System Analyzer Report 2013, 01, 07

프로그램분석

System Analyzer Report 2013, 01, 07

프로세스 천국 2013. 1. 7. 19:00

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "laendon" & echo windowdel.com
NA006 echo windowexe.com & tskill "pendon" & echo windowdel.com
NA007 echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
NA008 echo windowexe.com & tskill "IETab" & echo windowdel.com
NA009 echo windowexe.com & tskill "ToolbarRestore" & echo windowdel.com
NA010 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA011 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA012 echo windowexe.com & tskill "UtilZone" & echo windowdel.com
NA013 echo windowexe.com & tskill "winspop" & echo windowdel.com
NA014 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA015 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "laendon" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "laendon" /f
NA020 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pendon" /f
NA021 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pendon" /f
NA022 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA023 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA024 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA025 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA026 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA027 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA028 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA029 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA030 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA031 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA032 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA033 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA034 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA035 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA036 echo Created by Windowexe.com
NA037 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA038 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA039 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA040 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA041 echo Created by Windowexe.com
NA042 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA043 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA044 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA045 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA046 echo Created by Windowexe.com
NA047 sc stop "TCCheckAgent"
NA048 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA049 sc stop "winspsv32"
NA050 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA051 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA052 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA053 echo Created by Windowexe.com
NA054 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA055 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA056 echo Created by Windowexe.com
NA057 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA058 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA059 echo Created by Windowexe.com
NA060 echo schtasks Delete & schtasks /delete /tn "ez-Plus" /f
NA061 echo Created by Windowexe.com
NA062 echo change dir for x64
NA063 cd %windir%
NA064 cd syswow64
NA065 echo windowexe.com & tskill "laendon" & echo windowdel.com
NA066 echo windowexe.com & tskill "pendon" & echo windowdel.com
NA067 echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
NA068 echo windowexe.com & tskill "IETab" & echo windowdel.com
NA069 echo windowexe.com & tskill "ToolbarRestore" & echo windowdel.com
NA070 echo windowexe.com & tskill "liveplus" & echo windowdel.com
NA071 echo windowexe.com & tskill "lpupdate" & echo windowdel.com
NA072 echo windowexe.com & tskill "UtilZone" & echo windowdel.com
NA073 echo windowexe.com & tskill "winspop" & echo windowdel.com
NA074 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA075 echo windowexe.com & tskill "WinPro" & echo windowdel.com
NA076 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA077 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
NA078 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "laendon" /f
NA079 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "laendon" /f
NA080 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "pendon" /f
NA081 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "pendon" /f
NA082 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA083 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA084 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA085 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
NA086 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA087 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA088 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA089 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "liveplus" /f
NA090 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA091 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
NA092 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA094 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA095 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1F810C3E-B96E-400d-A8CB-B822620AC3BE}" /f
NA096 echo Created by Windowexe.com
NA097 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA099 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA100 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{26ABCC55-0790-466A-8F3F-8C176D6C9CA1}" /f
NA101 echo Created by Windowexe.com
NA102 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA103 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA104 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA105 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA106 echo Created by Windowexe.com
NA107 sc stop "TCCheckAgent"
NA108 echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
NA109 sc stop "winspsv32"
NA110 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA111 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA112 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
NA113 echo Created by Windowexe.com
NA114 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA115 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
NA116 echo Created by Windowexe.com
NA117 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA118 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
NA119 echo Created by Windowexe.com
NA120 echo schtasks Delete & schtasks /delete /tn "ez-Plus" /f
NA121 echo Created by Windowexe.com
NA122 echo End
NA123 ======================================================================
NA124 echo Created by Windowexe.com / do not delete this label.
NA125 ======================================================================