[ampir5.sp Trojan.Downloader Ad.pkg] Processing Time : 63ms

프로그램분석

[ampir5.sp Trojan.Downloader Ad.pkg] Processing Time : 63ms

프로세스 천국 2012. 4. 5. 10:12

[ampir5.sp Trojan.Downloader Ad.pkg] Processing Time : 63ms / 2012-04-05

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz / 1,023.55 MB
Intel64 Family 6 Model 37 Stepping 5
Date : 2012-04-05
----------------------------------------------------------------------
DF000 C:\Program Files (x86)\addenbar\addenbar.dll
DF001 C:\Program Files (x86)\addenbar\addenbaragent.exe
DF002 C:\Program Files (x86)\cobato\cbtal.exe
DF003 C:\Program Files (x86)\cobato\cbtdel.exe
DF004 C:\Program Files (x86)\cobato\cbtdl.dll
DF005 C:\Program Files (x86)\cobato\cbtup.exe
DF006 C:\Program Files (x86)\cool-pc\cool-pc.exe
DF007 C:\Program Files (x86)\cool-pc\cool-pcEngine.exe
DF008 C:\Program Files (x86)\cool-pc\cool-pcse.exe
DF009 C:\Program Files (x86)\cool-pc\cool-pcU.exe
DF010 C:\Program Files (x86)\cool-pc\uninst_cool-pc.exe
DF011 C:\Program Files (x86)\dm\dm.dll
DF012 C:\Program Files (x86)\dm\dm.exe
DF013 C:\Program Files (x86)\dm\dmsp.dll
DF014 C:\Program Files (x86)\nurungzi\agnrz.exe
DF015 C:\Program Files (x86)\nurungzi\amnrz.exe
DF016 C:\Program Files (x86)\nurungzi\dlnrz.dll
DF017 C:\Program Files (x86)\nurungzi\mnnrz.exe
DF018 C:\Program Files (x86)\nurungzi\udnrz.exe
DF019 C:\Program Files (x86)\nurungzi\updnrz.exe
DF020 C:\Program Files (x86)\sponsormatch\sponsormatch.exe
DF021 C:\Program Files (x86)\sponsormatch\sponsormatchagent.exe
DF022 C:\Program Files (x86)\subjet\acircle.exe
DF023 C:\Program Files (x86)\subjet\sjt.exe
DF024 C:\Program Files (x86)\subjet\subjet.dll
DF025 C:\Program Files (x86)\subjet\subjetb.dll
DF026 C:\Program Files (x86)\subjet\subjete.exe
DF027 C:\Program Files (x86)\UtilZone\Cleaner.exe
DF028 C:\Program Files (x86)\UtilZone\UtilZone.dll
DF029 C:\Program Files (x86)\UtilZone\UtilZone.exe
DF030 C:\Program Files\addenbar\addenov.dll
DF031 C:\Program Files\FirstClick\FirstClick.dll
DF032 C:\Program Files\FirstClick\FirstClickInstaller.exe
DF033 C:\Program Files\FirstClick\FirstClickUpdater.exe
DF034 C:\ProgramData\WindowsTab\uninst.exe
DF035 C:\ProgramData\WindowsTab\windowstab.exe
DF036 C:\ProgramData\WindowsTab\windowstabup.exe
DF037 C:\Users\ADMINI~1\AppData\Local\Temp\0.exe
DF038 C:\Users\ADMINI~1\AppData\Local\Temp\1.exe
DF039 C:\Users\ADMINI~1\AppData\Local\Temp\10.exe
DF040 C:\Users\ADMINI~1\AppData\Local\Temp\11.exe
DF041 C:\Users\ADMINI~1\AppData\Local\Temp\12.exe
DF042 C:\Users\ADMINI~1\AppData\Local\Temp\13.exe
DF043 C:\Users\ADMINI~1\AppData\Local\Temp\2.exe
DF044 C:\Users\ADMINI~1\AppData\Local\Temp\3.exe
DF045 C:\Users\ADMINI~1\AppData\Local\Temp\4.exe
DF046 C:\Users\ADMINI~1\AppData\Local\Temp\5.exe
DF047 C:\Users\ADMINI~1\AppData\Local\Temp\6.exe
DF048 C:\Users\ADMINI~1\AppData\Local\Temp\7.exe
DF049 C:\Users\ADMINI~1\AppData\Local\Temp\8.exe
DF050 C:\Users\ADMINI~1\AppData\Local\Temp\9.exe
DF086 C:\Windows\audnrz.exe
DF087 C:\Windows\cbtad.exe
----------------------------------------------------------------------
SC088 cool-pcService -/- cool-pc Service -/- - -/- -/- C:\Program Files (x86)\cool-pc\cool-pcse.exe
