PUA.Win32.VIGUA.AJ
2022年7月18日
プラットフォーム:
Windows
危険度:
ダメージ度:
感染力:
感染確認数:
情報漏えい:
- マルウェアタイプ: 潜在的に迷惑なアプリケーション
- 破壊活動の有無: なし
- 暗号化:
- 感染報告の有無: はい
概要
プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
詳細
ファイルサイズ 60,826,448 bytes
タイプ EXE
メモリ常駐 なし
発見日 2022年7月14日
侵入方法
プログラムは、他のマルウェアに作成されるか、悪意あるWebサイトからユーザが誤ってダウンロードすることによりコンピュータに侵入します。
インストール
プログラムは、以下のファイルを作成します。
- %User Temp%\nsl{random characters}.tmp\System.dll
- %User Temp%\nsl{random characters}.tmp\LockedList.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\NetFx20SP2_x64.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.DotNetChecker.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\AForge.Video.DirectShow.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\AForge.Video.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.CommonLibrary.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.RegAsm.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Base.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Parts.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.PlugInIF.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.TBarCodeProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.QrCodeProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\zxing.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.dll.config
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.AxLauncherWrapper.ocx
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.AxViewerCtrlWrapper.ocx
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\log4net.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\RexBarcodeLib.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\TBarCode11.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\TECIT.TBarCode.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.DataMatrixProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\DataMatrix.net.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\npCLIP.eForm.plugin.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.DualViewer.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Wacom.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\fastJSON.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\NanumFontSetup_TTF_GOTHIC_hangeulcamp.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\KISACrypto.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.NativeUtility.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.unregdll.log
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.regdll.log
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.tlb
- %User Temp%\nsr{random characters}.tmp
- %User Temp%\nsr{random characters}.tmp\NanumFontPlugin.dll
- %User Temp%\nsr{random characters}.tmp\System.dll
- %User Temp%\nsr{random characters}.tmp\ioSpecial.ini
- %User Temp%\nsr{random characters}.tmp\modern-wizard.bmp
- %User Temp%\nsr{random characters}.tmp\modern-header.bmp
- %User Temp%\nsr{random characters}.tmp\InstallOptions.dll
- %Program Files%\Naver\NanumFont\NanumFontSetup.ico
- %Program Files%\Naver\NanumFont\uninst.exe
- %Windows%\Fonts\NanumGothic.ttf
- %Windows%\Fonts\NanumGothicBold.ttf
- %Windows%\Fonts\NanumGothicExtraBold.ttf
- %Program Files%\Naver\NanumFont\package.xml
- %Program Files%\Naver\NanumFont\setup_log.xml
- %User Temp%\nsr{random characters}.tmp\NSISdl.dll
- %User Temp%\Naver_Toolbar.exe
- %User Temp%\00258c38\Naver_Toolbar.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\uninstall.CLIPeFormViewer.exe
- %User Temp%\nsu{random characters}.tmp
- %User Temp%\nsa{random characters}.tmp\System.dll
- %User Temp%\nsa{random characters}.tmp\TBAPIW.dll
- %User Temp%\nsa{random characters}.tmp\ntbapiW.dll
- %Temporary Internet Files%\Content.IE5\S149VRBC\naver_license[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\naver_license[1].rtf
- %User Temp%\nsa{random characters}.tmp\naver_license.rtf
- %User Temp%\nsa{random characters}.tmp\UserInfo.dll
- %Program Files%\Naver\NaverToolbar\NaverAdminAPI.exe
- %Program Files%\Naver\NaverToolbar\NaverAdminAPI.dll
- %Program Files%\Naver\NaverToolbar\NELO.dll
- %Program Files%\Naver\NaverToolbar\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverToolbar\TBInfo.ini
- %Program Files%\Naver\NaverToolbar\NaverTB.dll
- %Program Files%\Naver\NaverToolbar\NaverToolbarCarrier.exe
- %Program Files%\Naver\NaverToolbar\naver\antiphising.ico
- %Program Files%\Naver\NaverToolbar\naver\blog.ico
- %Program Files%\Naver\NaverToolbar\naver\bookmark.ico
- %Program Files%\Naver\NaverToolbar\naver\bookmark.png
- %Program Files%\Naver\NaverToolbar\naver\capturebrowser.ico
- %Program Files%\Naver\NaverToolbar\naver\capturebrowser.png
- %Program Files%\Naver\NaverToolbar\naver\cleaninternet.ico
- %Program Files%\Naver\NaverToolbar\naver\clinic.ico
- %Program Files%\Naver\NaverToolbar\naver\config.ico
- %Program Files%\Naver\NaverToolbar\naver\dic.ico
- %Program Files%\Naver\NaverToolbar\naver\dictionary.png
- %Program Files%\Naver\NaverToolbar\naver\facebook.ico
- %Program Files%\Naver\NaverToolbar\naver\gametalk.ico
- %Program Files%\Naver\NaverToolbar\naver\gametalk.png
- %Program Files%\Naver\NaverToolbar\naver\help.ico
- %Program Files%\Naver\NaverToolbar\naver\memo.ico
- %Program Files%\Naver\NaverToolbar\naver\memo.png
- %Program Files%\Naver\NaverToolbar\naver\metoo.png
- %Program Files%\Naver\NaverToolbar\naver\naver.ico
- %Program Files%\Naver\NaverToolbar\naver\naverapp.ico
- %Program Files%\Naver\NaverToolbar\naver\navergame.ico
- %Program Files%\Naver\NaverToolbar\naver\opencast.ico
- %Program Files%\Naver\NaverToolbar\naver\opencast.png
- %Program Files%\Naver\NaverToolbar\naver\pcclinic.png
- %Program Files%\Naver\NaverToolbar\naver\popularity.png
- %Program Files%\Naver\NaverToolbar\naver\quickpass.ico
- %Program Files%\Naver\NaverToolbar\naver\real.ico
- %Program Files%\Naver\NaverToolbar\naver\send.ico
- %Program Files%\Naver\NaverToolbar\naver\send.png
- %Program Files%\Naver\NaverToolbar\naver\sendtomail.ico
- %Program Files%\Naver\NaverToolbar\naver\sms.ico
- %Program Files%\Naver\NaverToolbar\naver\theme.xml
- %Program Files%\Naver\NaverToolbar\naver\toolbarcleaner.ico
- %Program Files%\Naver\NaverToolbar\naver\toolbox.ico
- %Program Files%\Naver\NaverToolbar\naver\transjapan.ico
- %Program Files%\Naver\NaverToolbar\naver\twitter.ico
- %Program Files%\Naver\NaverToolbar\naver\virus.ico
- %Program Files%\Naver\NaverToolbar\naver\yozm.ico
- %Program Files%\Naver\NaverToolbar\juniver\antiphising.ico
- %Program Files%\Naver\NaverToolbar\juniver\artist.ico
- %Program Files%\Naver\NaverToolbar\juniver\babystudy.ico
- %Program Files%\Naver\NaverToolbar\juniver\blog.ico
- %Program Files%\Naver\NaverToolbar\juniver\bookmark.ico
- %Program Files%\Naver\NaverToolbar\juniver\bookmark.png
- %Program Files%\Naver\NaverToolbar\juniver\capturebrowser.ico
- %Program Files%\Naver\NaverToolbar\juniver\capturebrowser.png
- %Program Files%\Naver\NaverToolbar\juniver\cleaninternet.ico
- %Program Files%\Naver\NaverToolbar\juniver\clinic.ico
- %Program Files%\Naver\NaverToolbar\juniver\comic.ico
- %Program Files%\Naver\NaverToolbar\juniver\config.ico
- %Program Files%\Naver\NaverToolbar\juniver\dic.ico
- %Program Files%\Naver\NaverToolbar\juniver\dictionary.png
- %Program Files%\Naver\NaverToolbar\juniver\dongwha.ico
- %Program Files%\Naver\NaverToolbar\juniver\facebook.ico
- %Program Files%\Naver\NaverToolbar\juniver\farm_01.ico
- %Program Files%\Naver\NaverToolbar\juniver\farm_02.ico
- %Program Files%\Naver\NaverToolbar\juniver\flash.ico
- %Program Files%\Naver\NaverToolbar\juniver\gallery.ico
- %Program Files%\Naver\NaverToolbar\juniver\game.ico
- %Program Files%\Naver\NaverToolbar\juniver\gametalk.ico
- %Program Files%\Naver\NaverToolbar\juniver\gametalk.png
- %Program Files%\Naver\NaverToolbar\juniver\help.ico
- %Program Files%\Naver\NaverToolbar\juniver\jr.ico
- %Program Files%\Naver\NaverToolbar\juniver\jr16.ico
- %Program Files%\Naver\NaverToolbar\juniver\kidsong.ico
- %Program Files%\Naver\NaverToolbar\juniver\memo.ico
- %Program Files%\Naver\NaverToolbar\juniver\memo.png
- %Program Files%\Naver\NaverToolbar\juniver\metoo.png
