Code : J/DmXuDmNKawCGalb3TO/lNoAMwb9ZYk

프로그램분석

Code : J/DmXuDmNKawCGalb3TO/lNoAMwb9ZYk

프로세스 천국 2013. 4. 21. 13:41

NA000 ======================================================================
NA001 echo Created by Windowexe.com / do not delete this label.
NA002 ======================================================================
NA003 echo Start
NA004 echo windowexe.com & tskill "powertime_mon" & echo windowdel.com
NA005 echo windowexe.com & tskill "GDownService" & echo windowdel.com
NA006 echo windowexe.com & tskill "update" & echo windowdel.com
NA007 echo windowexe.com & tskill "appis" & echo windowdel.com
NA008 echo windowexe.com & tskill "update" & echo windowdel.com
NA009 echo windowexe.com & tskill "appis" & echo windowdel.com
NA010 echo windowexe.com & tskill "tooltip_uc" & echo windowdel.com
NA011 echo windowexe.com & tskill "tooltip_mon" & echo windowdel.com
NA012 echo windowexe.com & tskill "tooltip" & echo windowdel.com
NA013 echo windowexe.com & tskill "OrumMon" & echo windowdel.com
NA014 echo windowexe.com & tskill "ORUM" & echo windowdel.com
NA015 echo windowexe.com & tskill "msfctrl" & echo windowdel.com
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "tooltip_uc" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "tooltip_uc" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "appis.exe" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "appis.exe" /f
NA020 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
NA021 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
NA022 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "tooltip_uc" /f
NA023 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "tooltip_uc" /f
NA024 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA025 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA026 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA027 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
NA028 echo Created by Windowexe.com
NA029 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA030 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA031 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA032 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA033 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA034 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
NA035 echo Created by Windowexe.com
NA036 sc stop "rzuvxpt"
NA037 echo Service Disable & sc config "rzuvxpt" start= disabled & echo Windowexe.com
NA038 sc stop "rzuvxpop"
NA039 echo Service Disable & sc config "rzuvxpop" start= disabled & echo Windowexe.com
NA040 sc stop "OrumMonService"
NA041 echo Service Disable & sc config "OrumMonService" start= disabled & echo Windowexe.com
NA042 sc stop "msfsvc32"
NA043 echo Service Disable & sc config "msfsvc32" start= disabled & echo Windowexe.com
NA044 sc stop "GDownService"
NA045 echo Service Disable & sc config "GDownService" start= disabled & echo Windowexe.com
NA046 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA047 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA048 echo Created by Windowexe.com
NA049 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA050 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA051 echo Created by Windowexe.com
NA052 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA053 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA054 echo Created by Windowexe.com
NA055 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{3005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA056 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{3005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA057 echo Created by Windowexe.com
NA058 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{25990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA059 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{25990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA060 echo Created by Windowexe.com
NA061 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{18C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA062 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{18C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA063 echo Created by Windowexe.com
NA064 echo schtasks Delete & schtasks /delete /tn "AppIsUpdate" /f
NA065 echo Created by Windowexe.com
NA066 echo schtasks Delete & schtasks /delete /tn "AppIs" /f
NA067 echo Created by Windowexe.com
NA068 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\AppIsUpdate.job"
NA069 echo Created by Windowexe.com
NA070 echo file Delete & attrib -r "C:\Documents and Settings\Administrator\바탕 화면\옥션.url"
NA071 echo file Delete & del /q "C:\Documents and Settings\Administrator\바탕 화면\옥션.url"
NA072 echo End
NA073 ======================================================================
NA074 echo Created by Windowexe.com / do not delete this label.
NA075 ======================================================================