Trojan.TweakBit

by ezclean posted Feb 17, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

Trojan.TweakBit


*file
C:\windows\System32\Tasks\TweakBit\PCSpeedUp\Time for deal
C:\windows\System32\Tasks\TweakBit\PCSpeedUp\Start PCSpeedUp оn logon
C:\windows\System32\Tasks\TweakBit\PCCleaner\Start PCCleaner оn logon
C:\windows\System32\Tasks\TweakBit\PCCleaner\Start PCCleaner automatic scanning
C:\Users\{USERNAME}\Desktop\TweakBit PCSpeedUp.lnk
C:\Users\{USERNAME}\Desktop\TweakBit PCCleaner.lnk
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCSpeedUp\TweakBit PC SpeedUp.lnk
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCSpeedUp\TweakBit PC SpeedUp on the Web.url
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCCleaner\TweakBit PC Cleaner.lnk
C:\ProrogramData\Microsoft\Windows\Start Menu\Programs\TweakBit\PCCleaner\TweakBit PC Cleaner on the Web.url


*reg_key
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\tweakbit.com
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.tweakbit.com
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\tweakbit.com
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.tweakbit.com
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{075A0E87-55CF-4CD8-A7DB-4252CD73C3DD}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B3AE896-5A1D-4C50-B57C-6BF8F08DB98E}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A5A2FCF-D977-4D4D-A744-561673C99B03}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4155716-FDFD-46DD-90E1-5894202C1402}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit
 

11111.png

 

 

 

TAG •
위로 아래로 댓글로 가기 인쇄