更新者 : Jay Garcia
 別名:

IStartSurf. (McAfee); Hoax.Win32.Caramba.d (Kaspersky)

 プラットフォーム:

Windows

 危険度:
 ダメージ度:
 感染力:
 感染確認数:

  • マルウェアタイプ:
    潜在的に迷惑なアプリケーション

  • 破壊活動の有無:
    なし

  • 暗号化:
     

  • 感染報告の有無 :
    はい

  概要

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

  詳細

ファイルサイズ 941,784 bytes
タイプ EXE
メモリ常駐 はい
発見日 2019年8月20日

侵入方法

プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。

インストール

プログラムは、以下のファイルを作成します。

  • %Program Files%\AVAST Software\Avast\setup\jrog2-65.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_bpc-7e7.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_cleanup_x86-7d0.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_datascan_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_gamingmode-837.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_idp_x86-836.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_pwdman-848.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_pwdman_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_rescuedisk_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_safeprice-7d6.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_secdns_hlp_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_swhealth_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_cmp_webrep-820.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_core-8a0.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_dll_eng-882.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_dll_eng_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_core_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_crt_x86-827.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_openssl_x86-7ce.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_streamfilter_x86-890.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_tools-88d.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_gen_tools_x86-88d.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_res-8a0.vpx
  • %Program Files%\AVAST Software\Avast\setup\ais_x86-7eb.vpx
  • %Program Files%\AVAST Software\Avast\setup\avbugreport_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\avdump_x86_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\instcont_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\instup_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\offertool_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\sbr_x86_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\setgui_ais-954.vpx
  • %Program Files%\AVAST Software\Avast\setup\vps_binaries-65.vpx
  • %Program Files%\AVAST Software\Avast\setup\vps_binaries_32-65.vpx
  • %Program Files%\AVAST Software\Avast\setup\vps_defs_common-65.vpx
  • %Program Files%\AVAST Software\Avast\setup\vps_tools_32-65.vpx
  • %Program Files%\AVAST Software\Avast\aswcml.dll
  • %Program Files%\AVAST Software\Avast\aswsys.dll
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswbdisk.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswbidsdriver.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswbidsh.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswbuniv.sys
  • %Program Files%\AVAST Software\Avast\BrowserCleanup.ini
  • %Program Files%\AVAST Software\Avast\TuneupBin\TuneupSmartScan.dll
  • %Program Files%\AVAST Software\Avast\aswDataScan.dll
  • %Program Files%\AVAST Software\Avast\dnd_helper.dll
  • %Program Files%\AVAST Software\Avast\gaming_hook.exe
  • %ProgramData%\AVAST Software\Avast\gaming_mode\dnddetection.dat
  • %ProgramData%\AVAST Software\Avast\gaming_mode\dnddetection.dat.ver
  • %ProgramData%\AVAST Software\Avast\gaming_mode\dndrules.dat
  • %ProgramData%\AVAST Software\Avast\gaming_mode\dndrules.dat.ver
  • %Program Files%\AVAST Software\Avast\gaming_mode.dll
  • %Program Files%\AVAST Software\Avast\gaming_mode_ui.dll
  • %Program Files%\AVAST Software\Avast\gaming_probe.dll
  • %Program Files%\AVAST Software\Avast\aswhook.dll
  • %ProgramData%\AVAST Software\Avast\cfg\idplog.cfg
  • %ProgramData%\AVAST Software\Avast\cfg\privlog.cfg
  • %ProgramData%\AVAST Software\Avast\cfg\remlog.cfg
  • %ProgramData%\AVAST Software\Avast\cfg\secapilog.cfg
  • %Program Files%\AVAST Software\Avast\aswcomm.dll
  • %Program Files%\AVAST Software\Avast\aswdetallocator.dll
  • %Program Files%\AVAST Software\Avast\aswidplog.dll
  • %Program Files%\AVAST Software\Avast\aswidpm.dll
  • %Program Files%\AVAST Software\Avast\aswidsagent.exe
  • %Program Files%\AVAST Software\Avast\aswntsqlite.dll
  • %Program Files%\AVAST Software\Avast\aswpsic.dll
  • %Program Files%\AVAST Software\Avast\aswremoval.dll
  • %Program Files%\AVAST Software\Avast\aswsecapi.dll
  • %Program Files%\AVAST Software\Avast\aswwinamapi.dll
  • %Program Files%\AVAST Software\Avast\vaarclient.dll
  • %Program Files%\AVAST Software\Avast\pam.ico
  • %ProgramData%\AVAST Software\Avast\pam\pam.json
  • %Program Files%\AVAST Software\Avast\pam.dll
  • %Program Files%\AVAST Software\Avast\RescueDisk\AvastPE2.exe
  • %Program Files%\AVAST Software\Avast\RescueDisk\Base.dll
  • %Program Files%\AVAST Software\Avast\RescueDisk\aswRegLib.dll
  • %Program Files%\AVAST Software\Avast\RescueDisk\aswShMin.exe
  • %Program Files%\AVAST Software\Avast\RescueDisk\uiLangRes.dll
  • %Program Files%\AVAST Software\Avast\RescueDisk\waikx86.mst
  • %Program Files%\AVAST Software\Avast\rescue_disk.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\InstallCrt.exe
  • %Program Files%\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
  • %Program Files%\AVAST Software\Avast\aswSecDns.dll
  • %Program Files%\AVAST Software\Avast\snxhk.dll
