Trojan.ShopForRewards
* registry path
hcu_key\software\microsoft\internet explorer\stats\{bf883488-0379-470e-8bf2-c5d1f3828428}
hlm_key\%c%\clsid\{787d3f9b-69c6-427c-bf55-4419f932474a}
hlm_key\%c%\clsid\{7d8dae88-bc05-4578-8c29-e541ffba5757}
hlm_key\%c%\extension.ehlpo
hlm_key\%c%\extension.ehlpo.1
hlm_key\%x%\uninstall\{bf883488-0379-470e-8bf2-c5d1f3828428}_is1
hlm_key\software\shop for rewards
hlm_key\software\wow6432node\shop for rewards
hlm_key\system\currentcontrolset\services\shop for rewards updater
hlm_key\software\microsoft\windows nt\currentversion\schedule\taskcache\tasks\{f78f8ba7-da85-4270-a7b0-5c5a7a347297}
hlm_val\software\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
hlm_val\software\wow6432node\mozilla\firefox\extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
hcu_val\software\microsoft\internet explorer\approved extensions:{bf883488-0379-470e-8bf2-c5d1f3828428}
* files path
C\Program Files\Shop For Rewards\Firefox\{BF883488-0379-470e-8BF2-C5D1F3828428}.xpi
C\Program Files\Shop For Rewards\vbsprn64.exe
C\Program Files\Shop For Rewards\unins000.exe
C\Program Files\Shop For Rewards\unins000.dat
C\Program Files\Shop For Rewards\tree.js
C\Program Files\Shop For Rewards\stc.bat
C\Windows\System32\Tasks\SrvDaily
C\Program Files\Shop For Rewards\Firefox\chrome\locale\en-US\overlay.dtd
C\Program Files\Shop For Rewards\Firefox\chrome\skin\overlay.css
C\Program Files\Shop For Rewards\nfregdrv32.exe
C\Program Files\Shop For Rewards\Firefox\chrome\content\main.xul
C\Program Files\Shop For Rewards\Firefox\chrome\content\main.js
C\Program Files\Shop For Rewards\resources\LocalScript.js
C\Program Files\Shop For Rewards\Firefox\chrome\content\resources\LocalScript.js
C\Program Files\Shop For Rewards\jvwn64.dll
C\Program Files\Shop For Rewards\jvhk64.dll
C\Program Files\Shop For Rewards\jvdr64.dll
C\Program Files\Shop For Rewards\istrhr.dll
C\Program Files\Shop For Rewards\Firefox\install.rdf
C\Program Files\Shop For Rewards\Firefox\icon.png
C\Program Files\Shop For Rewards\gvnj64.dll
C\Program Files\Shop For Rewards\gtnm.exe
C\Program Files\Shop For Rewards\Firefox\defaults\preferences\defaults.js
C\Program Files\Shop For Rewards\libraries\DataExchangeScript.js
C\Program Files\Shop For Rewards\Firefox\chrome\content\libraries\DataExchangeScript.js
C\Program Files\Shop For Rewards\Firefox\chrome.manifest
C\Program Files\Shop For Rewards\Firefox\chrome\skin
C\Program Files\Shop For Rewards\Firefox\chrome\content\resources
C\Program Files\Shop For Rewards\resources
C\Program Files\Shop For Rewards\Firefox\defaults\preferences
C\Program Files\Shop For Rewards\Firefox\chrome\locale
C\Program Files\Shop For Rewards\Firefox\chrome\content\libraries
C\Program Files\Shop For Rewards\libraries
C\Program Files\Shop For Rewards\Firefox
C\Program Files\Shop For Rewards\Firefox\chrome\locale\en-US
C\Program Files\Shop For Rewards\Firefox\defaults
C\Program Files\Shop For Rewards\Firefox\chrome\content
C\Program Files\Shop For Rewards\Firefox\chrome
C\Program Files\Shop For Rewards
|
|