프로그램분석

[Adware.pack/MiniL Trojan Downloader] Processing Time : 131ms

프로세스 천국 2011. 6. 2. 20:00

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-06-02
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\바탕 화면\스타 맵핵 감지기\wLauncher_Setup+1.07(wDetector+2.40).exe
DF001 C:\Program Files\GuideOn\GuideOn.dll
DF002 C:\Program Files\GuideOn\GuideOn.exe
DF003 C:\Program Files\GuideOn\uninstall.exe
DF004 C:\Program Files\keepprotect\keepprotect.exe
DF005 C:\Program Files\keepprotect\keepprotectBK.exe
DF006 C:\Program Files\keepprotect\keepprotectdm.exe
DF007 C:\Program Files\keepprotect\keepprotectU.exe
DF008 C:\Program Files\keepprotect\uninst_keepprotect.exe
DF009 C:\Program Files\NFDay\nfdalimi.exe
DF010 C:\Program Files\NFDay\nfddel.exe
DF011 C:\Program Files\NFDay\nfddll.dll
DF012 C:\Program Files\NFDay\nfdmain.exe
DF013 C:\Program Files\NFDay\nfdupdater.exe
DF014 C:\Program Files\NFDay\nfdux.exe
DF015 C:\Program Files\opensearchp\opensearchp.dll
DF016 C:\Program Files\opensearchp\opensearchps.exe
DF017 C:\Program Files\opensearchp\Uninstall.exe
DF018 C:\Program Files\PostTip\PostTip.dll
DF019 C:\Program Files\PostTip\PostTip.exe
DF020 C:\Program Files\PostTip\uninstall.exe
DF021 C:\Program Files\SmartTool\SmartTool.dll
DF022 C:\Program Files\SmartTool\SmartTool.exe
DF023 C:\Program Files\SmartTool\Uninstall.exe
DF024 C:\Program Files\smsGwang\smsGwang.exe
DF025 C:\Program Files\smsGwang\smsGwang_Uninstall.exe
DF026 C:\Program Files\wLauncher\uninstall.exe
DF027 C:\Program Files\wLauncher\wDup.exe
DF028 C:\WINDOWS\kwprotestto.exe
DF029 C:\WINDOWS\ndelfddll.exe
DF030 C:\WINDOWS\system32\opensearchpinst.exe
----------------------------------------------------------------------
UN031 GuideOn -/- - -/- GuideOn -/- - -/- -
UN032 keepprotect -/- - -/- keepprotect -/-
UN033 kwprotestto -/- - -/- kwprotestto -/-
UN034 New Feel 2 Day -/- feel2day, Inc. -/- NFDay -/-
UN035 opensearchp 1.00 -/- - -/- opensearchp 1.00 -/- - -/- -
UN036 PostTip -/- - -/- PostTip -/- - -/- -
UN037 SmartTool 제거 -/- - -/- SmartTool -/- - -/- -
UN038 문자광 -/- - -/- smsGwang -/- - -/- -
UN039 wLauncher -/- wLauncher -/- wLauncher -/-
----------------------------------------------------------------------
US040 Starcraft-wLauncher -/- C:\Program Files\wLauncher\wDup.exe -s
US041 kwprotestto -/- C:\WINDOWS\kwprotestto.exe sgi
US042 smsGwang -/- C:\Program Files\smsGwang\smsGwang.exe -h
LS043 GuideOn -/- C:\Program Files\GuideOn\GuideOn.exe
LS044 PostTip -/- C:\Program Files\PostTip\PostTip.exe
LS045 keepprotect main -/- C:\Program Files\keepprotect\keepprotectu.exe
LS046 SmartTool -/- C:\Program Files\SmartTool\SmartTool.exe
LS047 NFDay -/- C:\Program Files\NFDay\nfdupdater.exe
LS048 NFDayUpdate -/- C:\Program Files\NFDay\nfdux.exe
----------------------------------------------------------------------
BH049 opensearchhana.opensearchp -/- C:\Program Files\opensearchp\opensearchp.dll -/- {1ED8E185-17DF-4A1A-A25C-79B29B604925}
BH050 SmartToolCtl Class -/- C:\Program Files\SmartTool\SmartTool.dll -/- {2D891923-34B7-4186-9B47-752624535DC1}
BH051 GuideHelper Class -/- C:\Program Files\GuideOn\GuideOn.dll -/- {6704E2EA-6213-4d17-BB3D-4AE9E3609536}
BH052 PostTip -/- C:\Program Files\PostTip\PostTip.dll -/- {C4BF6897-41A2-454b-AC3B-437F30BEA671}
BH053 IECtrl Class -/- C:\PROGRA~1\NFDay\nfddll.dll -/- {CA479385-AB37-40C5-AC98-43CB6A8E0B90}
----------------------------------------------------------------------
A001 wlauncher.com
A002 upstat.keepprotect.co.kr
A003 update.keepprotect.co.kr
A004 up1.popgame.co.kr
A005 smsbacon.funtvi.kr
A006 sm.plustab.co.kr
A007 QGVK.dgplayshop.com
A008 postip.sidetab.co.kr
A009 keepprotect.co.kr
A010 guideon.sidegreen.com
A011 file.sidetab.co.kr
A012 file.sidegreen.com
A013 file.plustab.co.kr
A014 enjoy-find.com
A015 dw.toolon.co.kr
A016 down.wlauncher.com
A017 down.feel2day.com
A018 222.122.197.27
A019 ***.smsgwang.co.kr
A020 ***.enjoy-find.com
----------------------------------------------------------------------
Deleted Files : 31
Remove Uninstall Entry : 9
Remove Startup Entry : 9
Remove Browser Helper Object : 5
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**Starcraft-wLauncher
[01-HKCUREG]**kwprotestto
[01-HKCUREG]**smsGwang
[02-HKLMREG]**GuideOn
[02-HKLMREG]**PostTip
[02-HKLMREG]**keepprotect main
[02-HKLMREG]**SmartTool
[02-HKLMREG]**NFDay
[02-HKLMREG]**NFDayUpdate
[03-BHOCLSD]**{1ED8E185-17DF-4A1A-A25C-79B29B604925}
[03-BHOCLSD]**{2D891923-34B7-4186-9B47-752624535DC1}
[03-BHOCLSD]**{6704E2EA-6213-4d17-BB3D-4AE9E3609536}
[03-BHOCLSD]**{C4BF6897-41A2-454b-AC3B-437F30BEA671}
[03-BHOCLSD]**{CA479385-AB37-40C5-AC98-43CB6A8E0B90}
----------------------------------------------------------------------
Total Processing Time : 131ms
----------------------------------------------------------------------
What's new : C:\WINDOWS\kwprotestto.exe , keepprotect main -/- C:\Program Files\keepprotect\keepprotectu.exe
----------------------------------------------------------------------

저작자표시 (새창열림)