프로그램분석

[rever***eng/Win32.Trojandownloader] Processing Time(Remove All) : 84ms

프로세스 천국 2011. 6. 21. 16:22

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-06-20
----------------------------------------------------------------------
DF000 C:\DOCUME~1\ADMINI~1\APPLIC~1\moamady\mady22s.exe
DF001 C:\Documents and Settings\Administrator\Application Data\lockcount.exe
DF002 C:\Documents and Settings\Administrator\Application Data\mady22\mady22.exe
DF003 C:\Documents and Settings\Administrator\Application Data\moamady\mady22s.exe
DF004 C:\Documents and Settings\Administrator\Application Data\MSINET.OCX
DF005 C:\Documents and Settings\Administrator\Application Data\msvbvm60.dll
DF006 C:\Documents and Settings\Administrator\Application Data\scrrun.dll
DF007 C:\Documents and Settings\Administrator\Application Data\toolonKF\localListFile.dll
DF008 C:\Documents and Settings\Administrator\Application Data\ToolonSetup.exe
DF009 C:\Documents and Settings\Administrator\Application Data\VB6KO.DLL
DF010 C:\Documents and Settings\Administrator\Recent\ADPrime_.exe
DF011 C:\Documents and Settings\Administrator\Recent\mcmst_mb.exe
DF012 C:\Documents and Settings\Administrator\Recent\moatimef.exe
DF013 C:\Documents and Settings\Administrator\Recent\ToolOn_king.exe
DF014 C:\Documents and Settings\Administrator\Recent\vaccineu_letsbe.exe
DF015 C:\Program Files\ADPrime\ADPrime.dll
DF016 C:\Program Files\ADPrime\Uninstall.exe
DF017 C:\Program Files\keywod\keywod.exe
DF018 C:\Program Files\mcmst\mcmst_mb.exe
DF019 C:\Program Files\Microsolution\Microsolution.exe
DF020 C:\Program Files\Microsolution\Microsolution_se.exe
DF021 C:\Program Files\Microsolution\Microsolution_updater.exe
DF022 C:\Program Files\ToolOnKF\ADPopupTO.dll
DF023 C:\Program Files\ToolOnKF\ToolOnKF.dll
DF024 C:\Program Files\ToolOnKF\ToolOnUpdateKF.exe
DF025 C:\Program Files\ToolOnKF\tosghelp.exe
DF026 C:\Program Files\ToolOnKF\TOUninstallKF.exe
DF027 C:\Program Files\vaccineu\db\filter.dll
DF028 C:\Program Files\vaccineu\db\inter.dll
DF029 C:\Program Files\vaccineu\etc\VUFilterDriver.SYS
DF030 C:\Program Files\vaccineu\etc\VUMon.exe
DF031 C:\Program Files\vaccineu\etc\VUmonRemote.dll
DF032 C:\Program Files\vaccineu\etc\VUReg.exe
DF033 C:\Program Files\vaccineu\temp\filter.dll
DF034 C:\Program Files\vaccineu\temp\inter.dll
DF035 C:\Program Files\vaccineu\Uninstall.exe
DF036 C:\Program Files\vaccineu\vaccineu.exe
DF037 C:\Program Files\vaccineu\VUAutoUpdate.exe
DF038 C:\Program Files\vaccineu\VUEngine.dll
DF039 C:\Program Files\wordpros\wordpros.exe
DF040 C:\WINDOWS\Microsolution_uninstaller.exe
----------------------------------------------------------------------
SC041 Microsolution Update Service -/- Microsolution Support Service -/- - -/-  -/- "C:\Program Files\Microsolution\Microsolution_se.exe" /service
----------------------------------------------------------------------
UN042 AdPrime Components 1.00 -/- - -/- AdPrime Components 1.00 -/- - -/- -
UN043 Windows keywod -/- Windows keywod -/- keywod -/- - -/-
UN044 Microsolution -/- - -/- Microsolution -/-
UN045 ToolOn Uninstall -/-  -/- ToolOnKF -/-  -/- -
UN046 vaccineu -/- - -/- vaccineu -/- - -/- -
UN047 Windows wordpros -/- Windows wordpros -/- wordpros -/- - -/-
----------------------------------------------------------------------
LS048 keywod.exe -/- C:\Program Files\keywod\keywod.exe
LS049 wordpros.exe -/- C:\Program Files\wordpros\wordpros.exe
LS050 mcmst_mb.exe -/- C:\Program Files\mcmst\mcmst_mb.exe
LS051 toolonupdateKF -/- C:\Program Files\ToolOnKF\ToolOnUpdateKF.exe
LS052 vaccineu -/- C:\Program Files\vaccineu\vaccineu.exe /Scan
LS053 lockcount -/- C:\Documents and Settings\Administrator\Application Data\lockcount.exe
LS054 mady22 -/- C:\Documents and Settings\Administrator\Application Data\mady22\mady22.exe
----------------------------------------------------------------------
BH055 AdPopupB -/- C:\Program Files\ToolOnKF\ADPopupTO.dll -/- {397CFDD8-762F-44D4-9517-E3969F89639E}
BH056 ToolOnKF -/- C:\Program Files\ToolOnKF\ToolOnKF.dll -/- {514FE04D-4442-415c-8AFE-C6B7BFB2DA33}
BH057 PremiumAdBHO Class -/- C:\Program Files\ADPrime\ADPrime.dll -/- {CA431E35-A5FA-4F7B-BB28-0F62DE3DE761}
----------------------------------------------------------------------
A001 UQYHJ.dgplayshop.com
A002 update.vaccineu.com
A003 petchaburi.net
A004 petchaburi.kr
A005 naver.com
A006 makao.kr
A007 log.adsence.co.kr
A008 file.mongfile.net
A009 engine.adnpeople.co.kr
A010 dw.toolon.co.kr
A011 down.vaccineu.com
A012 cybermy.co.kr
A013 creativity.kr
A014 addown.plusline.co.kr
A015 218.50.4.166
A016 ***.vaccineu.com
A017 ***.toolon.co.kr
A018 ***.naver.com
A019 ***.makao.kr
----------------------------------------------------------------------
Deleted Files : 41
Remove Service : 1
Remove Uninstall Entry : 6
Remove Startup Entry : 7
Remove Browser Helper Object : 3
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[02-HKLMREG]**keywod.exe
[02-HKLMREG]**wordpros.exe
[02-HKLMREG]**mcmst_mb.exe
[02-HKLMREG]**toolonupdateKF
[02-HKLMREG]**vaccineu
[02-HKLMREG]**lockcount
[02-HKLMREG]**mady22
[03-BHOCLSD]**{397CFDD8-762F-44D4-9517-E3969F89639E}
[03-BHOCLSD]**{514FE04D-4442-415c-8AFE-C6B7BFB2DA33}
[03-BHOCLSD]**{CA431E35-A5FA-4F7B-BB28-0F62DE3DE761}
[05-SERVICE]**Microsolution Update Service
----------------------------------------------------------------------
Total Processing Time : 84ms
----------------------------------------------------------------------
What's new : BH057 PremiumAdBHO Class -/- C:\Program Files\ADPrime\ADPrime.dll -/- {CA431E35-A5FA-4F7B-BB28-0F62DE3DE761}
----------------------------------------------------------------------

저작자표시 (새창열림)