- %Program Files%\Naver\NaverToolbar\juniver\naverapp.ico
- %Program Files%\Naver\NaverToolbar\juniver\navergame.ico
- %Program Files%\Naver\NaverToolbar\juniver\opencast.ico
- %Program Files%\Naver\NaverToolbar\juniver\opencast.png
- %Program Files%\Naver\NaverToolbar\juniver\panyroom.ico
- %Program Files%\Naver\NaverToolbar\juniver\parents.ico
- %Program Files%\Naver\NaverToolbar\juniver\pcclinic.png
- %Program Files%\Naver\NaverToolbar\juniver\popularity.png
- %Program Files%\Naver\NaverToolbar\juniver\quickpass.ico
- %Program Files%\Naver\NaverToolbar\juniver\real.ico
- %Program Files%\Naver\NaverToolbar\juniver\send.ico
- %Program Files%\Naver\NaverToolbar\juniver\send.png
- %Program Files%\Naver\NaverToolbar\juniver\sendtomail.ico
- %Program Files%\Naver\NaverToolbar\juniver\sms.ico
- %Program Files%\Naver\NaverToolbar\juniver\theme.xml
- %Program Files%\Naver\NaverToolbar\juniver\toolbarcleaner.ico
- %Program Files%\Naver\NaverToolbar\juniver\toolbox.ico
- %Program Files%\Naver\NaverToolbar\juniver\transjapan.ico
- %Program Files%\Naver\NaverToolbar\juniver\tv.ico
- %Program Files%\Naver\NaverToolbar\juniver\twitter.ico
- %Program Files%\Naver\NaverToolbar\juniver\virus.ico
- %Program Files%\Naver\NaverToolbar\juniver\yozm.ico
- %Program Files%\Naver\NaverToolbar\SearchEngines\naver_com.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\nate_com.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\daum_net.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\bing_com.xml
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NELO.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nsGuard.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NaverAdminApi.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeCrash.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeGuard.dat
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeInfo.dat
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeGuard.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NaverSafeGuard.exe
- %System%\NJUninst.exe
- %Program Files%\Naver\NaverToolbar\fixIE.exe
- %Program Files%\Naver\NaverToolbar\NTBProtocol.dll
- %Program Files%\Naver\NaverToolbar\DB_1_10.DAT
- %Program Files%\Naver\NaverToolbar\NaverTBHelper_1_0_1_4.exe
- %Program Files%\Naver\NaverToolbar\NaverTBUpgrader_1_0_0_3.exe
- %Program Files%\Naver\NaverToolbar\NaverTBToolbox_1_0_0_4.exe
- %Program Files%\Naver\NaverToolbar\NaverTBQuickpass_1_0_0_3.exe
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\nslagent[1].dat
- %User Temp%\nslagent.dat
- %Program Files%\Naver\NaverToolbar\postinst.exe
- %Program Files%\Naver\NaverToolbar\InstlInfo.ini
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\SGL00001[1].nsz
- %User Temp%\safeguard\SGL00001.nsz
- %User Temp%\safeguard\nSafeGuard.dat
- %Temporary Internet Files%\Content.IE5\S149VRBC\SGL00002[1].nsz
- %User Temp%\safeguard\SGL00002.nsz
- %User Temp%\safeguard\nSafeGuardLP.dat
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverAdminAPISetup[1].exe
- %User Temp%\NaverAdminAPISetup_x86.exe
- %User Temp%\nsa{random characters}.tmp\NaverUpdaterPlugin.dll
- %User Temp%\nsp{random characters}.tmp\NaverUpdaterPlugin.dll
- %Program Files%\Naver\NaverCommon\NaverAdminAPI.exe
- %Program Files%\Naver\NaverCommon\NaverAdminAPISvc.exe
- %Program Files%\Naver\NaverCommon\NaverAdminProc.dll
- %Program Files%\Naver\NaverCommon\NaverAdminAPIUpgrader.exe
- %Program Files%\Naver\NaverCommon\msvcp71.dll
- %Program Files%\Naver\NaverCommon\msvcr71.dll
- %Program Files%\Naver\NaverCommon\Uninstall.exe
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NaverAdminAPISetup[1].exe
- %User Temp%\$NaverUpdater$\NaverAdminAPISetup.exe
- %User Temp%\nsf{random characters}.tmp\NaverUpdaterPlugin.dll
- %User Temp%\nsa{random characters}.tmp\NCUPluginW.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverCommonUpdaterInst[1].exe
- %User Temp%\NaverCommonUpdaterInst.exe
- %User Temp%\nsp{random characters}.tmp\ncuapiw.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverCommonUpdater_1_0_0_46.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverAdminAPI.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverAdminAPI.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\RemoveUpdater.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NELO.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\dbghelp.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\exclamation.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_agreement_vaccine_text.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_agree.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_cancel.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_close.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_complete.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_detail.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_detail2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_install_cancel.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_no.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_ok.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_tap_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_tap_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_terms.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_yes.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_img_dot.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_4.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_terms_text.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_title.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncl_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncl_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncp_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncp_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncv_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncv_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nfv_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nfv_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmm_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmm_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmp_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmp_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nnd_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nnd_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\npm_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\npm_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ntb_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ntb_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverCommonUpdater.ini
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\installer[1].xml
- %Temporary Internet Files%\Content.IE5\S149VRBC\updateContents[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\ToolbarUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\ToolbarUpdateAgent_1_0_0_14.dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\Version.XML
- %Temporary Internet Files%\Content.IE5\DAXYM002\navertoolbar35_upgrade[1].xml
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\juniver_themexml[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\naver_themexml[1].xml
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\searchengines_version[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\NCleanerInstAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NCleanerInstAgent_1_0_0_11.dll
- %ProgramData%\NCleanerInstAgentLog.log
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NToolsAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NToolsAgent_1_0_0_19.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NVCInstAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NVCInstAgent_1_0_0_8.dll
- %ProgramData%\NVCInstAgentLog.log
- %Temporary Internet Files%\Content.IE5\S149VRBC\NaverCaptureAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverCaptureAgent_1_0_13_0.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverMediaPlayerToolsAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverMediaPlayerToolsAgent_1_0_1_0.dll
