Code : tpp0wKpAS7RumvrlFGwAf+ypRqLHDHGp

프로그램분석

Code : tpp0wKpAS7RumvrlFGwAf+ypRqLHDHGp

프로세스 천국 2013. 3. 17. 20:58

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "appst" & echo windowdel.com
NA005 echo windowexe.com & tskill "iesignkey" & echo windowdel.com
NA006 echo windowexe.com & tskill "signkey" & echo windowdel.com
NA007 echo windowexe.com & tskill "windowsph" & echo windowdel.com
NA008 echo windowexe.com & tskill "windowsphup" & echo windowdel.com
NA009 echo windowexe.com & tskill "windowstab" & echo windowdel.com
NA010 echo windowexe.com & tskill "windowstabup" & echo windowdel.com
NA011 echo windowexe.com & tskill "windowviewcon" & echo windowdel.com
NA012 echo windowexe.com & tskill "windowviewconup" & echo windowdel.com
NA013 echo windowexe.com & tskill "Opentab" & echo windowdel.com
NA014 echo windowexe.com & tskill "Opentabhper" & echo windowdel.com
NA015 echo windowexe.com & tskill "opentabup" & echo windowdel.com
NA016 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA017 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA018 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA019 echo windowexe.com & tskill "HSSvcApp" & echo windowdel.com
NA020 echo windowexe.com & tskill "linkdoumi" & echo windowdel.com
NA021 echo windowexe.com & tskill "linkdoumiagent" & echo windowdel.com
NA022 echo windowexe.com & tskill "Opentab" & echo windowdel.com
NA023 echo windowexe.com & tskill "RaclSvc" & echo windowdel.com
NA024 echo windowexe.com & tskill "sup" & echo windowdel.com
NA025 echo windowexe.com & tskill "tabsync" & echo windowdel.com
NA026 echo windowexe.com & tskill "tabsyncu" & echo windowdel.com
NA027 echo windowexe.com & tskill "UtilZone" & echo windowdel.com
NA028 echo windowexe.com & tskill "WHelp" & echo windowdel.com
NA029 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA030 echo windowexe.com & tskill "wisesearch" & echo windowdel.com
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA033 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA034 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "linkdoumi" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "linkdoumi" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "linkdoumiagent" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "linkdoumiagent" /f
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA051 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Opentab" /f
NA052 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Opentab" /f
NA053 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Opentabhper" /f
NA054 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Opentabhper" /f
NA055 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Opentabup" /f
NA056 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Opentabup" /f
NA057 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "tabsync" /f
NA058 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "tabsync" /f
NA059 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA060 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA061 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA062 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA063 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "appsigntool" /f
NA064 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "appsigntool" /f
NA065 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WHelp" /f
NA066 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WHelp" /f
NA067 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA068 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA069 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA070 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA071 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA072 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA073 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA074 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA075 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA076 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA077 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WiseSearch" /f
NA078 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WiseSearch" /f
NA079 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Kp" /f
NA080 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Kp" /f
NA081 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AhnLab V3Lite Update Process" /f
NA082 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AhnLab V3Lite Update Process" /f
NA083 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA084 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA085 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA086 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA087 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA088 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA089 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA090 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA091 echo Created by Windowexe.com
NA092 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA094 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA095 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA096 echo Created by Windowexe.com
NA097 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F2CF04D-300B-49A2-A23B-407D27FB9BFB}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2F2CF04D-300B-49A2-A23B-407D27FB9BFB}" /f
NA099 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2F2CF04D-300B-49A2-A23B-407D27FB9BFB}" /f
NA100 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{2F2CF04D-300B-49A2-A23B-407D27FB9BFB}" /f
NA101 echo Created by Windowexe.com
NA102 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA103 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA104 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA105 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA106 echo Created by Windowexe.com
NA107 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA108 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA109 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA110 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA111 echo Created by Windowexe.com
NA112 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}" /f
NA113 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}" /f
NA114 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}" /f
NA115 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{DA742A73-CFA7-4DE2-BF28-1FC51CF214BC}" /f
NA116 echo Created by Windowexe.com
NA117 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA118 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA119 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA120 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA121 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA122 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA123 echo Created by Windowexe.com
NA124 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA125 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA126 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA127 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA128 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA129 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA130 echo Created by Windowexe.com
NA131 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA132 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA133 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA134 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA135 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA136 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA137 echo Created by Windowexe.com
NA138 sc stop "ctwopop"
NA139 echo Service Disable & sc config "ctwopop" start= disabled & echo Windowexe.com
NA140 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA141 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA142 echo Created by Windowexe.com
NA143 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA144 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA145 echo Created by Windowexe.com
NA146 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA147 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA148 echo Created by Windowexe.com
NA149 echo 000 & reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /d "" /f & echo windowdel.com
NA150 echo Created by Windowexe.com
NA151 echo End
NA152 ======================================================================
NA153 echo Created by Windowexe.com / do not delete this label.
NA154 ======================================================================