Code : x/olK+eciEHznIFiQlXuSA==

프로그램분석

Code : x/olK+eciEHznIFiQlXuSA==

프로세스 천국 2013. 3. 14. 07:57

System Analyzer Report 2013, 03, 14

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA006 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA007 echo windowexe.com & tskill "AdvTCApp" & echo windowdel.com
NA008 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA009 echo windowexe.com & tskill "barocn" & echo windowdel.com
NA010 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA011 echo windowexe.com & tskill "clickpang" & echo windowdel.com
NA012 echo windowexe.com & tskill "nsearchx" & echo windowdel.com
NA013 echo windowexe.com & tskill "nxsub" & echo windowdel.com
NA014 echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
NA015 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA016 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA017 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA018 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA019 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA020 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA021 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA022 echo windowexe.com & tskill "clickpang" & echo windowdel.com
NA023 echo windowexe.com & tskill "ctpop" & echo windowdel.com
NA024 echo windowexe.com & tskill "nsearchx" & echo windowdel.com
NA025 echo windowexe.com & tskill "nxsub" & echo windowdel.com
NA026 echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
NA027 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA028 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA029 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA030 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA031 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA032 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA033 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA034 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA035 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA036 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA037 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA038 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA039 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA040 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA041 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA042 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA043 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA044 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ctpop" /f
NA045 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ctpop" /f
NA046 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "clickpang.exe" /f
NA047 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "clickpang.exe" /f
NA048 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA049 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA050 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA051 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA052 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA053 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA054 echo Created by Windowexe.com
NA055 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA056 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA057 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA058 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA059 echo Created by Windowexe.com
NA060 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA061 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA062 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA063 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA064 echo Created by Windowexe.com
NA065 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA066 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA067 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA068 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA069 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA070 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA071 echo Created by Windowexe.com
NA072 sc stop "barocn"
NA073 echo Service Disable & sc config "barocn" start= disabled & echo Windowexe.com
NA074 sc stop "WindowsDriver"
NA075 echo Service Disable & sc config "WindowsDriver" start= disabled & echo Windowexe.com
NA076 sc stop "WinsManager Service"
NA077 echo Service Disable & sc config "WinsManager Service" start= disabled & echo Windowexe.com
NA078 sc stop "Windows WinsManager Diagnostics Service"
NA079 echo Service Disable & sc config "Windows WinsManager Diagnostics Service" start= disabled & echo Windowexe.com
NA080 sc stop "nsearchx"
NA081 echo Service Disable & sc config "nsearchx" start= disabled & echo Windowexe.com
NA082 echo schtasks Delete & schtasks /delete /tn "windows clickpang package" /f
NA083 echo Created by Windowexe.com
NA084 echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_nwsps" /f
NA085 echo Created by Windowexe.com
NA086 echo change dir for x64
NA087 cd %windir%
NA088 cd syswow64
NA089 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA090 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA091 echo windowexe.com & tskill "AdvTCApp" & echo windowdel.com
NA092 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA093 echo windowexe.com & tskill "barocn" & echo windowdel.com
NA094 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA095 echo windowexe.com & tskill "clickpang" & echo windowdel.com
NA096 echo windowexe.com & tskill "nsearchx" & echo windowdel.com
NA097 echo windowexe.com & tskill "nxsub" & echo windowdel.com
NA098 echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
NA099 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA100 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA101 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA102 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA103 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA104 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA105 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA106 echo windowexe.com & tskill "clickpang" & echo windowdel.com
NA107 echo windowexe.com & tskill "ctpop" & echo windowdel.com
NA108 echo windowexe.com & tskill "nsearchx" & echo windowdel.com
NA109 echo windowexe.com & tskill "nxsub" & echo windowdel.com
NA110 echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
NA111 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA112 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA113 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA114 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA115 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA116 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA117 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA118 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA119 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA120 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA121 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA122 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA123 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA124 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA125 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA126 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA127 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA128 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ctpop" /f
NA129 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ctpop" /f
NA130 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "clickpang.exe" /f
NA131 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "clickpang.exe" /f
NA132 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA133 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA134 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA135 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA136 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA137 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{00000830-3DDA-4C82-84E4-6932C077AA40}" /f
NA138 echo Created by Windowexe.com
NA139 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA140 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA141 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA142 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{339E5541-DA75-412A-9F9B-3C014BE1050B}" /f
NA143 echo Created by Windowexe.com
NA144 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA145 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA146 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA147 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA148 echo Created by Windowexe.com
NA149 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA150 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA151 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA152 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA153 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA154 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
NA155 echo Created by Windowexe.com
NA156 sc stop "barocn"
NA157 echo Service Disable & sc config "barocn" start= disabled & echo Windowexe.com
NA158 sc stop "WindowsDriver"
NA159 echo Service Disable & sc config "WindowsDriver" start= disabled & echo Windowexe.com
NA160 sc stop "WinsManager Service"
NA161 echo Service Disable & sc config "WinsManager Service" start= disabled & echo Windowexe.com
NA162 sc stop "Windows WinsManager Diagnostics Service"
NA163 echo Service Disable & sc config "Windows WinsManager Diagnostics Service" start= disabled & echo Windowexe.com
NA164 sc stop "nsearchx"
NA165 echo Service Disable & sc config "nsearchx" start= disabled & echo Windowexe.com
NA166 echo schtasks Delete & schtasks /delete /tn "windows clickpang package" /f
NA167 echo Created by Windowexe.com
NA168 echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_nwsps" /f
NA169 echo Created by Windowexe.com
NA170 echo End
NA171 ======================================================================
NA172 echo Created by Windowexe.com / do not delete this label.
NA173 ======================================================================