Code : VlGWckaei0dgGG6GXeQQ2Uovy6Rbl3/w

프로그램분석

Code : VlGWckaei0dgGG6GXeQQ2Uovy6Rbl3/w

프로세스 천국 2013. 2. 12. 22:07

System Analyzer Report 2013, 02, 12

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "WindowServiceNT" & echo windowdel.com
NA006 echo windowexe.com & tskill "nexustool" & echo windowdel.com
NA007 echo windowexe.com & tskill "MicrowindowSearch" & echo windowdel.com
NA008 echo windowexe.com & tskill "PostTip" & echo windowdel.com
NA009 echo windowexe.com & tskill "optimak_up" & echo windowdel.com
NA010 echo windowexe.com & tskill "optimak" & echo windowdel.com
NA011 echo windowexe.com & tskill "natsvc" & echo windowdel.com
NA012 echo windowexe.com & tskill "WinCloud" & echo windowdel.com
NA013 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA014 echo windowexe.com & tskill "howcodecopen" & echo windowdel.com
NA015 echo windowexe.com & tskill "howcodec_update" & echo windowdel.com
NA016 echo windowexe.com & tskill "GomHelperSvc" & echo windowdel.com
NA017 echo windowexe.com & tskill "popmulticare" & echo windowdel.com
NA018 echo windowexe.com & tskill "mdroilymsvc" & echo windowdel.com
NA019 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "nexus20" /f
NA020 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "nexus20" /f
NA021 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "catroot" /f
NA022 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "catroot" /f
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "popmulticare" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "popmulticare" /f
NA025 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA026 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodecopen" /f
NA027 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA028 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "howcodec" /f
NA029 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA030 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA031 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "PostTip" /f
NA032 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "PostTip" /f
NA033 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "optimak" /f
NA034 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "optimak" /f
NA035 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA036 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DaumCleaner" /f
NA037 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA038 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicrowindowSearch" /f
NA039 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE70883C-9F83-4688-B5FD-B65C10A9ABD0}" /f
NA040 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE70883C-9F83-4688-B5FD-B65C10A9ABD0}" /f
NA041 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE70883C-9F83-4688-B5FD-B65C10A9ABD0}" /f
NA042 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{EE70883C-9F83-4688-B5FD-B65C10A9ABD0}" /f
NA043 echo Created by Windowexe.com
NA044 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
NA045 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
NA046 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
NA047 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C4BF6897-41A2-454b-AC3B-437F30BEA671}" /f
NA048 echo Created by Windowexe.com
NA049 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA050 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA051 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA052 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{BDDB5A00-D1EB-49D5-B197-72A06DF78AA1}" /f
NA053 echo Created by Windowexe.com
NA054 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9AC995E5-C129-4cc9-859A-0AA7FE22E751}" /f
NA055 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9AC995E5-C129-4cc9-859A-0AA7FE22E751}" /f
NA056 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9AC995E5-C129-4cc9-859A-0AA7FE22E751}" /f
NA057 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{9AC995E5-C129-4cc9-859A-0AA7FE22E751}" /f
NA058 echo Created by Windowexe.com
NA059 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60781F6D-1B11-4F20-B744-8F65F8F28981}" /f
NA060 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60781F6D-1B11-4F20-B744-8F65F8F28981}" /f
NA061 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{60781F6D-1B11-4F20-B744-8F65F8F28981}" /f
NA062 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{60781F6D-1B11-4F20-B744-8F65F8F28981}" /f
NA063 echo Created by Windowexe.com
NA064 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D19999A-E977-46A5-BD6A-6E816262F399}" /f
NA065 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D19999A-E977-46A5-BD6A-6E816262F399}" /f
NA066 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D19999A-E977-46A5-BD6A-6E816262F399}" /f
NA067 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{5D19999A-E977-46A5-BD6A-6E816262F399}" /f
NA068 echo Created by Windowexe.com
NA069 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31DCE507-6C94-4b3e-AAC2-6C955F7BFAE1}" /f
NA070 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31DCE507-6C94-4b3e-AAC2-6C955F7BFAE1}" /f
NA071 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31DCE507-6C94-4b3e-AAC2-6C955F7BFAE1}" /f