  • %ProgramData%\AVAST Software\Avast\snx_gconfig.xml
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswSnx.sys
  • %Program Files%\AVAST Software\Avast\asulaunch.exe
  • %Program Files%\AVAST Software\Avast\aswPatchMgt.dll
  • %Program Files%\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi
  • %Program Files%\AVAST Software\Avast\1033\aswClnTg.htm
  • %Program Files%\AVAST Software\Avast\1033\aswClnTg.txt
  • %Program Files%\AVAST Software\Avast\1033\aswInfTg.htm
  • %Program Files%\AVAST Software\Avast\1033\aswInfTg.txt
  • %Program Files%\AVAST Software\Avast\1033\Base.dll
  • %Program Files%\AVAST Software\Avast\1033\Boot.dll
  • %Program Files%\AVAST Software\Avast\1033\uiLangRes.dll
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswArDisk.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswArPot.sys
  • %Program Files%\AVAST Software\Avast\Licenses\Boost.txt
  • %Program Files%\AVAST Software\Avast\Licenses\Detours.txt
  • %Program Files%\AVAST Software\Avast\Licenses\EULA.txt
  • %Program Files%\AVAST Software\Avast\Licenses\LZMA.txt
  • %Program Files%\AVAST Software\Avast\Licenses\bsdiff.txt
  • %Program Files%\AVAST Software\Avast\Licenses\bzip2.txt
  • %Program Files%\AVAST Software\Avast\Licenses\c-ares.txt
  • %Program Files%\AVAST Software\Avast\Licenses\cURL.txt
  • %Program Files%\AVAST Software\Avast\Licenses\mbedTLS.txt
  • %Program Files%\AVAST Software\Avast\Licenses\protobuf.txt
  • %Program Files%\AVAST Software\Avast\Licenses\zlib.txt
  • %Program Files%\AVAST Software\Avast\AavmRpch.dll
  • %Program Files%\AVAST Software\Avast\ashShell.dll
  • %Program Files%\AVAST Software\Avast\aswAMSI.dll
  • %Program Files%\AVAST Software\Avast\aswBrowser.dll
  • %Program Files%\AVAST Software\Avast\aswCmnIS.dll
  • %Program Files%\AVAST Software\Avast\aswCmnOS.dll
  • %Program Files%\AVAST Software\Avast\aswProperty.dll
  • %Program Files%\AVAST Software\Avast\aswPropertyAv.dll
  • %Program Files%\AVAST Software\Avast\dll_loader.dll
  • %Program Files%\AVAST Software\Avast\firefox_pass.dll
  • %ProgramData%\AVAST Software\Avast\Fonts\OpenSans-Bold.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\OpenSans-Italic.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\OpenSans-Light.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\OpenSans-Regular.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\RobotoCondensed-Bold.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\RobotoCondensed-Regular.ttf
  • %ProgramData%\AVAST Software\Avast\Fonts\proximanova-bold.otf
  • %ProgramData%\AVAST Software\Avast\Fonts\proximanova-light.otf
  • %ProgramData%\AVAST Software\Avast\Fonts\proximanova-regular.otf
  • %ProgramData%\AVAST Software\Avast\avast5.ini
  • %Program Files%\AVAST Software\Avast\setup\settings-954.ori
  • %Program Files%\AVAST Software\Avast\AvastSvc.exe
  • %Program Files%\AVAST Software\Avast\wsc_proxy.exe
  • %Program Files%\AVAST Software\Avast\Aavm4h.dll
  • %Program Files%\AVAST Software\Avast\AvEmUpdate.exe
  • %Program Files%\AVAST Software\Avast\AvastNM.exe
  • %Program Files%\AVAST Software\Avast\CommChannel.dll
  • %Program Files%\AVAST Software\Avast\CommonRes.dll
  • %Program Files%\AVAST Software\Avast\VisthAux.exe
  • %Program Files%\AVAST Software\Avast\anen.dll
  • %Program Files%\AVAST Software\Avast\ashBase.dll
  • %Program Files%\AVAST Software\Avast\ashQuick.exe
  • %Program Files%\AVAST Software\Avast\ashServ.dll
  • %Program Files%\AVAST Software\Avast\ashTask.dll
  • %Program Files%\AVAST Software\Avast\ashTaskEx.dll
  • %Program Files%\AVAST Software\Avast\ashUpd.exe
  • %Program Files%\AVAST Software\Avast\aswAux.dll
  • %Program Files%\AVAST Software\Avast\aswChLic.exe
  • %Program Files%\AVAST Software\Avast\aswCmnBS.dll
  • %Program Files%\AVAST Software\Avast\aswData.dll
  • %Program Files%\AVAST Software\Avast\aswDld.dll
  • %Program Files%\AVAST Software\Avast\aswEngLdr.dll
  • %Program Files%\AVAST Software\Avast\aswEngSrv.exe
  • %Program Files%\AVAST Software\Avast\aswIP.dll
  • %Program Files%\AVAST Software\Avast\aswLog.dll
  • %Program Files%\AVAST Software\Avast\aswRvrt.dll
  • %Program Files%\AVAST Software\Avast\aswSqLt.dll
  • %Program Files%\AVAST Software\Avast\aswStrm.dll
  • %Program Files%\AVAST Software\Avast\aswUtil.dll
  • %Program Files%\AVAST Software\Avast\aswW8ntf.dll
  • %Program Files%\AVAST Software\Avast\browser_pass.dll
  • %Program Files%\AVAST Software\Avast\burger_client.dll
  • %Program Files%\AVAST Software\Avast\custody.dll
  • %Program Files%\AVAST Software\Avast\event_manager.dll
  • %Program Files%\AVAST Software\Avast\event_manager_burger.dll
  • %Program Files%\AVAST Software\Avast\event_manager_er.dll
  • %Program Files%\AVAST Software\Avast\event_manager_ga.dll
  • %Program Files%\AVAST Software\Avast\event_routing.dll
  • %Program Files%\AVAST Software\Avast\event_routing_rpc.dll
  • %Program Files%\AVAST Software\Avast\features_manager.dll
  • %Program Files%\AVAST Software\Avast\ffl2.dll
  • %Program Files%\AVAST Software\Avast\fltlib_wrapper.dll
  • %Program Files%\AVAST Software\Avast\gui_cache.dll
  • %Program Files%\AVAST Software\Avast\health.dll
  • %Program Files%\AVAST Software\Avast\lim.dll
  • %Program Files%\AVAST Software\Avast\log.dll
  • %Program Files%\AVAST Software\Avast\module_lifetime.dll
  • %Program Files%\AVAST Software\Avast\network_notifications.dll
  • %Program Files%\AVAST Software\Avast\process_monitor.dll
  • %Program Files%\AVAST Software\Avast\ring_client.dll
