[ClearProtect] Install log : 58ms / 2012-12-16

프로그램분석

[ClearProtect] Install log : 58ms / 2012-12-16

프로세스 천국 2012. 12. 16. 19:53

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz / 1,023.55 MB
Intel64 Family 6 Model 42 Stepping 7
Date : 2012-12-16
----------------------------------------------------------------------
DF000 C:\Program Files (x86)\ClearProtect\AddScheduler.exe
DF001 C:\Program Files (x86)\ClearProtect\ClearProtect.exe
DF002 C:\Program Files (x86)\ClearProtect\ClearProtectcfg.exe
DF003 C:\Program Files (x86)\ClearProtect\ClearProtectMon.exe
DF004 C:\Program Files (x86)\ClearProtect\uninst.exe
DF005 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\클리어프로텍트\클리어프로텍트 제거.lnk
DF006 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\클리어프로텍트\클리어프로텍트.lnk
DF007 C:\Users\Public\Desktop\클리어프로텍트.lnk
----------------------------------------------------------------------
UN008 클리어프로텍트 -/- - -/- ClearProtect -/- - -/- -
TS009 ClearProtect
----------------------------------------------------------------------
US010 ClearProtect -/- C:\Program Files (x86)\ClearProtect\ClearProtect.exe /run1餀
----------------------------------------------------------------------
EXADD Microsoft Web Browser -/- C:\Windows\System32\ieframe.dll -/- {8856F961-340A-11D0-A96B-00C04FD705A2}
EXADD Shockwave Flash Object -/- C:\Windows\system32\Macromed\Flash\Flash64_11_1_102.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
EXADD Microsoft Web Browser -/- C:\Windows\SysWOW64\ieframe.dll -/- {8856F961-340A-11D0-A96B-00C04FD705A2}
EXADD Shockwave Flash Object -/- C:\Windows\SysWOW64\Macromed\Flash\Flash11g.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
----------------------------------------------------------------------
Deleted Files : 8
Remove Uninstall Entry : 1
Remove Startup Entry : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2012-12-16
[01-HKCUREG]**ClearProtect

----------------------------------------------------------------------
Total Processing Time : 58ms
----------------------------------------------------------------------
NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "ClearProtectMon" & echo windowdel.com
NA006 echo windowexe.com & tskill "ClearProtectMon" & echo windowdel.com
NA007 echo windowexe.com & tskill "ClearProtectcfg" & echo windowdel.com
NA008 echo windowexe.com & tskill "ClearProtect" & echo windowdel.com
NA009 echo windowexe.com & tskill "ClearProtect" & echo windowdel.com
NA010 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ClearProtect" /f
NA011 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ClearProtect" /f
NA012 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA013 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA014 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA015 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA016 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA017 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA018 echo Created by Windowexe.com
NA019 echo schtasks Delete & schtasks /delete /tn "ClearProtect" /f
NA020 echo Created by Windowexe.com
NA021 echo change dir for x64
NA022 cd %windir%
NA023 cd syswow64
NA024 echo windowexe.com & tskill "ClearProtectMon" & echo windowdel.com
NA025 echo windowexe.com & tskill "ClearProtectMon" & echo windowdel.com
NA026 echo windowexe.com & tskill "ClearProtectcfg" & echo windowdel.com
NA027 echo windowexe.com & tskill "ClearProtect" & echo windowdel.com
NA028 echo windowexe.com & tskill "ClearProtect" & echo windowdel.com
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ClearProtect" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ClearProtect" /f
NA031 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA032 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA033 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA034 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA035 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA036 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA037 echo Created by Windowexe.com
NA038 echo schtasks Delete & schtasks /delete /tn "ClearProtect" /f
NA039 echo Created by Windowexe.com
NA040 echo End
NA041 ======================================================================
NA042 echo Created by Windowexe.com / do not delete this label.
NA043 ======================================================================