애드웨어, 허위백신, 팝업광고, 쇼핑몰 바로가기, 악성툴바, 각종 개쓰레기 프로그램 삭제 요청하기
이용약관을 안내하며 컴퓨터에 설치하는 개쓰레기 프로그램들은 백신으로 백날 돌려봐야 검색이 안됩니다.
개쓰레기 프로그램들은 아주 지능적이라서 전문가가 아니고서는 찾아내기가 어렵습니다.


----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2011-07-26
----------------------------------------------------------------------
DF000 C:\Documents and Settings\Administrator\Application Data\DirectKeyword2\DirectKeyword2.exe
DF001 C:\Documents and Settings\Administrator\Application Data\MSINET.OCX
DF002 C:\Documents and Settings\Administrator\Application Data\msvbvm60.dll
DF003 C:\Documents and Settings\Administrator\Application Data\scrrun.dll
DF004 C:\Documents and Settings\Administrator\Application Data\sindying.exe
DF005 C:\Documents and Settings\Administrator\Application Data\VB6KO.DLL
DF006 C:\Program Files\DKSetup2_k6000.exe
DF007 C:\Program Files\DualVaccine_letsbe.exe
DF008 C:\Program Files\DualVaccine\db\filter.dll
DF009 C:\Program Files\DualVaccine\db\inter.dll
DF010 C:\Program Files\DualVaccine\DualVaccine.exe
DF011 C:\Program Files\DualVaccine\DVAutoUpdate.exe
DF012 C:\Program Files\DualVaccine\DVEngine.dll
DF013 C:\Program Files\DualVaccine\etc\DVFilterDriver.SYS
DF014 C:\Program Files\DualVaccine\etc\DVMon.exe
DF015 C:\Program Files\DualVaccine\etc\DVmonRemote.dll
DF016 C:\Program Files\DualVaccine\etc\DVReg.exe
DF017 C:\Program Files\DualVaccine\temp\filter.dll
DF018 C:\Program Files\DualVaccine\temp\inter.dll
DF019 C:\Program Files\DualVaccine\Uninstall.exe
DF020 C:\Program Files\mcmst_mb.exe
DF021 C:\Program Files\mvcast\mcmst_mb.exe
DF022 C:\Program Files\OpenCap\OpenCPTApp.exe
DF023 C:\Program Files\OpenCap\OpenCPTSvc.exe
DF024 C:\Program Files\OpenCap\OpenCPTSvcMan.exe
DF025 C:\Program Files\OpenCap\OpenCPTUninst.exe
DF026 C:\Program Files\OpenCap\temp\opencp14.exe
DF027 C:\Program Files\opencp14_inst.exe
DF028 C:\Program Files\opensearchp\opensearchp.dll
DF029 C:\Program Files\opensearchp\opensearchps.exe
DF030 C:\Program Files\opensearchp\Uninstall.exe
DF031 C:\Program Files\QuickDomainInstaller.exe
DF032 C:\Program Files\QuickDomainSearch\QuickDomainSearch.exe
DF033 C:\Program Files\SafeGuide.exe
DF034 C:\Program Files\SafeGuide\SafeGuide.exe
DF035 C:\Program Files\SafeGuide\SafeGuideUnInst.exe
DF036 C:\Program Files\SafeGuide\SafeGuideUpdate.exe
DF037 C:\Program Files\searchtinstall.exe
DF038 C:\Program Files\setup_c3i012.exe
DF039 C:\Program Files\winask\sqlite3.dll
DF040 C:\Program Files\winask\uninst1.exe
DF041 C:\Program Files\winask\winaskb51.dll
DF042 C:\Program Files\winask\winasks51.dll
DF043 C:\Program Files\winask\winasku.exe
DF044 C:\WINDOWS\system32\opensearchpinst.exe
----------------------------------------------------------------------
SC045 OpenCapSvcman -/- OpenCapSvcman -/- - -/-  -/- C:\Program Files\OpenCap\OpenCPTSvcMan.exe
SC046 Windows WinAsk Update Service -/- Windows WinAsk Update Service -/- - -/-  -/- C:\Program Files\winask\winasku.exe
----------------------------------------------------------------------
UN047 QuickAddressSearch -/- QuickAddressSearch -/- DomainActiveGard -/- -
UN048 DualVaccine -/- - -/- DualVaccine -/- - -/- -
UN049 Micoro Window Capture Opencap -/- - -/- OpenCap -/- - -/- -
UN050 opensearchp 1.00 -/- - -/- opensearchp 1.00 -/- - -/- -
UN051 SafeGuide -/- koreaexamacademy -/- SafeGuide -/- - -/- -
UN052 winask -/- winask -/- winask -/- - -/-
UN053 DirectKeyword2 -/- 검색닷컴 -/- DirectKeyword2 -/- - -/- -
----------------------------------------------------------------------
US054 DirectKeyword2 -/- C:\Documents and Settings\Administrator\Application Data\DirectKeyword2\DirectKeyword2.exe
US055 SafeGuide -/- C:\Program Files\SafeGuide\SafeGuideUpdate.exe
LS056 OpenCap -/- C:\Program Files\OpenCap\OpenCPTSvc.exe
LS057 QuickDomainSearch.exe -/- C:\Program Files\QuickDomainSearch\QuickDomainSearch.exe
LS058 DualVaccine -/- C:\Program Files\DualVaccine\DualVaccine.exe /Scan
LS059 mcmst_mb.exe -/- C:\Program Files\mvcast\mcmst_mb.exe
LS060 sindying -/- C:\Documents and Settings\Administrator\Application Data\sindying.exe
----------------------------------------------------------------------
BH061 opensearchhana.opensearchp -/- C:\Program Files\opensearchp\opensearchp.dll -/- {1ED8E185-17DF-4A1A-A25C-79B29B604925}
BH062 브라우저 검색 공급 윈에스크 -/- C:\Program Files\winask\winaskb51.dll -/- {3D556137-234E-4ed4-9DCF-C301269073E2}
----------------------------------------------------------------------
Deleted Files : 45
Remove Service : 2
Remove Uninstall Entry : 7
Remove Startup Entry : 7
Remove Browser Helper Object : 2
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
[01-HKCUREG]**DirectKeyword2
[01-HKCUREG]**SafeGuide
[02-HKLMREG]**OpenCap
[02-HKLMREG]**QuickDomainSearch.exe
[02-HKLMREG]**DualVaccine
[02-HKLMREG]**mcmst_mb.exe
[02-HKLMREG]**sindying
[03-BHOCLSD]**{1ED8E185-17DF-4A1A-A25C-79B29B604925}
[03-BHOCLSD]**{3D556137-234E-4ed4-9DCF-C301269073E2}
[05-SERVICE]**OpenCapSvcman
[05-SERVICE]**Windows WinAsk Update Service
----------------------------------------------------------------------
Total Processing Time : 73ms
----------------------------------------------------------------------



