Code : mMdRwgRvBwA77sJCmvHoaVdaXAbclJqa

프로그램분석

Code : mMdRwgRvBwA77sJCmvHoaVdaXAbclJqa

프로세스 천국 2013. 3. 31. 13:59

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "snqpu" & echo windowdel.com
NA005 echo windowexe.com & tskill "snq_pu" & echo windowdel.com
NA006 echo windowexe.com & tskill "nate_as" & echo windowdel.com
NA007 echo windowexe.com & tskill "MicroCloudEngine" & echo windowdel.com
NA008 echo windowexe.com & tskill "vcheck" & echo windowdel.com
NA009 echo windowexe.com & tskill "FrontDoorApp" & echo windowdel.com
NA010 echo windowexe.com & tskill "DaumStationService" & echo windowdel.com
NA011 echo windowexe.com & tskill "CloudManager" & echo windowdel.com
NA012 echo windowexe.com & tskill "11stshopping" & echo windowdel.com
NA013 echo windowexe.com & tskill "11stdirecticonst" & echo windowdel.com
NA014 echo windowexe.com & tskill "Updater" & echo windowdel.com
NA015 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FrontDoor" /f
NA016 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FrontDoor" /f
NA017 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FrontDoorApp" /f
NA018 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FrontDoorApp" /f
NA019 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "snq_pu" /f
NA020 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "snq_pu" /f
NA021 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "snqpu" /f
NA022 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "snqpu" /f
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA025 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "11STshoppingIcon" /f
NA026 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "11STshoppingIcon" /f
NA027 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DragSearch" /f
NA028 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DragSearch" /f
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumStation" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumStation" /f
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA033 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA034 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA035 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA036 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA037 echo Created by Windowexe.com
NA038 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA039 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA040 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA041 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA042 echo Created by Windowexe.com
NA043 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A33AEF-D53D-49F7-991D-44B163B6CE90}" /f
NA044 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83A33AEF-D53D-49F7-991D-44B163B6CE90}" /f
NA045 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83A33AEF-D53D-49F7-991D-44B163B6CE90}" /f
NA046 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{83A33AEF-D53D-49F7-991D-44B163B6CE90}" /f
NA047 echo Created by Windowexe.com
NA048 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A60A62B-A6C8-4300-AF61-75AB16EEFE64}" /f
NA049 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A60A62B-A6C8-4300-AF61-75AB16EEFE64}" /f
NA050 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A60A62B-A6C8-4300-AF61-75AB16EEFE64}" /f
NA051 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3A60A62B-A6C8-4300-AF61-75AB16EEFE64}" /f
NA052 echo Created by Windowexe.com
NA053 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
NA054 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
NA055 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
NA056 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
NA057 echo Created by Windowexe.com
NA058 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{375A6AB2-FEEC-445D-B853-2139FB561F80}" /f
NA059 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{375A6AB2-FEEC-445D-B853-2139FB561F80}" /f
NA060 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{375A6AB2-FEEC-445D-B853-2139FB561F80}" /f
NA061 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{375A6AB2-FEEC-445D-B853-2139FB561F80}" /f
NA062 echo Created by Windowexe.com
NA063 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09A1A7FF-47CF-4b75-9449-AC292F4CCAF7}" /f
NA064 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{09A1A7FF-47CF-4b75-9449-AC292F4CCAF7}" /f
NA065 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{09A1A7FF-47CF-4b75-9449-AC292F4CCAF7}" /f
NA066 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{09A1A7FF-47CF-4b75-9449-AC292F4CCAF7}" /f
NA067 echo Created by Windowexe.com
NA068 sc stop "DaumStationService"
NA069 echo Service Disable & sc config "DaumStationService" start= disabled & echo Windowexe.com
NA070 sc stop "MicroCloudEngine"
NA071 echo Service Disable & sc config "MicroCloudEngine" start= disabled & echo Windowexe.com
NA072 sc stop "CloudManager"
NA073 echo Service Disable & sc config "CloudManager" start= disabled & echo Windowexe.com
NA074 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA075 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA076 echo Created by Windowexe.com
NA077 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{013BCEA5-8309-448b-8604-85F23D7861A5}" /f
NA078 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{013BCEA5-8309-448b-8604-85F23D7861A5}" /f
NA079 echo Created by Windowexe.com
NA080 echo End
NA081 ======================================================================
NA082 echo Created by Windowexe.com / do not delete this label.
NA083 ======================================================================