Code : xOn92dHK/gRAoOFJ7J1k7U+NZhC3sbh0X/J1znG+dq0=

프로그램분석

Code : xOn92dHK/gRAoOFJ7J1k7U+NZhC3sbh0X/J1znG+dq0=

프로세스 천국 2013. 2. 6. 22:03

System Analyzer Report 2013, 02, 06

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "direcon" & echo windowdel.com
NA006 echo windowexe.com & tskill "skcu" & echo windowdel.com
NA007 echo windowexe.com & tskill "zhfldk" & echo windowdel.com
NA008 echo windowexe.com & tskill "zhfldks" & echo windowdel.com
NA009 echo windowexe.com & tskill "appst" & echo windowdel.com
NA010 echo windowexe.com & tskill "revealingst" & echo windowdel.com
NA011 echo windowexe.com & tskill "revealingu" & echo windowdel.com
NA012 echo windowexe.com & tskill "EasyPop_E" & echo windowdel.com
NA013 echo windowexe.com & tskill "EasyPop_S" & echo windowdel.com
NA014 echo windowexe.com & tskill "GuardConvert" & echo windowdel.com
NA015 echo windowexe.com & tskill "HubGate" & echo windowdel.com
NA016 echo windowexe.com & tskill "MicroProCon" & echo windowdel.com
NA017 echo windowexe.com & tskill "MicroProProc" & echo windowdel.com
NA018 echo windowexe.com & tskill "AdMatching" & echo windowdel.com
NA019 echo windowexe.com & tskill "TCSearch" & echo windowdel.com
NA020 echo windowexe.com & tskill "ctpop" & echo windowdel.com
NA021 echo windowexe.com & tskill "ctpopsvc" & echo windowdel.com
NA022 echo windowexe.com & tskill "IETab" & echo windowdel.com
NA023 echo windowexe.com & tskill "ISZone" & echo windowdel.com
NA024 echo windowexe.com & tskill "ISZoneUpdate" & echo windowdel.com
NA025 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA026 echo windowexe.com & tskill "primead" & echo windowdel.com
NA027 echo windowexe.com & tskill "qdownagent" & echo windowdel.com
NA028 echo windowexe.com & tskill "qdownservice" & echo windowdel.com
NA029 echo windowexe.com & tskill "revealingdc" & echo windowdel.com
NA030 echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
NA031 echo windowexe.com & tskill "updatime" & echo windowdel.com
NA032 echo windowexe.com & tskill "intsfsrv" & echo windowdel.com
NA033 echo windowexe.com & tskill "winspop" & echo windowdel.com
NA034 echo windowexe.com & tskill "winspsv" & echo windowdel.com
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WHelp\"" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "revealing_u" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "revealing_u" /f
NA039 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "revealing_st" /f
NA040 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "revealing_st" /f
NA041 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "revealing_dc" /f
NA042 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "revealing_dc" /f
NA043 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA044 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Adv_TopC" /f
NA045 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "RealWeb" /f
NA046 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "RealWeb" /f
NA047 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA048 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA049 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ISZone" /f
NA050 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ISZone" /f
NA051 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA052 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
NA053 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA054 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA055 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WHelp" /f
NA056 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WHelp" /f
NA057 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA058 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
NA059 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "updatime" /f
NA060 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "updatime" /f
NA061 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA062 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
NA063 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "direcon" /f
NA064 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "direcon" /f
NA065 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "appsigntool" /f
NA066 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "appsigntool" /f
NA067 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
NA068 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
NA069 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
NA070 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
NA071 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProCon" /f
NA072 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProCon" /f
NA073 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
NA074 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
NA075 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA076 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroProProc" /f
NA077 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA078 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA079 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA080 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
NA081 echo Created by Windowexe.com
NA082 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AD180B4-D7BB-4559-9608-608CFFC99B65}" /f
NA083 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AD180B4-D7BB-4559-9608-608CFFC99B65}" /f
NA084 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5AD180B4-D7BB-4559-9608-608CFFC99B65}" /f
NA085 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{5AD180B4-D7BB-4559-9608-608CFFC99B65}" /f
NA086 echo Created by Windowexe.com
NA087 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA088 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA089 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA090 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B60FE1D2-2F84-42a7-AE04-03284738CC24}" /f
NA091 echo Created by Windowexe.com
NA092 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7A20F9D-BA43-43D8-A2E0-CE28D763EF72}" /f
NA093 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E7A20F9D-BA43-43D8-A2E0-CE28D763EF72}" /f
NA094 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E7A20F9D-BA43-43D8-A2E0-CE28D763EF72}" /f
NA095 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{E7A20F9D-BA43-43D8-A2E0-CE28D763EF72}" /f
NA096 echo Created by Windowexe.com
NA097 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F2B44673-4E90-4B21-8598-073546946A6E}" /f
NA098 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F2B44673-4E90-4B21-8598-073546946A6E}" /f
NA099 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F2B44673-4E90-4B21-8598-073546946A6E}" /f
NA100 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{F2B44673-4E90-4B21-8598-073546946A6E}" /f
NA101 echo Created by Windowexe.com
NA102 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA103 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA104 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA105 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA106 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA107 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{C7928CF3-9532-44C0-B8CC-98E2C11ECC9F}" /f
NA108 echo Created by Windowexe.com
NA109 sc stop "ctwopop"
NA110 echo Service Disable & sc config "ctwopop" start= disabled & echo Windowexe.com
NA111 sc stop "EasyPop_Service"
NA112 echo Service Disable & sc config "EasyPop_Service" start= disabled & echo Windowexe.com
NA113 sc stop "InternetSafer Protector"
NA114 echo Service Disable & sc config "InternetSafer Protector" start= disabled & echo Windowexe.com
NA115 sc stop "NATService"
NA116 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA117 sc stop "orienttma"
NA118 echo Service Disable & sc config "orienttma" start= disabled & echo Windowexe.com
NA119 sc stop "QuickDownload Agent"
NA120 echo Service Disable & sc config "QuickDownload Agent" start= disabled & echo Windowexe.com
NA121 sc stop "QuickDownload Service"
NA122 echo Service Disable & sc config "QuickDownload Service" start= disabled & echo Windowexe.com
NA123 sc stop "WindowsDriver"
NA124 echo Service Disable & sc config "WindowsDriver" start= disabled & echo Windowexe.com
NA125 sc stop "winspsv32"
NA126 echo Service Disable & sc config "winspsv32" start= disabled & echo Windowexe.com
NA127 sc stop "zhfldk"
NA128 echo Service Disable & sc config "zhfldk" start= disabled & echo Windowexe.com
NA129 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\HubGate.job"
NA130 echo Created by Windowexe.com
NA131 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\HubGateUpdate.job"
NA132 echo Created by Windowexe.com
NA133 echo End
NA134 ======================================================================
NA135 echo Created by Windowexe.com / do not delete this label.
NA136 ======================================================================