processes Created
  • c:\Documents and Settings\test user\local settings\application data\temp\44c2installer.exe
HTTP Requests
  • http://xmlinstcp.ddbbvt.eu/cmd/precompiled.html
  • http://xmlinstcp.ffbbvt.eu/cmd/api.php
  • http://xmlinstcp.ffbbvt.eu/cmd/geo.php
  • http://xmlinstcp.ffbbvt.eu/cmd/log.php
  • http://xmlinstcp.ffbbvt.eu/cmd/report.php
DNS Requests
  • xmlinstcp.ddbbvt.eu
  • xmlinstcp.ffbbvt.eu

scarica Prova gratuita dei prodotti Sophos
Scarica subito