프로그램분석
[clic**rli Trojan.Downloader Ad.pkg] Processing Time : 53ms
프로세스 천국
2011. 12. 9. 01:46
----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-12-08
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\RapidGet\RapidGet.exe
DF001 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPDMgr.dll
DF002 C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
DF003 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
DF004 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
DF005 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGUnist.exe
DF006 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingGood.exe
DF007 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll
DF008 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUninst.exe
DF009 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUpdate.exe
DF010 C:\Documents and Settings\Administrator\My Documents\file_unlocker1.9.0.exe
DF011 C:\Program Files\DOWNLOAD LAUNCHER\pds_launcher.exe
DF012 C:\Program Files\DOWNLOAD LAUNCHER\uninst.exe
DF013 C:\Program Files\EasyOn\EasyOn.dll
DF014 C:\Program Files\EasyOn\EasyOn.exe
DF015 C:\Program Files\EasyOn\Uninstall.exe
DF016 C:\Program Files\FineTop\FineTop.dll
DF017 C:\Program Files\FineTop\FineTop.exe
DF018 C:\Program Files\FineTop\Uninstall.exe
DF019 C:\Program Files\microWebAD\microWebAD.exe
DF020 C:\Program Files\PostTip\PostTip.dll
DF021 C:\Program Files\PostTip\PostTip.exe
DF022 C:\Program Files\PostTip\uninstall.exe
DF023 C:\Program Files\WTool\Uninstall.exe
DF024 C:\Program Files\WTool\WTool.dll
DF025 C:\Program Files\WTool\WTool.exe
----------------------------------------------------------------------
SC026 RPGSvcman -/- RPGSvcman -/- - -/- -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
----------------------------------------------------------------------
UN027 DOWNLOAD LAUNCHER CTRL 1.0 -/- JE -/- DOWNLOAD LAUNCHER CTRL -/- - -/- -
UN028 EasyOn -/- - -/- EasyOn -/- - -/- -
UN029 FineTop -/- - -/- FineTop -/- - -/- -
UN030 MicroWebAD Installer 1.1 -/- MicroWebAD Installer 1.1 -/- microWebAD.exe -/- - -/-
UN031 PostTip -/- - -/- PostTip -/- - -/- -
UN032 Windows Download Manager RapidGet -/- - -/- RapidGet -/- - -/- -
UN033 WTL C++ Werping Manager -/- Werping -/- WerPingGood -/- - -/-
UN034 WTool -/- - -/- WTool -/- - -/- -
----------------------------------------------------------------------
LS035 DOWNLOAD LAUNCHER -/- C:\Program Files\DOWNLOAD LAUNCHER\pds_launcher.exe /up
LS036 microWebAD.exe -/- C:\Program Files\microWebAD\microWebAD.exe
LS037 PostTip -/- C:\Program Files\PostTip\PostTip.exe
LS038 WTool -/- C:\Program Files\WTool\WTool.exe
LS039 RapidGet -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
LS040 rpga -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
LS041 EasyOn -/- C:\Program Files\EasyOn\EasyOn.exe
LS042 FineTop -/- C:\Program Files\FineTop\FineTop.exe
----------------------------------------------------------------------
BH043 WerPingHelperCtrl Class -/- C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll -/- {114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
BH044 EasyOnHelper -/- C:\Program Files\EasyOn\EasyOn.dll -/- {1CE681DC-1190-40EF-85A9-ADE47098CF51}
BH045 WToolHelper -/- C:\Program Files\WTool\WTool.dll -/- {84395E42-9FF9-4B85-9264-B1762D069593}
BH046 PostTip -/- C:\Program Files\PostTip\PostTip.dll -/- {C4BF6897-41A2-454b-AC3B-437F30BEA671}
BH047 FineTop -/- C:\Program Files\FineTop\FineTop.dll -/- {CBF53489-AD8D-4637-965A-413861EEC7CF}
----------------------------------------------------------------------
Deleted Files : 26
Remove Service : 1
Remove Uninstall Entry : 8
Remove Startup Entry : 8
Remove Browser Helper Object : 5
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[02-HKLMREG]**DOWNLOAD LAUNCHER
[02-HKLMREG]**microWebAD.exe
[02-HKLMREG]**PostTip
[02-HKLMREG]**WTool
[02-HKLMREG]**RapidGet
[02-HKLMREG]**rpga
[02-HKLMREG]**EasyOn
[02-HKLMREG]**FineTop
[03-BHOCLSD]**{114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
[03-BHOCLSD]**{1CE681DC-1190-40EF-85A9-ADE47098CF51}
[03-BHOCLSD]**{84395E42-9FF9-4B85-9264-B1762D069593}
[03-BHOCLSD]**{C4BF6897-41A2-454b-AC3B-437F30BEA671}
[03-BHOCLSD]**{CBF53489-AD8D-4637-965A-413861EEC7CF}
[05-SERVICE]**RPGSvcman
----------------------------------------------------------------------
Total Processing Time : 53ms
