Home 악성코드 해결
뷰어로 보기
2021.01.12 09:03

PUP.DealPly, MinerGate

ezclean
조회 수 87 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

PUP. DealPly

 

*file
C:\windows\tasks\dealplyliveupdatetaskmachinecore.job
C:\program files\dealplylive\update\1.3.23.0\psuser.dll
C:\program files\dealplylive\update\1.3.23.0\psmachine.dll
C:\program files\dealplylive\update\1.3.23.0\npgoogleupdate3.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_zh-tw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_zh-cn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_vi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ur.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_uk.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_tr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_th.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_te.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ta.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sv.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_sk.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ru.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ro.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pt-pt.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pt-br.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_pl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_no.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_nl.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ms.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_mr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ml.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_lv.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_lt.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ko.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_kn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ja.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_iw.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_it.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_is.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_id.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hu.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_hi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_gu.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fr.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fil.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fi.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_fa.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_et.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_es.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_es-419.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_en.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_en-gb.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_el.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_de.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_da.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_cs.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ca.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_bn.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_bg.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_ar.dll
C:\program files\dealplylive\update\1.3.23.0\goopdateres_am.dll
C:\program files\dealplylive\update\1.3.23.0\goopdate.dll
C:\program files\dealplylive\update\1.3.23.0\dealplyliveondemand.exe
C:\program files\dealplylive\update\1.3.23.0\dealplylivebroker.exe
C:\program files\dealplylive\update\dealplylive.exe

*reg_keys
HKCU\software\dealplylive
HKLM\software\classes\appid\{80fabb17-63af-4655-9f07-b6509ee37af2}
HKLM\software\classes\appid\{f48fc5b2-094a-44c7-b48c-289738c9582d}
HKLM\software\classes\appid\dealplylive.exe
HKLM\software\classes\clsid\{0d89de71-3d99-4288-84dc-f18f1047a7d8}
HKLM\software\classes\clsid\{1e0c9b2a-6447-452c-b012-2314a0c29412}
HKLM\software\classes\clsid\{34a8ceb6-89bb-49f1-b5e4-0d0d6c21f3b1}
HKLM\software\classes\clsid\{3a4dbd3a-98cc-41ce-ad21-352d42b6f754}
HKLM\software\classes\clsid\{4f8a50f6-69de-4be3-a33a-a1079b9ac0db}
HKLM\software\classes\clsid\{501cb57a-d4e2-4855-96ad-edb0a9083395}
HKLM\software\classes\clsid\{6ff2c4dd-77a4-4bb5-ba4c-b42defbf9137}
HKLM\software\classes\clsid\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\classes\clsid\{80fabb17-63af-4655-9f07-b6509ee37af2}
HKLM\software\classes\clsid\{83aba270-8390-4ca6-ae48-fc089f55629e}
HKLM\software\classes\clsid\{8b218a5f-1a3d-4347-94ef-a79575eb8094}
HKLM\software\classes\clsid\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\classes\clsid\{9bdb5e09-4bba-4422-8c2b-529b281c32b8}
HKLM\software\classes\clsid\{c536f080-57b7-46d6-8894-c647553f2889}
HKLM\software\classes\clsid\{ca5d945f-e738-4d0b-a0b5-25ac51c64659}
HKLM\software\classes\clsid\{f48fc5b2-094a-44c7-b48c-289738c9582d}
HKLM\software\classes\clsid\{f7698761-4aba-45c2-a5bb-d2163922c725}
HKLM\software\classes\clsid\{ffcc53e6-2655-47fc-a89b-54e8d7f305d1}
HKLM\software\classes\dealplylive.oneclickctrl.9
HKLM\software\classes\dealplylive.oneclickprocesslaunchermachine
HKLM\software\classes\dealplylive.oneclickprocesslaunchermachine.1.0
HKLM\software\classes\dealplylive.update3webcontrol.3
HKLM\software\classes\dealplyliveupdate.cocreateasync
HKLM\software\classes\dealplyliveupdate.cocreateasync.1.0
HKLM\software\classes\dealplyliveupdate.coreclass
HKLM\software\classes\dealplyliveupdate.coreclass.1
HKLM\software\classes\dealplyliveupdate.coremachineclass
HKLM\software\classes\dealplyliveupdate.coremachineclass.1
HKLM\software\classes\dealplyliveupdate.credentialdialogmachine
HKLM\software\classes\dealplyliveupdate.credentialdialogmachine.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachine
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachine.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachinefallback
HKLM\software\classes\dealplyliveupdate.ondemandcomclassmachinefallback.1.0
HKLM\software\classes\dealplyliveupdate.ondemandcomclasssvc
HKLM\software\classes\dealplyliveupdate.ondemandcomclasssvc.1.0
HKLM\software\classes\dealplyliveupdate.processlauncher
HKLM\software\classes\dealplyliveupdate.processlauncher.1.0
HKLM\software\classes\dealplyliveupdate.update3comclassservice
HKLM\software\classes\dealplyliveupdate.update3comclassservice.1.0
HKLM\software\classes\dealplyliveupdate.update3webmachine
HKLM\software\classes\dealplyliveupdate.update3webmachine.1.0
HKLM\software\classes\dealplyliveupdate.update3webmachinefallback
HKLM\software\classes\dealplyliveupdate.update3webmachinefallback.1.0
HKLM\software\classes\dealplyliveupdate.update3websvc
HKLM\software\classes\dealplyliveupdate.update3websvc.1.0
HKLM\software\classes\interface\{066d89e6-b457-4a57-888a-b0aeb11d5bf1}
HKLM\software\classes\interface\{0e8990f4-2fc9-403c-883b-535d6271e740}
HKLM\software\classes\interface\{1644e2e1-e15e-4e9e-9b25-5668536dd6a7}
HKLM\software\classes\interface\{2ba83048-8b7c-4186-843b-d97fc1a6ae95}
HKLM\software\classes\interface\{469960f8-8172-4386-bbb1-df3590027d58}
HKLM\software\classes\interface\{753c5ed0-b9ab-4f1e-8dac-668e701ca569}
HKLM\software\classes\interface\{80995911-5cf2-483f-a260-c736e8d0c691}
HKLM\software\classes\interface\{821ed2b3-866e-4177-870e-52d995d123d0}
HKLM\software\classes\interface\{9b4e4bf6-9346-4969-8428-c3cb81cd7a30}
HKLM\software\classes\interface\{9bac5a3b-33fd-4db9-a4f1-b749498d4017}
HKLM\software\classes\interface\{a6670033-7a4b-4f59-b8a9-a7cebf3ce960}
HKLM\software\classes\interface\{b1285825-f24f-4651-9f8a-2012460ad2fc}
HKLM\software\classes\interface\{b3d38ae9-c808-4811-8417-f114839d6392}
HKLM\software\classes\interface\{b8e64931-27ef-42bc-af3b-0e2b25d17567}
HKLM\software\classes\interface\{be952bdf-6fdf-4a62-b318-e15d4487a2ef}
HKLM\software\classes\interface\{c0233f6c-3110-4aea-a798-c81da43ced9e}
HKLM\software\classes\interface\{cc5b7648-aaf8-4642-b53d-b7b5e4ae7241}
HKLM\software\classes\interface\{d325b617-d6f9-4c72-90b2-a38e6d15c16e}
HKLM\software\classes\interface\{df51ad29-5239-441a-b921-e655c8162060}
HKLM\software\classes\interface\{e515494b-7548-462a-b7e7-a3e6f8c4899c}
HKLM\software\classes\interface\{e9ecfff9-2011-439f-92eb-be145acd87da}
HKLM\software\classes\interface\{fbb92627-0daa-4b69-97cc-9879236fe039}
HKLM\software\classes\installer\products\93bad29ac2e44034a96bcb446eb8552e
HKLM\software\dealplylive
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{c536f080-57b7-46d6-8894-c647553f2889}
HKLM\software\microsoft\windows\currentversion\ext\preapproved\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\windows\currentversion\ext\preapproved\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\windows\currentversion\ext\stats\{7f1796b2-bec6-427b-b734-f9c75ed94a80}
HKLM\software\microsoft\windows\currentversion\ext\stats\{8c338ddb-19fc-4c1f-b74d-6931ee55f7a1}
HKLM\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\products\93bad29ac2e44034a96bcb446eb8552e
HKLM\software\microsoft\windows\currentversion\uninstall\{a92dab39-4e2c-4304-9ab6-bc44e68b55e2}
HKLM\software\microsoft\windows nt\currentversion\image file execution options\dealplylive.exe
HKLM\software\mozillaplugins\@tools.dpliveupdate.com/dealplylive update;version=3
HKLM\software\mozillaplugins\@tools.dpliveupdate.com/dealplylive update;version=9
HKLM\system\currentcontrolset\services\dealplylive
HKLM\system\currentcontrolset\services\dealplylivem
HKLM\software\classes\mime\database\content type\application/x-vnd.dpliveupdate.oneclickctrl.9
HKLM\software\classes\mime\database\content type\application/x-vnd.dpliveupdate.update3webcontrol.3
 