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NDriveUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NDriveUpdateAgent_1_0_0_22.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NaverMemoAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverMemoAgent_1_0_0_10.dll
- %Temporary Internet Files%\Content.IE5\S149VRBC\NanumFontAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NanumFontAgent_1_0_0_5.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\BandizipUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\BandizipUpdateAgent_1_0_0_3.dll
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\ezPDFUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\ezPDFUpdateAgent_1_0_0_4.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NaverComicViewerAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverComicViewerAgent_1_0_0_2.dll
- %Cookies%\win7x32@tools.naver[1].txt
- %Cookies%\win7x32@www.naver[1].txt
- %AppDataLocalLow%\Naver\NaverToolbar\Profile.ini
- %User Temp%\nsa{random characters}.tmp\DynamicEnd.ini
- %AppDataLocalLow%\Naver\NaverToolbar\UserInfo.ini
- %AppDataLocal%\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{{GUID}}.dat
- %AppDataLocal%\Microsoft\Internet Explorer\Recovery\High\Active\{{GUID}}.dat
- %Cookies%\win7x32@tools.naver[2].txt
- %AppDataLocalLow%\Naver\SafeGuard\Data\nSafeGuard_20220715_172408_3392.dat
- %Temporary Internet Files%\Content.IE5\DAXYM002\install_done[1].nhn
- %Temporary Internet Files%\Content.IE5\DAXYM002\install_done[1].htm
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\TOOLTIPDIC[1]
- %AppDataLocalLow%\Naver\NaverToolbar\cache.dat
- %AppDataLocalLow%\Naver\NaverToolbar\cache.dat-journal
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
- %User Temp%\Cab{random characters}.tmp
- %User Temp%\Tar{random characters}.tmp
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\logo_naver_v3[1].png
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\blank[1]
- %Temporary Internet Files%\Content.IE5\S149VRBC\btn_playmp3[1]
- %Temporary Internet Files%\Content.IE5\DAXYM002\logo_toolbar_v2[1].png
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\toolbar[1].css
- %Temporary Internet Files%\Content.IE5\S149VRBC\service_end_txt[1].png
- %Temporary Internet Files%\Content.IE5\S149VRBC\spr_ico_site[1].png
- %Temporary Internet Files%\Content.IE5\DAXYM002\favicon[1].ico
- %Temporary Internet Files%\Content.IE5\DAXYM002\favicon[1].htm
- %Temporary Internet Files%\Content.IE5\DAXYM002\QuickpassPattern[1].ini
- %AppDataLocalLow%\Naver\NaverToolbar\QuickpassPattern.ini
- %User Temp%\NaverTBUpgrader_1_0_0_3.exe
- %User Temp%\~DF{random characters}.TMP
プログラムは、以下のプロセスを追加します。
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.DotNetChecker.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.RegAsm.exe" /i "CLIP.eForm.Viewer
- %Windows%\Microsoft.NET\Framework\v2.0.50727\regasm.exe /u "%Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.dll
- %Windows%\Microsoft.NET\Framework\v2.0.50727\regasm.exe /codebase /tlb "%Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.dll
- regsvr32.exe /s "%Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.AxLauncherWrapper.ocx
- regsvr32.exe /s "%Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.AxViewerCtrlWrapper.ocx
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\NanumFontSetup_TTF_GOTHIC_hangeulcamp.exe
- %User Temp%/Naver_Toolbar.exe" /A /noalert /from:font
- %User Temp%\00258c38\Naver_Toolbar.exe" /A /from:font
- %Program Files%\naver\NaverToolbar\NTC_1_0_0_12.exe" -RegServer
- %Program Files%\naver\NaverToolbar\NaverSafeGuard\NaverSafeGuard.exe" /{{GUID}} /nSafeGuard_2013_6_10_1.dll /toolbar /install
- %User Temp%/NaverAdminAPISetup_x86.exe" /S
- %Program Files%\Naver\NaverCommon\NaverAdminAPISvc.exe" /service
- %Program Files%\Naver\NaverCommon\NaverAdminAPISvc.exe" /start
- %User Temp%\$NaverUpdater$\NaverAdminAPISetup.exe" /S
- %User Temp%\NaverCommonUpdaterInst.exe" /S
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverCommonUpdater_1_0_0_46.exe" /cmd=install /guid=39B419B3-D960-46b2-97CB-82F5BD61799B
- %Program Files%\naver\NaverToolbar\postinst.exe"
- %Program Files%\Internet Explorer\iexplore.exe" http://tools.naver.com/{BLOCKED}e/toolbar/install_done.nhn
- %Program Files%\Internet Explorer\iexplore.exe" SCODEF:3304 CREDAT:14337
- %Program Files%\naver\NaverToolbar\NaverSafeGuard\NaverSafeGuard.exe" /{{GUID}} /nSafeGuard_2013_6_10_1.dll /toolbar /run
- %Program Files%\naver\NaverToolbar\NaverTBUpgrader_1_0_0_3.exe" /copy
- %User Temp%\NaverTBUpgrader_1_0_0_3.exe" /execute
他のシステム変更
プログラムは、以下のレジストリ値を追加します。
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\1.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\1.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\1.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{{GUID}}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{{GUID}}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{{GUID}}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIPSOFTEFORMAXL.ClipSofteFormAxLCtrl.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIPSOFTEFORMAXL.ClipSofteFormAxLCtrl.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\TypeLib
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Implemented Categories\
{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIPEFORMAXVIEWE.CLIPeFormAxVieweCtrl.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIPEFORMAXVIEWE.CLIPeFormAxVieweCtrl.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\ToolboxBitmap32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\MiscStatus
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\MiscStatus\
1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Control
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Version
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIP.eForm.Viewer.AxViewerCtrl
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLIP.eForm.Viewer.AxViewerCtrl\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\InprocServer32\
2.0.0.85
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Implemented Categories\
{62C8FE65-4EBB-45e7-B440-6E39B2CDBF29}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\2.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\2.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\2.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{{GUID}}\2.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
NanumFont
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NanumFontSetup_TTF_GOTHIC_hangeulcamp_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NanumFontSetup_TTF_GOTHIC_hangeulcamp_RASMANCS
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\SearchScopes\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
CLIP e-Form Viewer
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\
@{BLOCKED}ft.co.kr/{BLOCKED}m
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\Naver_Toolbar_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\Naver_Toolbar_RASMANCS
HKEY_CURRENT_USER\Software\AppDataLow\
Software
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.SrchBand.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.SrchBand.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.SrchBand
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.SrchBand\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.SrchBand\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.HTMLDocEventSink.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.HTMLDocEventSink.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.HTMLDocEventSink
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.HTMLDocEventSink\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.HTMLDocEventSink\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.Me2API.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.Me2API.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.Me2API
