Code : xaQpn6/1foun7pz0J2YVyU4ZRxJnvkRl6TD9Q9zMBgM=

프로그램분석

Code : xaQpn6/1foun7pz0J2YVyU4ZRxJnvkRl6TD9Q9zMBgM=

프로세스 천국 2013. 6. 4. 18:33

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Windows 7 Ultimate Service Pack 1(6.1.7601.65536)
Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz / 2,047.49 MB
Intel64 Family 6 Model 42 Stepping 7
Date : 2013-06-04
----------------------------------------------------------------------
DF000 C:\Program Files (x86)\checkboan\checkboan.dll
DF001 C:\Program Files (x86)\checkboan\checkboan.exe
DF002 C:\Program Files (x86)\checkboan\checkboanmon.exe
DF003 C:\Program Files (x86)\checkboan\checkboansvc.exe
DF004 C:\Program Files (x86)\checkboan\uninst.exe
DF005 C:\Program Files (x86)\comfaster\comfaster.exe
DF006 C:\Program Files (x86)\comfaster\comfastersvc.exe
DF007 C:\Program Files (x86)\comfaster\uninst.exe
DF008 C:\Program Files (x86)\insafeclient\ismctrl.exe
DF009 C:\Program Files (x86)\insafeclient\ISMgr.dll
DF010 C:\Program Files (x86)\insafeclient\ismsvc.exe
DF011 C:\Program Files (x86)\insafeclient\ismsvp.exe
DF012 C:\Program Files (x86)\lastpopup\lstspop.exe
DF013 C:\Program Files (x86)\lastpopup\lstspsp.exe
DF014 C:\Program Files (x86)\lastpopup\lstspsv.exe
DF015 C:\Program Files (x86)\MainVaccine\db\filter.dll
DF016 C:\Program Files (x86)\MainVaccine\db\inter.dll
DF017 C:\Program Files (x86)\MainVaccine\etc\MVFilterDriver.SYS
DF018 C:\Program Files (x86)\MainVaccine\etc\MVMon.exe
DF019 C:\Program Files (x86)\MainVaccine\etc\MVmonRemote.dll
DF020 C:\Program Files (x86)\MainVaccine\etc\MVReg.exe
DF021 C:\Program Files (x86)\MainVaccine\MainVaccine.exe
DF022 C:\Program Files (x86)\MainVaccine\MVAutoUpdate.exe
DF023 C:\Program Files (x86)\MainVaccine\MVEngine.dll
DF024 C:\Program Files (x86)\MainVaccine\temp\filter.dll
DF025 C:\Program Files (x86)\MainVaccine\temp\inter.dll
DF026 C:\Program Files (x86)\nextray\nextray.exe
DF027 C:\Program Files (x86)\nextray\uninst.exe
DF028 C:\Program Files (x86)\Windows CloudGet\clgsve.exe
DF029 C:\Program Files (x86)\Windows CloudGet\clgsvp.exe
DF030 C:\Program Files (x86)\Windows CloudGet\clgsvr.exe
DF031 C:\Program Files (x86)\Windows ISM\ismsvc.exe
DF032 C:\Program Files (x86)\Windows VOA\voacfg.exe
DF033 C:\Program Files (x86)\Windows VOA\voaclt.exe
DF034 C:\Program Files (x86)\Windows VOA\voasvc.exe
DF035 C:\Program Files (x86)\Windows VOA\voaupdate.exe
DF036 C:\Program Files (x86)\Windows VOA\voaupdatez.exe
DF037 C:\Program Files (x86)\WinsPop\winsps.dll
DF038 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MainVaccine\MainVaccine 제거.lnk
DF039 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MainVaccine\MainVaccine.lnk
DF040 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\체크보안\체크보안.lnk
DF041 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\체크보안\체크보안삭제.lnk
DF042 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\컴패스터\컴패스터.lnk
DF043 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\컴패스터\컴패스터삭제.lnk
DF044 C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
DF045 C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe
DF046 C:\Users\Administrator\AppData\Local\MetablogNewIssues\updater_temp.exe
DF047 C:\Users\Administrator\AppData\Local\signkey\e_signkey.exe
DF048 C:\Users\Administrator\AppData\Local\signkey\signkey.exe
DF049 C:\Users\Administrator\AppData\Local\signkey\skun.exe
DF050 C:\Users\Administrator\AppData\Local\Temp\5132\MetablogNewIssues.exe
