Home 악성코드 해결
뷰어로 보기
2020.12.23 10:11

Trojan.HaoTuKanKan, HPMonkey

ezclean
조회 수 112 추천 수 0 댓글 0
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부
?

단축키

Prev이전 문서

Next다음 문서

크게 작게 위로 아래로 댓글로 가기 인쇄 첨부

Trojan.HaoTuKanKan


*file
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\HaoTuKanKan.exe
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\haotu_update.dll
C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\uninstall.exe

*reg_key
HKCU\Software\HaoTuKanKan
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{01EB3F15-6569-4FCD-A1AA-913E906E2194}
HKLM\SYSTEM\CurrentControlSet\Services\HaoTuKanKan_UpdateSvc

*reg_val
HKCU\Software\Classes\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Classes\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Classes\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Classes\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Classes\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Classes\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Classes\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Classes\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Classes\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Classes\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts | HaoTuKanKan.bmp_.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3fr\OpenWithProgids | HaoTuKanKan.3fr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\OpenWithProgids | HaoTuKanKan.bmp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cut\OpenWithProgids | HaoTuKanKan.cut
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dds\OpenWithProgids | HaoTuKanKan.dds
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exr\OpenWithProgids | HaoTuKanKan.exr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.g3\OpenWithProgids | HaoTuKanKan.g3
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\OpenWithProgids | HaoTuKanKan.gif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdp\OpenWithProgids | HaoTuKanKan.hdp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\OpenWithProgids | HaoTuKanKan.hdr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\OpenWithProgids | HaoTuKanKan.ico
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\OpenWithProgids | HaoTuKanKan.iff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\OpenWithProgids | HaoTuKanKan.j2k
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jng\OpenWithProgids | HaoTuKanKan.jng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\OpenWithProgids | HaoTuKanKan.jp2
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\OpenWithProgids | HaoTuKanKan.jpeg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithProgids | HaoTuKanKan.jpg
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jxr\OpenWithProgids | HaoTuKanKan.jxr
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.koa\OpenWithProgids | HaoTuKanKan.koa
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mng\OpenWithProgids | HaoTuKanKan.mng
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\OpenWithProgids | HaoTuKanKan.pbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\OpenWithProgids | HaoTuKanKan.pcd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\OpenWithProgids | HaoTuKanKan.pct
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\OpenWithProgids | HaoTuKanKan.pcx
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pfm\OpenWithProgids | HaoTuKanKan.pfm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\OpenWithProgids | HaoTuKanKan.pgm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\OpenWithProgids | HaoTuKanKan.png
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\OpenWithProgids | HaoTuKanKan.ppm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\OpenWithProgids | HaoTuKanKan.psd
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\OpenWithProgids | HaoTuKanKan.ras
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\OpenWithProgids | HaoTuKanKan.sgi
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\OpenWithProgids | HaoTuKanKan.tga
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\OpenWithProgids | HaoTuKanKan.tif
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\OpenWithProgids | HaoTuKanKan.tiff
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wap\OpenWithProgids | HaoTuKanKan.wap
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webp\OpenWithProgids | HaoTuKanKan.webp
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\OpenWithProgids | HaoTuKanKan.xbm
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\OpenWithProgids | HaoTuKanKan.xpm
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost | HaoTuKanKan_UpdateSvc
 

Trojan.HPMonkey

 
*file
C:\Users\{USERNAME}\AppData\Roaming\hpmonkey\HPMonkeySrv.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\MonkeyStarter.exe
C:\Users\{USERNAME}\AppData\Roaming\HPMonkey\uninstaller.exe

*reg_key
HKLM\SOFTWARE\HPMonkey
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HPMonkey

 

11111.png

 

TAG •
Atachment
첨부 '1'
Facebook Twitter Google Pinterest
위로 아래로 댓글로 가기 인쇄 첨부
에디터 선택하기
?

