Home 악성코드 해결
뷰어로 보기
2020.12.23 10:11

Trojan.HaoTuKanKan, HPMonkey

ezclean
조회 수 112 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

Trojan.HaoTuKanKan


*file
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\HaoTuKanKan.exe
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\haotu_update.dll
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\uninstall.exe

*reg_key
HKCU\Software\HaoTuKanKan
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01EB3F15-6569-4FCD-A1AA-913E906E2194}
HKLM\SYSTEM\CurrentControlSet\Services\HaoTuKanKan_UpdateSvc

*reg_val
HKCU\Software\Classes\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Classes\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Classes\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Classes\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Classes\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Classes\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Classes\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Classes\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Classes\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Classes\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts | HaoTuKanKan.bmp_.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\OpenWithProgids | HaoTuKanKan.3fr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cut\OpenWithProgids | HaoTuKanKan.cut
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids | HaoTuKanKan.dds
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exr\OpenWithProgids | HaoTuKanKan.exr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.g3\OpenWithProgids | HaoTuKanKan.g3
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\OpenWithProgids | HaoTuKanKan.hdp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\OpenWithProgids | HaoTuKanKan.hdr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\OpenWithProgids | HaoTuKanKan.iff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\OpenWithProgids | HaoTuKanKan.j2k
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jng\OpenWithProgids | HaoTuKanKan.jng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\OpenWithProgids | HaoTuKanKan.jp2
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.koa\OpenWithProgids | HaoTuKanKan.koa
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mng\OpenWithProgids | HaoTuKanKan.mng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\OpenWithProgids | HaoTuKanKan.pbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\OpenWithProgids | HaoTuKanKan.pcd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\OpenWithProgids | HaoTuKanKan.pct
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\OpenWithProgids | HaoTuKanKan.pcx
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pfm\OpenWithProgids | HaoTuKanKan.pfm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\OpenWithProgids | HaoTuKanKan.pgm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\OpenWithProgids | HaoTuKanKan.ppm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\OpenWithProgids | HaoTuKanKan.psd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\OpenWithProgids | HaoTuKanKan.ras
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\OpenWithProgids | HaoTuKanKan.sgi
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wap\OpenWithProgids | HaoTuKanKan.wap
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\OpenWithProgids | HaoTuKanKan.webp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\OpenWithProgids | HaoTuKanKan.xbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\OpenWithProgids | HaoTuKanKan.xpm
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | HaoTuKanKan_UpdateSvc
 

Trojan.HPMonkey

 
*file
C:\Users\{USERNAME}\AppData\Roaming\hpmonkey\HPMonkeySrv.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\MonkeyStarter.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\uninstaller.exe

*reg_key
HKLM\SOFTWARE\HPMonkey
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPMonkey

 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
99 PUP.YouTubeAdBlock, Grakat file ezclean 2021.02.10 21718
98 PUP. SoSoIm, MSNMonitor file ezclean 2021.02.09 285
97 PUP.Mallapp, professional cleaning Software file ezclean 2021.02.08 71
96 PUP.PCPurifier, Catered file ezclean 2021.02.05 1933
95 PUP.DriverDoc, RinoReader file ezclean 2021.02.04 1733
94 Adware.SpywareRemover, CloudGuard file ezclean 2021.02.03 58
93 Adware.HPProtector, WeatherTool file ezclean 2021.02.01 320
92 PUP.TorrentSearch, RegEasy file ezclean 2021.01.29 130
91 PUP.HohoSearch, Popfreeka file ezclean 2021.01.28 361
90 Adware.Linkury, Netfilter file ezclean 2021.01.27 1119
89 Trojan. RegistryTool, AdwareAlert file ezclean 2021.01.26 80
88 PUP.UCalendar, WebInternet file ezclean 2021.01.25 67
87 PUP. Guffins, PriceLess file ezclean 2021.01.22 53
86 Adware.DVDVideoSoft, FileRubber file ezclean 2021.01.21 804
85 Adware.CoolVerte, Grape file ezclean 2021.01.20 5070
84 Adware.dvdvideosoft, UniversalDriver file ezclean 2021.01.19 2201
83 Trojan.winrule, BitCoinMiner file ezclean 2021.01.15 271
82 PUP.DealPly, MinerGate file ezclean 2021.01.12 87
81 Trojan.TechAgent, Ghapoly file ezclean 2021.01.08 68
80 Adware.BlueMoon, FileSubmit file ezclean 2021.01.07 79
쓰기
Board Pagination Prev 1 2 3 4 5 6 ... 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송