DF051 C:\Users\Administrator\AppData\Roaming\checkboan\checkboancnt.exe
DF052 C:\Users\Administrator\AppData\Roaming\comfaster\comfastercnt.exe
DF053 C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MainVaccine.lnk
DF054 C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\MainVaccine.lnk
DF055 C:\Users\Administrator\AppData\Roaming\opensearchGT_07_update_20130603.exe
DF056 C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.dll
DF057 C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.exe
DF058 C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgtu.exe
DF059 C:\Users\Administrator\AppData\Roaming\revealer\revealer.exe
DF060 C:\Users\Administrator\AppData\Roaming\revealer\revealertop.dll
DF061 C:\Users\Administrator\AppData\Roaming\revealer\revealerul.exe
DF062 C:\Users\Administrator\Favorites\앱이즈 11번가 바로가기.url
DF063 C:\Users\Administrator\Favorites\앱이즈 G마켓 바로가기.url
DF064 C:\Users\Administrator\Favorites\앱이즈 옥션 바로가기.url
----------------------------------------------------------------------
SC065 allpopup -/- allpopup svc -/- C:\Program Files (x86)\allpopup\allpopsvi.exe -/- allpopup launcher
SC066 Windows WinsPop Diagnostics Service -/- Windows WinsPop Diagnostics Service -/- C:\Windows\SysWOW64\wdrwspsvc.exe
SC067 WinsPop Service -/- WinsPop Service -/- C:\Windows\SysWOW64\svcspwin.exe
SC068 checkboan -/- checkboan svc -/- C:\Program Files (x86)\checkboan\checkboansvc.exe -/- checkboan launcher
SC069 comfaster -/- comfaster svc -/- C:\Program Files (x86)\comfaster\comfastersvc.exe -/- comfaster launcher
SC070 clgsvr32 -/- Windows CloudGet Service -/- C:\Program Files (x86)\Windows CloudGet\clgsvr.exe -/- Windows CloudGet Service
SC071 lstspsv32 -/- Windows Explorer Lastpopup v1.11 -/- C:\Program Files (x86)\lastpopup\lstspsv.exe -/- Windows Explorer Lastpopup v1.11
SC072 ismsvc32 -/- INSAFE Client 1.0 -/- C:\Program Files (x86)\insafeclient\ismsvc.exe -/- INSAFE Client 1.0
SC073 ismsvc -/- Windows ISM -/- "C:\Program Files (x86)\Windows ISM\ismsvc.exe" -/- Windows ISM
SC074 voasvc -/- Windows VOA -/- "C:\Program Files (x86)\Windows VOA\voasvc.exe" -/- Windows VOA
----------------------------------------------------------------------
UN075 AppIs(앱이즈) -/- goodcomms Inc. -/- AppIs(앱이즈)_is1 -/- C:\Users\Administrator\AppData\Local\AppIs\unins000.exe -/- hxxp://ww*.goodcomms.co.kr
UN076 checkboan -/- sksoftboank co. -/- checkboan -/- C:\Program Files (x86)\checkboan\uninst.exe -/- hxxp://ww*.checkboan.com
UN077 comfaster -/- sksoftbank. -/- comfaster -/- C:\Program Files (x86)\comfaster\uninst.exe -/- hxxp://ww*.comfaster.com
UN078 INSAFE Client 1.0 -/- INSAFE Client 1.0 -/- C:\Program Files (x86)\insafeclient\uninstall.exe
UN079 oNextPopup VN001 (KB210313) -/- Mobile Internet Co. -/- oNextPopup VN001 (KB210313) -/- C:\Program Files (x86)\nextray\uninst.exe
UN080 opensearchGT -/- opensearchGT uninstall -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\uninstall.exe
UN081 Revealing Top Search App -/- revealerApp_uninstall -/- C:\Users\Administrator\AppData\Roaming\revealer\uninstall.exe
UN082 Windows CloudGet -/- Windows CloudGet -/- Windows CloudGet -/- C:\Program Files (x86)\Windows CloudGet\uninstall.exe
UN083 Windows Explorer Lastpopup v1.11 -/- Windows Explorer Lastpopup v1.11 -/- C:\Program Files (x86)\lastpopup\uninstall.exe
UN084 Windows VOA -/- Windows VOA -/- C:\Program Files (x86)\Windows VOA\Uninstall.exe
UN085 WinsPop -/- (주)아지르 -/- WinsPop -/- C:\Program Files (x86)\WinsPop\uninst.exe -/- hxxp://winspop.co.kr