  • %Program Files%\AVAST Software\Avast\sched.exe
  • %Program Files%\AVAST Software\Avast\serialization.dll
  • %Program Files%\AVAST Software\Avast\shepherdsync.dll
  • %Program Files%\AVAST Software\Avast\streamback.dll
  • %Program Files%\AVAST Software\Avast\tasks_core.dll
  • %Program Files%\AVAST Software\Avast\wsc.dll
  • %Program Files%\AVAST Software\Avast\wsc_proxy.exe.manifest
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswBoot.exe
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\Avast.VC140.CRT.cat
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\Avast.VC140.CRT.manifest
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-console-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-datetime-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-debug-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-errorhandling-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-file-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-file-l1-2-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-file-l2-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-handle-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-heap-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-interlocked-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-localization-l1-2-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-memory-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-namedpipe-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-processenvironment-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-processthreads-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-processthreads-l1-1-1.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-profile-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-rtlsupport-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-string-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-synch-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-synch-l1-2-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-sysinfo-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-timezone-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-util-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-conio-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-convert-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-environment-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-filesystem-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-heap-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-locale-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-math-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-multibyte-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-private-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-process-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-runtime-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-stdio-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-string-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-time-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-crt-utility-l1-1-0.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\concrt140.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\msvcp140.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\ucrtbase.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\vcruntime140.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.mfc\x86\Avast.VC140.MFC.cat
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.mfc\x86\Avast.VC140.MFC.manifest
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\avast.vc140.mfc\x86\mfc140u.dll
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\policy.14.0.avast.vc140.crt\x86\Policy.14.0.Avast.VC140.CRT.cat
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\policy.14.0.avast.vc140.crt\x86\Policy.14.0.Avast.VC140.CRT.manifest
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\policy.14.0.avast.vc140.mfc\x86\Policy.14.0.Avast.VC140.MFC.cat
  • %Program Files%\AVAST Software\Avast\setup\CRT\data\policy.14.0.avast.vc140.mfc\x86\Policy.14.0.Avast.VC140.MFC.manifest
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswHdsKe.sys
  • %Program Files%\AVAST Software\Avast\hns_tools.dll
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswKbd.sys
  • %Program Files%\AVAST Software\Avast\libcrypto-1_1.dll
  • %Program Files%\AVAST Software\Avast\libssl-1_1.dll
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswRdr2.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswMonFlt.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswRvrt.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswSP.sys
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswStm.sys
  • %Program Files%\AVAST Software\Avast\AvDump.exe
  • %Program Files%\AVAST Software\Avast\RegSvr.exe
  • %Program Files%\AVAST Software\Avast\aswRunDll.exe
  • %Program Files%\AVAST Software\Avast\AvBugReport.exe
  • %Program Files%\AVAST Software\Avast\SetupInf.exe
  • %Program Files%\AVAST Software\Avast\setup\overseer.exe
  • %Program Files%\AVAST Software\Avast\aswVmm.dll
  • %Program Files%\AVAST Software\Avast\setup\Inf\x86\aswVmm.sys
  • %Program Files%\AVAST Software\Avast\asOutExt.dll
  • %ProgramData%\AVAST Software\Avast\HtmlData\Blocked.htm
  • %ProgramData%\AVAST Software\Avast\HtmlData\image001.png
  • %Program Files%\AVAST Software\Avast\setup\AvBugReport.exe
  • %Program Files%\AVAST Software\Avast\setup\AvDump.exe
  • %Program Files%\AVAST Software\Avast\setup\instup.exe
  • %Program Files%\AVAST Software\Avast\setup\instup.dll
