애드웨어, 허위백신, 팝업광고, 쇼핑몰 바로가기, 악성툴바, 각종 개쓰레기 프로그램 삭제 요청하기
이용약관을 안내하며 컴퓨터에 설치하는 개쓰레기 프로그램들은 백신으로 백날 돌려봐야 검색이 안됩니다.
개쓰레기 프로그램들은 아주 지능적이라서 전문가가 아니고서는 찾아내기가 어렵습니다.


----------------------------------------------------------------------
Created by Windowexe.com , Logfile of WindowexeAllkiller
----------------------------------------------------------------------
Microsoft Windows XP Service Pack 3(5.1.2600.196608)
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz / 767.48 MB
x86 Family 6 Model 37 Stepping 5
Date : 2012-03-13
----------------------------------------------------------------------
DF000 C:\Program Files\PrivacyStop\privacystopl.exe
DF001 C:\Program Files\PrivacyStop\privacystopm.exe
DF002 C:\Program Files\PrivacyStop\privacystopp.exe
DF003 C:\Program Files\PrivacyStop\privacystops.dll
DF004 C:\Program Files\PrivacyStop\privacystopu.exe
DF005 C:\Program Files\PrivacyStop\privacystopv.exe
DF006 C:\Program Files\PrivacyStop\unins000.exe
----------------------------------------------------------------------
UN007 PrivacyStop ver 1.0 -/- Copyright (C)2010 PrivacyStop All Right Reserved. -/- PrivacyStop_is1 -/-
UN008 PrivacyStop 개인정보보안 솔루션 -/- - -/- 프라이버시스탑_is1 -/-  -
----------------------------------------------------------------------
US009 PrivacyStop -/- C:\Program Files\PrivacyStop\privacystopp.exe
----------------------------------------------------------------------
ww*.privacystop.*.***
ww*.privacystop.net/css/style*.***
ww*.privacystop.net/favicon*.***
ww*.privacystop.net/program/ver.*.***
ww*.privacystop.net/pstop/count.php?step=boot&com=p*.***
ww*.privacystop.net/pstop/count.php?step=ins&mac=2E-F7-32-16-5C**.***
ww*.privacystop.net/pstop_pay/cash_pay.php?com=pstop&hp=*.***
ww*.privacystop.net/pstop_pay/pay*.***
ww*.privacystop.net/setup/PrivacyStopSetup*.***
----------------------------------------------------------------------
Deleted Files : 7
Remove Uninstall Entry : 2
Remove Startup Entry : 1
----------------------------------------------------------------------
Remove these Entry in a WindowexeAllkiller.txt file. Save and Run.
WindowexeAllkiller Remove Database 2012-03-13
[01-HKCUREG]**PrivacyStop

----------------------------------------------------------------------
Total Processing Time : 28ms
----------------------------------------------------------------------
What's new :
----------------------------------------------------------------------

신고



요즘 휴대폰 소액결제(월정액 자동결제)를 이용한 사기사이트 및 사기프로그램이 판을 치고 있습니다.
무료백신 프로그램, 무료개인정보삭제 프로그램, 무료 유해사이트차단 프로그램, 무료파일다운, 무료문자, 무료운세, 무료로또, 무료게임, 무료MP3등의 사이트에서 휴대폰 및 일반전화로 절대 인증 하지마세요.

인증하는 즉시 결제되며, 서비스를 해지하지 않는 이상 매월 자동결제됩니다. (인증번호 = 결제번호)
업체마다 결제되는 기간은 다르지만 짧게는 2년, 길게는 20년, 최대 50년짜리도 있습니다.
서비스 업체의 이용약관 및 결제내용에 대해 확실히 알고 인증/사용하시기 바랍니다.
안드로이드계열 스마트폰에서 출처가 없는 설치파일도 다운받지말고 실행하지도 마세요.
해당 통신사에 전화해서 소액결제 안되게끔 차단시키세요. (스마트폰에 무지한 아이들/노인분들 주의)