UN086 xAllpopup SP1 (KB210313) -/- Mobile Internet Co. -/- xAllpopup SP1 (KB210313) -/- C:\Program Files (x86)\allpopup\uninst.exe
UN087 KeyPang version 1.0 -/- ad79 -/- {B9EB0882-79F8-4680-988C-D2317BA669F9}_is1 -/- C:\Program Files (x86)\KeyPang\unins000.exe -/- hxxp://keypang.com -/- hxxp://keypang.com
----------------------------------------------------------------------
TS088 AppIs -/- C:\Users\Administrator\AppData\Local\AppIs\appis.exe -/- N/A
TS089 AppIsUpdate -/- C:\Users\Administrator\AppData\Local\AppIs\update.exe admin -/- N/A
----------------------------------------------------------------------
US090 WindowsPurchaseHelper -/- C:\ProgramData\WindowsPurchaseHelper\windowsphup.exe
US091 iniweblink -/- C:\ProgramData\iniweblink\weblinkup.exe
US092 windowviewcon -/- C:\ProgramData\windowviewcon\windowviewconup.exe
US093 opensearchGT -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.exe Runcmd
US094 opensearchGTupdate -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgtu.exe
US095 metablogagent -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\metablogagent.exe
US096 MetablogNewIssues -/- C:\Users\Administrator\AppData\Local\MetablogNewIssues\MetablogNewIssues.exe /byboot
US097 signkey -/- C:\Users\Administrator\AppData\Local\signkey\signkey.exe
US098 revealerApp -/- C:\Users\Administrator\AppData\Roaming\revealer\revealer.exe Runcmd
US099 revealerApps -/- C:\Users\Administrator\AppData\Roaming\revealer\revealerul.exe
LS100 KeyPang -/- C:\Program Files (x86)\KeyPang\keypang.exe
LS101 update.exe -/- C:\Users\Administrator\AppData\Local\AppIs\update.exe
LS102 appis.exe -/- C:\Users\Administrator\AppData\Local\AppIs\appis.exe
LS103 nextray -/- C:\Program Files (x86)\nextray\nextray.exe
----------------------------------------------------------------------
BH104 Revealing Top Search App -/- C:\Users\Administrator\AppData\Roaming\revealer\revealertop.dll -/- {169C9EC3-415E-4344-85E1-BCBC2356B4E6}
BH105 OpenSearchGT SubTap -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.dll -/- {F48F659E-88A3-4EFA-804E-833609E15AD6}
EXADD Shockwave Flash Object -/- C:\Windows\system32\Macromed\Flash\Flash64_11_7_700_169.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
EXADD Revealing Top Search App -/- C:\Users\Administrator\AppData\Roaming\revealer\revealertop.dll -/- {169C9EC3-415E-4344-85E1-BCBC2356B4E6}
EXADD Shockwave Flash Object -/- C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_169.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
EXADD OpenSearchGT SubTap -/- C:\Users\Administrator\AppData\Roaming\opensearchGT\opensearchgt.dll -/- {F48F659E-88A3-4EFA-804E-833609E15AD6}
----------------------------------------------------------------------
NA001 211.113.34.140dns-4.0/nDNS/t/2/img/common/bn_rs_down*.***
NA002 211.113.34.140dns-4.0/nDNS/t/2/img/common/bn_rs_up*.***
NA003 211.113.34.140/dns-4.0/nDNS/js/ajax_20080930.min.js?t=2012*.***
NA004 211.113.34.140/dns-4.0/nDNS/js/base.min.js?t=2012*.***
NA005 211.113.34.140/dns-4.0/nDNS/js/cookie.min.js?t=2012*.***
NA006 211.113.34.140/dns-4.0/nDNS/js/jquery.cookie.js?t=2012*.***
NA007 211.113.34.140/dns-4.0/nDNS/js/jquery.min.js?t=2012*.***
NA008 211.113.34.140/dns-4.0/nDNS/js/jquery-1.6.4.min.js?t=2012*.***
NA009 211.113.34.140/dns-4.0/nDNS/js/nxsearch_20090616.min.js?t=20120**.***
NA010 211.113.34.140/dns-4.0/nDNS/t/2/img/common/basic*.***
NA011 211.113.34.140/dns-4.0/nDNS/t/2/img/common/footer_help*.***