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.Me2API\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.Me2API\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.DnsPrefetchURLCollector.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.DnsPrefetchURLCollector.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.DnsPrefetchURLCollector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.DnsPrefetchURLCollector\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbar.DnsPrefetchURLCollector\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverJump.NaverToolbarHelper.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverJump.NaverToolbarHelper.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverJump.NaverToolbarHelper
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverJump.NaverToolbarHelper\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverJump.NaverToolbarHelper\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Low Rights\ElevationPolicy\
{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\NaverToolbarCarrier.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbarCarrier.CURLCollector.3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbarCarrier.CURLCollector.3\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbarCarrier.CURLCollector
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbarCarrier.CURLCollector\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
NaverToolbarCarrier.CURLCollector\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{{GUID}}\LocalServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
NaverToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverSafeGuard_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverSafeGuard_RASMANCS
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverToolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\nsMercury.DLL
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.Nanta.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.Nanta.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.Nanta
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.Nanta\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.Nanta\CurVer
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{{GUID}}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.NantaInfo.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.NantaInfo.1\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.NantaInfo
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.NantaInfo\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
nsMercury.NantaInfo\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{{GUID}}\NumMethods
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverSafeGuard
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverCommon
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverCommon\Naver Updater
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverAdminAPISetup_x86_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverAdminAPISetup_x86_RASMANCS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Uninstall\
NaverUpdater
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\NAdminAPISvc.EXE
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverAdminAPISetup_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverAdminAPISetup_RASMANCS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverCommonUpdaterInst_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverCommonUpdaterInst_RASMANCS
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverCommonUpdater
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverCommonUpdater\AppList
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverCommonUpdater_1_0_0_46_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverCommonUpdater_1_0_0_46_RASMANCS
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverCapture
HKEY_CURRENT_USER\Software\NHN Corporation
HKEY_CURRENT_USER\Software\NHN Corporation\
NaverNDrive
HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\
NaverComicViewer
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\ETC
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 검색
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 메모하기
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 사전 검색
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 일한 번역
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 북마크하기
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\MenuExt\네이버 오픈캐스트 링크등록
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\UserInfo
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\International\CpMRU
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass\CustomPattern
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass\CustomPattern\
{BLOCKED}n.co.kr
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass\CustomPattern\
{BLOCKED}ark.com
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass\CustomPattern\
{BLOCKED}e.com
HKEY_CURRENT_USER\Software\AppDataLow\
Software\NHN Corporation\NaverToolbar\
Profile\Quickpass\CustomPattern\
{BLOCKED}e.com
HKEY_CURRENT_USER\Software\NHN Corporation\
NaverSafeGuard
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverTBUpgrader_1_0_0_3_RASAPI32
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Tracing\NaverTBUpgrader_1_0_0_3_RASMANCS
その他
プログラムは、以下の不正なWebサイトにアクセスします。
- http://cc.naver.com/{BLOCKED}anumfont.setup&a=win.instttfgothichangeulcamp&m=0&u=about%3Ablank
- http://cc.naver.com/{BLOCKED}anumfont.setup&a=win.defaultpage&m=0&u=about%3Ablank
- http://cc.naver.com/{BLOCKED}anumfont.setup&a=win.defaultsearch&m=0&u=about%3Ablank
- http://cdn.naver.com/{BLOCKED}toolbar/Naver_Toolbar.exe
- http://cc.naver.com/{BLOCKED}anumfont.setup&a=win.setuptoolbar&m=0&u=about%3Ablank
- http://appdown.naver.com/{BLOCKED}tools/naver_license/naver_license.xml
- http://appdown.naver.com/{BLOCKED}tools/naver_license/naver_license.rtf
- http://cc.naver.com/{BLOCKED}s.begin32&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}g.install&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://vaccine.dn.naver.com/naver/{BLOCKED}e/NaverSecurity/safeguard/nslagent.dat
- http://vaccine.dn.naver.com/naver/{BLOCKED}e/NaverSecurity/safeguard/SGL00001.nsz
- http://vaccine.dn.naver.com/naver/{BLOCKED}e/NaverSecurity/safeguard/SGL00002.nsz
- http://appdown.naver.com/naver/{BLOCKED}TService/x86/Setup/NaverAdminAPISetup.exe
- http://appdown.naver.com/naver/{BLOCKED}TService/x86/NAdminAPIInfo.xml
- http://appdown.naver.com/naver/{BLOCKED}gent/NaverAgent_Setup.exe
- http://cc.naver.com/{BLOCKED}toolbar&u=about%3Ablank&nsc=startpage.app&m=0
- http://appdown.naver.com/naver/{BLOCKED}s/updater/NaverCommonUpdaterInst.exe
- http://cc.naver.com/{BLOCKED}??l&u=about%3Ablank&nsc=tools.updater&m=0
- http://appdown.naver.com/naver/{BLOCKED}installer/serviceinfo/installer.xml
- http://appdown.naver.com/naver/{BLOCKED}resource/promotion/updateContents.xml
- http://appdown.naver.com/naver/{BLOCKED}r/setup/ToolbarUpdateAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}r/setup/ToolbarUpdateAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}leaner/x86/Setup/NCleanerInstAgent/NCleanerInstAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}leaner/x86/Setup/NCleanerInstAgent/NCleanerInstAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}Viewer/upgrade/PhotoViewerAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}Viewer/upgrade/NToolsAgent.dll
- http://vaccine.dn.naver.com/naver/{BLOCKED}e/NaverVaccine/NVCInstAgent/NVCInstAgent.xml
- http://vaccine.dn.naver.com/naver/{BLOCKED}e/NaverVaccine/NVCInstAgent/NVCInstAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}pture/agent/NaverCaptureAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}pture/agent/NaverCaptureAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}diaPlayer/upgrade/NaverMediaPlayerToolsAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}diaPlayer/upgrade/NaverMediaPlayerToolsAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}NDrive32/NaverNDriveAgent/NdriveAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}NDrive32/NaverNDriveAgent/NDriveUpdateAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}verMemoAgent/NaverMemoAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}verMemoAgent/NaverMemoAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}numFont/upgrade/NanumFontAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}numFont/upgrade/NanumFontAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}xternal/bandizip/BandizipUpdateAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}xternal/bandizip/BandizipUpdateAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}xternal/ezpdf/ezPDFUpdateAgent.xml
