Code : /TNYh74TVdogrWIJe3smOA==

프로그램분석

Code : /TNYh74TVdogrWIJe3smOA==

프로세스 천국 2013. 4. 14. 14:54

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
NA005 echo windowexe.com & tskill "FBDManager" & echo windowdel.com
NA006 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA007 echo windowexe.com & tskill "mkeyup" & echo windowdel.com
NA008 echo windowexe.com & tskill "matchkey" & echo windowdel.com
NA009 echo windowexe.com & tskill "keycast" & echo windowdel.com
NA010 echo windowexe.com & tskill "iestartv" & echo windowdel.com
NA011 echo windowexe.com & tskill "iestartagent" & echo windowdel.com
NA012 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA013 echo windowexe.com & tskill "GDownService" & echo windowdel.com
NA014 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA015 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA016 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA017 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA018 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA019 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA020 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA021 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA022 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA025 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "matchkey" /f
NA026 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "matchkey" /f
NA027 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "adsup.exe" /f
NA028 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "adsup.exe" /f
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA031 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA032 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA033 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA034 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA035 echo Created by Windowexe.com
NA036 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA037 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA038 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA039 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA040 echo Created by Windowexe.com
NA041 sc stop "NATService"
NA042 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA043 sc stop "FBDSvcman"
NA044 echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
NA045 sc stop "BNDownService"
NA046 echo Service Disable & sc config "BNDownService" start= disabled & echo Windowexe.com
NA047 echo schtasks Delete & schtasks /delete /tn "windows adsup package" /f
NA048 echo Created by Windowexe.com
NA049 echo schtasks Delete & schtasks /delete /tn "KeyCast" /f
NA050 echo Created by Windowexe.com
NA051 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\옥션.lnk"
NA052 echo file Delete & del /q "C:\Users\Administrator\Desktop\옥션.lnk"
NA053 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\G마켓.lnk"
NA054 echo file Delete & del /q "C:\Users\Administrator\Desktop\G마켓.lnk"
NA055 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\11번가.lnk"
NA056 echo file Delete & del /q "C:\Users\Administrator\Desktop\11번가.lnk"
NA057 echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
NA058 echo Created by Windowexe.com
NA059 echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
NA060 echo Created by Windowexe.com
NA061 echo change dir for x64
NA062 cd %windir%
NA063 cd syswow64
NA064 echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
NA065 echo windowexe.com & tskill "FBDManager" & echo windowdel.com
NA066 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA067 echo windowexe.com & tskill "mkeyup" & echo windowdel.com
NA068 echo windowexe.com & tskill "matchkey" & echo windowdel.com
NA069 echo windowexe.com & tskill "keycast" & echo windowdel.com
NA070 echo windowexe.com & tskill "iestartv" & echo windowdel.com
NA071 echo windowexe.com & tskill "iestartagent" & echo windowdel.com
NA072 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA073 echo windowexe.com & tskill "GDownService" & echo windowdel.com
NA074 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA075 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA076 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA077 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA078 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA079 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA080 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA081 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA082 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA083 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA084 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA085 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "matchkey" /f
NA086 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "matchkey" /f
NA087 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "adsup.exe" /f
NA088 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "adsup.exe" /f
NA089 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA090 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA091 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA092 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA094 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{F8D523EB-98BB-4094-8D55-FF494D7DE323}" /f
NA095 echo Created by Windowexe.com
NA096 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA097 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA099 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC01FC6C-A4F1-42C2-814B-606F66026AB0}" /f
NA100 echo Created by Windowexe.com
NA101 sc stop "NATService"
NA102 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA103 sc stop "FBDSvcman"
NA104 echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
NA105 sc stop "BNDownService"
NA106 echo Service Disable & sc config "BNDownService" start= disabled & echo Windowexe.com
NA107 echo schtasks Delete & schtasks /delete /tn "windows adsup package" /f
NA108 echo Created by Windowexe.com
NA109 echo schtasks Delete & schtasks /delete /tn "KeyCast" /f
NA110 echo Created by Windowexe.com
NA111 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\옥션.lnk"
NA112 echo file Delete & del /q "C:\Users\Administrator\Desktop\옥션.lnk"
NA113 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\G마켓.lnk"
NA114 echo file Delete & del /q "C:\Users\Administrator\Desktop\G마켓.lnk"
NA115 echo file Delete & attrib -r "C:\Users\Administrator\Desktop\11번가.lnk"
NA116 echo file Delete & del /q "C:\Users\Administrator\Desktop\11번가.lnk"
NA117 echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
NA118 echo Created by Windowexe.com
NA119 echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
NA120 echo Created by Windowexe.com
NA121 echo End
NA122 ======================================================================
NA123 echo Created by Windowexe.com / do not delete this label.
NA124 ======================================================================