애드웨어, 허위백신, 팝업광고, 쇼핑몰 바로가기, 악성툴바, 각종 개쓰레기 프로그램 삭제 요청하기
이용약관을 안내하며 컴퓨터에 설치하는 개쓰레기 프로그램들은 백신으로 백날 돌려봐야 검색이 안됩니다.
개쓰레기 프로그램들은 아주 지능적이라서 전문가가 아니고서는 찾아내기가 어렵습니다.


----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-06-14
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\Temp\antidefend_hanpan.exe
DF001 C:\Documents and Settings\Administrator\Application Data\Temp\ClipViewSetup.exe
DF002 C:\Documents and Settings\Administrator\Application Data\Temp\CShortCut.exe
DF003 C:\Documents and Settings\Administrator\Application Data\Temp\privacyview_hanpan.exe
DF004 C:\Documents and Settings\Administrator\Application Data\Temp\SevenlinkInstall.exe
DF005 C:\Documents and Settings\Administrator\Application Data\Temp\SmartTool_bizt06_s.exe
DF006 C:\Documents and Settings\Administrator\Application Data\Temp\WinSearchSetup.exe
DF008 C:\Program Files\AntiDefend\ADAutoUpdate.exe
DF009 C:\Program Files\AntiDefend\ADEngine.dll
DF010 C:\Program Files\AntiDefend\AntiDefend.exe
DF011 C:\Program Files\AntiDefend\db\filter.dll
DF012 C:\Program Files\AntiDefend\db\inter.dll
DF013 C:\Program Files\AntiDefend\etc\ADFilterDriver.SYS
DF014 C:\Program Files\AntiDefend\etc\adMon.exe
DF015 C:\Program Files\AntiDefend\etc\ADmonRemote.dll
DF016 C:\Program Files\AntiDefend\etc\adReg.exe
DF017 C:\Program Files\AntiDefend\Uninstall.exe
DF018 C:\Program Files\clipview\clipview.exe
DF019 C:\Program Files\clipview\clipview_setup.exe
DF020 C:\Program Files\clipview\ClipViewUpdate.exe
DF021 C:\Program Files\clipview\unins000.exe
DF022 C:\Program Files\indoit\WinSearch\1.0.0.3\CustomSetup.dll
DF023 C:\Program Files\indoit\WinSearch\1.0.0.3\ShopBandEx.dll
DF024 C:\Program Files\indoit\WinSearch\1.0.0.3\ShopHolderEx.dll
DF025 C:\Program Files\indoit\WinSearch\unins000.exe
DF026 C:\Program Files\PrivacyView\PrivacyView.exe
DF027 C:\Program Files\PrivacyView\PrivacyViewcfg.exe
DF028 C:\Program Files\PrivacyView\PrivacyViewMon.exe
DF029 C:\Program Files\PrivacyView\Uninstall.exe
DF030 C:\Program Files\Sevenlink\sevenlink.exe
DF031 C:\Program Files\Sevenlink\Uninstall.exe
----------------------------------------------------------------------
UN000 AntiDefend -/- - -/- AntiDefendMain -/- - -/- -
UN001 clipview v1.0 -/- ClipView, Inc. -/- ClipView_is1 -/- - -/- -
UN002 프라이버시뷰 -/- - -/- PrivacyView -/- - -/- -
UN003 SmartTool 제거 -/- - -/- SmartTool -/- - -/- -
UN004 WinSearch 삭제 -/- IndoIt co.,ltd. -/- {96FFD4D8-9D3A-4C65-BCB4-0B622F9C0A5E}_is1 -/-
----------------------------------------------------------------------
US005 clipview -/- C:\Program Files\clipview\clipview.exe
LS006 SmartToolUDF -/- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\SmartTool\SmartToolUDF.exe
LS007 AntiDefendMain -/- C:\Program Files\AntiDefend\AntiDefend.exe /Boot
LS008 PrivacyView -/- C:\Program Files\PrivacyView\PrivacyView.exe /run1
LS009 sevenlink -/- C:\Program Files\Sevenlink\sevenlink.exe
LS010 SmartTool -/- C:\Program Files\SmartTool\SmartTool.exe
----------------------------------------------------------------------
BH011 SmartToolCtl Class -/- C:\Program Files\SmartTool\SmartTool.dll -/- {2D891923-34B7-4186-9B47-752624535DC1}
BH012 HolderEx Class -/- C:\Program Files\indoit\WinSearch\1.0.0.3\ShopHolderEx.dll -/- {4AA969FB-EC19-407C-98A4-B8058322F4BE}
----------------------------------------------------------------------
Remove Uninstall Entry : 5
Remove Startup Entry : 6
Remove Browser Helper Object : 2
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**clipview
[02-HKLMREG]**SmartToolUDF
[02-HKLMREG]**AntiDefendMain
[02-HKLMREG]**PrivacyView
[02-HKLMREG]**sevenlink
[02-HKLMREG]**SmartTool
[03-BHOCLSD]**{2D891923-34B7-4186-9B47-752624535DC1}
[03-BHOCLSD]**{4AA969FB-EC19-407C-98A4-B8058322F4BE}

----------------------------------------------------------------------
Total Processing Time : 325ms
----------------------------------------------------------------------
What's new : BH012 HolderEx Class -/- C:\Program Files\indoit\WinSearch\1.0.0.3\ShopHolderEx.dll -/- {4AA969FB-EC19-407C-98A4-B8058322F4BE}
----------------------------------------------------------------------




요즘 휴대폰 소액결제(월정액 자동결제)를 이용한 사기사이트 및 사기프로그램이 판을 치고 있습니다.
무료백신 프로그램, 무료개인정보삭제 프로그램, 무료 유해사이트차단 프로그램, 무료파일다운, 무료문자, 무료운세, 무료로또, 무료게임, 무료MP3등의 사이트에서 휴대폰 및 일반전화로 절대 인증 하지마세요.