  • %Program Files%\AVAST Software\Avast\setup\aswOfferTool.exe
  • %Program Files%\AVAST Software\Avast\setup\sbr.exe
  • %Program Files%\AVAST Software\Avast\setup\HTMLayout.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\Sf2.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswJsFlt.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\ArPot.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\BCUEngine.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\PushPin.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\algo.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswAR.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswArray.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswCleanerDLL.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswCmnBS.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswCmnIS.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswCmnOS.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswEngin.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswFiDb.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswHds.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswRawFS.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswRep.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\aswScan.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\exts.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\fwAux.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\list_d.txt
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\swhealthex2.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\uiext.dll
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\certs.map
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_ap2.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_array.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_as.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_bank.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_cmd.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_cmd.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_dex.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_dex.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_dsign.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_dyna.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_dyna.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_el.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_elf.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_elf.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_elfa.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_elfa.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_evope.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_java.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_java.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_js.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_js.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_mx4.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_mx4.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_mx95.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_mx95.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_o7.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_o7.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_o7c.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_o7c.map
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_ob2.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_pe.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_pe.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_pe3.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_pph.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_sl.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_sl.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_snh.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_str.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_str.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_swf.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_swf.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_tx.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_u.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_w6.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_w6.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_w6c.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_w6c.map
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_wat.nmp
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_wat.sig
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_wh2.dat
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\db_xtn.map
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\def.ini
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\list_i.txt
  • %Program Files%\AVAST Software\Avast\defs\{random numbers}\engsup.exe
  • %Program Files%\Carambis\Driver Updater\imageformats\qico4.dll
  • %Program Files%\Carambis\Driver Updater\Win32\Installer.exe
  • %Program Files%\Carambis\Driver Updater\x64\Installer.exe
  • %Program Files%\Carambis\Driver Updater\dupdater.exe
  • %Program Files%\Carambis\Driver Updater\htmlayout.dll
  • %Program Files%\Carambis\Driver Updater\libcurl.dll
  • %Program Files%\Carambis\Driver Updater\QtCore4.dll
  • %Program Files%\Carambis\Driver Updater\QtGui4.dll
  • %Program Files%\Carambis\Driver Updater\QtNetwork4.dll
  • %Program Files%\Carambis\Driver Updater\QtXml4.dll
  • %Program Files%\Carambis\Driver Updater\sqlite3.dll
  • %Program Files%\Carambis\Driver Updater\uninstall.exe