NA012 211.113.34.140/dns-4.0/nDNS/t/2/img/common/footer_notice*.***
NA013 211.113.34.140/dns-4.0/nDNS/t/2/img/common/footer_other_search.**.***
NA014 211.113.34.140/dns-4.0/nDNS/t/2/img/common/footer_txt*.***
NA015 211.113.34.140/dns-4.0/nDNS/t/2/img/common/header*.***
NA016 211.113.34.140/dns-4.0/nDNS/t/2/img/common/header_back*.***
NA017 211.113.34.140/dns-4.0/nDNS/t/2/img/common/icon_arrow_more*.***
NA018 211.113.34.140/dns-4.0/nDNS/t/2/img/common/layer_common*.***
NA019 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rlife_calculator.gif**.***
NA020 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rlife_calendar*.***
NA021 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rlife_lotto*.***
NA022 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rlife_post*.***
NA023 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rlife_weather*.***
NA024 211.113.34.140/dns-4.0/nDNS/t/2/img/common/rs_issue_line*.***
NA025 211.113.34.140/dns-4.0/nDNS/t/2/img/common/sugget_arrow_down.gi**.***
NA026 211.113.34.140/dns-4.0/nDNS/t/2/img/favicon_new*.***
NA027 211.113.34.140/dns-4.0/nDNS/t/2/include/css/common*.***
NA028 211.113.34.140/dns-4.0/nDNS/t/2/include/css/search.css?t=201207**.***
NA029 211.113.34.140/dns-4.0/nDNS/t/2/include/css/searchNew.css?t=201**.***
NA030 211.113.34.140/dns-4.0/nDNS/t/2/include/css/suggest.css?t=20120**.***
NA031 211.113.34.140/dns-4.0/nDNS/t/2/include/js/common.js?t=20120626**.***
NA032 211.113.34.140/dns-4.0/nDNS/t/2/zum*.***
NA033 211.113.34.142/dns-4.0/nDNS/js/jquery-1.6.4.mi*.***
NA034 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num1*.***
NA035 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num10*.***
NA036 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num2*.***
NA037 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num3*.***
NA038 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num4*.***
NA039 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num5*.***
NA040 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num6*.***
NA041 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num7*.***
NA042 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num8*.***
NA043 211.113.34.142/dns-4.0/nDNS/t/2/img/common/rs_num9*.***
NA044 211.113.34.143/dns-4.0/nDNS/js/jquery.min.js?t=2012*.***
NA045 211.113.34.143/dns-4.0/nDNS/js/jquery-1.6.4.min.js?t=2012*.***
NA046 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num1*.***
NA047 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num10*.***
NA048 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num2*.***
NA049 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num3*.***
NA050 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num4*.***
NA051 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num5*.***
NA052 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num6*.***
NA053 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num7*.***
NA054 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num8*.***
NA055 211.113.34.143/dns-4.0/nDNS/t/2/img/common/rs_num9*.***
NA056 3412fd036b9e3aa67cf153b0ddf0fe.korea-lab.*.***
NA057 61.106.26.167/adlistener/adakeyword*.***
NA058 61.106.26.167/adlistener/adconf.php?pgid=apples&pid=apples03&di**.***
NA059 61.106.26.167/adlistener/adinstall.php?pgid=apples&pid=apples03**.***
NA060 61.106.26.167/adlistener/adskeyword*.***
NA061 61.106.26.167/adlistener/pgid/apples*.***
NA062 a.cloudget.co.kr/ap.php?m=i&mac=000C2961CEE7&p=cg*.***
