Code : McGyAw+pBeNhLrmbTY62+0R8ZEyy45zz

프로그램분석

Code : McGyAw+pBeNhLrmbTY62+0R8ZEyy45zz

프로세스 천국 2013. 2. 28. 09:57

System Analyzer Report 2013, 02, 28

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA006 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA007 echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
NA008 echo windowexe.com & tskill "FBDManager" & echo windowdel.com
NA009 echo windowexe.com & tskill "signkey" & echo windowdel.com
NA010 echo windowexe.com & tskill "iesignkey" & echo windowdel.com
NA011 echo windowexe.com & tskill "pinomate" & echo windowdel.com
NA012 echo windowexe.com & tskill "windowstabup" & echo windowdel.com
NA013 echo windowexe.com & tskill "windowstab" & echo windowdel.com
NA014 echo windowexe.com & tskill "nate_as" & echo windowdel.com
NA015 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA016 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA017 echo windowexe.com & tskill "keycast" & echo windowdel.com
NA018 echo windowexe.com & tskill "HSSvcApp" & echo windowdel.com
NA019 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA020 echo windowexe.com & tskill "GomHelperSvc" & echo windowdel.com
NA021 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA022 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA023 echo windowexe.com & tskill "AdvTCApp" & echo windowdel.com
NA024 echo windowexe.com & tskill "ADriveDownService" & echo windowdel.com
NA025 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA026 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA027 echo windowexe.com & tskill "11stshopping" & echo windowdel.com
NA028 echo windowexe.com & tskill "11stdirecticonst" & echo windowdel.com
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA033 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA034 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "11STshoppingIcon" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "11STshoppingIcon" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DragSearch" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DragSearch" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowstatus" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowstatus" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA051 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "stickads" /f
NA052 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "stickads" /f
NA053 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA054 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA055 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA056 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA057 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA058 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA059 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA060 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "signkey" /f
NA061 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA062 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA063 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pinomate" /f
NA064 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pinomate" /f
NA065 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA066 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA067 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA068 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA069 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA070 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA071 echo Created by Windowexe.com
NA072 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA073 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA074 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA075 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA076 echo Created by Windowexe.com
NA077 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA078 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA079 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA080 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA081 echo Created by Windowexe.com
NA082 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA083 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA084 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA085 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A433374B-2F44-402B-AB7E-E58B4A09DF8A}" /f
NA086 echo Created by Windowexe.com
NA087 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA088 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA089 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA090 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA091 echo Created by Windowexe.com
NA092 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA094 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA095 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA096 echo Created by Windowexe.com
NA097 sc stop "Windows WinsManager Diagnostics Service"
NA098 echo Service Disable & sc config "Windows WinsManager Diagnostics Service" start= disabled & echo Windowexe.com
NA099 sc stop "WinsManager Service"
NA100 echo Service Disable & sc config "WinsManager Service" start= disabled & echo Windowexe.com
NA101 sc stop "multiclearService"
NA102 echo Service Disable & sc config "multiclearService" start= disabled & echo Windowexe.com
NA103 sc stop "multiclear Update Service"
NA104 echo Service Disable & sc config "multiclear Update Service" start= disabled & echo Windowexe.com
NA105 sc stop "GomHelper Update Services"
NA106 echo Service Disable & sc config "GomHelper Update Services" start= disabled & echo Windowexe.com
NA107 sc stop "FBDSvcman"
NA108 echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
NA109 sc stop "DaumCleanerService"
NA110 echo Service Disable & sc config "DaumCleanerService" start= disabled & echo Windowexe.com
NA111 sc stop "barocn"
NA112 echo Service Disable & sc config "barocn" start= disabled & echo Windowexe.com
NA113 echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
NA114 echo Created by Windowexe.com
NA115 echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
NA116 echo Created by Windowexe.com
NA117 echo End
NA118 ======================================================================
NA119 echo Created by Windowexe.com / do not delete this label.
NA120 ======================================================================