- http://appdown.naver.com/naver/{BLOCKED}xternal/ezpdf/ezPDFUpdateAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}viewer/NaverComicViewer.xml
- http://appdown.naver.com/naver/{BLOCKED}viewer/agent/NaverComicViewerAgent.dll
- http://appdown.naver.com/naver/{BLOCKED}viewer/agent/NaverBooksAgent.dll
- http://cc.naver.com/{BLOCKED}he.font&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}ns.startpagenone&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}ns.searchnone&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}ns.adressnone&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}ns.urlno&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}ns.popularno&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://www.naver.com/{BLOCKED}n.ico
- http://tools.naver.com/{BLOCKED}e/toolbar/install_done.nhn
- http://tools.naver.com/{BLOCKED}n.ico
- http://tools.naver.com/app/{BLOCKED}r/collectionToolbar.nhn
- http://cc.naver.com/{BLOCKED}xe.hpg&nsc=toolbar.ie&m=0&u=http%3A%2F%2Fwww%2Enaver%2Ecom%2F
- http://ec.naver.com/{BLOCKED}sfg.exeyes&ev=&u=client%3A%2F%2Ftoolbar.win%2F
- http://ec.naver.com/{BLOCKED}tbversion.25&ev=4.0.25&u=client%3A%2F%2Ftoolbar.win%2F
- http://cc.naver.com/{BLOCKED}se.active&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pt.logno24&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://ec.naver.com/{BLOCKED}opt.antiphishingno&ev=&u=client%3A%2F%2Ftoolbar.win%2F
- http://cc.naver.com/{BLOCKED}pt.hpsafeno24&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://appdown.naver.com/naver/{BLOCKED}r/setup/QuickpassPattern.ini
- http://cc.naver.com/{BLOCKED}pd.tooltpddic&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://appdown.naver.com/naver/{BLOCKED}r/setup/navertoolbar35_upgrade.xml
- http://cc.naver.com/{BLOCKED}pd.eng&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pd.jp&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pd.ch&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pd.pic&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://appdown.naver.com/naver/{BLOCKED}r/theme_1_1/juniver_themexml.xml
- http://cc.naver.com/{BLOCKED}ed.naver&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pt.shortcutoff24&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}pt.inputkor24&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}hd.naver&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}bb.dic&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}bb.bookmark&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}bb.memo&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}bb.send&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://cc.naver.com/{BLOCKED}bb.capture&u=about%3Ablank&nsc=toolbar.ie&m=0
- http://appdown.naver.com/naver/{BLOCKED}r/theme_1_1/naver_themexml.xml
- http://appdown.naver.com/naver/{BLOCKED}r/setup/searchengines_version.xml
- http://ec.naver.com/{BLOCKED}c
- http://toolbar.naver.com/app/{BLOCKED}mUpdateAction.nhn?service=toolbar_upd
- https://nfront.{BLOCKED}c.net
対応方法
対応検索エンジン: 9.800
SSAPI パターンバージョン: 2.511.00
SSAPI パターンリリース日: 2022年4月28日
手順 1
Windows 7、Windows 8、Windows 8.1、および Windows 10 のユーザは、コンピュータからマルウェアもしくはアドウェア等を完全に削除するために、ウイルス検索の実行前には必ず「システムの復元」を無効にしてください。
手順 2
このマルウェアもしくはアドウェア等の実行により、手順中に記載されたすべてのファイル、フォルダおよびレジストリキーや値がコンピュータにインストールされるとは限りません。インストールが不完全である場合の他、オペレーティングシステム(OS)の条件によりインストールがされない場合が考えられます。手順中に記載されたファイル/フォルダ/レジストリ情報が確認されない場合、該当の手順の操作は不要ですので、次の手順に進んでください。
手順 3
このレジストリ値を削除します。
[ 詳細 ]
警告:レジストリはWindowsの構成情報が格納されているデータベースであり、レジストリの編集内容に問題があると、システムが正常に動作しなくなる場合があります。
レジストリの編集はお客様の責任で行っていただくようお願いいたします。弊社ではレジストリの編集による如何なる問題に対しても補償いたしかねます。
レジストリの編集前にこちらをご参照ください。
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\1.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\1.0\FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\1.0\0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\1.0\0\win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\1.0\HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{{GUID}}\ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{{GUID}}\ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{{GUID}}\TypeLib
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIPSOFTEFORMAXL.ClipSofteFormAxLCtrl.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIPSOFTEFORMAXL.ClipSofteFormAxLCtrl.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\TypeLib
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Implemented Categories
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Implemented Categories\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIPEFORMAXVIEWE.CLIPeFormAxVieweCtrl.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIPEFORMAXVIEWE.CLIPeFormAxVieweCtrl.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\ToolboxBitmap32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\MiscStatus
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\MiscStatus\1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Control
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Version
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIP.eForm.Viewer.AxViewerCtrl
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLIP.eForm.Viewer.AxViewerCtrl\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\InprocServer32\2.0.0.85
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Implemented Categories\{62C8FE65-4EBB-45e7-B440-6E39B2CDBF29}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\2.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\2.0\FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\2.0\0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\2.0\0\win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{{GUID}}\2.0\HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NanumFont
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NanumFontSetup_TTF_GOTHIC_hangeulcamp_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NanumFontSetup_TTF_GOTHIC_hangeulcamp_RASMANCS
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CLIP e-Form Viewer
- In HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@clipsoft.co.kr/{BLOCKED}m
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Naver_Toolbar_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Naver_Toolbar_RASMANCS
- In HKEY_CURRENT_USER\Software\AppDataLow\Software
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.SrchBand.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.SrchBand.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.SrchBand
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.SrchBand\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.SrchBand\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\ProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\VersionIndependentProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.HTMLDocEventSink.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.HTMLDocEventSink.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.HTMLDocEventSink
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.HTMLDocEventSink\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.HTMLDocEventSink\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.Me2API.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.Me2API.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.Me2API
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.Me2API\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.Me2API\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.DnsPrefetchURLCollector.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.DnsPrefetchURLCollector.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.DnsPrefetchURLCollector
