System Analyzer Report 2012, 09, 17

프로그램분석

System Analyzer Report 2012, 09, 17

프로세스 천국 2012. 9. 17. 00:30

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004
NA005 echo Start
NA006 echo windowexe.com & tskill "winkmv" & echo windowdel.com
NA007 echo windowexe.com & tskill "winkmv" & echo windowdel.com
NA008 echo windowexe.com & tskill "utilsvc" & echo windowdel.com
NA009 echo windowexe.com & tskill "utilsvc" & echo windowdel.com
NA010 echo windowexe.com & tskill "snq_pu" & echo windowdel.com
NA011 echo windowexe.com & tskill "qdownservice" & echo windowdel.com
NA012 echo windowexe.com & tskill "qdownservice" & echo windowdel.com
NA013 echo windowexe.com & tskill "qdownagent" & echo windowdel.com
NA014 echo windowexe.com & tskill "qdownagent" & echo windowdel.com
NA015 echo windowexe.com & tskill "poweroffuc" & echo windowdel.com
NA016 echo windowexe.com & tskill "poweroffuc" & echo windowdel.com
NA017 echo windowexe.com & tskill "poweroffmon" & echo windowdel.com
NA018 echo windowexe.com & tskill "pdsutilsvc" & echo windowdel.com
NA019 echo windowexe.com & tskill "pdsutilsvc" & echo windowdel.com
NA020 echo windowexe.com & tskill "notificationuc" & echo windowdel.com
NA021 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA022 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA023 echo windowexe.com & tskill "enumerate_uc" & echo windowdel.com
NA024 echo windowexe.com & tskill "enumerate_sd_uc" & echo windowdel.com
NA025 echo windowexe.com & tskill "enumerate_sd_uc" & echo windowdel.com
NA026 echo windowexe.com & tskill "enumerate_sd_mon" & echo windowdel.com
NA027 echo windowexe.com & tskill "addenoptagent" & echo windowdel.com
NA028 echo windowexe.com & tskill "addenbaragent" & echo windowdel.com
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_sd" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_sd" /f
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "snq_pu" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "snq_pu" /f
NA033 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "puweb" /f
NA034 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "puweb" /f
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "poweroff" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "poweroff" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MisoFileService" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MisoFileService" /f
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "notification" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "notification" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_sd" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_sd" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "enumerate" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "enumerate" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "addenagent" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "addenagent" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "addenbaragent" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "addenbaragent" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "poweroff" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "poweroff" /f
NA051 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F185504F-C9CE-4A59-A064-CF006945591F}" /f
NA052 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F185504F-C9CE-4A59-A064-CF006945591F}" /f
NA053 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F185504F-C9CE-4A59-A064-CF006945591F}" /f
NA054 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{F185504F-C9CE-4A59-A064-CF006945591F}" /f
NA055 echo Created by Windowexe.com
NA056 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}" /f
NA057 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}" /f
NA058 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}" /f
NA059 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CC01FC6C-DCA0-4F39-B902-DF736EF8E5E9}" /f
NA060 echo Created by Windowexe.com
NA061 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA062 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA063 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA064 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA065 echo Created by Windowexe.com
NA066 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D65E21B-10D6-4E06-8673-80D25FA7C42B}" /f
NA067 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D65E21B-10D6-4E06-8673-80D25FA7C42B}" /f
NA068 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D65E21B-10D6-4E06-8673-80D25FA7C42B}" /f
NA069 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{9D65E21B-10D6-4E06-8673-80D25FA7C42B}" /f
NA070 echo Created by Windowexe.com
NA071 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A3D68DC-5557-46E0-BD7B-BF64B561BD96}" /f
NA072 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A3D68DC-5557-46E0-BD7B-BF64B561BD96}" /f
NA073 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9A3D68DC-5557-46E0-BD7B-BF64B561BD96}" /f
NA074 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{9A3D68DC-5557-46E0-BD7B-BF64B561BD96}" /f
NA075 echo Created by Windowexe.com
NA076 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53A4F514-7017-4927-B43C-E113D57D2F11}" /f
NA077 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{53A4F514-7017-4927-B43C-E113D57D2F11}" /f
