PUP.ScrollUp, YesSearches

by ezclean posted Nov 20, 2020
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

PUP.ScrollUp

 

*file
c:\users\{USERNAME}\desktop\scrollup_setup_1.exe
c:\program files\software\scrollup\unins000.dat
c:\program files\software\scrollup\scrollup.exe
c:\program files\software\scrollup\unins000.exe
c:\program menu\scrollup\software\scrollup.lnk
 
*reg_key
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{fd2cb11f-5d65-410e-9569-ce67e83fbe72}_is1
 

PUP.YesSearches

 

*file
C:\Program Files\Jejochclipasp\jjcscheduleservice.exe
C:\Program Files\Jejochclipasp\jjcscheduletask.exe
C:\Program Files\Jejochclipasp\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
C:\Program Files\yesbnd\conf.json
C:\Program Files\yesbnd\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi
C:\Program Files\yesbnd\Uninst.exe
C:\Program Files\yesbnd\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
C:\Program Files\yesbnd\arogegh.exe
C:\Program Files\yesbnd\CCeuter.exe
C:\Program Files\yesbnd\FFeuter.exe
C:\Program Files\yesbnd\mbat.exe
C:\Windows\System32\Tasks\Jejochclipasp Schedule
C:\Users\{USERNAME}\AppData\Local\3810282d-6c19-47b0-8283-5C6C29A7E108\Default\Secure Preferences
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\chrome_shutdown_ms.txt
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\First Run
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Local State
C:\Users\{USERNAME}\AppData\Local\3810282d-6c19-47B0-8283-5C6C29A7E108\Safe Browsing Bloom
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\safe browsing Bloom Prefix Set
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Cookies
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Cookies-journal
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Csd Whitelist
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Download
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Download Whitelist
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Extension Blacklist
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing Inclusion Whitelist
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing IP Blacklist
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing UwS List
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Safe Browsing UwS List Prefix Set
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Crashpad\metadata
C:\Users\{USERNAME}\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108\Crashpad\settings.dat

*reg_key
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Bugreport
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\jjcscheduleservice
HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{88210fd6-28c7-4aa9-BC2C-5E3154354AC9}
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Jejochclipasp Schedule
HKLM\SOFTWARE\yessearchesSoftware
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\UNINSTALL - OBS
HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
HKCU\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}
 

11111.png

 

 

 

 

 

 

 

 

 

 

TAG •
위로 아래로 댓글로 가기 인쇄