System Analyzer Report 2012, 08, 06

System Analyzer Report 2012, 08, 06

 

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================

echo Start
echo windowexe.com & tskill "admmgr" & echo windowdel.com
echo windowexe.com & tskill "admrup" & echo windowdel.com
echo windowexe.com & tskill "AdvTCApp" & echo windowdel.com
echo windowexe.com & tskill "DirectKeyword2" & echo windowdel.com
echo windowexe.com & tskill "GuardConvert" & echo windowdel.com
echo windowexe.com & tskill "KeywordYacUpdate" & echo windowdel.com
echo windowexe.com & tskill "MicroProCon" & echo windowdel.com
echo windowexe.com & tskill "MicroProProc" & echo windowdel.com
echo windowexe.com & tskill "natsvc" & echo windowdel.com
echo windowexe.com & tskill "OpenKeywordC" & echo windowdel.com
echo windowexe.com & tskill "OpenKeywordD" & echo windowdel.com
echo windowexe.com & tskill "OpenKeywordS" & echo windowdel.com
echo windowexe.com & tskill "rpgchk" & echo windowdel.com
echo windowexe.com & tskill "RPGManager" & echo windowdel.com
echo windowexe.com & tskill "RPGSvcMan" & echo windowdel.com
echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
echo windowexe.com & tskill "TopFind" & echo windowdel.com
echo windowexe.com & tskill "TopFindUpdate" & echo windowdel.com
echo windowexe.com & tskill "UtilZone" & echo windowdel.com
echo windowexe.com & tskill "windowsbooster" & echo windowdel.com
echo windowexe.com & tskill "windowviewcon" & echo windowdel.com
echo windowexe.com & tskill "windowviewconup" & echo windowdel.com
echo windowexe.com & tskill "WinExpandUpdate" & echo windowdel.com
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DirectKeyword2" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KeywordYac" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KeywordYac" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "windowviewcon" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "TopFind" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "TopFind" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "openkeyword" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "openkeyword" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "RapidGet" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "RapidGet" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "iadden" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "iadden" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WindowsBooster" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WindowsBooster" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabProc" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "FineTop" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "FineTop" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "TopUtilService" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "TopUtilService" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "KS Popup Ad" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "KS Popup Ad" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinExpandUpdate" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinExpandUpdate" /f
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000EF7-D20B-49ac-A364-06138CC09001}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000EF7-D20B-49ac-A364-06138CC09001}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000EF7-D20B-49ac-A364-06138CC09001}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{00000EF7-D20B-49ac-A364-06138CC09001}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1C5099DD-7923-45e8-9680-5F285DC61213}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A01D4C-9D21-480D-80B9-C0D96311B42C}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21A01D4C-9D21-480D-80B9-C0D96311B42C}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21A01D4C-9D21-480D-80B9-C0D96311B42C}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{21A01D4C-9D21-480D-80B9-C0D96311B42C}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{3E5EF872-03E2-4CE0-94DF-CA8A5004ECFD}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{9CA634EF-ECF0-4DD1-B7E2-B9CCFF40BCAF}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{03ea5b10-2efa-4311-ac10-04427b02d663}" /f
echo Created by Windowexe.com
sc stop "msecounting service"
echo Service Disable & sc config "msecounting service" start= disabled & echo Windowexe.com
sc stop "NATService"
echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
sc stop "RPGSvcman"
echo Service Disable & sc config "RPGSvcman" start= disabled & echo Windowexe.com
sc stop "TCCheckAgent"
echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{143BCEC5-C753-48eb-BD44-EEFFA37CEB5B}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{143BCEC5-C753-48eb-BD44-EEFFA37CEB5B}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
echo Created by Windowexe.com
echo End

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================