인증하는 즉시 결제되며, 서비스를 해지하지 않는 이상 매월 자동결제됩니다. (인증번호 = 결제번호)
업체마다 결제되는 기간은 다르지만 짧게는 2년, 길게는 20년, 최대 50년짜리도 있습니다.
서비스 업체의 이용약관 및 결제내용에 대해 확실히 알고 인증/사용하시기 바랍니다.
안드로이드계열 스마트폰에서 출처가 없는 설치파일도 다운받지말고 실행하지도 마세요.
해당 통신사에 전화해서 소액결제 안되게끔 차단시키세요. (스마트폰에 무지한 아이들/노인분들 주의)

*악덕업체의 요청으로 인하여 블로그의 게시글이 이유없이 삭제되는 경우 구글 블로그에 재게시 합니다.
[ 2011.06.15 14:11 ] Posted by windowexe.com , 프로그램분석

댓글을 달아 주세요

  1. windowexe.com - 2012.02.20 12:49 신고 댓글주소 수정/삭제 댓글쓰기

    ======================================================================
    ======================================================================

    echo Start
    echo windowexe.com & tskill "InfoSvc" & echo windowdel.com
    echo windowexe.com & tskill "InfoWrk" & echo windowdel.com
    echo windowexe.com & tskill "SpoolMgr32" & echo windowdel.com
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "InfoScan Worker" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "InfoScan Worker" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "wcmgr.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "wcmgr.exe" /f
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{332C4290-E3B6-48f6-B59A-BA7205D7DE39}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{332C4290-E3B6-48f6-B59A-BA7205D7DE39}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{332C4290-E3B6-48f6-B59A-BA7205D7DE39}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{332C4290-E3B6-48f6-B59A-BA7205D7DE39}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79BEAC41-E1A0-44E7-98C8-6EA906EB0C9A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{79BEAC41-E1A0-44E7-98C8-6EA906EB0C9A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{79BEAC41-E1A0-44E7-98C8-6EA906EB0C9A}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{79BEAC41-E1A0-44E7-98C8-6EA906EB0C9A}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91D32B41-4887-4CD6-A02A-BC5BE9722434}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91D32B41-4887-4CD6-A02A-BC5BE9722434}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91D32B41-4887-4CD6-A02A-BC5BE9722434}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{91D32B41-4887-4CD6-A02A-BC5BE9722434}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A03B859B-312B-47ce-A22B-C34D851DAD28}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A03B859B-312B-47ce-A22B-C34D851DAD28}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A03B859B-312B-47ce-A22B-C34D851DAD28}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A03B859B-312B-47ce-A22B-C34D851DAD28}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A408E7C0-81BB-4C01-9337-0D0720E89C4B}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A408E7C0-81BB-4C01-9337-0D0720E89C4B}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A408E7C0-81BB-4C01-9337-0D0720E89C4B}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A408E7C0-81BB-4C01-9337-0D0720E89C4B}" /f
    echo Created by Windowexe.com
    sc stop "CNetSrv"
    echo Service Disable & sc config "CNetSrv" start= disabled & echo Windowexe.com
    sc stop "ComSyspcs"
    echo Service Disable & sc config "ComSyspcs" start= disabled & echo Windowexe.com
    sc stop "CProve"
    echo Service Disable & sc config "CProve" start= disabled & echo Windowexe.com
    sc stop "InfoSvc"
    echo Service Disable & sc config "InfoSvc" start= disabled & echo Windowexe.com
    sc stop "mocking"
    echo Service Disable & sc config "mocking" start= disabled & echo Windowexe.com
    sc stop "PsnDct"
    echo Service Disable & sc config "PsnDct" start= disabled & echo Windowexe.com
    sc stop "SNSnetvc"
    echo Service Disable & sc config "SNSnetvc" start= disabled & echo Windowexe.com
    sc stop "SpoolMgrSvc"
    echo Service Disable & sc config "SpoolMgrSvc" start= disabled & echo Windowexe.com
    sc stop "TGridService"
    echo Service Disable & sc config "TGridService" start= disabled & echo Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA1}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA1}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA2}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA2}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA3}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{AE9E3316-22D7-472A-8FAD-80E3C5051AA3}" /f
    echo Created by Windowexe.com
    echo kill & taskkill /im "mdruybsvc.exe" /f
    echo file rename & rename "C:\Program Files\ModernRu\mdruybsvc.exe" "Renamed_by_Windowexe.com_mdruybsvc.exe"
    echo file rename & rename "C:\Program Files (x86)\ModernRu\mdruybsvc.exe" "Renamed_by_Windowexe.com_mdruybsvc.exe"
    echo Created by Windowexe.com
    echo End

    ======================================================================
    ======================================================================