自動実行方法

プログラムは、自身のコピーがWindows起動時に自動実行されるよう以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run
Driver Updater = "%Program Files%\Carambis\Driver Updater\dupdater.exe" -minimized

他のシステム変更

プログラムは、以下のレジストリキーを追加します。

HKEY_CURRENT_USER\Software\Carambis

HKEY_CURRENT_USER\Software\Carambis\
Driver Updater

HKEY_CURRENT_USER\Software\Carambis\
Driver Updater\generalSettings

HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software

HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software\
Avast

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater

プログラムは、以下のレジストリ値を追加します。

HKEY_CURRENT_USER\Software\Carambis\
Driver Updater\generalSettings
scanAtStartupEnabled = true

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
DisplayName = Carambis Driver Updater

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
InstallLocation = %Program Files%\Carambis\Driver Updater

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
DisplayIcon = %Program Files%\Carambis\Driver Updater\dupdater.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
Publisher = ROSTPAY LTD

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
RegCompany = Carambis

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
HelpLink =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
URLInfoAbout =

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
DisplayVersion = 2.4.4.4634

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
UninstallString = %Program Files%\Carambis\Driver Updater\uninstall.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
NoModify = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
NoRepair = 1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
Driver Updater
Comments = ROSTPAY LTD. All rights reserved.

HKEY_CURRENT_USER\Software\Carambis\
Driver Updater\generalSettings
launchProgramAtStartupEnabled = true

HKEY_CURRENT_USER\Software\Carambis\
Driver Updater
partnerId = multilang

その他

プログラムは、以下の不正なWebサイトにアクセスします。

  • http://a.{BLOCKED}is.com/program_downloader.php
  • http://du7.{BLOCKED}is.com/DriverUpdaterSetupA-2.4.4.4634.exe

  対応方法

対応検索エンジン: 9.850
SSAPI パターンバージョン: 2.205.00
SSAPI パターンリリース日: 2019年8月15日

手順 1

Windows XP、Windows Vista および Windows 7 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。

手順 2

このマルウェアもしくはアドウェア等の実行により、手順中に記載されたすべてのファイル、フォルダおよびレジストリキーや値がコンピュータにインストールされるとは限りません。インストールが不完全である場合の他、オペレーティングシステム(OS)の条件によりインストールがされない場合が考えられます。手順中に記載されたファイル/フォルダ/レジストリ情報が確認されない場合、該当の手順の操作は不要ですので、次の手順に進んでください。

手順 3

Windowsをセーフモードで再起動します。

[ 詳細 ]

手順 4

自身のアンインストールオプションを使用し、「PUA.Win32.Bundler.AI」を削除します。

[ 詳細 ]
マルウェアのプロセスの削除

手順 5

コンピュータを通常モードで再起動し、最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、「PUA.Win32.Bundler.AI」と検出したファイルの検索を実行してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。


ご利用はいかがでしたか? アンケートにご協力ください