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.DnsPrefetchURLCollector\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbar.DnsPrefetchURLCollector\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverJump.NaverToolbarHelper.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverJump.NaverToolbarHelper.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverJump.NaverToolbarHelper
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverJump.NaverToolbarHelper\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverJump.NaverToolbarHelper\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\NaverToolbarCarrier.EXE
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbarCarrier.CURLCollector.3
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbarCarrier.CURLCollector.3\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbarCarrier.CURLCollector
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbarCarrier.CURLCollector\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NaverToolbarCarrier.CURLCollector\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{{GUID}}\LocalServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NaverToolbar
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverSafeGuard_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverSafeGuard_RASMANCS
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverToolbar
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\nsMercury.DLL
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.Nanta.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.Nanta.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.Nanta
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.Nanta\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.Nanta\CurVer
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{{GUID}}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.NantaInfo.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.NantaInfo.1\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.NantaInfo
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.NantaInfo\CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nsMercury.NantaInfo\CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{{GUID}}\NumMethods
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverSafeGuard
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverCommon
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverCommon\Naver Updater
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverAdminAPISetup_x86_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverAdminAPISetup_x86_RASMANCS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NaverUpdater
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\NAdminAPISvc.EXE
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverAdminAPISetup_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverAdminAPISetup_RASMANCS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverCommonUpdaterInst_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverCommonUpdaterInst_RASMANCS
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverCommonUpdater
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverCommonUpdater\AppList
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverCommonUpdater_1_0_0_46_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverCommonUpdater_1_0_0_46_RASMANCS
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverCapture
- In HKEY_CURRENT_USER\Software\NHN Corporation
- In HKEY_CURRENT_USER\Software\NHN Corporation\NaverNDrive
- In HKEY_LOCAL_MACHINE\SOFTWARE\NHN Corporation\NaverComicViewer
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\ETC
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 검색
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 메모하기
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 사전 검색
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 일한 번역
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 북마크하기
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\네이버 오픈캐스트 링크등록
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\UserInfo
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\International\CpMRU
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass\CustomPattern
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass\CustomPattern\{BLOCKED}n.co.kr
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass\CustomPattern\{BLOCKED}ark.com
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass\CustomPattern\{BLOCKED}e.com
- In HKEY_CURRENT_USER\Software\AppDataLow\Software\NHN Corporation\NaverToolbar\Profile\Quickpass\CustomPattern\{BLOCKED}e.com
- In HKEY_CURRENT_USER\Software\NHN Corporation\NaverSafeGuard
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverTBUpgrader_1_0_0_3_RASAPI32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\NaverTBUpgrader_1_0_0_3_RASMANCS
手順 4
以下のファイルを検索し削除します。
[ 詳細 ]
コンポーネントファイルが隠しファイル属性の場合があります。[詳細設定オプション]をクリックし、[隠しファイルとフォルダの検索]のチェックボックスをオンにし、検索結果に隠しファイルとフォルダが含まれるようにしてください。 - %User Temp%\nsl{random characters}.tmp\System.dll
- %User Temp%\nsl{random characters}.tmp\LockedList.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\NetFx20SP2_x64.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.DotNetChecker.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\AForge.Video.DirectShow.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\AForge.Video.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.CommonLibrary.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.RegAsm.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Base.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Parts.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.PlugInIF.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.TBarCodeProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.QrCodeProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\zxing.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.dll.config
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.AxLauncherWrapper.ocx
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.AxViewerCtrlWrapper.ocx
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\log4net.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\RexBarcodeLib.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\TBarCode11.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\TECIT.TBarCode.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.DataMatrixProxy.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\DataMatrix.net.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\npCLIP.eForm.plugin.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.DualViewer.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Wacom.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\fastJSON.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\NanumFontSetup_TTF_GOTHIC_hangeulcamp.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\KISACrypto.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.NativeUtility.dll
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.unregdll.log
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\ClipSoft.eForm.Viewer.regdll.log
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\CLIP.eForm.Viewer.tlb
- %User Temp%\nsr{random characters}.tmp
- %User Temp%\nsr{random characters}.tmp\NanumFontPlugin.dll
- %User Temp%\nsr{random characters}.tmp\System.dll
- %User Temp%\nsr{random characters}.tmp\ioSpecial.ini
- %User Temp%\nsr{random characters}.tmp\modern-wizard.bmp
- %User Temp%\nsr{random characters}.tmp\modern-header.bmp
- %User Temp%\nsr{random characters}.tmp\InstallOptions.dll
- %Program Files%\Naver\NanumFont\NanumFontSetup.ico
- %Program Files%\Naver\NanumFont\uninst.exe
- %Windows%\Fonts\NanumGothic.ttf
- %Windows%\Fonts\NanumGothicBold.ttf
- %Windows%\Fonts\NanumGothicExtraBold.ttf
- %Program Files%\Naver\NanumFont\package.xml
- %Program Files%\Naver\NanumFont\setup_log.xml
- %User Temp%\nsr{random characters}.tmp\NSISdl.dll
- %User Temp%\Naver_Toolbar.exe
- %User Temp%\00258c38\Naver_Toolbar.exe
- %Program Files%\Clipsoft\CLIP e-Form\bin\Viewer\uninstall.CLIPeFormViewer.exe
- %User Temp%\nsu{random characters}.tmp
- %User Temp%\nsa{random characters}.tmp\System.dll