NA078 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{53A4F514-7017-4927-B43C-E113D57D2F11}" /f
NA079 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{53A4F514-7017-4927-B43C-E113D57D2F11}" /f
NA080 echo Created by Windowexe.com
NA081 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21F36DFB-2E95-4C5B-AC0C-6FD90DCD2D81}" /f
NA082 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21F36DFB-2E95-4C5B-AC0C-6FD90DCD2D81}" /f
NA083 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21F36DFB-2E95-4C5B-AC0C-6FD90DCD2D81}" /f
NA084 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{21F36DFB-2E95-4C5B-AC0C-6FD90DCD2D81}" /f
NA085 echo Created by Windowexe.com
NA086 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{052089D9-DEAA-4BCF-A5F0-FDCE7A27197E}" /f
NA087 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052089D9-DEAA-4BCF-A5F0-FDCE7A27197E}" /f
NA088 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{052089D9-DEAA-4BCF-A5F0-FDCE7A27197E}" /f
NA089 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{052089D9-DEAA-4BCF-A5F0-FDCE7A27197E}" /f
NA090 echo Created by Windowexe.com
NA091 sc stop "winkmsvc"
NA092 echo Service Disable & sc config "winkmsvc" start= disabled & echo Windowexe.com
NA093 sc stop "winausrv"
NA094 echo Service Disable & sc config "winausrv" start= disabled & echo Windowexe.com
NA095 sc stop "update utilpds"
NA096 echo Service Disable & sc config "update utilpds" start= disabled & echo Windowexe.com
NA097 sc stop "tyzrt"
NA098 echo Service Disable & sc config "tyzrt" start= disabled & echo Windowexe.com
NA099 sc stop "SumSv"
NA100 echo Service Disable & sc config "SumSv" start= disabled & echo Windowexe.com
NA101 sc stop "QuickDownload Service"
NA102 echo Service Disable & sc config "QuickDownload Service" start= disabled & echo Windowexe.com
NA103 sc stop "QuickDownload Agent"
NA104 echo Service Disable & sc config "QuickDownload Agent" start= disabled & echo Windowexe.com
NA105 sc stop "PEF Scvie"
NA106 echo Service Disable & sc config "PEF Scvie" start= disabled & echo Windowexe.com
NA107 sc stop "pdsutil mgr"
NA108 echo Service Disable & sc config "pdsutil mgr" start= disabled & echo Windowexe.com
NA109 sc stop "nukedcation"
NA110 echo Service Disable & sc config "nukedcation" start= disabled & echo Windowexe.com
NA111 sc stop "Nexroser"
NA112 echo Service Disable & sc config "Nexroser" start= disabled & echo Windowexe.com
NA113 sc stop "NATService"
NA114 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA115 sc stop "nashville"
NA116 echo Service Disable & sc config "nashville" start= disabled & echo Windowexe.com
NA117 sc stop "monpoweroff"
NA118 echo Service Disable & sc config "monpoweroff" start= disabled & echo Windowexe.com
NA119 sc stop "MngSv"
NA120 echo Service Disable & sc config "MngSv" start= disabled & echo Windowexe.com
NA121 sc stop "kainia"
NA122 echo Service Disable & sc config "kainia" start= disabled & echo Windowexe.com
NA123 sc stop "josedavid"
NA124 echo Service Disable & sc config "josedavid" start= disabled & echo Windowexe.com
NA125 sc stop "Dpsvu"
NA126 echo Service Disable & sc config "Dpsvu" start= disabled & echo Windowexe.com
NA127 sc stop "doubleindem"
NA128 echo Service Disable & sc config "doubleindem" start= disabled & echo Windowexe.com
NA129 sc stop "conspuer"
NA130 echo Service Disable & sc config "conspuer" start= disabled & echo Windowexe.com
NA131 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA132 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA133 echo Created by Windowexe.com
NA134 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA135 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA136 echo Created by Windowexe.com
NA137 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA138 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA139 echo Created by Windowexe.com
NA140 echo schtasks Delete & schtasks /delete /tn "Window micro" /f
NA141 echo Created by Windowexe.com
NA142 echo schtasks Delete & schtasks /delete /tn "Window kbpss" /f
NA143 echo Created by Windowexe.com
NA144 echo schtasks Delete & schtasks /delete /tn "Window hankoolklp" /f
NA145 echo Created by Windowexe.com
NA146 echo schtasks Delete & schtasks /delete /tn "Window fortfire011" /f
NA147 echo Created by Windowexe.com
NA148 echo schtasks Delete & schtasks /delete /tn "winddws" /f
NA149 echo Created by Windowexe.com
NA150 echo schtasks Delete & schtasks /delete /tn "WebCompassUpdate" /f
NA151 echo Created by Windowexe.com
NA152 echo schtasks Delete & schtasks /delete /tn "MicroWebAD Installer 1.1" /f
NA153 echo Created by Windowexe.com
NA154 echo schtasks Delete & schtasks /delete /tn "GuideOnUDF.exe" /f
NA155 echo Created by Windowexe.com
NA156 echo schtasks Delete & schtasks /delete /tn "ezlinkpluscfg" /f
NA157 echo Created by Windowexe.com
NA158 echo schtasks Delete & schtasks /delete /tn "comprotect.exe" /f
NA159 echo Created by Windowexe.com
NA160 echo schtasks Delete & schtasks /delete /tn "AppIsUpdate" /f
NA161 echo Created by Windowexe.com
NA162 echo End
NA163
NA164 ======================================================================
NA165 echo Created by Windowexe.com / do not delete this label.
NA166 ======================================================================