프로그램분석

[wla****spring/Win32.Trojandownloader] Processing Time(Remove All) : 333ms

프로세스 천국 2011. 6. 23. 03:25

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-06-22
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\SupportBarSetup.exe
DF001 C:\Documents and Settings\Administrator\Local Settings\Application Data\setup_sooheng.exe
DF002 C:\Documents and Settings\Administrator\Local Settings\Application Data\setup1.exe
DF003 C:\Documents and Settings\Administrator\Local Settings\Application Data\setup2.exe
DF005 C:\Program Files\BaroSearch\barosearch.exe
DF006 C:\Program Files\BaroSearch\barosearchs.exe
DF007 C:\Program Files\Gappl\gauninst.exe
DF008 C:\Program Files\Gappl\pabho.dll
DF009 C:\Program Files\Gappl\patool.dll
DF010 C:\Program Files\icleservicea\icleservicea.dll
DF011 C:\Program Files\icleservicea\icleserviceahp.exe
DF012 C:\Program Files\icleservicea\Uninstall.exe
DF013 C:\Program Files\Microsource\Microsource.exe
DF014 C:\Program Files\Microsource\Microsource_se.exe
DF015 C:\Program Files\Microsource\Microsource_updater.exe
DF016 C:\Program Files\NFDay\nfdalimi.exe
DF017 C:\Program Files\NFDay\nfddel.exe
DF018 C:\Program Files\NFDay\nfddll.dll
DF019 C:\Program Files\NFDay\nfdmain.exe
DF020 C:\Program Files\NFDay\nfdupdater.exe
DF021 C:\Program Files\NFDay\nfdux.exe
DF022 C:\Program Files\opensearchp\icleserup.exe
DF023 C:\Program Files\opensearchp\opensearchp.dll
DF024 C:\Program Files\opensearchp\opensearchps.exe
DF025 C:\Program Files\opensearchp\Uninstall.exe
DF026 C:\Program Files\sidematchnet\sidematchbar.dll
DF027 C:\Program Files\sidematchnet\sidematchup.exe
DF028 C:\Program Files\sidematchnet\uninstall.exe
DF029 C:\Program Files\sponsorkeyword\sponsorkeyword.exe
DF030 C:\Program Files\sponsorkeyword\sponsorkeyword_uninstall.exe
DF031 C:\Program Files\STerra\SafeTerra.exe
DF032 C:\Program Files\STerra\SafeTerraUpdate.exe
DF033 C:\Program Files\STerra\STUninstall.exe
DF034 C:\Program Files\SupportBarJN\SupportBarJN.dll
DF035 C:\Program Files\SupportBarJN\SupportBarUpdateJN.exe
DF036 C:\Program Files\SupportBarJN\SUUninstallJN.exe
DF037 C:\Program Files\WebCompass\free.exe
DF038 C:\Program Files\WebCompass\sqlite3.dll
DF039 C:\Program Files\WebCompass\unins000.exe
DF040 C:\Program Files\WebCompass\update.exe
DF041 C:\Program Files\WebCompass\wc_src_3f8.dll
DF042 C:\Program Files\WebCompass\wcsv.dll
DF043 C:\Program Files\WiseLook Application\juso.dll
DF044 C:\Program Files\WiseLook Application\WiseLook.exe
DF045 C:\Program Files\wLauncher\Plugins\InjHlp.dll
DF046 C:\Program Files\wLauncher\Plugins\RepAnalyser.dll
DF047 C:\Program Files\wLauncher\Plugins\Res\RepDll.dll
DF048 C:\Program Files\wLauncher\Uninstall.exe
DF049 C:\Program Files\wLauncher\wLauncher.exe
DF050 C:\WINDOWS\barosearchuninstall.exe
DF051 C:\WINDOWS\Microsource_uninstaller.exe
DF052 C:\WINDOWS\ndelfddll.exe
DF053 C:\WINDOWS\system32\INETKO.DLL
DF054 C:\WINDOWS\system32\MSINET.OCX
DF055 C:\WINDOWS\system32\opensearchpinst.exe
DF056 C:\WINDOWS\system32\VB6KO.DLL
----------------------------------------------------------------------
SC057 wcsv -/- WebCompass Updater Service -/- - -/- C:\Program Files\WebCompass\wcsv.dll -/- C:\WINDOWS\system32\svchost.exe -k WebCompass
SC058 Microsource Update Service -/- Microsource Support Service -/- - -/-  -/- "C:\Program Files\Microsource\Microsource_se.exe" /service
----------------------------------------------------------------------
UN059 BaroSearch -/- - -/- BaroSearch -/- - -/- -
UN060 옥션바로가기(바로옥션혜택) -/- - -/- Gappl -/-
UN061 icleservicea 1.00 -/- - -/- icleservicea 1.00 -/- - -/- -
UN062 Microsource -/- - -/- Microsource -/-
UN063 New Feel 2 Day -/- feel2day, Inc. -/- NFDay -/-
UN064 opensearchp 1.00 -/- - -/- opensearchp 1.00 -/- - -/- -
UN065 Safe Terra -/- 한국고시아카데미 -/- SafeTerra -/-
UN066 sponsorkeyword Uninstall -/- (주)인터넷마케팅연구소 -/- sponsorkeyword -/-
