프로그램분석

Code : YLAYo4CK5akOZHfPjmkX1QqJtYatUqFb5O582bqkwmw=

프로세스 천국 2013. 2. 23. 17:32

----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2013-02-23
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Favorites\11번가.url
DF001 C:\Documents and Settings\Administrator\Favorites\G마켓.url
DF002 C:\Documents and Settings\Administrator\Favorites\연결\11번가.url
DF003 C:\Documents and Settings\Administrator\Favorites\연결\옥션.url
DF004 C:\Documents and Settings\Administrator\Favorites\연결\지마켓.url
DF005 C:\Documents and Settings\Administrator\Favorites\옥션.url
DF006 C:\Documents and Settings\Administrator\My Documents\FreeListen_Setup_121.exe
DF007 C:\Documents and Settings\Administrator\바탕 화면\11번가.lnk
DF008 C:\Documents and Settings\Administrator\바탕 화면\G마켓.lnk
DF009 C:\Documents and Settings\Administrator\바탕 화면\wLauncherSetup.exe
DF010 C:\Documents and Settings\Administrator\바탕 화면\옥션.lnk
DF011 C:\Documents and Settings\Administrator\시작 메뉴\프로그램\updatevaccine\updatevaccine 삭제.lnk
DF012 C:\Documents and Settings\Administrator\시작 메뉴\프로그램\updatevaccine\updatevaccine.lnk
DF013 C:\Documents and Settings\Administrator\시작 메뉴\프로그램\updatevaccine\홈페이지.url
DF014 C:\Documents and Settings\All Users\Application Data\DirectKeyword2\DirectKeyword2.exe
DF015 C:\Documents and Settings\All Users\Application Data\DirectKeyword2\DirectKeywordUpdateService.exe
DF016 C:\Documents and Settings\All Users\Application Data\WindowsTab\uninst.exe
DF017 C:\Documents and Settings\All Users\Application Data\WindowsTab\windowstab.exe
DF018 C:\Documents and Settings\All Users\Application Data\WindowsTab\windowstabup.exe
DF019 C:\Documents and Settings\All Users\Templates\15-11988_wlaunchersetup[1]_.exe
DF020 C:\Documents and Settings\All Users\시작 메뉴\프로그램\파일함\파일함 탐색기 삭제.lnk
DF021 C:\Documents and Settings\All Users\시작 메뉴\프로그램\파일함\파일함 탐색기.lnk
DF022 C:\Program Files\AdMatching\AdMatching.exe
DF023 C:\Program Files\AdMatching\admsys.exe
DF024 C:\Program Files\AdvTopC\AdvTCApp.exe
DF025 C:\Program Files\AdvTopC\TCHelper.dll
DF026 C:\Program Files\AdvTopC\TCSearch.exe
DF027 C:\Program Files\AdvTopC\TCUnins.exe
DF028 C:\Program Files\AdvTopC\tcwhk.dll
DF029 C:\Program Files\barocn\barocn.exe
DF030 C:\Program Files\barocn\barosvc.exe
DF031 C:\Program Files\barocn\uninst.exe
DF032 C:\Program Files\boosting\boosting.exe
DF033 C:\Program Files\boosting\pidadd.dll
DF034 C:\Program Files\FileHam.com\FileHamBrowser\Cleanup.exe
DF035 C:\Program Files\FileHam.com\FileHamBrowser\파일함탐색기.exe
DF036 C:\Program Files\FileHam.com\Updater\FileHamUpdater.exe
DF037 C:\Program Files\FreeListen\bass.dll
DF038 C:\Program Files\FreeListen\FreeListen.exe
DF039 C:\Program Files\FreeListen\FreeListenManager.exe
DF040 C:\Program Files\FreeListen\FreeListenUpdate.exe
DF041 C:\Program Files\FreeListen\nhopen.dll
DF042 C:\Program Files\HiSearch\HSHelper.dll
DF043 C:\Program Files\HiSearch\HSSearch.exe
DF044 C:\Program Files\HiSearch\HSSvcApp.exe
DF045 C:\Program Files\HiSearch\HSUninst.exe
DF046 C:\Program Files\HiSearch\hswhk.dll
DF047 C:\Program Files\KongGa\KGAAlert.exe
DF048 C:\Program Files\KongGa\KGAChkSvc.exe
DF049 C:\Program Files\KongGa\KGAUninst.exe
DF050 C:\Program Files\KongGa\KGAUpdate.exe
DF051 C:\Program Files\KongGa\KongGaAx.dll
DF052 C:\Program Files\KongGa\KongGaCtrl.dll
DF053 C:\Program Files\KongGa\KongGaSvcApp.exe
DF054 C:\Program Files\liveplus\liveplus.exe
DF055 C:\Program Files\liveplus\lpupdate.exe
DF056 C:\Program Files\LocalBox\LocalBox.exe
DF057 C:\Program Files\LocalBox\LocalBoxupdate.exe
DF058 C:\Program Files\openkeyword\OpenKeywordC.exe
DF059 C:\Program Files\openkeyword\OpenKeywordD.exe
