Home 악성코드 해결
뷰어로 보기
2020.12.23 10:11

Trojan.HaoTuKanKan, HPMonkey

ezclean
조회 수 112 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

Trojan.HaoTuKanKan


*file
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\HaoTuKanKan.exe
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\haotu_update.dll
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\uninstall.exe

*reg_key
HKCU\Software\HaoTuKanKan
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01EB3F15-6569-4FCD-A1AA-913E906E2194}
HKLM\SYSTEM\CurrentControlSet\Services\HaoTuKanKan_UpdateSvc

*reg_val
HKCU\Software\Classes\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Classes\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Classes\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Classes\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Classes\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Classes\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Classes\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Classes\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Classes\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Classes\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts | HaoTuKanKan.bmp_.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\OpenWithProgids | HaoTuKanKan.3fr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cut\OpenWithProgids | HaoTuKanKan.cut
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids | HaoTuKanKan.dds
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exr\OpenWithProgids | HaoTuKanKan.exr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.g3\OpenWithProgids | HaoTuKanKan.g3
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\OpenWithProgids | HaoTuKanKan.hdp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\OpenWithProgids | HaoTuKanKan.hdr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\OpenWithProgids | HaoTuKanKan.iff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\OpenWithProgids | HaoTuKanKan.j2k
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jng\OpenWithProgids | HaoTuKanKan.jng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\OpenWithProgids | HaoTuKanKan.jp2
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.koa\OpenWithProgids | HaoTuKanKan.koa
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mng\OpenWithProgids | HaoTuKanKan.mng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\OpenWithProgids | HaoTuKanKan.pbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\OpenWithProgids | HaoTuKanKan.pcd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\OpenWithProgids | HaoTuKanKan.pct
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\OpenWithProgids | HaoTuKanKan.pcx
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pfm\OpenWithProgids | HaoTuKanKan.pfm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\OpenWithProgids | HaoTuKanKan.pgm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\OpenWithProgids | HaoTuKanKan.ppm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\OpenWithProgids | HaoTuKanKan.psd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\OpenWithProgids | HaoTuKanKan.ras
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\OpenWithProgids | HaoTuKanKan.sgi
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wap\OpenWithProgids | HaoTuKanKan.wap
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\OpenWithProgids | HaoTuKanKan.webp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\OpenWithProgids | HaoTuKanKan.xbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\OpenWithProgids | HaoTuKanKan.xpm
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | HaoTuKanKan_UpdateSvc
 

Trojan.HPMonkey

 
*file
C:\Users\{USERNAME}\AppData\Roaming\hpmonkey\HPMonkeySrv.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\MonkeyStarter.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\uninstaller.exe

*reg_key
HKLM\SOFTWARE\HPMonkey
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPMonkey

 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?
List of Articles
번호 제목 글쓴이 날짜 조회 수
39 Trojan.ShopForRewards file ezclean 2021.02.18 227
38 Backdoor.BSQL Hacker file ezclean 2021.03.29 223
37 Adware.WarThunder file ezclean 2021.03.30 220
36 PUP.GrassValley, Heinote file ezclean 2020.12.28 215
35 PUP.Zaxar file ezclean 2021.04.12 195
34 Trojan.Cain file ezclean 2021.02.19 174
33 http://safebrowsing.biz 시작페이지 고정 해결 방법 1 file ezclean 2018.08.21 170
32 Adware.SogouDownLoad file ezclean 2021.03.10 147
31 PUP.SecurePCCleaner file ezclean 2021.03.05 145
30 PUP.PCGold, TelamonCleaner file ezclean 2020.11.26 132
29 PUP.TorrentSearch, RegEasy file ezclean 2021.01.29 130
28 Trojan. remote manipulator system file ezclean 2021.03.17 125
27 PUP.ChromeEX, Homply file ezclean 2020.12.22 119
» Trojan.HaoTuKanKan, HPMonkey file ezclean 2020.12.23 112
25 PUP.ScrollUp, YesSearches file ezclean 2020.11.20 112
24 Adware.Savepathdeals file ezclean 2020.11.18 110
23 Adware.AnySend, Linkury file ezclean 2020.12.07 109
22 PUP.wxDfast file ezclean 2021.04.07 99
21 PUP.YoutubeMusic, DealPly file ezclean 2020.12.24 98
20 PUP.SweetIM file ezclean 2021.04.08 88
쓰기
Board Pagination Prev 1 ... 4 5 6 7 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송