UN067 SupportBar Uninstall -/-  -/- SupportBarJN -/-  -/- -
UN068 WebCompass(웹컴파스) -/- Datawave Inc. -/- WebCompass(웹컴파스)_is1 -/-
UN069 WinSideMatch -/- - -/- WinSideMatch -/- - -/- -
UN071 WiseLook Application -/- - -/- WiseLook Application -/- - -/- -
----------------------------------------------------------------------
US072 sponsorkeyword -/- C:\Program Files\sponsorkeyword\sponsorkeyword.exe
US073 Safeterra -/- C:\Program Files\STerra\SafeTerraUpdate.exe
US074 WiseLook Application -/- C:\Program Files\WiseLook Application\WiseLook.exe
US075 sidematchup -/- C:\Program Files\sidematchnet\sidematchup.exe
US076 BaroSearch -/- C:\Program Files\BaroSearch\\barosearchs.exe
LS077 supportbarupdateJN -/- C:\Program Files\SupportBarJN\SupportBarUpdateJN.exe
LS078 NFDay -/- C:\Program Files\NFDay\nfdupdater.exe
LS079 NFDayUpdate -/- C:\Program Files\NFDay\nfdux.exe
----------------------------------------------------------------------
BH080 sidematchbar Class -/- C:\Program Files\sidematchnet\sidematchbar.dll -/- {0AC821AF-1682-438D-A319-5E6CB7C68B15}
BH081 opensearchhana.opensearchp -/- C:\Program Files\opensearchp\opensearchp.dll -/- {1ED8E185-17DF-4A1A-A25C-79B29B604925}
BH082 WebCompass Search Class -/- C:\PROGRA~1\WEBCOM~1\WC_SRC~1.DLL -/- {2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}
BH083 WiseLook Application -/- C:\PROGRA~1\WISELO~1\juso.dll -/- {7CCA4EA6-CA02-4789-9419-34E85C7AC2DC}
BH084 IECtrl Class -/- C:\PROGRA~1\NFDay\nfddll.dll -/- {CA479385-AB37-40C5-AC98-43CB6A8E0B90}
BH085 icleserviceprg.icleservicea -/- C:\Program Files\icleservicea\icleservicea.dll -/- {E358CB15-B875-47D9-8979-282705AE2222}
BH086 PABHO -/- C:\PROGRA~1\Gappl\pabho.dll -/- {F7B20656-ACD3-4DFD-83F3-7B7493EBDC14}
BH087 SupportBarJN -/- C:\Program Files\SupportBarJN\SupportBarJN.dll -/- {FF6C5514-33A2-4714-8D67-B7C98E9504DE}
----------------------------------------------------------------------
A001 xmlconf.webcompass.co.kr
A002 update1.lottomeca.com
A003 up1.popgame.co.kr
A004 sidematch.net
A005 search-log.webcompass.co.kr
A006 search-***.webcompass.co.kr
A007 SAOYGJEDKQBIUJSR.dgplayshop.com
A008 s.011st.com
A009 minishop.linkprice.com
A010 lovemekth.cafe24.com
A011 log.barosearch.co.kr
A012 in.sponsorkeyword.co.kr
A013 image.auction.co.kr
A014 EW.itplayshop.com
A015 dw.toolon.co.kr
A016 dw.supportbar.co.kr
A017 ds.wegames.net
A018 download.goorma.co.kr
A019 download.barosearch.co.kr
A020 down.wlauncher.com
A021 down.sponsorkeyword.co.kr
A022 down.sidematch.net
A023 down.feel2day.com
A024 cpq.clickstory.co.kr
A025 codebase.webcompass.co.kr
A026 api.sponsorkeyword.co.kr
A027 adm.cpaacademy.co.kr
A028 222.122.197.27
A029 211.34.105.35
A030 ***.supportbar.co.kr
A031 ***.magicworld.co.kr
A032 ***.gmarket.co.kr
----------------------------------------------------------------------
Deleted Files : 57
Remove Service : 2
Remove Uninstall Entry : 13
Remove Startup Entry : 8
Remove Browser Helper Object : 8
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**sponsorkeyword
[01-HKCUREG]**Safeterra
[01-HKCUREG]**WiseLook Application
[01-HKCUREG]**sidematchup
[01-HKCUREG]**BaroSearch
[02-HKLMREG]**supportbarupdateJN
[02-HKLMREG]**NFDay
[02-HKLMREG]**NFDayUpdate
[03-BHOCLSD]**{0AC821AF-1682-438D-A319-5E6CB7C68B15}
[03-BHOCLSD]**{1ED8E185-17DF-4A1A-A25C-79B29B604925}
[03-BHOCLSD]**{2D3BA117-A67B-4BE3-B692-A0F399E7EBC3}
[03-BHOCLSD]**{7CCA4EA6-CA02-4789-9419-34E85C7AC2DC}
[03-BHOCLSD]**{CA479385-AB37-40C5-AC98-43CB6A8E0B90}
[03-BHOCLSD]**{E358CB15-B875-47D9-8979-282705AE2222}
[03-BHOCLSD]**{F7B20656-ACD3-4DFD-83F3-7B7493EBDC14}
[03-BHOCLSD]**{FF6C5514-33A2-4714-8D67-B7C98E9504DE}
[05-SERVICE]**wcsv
[05-SERVICE]**Microsource Update Service
----------------------------------------------------------------------
Total Processing Time : 333ms
----------------------------------------------------------------------