DF060 C:\Program Files\openkeyword\OpenKeywordS.exe
DF061 C:\Program Files\openkeyword\SQLiteEncrypt.dll
DF062 C:\Program Files\Racl\RaclSvc.exe
DF063 C:\Program Files\Racl\RaclTb.dll
DF064 C:\Program Files\Racl\RaclUninst.exe
DF065 C:\Program Files\updatevaccine\EGutil.dll
DF066 C:\Program Files\updatevaccine\uninst_updatevaccine.exe
DF067 C:\Program Files\updatevaccine\updatevaccine.exe
DF068 C:\Program Files\updatevaccine\updatevaccinestart.exe
DF069 C:\Program Files\updatevaccine\updatevaccineu.exe
DF070 C:\Program Files\updatevaccine\vcncmndb.dll
DF071 C:\Program Files\windviewer\windopt.exe
DF072 C:\Program Files\windviewer\windviewer.dll
DF073 C:\Program Files\windviewer\windviewer.exe
DF074 C:\Program Files\windviewer\windvieweragent.exe
DF075 C:\WINDOWS\Downloaded Program Files\FreeListenActiveX.ocx
DF076 C:\WINDOWS\FreeListenDownLoader.exe
DF077 C:\WINDOWS\winuserinforeset.exe
----------------------------------------------------------------------
SC078 DirectKeywordUpdateService -/- DirectKeywordUpdateService -/- - -/-  -/- C:\Documents and Settings\All Users\Application Data\DirectKeyword2\DirectKeywordUpdateService.exe
SC079 KongGa -/- 무료만화(KongGa) -/- - -/-  -/- C:\Program Files\KongGa\KGAChkSvc.exe
SC080 barocn -/- barocn svc -/- - -/-  -/- C:\Program Files\barocn\barosvc.exe
SC081 updatevaccine Update Service -/- updatevaccine Support Service -/- - -/-  -/- "C:\WINDOWS\winuserinforeset.exe" /update
----------------------------------------------------------------------
UN082 XocureWeb Control HiSearch -/- HiSearch -/- Adv HiSearch -/- - -/- hxxp://www.hisearch.or.kr
UN083 SocureWeb Control -/- TopClick -/- Advenced TopCli -/- - -/- hxxp://www.topclick.kr
UN084 boosting -/- - -/- boosting -/- - -/- -
UN085 FreeListen -/- (주)애니밍 -/- FreeListen -/- hxxp://www.FreeListen.co.kr -/- hxxp://www.FreeListen.co.kr
UN086 Micro Softwear Viewer Actx 1.0.0.1 -/- - -/- KongGa -/- - -/- -
UN087 liveplus -/- LivePlus .Corp -/- liveplus -/- - -/- -
UN088 LocalBox -/- LocalBox .Corp -/- LocalBox -/- - -/- -
UN089 Windows RightClick Copy -/- - -/- Racl -/- - -/- -
UN090 updatevaccine -/- UCF -/- updatevaccine -/- hxxp://www.updatevaccine.co.kr -/- hxxp://www.updatevaccine.co.kr
UN091 Window Viewer -/- - -/- Window Viewer -/- - -/- -
UN092 Windows barocon  -/- Baro, Inc. -/- Windows barocon -/- - -/- -
UN093 winuserinforeset -/- - -/- winuserinforeset -/- hxxp://updatevaccine.co.kr -/- hxxp://updatevaccine.co.kr
UN094 KCW Ad Matching -/- Korea Contents Network, Inc. -/- {51632293-CBB6-47bc-9244-73C44C8516A6}_is1 -/- hxxp://www.admatching.co.kr/ -/- hxxp://www.admatching.co.kr/
UN095 파일함탐색기 -/- - -/- 파일함탐색기 -/- - -/- -
UN096 DirectKeyword2 -/- 검색닷컴 -/- DirectKeyword2 -/- - -/- -
UN097 WindowsTab Uninstall -/- www.about-tab.com -/- WindowsTab -/- hxxp://www.about-tab.com -/- -
UN098 오픈키워드(OpenKeyword) -/- TGSM -/- 오픈키워드(OpenKeyword) -/- hxxp://openkeyword.co.kr -/- -
----------------------------------------------------------------------
US099 admsys -/- C:\Program Files\AdMatching\admsys.exe
US100 openkeyword -/- C:\Program Files\openkeyword\OpenKeywordC.exe /RUN
US101 DirectKeyword2 -/- C:\Documents and Settings\All Users\Application Data\DirectKeyword2\DirectKeyword2.exe
US102 AdMatching -/- C:\Program Files\AdMatching\AdMatching.exe
US103 FreeListen -/- C:\Program Files\FreeListen\FreeListenUpdate.exe
US104 Adv_TopC -/- C:\Program Files\AdvTopC\TCSearch.exe
US105 boosting -/- C:\Program Files\boosting\boosting.exe
US106 HiSch -/- C:\Program Files\HiSearch\HSSearch.exe
US107 windviewer -/- C:\Program Files\windviewer\windviewer.exe
US108 windvieweragent -/- C:\Program Files\windviewer\windvieweragent.exe
