Code : nO497Bc9ySAN9vmPimstevZW4DuwRnnM

프로그램분석

Code : nO497Bc9ySAN9vmPimstevZW4DuwRnnM

프로세스 천국 2013. 3. 30. 16:57

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "KUploadService" & echo windowdel.com
NA005 echo windowexe.com & tskill "GDownService" & echo windowdel.com
NA006 echo windowexe.com & tskill "bbodiskService" & echo windowdel.com
NA007 echo windowexe.com & tskill "WinxpendUP_imnw" & echo windowdel.com
NA008 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "svccap" /f
NA009 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "svccap" /f
NA010 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA011 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA012 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA013 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA014 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA015 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA018 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA019 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA020 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA021 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA022 echo Created by Windowexe.com
NA023 echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_imnw" /f
NA024 echo Created by Windowexe.com
NA025 echo change dir for x64
NA026 cd %windir%
NA027 cd syswow64
NA028 echo windowexe.com & tskill "KUploadService" & echo windowdel.com
NA029 echo windowexe.com & tskill "GDownService" & echo windowdel.com
NA030 echo windowexe.com & tskill "bbodiskService" & echo windowdel.com
NA031 echo windowexe.com & tskill "WinxpendUP_imnw" & echo windowdel.com
NA032 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "svccap" /f
NA033 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "svccap" /f
NA034 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA035 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA036 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA037 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA038 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA039 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Java Update V7.2" /f
NA040 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA041 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "gUECCTjVVAVhLfOTUHIgMRXjMAiZOOJWMWZDcEFN" /f
NA042 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA043 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA044 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA045 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{AB705622-B25B-491B-A6BF-4A46FDDBC88E}" /f
NA046 echo Created by Windowexe.com
NA047 echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_imnw" /f
NA048 echo Created by Windowexe.com
NA049 echo End
NA050 ======================================================================
NA051 echo Created by Windowexe.com / do not delete this label.
NA052 ======================================================================