NA063 ad79.co.kr/keypang/qz3/skeypang3*.***
NA064 ad79.co.kr/keypang/statchk.php?pid=qz3&mac=&insta*.***
NA065 adimg.wisenut.co.kr/tgates/?c=tg&ex=1370338213&or=N&rd=efa1b34c**.***
NA066 ads.contentsbridge.com/delivery/new/kth_floating*.***
NA067 ads.contentsbridge.com/jspx/bizlink_log*.***
NA068 ads.contentsbridge.com/jspx/gns_bizlink_style.jspx?vers*.***
NA069 adtg.widerplanet.com/delivery/wjs.php?zoneid=9262&cb=6774384426**.***
NA070 adtg.widerplanet.com/js/pb_kth_adsense.js.php?gl_cl=ca-pub-4704**.***
NA071 api.admatching.co.kr/admatching/info.php?pid=ad051&cid=000c2961**.***
NA072 api.admatching.co.kr/admatching/matchsitelist.php?pid=ad051&cid**.***
NA073 api.admatching.co.kr/admatching/ovt_log.php?pid=ad051&cid=000c2**.***
NA074 api.admatching.co.kr/admatching/update_mb.php?pid=ad051&cid=000**.***
NA075 api.admatching.co.kr/admatching/urlmatchlist.php?pid=ad051&cid=**.***
NA076 api.admatching.co.kr/admatching/urlmatchlist_coworker.php?pid=a**.***
NA077 api.admatching.co.kr/admatching/urlmatchlist_merchant.php?pid=a**.***
NA078 app.checkboan.com/?modeAct=install&iMAC=000c2961cee7&iPID=power**.***
NA079 app.checkboan.com/?modeAct=run&iMAC=000c2961cee7&iPID=p*.***
NA080 app.checkboan.com/opt.php?iPID=p*.***
NA081 app.comfaster.com/?modeAct=install&iMAC=000c2961cee7&iPID=power**.***
NA082 app2.tsmon.co.kr/app/ipcheck*.***
NA083 app2.tsmon.co.kr/app/urlcheck.asp?icd=*.***
NA084 app2.tsmon.co.kr/file/v2/addnvx1*.***
NA085 codebase.goodcomms.co.kr/codebase/ISAppIs*.***
NA086 crl.geotrust.com/crls/secureca*.***
NA087 dn.binsetup.com/130603/adInstall_ad056*.***
NA088 dn.binsetup.com/130603/cloudget_cg0000*.***
NA089 dn.binsetup.com/130603/MainVaccine_power*.***
NA090 dn.binsetup.com/130603/Revealing_App_11_hinst*.***
NA091 dn.binsetup.com/130603/setup_pang*.***
NA092 dn.binsetup.com/130603/setup_tang*.***
NA093 dn.binsetup.com/130603/Setup_voa_apples_apples03*.***
NA094 dn.binsetup.com/130603/signkey*.***
NA095 dns3.ktguide.com/js/zum_suggest_min_v1.2.js?t=2012*.***
NA096 dns3.ktguide.com/search/index.php?Query=130+%EA%B9%80%ED%95%B4%**.***
NA097 down.admatching.co.kr/download/mb/metablogagent*.***
NA098 down.admatching.co.kr/download/mb/MetablogNewIssues*.***
NA099 down.checkboan.com/checkboan_power*.***
NA100 down.comfaster.com/comfaster_power*.***
NA101 down.mainvaccine.com/app/process/nac/MainVaccine_process_s_run.**.***
NA102 down.nextpopup.com/NextPopup_sun*.***
NA103 down.open-search.kr/file/opensearchGT_07_update_20130603*.***
NA104 down.signkey.co.kr/_file/dn*.***
NA105 down.signkey.co.kr/_file/e_signkey*.***
NA106 down.signkey.co.kr/_file/signkey*.***
NA107 down.signkey.co.kr/_file/skun*.***
NA108 download.freepds.com/freepds/fileinfo.php?kind=download&ind=181**.***
NA109 freepds.com/freepds/ad_right.php?pid=&color=d4d0c8&w=100&h=200&**.***
NA110 freepds.com/freepds/agreement_inner_txt*.***
NA111 googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4704851031**.***
NA112 googleads.g.doubleclick.net/pagead/drt/s?v=r2012*.***
NA113 googleads.g.doubleclick.net/pagead/html/r20130528/r20130206/zrt**.***
NA114 honorzone.co.kr/check/honor2/update/honor*.***
NA115 honorzone.co.kr/check/opensearch_s3/check*.***
NA116 honorzone.co.kr/cnt/index.php?pid=honor2&ty*.***
NA117 honorzone.co.kr/cnt/index.php?pid=opensearch_s3&ty*.***
NA118 honorzone.co.kr/v2/check/honorzone*.***
NA119 honorzone.co.kr/v2/check2/check*.***
NA120 honorzone.co.kr/v2/check2/check_search*.***
NA121 image.mmnneo.com/bg*.***
