Home 악성코드 해결
뷰어로 보기
2021.02.25 09:23

Trojan.Clocker

ezclean
조회 수 1917 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

Trojan.Clocker


*file
C:\Prorogram Files\atomik\clocker\utilsdll.dll
C:\Prorogram Files\atomik\clocker\uninstall.exe
C:\Prorogram Files\atomik\clocker\timespeak.dll
C:\Prorogram Files\atomik\clocker\clocker.exe
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\atomik\clocker\clocker readme!!!.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\atomik\clocker\clocker uninstall.lnk
C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\atomik\clocker\clocker.lnk
C:\windows\clocker.lnk

*reg_key
HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\clocker v4.1 gold
HKCU\Software\Microsoft\Windows\CurrentVersion\run:atomik clocker

 

Toolbar.ASK

*file
c:\program files\asktoolbar4\asktoolbar4x.dll
c:\program files\asktoolbar4\searchresultstb.dll
c:\program files\asktoolbar4\uninstall.exe

*reg_key
HKCU\software\asktoolbar4
HKCU\software\microsoft\internet explorer\internetregistry\registry\user\s-1-5-21-2893608250-2205728168-3091723128-1001\software\asktoolbar4
HKCU\software\microsoft\internet explorer\searchscopes\{b9c7ce32-da91-43c2-b7e9-0e9aafc675cd}
HKLM\software\classes\clsid\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{1c50c302-c992-4042-8c57-69bd8d004cd0}
HKLM\software\microsoft\internet explorer\low rights\elevationpolicy\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\browser helper objects\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\uninstall\asktoolbar4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ext\settings\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\ext\stats\{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKLM\software\microsoft\internet explorer\toolbar:{3cb073f3-be3c-4e8f-942d-8a747b54486f}
HKCU\software\microsoft\internet explorer\approved extensions:{3cb073f3-be3c-4e8f-942d-8a747b54486f}
 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?

  1. Adware.ConduitToolbar

    Adware.ConduitToolbar *file C:\Users\{USERNAME}\AppData\LocalLow\IncrediMail_MediaBar_4\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll C:\Users\{USERNAME}\AppData\LocalLow\IncrediMail_MediaBar_4\tbInc0.dll C:\Users...
    Date2021.04.20 Byezclean Reply0 Views2485 file
    Read More

  2. PUP.BabylonToolbar

    PUP.BabylonToolbar *file C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\Baby...
    Date2021.04.14 Byezclean Reply0 Views1289 file
    Read More

  3. Trojan.Clocker

    Trojan.Clocker *file C:\Prorogram Files\atomik\clocker\utilsdll.dll C:\Prorogram Files\atomik\clocker\uninstall.exe C:\Prorogram Files\atomik\clocker\timespeak.dll C:\Prorogram Files\atomik\clocker\clocker.exe C:\Users\{USERNAME}\AppData\Roa...
    Date2021.02.25 Byezclean Reply0 Views1917 file
    Read More

  4. PUP.aircraft_instruments, Ask Toolbar Chrome.exe

    PUP aircraft_instruments *file C\Program Files\aircraft_instruments\aircraft_instrumentsToolbarHelper.exe C\Program Files\aircraft_instruments\UNWISE.EXE *reg_key HKCU\Software\AppDataLow\Software\aircraft_instruments HKCU\Software\Microsoft...
    Date2020.11.11 Byezclean Reply0 Views257 file
    Read More

  5. Internet Speed Tracker Internet Explorer Toolbar 광고 프로그램 삭제

    Internet Speed Tracker Internet Explorer Toolbar 광고 프로그램 삭제 이지클린(EzClean) 다운받기 인터넷 다운로드 속도 체크를 가장한 광고 생성, 검색 고급자 변경, 시작 페이지변경, 툴바 생성등 악의적 기능을 실행하는 Internet Speed Tracker Interne...
    Date2018.12.01 Byezclean Reply0 Views906 file
    Read More
쓰기
Board Pagination Prev 1 Next
/ 1

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송