Trojan.Ghapoly, BestCleaner

by ezclean posted Jan 05, 2021
?

단축키

Prev이전 문서

Next다음 문서

ESC닫기

크게 작게 위로 아래로 댓글로 가기 인쇄

Trojan.Ghapoly

*file
C:\Program Files\ghapoly\Release_21.dll
C:\Program Files\Ghapoly\Proxy32.dll
C:\Program Files\Ghapoly\libvlc.dll
C:\Program Files\Ghapoly\launcher_2.dll
C:\Program Files\Ghapoly\drizutainshupkCld.dll2428453
C:\Program Files\Ghapoly\drizutainshupkCld.dll
C:\Program Files\Ghapoly\cerbatain.exe
C:\Program Files\4d814d56\1477962072\4EE7\0E49\E6439B563A06\vnseB600.tmp
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06\Uninstall.exe
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06\ah7vb7.dll
C:\Program Files\4D814D56\1477962072\4EE7\0E49\E6439B563A06

*reg_key
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D587A28B-D9CE-4EF1-9DEA-A63533C05918}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{68B20711-EF26-4325-997A-8205F1508AB2}
 

Trojan.BestCleaner

*file
C:\Program Files\bestcleaner\FC7TRB.exe
C:\Program Files\BestCleaner\uninstaller.exe
C:\Program Files\BestCleaner

*reg_key
HKCU\Software\Microsoft\wewewe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BestCleaner_is1
HKLM\SOFTWARE\Microsoft\Tracing\FC7TRB_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\FC7TRB_RASMANCS

*reg_val
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | BestCleaner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce | OMEWPRODUCT_EZ1Z8

 

11111.png

 

TAG •
위로 아래로 댓글로 가기 인쇄