System Analyzer Report 2012, 12, 25

프로그램분석

System Analyzer Report 2012, 12, 25

프로세스 천국 2012. 12. 25. 17:43

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo file Delete & attrib -r "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pcpoweroffuc.lnk"
NA006 echo file Delete & del /q "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pcpoweroffuc.lnk"
NA007 echo file Delete & attrib -r "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\enumerate_jg.lnk"
NA008 echo file Delete & del /q "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\enumerate_jg.lnk"
NA009 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA010 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA011 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProCon" /f
NA012 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProCon" /f
NA013 echo windowexe.com & tskill "MicroProProc" & echo windowdel.com
NA014 echo windowexe.com & tskill "MicroProCon" & echo windowdel.com
NA015 echo windowexe.com & tskill "WinSuggestionsU" & echo windowdel.com
NA016 echo windowexe.com & tskill "UDControl" & echo windowdel.com
NA017 echo windowexe.com & tskill "SearchCloudU" & echo windowdel.com
NA018 echo windowexe.com & tskill "qdownservice" & echo windowdel.com
NA019 echo windowexe.com & tskill "qdownagent" & echo windowdel.com
NA020 echo windowexe.com & tskill "pcpoweroffmon" & echo windowdel.com
NA021 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA022 echo windowexe.com & tskill "mplus" & echo windowdel.com
NA023 echo windowexe.com & tskill "FileService" & echo windowdel.com
NA024 echo windowexe.com & tskill "WinCloud" & echo windowdel.com
NA025 echo windowexe.com & tskill "enumerate_jg_mon" & echo windowdel.com
NA026 echo windowexe.com & tskill "NetAccelerator" & echo windowdel.com
NA027 echo windowexe.com & tskill "BonUpdate" & echo windowdel.com
NA028 echo windowexe.com & tskill "BonUpdate" & echo windowdel.com
NA029 echo windowexe.com & tskill "admsys" & echo windowdel.com
NA030 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA031 echo windowexe.com & tskill "SearchCloudU" & echo windowdel.com
NA032 echo windowexe.com & tskill "pcpoweroffuc" & echo windowdel.com
NA033 echo windowexe.com & tskill "enumerate_jg_uc" & echo windowdel.com
NA034 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
NA035 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
NA036 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA037 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilWorld_UDControl" /f
NA038 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA039 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA040 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA041 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA042 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "BonUpdate.exe" /f
NA043 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "BonUpdate.exe" /f
NA044 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_jg" /f
NA045 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "enumerate_jg" /f
NA046 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pcpoweroff" /f
NA047 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pcpoweroff" /f
NA048 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA049 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA050 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA051 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
NA052 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SearchCloud" /f
NA053 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SearchCloud" /f
NA054 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Windowns Suggestions" /f
NA055 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windowns Suggestions" /f
NA056 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA057 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA058 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA059 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
NA060 echo Created by Windowexe.com
NA061 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1D91943-5386-4884-8A80-F9904A4CC8B9}" /f
NA062 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1D91943-5386-4884-8A80-F9904A4CC8B9}" /f
NA063 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A1D91943-5386-4884-8A80-F9904A4CC8B9}" /f
NA064 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A1D91943-5386-4884-8A80-F9904A4CC8B9}" /f
NA065 echo Created by Windowexe.com
NA066 sc stop "wqyqrejg"
NA067 echo Service Disable & sc config "wqyqrejg" start= disabled & echo Windowexe.com
NA068 sc stop "monpcpoweroff"
NA069 echo Service Disable & sc config "monpcpoweroff" start= disabled & echo Windowexe.com
NA070 sc stop "Wizeni Service"
NA071 echo Service Disable & sc config "Wizeni Service" start= disabled & echo Windowexe.com
NA072 sc stop "WinCloud"
NA073 echo Service Disable & sc config "WinCloud" start= disabled & echo Windowexe.com
NA074 sc stop "QuickDownload Service"
NA075 echo Service Disable & sc config "QuickDownload Service" start= disabled & echo Windowexe.com
NA076 sc stop "QuickDownload Agent"
NA077 echo Service Disable & sc config "QuickDownload Agent" start= disabled & echo Windowexe.com
NA078 sc stop "NetAccelerator"
NA079 echo Service Disable & sc config "NetAccelerator" start= disabled & echo Windowexe.com
NA080 sc stop "NATService"
NA081 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA082 sc stop "FileService"
NA083 echo Service Disable & sc config "FileService" start= disabled & echo Windowexe.com
NA084 sc stop "Bondisk Update Service"
NA085 echo Service Disable & sc config "Bondisk Update Service" start= disabled & echo Windowexe.com
NA086 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA087 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
NA088 echo Created by Windowexe.com
NA089 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA090 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
NA091 echo Created by Windowexe.com
NA092 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA093 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
NA094 echo Created by Windowexe.com
NA095 echo schtasks Delete & schtasks /delete /tn "mplus" /f
NA096 echo Created by Windowexe.com
NA097 echo End
NA098 ======================================================================
NA099 echo Created by Windowexe.com / do not delete this label.
NA100 ======================================================================