*악덕업체의 요청으로 인하여 블로그의 게시글이 이유없이 삭제되는 경우 구글 블로그에 재게시 합니다.
[ 2012.03.13 20:50 ] Posted by windowexe.com , 프로그램분석

댓글을 달아 주세요

  1. windowexe.com - 2012.03.13 21:08 신고 댓글주소 수정/삭제 댓글쓰기

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================

    echo Start
    echo windowexe.com & tskill "RPGSvcMan" & echo windowdel.com
    echo windowexe.com & tskill "OpenCPTSvcMan" & echo windowdel.com
    echo windowexe.com & tskill "OpenCPTSvc" & echo windowdel.com
    echo windowexe.com & tskill "natsvc" & echo windowdel.com
    echo windowexe.com & tskill "FileService" & echo windowdel.com
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "W7PLog" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "W7PLog" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SmartKeyUpdater" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SmartKeyUpdater" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "OpenCap" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OpenCap" /f
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B44DEEA-E970-4674-BCF9-E4E4302F6979}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B44DEEA-E970-4674-BCF9-E4E4302F6979}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6B44DEEA-E970-4674-BCF9-E4E4302F6979}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{6B44DEEA-E970-4674-BCF9-E4E4302F6979}" /f
    echo Created by Windowexe.com
    sc stop "SmartKeyService"
    echo Service Disable & sc config "SmartKeyService" start= disabled & echo Windowexe.com
    sc stop "RPGSvcman"
    echo Service Disable & sc config "RPGSvcman" start= disabled & echo Windowexe.com
    sc stop "OpenCapSvcman"
    echo Service Disable & sc config "OpenCapSvcman" start= disabled & echo Windowexe.com
    sc stop "NATService"
    echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
    sc stop "FileService"
    echo Service Disable & sc config "FileService" start= disabled & echo Windowexe.com
    echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
    echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
    echo Created by Windowexe.com
    echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
    echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
    echo Created by Windowexe.com
    echo End