NA072 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{31DCE507-6C94-4b3e-AAC2-6C955F7BFAE1}" /f
NA073 echo Created by Windowexe.com
NA074 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA075 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA076 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA077 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1A64F9EC-2126-45FB-9598-7A918ADBAAB0}" /f
NA078 echo Created by Windowexe.com
NA079 sc stop "WindowSystem Update Service"
NA080 echo Service Disable & sc config "WindowSystem Update Service" start= disabled & echo Windowexe.com
NA081 sc stop "Windows WebBox Update Class"
NA082 echo Service Disable & sc config "Windows WebBox Update Class" start= disabled & echo Windowexe.com
NA083 sc stop "Windows Multibox2 Update Class"
NA084 echo Service Disable & sc config "Windows Multibox2 Update Class" start= disabled & echo Windowexe.com
NA085 sc stop "Windows MineService Diagnostics Service"
NA086 echo Service Disable & sc config "Windows MineService Diagnostics Service" start= disabled & echo Windowexe.com
NA087 sc stop "WinCloud"
NA088 echo Service Disable & sc config "WinCloud" start= disabled & echo Windowexe.com
NA089 sc stop "upgradepc Update Service"
NA090 echo Service Disable & sc config "upgradepc Update Service" start= disabled & echo Windowexe.com
NA091 sc stop "qweqw"
NA092 echo Service Disable & sc config "qweqw" start= disabled & echo Windowexe.com
NA093 sc stop "nxsagent"
NA094 echo Service Disable & sc config "nxsagent" start= disabled & echo Windowexe.com
NA095 sc stop "NATService"
NA096 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA097 sc stop "lifeclean Update Service"
NA098 echo Service Disable & sc config "lifeclean Update Service" start= disabled & echo Windowexe.com
NA099 sc stop "launcher Update Service"
NA100 echo Service Disable & sc config "launcher Update Service" start= disabled & echo Windowexe.com
NA101 sc stop "GomHelper Update Services"
NA102 echo Service Disable & sc config "GomHelper Update Services" start= disabled & echo Windowexe.com
NA103 sc stop "ExtAuthProSvc"
NA104 echo Service Disable & sc config "ExtAuthProSvc" start= disabled & echo Windowexe.com
NA105 sc stop "ApplicationSpecialManagement"
NA106 echo Service Disable & sc config "ApplicationSpecialManagement" start= disabled & echo Windowexe.com
NA107 sc stop "AppCatroots"
NA108 echo Service Disable & sc config "AppCatroots" start= disabled & echo Windowexe.com
NA109 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95E2E4BA-E131-4aab-85C5-2071F68ED3C3}" /f
NA110 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{95E2E4BA-E131-4aab-85C5-2071F68ED3C3}" /f
NA111 echo Created by Windowexe.com
NA112 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{000000A3-57A6-49EA-B96B-1428070E5924}" /f
NA113 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{000000A3-57A6-49EA-B96B-1428070E5924}" /f
NA114 echo Created by Windowexe.com
NA115 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{000000A2-F93E-4C0B-87D5-490AEF45ADD3}" /f
NA116 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{000000A2-F93E-4C0B-87D5-490AEF45ADD3}" /f
NA117 echo Created by Windowexe.com
NA118 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{000000A1-CA93-46BB-9D4A-DBD498CB8944}" /f
NA119 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{000000A1-CA93-46BB-9D4A-DBD498CB8944}" /f
NA120 echo Created by Windowexe.com
NA121 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000013-AACA-41E6-982D-08D365A2A4FF}" /f
NA122 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000013-AACA-41E6-982D-08D365A2A4FF}" /f
NA123 echo Created by Windowexe.com
NA124 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000012-AAFE-4B4A-BAEB-1CCF018676F2}" /f
NA125 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000012-AAFE-4B4A-BAEB-1CCF018676F2}" /f
NA126 echo Created by Windowexe.com
NA127 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000011-AA35-4E77-A4E6-5CD22ABAF5E7}" /f
NA128 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000011-AA35-4E77-A4E6-5CD22ABAF5E7}" /f
NA129 echo Created by Windowexe.com
NA130 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA131 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA132 echo Created by Windowexe.com
NA133 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{5F6C1537-DE02-493D-9E10-6EB084414077}" /f
NA134 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{5F6C1537-DE02-493D-9E10-6EB084414077}" /f
NA135 echo Created by Windowexe.com
NA136 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4FF9A494-ED8E-4A13-A675-88983140B3CB}" /f
NA137 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{4FF9A494-ED8E-4A13-A675-88983140B3CB}" /f
NA138 echo Created by Windowexe.com
NA139 echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\WebCompassUpdate.job"
NA140 echo Created by Windowexe.com
NA141 echo End
NA142 ======================================================================
NA143 echo Created by Windowexe.com / do not delete this label.
NA144 ======================================================================