System Analyzer Report 2012, 12, 11

프로그램분석

System Analyzer Report 2012, 12, 11

프로세스 천국 2012. 12. 11. 19:36

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "isjhdtahe" & echo windowdel.com
NA006 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA007 echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
NA008 echo windowexe.com & tskill "dailycon" & echo windowdel.com
NA009 echo windowexe.com & tskill "IETab" & echo windowdel.com
NA010 echo windowexe.com & tskill "ToolbarRestore" & echo windowdel.com
NA011 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA012 echo windowexe.com & tskill "nate_as" & echo windowdel.com
NA013 echo windowexe.com & tskill "padaily" & echo windowdel.com
NA014 echo windowexe.com & tskill "winspop" & echo windowdel.com
NA015 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "itore2" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "itore2" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SweetIM" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SweetIM" /f
NA020 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA021 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA022 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "dailycon" /f
NA023 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "dailycon" /f
NA024 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "padaily" /f
NA025 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "padaily" /f
NA026 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA027 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA028 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA029 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA030 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA031 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA032 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA033 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA034 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA035 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA036 echo Created by Windowexe.com
NA037 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA038 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA039 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA040 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA041 echo Created by Windowexe.com
NA042 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA043 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA044 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA045 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA046 echo Created by Windowexe.com
NA047 sc stop "NTAService"
NA048 echo Service Disable & sc config "NTAService" start= disabled & echo Windowexe.com
NA049 sc stop "TCCheckAgent"
NA050 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA051 sc stop "winspsv32"
NA052 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA053 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA054 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA055 echo Created by Windowexe.com
NA056 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA057 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA058 echo Created by Windowexe.com
NA059 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA060 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA061 echo Created by Windowexe.com
NA062 echo change dir for x64
NA063 cd %windir%
NA064 cd syswow64
NA065 echo windowexe.com & tskill "isjhdtahe" & echo windowdel.com
NA066 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA067 echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
NA068 echo windowexe.com & tskill "dailycon" & echo windowdel.com
NA069 echo windowexe.com & tskill "IETab" & echo windowdel.com
NA070 echo windowexe.com & tskill "ToolbarRestore" & echo windowdel.com
NA071 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA072 echo windowexe.com & tskill "nate_as" & echo windowdel.com
NA073 echo windowexe.com & tskill "padaily" & echo windowdel.com
NA074 echo windowexe.com & tskill "winspop" & echo windowdel.com
NA075 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA076 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "itore2" /f
NA077 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "itore2" /f
NA078 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SweetIM" /f
NA079 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SweetIM" /f
NA080 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA081 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Nate" /f
NA082 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "dailycon" /f
NA083 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "dailycon" /f
NA084 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "padaily" /f
NA085 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "padaily" /f
NA086 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA087 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA088 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA089 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA090 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA091 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA092 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA094 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA095 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA096 echo Created by Windowexe.com
NA097 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA099 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA100 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E77FA0B2-C931-411C-82A2-FF672456B730}" /f
NA101 echo Created by Windowexe.com
NA102 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA103 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA104 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA105 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E81E1598-BCE6-40B9-8B68-AE57DAA04452}" /f
NA106 echo Created by Windowexe.com
NA107 sc stop "NTAService"
NA108 echo Service Disable & sc config "NTAService" start= disabled & echo Windowexe.com
NA109 sc stop "TCCheckAgent"
NA110 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA111 sc stop "winspsv32"
NA112 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA113 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA114 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA115 echo Created by Windowexe.com
NA116 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA117 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA118 echo Created by Windowexe.com
NA119 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA120 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA121 echo Created by Windowexe.com
NA122 echo End
NA123 ======================================================================
NA124 echo Created by Windowexe.com / do not delete this label.
NA125 ======================================================================