[GoodFile FileGet] Install log : 93ms / 2012-12-18

프로그램분석

[GoodFile FileGet] Install log : 93ms / 2012-12-18

프로세스 천국 2012. 12. 18. 15:27

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz / 1,023.55 MB
Intel64 Family 6 Model 37 Stepping 5
Date : 2012-12-18
----------------------------------------------------------------------
DF023 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileGet\FileGet2 제거.lnk
DF024 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileGet\FileGet2.lnk
DF025 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Excel Viewer.lnk
DF026 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGCounter.exe
DF027 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGDownloadMoniker.dll
DF028 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGDownloadUI.dll
DF029 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUp.exe
DF030 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUpdate.exe
DF031 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUpSvc.exe
DF032 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FileGet2.exe
DF033 C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\uninst.exe
DF034 C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FileGet2.lnk
DF035 C:\Users\Administrator\Desktop\옥션.url
DF037 C:\Users\Administrator\Favorites\옥션.url
DF038 C:\Users\Public\Desktop\FileGet2.lnk
DF039 C:\Windows\Downloaded Program Files\GoodFileActProj.ocx
----------------------------------------------------------------------
SC041 FileGet Services -/- FileGet Services -/- - -/- -/- C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUpSvc.exe
----------------------------------------------------------------------
----------------------------------------------------------------------
US042 FGStart -/- C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUp.exe /startup
LS043 FGStart -/- C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGUp.exe /startup
----------------------------------------------------------------------
BH044 FGDownloadUIBHO Class -/- C:\Users\Administrator\AppData\Roaming\GoodFile\FileGet\FGDownloadUI.dll -/- {DCE31571-F250-484E-A32B-2C6F0BAB7897}
----------------------------------------------------------------------
X045 {F0A58C3D-01AD-4457-BF10-867C01451C8B} - GoodFileActProj Control - hxxp://goodfile.net/downloader/GoodFileActProj.cab
----------------------------------------------------------------------
Deleted Files : 41
Remove Service : 1
Remove Startup Entry : 2
Remove Browser Helper Object : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2012-12-18
[01-HKCUREG]**FGStart
[02-HKLMREG]**FGStart
[03-BHOCLSD]**{DCE31571-F250-484E-A32B-2C6F0BAB7897}
[05-SERVICE]**FileGet Services
----------------------------------------------------------------------
Total Processing Time : 93ms
----------------------------------------------------------------------
NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "FileGet2" & echo windowdel.com
NA006 echo windowexe.com & tskill "FGUpSvc" & echo windowdel.com
NA007 echo windowexe.com & tskill "FGUpSvc" & echo windowdel.com
NA008 echo windowexe.com & tskill "FGUpdate" & echo windowdel.com
NA009 echo windowexe.com & tskill "FGUp" & echo windowdel.com
NA010 echo windowexe.com & tskill "FGUp" & echo windowdel.com
NA011 echo windowexe.com & tskill "FGCounter" & echo windowdel.com
NA012 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA013 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA014 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA015 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA016 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA017 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA018 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA019 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA020 echo Created by Windowexe.com
NA021 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA022 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA023 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA024 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA025 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA026 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA027 echo Created by Windowexe.com
NA028 sc stop "FileGet Services"
NA029 echo Service Disable & sc config "FileGet Services" start= disabled & echo Windowexe.com
NA030 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\옥션.url"
NA031 echo file Delete & del /q "C:\Users\Administrator\Desktop\옥션.url"
NA032 echo 000 & reg.exe delete "HKCR\CLSID\{81B32E4A-03A2-40CB-86F8-CD05E60CC319}" /f & echo windowdel.com
NA033 echo Created by Windowexe.com
NA034 echo change dir for x64
NA035 cd %windir%
NA036 cd syswow64
NA037 echo windowexe.com & tskill "FileGet2" & echo windowdel.com
NA038 echo windowexe.com & tskill "FGUpSvc" & echo windowdel.com
NA039 echo windowexe.com & tskill "FGUpSvc" & echo windowdel.com
NA040 echo windowexe.com & tskill "FGUpdate" & echo windowdel.com
NA041 echo windowexe.com & tskill "FGUp" & echo windowdel.com
NA042 echo windowexe.com & tskill "FGUp" & echo windowdel.com
NA043 echo windowexe.com & tskill "FGCounter" & echo windowdel.com
NA044 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA045 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA046 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA047 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FGStart" /f
NA048 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA049 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA050 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA051 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{DCE31571-F250-484E-A32B-2C6F0BAB7897}" /f
NA052 echo Created by Windowexe.com
NA053 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA054 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA055 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA056 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA057 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA058 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA059 echo Created by Windowexe.com
NA060 sc stop "FileGet Services"
NA061 echo Service Disable & sc config "FileGet Services" start= disabled & echo Windowexe.com
NA062 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\옥션.url"
NA063 echo file Delete & del /q "C:\Users\Administrator\Desktop\옥션.url"
NA064 echo 000 & reg.exe delete "HKCR\CLSID\{81B32E4A-03A2-40CB-86F8-CD05E60CC319}" /f & echo windowdel.com
NA065 echo Created by Windowexe.com
NA066 echo End
NA067 ======================================================================
NA068 echo Created by Windowexe.com / do not delete this label.
NA069 ======================================================================