----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-12-08
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\RapidGet\RapidGet.exe
DF001 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPDMgr.dll
DF002 C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
DF003 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
DF004 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
DF005 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGUnist.exe
DF006 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingGood.exe
DF007 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll
DF008 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUninst.exe
DF009 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUpdate.exe
DF010 C:\Documents and Settings\Administrator\My Documents\file_unlocker1.9.0.exe
DF011 C:\Program Files\DOWNLOAD LAUNCHER\pds_launcher.exe
DF012 C:\Program Files\DOWNLOAD LAUNCHER\uninst.exe
DF013 C:\Program Files\EasyOn\EasyOn.dll
DF014 C:\Program Files\EasyOn\EasyOn.exe
DF015 C:\Program Files\EasyOn\Uninstall.exe
DF016 C:\Program Files\FineTop\FineTop.dll
DF017 C:\Program Files\FineTop\FineTop.exe
DF018 C:\Program Files\FineTop\Uninstall.exe
DF019 C:\Program Files\microWebAD\microWebAD.exe
DF020 C:\Program Files\PostTip\PostTip.dll
DF021 C:\Program Files\PostTip\PostTip.exe
DF022 C:\Program Files\PostTip\uninstall.exe
DF023 C:\Program Files\WTool\Uninstall.exe
DF024 C:\Program Files\WTool\WTool.dll
DF025 C:\Program Files\WTool\WTool.exe
----------------------------------------------------------------------
SC026 RPGSvcman -/- RPGSvcman -/- - -/- -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
----------------------------------------------------------------------
UN027 DOWNLOAD LAUNCHER CTRL 1.0 -/- JE -/- DOWNLOAD LAUNCHER CTRL -/- - -/- -
UN028 EasyOn -/- - -/- EasyOn -/- - -/- -
UN029 FineTop -/- - -/- FineTop -/- - -/- -
UN030 MicroWebAD Installer 1.1 -/- MicroWebAD Installer 1.1 -/- microWebAD.exe -/- - -/-
UN031 PostTip -/- - -/- PostTip -/- - -/- -
UN032 Windows Download Manager RapidGet -/- - -/- RapidGet -/- - -/- -
UN033 WTL C++ Werping Manager -/- Werping -/- WerPingGood -/- - -/-
UN034 WTool -/- - -/- WTool -/- - -/- -
----------------------------------------------------------------------
LS035 DOWNLOAD LAUNCHER -/- C:\Program Files\DOWNLOAD LAUNCHER\pds_launcher.exe /up
LS036 microWebAD.exe -/- C:\Program Files\microWebAD\microWebAD.exe
LS037 PostTip -/- C:\Program Files\PostTip\PostTip.exe
LS038 WTool -/- C:\Program Files\WTool\WTool.exe
LS039 RapidGet -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
LS040 rpga -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
LS041 EasyOn -/- C:\Program Files\EasyOn\EasyOn.exe
LS042 FineTop -/- C:\Program Files\FineTop\FineTop.exe
----------------------------------------------------------------------
BH043 WerPingHelperCtrl Class -/- C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll -/- {114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
BH044 EasyOnHelper -/- C:\Program Files\EasyOn\EasyOn.dll -/- {1CE681DC-1190-40EF-85A9-ADE47098CF51}
BH045 WToolHelper -/- C:\Program Files\WTool\WTool.dll -/- {84395E42-9FF9-4B85-9264-B1762D069593}
BH046 PostTip -/- C:\Program Files\PostTip\PostTip.dll -/- {C4BF6897-41A2-454b-AC3B-437F30BEA671}
BH047 FineTop -/- C:\Program Files\FineTop\FineTop.dll -/- {CBF53489-AD8D-4637-965A-413861EEC7CF}
----------------------------------------------------------------------
Deleted Files : 26
Remove Service : 1
Remove Uninstall Entry : 8
Remove Startup Entry : 8
Remove Browser Helper Object : 5
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[02-HKLMREG]**DOWNLOAD LAUNCHER
[02-HKLMREG]**microWebAD.exe
[02-HKLMREG]**PostTip
[02-HKLMREG]**WTool
[02-HKLMREG]**RapidGet
[02-HKLMREG]**rpga
[02-HKLMREG]**EasyOn
[02-HKLMREG]**FineTop
[03-BHOCLSD]**{114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
[03-BHOCLSD]**{1CE681DC-1190-40EF-85A9-ADE47098CF51}
[03-BHOCLSD]**{84395E42-9FF9-4B85-9264-B1762D069593}
[03-BHOCLSD]**{C4BF6897-41A2-454b-AC3B-437F30BEA671}
[03-BHOCLSD]**{CBF53489-AD8D-4637-965A-413861EEC7CF}
[05-SERVICE]**RPGSvcman
----------------------------------------------------------------------
Total Processing Time : 53ms
----------------------------------------------------------------------