- %User Temp%\nsa{random characters}.tmp\TBAPIW.dll
- %User Temp%\nsa{random characters}.tmp\ntbapiW.dll
- %Temporary Internet Files%\Content.IE5\S149VRBC\naver_license[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\naver_license[1].rtf
- %User Temp%\nsa{random characters}.tmp\naver_license.rtf
- %User Temp%\nsa{random characters}.tmp\UserInfo.dll
- %Program Files%\Naver\NaverToolbar\NaverAdminAPI.exe
- %Program Files%\Naver\NaverToolbar\NaverAdminAPI.dll
- %Program Files%\Naver\NaverToolbar\NELO.dll
- %Program Files%\Naver\NaverToolbar\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverToolbar\TBInfo.ini
- %Program Files%\Naver\NaverToolbar\NaverTB.dll
- %Program Files%\Naver\NaverToolbar\NaverToolbarCarrier.exe
- %Program Files%\Naver\NaverToolbar\naver\antiphising.ico
- %Program Files%\Naver\NaverToolbar\naver\blog.ico
- %Program Files%\Naver\NaverToolbar\naver\bookmark.ico
- %Program Files%\Naver\NaverToolbar\naver\bookmark.png
- %Program Files%\Naver\NaverToolbar\naver\capturebrowser.ico
- %Program Files%\Naver\NaverToolbar\naver\capturebrowser.png
- %Program Files%\Naver\NaverToolbar\naver\cleaninternet.ico
- %Program Files%\Naver\NaverToolbar\naver\clinic.ico
- %Program Files%\Naver\NaverToolbar\naver\config.ico
- %Program Files%\Naver\NaverToolbar\naver\dic.ico
- %Program Files%\Naver\NaverToolbar\naver\dictionary.png
- %Program Files%\Naver\NaverToolbar\naver\facebook.ico
- %Program Files%\Naver\NaverToolbar\naver\gametalk.ico
- %Program Files%\Naver\NaverToolbar\naver\gametalk.png
- %Program Files%\Naver\NaverToolbar\naver\help.ico
- %Program Files%\Naver\NaverToolbar\naver\memo.ico
- %Program Files%\Naver\NaverToolbar\naver\memo.png
- %Program Files%\Naver\NaverToolbar\naver\metoo.png
- %Program Files%\Naver\NaverToolbar\naver\naver.ico
- %Program Files%\Naver\NaverToolbar\naver\naverapp.ico
- %Program Files%\Naver\NaverToolbar\naver\navergame.ico
- %Program Files%\Naver\NaverToolbar\naver\opencast.ico
- %Program Files%\Naver\NaverToolbar\naver\opencast.png
- %Program Files%\Naver\NaverToolbar\naver\pcclinic.png
- %Program Files%\Naver\NaverToolbar\naver\popularity.png
- %Program Files%\Naver\NaverToolbar\naver\quickpass.ico
- %Program Files%\Naver\NaverToolbar\naver\real.ico
- %Program Files%\Naver\NaverToolbar\naver\send.ico
- %Program Files%\Naver\NaverToolbar\naver\send.png
- %Program Files%\Naver\NaverToolbar\naver\sendtomail.ico
- %Program Files%\Naver\NaverToolbar\naver\sms.ico
- %Program Files%\Naver\NaverToolbar\naver\theme.xml
- %Program Files%\Naver\NaverToolbar\naver\toolbarcleaner.ico
- %Program Files%\Naver\NaverToolbar\naver\toolbox.ico
- %Program Files%\Naver\NaverToolbar\naver\transjapan.ico
- %Program Files%\Naver\NaverToolbar\naver\twitter.ico
- %Program Files%\Naver\NaverToolbar\naver\virus.ico
- %Program Files%\Naver\NaverToolbar\naver\yozm.ico
- %Program Files%\Naver\NaverToolbar\juniver\antiphising.ico
- %Program Files%\Naver\NaverToolbar\juniver\artist.ico
- %Program Files%\Naver\NaverToolbar\juniver\babystudy.ico
- %Program Files%\Naver\NaverToolbar\juniver\blog.ico
- %Program Files%\Naver\NaverToolbar\juniver\bookmark.ico
- %Program Files%\Naver\NaverToolbar\juniver\bookmark.png
- %Program Files%\Naver\NaverToolbar\juniver\capturebrowser.ico
- %Program Files%\Naver\NaverToolbar\juniver\capturebrowser.png
- %Program Files%\Naver\NaverToolbar\juniver\cleaninternet.ico
- %Program Files%\Naver\NaverToolbar\juniver\clinic.ico
- %Program Files%\Naver\NaverToolbar\juniver\comic.ico
- %Program Files%\Naver\NaverToolbar\juniver\config.ico
- %Program Files%\Naver\NaverToolbar\juniver\dic.ico
- %Program Files%\Naver\NaverToolbar\juniver\dictionary.png
- %Program Files%\Naver\NaverToolbar\juniver\dongwha.ico
- %Program Files%\Naver\NaverToolbar\juniver\facebook.ico
- %Program Files%\Naver\NaverToolbar\juniver\farm_01.ico
- %Program Files%\Naver\NaverToolbar\juniver\farm_02.ico
- %Program Files%\Naver\NaverToolbar\juniver\flash.ico
- %Program Files%\Naver\NaverToolbar\juniver\gallery.ico
- %Program Files%\Naver\NaverToolbar\juniver\game.ico
- %Program Files%\Naver\NaverToolbar\juniver\gametalk.ico
- %Program Files%\Naver\NaverToolbar\juniver\gametalk.png
- %Program Files%\Naver\NaverToolbar\juniver\help.ico
- %Program Files%\Naver\NaverToolbar\juniver\jr.ico
- %Program Files%\Naver\NaverToolbar\juniver\jr16.ico
- %Program Files%\Naver\NaverToolbar\juniver\kidsong.ico
- %Program Files%\Naver\NaverToolbar\juniver\memo.ico
- %Program Files%\Naver\NaverToolbar\juniver\memo.png
- %Program Files%\Naver\NaverToolbar\juniver\metoo.png
- %Program Files%\Naver\NaverToolbar\juniver\naverapp.ico
- %Program Files%\Naver\NaverToolbar\juniver\navergame.ico
- %Program Files%\Naver\NaverToolbar\juniver\opencast.ico
- %Program Files%\Naver\NaverToolbar\juniver\opencast.png
- %Program Files%\Naver\NaverToolbar\juniver\panyroom.ico
- %Program Files%\Naver\NaverToolbar\juniver\parents.ico
- %Program Files%\Naver\NaverToolbar\juniver\pcclinic.png
- %Program Files%\Naver\NaverToolbar\juniver\popularity.png
- %Program Files%\Naver\NaverToolbar\juniver\quickpass.ico
- %Program Files%\Naver\NaverToolbar\juniver\real.ico
- %Program Files%\Naver\NaverToolbar\juniver\send.ico
- %Program Files%\Naver\NaverToolbar\juniver\send.png
- %Program Files%\Naver\NaverToolbar\juniver\sendtomail.ico
- %Program Files%\Naver\NaverToolbar\juniver\sms.ico
- %Program Files%\Naver\NaverToolbar\juniver\theme.xml
- %Program Files%\Naver\NaverToolbar\juniver\toolbarcleaner.ico
- %Program Files%\Naver\NaverToolbar\juniver\toolbox.ico
- %Program Files%\Naver\NaverToolbar\juniver\transjapan.ico
- %Program Files%\Naver\NaverToolbar\juniver\tv.ico
- %Program Files%\Naver\NaverToolbar\juniver\twitter.ico
- %Program Files%\Naver\NaverToolbar\juniver\virus.ico
- %Program Files%\Naver\NaverToolbar\juniver\yozm.ico
- %Program Files%\Naver\NaverToolbar\SearchEngines\naver_com.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\nate_com.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\daum_net.xml
- %Program Files%\Naver\NaverToolbar\SearchEngines\bing_com.xml
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NELO.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nsGuard.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NaverAdminApi.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeCrash.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeGuard.dat
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeInfo.dat
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\nSafeGuard.dll
- %Program Files%\Naver\NaverToolbar\NaverSafeGuard\NaverSafeGuard.exe
- %System%\NJUninst.exe
- %Program Files%\Naver\NaverToolbar\fixIE.exe
- %Program Files%\Naver\NaverToolbar\NTBProtocol.dll
- %Program Files%\Naver\NaverToolbar\DB_1_10.DAT
- %Program Files%\Naver\NaverToolbar\NaverTBHelper_1_0_1_4.exe
- %Program Files%\Naver\NaverToolbar\NaverTBUpgrader_1_0_0_3.exe
- %Program Files%\Naver\NaverToolbar\NaverTBToolbox_1_0_0_4.exe
- %Program Files%\Naver\NaverToolbar\NaverTBQuickpass_1_0_0_3.exe
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\nslagent[1].dat
- %User Temp%\nslagent.dat
- %Program Files%\Naver\NaverToolbar\postinst.exe
- %Program Files%\Naver\NaverToolbar\InstlInfo.ini
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\SGL00001[1].nsz
- %User Temp%\safeguard\SGL00001.nsz
- %User Temp%\safeguard\nSafeGuard.dat
- %Temporary Internet Files%\Content.IE5\S149VRBC\SGL00002[1].nsz
- %User Temp%\safeguard\SGL00002.nsz
- %User Temp%\safeguard\nSafeGuardLP.dat
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverAdminAPISetup[1].exe
- %User Temp%\NaverAdminAPISetup_x86.exe
- %User Temp%\nsa{random characters}.tmp\NaverUpdaterPlugin.dll
- %User Temp%\nsp{random characters}.tmp\NaverUpdaterPlugin.dll
- %Program Files%\Naver\NaverCommon\NaverAdminAPI.exe
- %Program Files%\Naver\NaverCommon\NaverAdminAPISvc.exe
- %Program Files%\Naver\NaverCommon\NaverAdminProc.dll
- %Program Files%\Naver\NaverCommon\NaverAdminAPIUpgrader.exe
- %Program Files%\Naver\NaverCommon\msvcp71.dll
- %Program Files%\Naver\NaverCommon\msvcr71.dll
- %Program Files%\Naver\NaverCommon\Uninstall.exe