요즘 휴대폰 소액결제(월정액 자동결제)를 이용한 사기사이트 및 사기프로그램이 판을 치고 있습니다.
무료백신 프로그램, 무료개인정보삭제 프로그램, 무료 유해사이트차단 프로그램, 무료파일다운, 무료문자, 무료운세, 무료로또, 무료게임, 무료MP3등의 사이트에서 휴대폰 및 일반전화로 절대 인증 하지마세요.

인증하는 즉시 결제되며, 서비스를 해지하지 않는 이상 매월 자동결제됩니다. (인증번호 = 결제번호)
업체마다 결제되는 기간은 다르지만 짧게는 2년, 길게는 20년, 최대 50년짜리도 있습니다.
서비스 업체의 이용약관 및 결제내용에 대해 확실히 알고 인증/사용하시기 바랍니다.
안드로이드계열 스마트폰에서 출처가 없는 설치파일도 다운받지말고 실행하지도 마세요.
해당 통신사에 전화해서 소액결제 안되게끔 차단시키세요. (스마트폰에 무지한 아이들/노인분들 주의)

*악덕업체의 요청으로 인하여 블로그의 게시글이 이유없이 삭제되는 경우 구글 블로그에 재게시 합니다.
[ 2011. 7. 26. 19:43 ] Posted by 프로세스 천국 , 프로그램분석

댓글을 달아 주세요

  1. 프로세스 천국 - 2012.02.28 19:10 신고 댓글주소 수정/삭제 댓글쓰기

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================

    echo Start
    echo windowexe.com & tskill "dm_dn" & echo windowdel.com
    echo windowexe.com & tskill "funtop" & echo windowdel.com
    echo windowexe.com & tskill "keywordfindagent" & echo windowdel.com
    echo windowexe.com & tskill "MainOpen" & echo windowdel.com
    echo windowexe.com & tskill "pado" & echo windowdel.com
    echo windowexe.com & tskill "popsi" & echo windowdel.com
    echo windowexe.com & tskill "PostTip" & echo windowdel.com
    echo windowexe.com & tskill "SafeTerra" & echo windowdel.com
    echo windowexe.com & tskill "SafeTerraUpdate" & echo windowdel.com
    echo windowexe.com & tskill "WkipUpdate" & echo windowdel.com
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keywordfindagent" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keywordfindagent" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KeywordSearchUpdater" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KeywordSearchUpdater" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Safeterra" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Safeterra" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Dual Matching" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Dual Matching" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KeywordInfo" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KeywordInfo" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "funtop" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "funtop" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "PostTip" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "PostTip" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "iPop" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "iPop" /f
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C4C00B-DF92-4670-B691-8A7089F7151D}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{70C4C00B-DF92-4670-B691-8A7089F7151D}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{70C4C00B-DF92-4670-B691-8A7089F7151D}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{70C4C00B-DF92-4670-B691-8A7089F7151D}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo Created by Windowexe.com
    echo End

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================