Home 악성코드 해결
뷰어로 보기
2020.12.22 09:24

PUP.ChromeEX, Homply

ezclean
조회 수 117 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

PUP.ChromeEX


*file

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\native\libs

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\supertab\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\supertab\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\supertab\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\search\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\search\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\r{USERNAME}io\r{USERNAME}ioWrapper

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\r{USERNAME}io\foreground

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\r{USERNAME}io\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\r{USERNAME}io\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\moviereviews\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\moviereviews\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\moviereviews\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\moviereviews\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\defaultSearch\foreground

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\defaultSearch\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\api\window

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\api\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\supertab

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\search

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\r{USERNAME}io

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\moviereviews

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\defaultSearch

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components\api

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\weather\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\weather\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\topapps\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\topapps\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\rss\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\r{USERNAME}io\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\r{USERNAME}io\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\weather

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\topapps

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\{USERNAME}

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\rss

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\r{USERNAME}io

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets\common

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api\widgets

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\weather\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\uninstall\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\thirdparty\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\rss\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu\images

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu\css

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\link\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\generic\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\flare\icons

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\flare\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedscript\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedscript\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedscript\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedhtml\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedhtml\html

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedhtml\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\alert\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\abstractbutton\background

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\weather

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\uninstall

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\thirdparty

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\rss

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\menu

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\link

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\generic

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\flare

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedscript

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\embedhtml

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\alert

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components\abstractbutton

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\widget-api

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\components

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common\{USERNAME}apter

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\shared

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\native

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\js

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\images

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\icons

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\components

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\common

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\_met{USERNAME}ata

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0

%localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj

 

 


PUP.Homply

*file
c:\program files\homply\homply-bg.exe
c:\program files\homply\homply-bho.dll
c:\program files\homply\homply-buttonutil.dll
c:\program files\homply\homply-codedownlo{USERNAME}er.exe
c:\program files\homply\homply-helper.exe
c:\program files\homply\uninstall.exe
c:\program files\homply

*reg_key
HKCU\software\appdatalow\software\homply
HKCU\software\classes\local settings\SOFTWARE\Microsoft\Windows\CurrentVersion\appcontainer\storage\windows_ie_ac_001\software\homply
HKLM\software\homply
HKCU\software\microsoft\internet explorer\low rights\elevationpolicy\{0308a1b7-38bd-468f-a886-901d4fae98b3}
HKCU\software\microsoft\internet explorer\low rights\elevationpolicy\{281e402a-f413-489d-8d42-a0d34a0a66c5}
HKCU\software\microsoft\internet explorer\low rights\elevationpolicy\{3619a6a5-4470-473f-b2d4-4d59fa6f2990}
HKCU\software\microsoft\internet explorer\low rights\elevationpolicy\{a9f8af26-c{USERNAME}1-47ce-a61b-9300c5a4f408}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{0308a1b7-38bd-468f-a886-901d4fae98b3}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{281e402a-f413-489d-8d42-a0d34a0a66c5}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{3619a6a5-4470-473f-b2d4-4d59fa6f2990}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{a9f8af26-c{USERNAME}1-47ce-a61b-9300c5a4f408}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ext\settings\{11111111-1111-1111-1111-110211931161}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ext\stats\{11111111-1111-1111-1111-110211931161}
HKLM\software/classes\clsid\{11111111-1111-1111-1111-110211931161}
HKLM\software/classes\clsid\{22222222-2222-2222-2222-220222932261}
HKLM\software/classes\typelib\{44444444-4444-4444-4444-440244934461}
HKLM\software/classes\interface\{55555555-5555-5555-5555-550255935561}
HKLM\software/classes\interface\{66666666-6666-6666-6666-660266936661}
HKLM\software/classes\crossriderapp0029361.bho
HKLM\software/classes\crossriderapp0029361.bho.1
HKLM\software/classes\crossriderapp0029361.sandbox
HKLM\software/classes\crossriderapp0029361.sandbox.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\browser helper objects\{11111111-1111-1111-1111-110211931161}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\homply

*reg_val
HKLM\software\microsoft\internet explorer\main\featurecontrol\feature_browser_emulation:homply-bg.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ext\clsid:{11111111-1111-1111-1111-110211931161}

 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
99 Trojan. CalculatemPro, KGBKeyLogger file ezclean 2020.12.04 283
98 Adware.AnySend, Linkury file ezclean 2020.12.07 109
97 PUP.MaxUnInstaller, Monterix file ezclean 2020.12.08 482
96 PUP.SAntivirus, Spigot file ezclean 2020.12.09 18871
95 Trojan.DMA, PCBooster file ezclean 2020.12.10 60
94 PUP.Carambis, PUP.AppMaster file ezclean 2020.12.11 84
93 PUP.Catalina, BrowseFox file ezclean 2020.12.14 1372
92 PUP.AdvancePCProtector, AdvancedSP file ezclean 2020.12.16 73
91 PUP.AdvanceSystem, MineApp file ezclean 2020.12.17 1034
90 Adware.ReimageRepair, Searchestoy, Netfilter file ezclean 2020.12.21 7840
» PUP.ChromeEX, Homply file ezclean 2020.12.22 117
88 Trojan.HaoTuKanKan, HPMonkey file ezclean 2020.12.23 112
87 PUP.WinZipDiskTool file ezclean 2020.12.23 747
86 PUP.YoutubeMusic, DealPly file ezclean 2020.12.24 98
85 PUP.GrassValley, Heinote file ezclean 2020.12.28 215
84 Trojan.TCClock, PDFCracker file ezclean 2020.12.29 2436
83 Adware.Ebuyer, SmartCloud file ezclean 2021.01.04 663
82 Trojan.Ghapoly, BestCleaner file ezclean 2021.01.05 872
81 PUP.MarvelSound, CalendarTool file ezclean 2021.01.06 2259
80 Adware.BlueMoon, FileSubmit file ezclean 2021.01.07 79
쓰기
Board Pagination Prev 1 2 3 4 5 6 ... 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송