Trojan.TweakBit
* registry path
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tweakbit.com
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.tweakbit.com
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tweakbit.com
HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.tweakbit.com
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{075A0E87-55CF-4CD8-A7DB-4252CD73C3DD}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B3AE896-5A1D-4C50-B57C-6BF8F08DB98E}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A5A2FCF-D977-4D4D-A744-561673C99B03}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4155716-FDFD-46DD-90E1-5894202C1402}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit
* files path
C\Windows\System32\Tasks\TweakBit\PCSpeedUp\Time for deal
C\Windows\System32\Tasks\TweakBit\PCSpeedUp\Start PCSpeedUp оn logon
C\Windows\System32\Tasks\TweakBit\PCCleaner\Start PCCleaner оn logon
C\Windows\System32\Tasks\TweakBit\PCCleaner\Start PCCleaner automatic scanning
C\Users\Ad\Desktop\TweakBit PCSpeedUp.lnk
C\Users\Ad\Desktop\TweakBit PCCleaner.lnk
C\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCSpeedUp\TweakBit PC SpeedUp.lnk
C\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCSpeedUp\TweakBit PC SpeedUp on the Web.url
C\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCCleaner\TweakBit PC Cleaner.lnk
C\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCCleaner\TweakBit PC Cleaner on the Web.url
|
|