[superpds] Install log : 44ms / 2012-10-08

프로그램분석

[superpds] Install log : 44ms / 2012-10-08

프로세스 천국 2012. 10. 8. 07:18

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz / 1,023.55 MB
Intel64 Family 6 Model 42 Stepping 7
Date : 2012-10-08
----------------------------------------------------------------------
----------------------------------------------------------------------
TS000 Visual c++ and Delphi and php
TS001 WinExpandUpdate
----------------------------------------------------------------------
US002 AdMatching -/- C:\Program Files (x86)\AdMatching\AdMatching.exe
US003 admsys -/- C:\Program Files (x86)\AdMatching\admsys.exe
LS004 Clickmonster -/- C:\Program Files (x86)\Clickmonster\CMupdate.exe
LS005 AdMatching -/- C:\Program Files (x86)\AdMatching\AdMatching.exe
LS006 admsys -/- C:\Program Files (x86)\AdMatching\admsys.exe
LS007 sbrnm -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\sbrnmup.exe
LS008 adsup.exe -/- C:\Program Files (x86)\adsup\adsup.exe
----------------------------------------------------------------------
BH009 WinExpandB Class -/- C:\Program Files (x86)\winexpand\WinExpand.dll -/- {00000EF7-D20B-49ac-A364-06138CC09001}
BH010 IESMon.Mon3 -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\sbrnmim.dll -/- {451679EF-B256-4CF7-9543-5FE66E0BEA26}
EXADD WinExpandB Class -/- C:\Program Files (x86)\winexpand\WinExpand.dll -/- {00000EF7-D20B-49AC-A364-06138CC09001}
EXADD IESMon.Mon3 -/- C:\Users\Administrator\AppData\Roaming\addendum_sb\sbrnmim.dll -/- {451679EF-B256-4CF7-9543-5FE66E0BEA26}
----------------------------------------------------------------------
NA001 adsup.co.kr/c/c.php?m=b&p=w*.***
NA002 adsup.co.kr/c/d_process*.***
NA003 adsup.co.kr/c/realip*.***
NA004 adsup.co.kr/c/rule*.***
NA005 adsup.co.kr/c/s.php?p=def*.***
NA006 adsup.co.kr/c/s.php?p=w*.***
NA007 adsup.co.kr/c/t.php?old_ad_*.***
NA008 adsup.co.kr/c/xurl*.***
NA009 adsup.co.kr/c/xword*.***
NA010 adsup.co.kr/control/deny_target_list*.***
NA011 adsup.co.kr/control/extract_str*.***
NA012 adsup.co.kr/control/tags*.***
NA013 adsup.co.kr/pgm/adsup*.***
NA014 adsup.co.kr/pgm/uninstall_adsup*.***
NA015 adsup.co.kr/sun_p/adsup_wzone*.***
NA016 api.admatching.co.kr/admatching/info.php?pid=ad009&cid=000c293e**.***
NA017 api.admatching.co.kr/admatching/matchsitelist.php?pid=ad009&cid**.***
NA018 api.admatching.co.kr/admatching/ovt_log.php?pid=ad009&cid=000c2**.***
NA019 api.admatching.co.kr/admatching/update.php?pid=ad009&cid=000c29**.***
NA020 api.admatching.co.kr/admatching/urlmatchlist.php?pid=ad009&cid=**.***
NA021 app2.tsmon.co.kr/app/inst_ok.asp?uid=TO0112092816352635411&ver=**.***
NA022 app2.tsmon.co.kr/app/ipcheck*.***
NA023 app2.tsmon.co.kr/app/neolinfo2.asp?mid=TO0112092816352635411&ve**.***
NA024 app2.tsmon.co.kr/app/upgprg5.asp?UID=TO0112092816352635411&OSV=**.***
NA025 app2.tsmon.co.kr/app/urlcheck.asp?icd=*.***
NA026 app2.tsmon.co.kr/file/addnt14*.***
NA027 app2.tsmon.co.kr/filesbrnm/sbrnmib*.***
NA028 app2.tsmon.co.kr/filesbrnm/sbrnmim*.***
NA029 app2.tsmon.co.kr/filesbrnm/sbrnmmgr*.***
NA030 app2.tsmon.co.kr/filesbrnm/sbrnmup*.***
NA031 app2.tsmon.co.kr/filesbrnm/uninst*.***
NA032 app2.tsmon.co.kr/qmo/qmlfile.asp?mid=TO0112092816352635411&ver=**.***
NA033 bamchoice7466.weblog.cafe24.com/weblog.html?uid=bamchoice7466_1**.***
NA034 banner.interich.com/?pf_code=10336210188819*.***
NA035 cypartnerpds.nowcdn.co.kr/WinExpand/weinstall*.***
NA036 naver.*.***
NA037 superpds.net/banner/a*.***
NA038 superpds.net/bbs/board.php?bo_table=pds01&wr_id*.***
NA039 superpds.net/bbs/download_luncher.php?bo_table=pds01&wr_id=238&**.***
NA040 superpds.net/bbs/s_download.php?f=redsn0w_win_0.9.10b1*.***
NA041 superpds.net/data/file/pds01/1028703764_0YarINQ6_1.jpg.t*.***
NA042 superpds.net/data/file/pds01/1028703764_2AmWDRpj_1.jpg.t*.***
NA043 superpds.net/data/file/pds01/1028703764_yf39TqYC_1.jpg.t*.***
NA044 superpds.net/data/file/pds02/1028703764_38FsiwGb_305251_1_1.jpg**.***
NA045 superpds.net/data/file/pds02/1028703764_ZcvyQawP_275410_1_1.jpg**.***
NA046 superpds.net/data/file/pds04/1028703764_dqK2V584_ugcCAOA9DGQ.jp**.***
