Trojan.TCClock
* Registry path
hcu_key\SOFTWARE\Microsoft\Windows\CurrentVersion\Run:TCClock
* Files path
C\Users\Ad\AppData\Roaming\RAF\coffeeclock\TCC-ClockFace.exe
C\Users\Ad\AppData\Roaming\RAF\coffeeclock\TCCalEvents.exe
C\Users\Ad\AppData\Roaming\RAF\coffeeclock\TCClock.exe
C\Users\Ad\AppData\Roaming\RAF\coffeeclock\TCCtrans.exe
PUP.Heinote
* Registry path
HKEY_CURRENT_USER\Software\Heinote\UpdateChecker
HKEY_CURRENT_USER\Software\Heinote\update
* Files path
C\Users\TEST\AppData\Roaming\Heinote\mininewsxhtt.exe
C\Users\TEST\AppData\Roaming\Heinote\hntpop3.exe
C\Users\TEST\AppData\Roaming\Heinote\hntips.exe
C\Program Files\Heinote\upgrade.exe
C\Users\TEST\AppData\Roaming\Heinote
|
|