NA122 image.mmnneo.com/cls_sqr*.***
NA123 image.mmnneo.com/logo_cl*.***
NA124 img1.media.zumst.com/key/71a1b7f748baebd632c1ca4c172930dfafa7ab**.***
NA125 img1.media.zumst.com/key/a769e71a3bdbfd8f14c023211c0ebb4bc99dbf**.***
NA126 img2.media.zumst.com/key/35d48b4dec2fffa0b5321c47cba528f424eea0**.***
NA127 img2.media.zumst.com/key/3c61d8c06bca448fd387ac1b583872b7b9883e**.***
NA128 img2.media.zumst.com/key/5e2599963ecaf61920ed8e2d080263e2ed16f8**.***
NA129 img2.media.zumst.com/key/995a9781cf283aa6038975f7cf7d4b2ea46e06**.***
NA131 keypang.com/keypang/install.php?mac=00-0C-29-61-C*.***
NA132 kwdbridge.godohosting.com/images/floating_02*.***
NA133 mobil.checkboan.com/?iMAC=000c2961cee7&iPID=p*.***
NA134 mobil.checkboan.com/danal/sms/css/style*.***
NA135 mobil.checkboan.com/danal/sms/images/blit_important*.***
NA136 mobil.checkboan.com/danal/sms/images/btn_b_blue*.***
NA137 mobil.checkboan.com/danal/sms/images/btn_customer*.***
NA138 mobil.checkboan.com/danal/sms/images/btn_useInfo*.***
NA139 mobil.checkboan.com/danal/sms/images/cType00_bg01*.***
NA140 mobil.checkboan.com/danal/sms/images/img_tit*.***
NA141 mobil.checkboan.com/danal/sms/js/Commo*.***
NA142 mobil.checkboan.com/danal/sms/js/Star*.***
NA143 mobil.checkboan.com/danal/sms/PIE*.***
NA144 mobil.checkboan.com/danal/sms/Start.php?iMAC=000c2961cee7&iPID=**.***
NA145 mp.mmnneo.com/banner.widget3.asp?sitehost=dns3.ktguide.com&site**.***
NA146 open-search.kr/cnt/index.php?pid=partner07&ty*.***
NA147 open-search.kr/cnt/index_pre.php?pid=partner07&ty*.***
NA148 open-search.kr/opensearch/update/ad/partner07/check_h*.***
NA149 open-search.kr/opensearch/update/ad/partner07/inst*.***
NA150 pagead2.googlesyndication.com/pagead/abglogo/abg-ko-100c-ffffff**.***
NA151 pagead2.googlesyndication.com/pagead/images/i*.***
NA152 pagead2.googlesyndication.com/pagead/js/ab*.***
NA153 pagead2.googlesyndication.com/pagead/js/graphic*.***
NA154 pagead2.googlesyndication.com/pagead/js/r20130528/r20130206/sho**.***
NA155 pagead2.googlesyndication.com/pagead/os*.***
NA156 pagead2.googlesyndication.com/pagead/render_ad*.***
NA157 pagead2.googlesyndication.com/pagead/show_ad*.***
NA158 pagead2.googlesyndication.com/simgad/748593166329949*.***
NA159 premiumpc.co.kr/dbk*.***
NA160 premiumpc.co.kr/etc/yak_app*.***
NA161 premiumpc.co.kr/mbk.php?v1=fpds&v2=00:0C:29:61:C*.***
NA162 revealer.co.kr/cnt/index_pre.php?pid=ulapp11&ty*.***
NA163 s.winspop.co.kr/luncher/inst_launcher_wsp002*.***
NA164 s.winspop.co.kr/setup/check_wsp*.***
NA165 search-log.goodcomms.co.kr/log/count.php?argx=Z370TOS3VWZN+hI+I**.***
NA166 search-log.goodcomms.co.kr/log/try_update.xlg?argx=s7lhLWPv/JC5**.***
NA167 search-log.goodcomms.co.kr/log/update.xlg?argx=s7lhLWPv/JC5sas9**.***
NA168 search-log.goodcomms.co.kr/log/websetup.php?ErrorCode=0&ModuleS**.***
NA169 search-up.goodcomms.co.kr/update/affiliate/appis/appis*.***
NA170 search-up.goodcomms.co.kr/update/affiliate/webcompass/pintotask**.***
NA171 search-ww*.goodcomms.co.kr/register/count.php?argx=KN9xY2B68aox**.***
NA172 shop.soonwe.com/iconview/windowstab/info_005.asp?pt=freep*.***
NA173 sosa.semanticrep.com/rt/widerplanet.php?c=tg&ex=1370943013&or=N**.***
NA174 svc.winspop.co.kr/apps/acab/D_Prohibit.7z?_pi=bfcee8ef1b363b1e6**.***
NA175 svc.winspop.co.kr/apps/acab/K_Prohibit.7z?_pi=bfcee8ef1b363b1e6**.***
NA176 svc.winspop.co.kr/apps/act.php?_pi=bdcae2e7112a2d0e5a7090abc5de**.***
NA177 thumbs.ncimage.co.kr/thumb.ncimage.co.kr/images/77_79_zum*.***
