애드웨어, 허위백신, 팝업광고, 쇼핑몰 바로가기, 악성툴바, 각종 개쓰레기 프로그램 삭제 요청하기
이용약관을 안내하며 컴퓨터에 설치하는 개쓰레기 프로그램들은 백신으로 백날 돌려봐야 검색이 안됩니다.
개쓰레기 프로그램들은 아주 지능적이라서 전문가가 아니고서는 찾아내기가 어렵습니다.


----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-12-15
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\RapidGet\RapidGet.exe
DF001 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPDMgr.dll
DF002 C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
DF003 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
DF004 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
DF005 C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGUnist.exe
DF006 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingGood.exe
DF007 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll
DF008 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUninst.exe
DF009 C:\Documents and Settings\Administrator\Application Data\WerPingGood\WPUpdate.exe
DF010 C:\Program Files\CommonSvr\comsvr.exe
DF011 C:\Program Files\CommonSvr\msvcr71d.dll
DF012 C:\Program Files\CommonSvr\unins000.exe
DF013 C:\Program Files\EverVaccine\db\filter.dll
DF014 C:\Program Files\EverVaccine\db\inter.dll
DF015 C:\Program Files\EverVaccine\etc\EverVaccineFD.SYS
DF016 C:\Program Files\EverVaccine\etc\EverVaccineMon.exe
DF017 C:\Program Files\EverVaccine\etc\EverVaccineReg.exe
DF018 C:\Program Files\EverVaccine\etc\EverVaccineRemote.dll
DF019 C:\Program Files\EverVaccine\etc\EverVaccineReport.exe
DF020 C:\Program Files\EverVaccine\EverVaccine.dll
DF021 C:\Program Files\EverVaccine\EverVaccine.exe
DF022 C:\Program Files\EverVaccine\EverVaccineUpdate.exe
DF023 C:\Program Files\EverVaccine\temp\filter.dll
DF024 C:\Program Files\EverVaccine\temp\inter.dll
DF025 C:\Program Files\EverVaccine\Uninstall.exe
DF026 C:\Program Files\HomeBoan\AddScheduler.exe
DF027 C:\Program Files\HomeBoan\HomeBoan.exe
DF028 C:\Program Files\HomeBoan\HomeBoanMtr.exe
DF029 C:\Program Files\HomeBoan\HomeBoanuck.exe
DF030 C:\Program Files\HomeBoan\uninst.exe
DF031 C:\Program Files\indoit\WinSearchTop\1.0.0.18\AXBHO.dll
DF032 C:\Program Files\indoit\WinSearchTop\1.0.0.18\SetupUtil.dll
DF033 C:\Program Files\indoit\WinSearchTop\1.0.0.18\WinSearchMon.exe
DF034 C:\Program Files\indoit\WinSearchTop\1.0.0.7\AXBHO.dll
DF035 C:\Program Files\indoit\WinSearchTop\1.0.0.7\SetupUtil.dll
DF036 C:\Program Files\indoit\WinSearchTop\unins000.exe
DF037 C:\Program Files\Me2 Supporter\me2Supporter.exe
DF038 C:\Program Files\Me2 Supporter\me2Supporterh.dll
DF039 C:\Program Files\nate_as\nate_as.dll
DF040 C:\Program Files\nate_as\nate_as.exe
DF041 C:\Program Files\nate_as\unins000.exe
DF042 C:\Program Files\SearchNQ\Pado.exe
DF043 C:\Program Files\SearchNQ\patch.exe
DF044 C:\Program Files\SearchNQ\SearchNQ.exe
DF045 C:\Program Files\SearchNQ\unins000.exe
DF046 C:\Program Files\speedcheck\speedcheck.exe
DF047 C:\Program Files\speedcheck\speedcheckEngine.exe
DF048 C:\Program Files\speedcheck\speedcheckse.exe
DF049 C:\Program Files\speedcheck\speedcheckU.exe
DF050 C:\Program Files\speedcheck\uninst_speedcheck.exe
DF051 C:\Program Files\STerra\SafeOpen.exe
DF052 C:\Program Files\STerra\SafeTerra.exe
DF053 C:\Program Files\STerra\SafeTerraUpdate.exe
DF054 C:\Program Files\STerra\sotab.dll
DF055 C:\Program Files\STerra\STUninstall.exe
DF056 C:\WINDOWS\system32\qst66623xi.exe
----------------------------------------------------------------------
SC057 BxSixsSvc -/- Application Layer Service -/- - -/-  -/- C:\WINDOWS\system32\bxsixs32.exe
SC058 RPGSvcman -/- RPGSvcman -/- - -/-  -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGSvcMan.exe
