Home 악성코드 해결
뷰어로 보기
2021.01.12 09:03

PUP.DealPly, MinerGate

ezclean
조회 수 87 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

PUP. DealPly

 

*file
C:\windows\tasks\dealplyliveupdatetaskmachinecore.job
C:\program files\dealplylive\update\1.3.23.0\psuser.dll
C:\program files\dealplylive\update\1.3.23.0\psmachine.dll
C:\program files\dealplylive\update\1.3.23.0\npgoogleupdate3.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_zh-tw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_zh-cn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_vi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ur.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_uk.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_tr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_th.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_te.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ta.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sv.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sk.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ru.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ro.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pt-pt.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pt-br.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_no.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_nl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ms.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_mr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ml.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_lv.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_lt.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ko.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_kn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ja.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_iw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_it.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_is.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_id.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hu.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_gu.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fil.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fa.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_et.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_es.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_es-419.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_en.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_en-gb.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_el.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_de.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_da.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_cs.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ca.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_bn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_bg.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ar.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_am.dll
C:\program files\dealplylive\update\1.3.23.0\goopdate.dll
C:\program files\dealplylive\update\1.3.23.0\dealplyliveondemand.exe
C:\program files\dealplylive\update\1.3.23.0\dealplylivebroker.exe
C:\program files\dealplylive\update\dealplylive.exe

*reg_keys
HKCU\software\dealplylive
HKLM\software\classes\appid\{80fabb17-63af-4655-9f07-b6509ee37af2}
HKLM\software\classes\appid\{f48fc5b2-094a-44c7-b48c-289738c9582d}
HKLM\software\classes\appid\dealplylive.exe
HKLM\software\classes\clsid\{0d89de71-3d99-4288-84dc-f18f1047a7d8}
HKLM\software\classes\clsid\{1e0c9b2a-6447-452c-b012-2314a0c29412}
HKLM\software\classes\clsid\{34a8ceb6-89bb-49f1-b5e4-0d0d6c21f3b1}
HKLM\software\classes\clsid\{3a4dbd3a-98cc-41ce-ad21-352d42b6f754}
HKLM\software\classes\clsid\{4f8a50f6-69de-4be3-a33a-a1079b9ac0db}
HKLM\software\classes\clsid\{501cb57a-d4e2-4855-96ad-edb0a9083395}
HKLM\software\classes\clsid\{6ff2c4dd-77a4-4bb5-ba4c-b42defbf9137}
HKLM\software\classes\clsid\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\classes\clsid\{80fabb17-63af-4655-9f07-b6509ee37af2}
HKLM\software\classes\clsid\{83aba270-8390-4ca6-ae48-fc089f55629e}
HKLM\software\classes\clsid\{8b218a5f-1a3d-4347-94ef-a79575eb8094}
HKLM\software\classes\clsid\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\classes\clsid\{9bdb5e09-4bba-4422-8c2b-529b281c32b8}
HKLM\software\classes\clsid\{c536f080-57b7-46d6-8894-c647553f2889}
HKLM\software\classes\clsid\{ca5d945f-e738-4d0b-a0b5-25ac51c64659}
HKLM\software\classes\clsid\{f48fc5b2-094a-44c7-b48c-289738c9582d}
HKLM\software\classes\clsid\{f7698761-4aba-45c2-a5bb-d2163922c725}
HKLM\software\classes\clsid\{ffcc53e6-2655-47fc-a89b-54e8d7f305d1}
HKLM\software\classes\dealplylive.oneclickctrl.9
HKLM\software\classes\dealplylive.oneclickprocesslaunchermachine
HKLM\software\classes\dealplylive.oneclickprocesslaunchermachine.1.0
HKLM\software\classes\dealplylive.update3webcontrol.3
HKLM\software\classes\dealplyliveupdate.cocreateasync
HKLM\software\classes\dealplyliveupdate.cocreateasync.1.0
HKLM\software\classes\dealplyliveupdate.coreclass
HKLM\software\classes\dealplyliveupdate.coreclass.1
HKLM\software\classes\dealplyliveupdate.coremachineclass
HKLM\software\classes\dealplyliveupdate.coremachineclass.1
HKLM\software\classes\dealplyliveupdate.credentialdialogmachine
HKLM\software\classes\dealplyliveupdate.credentialdialogmachine.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachine
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachine.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachinefallback
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclasssvc
HKLM\software\classes\dealplyliveupdate.ondemandcomclasssvc.1.0
HKLM\software\classes\dealplyliveupdate.processlauncher
HKLM\software\classes\dealplyliveupdate.processlauncher.1.0
HKLM\software\classes\dealplyliveupdate.update3comclassservice
HKLM\software\classes\dealplyliveupdate.update3comclassservice.1.0
HKLM\software\classes\dealplyliveupdate.update3webmachine
HKLM\software\classes\dealplyliveupdate.update3webmachine.1.0
HKLM\software\classes\dealplyliveupdate.update3webmachinefallback
HKLM\software\classes\dealplyliveupdate.update3webmachinefallback.1.0
HKLM\software\classes\dealplyliveupdate.update3websvc
HKLM\software\classes\dealplyliveupdate.update3websvc.1.0
HKLM\software\classes\interface\{066d89e6-b457-4a57-888a-b0aeb11d5bf1}
HKLM\software\classes\interface\{0e8990f4-2fc9-403c-883b-535d6271e740}
HKLM\software\classes\interface\{1644e2e1-e15e-4e9e-9b25-5668536dd6a7}
HKLM\software\classes\interface\{2ba83048-8b7c-4186-843b-d97fc1a6ae95}
HKLM\software\classes\interface\{469960f8-8172-4386-bbb1-df3590027d58}
HKLM\software\classes\interface\{753c5ed0-b9ab-4f1e-8dac-668e701ca569}
HKLM\software\classes\interface\{80995911-5cf2-483f-a260-c736e8d0c691}
HKLM\software\classes\interface\{821ed2b3-866e-4177-870e-52d995d123d0}
HKLM\software\classes\interface\{9b4e4bf6-9346-4969-8428-c3cb81cd7a30}
HKLM\software\classes\interface\{9bac5a3b-33fd-4db9-a4f1-b749498d4017}
HKLM\software\classes\interface\{a6670033-7a4b-4f59-b8a9-a7cebf3ce960}
HKLM\software\classes\interface\{b1285825-f24f-4651-9f8a-2012460ad2fc}
HKLM\software\classes\interface\{b3d38ae9-c808-4811-8417-f114839d6392}
HKLM\software\classes\interface\{b8e64931-27ef-42bc-af3b-0e2b25d17567}
HKLM\software\classes\interface\{be952bdf-6fdf-4a62-b318-e15d4487a2ef}
HKLM\software\classes\interface\{c0233f6c-3110-4aea-a798-c81da43ced9e}
HKLM\software\classes\interface\{cc5b7648-aaf8-4642-b53d-b7b5e4ae7241}
HKLM\software\classes\interface\{d325b617-d6f9-4c72-90b2-a38e6d15c16e}
HKLM\software\classes\interface\{df51ad29-5239-441a-b921-e655c8162060}
HKLM\software\classes\interface\{e515494b-7548-462a-b7e7-a3e6f8c4899c}
HKLM\software\classes\interface\{e9ecfff9-2011-439f-92eb-be145acd87da}
HKLM\software\classes\interface\{fbb92627-0daa-4b69-97cc-9879236fe039}
HKLM\software\classes\installer\products\93bad29ac2e44034a96bcb446eb8552e
HKLM\software\dealplylive
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{c536f080-57b7-46d6-8894-c647553f2889}
HKLM\software\microsoft\windows\currentversion\ext\preapproved\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\windows\currentversion\ext\preapproved\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\windows\currentversion\ext\stats\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\windows\currentversion\ext\stats\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\93bad29ac2e44034a96bcb446eb8552e
HKLM\software\microsoft\windows\currentversion\uninstall\{a92dab39-4e2c-4304-9ab6-bc44e68b55e2}
HKLM\software\microsoft\windows nt\currentversion\image file execution options\dealplylive.exe
HKLM\software\mozillaplugins\@tools.dpliveupdate.com/dealplylive update;version=3
HKLM\software\mozillaplugins\@tools.dpliveupdate.com/dealplylive update;version=9
HKLM\system\currentcontrolset\services\dealplylive
HKLM\system\currentcontrolset\services\dealplylivem
HKLM\software\classes\mime\database\content type\application/x-vnd.dpliveupdate.oneclickctrl.9
HKLM\software\classes\mime\database\content type\application/x-vnd.dpliveupdate.update3webcontrol.3
 

