Опити (107)


http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=BrowserModifier%3aWin32%2fDiplugem&threatid=213571

Пораженията, наричани изменен браузър, са гредичката, с която остана да се борим от края на учебната година.

Днес „хванах“ един от компютрите, на който само това беше заплаха, съответно само заради горното описание се наложи рестартиране и повторно сканиране.
Не знам обаче дали стигнах до повторното сканиране точно на тази машина.

Със сигурност бяха с 0 заплахи:
z01-wks-11
z01-wks-21
z01-wks-22
z01-wks-23
z01-wks-29
z01-wks-33
Повторно сканиране успях да стартирам на:
z01-wks-12
z01-wks-26
z01-wks-27
z01-wks-30

http://malwarefixes.com/threats/browsermodifierwin32defaulttab/

BrowserModifier:Win32/DefaultTab is a type of potentially unwanted program that may install other threats when run into the computer. This is a name given by Microsoft Security Software to identify computer threat that is linked to adware or PUP. Unwanted programs are software that intends to implicate changes on the computer or browser without asking for user’s approval. In this case, BrowserModifier:Win32/DefaultTab may install other adware, toolbars, browser redirect, and hijack the home page of affected browser.
Threat behavior
Installation

BrowserModifier:Win32/DefaultTab files and codes can be acquired by user from ranges of sources. Malicious links, spam email messages, or Peer-to-peer connection can lead to the infection. It may also be dropped onto your PC by threats like Trojans, viruses, or malware.
Payload

When BrowserModifier:Win32/DefaultTab is present on the computer, it will make various changes. In particular, potentially unwanted programs are targeting Internet browsers like Internet Explorer, Google Chrome, and Mozilla Firefox. Changes will be carried out by BrowserModifier:Win32/DefaultTab by adding add-on, extension, or plug-in. This may result to the integration of toolbar or unknown search engine.
Symptoms

Aside from mentioned changes on the PC, BrowserModifier:Win32/DefaultTab also installs files and folders. It can also make registry changes to load itself during Windows start-up.

Presence of the following files indicates that computer is infected with BrowserModifier:Win32/DefaultTab:
%ProgramFiles% \DefaultTab
%APPDATA% \Roaming\DefaultTab
%APPDATA% \Roaming\Mozilla\Firefox\Profiles\.default\extensions\addon@defaulttab.com.xpi
\GroupPolicy\User\Registry.pol
%ALLUSERSPROFILE% \ntuser.pol
How can you remove BrowserModifier:Win32/DefaultTab?

Вашият коментар

Попълнете полетата по-долу или кликнете върху икона, за да влезете:

WordPress.com лого

You are commenting using your WordPress.com account. Log Out / Промяна )

Twitter picture

You are commenting using your Twitter account. Log Out / Промяна )

Facebook photo

You are commenting using your Facebook account. Log Out / Промяна )

Google+ photo

You are commenting using your Google+ account. Log Out / Промяна )

Connecting to %s