프로그램분석

[피씨맘] Install log : 68ms / 2013-03-08

프로세스 천국 2013. 3. 8. 20:51

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 1,023.55 MB
Intel64 Family 6 Model 37 Stepping 5
Date : 2013-03-08
----------------------------------------------------------------------
DF000 C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\피씨맘\피씨맘.lnk
DF001 C:\Users\Administrator\AppData\Roaming\pcm\EnCrypt.dll
DF002 C:\Users\Administrator\AppData\Roaming\pcm\pcm.exe
DF003 C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe
DF004 C:\Users\Administrator\AppData\Roaming\pcm\PCMomCleanWeb.dll
DF005 C:\Users\Administrator\AppData\Roaming\pcm\uninst.exe
DF006 C:\Users\Administrator\Desktop\피씨맘.lnk
----------------------------------------------------------------------
UN007 피씨맘 -/- N-Future Entertainment co, Ltd -/- pcm -/- hxxp://www.pcmom.co.kr -/- hxxp://www.pcmom.co.kr
----------------------------------------------------------------------
US008 pcm -/- C:\Users\Administrator\AppData\Roaming\pcm\pcmagent.exe
----------------------------------------------------------------------
Deleted Files : 7
Remove Uninstall Entry : 1
Remove Startup Entry : 1
Remove Browser Helper Object : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2013-03-08
[01-HKCUREG]**pcm
[03-BHOCLSD]**{B8660232-6779-456E-B9A7-316B14922E69}

----------------------------------------------------------------------
Total Processing Time : 68ms
----------------------------------------------------------------------
System Analyzer Report 2013, 03, 08

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "pcmagent" & echo windowdel.com
NA006 echo windowexe.com & tskill "pcmagent" & echo windowdel.com
NA007 echo windowexe.com & tskill "pcm" & echo windowdel.com
NA008 echo windowexe.com & tskill "pcm" & echo windowdel.com
NA009 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pcm" /f
NA010 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pcm" /f
NA011 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA012 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA013 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA014 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA015 echo Created by Windowexe.com
NA016 echo change dir for x64
NA017 cd %windir%
NA018 cd syswow64
NA019 echo windowexe.com & tskill "pcmagent" & echo windowdel.com
NA020 echo windowexe.com & tskill "pcmagent" & echo windowdel.com
NA021 echo windowexe.com & tskill "pcm" & echo windowdel.com
NA022 echo windowexe.com & tskill "pcm" & echo windowdel.com
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pcm" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pcm" /f
NA025 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA026 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA027 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA028 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B8660232-6779-456E-B9A7-316B14922E69}" /f
NA029 echo Created by Windowexe.com
NA030 echo End
NA031 ======================================================================
NA032 echo Created by Windowexe.com / do not delete this label.
NA033 ======================================================================