[Trojan] ShopForRewards

by gratolab posted Jul 18, 2016
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

 

Trojan.ShopForRewards

 

 

* registry path

 

hcu_key\software\microsoft\internet explorer\stats\{bf883488-0379-470e-8bf2-c5d1f3828428}
hlm_key\%c%\clsid\{787d3f9b-69c6-427c-bf55-4419f932474a}
hlm_key\%c%\clsid\{7d8dae88-bc05-4578-8c29-e541ffba5757}
hlm_key\%c%\extension.ehlpo
hlm_key\%c%\extension.ehlpo.1
hlm_key\%x%\uninstall\{bf883488-0379-470e-8bf2-c5d1f3828428}_is1
hlm_key\software\shop for rewards
hlm_key\software\wow6432node\shop for rewards
hlm_key\system\currentcontrolset\services\shop for rewards updater
hlm_key\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{f78f8ba7-da85-4270-a7b0-5c5a7a347297}
hlm_val\software\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
hlm_val\software\wow6432node\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
hcu_val\software\microsoft\internet explorer\approved extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}

 

* files path

 

C\Program Files\Shop For Rewards\Firefox\{BF883488-0379-470e-8BF2-C5D1F3828428}.xpi
C\Program Files\Shop For Rewards\vbsprn64.exe
C\Program Files\Shop For Rewards\unins000.exe
C\Program Files\Shop For Rewards\unins000.dat
C\Program Files\Shop For Rewards\tree.js
C\Program Files\Shop For Rewards\stc.bat
C\Windows\System32\Tasks\SrvDaily
C\Program Files\Shop For Rewards\Firefox\chrome\locale\en-US\overlay.dtd
C\Program Files\Shop For Rewards\Firefox\chrome\skin\overlay.css
C\Program Files\Shop For Rewards\nfregdrv32.exe
C\Program Files\Shop For Rewards\Firefox\chrome\content\main.xul
C\Program Files\Shop For Rewards\Firefox\chrome\content\main.js
C\Program Files\Shop For Rewards\resources\LocalScript.js
C\Program Files\Shop For Rewards\Firefox\chrome\content\resources\LocalScript.js
C\Program Files\Shop For Rewards\jvwn64.dll
C\Program Files\Shop For Rewards\jvhk64.dll
C\Program Files\Shop For Rewards\jvdr64.dll
C\Program Files\Shop For Rewards\istrhr.dll
C\Program Files\Shop For Rewards\Firefox\install.rdf
C\Program Files\Shop For Rewards\Firefox\icon.png
C\Program Files\Shop For Rewards\gvnj64.dll
C\Program Files\Shop For Rewards\gtnm.exe
C\Program Files\Shop For Rewards\Firefox\defaults\preferences\defaults.js
C\Program Files\Shop For Rewards\libraries\DataExchangeScript.js
C\Program Files\Shop For Rewards\Firefox\chrome\content\libraries\DataExchangeScript.js
C\Program Files\Shop For Rewards\Firefox\chrome.manifest
C\Program Files\Shop For Rewards\Firefox\chrome\skin
C\Program Files\Shop For Rewards\Firefox\chrome\content\resources
C\Program Files\Shop For Rewards\resources
C\Program Files\Shop For Rewards\Firefox\defaults\preferences
C\Program Files\Shop For Rewards\Firefox\chrome\locale
C\Program Files\Shop For Rewards\Firefox\chrome\content\libraries
C\Program Files\Shop For Rewards\libraries
C\Program Files\Shop For Rewards\Firefox
C\Program Files\Shop For Rewards\Firefox\chrome\locale\en-US
C\Program Files\Shop For Rewards\Firefox\defaults
C\Program Files\Shop For Rewards\Firefox\chrome\content
C\Program Files\Shop For Rewards\Firefox\chrome
C\Program Files\Shop For Rewards
TAG •
위로 아래로 댓글로 가기 인쇄

Articles

1 2 3 4 5 6 7 8 9 10