SC059 speedcheck Update Service -/- speedcheck Support Service -/- - -/-  -/- "C:\WINDOWS\updatehelper.exe" /update
SC060 speedcheckService -/- speedcheck Service -/- - -/-  -/- C:\Program Files\speedcheck\speedcheckse.exe
----------------------------------------------------------------------
UN061 에버백신 -/- - -/- EverVaccineMain -/- - -/- -
UN062 홈보안 -/- - -/- HomeBoan -/- - -/- -
UN063 Me2 Supporter -/- - -/- Me2 Supporter -/- - -/- -
UN064 Windows Download Manager RapidGet -/- - -/- RapidGet -/- - -/- -
UN065 SafeTerra -/- 한국고시아카데미 -/- SafeTerra -/-
UN066 SearchnQ -/- SearchnQ -/- SearchnQ_is1 -/- -
UN067 speedcheck -/- - -/- speedcheck -/-
UN068 updatehelper -/- - -/- updatehelper -/-
UN069 WTL C++ Werping Manager -/- Werping -/- WerPingGood -/- - -/-
UN070 Windows Wireless Common Service -/- - -/- Wireless Common Service_is1 -/- - -/- -
UN071 WinSearchTop 버전 1.0.0.18 -/- indoit -/- {B8FA5D6C-9EB8-4B33-BB5D-D098796DAE5E}_is1 -/- com/
UN072 네이트 주소창 검색 -/- 네이트 주소창 검색 -/- 네이트 주소창 검색_is1 -/-
----------------------------------------------------------------------
US073 Safeterra -/- C:\Program Files\STerra\SafeTerraUpdate.exe
US074 WinSearchMon -/- C:\Program Files\indoit\winsearchtop\1.0.0.18\WinSearchMon.exe
LS075 HomeBoan -/- C:\Program Files\HomeBoan\HomeBoan.exe /run1
LS076 EverVaccineMain -/- C:\Program Files\EverVaccine\EverVaccine.exe /Scan
LS077 RapidGet -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\RPGManager.exe
LS078 rpga -/- C:\Documents and Settings\Administrator\Application Data\RapidGet\rpgchk.exe
LS079 SearchNQ -/- C:\Program Files\SearchNQ\SearchNQ.exe
LS080 Me2 Supporter -/- C:\Program Files\Me2 Supporter\me2Supporter.exe
LS081 comsvr -/- C:\Program Files\CommonSvr\comsvr.exe
LS082 Nate -/- C:\Program Files\nate_as\nate_as.exe
----------------------------------------------------------------------
BH083 WerPingHelperCtrl Class -/- C:\Documents and Settings\Administrator\Application Data\WerPingGood\WerPingHelper.dll -/- {114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
BH084 WinSearchTop -/- C:\Program Files\indoit\winsearchtop\1.0.0.18\AXBHO.dll -/- {23C7E613-D0B3-422D-884C-2B6173435214}
BH085 Search오픈탭 -/- C:\Program Files\STerra\Sotab.dll -/- {884EAA16-CA35-4666-845A-DC084DCDF356}
BH086 &Me2 Supporter Helper Object -/- C:\PROGRA~1\ME2SUP~1\ME2SUP~1.DLL -/- {C8B79474-B0E1-4265-B076-F35129969D8F}
----------------------------------------------------------------------
Deleted Files : 57
Remove Service : 4
Remove Uninstall Entry : 12
Remove Startup Entry : 10
Remove Browser Helper Object : 4
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**Safeterra
[01-HKCUREG]**WinSearchMon
[02-HKLMREG]**HomeBoan
[02-HKLMREG]**EverVaccineMain
[02-HKLMREG]**RapidGet
[02-HKLMREG]**rpga
[02-HKLMREG]**SearchNQ
[02-HKLMREG]**Me2 Supporter
[02-HKLMREG]**comsvr
[02-HKLMREG]**Nate
[03-BHOCLSD]**{114EB2A5-9A65-4FC2-A6E3-9949666EBA72}
[03-BHOCLSD]**{23C7E613-D0B3-422D-884C-2B6173435214}
[03-BHOCLSD]**{884EAA16-CA35-4666-845A-DC084DCDF356}
[03-BHOCLSD]**{C8B79474-B0E1-4265-B076-F35129969D8F}
[05-SERVICE]**BxSixsSvc
[05-SERVICE]**RPGSvcman
[05-SERVICE]**speedcheck Update Service
[05-SERVICE]**speedcheckService
----------------------------------------------------------------------
Total Processing Time : 355ms
----------------------------------------------------------------------




요즘 휴대폰 소액결제(월정액 자동결제)를 이용한 사기사이트 및 사기프로그램이 판을 치고 있습니다.
무료백신 프로그램, 무료개인정보삭제 프로그램, 무료 유해사이트차단 프로그램, 무료파일다운, 무료문자, 무료운세, 무료로또, 무료게임, 무료MP3등의 사이트에서 휴대폰 및 일반전화로 절대 인증 하지마세요.