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NaverAdminAPISetup[1].exe
- %User Temp%\$NaverUpdater$\NaverAdminAPISetup.exe
- %User Temp%\nsf{random characters}.tmp\NaverUpdaterPlugin.dll
- %User Temp%\nsa{random characters}.tmp\NCUPluginW.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverCommonUpdaterInst[1].exe
- %User Temp%\NaverCommonUpdaterInst.exe
- %User Temp%\nsp{random characters}.tmp\ncuapiw.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverCommonUpdater_1_0_0_46.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverAdminAPI.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverAdminAPI.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\RemoveUpdater.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NELO.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NELO_CrashReporter.exe
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\dbghelp.dll
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\exclamation.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_agreement_vaccine_text.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_bottom_bg_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_agree.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_cancel.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_close.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_complete.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_detail.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_detail2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_install_cancel.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_no.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_ok.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_tap_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_tap_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_terms.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_btn_yes.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_img_dot.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bar_4.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_progress_bg_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_terms_text.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_title.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_1.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_2.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\tools_updater_top_bar_3.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncl_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncl_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncp_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncp_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncv_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ncv_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nfv_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nfv_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmm_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmm_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmp_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nmp_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nnd_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\nnd_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\npm_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\npm_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ntb_intro.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\res\app\ntb_update.png
- %Program Files%\Naver\NaverCommonUpdater\1.0.0.46\NaverCommonUpdater.ini
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\installer[1].xml
- %Temporary Internet Files%\Content.IE5\S149VRBC\updateContents[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\ToolbarUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\ToolbarUpdateAgent_1_0_0_14.dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\Version.XML
- %Temporary Internet Files%\Content.IE5\DAXYM002\navertoolbar35_upgrade[1].xml
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\juniver_themexml[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\naver_themexml[1].xml
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\searchengines_version[1].xml
- %Temporary Internet Files%\Content.IE5\DAXYM002\NCleanerInstAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NCleanerInstAgent_1_0_0_11.dll
- %ProgramData%\NCleanerInstAgentLog.log
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NToolsAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NToolsAgent_1_0_0_19.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NVCInstAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NVCInstAgent_1_0_0_8.dll
- %ProgramData%\NVCInstAgentLog.log
- %Temporary Internet Files%\Content.IE5\S149VRBC\NaverCaptureAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverCaptureAgent_1_0_13_0.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\NaverMediaPlayerToolsAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverMediaPlayerToolsAgent_1_0_1_0.dll
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\NDriveUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NDriveUpdateAgent_1_0_0_22.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NaverMemoAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverMemoAgent_1_0_0_10.dll
- %Temporary Internet Files%\Content.IE5\S149VRBC\NanumFontAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NanumFontAgent_1_0_0_5.dll
- %Temporary Internet Files%\Content.IE5\DAXYM002\BandizipUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\BandizipUpdateAgent_1_0_0_3.dll
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\ezPDFUpdateAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\ezPDFUpdateAgent_1_0_0_4.dll
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\NaverComicViewerAgent[1].dll
- %ProgramData%\NHN Corporation\NaverToolsUpdater\UpgradeInterface\Win7x32\{GUID}\NaverComicViewerAgent_1_0_0_2.dll
- %Cookies%\win7x32@tools.naver[1].txt
- %Cookies%\win7x32@www.naver[1].txt
- %AppDataLocalLow%\Naver\NaverToolbar\Profile.ini
- %User Temp%\nsa{random characters}.tmp\DynamicEnd.ini
- %AppDataLocalLow%\Naver\NaverToolbar\UserInfo.ini
- %AppDataLocal%\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{{GUID}}.dat
- %AppDataLocal%\Microsoft\Internet Explorer\Recovery\High\Active\{{GUID}}.dat
- %Cookies%\win7x32@tools.naver[2].txt
- %AppDataLocalLow%\Naver\SafeGuard\Data\nSafeGuard_20220715_172408_3392.dat
- %Temporary Internet Files%\Content.IE5\DAXYM002\install_done[1].nhn
- %Temporary Internet Files%\Content.IE5\DAXYM002\install_done[1].htm
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\TOOLTIPDIC[1]
- %AppDataLocalLow%\Naver\NaverToolbar\cache.dat
- %AppDataLocalLow%\Naver\NaverToolbar\cache.dat-journal
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\MetaData\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
- %AppDataLocalLow%\Microsoft\CryptnetUrlCache\Content\B398B80134F72209547439DB21AB308D_A4CF52CCA82D7458083F7280801A3A04
- %User Temp%\Cab{random characters}.tmp
- %User Temp%\Tar{random characters}.tmp
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\logo_naver_v3[1].png
- %Temporary Internet Files%\Content.IE5\0S3ALP6V\blank[1]
- %Temporary Internet Files%\Content.IE5\S149VRBC\btn_playmp3[1]
- %Temporary Internet Files%\Content.IE5\DAXYM002\logo_toolbar_v2[1].png
- %Temporary Internet Files%\Content.IE5\FTOAXOPV\toolbar[1].css
- %Temporary Internet Files%\Content.IE5\S149VRBC\service_end_txt[1].png
- %Temporary Internet Files%\Content.IE5\S149VRBC\spr_ico_site[1].png
- %Temporary Internet Files%\Content.IE5\DAXYM002\favicon[1].ico
- %Temporary Internet Files%\Content.IE5\DAXYM002\favicon[1].htm
- %Temporary Internet Files%\Content.IE5\DAXYM002\QuickpassPattern[1].ini
- %AppDataLocalLow%\Naver\NaverToolbar\QuickpassPattern.ini
- %User Temp%\NaverTBUpgrader_1_0_0_3.exe
- %User Temp%\~DF{random characters}.TMP
手順 5
最新のバージョン(エンジン、パターンファイル)を導入したウイルス対策製品を用い、ウイルス検索を実行してください。「PUA.Win32.VIGUA.AJ」と検出したファイルはすべて削除してください。 検出されたファイルが、弊社ウイルス対策製品により既に駆除、隔離またはファイル削除の処理が実行された場合、ウイルスの処理は完了しており、他の削除手順は特にありません。
ご利用はいかがでしたか? アンケートにご協力ください