  1. PUP.YoutubeMusic, DealPly

    PUP.YoutubeMusic *file C\Users\{USERNAME}\Desktop\Youtube Music Downlo{USERNAME}er.lnk C\Users\{USERNAME}\AppData\Local\Temp\is-AP0D1.tmp\Youtube_Music_Downlo{USERNAME}er_Setup.exe C\ProgramData\Microsoft\Windows\Start Menu\Programs\youtube ...
    Date2020.12.24 Byezclean Reply0 Views98 file
    Read More

  2. PUP.wxDfast

    PUP.wxDfast *file C:\Users\{USERNAME}\AppData\LocalLow\wxDfast\scode_docstart C:\Users\{USERNAME}\AppData\LocalLow\wxDfast\products C:\Users\{USERNAME}\AppData\LocalLow\wxDfast\jsondb.js C:\Users\{USERNAME}\AppData\LocalLow\wxDfast\content.j...
    Date2021.04.07 Byezclean Reply0 Views99 file
    Read More

  3. Adware.AnySend, Linkury

    Adware.AnySend *file C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnySend\AnySend.lnk C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnySend\AnySend Show Tutorial.lnk C:\Users\{USERNAME...
    Date2020.12.07 Byezclean Reply0 Views109 file
    Read More

  4. Adware.Savepathdeals

    Adware.Savepathdeals *file C:\Users\{Username}\AppData\Roaming\Mozilla\Firefox\extensions\savepathdeals@savepathdeals.com\chrome.manifest C:\Users\{Username}\AppData\Roaming\Mozilla\Firefox\extensions\savepathdeals@savepathdeals.com\content\...
    Date2020.11.18 Byezclean Reply0 Views110 file
    Read More

  5. PUP.ScrollUp, YesSearches

    PUP.ScrollUp *file c:\users\{USERNAME}\desktop\scrollup_setup_1.exe c:\program files\software\scrollup\unins000.dat c:\program files\software\scrollup\scrollup.exe c:\program files\software\scrollup\unins000.exe c:\program menu\scrollup\soft...
    Date2020.11.20 Byezclean Reply0 Views112 file
    Read More

  6. Trojan.HaoTuKanKan, HPMonkey

    Trojan.HaoTuKanKan *file C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\HaoTuKanKan.exe C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\haotu_update.dll C\Users\{USERNAME}\AppData\Local\HaoTuKanKan\uninstall.exe *reg_key HKCU\Software\HaoTuKanKan...
    Date2020.12.23 Byezclean Reply0 Views112 file
    Read More

  7. PUP.ChromeEX, Homply

    PUP.ChromeEX *file %localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10.20796_0\native\libs %localappdata%\Google\Chrome\User Data\Default\Extensions\hmnbcmfnnpbhiljneemgbickgiakmclj\12.303.10....
    Date2020.12.22 Byezclean Reply0 Views120 file
    Read More

  8. Trojan. remote manipulator system

    Trojan. remote manipulator system *file c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Остановить Host.lnk c:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remote Manipulator System - Host\Настройка...
    Date2021.03.17 Byezclean Reply0 Views125 file
    Read More

  9. PUP.TorrentSearch, RegEasy

    PUP.TorrentSearch *file C:\Windows\Tasks\PED_Torrent_Search.job C:\Windows\Tasks\Update Service for Torrent Search.job C:\Windows\Tasks\Update Service for Torrent Search2.job C:\Windows\System32\Tasks\PED_Torrent_Search C:\Windows\System32\T...
    Date2021.01.29 Byezclean Reply0 Views130 file
    Read More

  10. PUP.PCGold, TelamonCleaner

    PUP.PCGold *file c:\users\{USERNAME}\appdata\roaming\microsoft\windows\start menu\programs\pc gold optimizer and system repair\pc gold optimizer and system repair.lnk c:\users\{USERNAME}\appdata\roaming\microsoft\windows\start menu\programs\...
    Date2020.11.26 Byezclean Reply0 Views132 file
    Read More

  11. PUP.SecurePCCleaner

    PUP.SecurePCCleaner *file C:\Windows\System32\Tasks\Secure PC Cleaner_UPDATES C:\Windows\System32\Tasks\Secure PC Cleaner_DEFAULT C:\Windows\System32\Tasks\Secure PC Cleaner C:\Windows\System32\Tasks\RunAtStartup C:\Program Files\SecurePC Cl...
    Date2021.03.05 Byezclean Reply0 Views146 file
    Read More