인증하는 즉시 결제되며, 서비스를 해지하지 않는 이상 매월 자동결제됩니다. (인증번호 = 결제번호)
업체마다 결제되는 기간은 다르지만 짧게는 2년, 길게는 20년, 최대 50년짜리도 있습니다.
서비스 업체의 이용약관 및 결제내용에 대해 확실히 알고 인증/사용하시기 바랍니다.
안드로이드계열 스마트폰에서 출처가 없는 설치파일도 다운받지말고 실행하지도 마세요.
해당 통신사에 전화해서 소액결제 안되게끔 차단시키세요. (스마트폰에 무지한 아이들/노인분들 주의)

*악덕업체의 요청으로 인하여 블로그의 게시글이 이유없이 삭제되는 경우 구글 블로그에 재게시 합니다.
[ 2011.12.16 02:06 ] Posted by windowexe.com , 프로그램분석

댓글을 달아 주세요

  1. windowexe.com - 2012.01.31 21:24 신고 댓글주소 수정/삭제 댓글쓰기


    ======================================================================
    ======================================================================

    echo Start
    echo windowexe.com & tskill "DBGOLotto" & echo windowdel.com
    echo windowexe.com & tskill "DBGOLottoT" & echo windowdel.com
    echo windowexe.com & tskill "FavoritesURLChanger" & echo windowdel.com
    echo windowexe.com & tskill "FineTop" & echo windowdel.com
    echo windowexe.com & tskill "FineTopUp" & echo windowdel.com
    echo windowexe.com & tskill "linkdirectT" & echo windowdel.com
    echo windowexe.com & tskill "PatchUpPlus" & echo windowdel.com
    echo windowexe.com & tskill "RClean" & echo windowdel.com
    echo windowexe.com & tskill "RCleanT" & echo windowdel.com
    echo windowexe.com & tskill "SelfPrivacy" & echo windowdel.com
    echo windowexe.com & tskill "StarPDF" & echo windowdel.com
    echo windowexe.com & tskill "starpdfup" & echo windowdel.com
    echo windowexe.com & tskill "StarSee" & echo windowdel.com
    echo windowexe.com & tskill "starseeextchg" & echo windowdel.com
    echo windowexe.com & tskill "StarSeeLauncher" & echo windowdel.com
    echo windowexe.com & tskill "starseeup" & echo windowdel.com
    echo windowexe.com & tskill "STARUpdate" & echo windowdel.com
    echo windowexe.com & tskill "updatePlus" & echo windowdel.com
    echo windowexe.com & tskill "WebtoonRoom" & echo windowdel.com
    echo windowexe.com & tskill "WebtoonRoom_Update" & echo windowdel.com
    echo windowexe.com & tskill "WindowWizard" & echo windowdel.com
    echo windowexe.com & tskill "WindowWizardT" & echo windowdel.com
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "startoolsup" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "startoolsup" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DBGOLottoT" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DBGOLottoT" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WebtoonRoom" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WebtoonRoom" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "opentabup" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "opentabup" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "finetopup" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "finetopup" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "linkdirectmain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "linkdirectmain" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "CineRakCoupon" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "CineRakCoupon" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "StarPDFMain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "StarPDFMain" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "StarZipMain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "StarZipMain" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "StarSeeMain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "StarSeeMain" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DBGOCodec" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DBGOCodec" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "RCleanMain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "RCleanMain" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowwizard" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowwizard" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SmartSecureMain" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SmartSecureMain" /f
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000012-2461-47fc-A02F-9EB8678B2A5C}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000012-2461-47fc-A02F-9EB8678B2A5C}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000012-25AE-487c-8DD7-1CC9CE85512A}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000012-25AE-487c-8DD7-1CC9CE85512A}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000012-61C1-4d78-9748-81073EFB1E53}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000012-61C1-4d78-9748-81073EFB1E53}" /f
    echo Created by Windowexe.com
    echo file Delete & attrib -r "C:\Documents and Settings\Administrator\바탕 화면\최신휴대폰 즉시개통.lnk"
    echo file Delete & del /q "C:\Documents and Settings\Administrator\바탕 화면\최신휴대폰 즉시개통.lnk"
    echo file Delete & attrib -r "C:\Documents and Settings\Administrator\바탕 화면\씨네락 할인쿠폰.url"
    echo file Delete & del /q "C:\Documents and Settings\Administrator\바탕 화면\씨네락 할인쿠폰.url"
    echo file Delete & attrib -r "C:\Documents and Settings\Administrator\바탕 화면\옥션에서 싸게 사자.url"
    echo file Delete & del /q "C:\Documents and Settings\Administrator\바탕 화면\옥션에서 싸게 사자.url"
    echo End

    ======================================================================
    ======================================================================