Home 악성코드 해결
뷰어로 보기
2020.12.23 10:11

Trojan.HaoTuKanKan, HPMonkey

ezclean
조회 수 112 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

Trojan.HaoTuKanKan


*file
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\HaoTuKanKan.exe
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\haotu_update.dll
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\uninstall.exe

*reg_key
HKCU\Software\HaoTuKanKan
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01EB3F15-6569-4FCD-A1AA-913E906E2194}
HKLM\SYSTEM\CurrentControlSet\Services\HaoTuKanKan_UpdateSvc

*reg_val
HKCU\Software\Classes\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Classes\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Classes\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Classes\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Classes\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Classes\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Classes\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Classes\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Classes\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Classes\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts | HaoTuKanKan.bmp_.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\OpenWithProgids | HaoTuKanKan.3fr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cut\OpenWithProgids | HaoTuKanKan.cut
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids | HaoTuKanKan.dds
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exr\OpenWithProgids | HaoTuKanKan.exr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.g3\OpenWithProgids | HaoTuKanKan.g3
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\OpenWithProgids | HaoTuKanKan.hdp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\OpenWithProgids | HaoTuKanKan.hdr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\OpenWithProgids | HaoTuKanKan.iff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\OpenWithProgids | HaoTuKanKan.j2k
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jng\OpenWithProgids | HaoTuKanKan.jng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\OpenWithProgids | HaoTuKanKan.jp2
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.koa\OpenWithProgids | HaoTuKanKan.koa
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mng\OpenWithProgids | HaoTuKanKan.mng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\OpenWithProgids | HaoTuKanKan.pbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\OpenWithProgids | HaoTuKanKan.pcd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\OpenWithProgids | HaoTuKanKan.pct
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\OpenWithProgids | HaoTuKanKan.pcx
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pfm\OpenWithProgids | HaoTuKanKan.pfm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\OpenWithProgids | HaoTuKanKan.pgm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\OpenWithProgids | HaoTuKanKan.ppm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\OpenWithProgids | HaoTuKanKan.psd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\OpenWithProgids | HaoTuKanKan.ras
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\OpenWithProgids | HaoTuKanKan.sgi
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wap\OpenWithProgids | HaoTuKanKan.wap
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\OpenWithProgids | HaoTuKanKan.webp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\OpenWithProgids | HaoTuKanKan.xbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\OpenWithProgids | HaoTuKanKan.xpm
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | HaoTuKanKan_UpdateSvc
 

Trojan.HPMonkey

 
*file
C:\Users\{USERNAME}\AppData\Roaming\hpmonkey\HPMonkeySrv.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\MonkeyStarter.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\uninstaller.exe

*reg_key
HKLM\SOFTWARE\HPMonkey
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPMonkey

 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
139 Adware.SecuriDex file ezclean 2021.04.06 369
138 Adware.SmartService file ezclean 2021.02.22 2785
137 Adware.Snoozer file ezclean 2021.04.23 3494
136 Adware.SogouDownLoad file ezclean 2021.03.10 147
135 Adware.SpywareRemover, CloudGuard file ezclean 2021.02.03 58
134 Adware.TTwifi file ezclean 2021.03.02 1442
133 Adware.WarThunder file ezclean 2021.03.30 220
132 Backdoor.BSQL Hacker file ezclean 2021.03.29 223
131 Desktop BCN Drivers (x86) 버전 1.8.1 광고 프로그램 삭제 file ezclean 2018.12.05 2152
130 FrontCloud 광고 삭제 file ezclean 2018.09.17 12268
129 FVPlus 광고창 삭제 file ezclean 2018.10.26 734
128 Hacktool.TeraBIT Virus Maker file ezclean 2021.04.30 6913
127 http://info.mmnneo.com/getGuidStr.info?guid 광고창 삭제 방법 file ezclean 2021.07.01 7420
126 http://safebrowsing.biz 시작페이지 고정 해결 방법 1 file ezclean 2018.08.21 170
125 HubCloud 광고 삭제 file ezclean 2018.08.07 6727
124 INIWeblink 인터넷 광고 삭제 방법 file ezclean 2018.09.03 255
123 Internet Speed Tracker Internet Explorer Toolbar 광고 프로그램 삭제 file ezclean 2018.12.01 907
122 Internet webbora web 애드웨어 삭제 방법 ezclean 2018.08.31 2483
121 InternetSafeZone 광고삭제 file ezclean 2018.08.07 851
120 KeyPang version 1.0 광고 삭제 방법 file ezclean 2018.12.27 596
쓰기
Board Pagination Prev 1 2 3 4 5 ... 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송