Code : wKB+SgWXOGtfHGgU6ba5SJUNF9UdgRue

프로그램분석

Code : wKB+SgWXOGtfHGgU6ba5SJUNF9UdgRue

프로세스 천국 2013. 2. 23. 20:13

System Analyzer Report 2013, 02, 23

NA001 ======================================================================
NA002 echo Created by Windowexe.com / do not delete this label.
NA003 ======================================================================
NA004 echo Start
NA005 echo windowexe.com & tskill "ymsvwplr" & echo windowdel.com
NA006 echo windowexe.com & tskill "oxozyidmz" & echo windowdel.com
NA007 echo windowexe.com & tskill "torrentup" & echo windowdel.com
NA008 echo windowexe.com & tskill "WBPatch" & echo windowdel.com
NA009 echo windowexe.com & tskill "iqvtnsev" & echo windowdel.com
NA010 echo windowexe.com & tskill "qkvnkqcbp" & echo windowdel.com
NA011 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Pando Media Booster" /f
NA012 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Pando Media Booster" /f
NA013 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowBoanPatch" /f
NA014 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowBoanPatch" /f
NA015 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
NA016 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
NA017 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA018 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA019 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowBoanPatch" /f
NA020 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowBoanPatch" /f
NA021 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Torrent" /f
NA022 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Torrent" /f
NA023 echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA024 echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
NA025 echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA026 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA027 echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA028 echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA029 echo Created by Windowexe.com
NA030 echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA031 echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA032 echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA033 echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA034 echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA035 echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6}" /f
NA036 echo Created by Windowexe.com
NA037 sc stop "NATService"
NA038 echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
NA039 sc stop "NSpeedMeterManager"
NA040 echo Service Disable & sc config "NSpeedMeterManager" start= disabled & echo Windowexe.com
NA041 sc stop "RunS"
NA042 echo Service Disable & sc config "RunS" start= disabled & echo Windowexe.com
NA043 sc stop "SvcMaya"
NA044 echo Service Disable & sc config "SvcMaya" start= disabled & echo Windowexe.com
NA045 sc stop "Windows_rejoice2010"
NA046 echo Service Disable & sc config "Windows_rejoice2010" start= disabled & echo Windowexe.com
NA047 sc stop "msvc"
NA048 echo Service Disable & sc config "msvc" start= disabled & echo Windowexe.com
NA051 echo End
NA052 ======================================================================
NA053 echo Created by Windowexe.com / do not delete this label.
NA054 ======================================================================