US109 windvieweropt -/- C:\Program Files\windviewer\windopt.exe
US110 WindowsTab -/- C:\Documents and Settings\All Users\Application Data\WindowsTab\windowstabup.exe
LS111 AdMatching -/- C:\Program Files\AdMatching\AdMatching.exe /byboot
LS112 admsys -/- C:\Program Files\AdMatching\admsys.exe
LS113 FileHamBrowser -/- C:\Program Files\Fileham.com\FileHamBrowser\파일함탐색기.exe menu
LS114 Racl -/- C:\Program Files\Racl\RaclSvc.exe
LS115 KongGa -/- C:\Program Files\KongGa\KGAUpdate.exe
LS116 kgaalert -/- C:\Program Files\KongGa\KGAAlert.exe
LS117 DirectKeyword2 -/- C:\Documents and Settings\All Users\Application Data\DirectKeyword2\DirectKeyword2.exe
LS118 liveplus -/- C:\Program Files\liveplus\lpupdate.exe
LS119 LocalBox -/- C:\Program Files\LocalBox\LocalBoxupdate.exe
LS120 updatevaccine main -/- C:\Program Files\updatevaccine\updatevaccineu.exe /8L
LS121 updatevaccinestart.exe -/- C:\Program Files\updatevaccine\updatevaccinestart.exe
----------------------------------------------------------------------
BH122 Smart TC -/- C:\Program Files\AdvTopC\TCHelper.dll -/- {3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}
BH123 KongGaObj Class -/- C:\Program Files\KongGa\KongGaCtrl.dll -/- {432339F4-9FDC-43BA-99C2-FEE0D9EA7C74}
BH124 HSAdvCtrl Class -/- C:\Program Files\HiSearch\HSHelper.dll -/- {A433374B-2F44-402B-AB7E-E58B4A09DF8A}
BH125 windviewer Class -/- C:\Program Files\windviewer\windviewer.dll -/- {CC34B3C3-3904-4D0E-8035-536715B28BBA}
EXADD FreeListen_ActiveX Control -/- C:\WINDOWS\DOWNLO~1\FREELI~1.OCX -/- {6630CE25-5CD8-47EC-932C-C334E5CEF3D3}
EXADD 잠김영역복사 -/- C:\Program Files\Racl\RaclTB.dll -/- {BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
EXADD Shockwave Flash Object -/- C:\WINDOWS\system32\Macromed\Flash\Flash10p.ocx -/- {D27CDB6E-AE6D-11CF-96B8-444553540000}
----------------------------------------------------------------------
----------------------------------------------------------------------
TB126 잠김영역복사 -/- C:\Program Files\Racl\RaclTB.dll -/- {BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
----------------------------------------------------------------------
----------------------------------------------------------------------
Deleted Files : 78
Remove Service : 4
Remove Uninstall Entry : 17
Remove Startup Entry : 23
Remove Browser Helper Object : 4
Remove Toolbar : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2013-02-23
[01-HKCUREG]**admsys
[01-HKCUREG]**openkeyword
[01-HKCUREG]**DirectKeyword2
[01-HKCUREG]**AdMatching
[01-HKCUREG]**FreeListen
[01-HKCUREG]**Adv_TopC
[01-HKCUREG]**boosting
[01-HKCUREG]**HiSch
[01-HKCUREG]**windviewer
[01-HKCUREG]**windvieweragent
[01-HKCUREG]**windvieweropt
[01-HKCUREG]**WindowsTab
[02-HKLMREG]**AdMatching
[02-HKLMREG]**admsys
[02-HKLMREG]**FileHamBrowser
[02-HKLMREG]**Racl
[02-HKLMREG]**KongGa
[02-HKLMREG]**kgaalert
[02-HKLMREG]**DirectKeyword2
[02-HKLMREG]**liveplus
[02-HKLMREG]**LocalBox
[02-HKLMREG]**updatevaccine main
[02-HKLMREG]**updatevaccinestart.exe
[03-BHOCLSD]**{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}
[03-BHOCLSD]**{432339F4-9FDC-43BA-99C2-FEE0D9EA7C74}
[03-BHOCLSD]**{A433374B-2F44-402B-AB7E-E58B4A09DF8A}
[03-BHOCLSD]**{CC34B3C3-3904-4D0E-8035-536715B28BBA}
[04-TOOLBAR]**{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}
[05-SERVICE]**DirectKeywordUpdateService
[05-SERVICE]**KongGa
[05-SERVICE]**barocn
[05-SERVICE]**updatevaccine Update Service
----------------------------------------------------------------------
Total Processing Time : 94ms
----------------------------------------------------------------------