 

PUP.MinerGate


*file
C:\users\public\Desktop\minergate.lnk
C:\programdata\microsoft\windows\start menu\programs\minergate\uninstall.lnk
C:\programdata\microsoft\windows\start menu\programs\minergate\minergate.lnk
C:\program files\minergate\uninstall.exe
C:\program files\minergate\minergate.exe
C:\programdata\microsoft\windows\start menu\programs\minergate
C:\program files\minergate

*reg_key
HKLM\software\microsoft\windows\currentversion\uninstall\minergate
HKLM\software\minergate inc
 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
79 FVPlus 광고창 삭제 file ezclean 2018.10.26 738
78 MultiCodec 팝업창 생성 해결 방법 file ezclean 2018.11.08 684
77 KMPHelper 1.0 광고창 삭제 file ezclean 2018.10.13 681
76 Adware.Ebuyer, SmartCloud file ezclean 2021.01.04 663
75 searchlike 인터넷 광고 삭제 방법 file ezclean 2018.09.10 660
74 PUP.Bestsocialfeed, CCleaner file ezclean 2020.11.25 645
73 Trojan.ImageCropResize file ezclean 2021.04.05 615
72 KMCodec 광고 삭제 file ezclean 2018.09.20 611
71 PSWTool.Ophcrack file ezclean 2021.03.09 609
70 KeyPang version 1.0 광고 삭제 방법 file ezclean 2018.12.27 596
69 Adware.MovieDea file ezclean 2021.03.31 570
68 Trojan.KaZaA file ezclean 2021.03.19 561
67 PUP.Super Radio file ezclean 2021.04.26 543
66 PUP.Vertech file ezclean 2021.03.08 509
65 PUP.WNEn Browser Enhancer file ezclean 2021.04.21 507
64 PUP. lyoness Cashback file ezclean 2021.03.18 488
63 PUP.MaxUnInstaller, Monterix file ezclean 2020.12.08 482
62 PUP.Tuto4PC file ezclean 2021.03.03 476
61 Adware.hmrl file ezclean 2021.04.15 439
60 PUP.PCPowerSpeed, GetMyDrivers file ezclean 2020.11.27 422
쓰기
Board Pagination Prev 1 ... 3 4 5 6 7 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송