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================

  2. windowexe.com - 2012.06.09 16:36 신고 댓글주소 수정/삭제 댓글쓰기

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================

    echo Start
    echo windowexe.com & tskill "cloudpop" & echo windowdel.com
    echo windowexe.com & tskill "cloudpop" & echo windowdel.com
    echo windowexe.com & tskill "cloudpop_" & echo windowdel.com
    echo windowexe.com & tskill "findkey" & echo windowdel.com
    echo windowexe.com & tskill "findkey" & echo windowdel.com
    echo windowexe.com & tskill "InfoSvc" & echo windowdel.com
    echo windowexe.com & tskill "InfoSvc" & echo windowdel.com
    echo windowexe.com & tskill "InfoWrk" & echo windowdel.com
    echo windowexe.com & tskill "keywordfindagent" & echo windowdel.com
    echo windowexe.com & tskill "keywordfindagent" & echo windowdel.com
    echo windowexe.com & tskill "microWebAD" & echo windowdel.com
    echo windowexe.com & tskill "microWebAD" & echo windowdel.com
    echo windowexe.com & tskill "natsvc" & echo windowdel.com
    echo windowexe.com & tskill "natsvc" & echo windowdel.com
    echo windowexe.com & tskill "RPGSvcMan" & echo windowdel.com
    echo windowexe.com & tskill "svcwin" & echo windowdel.com
    echo windowexe.com & tskill "svcwin" & echo windowdel.com
    echo windowexe.com & tskill "update" & echo windowdel.com
    echo windowexe.com & tskill "update" & echo windowdel.com
    echo windowexe.com & tskill "update" & echo windowdel.com
    echo windowexe.com & tskill "WebGuide" & echo windowdel.com
    echo windowexe.com & tskill "windowviewcon" & echo windowdel.com
    echo windowexe.com & tskill "windowviewconup" & echo windowdel.com
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KeywordSearchUpdater" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KeywordSearchUpdater" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keywordfindagent" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keywordfindagent" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "itore" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "itore" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WebGuide" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WebGuide" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "microWebAD.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "microWebAD.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DiyhardMainT" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DiyhardMainT" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "cloudpop.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "cloudpop.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "cloudpop_.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "cloudpop_.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "findkey.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "findkey.exe" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "InfoScan Worker" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "InfoScan Worker" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pcdefender main" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pcdefender main" /f
    echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pcdefenderstart.exe" /f
    echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pcdefenderstart.exe" /f
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{0000940A-F4A5-4773-9978-C4FF15AC168A}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AE33511-8993-448c-8BA7-69E252D69207}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AE33511-8993-448c-8BA7-69E252D69207}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4AE33511-8993-448c-8BA7-69E252D69207}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{4AE33511-8993-448c-8BA7-69E252D69207}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{62283419-4E2B-435E-B408-483F55D0FEC5}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A28C2675-04B1-4C1F-8059-CB98E8B4003D}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A28C2675-04B1-4C1F-8059-CB98E8B4003D}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A28C2675-04B1-4C1F-8059-CB98E8B4003D}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A28C2675-04B1-4C1F-8059-CB98E8B4003D}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0C52541-4520-44e3-B3D6-5512CF31B89E}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0C52541-4520-44e3-B3D6-5512CF31B89E}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0C52541-4520-44e3-B3D6-5512CF31B89E}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B0C52541-4520-44e3-B3D6-5512CF31B89E}" /f
    echo Created by Windowexe.com
    echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC01FC6C-3890-4B05-AE2E-8E0BC223EA38}" /f
    echo Created by Windowexe.com
    sc stop "livesafer Update Service"
    echo Service Disable & sc config "livesafer Update Service" start= disabled & echo Windowexe.com
    sc stop "NATService"
    echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
    sc stop "NetAccelerator"
    echo Service Disable & sc config "NetAccelerator" start= disabled & echo Windowexe.com
    sc stop "QuickDownload Agent"
    echo Service Disable & sc config "QuickDownload Agent" start= disabled & echo Windowexe.com
    sc stop "QuickDownload Service"
    echo Service Disable & sc config "QuickDownload Service" start= disabled & echo Windowexe.com
    sc stop "RPGSvcman"
    echo Service Disable & sc config "RPGSvcman" start= disabled & echo Windowexe.com
    sc stop "upgradepc Update Service"
    echo Service Disable & sc config "upgradepc Update Service" start= disabled & echo Windowexe.com
    sc stop "vaccineupdate Update Service"
    echo Service Disable & sc config "vaccineupdate Update Service" start= disabled & echo Windowexe.com
    sc stop "Windows Wizeni Diagnostics Service"
    echo Service Disable & sc config "Windows Wizeni Diagnostics Service" start= disabled & echo Windowexe.com
    sc stop "Wizeni Service"
    echo Service Disable & sc config "Wizeni Service" start= disabled & echo Windowexe.com
    sc stop "wlauncnt SVC"
    echo Service Disable & sc config "wlauncnt SVC" start= disabled & echo Windowexe.com
    sc stop "wnpdscnt SVC"
    echo Service Disable & sc config "wnpdscnt SVC" start= disabled & echo Windowexe.com
    sc stop "InfoSvc"
    echo Service Disable & sc config "InfoSvc" start= disabled & echo Windowexe.com
    echo schtasks Delete & schtasks /delete /tn "AppIsUpdate" /f
    echo Created by Windowexe.com
    echo schtasks Delete & schtasks /delete /tn "IPopUpdate" /f
    echo Created by Windowexe.com
    echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\AppIsUpdate.job"
    echo Created by Windowexe.com
    echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\IPopUpdate.job"
    echo Created by Windowexe.com
    echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
    echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
    echo Created by Windowexe.com
    echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
    echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
    echo Created by Windowexe.com
    echo End

    ======================================================================
    echo Created by Windowexe.com / do not delete this label.
    ======================================================================