Code : 2A6WobJRHelY3IZv8ruNkaBLa3WDhpbsM1+ELU8GR/Y=

프로그램분석

Code : 2A6WobJRHelY3IZv8ruNkaBLa3WDhpbsM1+ELU8GR/Y=

프로세스 천국 2013. 3. 9. 15:38

System Analyzer Report 2013, 03, 09

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "sup" & echo windowdel.com
NA006 echo windowexe.com & tskill "howcodecsrv" & echo windowdel.com
NA007 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA008 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA009 echo windowexe.com & tskill "howcodechper" & echo windowdel.com
NA010 echo windowexe.com & tskill "howcodec_update" & echo windowdel.com
NA011 echo windowexe.com & tskill "UDControl" & echo windowdel.com
NA012 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA013 echo windowexe.com & tskill "winhelp" & echo windowdel.com
NA014 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA015 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "winhelp.exe" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "winhelp.exe" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "anysecu main" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "anysecu main" /f
NA020 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA021 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA022 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
NA023 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
NA024 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA025 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA026 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gcodecopen" /f
NA027 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gcodecopen" /f
NA028 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "smartsafer main" /f
NA029 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "smartsafer main" /f
NA030 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA031 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA032 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA033 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA034 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodechper" /f
NA035 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodechper" /f
NA036 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA037 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA038 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA039 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA040 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "nmenum" /f
NA041 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "nmenum" /f
NA042 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA043 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA044 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA045 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA046 echo Created by Windowexe.com
NA047 sc stop "howcodec"
NA048 echo Service Disable & sc config "howcodec" start= disabled & echo Windowexe.com
NA049 sc stop "bestspeedService"
NA050 echo Service Disable & sc config "bestspeedService" start= disabled & echo Windowexe.com
NA051 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA052 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA053 echo Created by Windowexe.com
NA054 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA055 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA056 echo Created by Windowexe.com
NA057 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA058 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA059 echo Created by Windowexe.com
NA060 echo schtasks Delete & schtasks /delete /tn "windows winhelp package" /f
NA061 echo Created by Windowexe.com
NA062 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{FC23FA59-2754-4FD6-9ADA-20C5758D7F69}" /f
NA063 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{FB631360-CC3F-4CF7-AFA8-1CF8D077A889}" /f
NA064 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{42767D19-9D08-4638-8768-D342BA400E39}" /f
NA065 echo change dir for x64
NA066 cd %windir%
NA067 cd syswow64
NA068 echo windowexe.com & tskill "sup" & echo windowdel.com
NA069 echo windowexe.com & tskill "howcodecsrv" & echo windowdel.com
NA070 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA071 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA072 echo windowexe.com & tskill "howcodechper" & echo windowdel.com
NA073 echo windowexe.com & tskill "howcodec_update" & echo windowdel.com
NA074 echo windowexe.com & tskill "UDControl" & echo windowdel.com
NA075 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA076 echo windowexe.com & tskill "winhelp" & echo windowdel.com
NA077 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA078 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA079 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "winhelp.exe" /f
NA080 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "winhelp.exe" /f
NA081 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "anysecu main" /f
NA082 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "anysecu main" /f
NA083 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA084 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA085 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
NA086 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccineupdatestart.exe" /f
NA087 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA088 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA089 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gcodecopen" /f
NA090 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gcodecopen" /f
NA091 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "smartsafer main" /f
NA092 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "smartsafer main" /f
NA093 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA094 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA095 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA096 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA097 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodechper" /f
NA098 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodechper" /f
NA099 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA100 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA101 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA102 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "searchup" /f
NA103 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "nmenum" /f
NA104 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "nmenum" /f
NA105 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA106 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA107 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA108 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA109 echo Created by Windowexe.com
NA110 sc stop "howcodec"
NA111 echo Service Disable & sc config "howcodec" start= disabled & echo Windowexe.com
NA112 sc stop "bestspeedService"
NA113 echo Service Disable & sc config "bestspeedService" start= disabled & echo Windowexe.com
NA114 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA115 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA116 echo Created by Windowexe.com
NA117 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA118 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA119 echo Created by Windowexe.com
NA120 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA121 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA122 echo Created by Windowexe.com
NA123 echo schtasks Delete & schtasks /delete /tn "windows winhelp package" /f
NA124 echo Created by Windowexe.com
NA125 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{FC23FA59-2754-4FD6-9ADA-20C5758D7F69}" /f
NA126 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{FB631360-CC3F-4CF7-AFA8-1CF8D077A889}" /f
NA127 echo HKEY_LOCAL_MACHINE DSREG Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{42767D19-9D08-4638-8768-D342BA400E39}" /f
NA128 echo End
NA129 ======================================================================
NA130 echo Created by Windowexe.com / do not delete this label.
NA131 ======================================================================