Code : LZ7LXK3VHJDnBabMZW5ztcNeVzQtF73x

프로그램분석

Code : LZ7LXK3VHJDnBabMZW5ztcNeVzQtF73x

프로세스 천국 2013. 2. 22. 00:38

System Analyzer Report 2013, 02, 22

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "iexplore32" /f
NA006 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "iexplore32" /f
NA007 echo windowexe.com & tskill "toastpop" & echo windowdel.com
NA008 echo windowexe.com & tskill "windowsphup" & echo windowdel.com
NA009 echo windowexe.com & tskill "TopSpaceService" & echo windowdel.com
NA010 echo windowexe.com & tskill "TopSpaceHelper" & echo windowdel.com
NA011 echo windowexe.com & tskill "RaclSvc" & echo windowdel.com
NA012 echo windowexe.com & tskill "PandoraService" & echo windowdel.com
NA013 echo windowexe.com & tskill "GomHelperSvc" & echo windowdel.com
NA014 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "toastpop" /f
NA015 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "toastpop" /f
NA016 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA017 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
NA018 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "TopSpace" /f
NA019 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "TopSpace" /f
NA020 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "toastpop" /f
NA021 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "toastpop" /f
NA022 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA023 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsPurchaseHelper" /f
NA024 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7ACEB3C-FFB1-49AB-A491-3BE5DE9F8D4C}" /f
NA025 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7ACEB3C-FFB1-49AB-A491-3BE5DE9F8D4C}" /f
NA026 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7ACEB3C-FFB1-49AB-A491-3BE5DE9F8D4C}" /f
NA027 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{D7ACEB3C-FFB1-49AB-A491-3BE5DE9F8D4C}" /f
NA028 echo Created by Windowexe.com
NA029 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}" /f
NA030 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}" /f
NA031 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}" /f
NA032 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C8625893-2C0F-4484-8C18-52B00D5A8BB9}" /f
NA033 echo Created by Windowexe.com
NA034 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA035 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA036 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA037 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{A14EAA16-CA35-4666-845A-DC084DCDF356}" /f
NA038 echo Created by Windowexe.com
NA039 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA040 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA041 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA042 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA043 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA044 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
NA045 echo Created by Windowexe.com
NA046 sc stop "zsxtrptpsm"
NA047 echo Service Disable & sc config "zsxtrptpsm" start= disabled & echo Windowexe.com
NA048 sc stop "zguppzkfrw"
NA049 echo Service Disable & sc config "zguppzkfrw" start= disabled & echo Windowexe.com
NA050 sc stop "svoauaibkn"
NA051 echo Service Disable & sc config "svoauaibkn" start= disabled & echo Windowexe.com
NA052 sc stop "qjmctpjdmr"
NA053 echo Service Disable & sc config "qjmctpjdmr" start= disabled & echo Windowexe.com
NA054 sc stop "ppsaawbrg"
NA055 echo Service Disable & sc config "ppsaawbrg" start= disabled & echo Windowexe.com
NA056 sc stop "PanService"
NA057 echo Service Disable & sc config "PanService" start= disabled & echo Windowexe.com
NA058 sc stop "mhjicmwrku"
NA059 echo Service Disable & sc config "mhjicmwrku" start= disabled & echo Windowexe.com
NA060 sc stop "GomHelper Update Services"
NA061 echo Service Disable & sc config "GomHelper Update Services" start= disabled & echo Windowexe.com
NA062 sc stop "fubptmfwy"
NA063 echo Service Disable & sc config "fubptmfwy" start= disabled & echo Windowexe.com
NA064 sc stop "dspupxql"
NA065 echo Service Disable & sc config "dspupxql" start= disabled & echo Windowexe.com
NA066 sc stop "cpunfoquhyk"
NA067 echo Service Disable & sc config "cpunfoquhyk" start= disabled & echo Windowexe.com
NA068 sc stop "baebmgjb"
NA069 echo Service Disable & sc config "baebmgjb" start= disabled & echo Windowexe.com
NA070 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA071 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
NA072 echo Created by Windowexe.com
NA073 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA074 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
NA075 echo Created by Windowexe.com
NA076 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA077 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
NA078 echo Created by Windowexe.com
NA079 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7619CFB7-C05D-4063-94B7-F3555E49BEE2}" /f
NA080 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{7619CFB7-C05D-4063-94B7-F3555E49BEE2}" /f
NA081 echo Created by Windowexe.com
NA082 echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA083 echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{71DF21B0-8C69-4923-8C7B-B195F8DDB5CD}" /f
NA084 echo Created by Windowexe.com
NA085 echo End
NA086 ======================================================================
NA087 echo Created by Windowexe.com / do not delete this label.
NA088 ======================================================================