 

PUP.MinerGate


*file
C:\users\public\Desktop\minergate.lnk
C:\programdata\microsoft\windows\start menu\programs\minergate\uninstall.lnk
C:\programdata\microsoft\windows\start menu\programs\minergate\minergate.lnk
C:\program files\minergate\uninstall.exe
C:\program files\minergate\minergate.exe
C:\programdata\microsoft\windows\start menu\programs\minergate
C:\program files\minergate

*reg_key
HKLM\software\microsoft\windows\currentversion\uninstall\minergate
HKLM\software\minergate inc
 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
99 PUP.YouTubeAdBlock, Grakat file ezclean 2021.02.10 21689
98 PUP. SoSoIm, MSNMonitor file ezclean 2021.02.09 285
97 PUP.Mallapp, professional cleaning Software file ezclean 2021.02.08 70
96 PUP.PCPurifier, Catered file ezclean 2021.02.05 1932
95 PUP.DriverDoc, RinoReader file ezclean 2021.02.04 1733
94 Adware.SpywareRemover, CloudGuard file ezclean 2021.02.03 58
93 Adware.HPProtector, WeatherTool file ezclean 2021.02.01 320
92 PUP.TorrentSearch, RegEasy file ezclean 2021.01.29 130
91 PUP.HohoSearch, Popfreeka file ezclean 2021.01.28 361
90 Adware.Linkury, Netfilter file ezclean 2021.01.27 829
89 Trojan. RegistryTool, AdwareAlert file ezclean 2021.01.26 80
88 PUP.UCalendar, WebInternet file ezclean 2021.01.25 67
87 PUP. Guffins, PriceLess file ezclean 2021.01.22 53
86 Adware.DVDVideoSoft, FileRubber file ezclean 2021.01.21 804
85 Adware.CoolVerte, Grape file ezclean 2021.01.20 5069
84 Adware.dvdvideosoft, UniversalDriver file ezclean 2021.01.19 2195
83 Trojan.winrule, BitCoinMiner file ezclean 2021.01.15 271
» PUP.DealPly, MinerGate file ezclean 2021.01.12 87
81 Trojan.TechAgent, Ghapoly file ezclean 2021.01.08 68
80 Adware.BlueMoon, FileSubmit file ezclean 2021.01.07 79
쓰기
Board Pagination Prev 1 2 3 4 5 6 ... 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송