Trojan.ShopForRewards

by ezclean posted Feb 18, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

Trojan.ShopForRewards
 

*file
C:\Prorogram Files\Shop For Rewards\Firefox\{BF883488-0379-470e-8BF2-C5D1F3828428}.xpi
C:\Prorogram Files\Shop For Rewards\vbsprn64.exe
C:\Prorogram Files\Shop For Rewards\unins000.exe
C:\Prorogram Files\Shop For Rewards\unins000.dat
C:\Prorogram Files\Shop For Rewards\tree.js
C:\Prorogram Files\Shop For Rewards\stc.bat
C:\windows\System32\Tasks\SrvDaily
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\locale\en-US\overlay.dtd
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\skin\overlay.css
C:\Prorogram Files\Shop For Rewards\nfregdrv32.exe
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\content\main.xul
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\content\main.js
C:\Prorogram Files\Shop For Rewards\resources\LocalScript.js
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\content\resources\LocalScript.js
C:\Prorogram Files\Shop For Rewards\jvwn64.dll
C:\Prorogram Files\Shop For Rewards\jvhk64.dll
C:\Prorogram Files\Shop For Rewards\jvdr64.dll
C:\Prorogram Files\Shop For Rewards\istrhr.dll
C:\Prorogram Files\Shop For Rewards\Firefox\install.rdf
C:\Prorogram Files\Shop For Rewards\Firefox\icon.png
C:\Prorogram Files\Shop For Rewards\gvnj64.dll
C:\Prorogram Files\Shop For Rewards\gtnm.exe
C:\Prorogram Files\Shop For Rewards\Firefox\defaults\preferences\defaults.js
C:\Prorogram Files\Shop For Rewards\libraries\DataExchangeScript.js
C:\Prorogram Files\Shop For Rewards\Firefox\chrome\content\libraries\DataExchangeScript.js
 

*reg_key
HKCU\software\microsoft\internet explorer\stats\{bf883488-0379-470e-8bf2-c5d1f3828428}
HKLM\SOFTWARE\Classes\clsid\{787d3f9b-69c6-427c-bf55-4419f932474a}
HKLM\SOFTWARE\Classes\clsid\{7d8dae88-bc05-4578-8c29-e541ffba5757}
HKLM\SOFTWARE\Classes\extension.ehlpo
HKLM\SOFTWARE\Classes\extension.ehlpo.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\{bf883488-0379-470e-8bf2-c5d1f3828428}_is1
HKLM\software\shop for rewards
HKLM\software\wow6432node\shop for rewards
HKLM\system\currentcontrolset\services\shop for rewards updater
HKLM\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{f78f8ba7-da85-4270-a7b0-5c5a7a347297}
HKLM\software\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
HKLM\software\wow6432node\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
HKCU\software\microsoft\internet explorer\approved extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}

 

11111.png

 

TAG •
위로 아래로 댓글로 가기 인쇄