NA178 topsearch.revealing.co.kr/?cddtc=neoclick_daramg&keyword=%C0%CE**.***
NA179 topsearch.revealing.co.kr/?cddtc=neoclick_test_xml&keyword=%C0%**.***
NA180 topsearch.revealing.co.kr/favicon*.***
NA181 topsearch.revealing.co.kr/image/btn_close*.***
NA182 topsearch.revealing.co.kr/image/btn_default_background_img*.***
NA183 topsearch.revealing.co.kr/image/help_icon3*.***
NA184 topsearch.revealing.co.kr/image/Search_17*.***
NA185 ui.teledit.com/Danal/Teledit/Web/css/style*.***
NA186 ui.teledit.com/Danal/Teledit/Web/images/customer_logo*.***
NA187 ui.teledit.com/Danal/Teledit/Web/Notice/Agreement/agreement01.h**.***
NA188 ui.teledit.com/Danal/Teledit/Web/Notice/Agreement/agreement02.h**.***
NA189 ui.teledit.com/Danal/Teledit/Web/Notice/Agreement/agreement03.h**.***
NA190 ui.teledit.com/Danal/Teledit/Web/Notice/Agreement/agreement04.h**.***
NA191 ul.revealer.co.kr/check/daramg/check*.***
NA192 ul.revealer.co.kr/check/ulapp/update/revealing*.***
NA193 ul.revealer.co.kr/check/ulapp11/check*.***
NA194 ul.revealer.co.kr/check2/check*.***
NA195 ul.revealer.co.kr/check2/revealdata*.***
NA196 ul.revealer.co.kr/cnt/index.php?pid=daramg&ty*.***
NA197 ul.revealer.co.kr/cnt/index.php?pid=ulapp&ty*.***
NA198 ul.revealer.co.kr/cnt/index.php?pid=ulapp11&ty*.***
NA199 ul.revealer.co.kr/favicon*.***
NA200 ul.revealer.co.kr/sear/share.php?*.***
NA201 voa-update.windowsnas.co.kr/adlistener/adpatchconf.php?pgid=&pi**.***
NA202 voa-update.windowsnas.co.kr/adlistener/adpatchconf.php?pgid=app**.***
NA203 voa-update.windowsnas.co.kr/seed_app_files/voaupdatez*.***
NA204 voa-update.windowsnas.co.kr/seed_update_files/ismsvc*.***
NA205 voa-update.windowsnas.co.kr/seedapplist*.***
NA206 voa-update.windowsnas.co.kr/seedupdate.php?p_id=apples03&g_id=a**.***
NA207 voa-update.windowsnas.co.kr/update.php?p_id=apples03&d_i*.***
NA208 voa-update.windowsnas.co.kr/update.php?p_id=apples03&g_i*.***
NA209 voa-update.windowsnas.co.kr/update_files/voasvc*.***
NA210 whois.kisa.or.kr/openapi/whois.jsp?key=2011100613382837406762&q**.***
NA211 ww*.ad79.co.kr/keypang/livechk.php?mac=00-0C-29-61-CE-E7&pid=qz**.***
NA212 ww*.ad79.co.kr/keypang/toschk.php?pid*.***
NA213 ww*.ad79.co.kr/keypang/urlres.php?pid=qz2&murl=mobil.checkboan.**.***
NA214 ww*.ad79.co.kr/keypang/urlres.php?pid=qz2&murl=topsearch.reveal**.***
NA215 ww*.ad79.co.kr/keypang/urlres.php?pid=qz2&murl=ul.revealer.co.k**.***
NA216 ww*.ad79.co.kr/keypang/version_qz27*.***
NA217 ww*.allpopup.com/log/?modeAct=agree&iMAC=000c2961cee7&iPID=1011**.***
NA218 ww*.allpopup.com/log/?modeAct=install&iMAC=000c2961cee7&iPID=10**.***
NA219 ww*.allpopup.com/log/?modeAct=run&iMAC=000c2961cee7&iPID=*.***
NA220 ww*.allpopup.com/xml.php?xcode=1011&iMAC=000c2961*.***
NA221 ww*.checkboan.com/license*.***
NA222 ww*.comfaster.com/license*.***
NA223 ww*.dotmap.co.kr/app_banner/windowviewcon/info_003.asp?pt=freep**.***
NA224 ww*.findlock.co.kr/app_new/install_new.php?u=Silver&a=865E9528_**.***
NA225 ww*.freepds.com/data/plugin/adInstall_ad051*.***
NA226 ww*.freepds.com/data/plugin/Allpopup_1011_H*.***
NA227 ww*.freepds.com/data/plugin/ikeypang*.***
NA228 ww*.freepds.com/data/plugin/INIWebLinkSetup_P012_1*.***
NA229 ww*.freepds.com/data/plugin/opensearchGT_07_hinst*.***
NA230 ww*.freepds.com/data/plugin/premiumpcsetup_fpds*.***
NA231 ww*.freepds.com/data/plugin/WSLfilelot*.***
NA232 ww*.freepds.com/data/plugin/WVCSetup_fd*.***
NA233 ww*.freepds.com/data/snapshot/13043012231455679*.***
