Code : 2BLCeFYUXksKm5swFCExiao6RdeOeq6J

프로그램분석

Code : 2BLCeFYUXksKm5swFCExiao6RdeOeq6J

프로세스 천국 2013. 3. 19. 19:40

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "VService" & echo windowdel.com
NA005 echo windowexe.com & tskill "SCChkUpd" & echo windowdel.com
NA006 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA007 echo windowexe.com & tskill "ctserv" & echo windowdel.com
NA008 echo windowexe.com & tskill "MultiDownloadiconSL" & echo windowdel.com
NA009 echo windowexe.com & tskill "DirectKeywordUpdateService" & echo windowdel.com
NA010 echo windowexe.com & tskill "DirectKeyword2" & echo windowdel.com
NA011 echo windowexe.com & tskill "MultiDownLoadSvc" & echo windowdel.com
NA012 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AhnLab V3Lite Update Process" /f
NA013 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AhnLab V3Lite Update Process" /f
NA014 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Pando Media Booster" /f
NA015 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Pando Media Booster" /f
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "scchk" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "scchk" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
NA020 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA021 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA022 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA023 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA024 echo Created by Windowexe.com
NA025 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA026 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA027 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA028 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
NA029 echo Created by Windowexe.com
NA030 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA031 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA032 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA033 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA034 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA035 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
NA036 echo Created by Windowexe.com
NA037 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA038 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA039 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA040 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA041 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA042 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
NA043 echo Created by Windowexe.com
NA044 sc stop "wvueyisohhf"
NA045 echo Service Disable & sc config "wvueyisohhf" start= disabled & echo Windowexe.com
NA046 sc stop "VService"
NA047 echo Service Disable & sc config "VService" start= disabled & echo Windowexe.com
NA048 sc stop "tyzrtmm3"
NA049 echo Service Disable & sc config "tyzrtmm3" start= disabled & echo Windowexe.com
NA050 sc stop "trhqvoblb"
NA051 echo Service Disable & sc config "trhqvoblb" start= disabled & echo Windowexe.com
NA052 sc stop "tpkvudmbdyu"
NA053 echo Service Disable & sc config "tpkvudmbdyu" start= disabled & echo Windowexe.com
NA054 sc stop "RunS"
NA055 echo Service Disable & sc config "RunS" start= disabled & echo Windowexe.com
NA056 sc stop "ngybdotuybw"
NA057 echo Service Disable & sc config "ngybdotuybw" start= disabled & echo Windowexe.com
NA058 sc stop "NATService"
NA059 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA060 sc stop "mgrhhbkkmy"
NA061 echo Service Disable & sc config "mgrhhbkkmy" start= disabled & echo Windowexe.com
NA062 sc stop "kqrsgxfsuzl"
NA063 echo Service Disable & sc config "kqrsgxfsuzl" start= disabled & echo Windowexe.com
NA064 sc stop "hmadxbpiyk"
NA065 echo Service Disable & sc config "hmadxbpiyk" start= disabled & echo Windowexe.com
NA066 sc stop "gkbckhbh"
NA067 echo Service Disable & sc config "gkbckhbh" start= disabled & echo Windowexe.com
NA068 sc stop "DirectKeywordUpdateService"
NA069 echo Service Disable & sc config "DirectKeywordUpdateService" start= disabled & echo Windowexe.com
NA070 sc stop "ctwopop"
NA071 echo Service Disable & sc config "ctwopop" start= disabled & echo Windowexe.com
NA072 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA073 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA074 echo Created by Windowexe.com
NA075 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA076 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA077 echo Created by Windowexe.com
NA078 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA079 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA080 echo Created by Windowexe.com
NA081 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F37C59DB-A6DA-4682-AE30-4E05CD288308}" /f
NA082 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{F37C59DB-A6DA-4682-AE30-4E05CD288308}" /f
NA083 echo Created by Windowexe.com
NA084 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{55F094D6-B484-48D1-AAE0-7D48F16FB3EE}" /f
NA085 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{55F094D6-B484-48D1-AAE0-7D48F16FB3EE}" /f
NA086 echo Created by Windowexe.com
NA087 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\IPopUpdate.job"
NA088 echo Created by Windowexe.com
NA089 echo 000 & reg.exe delete "HKCR\CLSID\{AB565455-38B6-47EC-AE13-DC0A456B0550}" /f & echo windowdel.com
NA090 echo Created by Windowexe.com
NA091 echo End
NA092 ======================================================================
NA093 echo Created by Windowexe.com / do not delete this label.
NA094 ======================================================================