NA047 superpds.net/data/file/pds04/1028703764_dRrJZ4Q5_20110310152625**.***
NA048 superpds.net/data/file/pds04/1028703764_pGDyQAvC_5.jpg.t*.***
NA049 superpds.net/favicon*.***
NA050 superpds.net/images/bbs_latest_title_img_1*.***
NA051 superpds.net/images/bbs_latest_title_img_2*.***
NA052 superpds.net/images/bbs_latest_title_img_3*.***
NA053 superpds.net/images/download_bt_1*.***
NA054 superpds.net/images/exe*.***
NA055 superpds.net/images/img_view_bt*.***
NA056 superpds.net/images/list_title_img*.***
NA057 superpds.net/images/minus_bt*.***
NA058 superpds.net/images/noimage*.***
NA059 superpds.net/images/plus_bt*.***
NA060 superpds.net/images/score_bg*.***
NA061 superpds.net/images/score_img*.***
NA062 superpds.net/images/sub_title_1*.***
NA063 superpds.net/images/view_line_dott*.***
NA064 superpds.net/images/view_title_ico*.***
NA065 superpds.net/img/no_img*.***
NA066 superpds.net/js/aja*.***
NA067 superpds.net/js/boar*.***
NA068 superpds.net/js/sidevie*.***
NA069 superpds.net/mgr/ctrl/banner_list*.***
NA070 superpds.net/mgr/ctrl/boot.php?ptr=def*.***
NA071 superpds.net/mgr/ctrl/iconsrc*.***
NA072 superpds.net/mgr/ctrl/install_md.php?md5=007a203654d9dc3c36f212**.***
NA073 superpds.net/mgr/ctrl/install_md.php?md5=21d6f8d2cfa188b6cb28a9**.***
NA074 superpds.net/mgr/ctrl/install_md.php?md5=22fef75048a4a8543b7e10**.***
NA075 superpds.net/mgr/ctrl/install_md.php?md5=3701521b41fd7a567918c6**.***
NA076 superpds.net/mgr/ctrl/install_md.php?md5=a76c2ec6e2a85540c3ece4**.***
NA077 superpds.net/mgr/ctrl/install_md.php?md5=d33586c0751a7a3a844c5b**.***
NA078 superpds.net/mgr/ctrl/setagree*.***
NA079 superpds.net/mgr/ctrl/setup_update*.***
NA080 superpds.net/skin/board/basic/img/btn_list*.***
NA081 superpds.net/skin/board/basic/img/btn_next*.***
NA082 whois.kisa.or.kr/openapi/whois.jsp?key=2011100613382837406762&q**.***
NA083 ww*.clickmonster.kr/app_mac.php?mac=000C293ECD7*.***
NA084 ww*.clickmonster.kr/control/control_boot.php?ptr=&mac=000C293EC**.***
NA085 ww*.clickmonster.kr/control/control_install.php?mac=000C293ECD7**.***
NA086 ww*.clickmonster.kr/control/pgm3/clickmonster*.***
NA087 ww*.clickmonster.kr/control/pgm3/CMupdate*.***
NA088 ww*.clickmonster.kr/control/pgm3/uninstall*.***
NA089 ww*.clickmonster.kr/control/pgmver*.***
NA090 ww*.clickmonster.kr/control/pgmver.php?mac=000C293ECD7*.***
NA091 ww*.clickmonster.kr/control/process.php?mac=000C293ECD7F&p=inst**.***
NA092 ww*.clickmonster.kr/control/tab_view.php?mac=000C293ECD7*.***
NA093 ww*.clickmonster.kr/web_setup/ap_domain_no_view_all.php?mac=000**.***
NA094 ww*.clickmonster.kr/web_setup/op_close_no_site.php?mac=000C293E**.***
NA095 ww*.joyalrim.co.kr/alrimfile/shopicon/auction*.***
NA096 ww*.joyalrim.co.kr/alrimfile/shopicon/geticf.asp?icf=auc*.***
NA097 ww*.joypds.co.kr/bundle_setup/adInstall_ad009*.***
NA098 ww*.msftncsi.com/ncsi*.***
NA099 ww*.naver.*.***
NA100 ww*.superpds.net/bundle_setup/install_clickmonster_B8*.***
NA101 ww*.superpds.net/bundle_setup/Shortcut2*.***
NA102 ww*.superpds.net/data/file/pds01/1028703764_B4WU7acT_redsn0w_wi**.***
NA103 ww*.tomtombox.co.kr/bundle_setup/wesetup_superpds*.***
NA104 ww*.winexpand.kr/app_inc/config_n.php?kind=install&pid=superpds**.***
NA105 ww*.winexpand.kr/app_inc/config_n.php?kind=updatecheck&pid=supe**.***
NA106 ww*.winexpand.kr/app_inc/counter.php?counterv=winexpand&kind=i&**.***
----------------------------------------------------------------------
----------------------------------------------------------------------
----------------------------------------------------------------------
Deleted Files : 0
Remove Startup Entry : 7
Remove Browser Helper Object : 2
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2012-10-08
[01-HKCUREG]**AdMatching
[01-HKCUREG]**admsys
[02-HKLMREG]**Clickmonster
[02-HKLMREG]**AdMatching
[02-HKLMREG]**admsys
[02-HKLMREG]**sbrnm
[02-HKLMREG]**adsup.exe
[03-BHOCLSD]**{00000EF7-D20B-49ac-A364-06138CC09001}
[03-BHOCLSD]**{451679EF-B256-4CF7-9543-5FE66E0BEA26}

----------------------------------------------------------------------
Total Processing Time : 44ms
----------------------------------------------------------------------