PUP.HohoSearch, Popfreeka

by ezclean posted Jan 28, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

PUP.HohoSearch

 

*file
C:\windows\System32\tasks\coacuiedclernege module
C:\Prorogram files\ckotersequzight\vercolystecuyconfiguration.dll
C:\Prorogram files\ckotersequzight\coacuiedclernegemodulejedeentsherwusy.exe
C:\Prorogram files\ckotersequzight\coacuiedclernegemoduleanaferchatinay.exe
 

*reg_key
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\{c5dad85a-d01e-440d-894f-6adbc2135255}
HKLM\system\currentcontrolset\services\coacuiedclernegemodulejedeentsherwusy.exe
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{39b600c2-d2f0-434d-b244-db10ef464d4a}
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\coacuiedclernege module


PUP.Popfreeka


*file
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\unins000.exe
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\unins000.dat
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\timeadd.dll
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\task.xml
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\popfreeka_dll.dll
C:\Users\{USERNAME}\appdata\Roaming\popfreeka\popfreeka.exe

 

*reg_key
HKCU\software\popfreeka
HKLM\software\microsoft\windows\currentversion\uninstall\{e0783fdd-b6f1-4bcd-b5b4-52095bac669f}_is1
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{fb73ce78-6df7-43c0-bc6d-4a8a594eabcd}
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\popfreeka

 

11111.png

 

TAG •
위로 아래로 댓글로 가기 인쇄