Code : Mq42eyBsimvNbSANcMwo1jtbnfjZMZTdkJy02EmweDc=

프로그램분석

Code : Mq42eyBsimvNbSANcMwo1jtbnfjZMZTdkJy02EmweDc=

프로세스 천국 2013. 3. 7. 20:13

System Analyzer Report 2013, 03, 07

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "WindowServiceNT" & echo windowdel.com
NA006 echo windowexe.com & tskill "MicrowindowSearch" & echo windowdel.com
NA007 echo windowexe.com & tskill "WinxpendUP_mcv5" & echo windowdel.com
NA008 echo windowexe.com & tskill "starseeup" & echo windowdel.com
NA009 echo windowexe.com & tskill "starpdfup" & echo windowdel.com
NA010 echo windowexe.com & tskill "clover_updater" & echo windowdel.com
NA011 echo windowexe.com & tskill "clover" & echo windowdel.com
NA012 echo windowexe.com & tskill "Badakencoder_update" & echo windowdel.com
NA013 echo windowexe.com & tskill "addenbaragent" & echo windowdel.com
NA014 echo windowexe.com & tskill "InfoSvc" & echo windowdel.com
NA015 echo windowexe.com & tskill "popmulticare" & echo windowdel.com
NA016 echo windowexe.com & tskill "WinxpendUP_mcv5" & echo windowdel.com
NA017 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "catroot" /f
NA018 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "catroot" /f
NA019 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "popmulticare" /f
NA020 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "popmulticare" /f
NA021 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinxpendUP_mcv5" /f
NA022 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinxpendUP_mcv5" /f
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "bewengetmod" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "bewengetmod" /f
NA025 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "bweeightyprm" /f
NA026 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "bweeightyprm" /f
NA027 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "btwnyforprm" /f
NA028 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "btwnyforprm" /f
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "sadnb" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "sadnb" /f
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "bupwsevtymds" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "bupwsevtymds" /f
NA033 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FineTop" /f
NA034 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FineTop" /f
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WallTab" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WallTab" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "bupwelevmds" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "bupwelevmds" /f
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "StarSeeMain" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "StarSeeMain" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "wetesemds" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "wetesemds" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "wemakeppopmds" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "wemakeppopmds" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "wemakeppop" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "wemakeppop" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "StarPDFMain" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "StarPDFMain" /f
NA051 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "clover_u" /f
NA052 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "clover_u" /f
NA053 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "clover" /f
NA054 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "clover" /f
NA055 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "trimbuffer11_3" /f
NA056 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "trimbuffer11_3" /f
NA057 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "namclean199" /f
NA058 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "namclean199" /f
NA059 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "converx6" /f
NA060 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "converx6" /f
NA061 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "save-boan" /f
NA062 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "save-boan" /f
NA063 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "upstechv3" /f
NA064 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "upstechv3" /f
NA065 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "odne_84" /f
NA066 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "odne_84" /f
NA067 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA068 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA069 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AutoUpdater" /f
NA070 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AutoUpdater" /f
NA071 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "addenbaragent" /f
NA072 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "addenbaragent" /f
NA073 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "badakencoder" /f
NA074 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "badakencoder" /f
NA075 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA076 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA077 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA078 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA079 echo Created by Windowexe.com
NA080 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA081 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA082 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA083 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA084 echo Created by Windowexe.com
NA085 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000A37-D226-448F-9146-FA826F516B08}" /f
NA086 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000A37-D226-448F-9146-FA826F516B08}" /f
NA087 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000A37-D226-448F-9146-FA826F516B08}" /f
NA088 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{00000A37-D226-448F-9146-FA826F516B08}" /f
NA089 echo Created by Windowexe.com
NA090 sc stop "WindowsBoosterMonitor"
NA091 echo Service Disable & sc config "WindowsBoosterMonitor" start= disabled & echo Windowexe.com
NA092 sc stop "TCCheckAgent"
NA093 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA094 sc stop "SmartPopService"
NA095 echo Service Disable & sc config "SmartPopService" start= disabled & echo Windowexe.com
NA096 sc stop "SmartKeyService"
NA097 echo Service Disable & sc config "SmartKeyService" start= disabled & echo Windowexe.com
NA098 sc stop "RPGSvcman"
NA099 echo Service Disable & sc config "RPGSvcman" start= disabled & echo Windowexe.com
NA100 sc stop "monpcpoweroff"
NA101 echo Service Disable & sc config "monpcpoweroff" start= disabled & echo Windowexe.com
NA102 sc stop "iUIKitSv"
NA103 echo Service Disable & sc config "iUIKitSv" start= disabled & echo Windowexe.com
NA104 sc stop "InfoSvc"
NA105 echo Service Disable & sc config "InfoSvc" start= disabled & echo Windowexe.com
NA106 sc stop "everyclear Update Service"
NA107 echo Service Disable & sc config "everyclear Update Service" start= disabled & echo Windowexe.com
NA108 sc stop "asdoiqyta"
NA109 echo Service Disable & sc config "asdoiqyta" start= disabled & echo Windowexe.com
NA110 sc stop "ApplicationSpecialManagement"
NA111 echo Service Disable & sc config "ApplicationSpecialManagement" start= disabled & echo Windowexe.com
NA112 sc stop "AppCatroots"
NA113 echo Service Disable & sc config "AppCatroots" start= disabled & echo Windowexe.com
NA114 sc stop "3Dtk2Vmh9O"
NA115 echo Service Disable & sc config "3Dtk2Vmh9O" start= disabled & echo Windowexe.com
NA116 sc stop "2Jzz99XBaa"
NA117 echo Service Disable & sc config "2Jzz99XBaa" start= disabled & echo Windowexe.com
NA118 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA119 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA120 echo Created by Windowexe.com
NA121 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA122 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA123 echo Created by Windowexe.com
NA124 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA125 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA126 echo Created by Windowexe.com
NA127 echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_mcv5" /f
NA128 echo Created by Windowexe.com
NA129 echo schtasks Delete & schtasks /delete /tn "WebCompassUpdate" /f
NA130 echo Created by Windowexe.com
NA131 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\WebCompassUpdate.job"
NA132 echo Created by Windowexe.com
NA133 echo End
NA134 ======================================================================
NA135 echo Created by Windowexe.com / do not delete this label.
NA136 ======================================================================