프로그램분석

Code : rG0xVC5X8CTlity8cN5B/TPtdPdgVzsy5tpj6YPvJ3A=

프로세스 천국 2013. 8. 21. 21:44

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz / 2,047.49 MB
Intel64 Family 6 Model 42 Stepping 7
Date : 2013-08-21
----------------------------------------------------------------------
DF000 C:\Program Files (x86)\SmartWeb\SmartWeb.exe
DF001 C:\Program Files (x86)\SmartWeb\SmartWebAgent.exe
DF002 C:\Program Files (x86)\WinExpand_s2vdk\WEUninstall_s2vdk.EXE
DF003 C:\Program Files (x86)\WinExpand_s2vdk\WinExpand_s2vdk.dll
DF004 C:\Program Files (x86)\WinExpand_s2vdk\WinxpendUP_s2vdk.exe
DF005 C:\Users\Administrator\AppData\Local\windowstab\windowstab.exe
DF006 C:\Users\Administrator\AppData\Local\windowstab\windowstab_mon.exe
DF007 C:\Users\Administrator\AppData\Local\windowstab\windowstab_uc.exe
DF008 C:\Users\Administrator\AppData\Local\windowstab\windowstab_unins.exe
DF009 C:\Users\Administrator\AppData\Roaming\MWManager\MWManager.exe
DF010 C:\Users\Administrator\AppData\Roaming\MWManager\MWManagerS.exe
DF011 C:\Users\Administrator\AppData\Roaming\MWManager\MWMToolbar.dll
DF012 C:\Users\Administrator\AppData\Roaming\MWManager\ts.dll
DF013 C:\Users\Administrator\AppData\Roaming\pcm\pcm.exe
DF014 C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe
DF015 C:\Users\Administrator\AppData\Roaming\pmu\pmu.exe
DF016 C:\Users\Administrator\AppData\Roaming\pmu\pmuagent.exe
DF017 C:\Users\Administrator\AppData\Roaming\powersearch\HNa.dll
DF018 C:\Users\Administrator\AppData\Roaming\powersearch\powersearch.exe
DF019 C:\Users\Administrator\AppData\Roaming\powersearch\psearch.dll
DF020 C:\Users\Administrator\AppData\Roaming\powersearch\SetupUtil.dll
----------------------------------------------------------------------
SC021 windowstab_mon -/- Windows Tab Manager -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_mon.exe -/- 윈도우즈탭 매니저. 이 프로그램이 중단될 경우 해당하는 업데이트 서비스를 받지 못하게됩니다.
----------------------------------------------------------------------
UN022 피씨맘 -/- N-Future Entertainment co, Ltd -/- pcm -/- C:\Users\Administrator\AppData\Roaming\pcm\uninst.exe -/- hxxp://ww*.pcmom.co.kr -/- hxxp://ww*.pcmom.co.kr
UN023 피씨맘업데이트 -/- N-Future Entertainment co, Ltd -/- pmu -/- C:\Users\Administrator\AppData\Roaming\pmu\uninst.exe -/- hxxp://ww*.pcmom.co.kr -/- hxxp://ww*.pcmom.co.kr
UN024 SmartWeb -/- Maroin -/- SmartWeb -/- C:\Program Files (x86)\SmartWeb\uninst.exe -/- hxxp://ww*.smartw.co.kr -/- hxxp://ww*.smartw.co.kr
UN025 WinExpand -/- WinExpand_s2vdk -/- C:\Program Files (x86)\WinExpand_s2vdk\WEUninstall_s2vdk.exe
UN026 powersearch -/- OPN.co.,ltd. -/- {53403CB4-E619-4A64-B28D-A6159FE8F354}_is1 -/- C:\Users\Administrator\AppData\Roaming\powersearch\unins000.exe -/- hxxp://ww*.winapp.kr/ -/- hxxp://ww*.winapp.kr/
----------------------------------------------------------------------
TS027 pcm -/- "C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe" "/run" -/- N/A
TS028 pmu -/- "C:\Users\Administrator\AppData\Roaming\pmu\pmuagent.exe" "/run" -/- N/A
TS029 SWSTART -/- "C:\Program Files (x86)\SmartWeb\SmartWebAgent.exe" "/RUN" -/- N/A
TS030 WinExpandUpdate_s2vdk -/- C:\Program Files (x86)\WinExpand_s2vdk\WinxpendUP_s2vdk.exe  -/- N/A