----------------------------------------------------------------------
UN089 WindowsTab Uninstall -/- /- WindowsTab -/- hxxp://www.about-tab.com -/- -
----------------------------------------------------------------------
US090 sponsormatch -/- C:\Program Files (x86)\sponsormatch\sponsormatch.exe
US091 sponsormatchagent -/- C:\Program Files (x86)\sponsormatch\sponsormatchagent.exe
US092 DualMatching -/- C:\Program Files (x86)\dm\dm.exe
US093 WindowsTab -/- C:\ProgramData\WindowsTab\windowstabup.exe
US094 addenbaragent -/- C:\Program Files (x86)\addenbar\addenbaragent.exe
US095 FirstClickUpdater -/- C:\Program Files\FirstClick\FirstClickUpdater.exe
US096 subjet -/- C:\Program Files (x86)\subjet\subjete.exe
LS097 UtilZone -/- C:\Program Files (x86)\UtilZone\UtilZone.exe
LS098 cobato -/- C:\Program Files (x86)\cobato\cbtup.exe
LS099 nurungzi -/- C:\Program Files (x86)\nurungzi\updnrz.exe
LS100 nurungziUpdate -/- C:\Program Files (x86)\nurungzi\agnrz.exe
----------------------------------------------------------------------
BH101 FirstClickBHO Class -/- C:\Program Files\FirstClick\FirstClick.dll -/- {1E905554-CF1D-4C5B-9085-A74F8E76A042}
BH102 UtilZoneHelper -/- C:\Program Files (x86)\UtilZone\UtilZone.dll -/- {6F8DA4FC-BFEC-47E8-88D2-D88C4B6D0EDC}
BH103 subjet -/- C:\PROGRA~2\subjet\subjetb.dll -/- {7B1F1AE7-7B63-487E-8F45-1471E1BD826E}
BH104 DualMatching Live -/- c:\program files (x86)\dm\dm.dll -/- {7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}
BH105 addenbar Class -/- C:\Program Files (x86)\addenbar\addenbar.dll -/- {9A3D68DC-5557-46E0-BD7B-BF64B561BD96}
BH106 IECtrl Class -/- C:\PROGRA~2\nurungzi\dlnrz.dll -/- {CBCBB24B-72D0-48F3-B03D-C9237C019606}
BH107 adden_ov -/- c:\PROGRA~1\addenbar\addenov.dll -/- {CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}
BH108 IECtrl Class -/- C:\PROGRA~2\cobato\cbtdl.dll -/- {FB37C411-AA9A-44A8-8147-343AB83A4DD6}
----------------------------------------------------------------------
Deleted Files : 88
Remove Service : 1
Remove Uninstall Entry : 1
Remove Startup Entry : 11
Remove Browser Helper Object : 8
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2012-04-05
[01-HKCUREG]**sponsormatch
[01-HKCUREG]**sponsormatchagent
[01-HKCUREG]**DualMatching
[01-HKCUREG]**WindowsTab
[01-HKCUREG]**addenbaragent
[01-HKCUREG]**FirstClickUpdater
[01-HKCUREG]**subjet
[02-HKLMREG]**UtilZone
[02-HKLMREG]**cobato
[02-HKLMREG]**nurungzi
[02-HKLMREG]**nurungziUpdate
[03-BHOCLSD]**{1E905554-CF1D-4C5B-9085-A74F8E76A042}
[03-BHOCLSD]**{6F8DA4FC-BFEC-47E8-88D2-D88C4B6D0EDC}
[03-BHOCLSD]**{7B1F1AE7-7B63-487E-8F45-1471E1BD826E}
[03-BHOCLSD]**{7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}
[03-BHOCLSD]**{9A3D68DC-5557-46E0-BD7B-BF64B561BD96}
[03-BHOCLSD]**{CBCBB24B-72D0-48F3-B03D-C9237C019606}
[03-BHOCLSD]**{CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}
[03-BHOCLSD]**{FB37C411-AA9A-44A8-8147-343AB83A4DD6}
[05-SERVICE]**cool-pcService
----------------------------------------------------------------------
Total Processing Time : 63ms
----------------------------------------------------------------------