Code : RLQxTcrFNf6Lv0rwYqUqK7W8eE08wgKc

프로그램분석

Code : RLQxTcrFNf6Lv0rwYqUqK7W8eE08wgKc

프로세스 천국 2013. 3. 16. 06:33

System Analyzer Report 2013, 03, 16

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "userinforesetupdate" & echo windowdel.com
NA006 echo windowexe.com & tskill "wdrwsmsvc" & echo windowdel.com
NA007 echo windowexe.com & tskill "svcwsmwin" & echo windowdel.com
NA008 echo windowexe.com & tskill "winggou" & echo windowdel.com
NA009 echo windowexe.com & tskill "winggom" & echo windowdel.com
NA010 echo windowexe.com & tskill "windowfasterse" & echo windowdel.com
NA011 echo windowexe.com & tskill "windowfaster" & echo windowdel.com
NA012 echo windowexe.com & tskill "TopFindUpdate" & echo windowdel.com
NA013 echo windowexe.com & tskill "TopFind" & echo windowdel.com
NA014 echo windowexe.com & tskill "RaclSvc" & echo windowdel.com
NA015 echo windowexe.com & tskill "LiveIconService" & echo windowdel.com
NA016 echo windowexe.com & tskill "LiveIconLauncher" & echo windowdel.com
NA017 echo windowexe.com & tskill "KeywordYacUpdate" & echo windowdel.com
NA018 echo windowexe.com & tskill "KeywordYac" & echo windowdel.com
NA019 echo windowexe.com & tskill "keywordpop" & echo windowdel.com
NA020 echo windowexe.com & tskill "HSSearch" & echo windowdel.com
NA021 echo windowexe.com & tskill "FreeListenUpdate" & echo windowdel.com
NA022 echo windowexe.com & tskill "FreeListenManager" & echo windowdel.com
NA023 echo windowexe.com & tskill "파일함탐색기" & echo windowdel.com
NA024 echo windowexe.com & tskill "barosvc" & echo windowdel.com
NA025 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA026 echo windowexe.com & tskill "update" & echo windowdel.com
NA027 echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
NA028 echo windowexe.com & tskill "FBDManager" & echo windowdel.com
NA029 echo windowexe.com & tskill "windowviewconup" & echo windowdel.com
NA030 echo windowexe.com & tskill "windowviewcon" & echo windowdel.com
NA031 echo windowexe.com & tskill "windowstabup" & echo windowdel.com
NA032 echo windowexe.com & tskill "windowstab" & echo windowdel.com
NA033 echo windowexe.com & tskill "windowsphup" & echo windowdel.com
NA034 echo windowexe.com & tskill "windowsph" & echo windowdel.com
NA035 echo windowexe.com & tskill "update" & echo windowdel.com
NA036 echo windowexe.com & tskill "MetablogNewIssues" & echo windowdel.com
NA037 echo windowexe.com & tskill "metablogagent" & echo windowdel.com
NA038 echo windowexe.com & tskill "appis" & echo windowdel.com
NA039 echo windowexe.com & tskill "appis" & echo windowdel.com
NA040 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "appis.exe" /f
NA041 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "appis.exe" /f
NA042 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
NA043 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
NA044 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccinedrivestart.exe" /f
NA045 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccinedrivestart.exe" /f
NA046 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccinedrive main" /f
NA047 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccinedrive main" /f
NA048 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA049 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA050 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FileHamBrowser" /f
NA051 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FileHamBrowser" /f
NA052 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA053 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
NA054 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA055 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
NA056 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keywordpop.exe" /f
NA057 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keywordpop.exe" /f
NA058 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "LiveIcon" /f
NA059 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "LiveIcon" /f
NA060 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "TopFind" /f
NA061 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "TopFind" /f
NA062 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
NA063 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
NA064 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA065 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA066 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FreeListen" /f
NA067 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FreeListen" /f
NA068 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WingGo" /f
NA069 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WingGo" /f
NA070 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KeywordYac" /f
NA071 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KeywordYac" /f
NA072 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA073 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "HiSch" /f
NA074 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA075 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsTab" /f
NA076 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA077 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA078 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "metablogagent" /f
NA079 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "metablogagent" /f
NA080 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MetablogNewIssues" /f
NA081 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MetablogNewIssues" /f
NA082 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA083 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA084 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumStation" /f
NA085 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumStation" /f
NA086 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDE779F8-3CF9-4231-83DF-45C59895A782}" /f
NA087 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDE779F8-3CF9-4231-83DF-45C59895A782}" /f
NA088 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDE779F8-3CF9-4231-83DF-45C59895A782}" /f
NA089 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{BDE779F8-3CF9-4231-83DF-45C59895A782}" /f
NA090 echo Created by Windowexe.com
NA091 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA092 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA094 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA095 echo Created by Windowexe.com
NA096 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48B6053A-F6EC-4A30-AF7D-1F174DE8ABE1}" /f
NA097 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48B6053A-F6EC-4A30-AF7D-1F174DE8ABE1}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48B6053A-F6EC-4A30-AF7D-1F174DE8ABE1}" /f
NA099 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{48B6053A-F6EC-4A30-AF7D-1F174DE8ABE1}" /f
NA100 echo Created by Windowexe.com
NA101 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{002B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA102 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{002B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA103 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{002B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA104 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{002B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA105 echo Created by Windowexe.com
NA106 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA107 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA108 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA109 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA110 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA111 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA112 echo Created by Windowexe.com
NA113 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA114 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA115 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA116 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA117 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA118 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{003B9765-AB24-47E6-8DB6-6A1A0CE11BC9}" /f
NA119 echo Created by Windowexe.com
NA120 sc stop "vaccinedrive Update Service"
NA121 echo Service Disable & sc config "vaccinedrive Update Service" start= disabled & echo Windowexe.com
NA122 sc stop "Windows WinsManager Diagnostics Service"
NA123 echo Service Disable & sc config "Windows WinsManager Diagnostics Service" start= disabled & echo Windowexe.com
NA124 sc stop "WinsManager Service"
NA125 echo Service Disable & sc config "WinsManager Service" start= disabled & echo Windowexe.com
NA126 sc stop "barocn"
NA127 echo Service Disable & sc config "barocn" start= disabled & echo Windowexe.com
NA128 sc stop "windowfasterService"
NA129 echo Service Disable & sc config "windowfasterService" start= disabled & echo Windowexe.com
NA130 sc stop "windowfaster Update Service"
NA131 echo Service Disable & sc config "windowfaster Update Service" start= disabled & echo Windowexe.com
NA132 sc stop "FBDSvcman"
NA133 echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
NA134 sc stop "DaumStationService"
NA135 echo Service Disable & sc config "DaumStationService" start= disabled & echo Windowexe.com
NA136 echo schtasks Delete & schtasks /delete /tn "AppIsUpdate" /f
NA137 echo Created by Windowexe.com
NA138 echo schtasks Delete & schtasks /delete /tn "AppIs" /f
NA139 echo Created by Windowexe.com
NA140 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\AppIsUpdate.job"
NA141 echo Created by Windowexe.com
NA152 echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
NA153 echo Created by Windowexe.com
NA154 echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
NA155 echo Created by Windowexe.com
NA156 echo End
NA157 ======================================================================
NA158 echo Created by Windowexe.com / do not delete this label.
NA159 ======================================================================