----------------------------------------------------------------------
US031 Windowsopensearch -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.exe Runcmd
US032 Windowsopensearchupdate -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgtu.exe
US033 WMManager -/- C:\Users\Administrator\AppData\Roaming\MWManager\MWManagerS.exe UPDATE
US034 WINDOWSTAB_UC -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_uc.exe /run
US035 powersearch -/- C:\Users\Administrator\AppData\Roaming\powersearch\powersearch.exe update
LS036 WINDOWSTAB_UC -/- C:\Users\Administrator\AppData\Local\windowstab\windowstab_uc.exe /run
----------------------------------------------------------------------
BH037 WinExpandB Class -/- C:\Program Files (x86)\WinExpand_s2vdk\WinExpand_s2vdk.dll -/- {0000066B-0414-40BF-8558-765BCFDF7762}
BH038 &powersearch Helper Object -/- C:\Users\Administrator\AppData\Roaming\powersearch\psearch.dll -/- {0F9D3470-ACE8-4A8E-8A2F-988576341613}
BH039 OpenSearchGT SubTap -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.dll -/- {F48F659E-88A3-4EFA-804E-833609E15AD6}
EXADD Shockwave Flash Object -/- C:\Windows\system32\Macromed\Flash\Flash64_11_7_700_224.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
EXADD WinExpandB Class -/- C:\Program Files (x86)\WinExpand_s2vdk\WinExpand_s2vdk.dll -/- {0000066B-0414-40BF-8558-765BCFDF7762}
EXADD &powersearch Helper Object -/- C:\Users\Administrator\AppData\Roaming\powersearch\psearch.dll -/- {0F9D3470-ACE8-4A8E-8A2F-988576341613}
EXADD Shockwave Flash Object -/- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_224.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
EXADD MWManager -/- C:\Users\Administrator\AppData\Roaming\MWManager\MWMToolbar.dll -/- {F3CE0557-71CB-4EBC-8E8B-2D4C64DD89E5}
EXADD OpenSearchGT SubTap -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.dll -/- {F48F659E-88A3-4EFA-804E-833609E15AD6}
----------------------------------------------------------------------
----------------------------------------------------------------------
TB040 MWManager -/- C:\Users\Administrator\AppData\Roaming\MWManager\MWMToolbar.dll -/- {F3CE0557-71CB-4EBC-8E8B-2D4C64DD89E5}
----------------------------------------------------------------------
----------------------------------------------------------------------
Deleted Files : 21
Remove Service : 1
Remove Uninstall Entry : 5
Remove Startup Entry : 6
Remove Browser Helper Object : 3
Remove Toolbar : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2013-08-21
[01-HKCUREG]**powersearch
[01-HKCUREG]**Windowsopensearch
[01-HKCUREG]**Windowsopensearchupdate
[01-HKCUREG]**WINDOWSTAB_UC
[01-HKCUREG]**WMManager
[02-HKLMREG]**WINDOWSTAB_UC
[03-BHOCLSD]**{0000066B-0414-40BF-8558-765BCFDF7762}
[03-BHOCLSD]**{0F9D3470-ACE8-4A8E-8A2F-988576341613}
[03-BHOCLSD]**{F48F659E-88A3-4EFA-804E-833609E15AD6}
[04-TOOLBAR]**{F3CE0557-71CB-4EBC-8E8B-2D4C64DD89E5}
[05-SERVICE]**windowstab_mon
[06-TASKLST]**pcm
[06-TASKLST]**pmu
[06-TASKLST]**SWSTART
[06-TASKLST]**WinExpandUpdate_s2vdk
----------------------------------------------------------------------
Total Processing Time : 699ms
----------------------------------------------------------------------