  12. Adware.SogouDownLoad

    Adware.SogouDownLoad *file C:\Program Files\SogouDownLoad\html\js\swfobject.js C:\Program Files\SogouDownLoad\html\js\jquery-1.11.2.min.js C:\Program Files\SogouDownLoad\html\js\actions.js C:\Program Files\SogouDownLoad\html\images\warning.p...
    Date2021.03.10 Byezclean Reply0 Views147 file
    Read More

  13. http://safebrowsing.biz 시작페이지 고정 해결 방법

    http://safebrowsing.biz 시작페이지 고정 해결 방법 이지클린(EzClean) 다운받기 safebrowsing.biz는 정상사이트이긴 하지만 시작페이지로 고정된다는게 문제입니다. 타 프로그램을 설치할때 제휴 사이트로 추가 등록이 됩니다. 일반적으로 인터넷창의 시작페...
    Date2018.08.21 Byezclean Reply1 Views172 file
    Read More

  14. Trojan.Cain

    Trojan.Cain *file C:\Users\{USERNAME}\Desktop\Cain.lnk C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain\Winrtgen.lnk C:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cain\Whatsnew.lnk C:...
    Date2021.02.19 Byezclean Reply0 Views175 file
    Read More

  15. PUP.Zaxar

    PUP.Zaxar *file C:\Program Files\Zaxar\sqldrivers\qsqlite4.dll C:\Program Files\Zaxar\plugins\NPSWF32.dll C:\Program Files\Zaxar\imageformats\qjpeg4.dll C:\Program Files\Zaxar\imageformats\qico4.dll C:\Program Files\Zaxar\imageformats\qgif4....
    Date2021.04.12 Byezclean Reply0 Views195 file
    Read More

  16. PUP.GrassValley, Heinote

    PUP.GrassValley *file C\Users\{USERNAME}\Desktop\EDIUS7_LO{USERNAME}ER.lnk C\Users\{USERNAME}\Desktop\EDIUS6_5_LO{USERNAME}ER.lnk C\Program Files\Grass Valley\EDIUS 7\Uninstall.exe C\Program Files\Grass Valley\EDIUS 7\LO{USERNAME}ER_7.40 488...
    Date2020.12.28 Byezclean Reply0 Views215 file
    Read More

  17. Adware.WarThunder

    Adware.WarThunder *file C:\Windows\System32\Tasks\WarThunder24 C:\Windows\System32\Tasks\WarThunder sun C:\Windows\System32\Tasks\WarThunder sat C:\Users{USERNAME}Desktop\WarThunder.lnk C:\Users\{USERNAME}\AppData\Roaming\ZU_warthunder\wt.ic...
    Date2021.03.30 Byezclean Reply0 Views220 file
    Read More

  18. Trojan.ShopForRewards

    Trojan.ShopForRewards *file C:\Prorogram Files\Shop For Rewards\Firefox\{BF883488-0379-470e-8BF2-C5D1F3828428}.xpi C:\Prorogram Files\Shop For Rewards\vbsprn64.exe C:\Prorogram Files\Shop For Rewards\unins000.exe C:\Prorogram Files\Shop For ...
    Date2021.02.18 Byezclean Reply0 Views227 file
    Read More

  19. Backdoor.BSQL Hacker

    Backdoor.BSQL Hacker *file c:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BSQL Hacker\Uninstall.lnk c:\Users\{USERNAME}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BSQL Hacker\Manual.lnk c:\Users\{USERNAM...
    Date2021.03.29 Byezclean Reply0 Views228 file
    Read More

  20. INIWeblink 인터넷 광고 삭제 방법

    INIWeblink 인터넷 광고 삭제 방법 이지클린(EzClean) 다운받기 인터넷 검색 키워드를 가로채서 원하지 않는 광고 사이트를 보여주는 애드웨어 프로그램 중 하나인 INIWeblink 프로그램입니다. 다운로더 프로그램을 통해서 동반 설치되는 프로그램입니다. 설치...
    Date2018.09.03 Byezclean Reply0 Views258 file
    Read More
쓰기
Board Pagination Prev 1 2 3 4 5 ... 8 Next
/ 8

(C) EzClean

XE Login

  1. 회원가입
  2. 아이디,비밀번호 찾기
  3. 인증 메일 재발송