NA234 ww*.google.com/ads/search/module/ads/3.0/34b8e929df3edf9e479deb**.***
NA235 ww*.google.com/adsense/search/ad*.***
NA236 ww*.google.com/pagead/dr*.***
NA237 ww*.google.com/uds/afs?q=130%20%EA%B9%80%ED%95%B4%EB%B2%84%EC%8**.***
NA238 ww*.google-analytics.com/__utm.gif?utmwv=5.4.2&utms=1&utmn=2083**.***
NA239 ww*.google-analytics.com/ga.*.***
NA240 ww*.gstatic.com/bg/e99TJlYORwTDj9xV8kAetTmnOsgOiIcVSrocb5kjvy8.**.***
NA241 ww*.gstatic.com/GoogleInternetAuthority/GoogleInternetAuthority**.***
NA242 ww*.ilikesearch.co.kr/sear/share.php?pid=opensearch_s3&ty=am&op**.***
NA243 ww*.msftncsi.com/ncsi*.***
NA244 ww*.muuk.co.kr/app/windowsph/info/infow.php?pt=freep*.***
NA245 ww*.muuk.co.kr/app/windowviewcon/info/infog.php?pt=freepds&os=6**.***
NA246 ww*.muuk.co.kr/count/windowsph/boot.php?pt=freepds_r&mc=00-0C-2**.***
NA247 ww*.muuk.co.kr/count/windowsph/install.php?pt=freepds_r&mc=00-0**.***
NA248 ww*.muuk.co.kr/count/windowviewcon/boot.php?pt=freepds&mc=00-0C**.***
NA249 ww*.muuk.co.kr/count/windowviewcon/install.php?pt=freepds&mc=00**.***
NA250 ww*.nextpopup.com/license*.***
NA251 ww*.nextpopup.com/log/?modeAct=install&iMAC=000c2961cee7&iPID=s**.***
NA252 ww*.powertime.kr/power/agreement_inner.php?w=770&h*.***
NA253 ww*.powertime.kr/power/download/powertime_ins*.***
NA254 ww*.premiumpc.co.kr/APP/pf_ck.php?v1=*.***
NA255 ww*.premiumpc.co.kr/APP/stat.php?v1=1&v2=fpds&v3=SVRhaWtjOWU2bY**.***
NA256 ww*.targetkeyword.co.kr/app/info/info_001*.***
NA257 ww*.targetkeyword.co.kr/app/iniweblink/info/info.php?u=P012&o=6**.***
NA258 ww*.targetkeyword.co.kr/app/it.php?u=P012&a=DAAAFCFF6E1094AFFDB**.***
NA259 ww*.targetkeyword.co.kr/app/li.php?u=P012&a=DAAAFCFF6E1094AFFDB**.***
NA260 ww*.targetkeyword.co.kr/url_keywd/callurl.php?a=DAAAFCFF6E1094A**.***
NA261 ww*.tooltip.kr/pop/config.php?q=^/irW@RwO@R.OSNva/CBN0?cGQKCGQK**.***
NA262 ww*.tooltip.kr/pop/download/tooltip_ins*.***
NA263 www3.freepds.com/data/files/13043012231439529*.***
----------------------------------------------------------------------
GS106 C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\11번가.lnk
GS107 C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\G마켓.lnk
GS108 C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\옥션.lnk
----------------------------------------------------------------------
Deleted Files : 65
Remove Service : 10
Remove Uninstall Entry : 13
Remove Startup Entry : 14
Remove Browser Helper Object : 2
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2013-06-04
[01-HKCUREG]**iniweblink
[01-HKCUREG]**metablogagent
[01-HKCUREG]**MetablogNewIssues
[01-HKCUREG]**opensearchGT
[01-HKCUREG]**opensearchGTupdate
[01-HKCUREG]**revealerApp
[01-HKCUREG]**revealerApps
[01-HKCUREG]**signkey
[01-HKCUREG]**WindowsPurchaseHelper
[01-HKCUREG]**windowviewcon
[02-HKLMREG]**appis.exe
[02-HKLMREG]**KeyPang
[02-HKLMREG]**nextray
[02-HKLMREG]**update.exe
[03-BHOCLSD]**{169C9EC3-415E-4344-85E1-BCBC2356B4E6}
[03-BHOCLSD]**{F48F659E-88A3-4EFA-804E-833609E15AD6}
[05-SERVICE]**allpopup
[05-SERVICE]**checkboan
[05-SERVICE]**clgsvr32
[05-SERVICE]**comfaster
[05-SERVICE]**ismsvc
[05-SERVICE]**ismsvc32
[05-SERVICE]**lstspsv32
[05-SERVICE]**voasvc
[05-SERVICE]**Windows WinsPop Diagnostics Service
[05-SERVICE]**WinsPop Service
[06-TASKLST]**AppIs
[06-TASKLST]**AppIsUpdate
----------------------------------------------------------------------
Total Processing Time : 1566ms
----------------------------------------------------------------------