Adware.AnySend
*file
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnySend\AnySend.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnySend\AnySend Show Tutorial.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\SendTo\AnySend.lnk
C:\Users\{USERNAME}\AppData\Roaming\AnySend\VidPlays.dat
C:\Users\{USERNAME}\AppData\Roaming\AnySend\AnySend.ini
C:\Users\{USERNAME}\AppData\Local\nsx1489.tmp
C:\ProgramData\AnySend\Vids.dat
C:\ProgramData\AnySend\EmailChecks.dat
C:\ProgramData\AnySend\AnySend.DB
C:\ProgramData\AnySend\ann.dat
C:\Program Files\AnySend\upnp.dll
C:\Program Files\AnySend\libcef.dll
C:\Program Files\AnySend\LastVersion
C:\Program Files\AnySend\icudt.dll
C:\Program Files\AnySend\AnySendUI.exe
C:\Program Files\AnySend\AnySendSvc.exe
C:\Program Files\AnySend\AnySendShellExtension.dll
C:\Program Files\AnySend\anysend.guid
*reg_key
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{61628E2A-4FF9-4454-992D-D92A8CD27399}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{61628E2A-4FF9-4454-992D-D92A8CD27399}
HKLM\SOFTWARE\AnySend
HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AnySend
HKLM\SOFTWARE\Classes\AnySend.Connect
HKLM\SOFTWARE\Classes\AnySend.Connect.1
HKLM\SOFTWARE\Classes\CLSID\{61628E2A-4FF9-4454-992D-D92A8CD27399}
HKLM\SOFTWARE\Classes\TypeLib\{7BFFA5F9-047F-4732-93B5-B9FE731DE96D}
HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\AnySend
HKLM\SOFTWARE\Classes\Installer\Products\FEEB8747424601D48A2B3A21A6792C5D
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61628E2A-4FF9-4454-992D-D92A8CD27399}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FolderTypes\{94d6ddcc-4a68-4175-a374-bd584a510b78}\TasksNoItemsSelected\0\{E62B1C26-6A93-4f32-9115-FEB90FE0ABB5}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\03B1FD3D9EB1B7258BA823782D8AC1F2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F513C3EAFB34385396D93AABEA92496
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8B71494166839950940A644E713021C
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FEEB8747424601D48A2B3A21A6792C5D
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{61628E2A-4FF9-4454-992D-D92A8CD27399}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7478BEEF-6424-4D10-A8B2-A3126A97C2D5}
HKLM\SYSTEM\CurrentControlSet\Services\AnySendService
HKLM\SOFTWARE\Classes\Interface\{AF31E0EB-48CF-4A3B-893F-E999A0E29944}
*reg_val
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | AnySend User Interface
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {DDE74799-1548-4DA3-88EB-2E3C76EBA0AC}
HKCU\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions | {61628E2A-4FF9-4454-992D-D92A8CD27399}
검사
EzClean (이지클린) - "멀웨어 검사"란? (adsbygoogle = window.adsbygoogle || []).push({}); 이지클린(EzClean) 다운받기 과거에는 실력을 과시하기 위해 컴퓨터 바이러스를 이용해 정상 파일들을 손상시켰다면 지
www.ezclean.info
'PC tips > 멀웨어 정보' 카테고리의 다른 글
| PUP.Monterix (0) | 2021.05.01 |
|---|---|
| PUP.MaxUnInstaller (0) | 2021.04.30 |
| Trojan. KGBKeyLogger (0) | 2021.04.28 |
| Trojan. CalculatemPro (0) | 2021.04.27 |
| Adware.LiveSupport (0) | 2021.04.26 |
