System Analyzer Report 2012, 10, 22

프로그램분석

System Analyzer Report 2012, 10, 22

프로세스 천국 2012. 10. 22. 21:17

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================

echo Start
echo windowexe.com & tskill "WinxpendUP_im0s" & echo windowdel.com
echo windowexe.com & tskill "AdMatching" & echo windowdel.com
echo windowexe.com & tskill "admsys" & echo windowdel.com
echo windowexe.com & tskill "ADriveDownService" & echo windowdel.com
echo windowexe.com & tskill "TCCheckAgent" & echo windowdel.com
echo windowexe.com & tskill "hitlink" & echo windowdel.com
echo windowexe.com & tskill "ToolbarRestore" & echo windowdel.com
echo windowexe.com & tskill "minimp3_mon" & echo windowdel.com
echo windowexe.com & tskill "minimp3_uc" & echo windowdel.com
echo windowexe.com & tskill "natsvc" & echo windowdel.com
echo windowexe.com & tskill "NediskService" & echo windowdel.com
echo windowexe.com & tskill "RaclSvc" & echo windowdel.com
echo windowexe.com & tskill "realplus" & echo windowdel.com
echo windowexe.com & tskill "rpupdate" & echo windowdel.com
echo windowexe.com & tskill "UtilZone" & echo windowdel.com
echo windowexe.com & tskill "WBPatchCntr" & echo windowdel.com
echo windowexe.com & tskill "wssvrelv" & echo windowdel.com
echo windowexe.com & tskill "rpgchk" & echo windowdel.com
echo windowexe.com & tskill "RPGManager" & echo windowdel.com
echo windowexe.com & tskill "RPGSvcMan" & echo windowdel.com
echo windowexe.com & tskill "svcscrwin" & echo windowdel.com
echo windowexe.com & tskill "svcspwin" & echo windowdel.com
echo windowexe.com & tskill "wediasvc" & echo windowdel.com
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admatching" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admatching" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "minimp3" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "minimp3" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AdMatching" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "admsys" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "RapidGet" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "RapidGet" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "realplus" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "realplus" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "minimp3" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "minimp3" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "ToolbarRestore" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "hitlink.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "hitlink.exe" /f
echo file Delete & attrib -r "C:\Users\노성우\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\minimp3.lnk"
echo file Delete & del /q "C:\Users\노성우\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\minimp3.lnk"
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66B39A8A-3134-47b7-85C6-3E7DF7D14586}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{66B39A8A-3134-47b7-85C6-3E7DF7D14586}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{66B39A8A-3134-47b7-85C6-3E7DF7D14586}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{66B39A8A-3134-47b7-85C6-3E7DF7D14586}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4FD2B96-EE48-4f0c-900B-C13CA5E291A2}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4FD2B96-EE48-4f0c-900B-C13CA5E291A2}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4FD2B96-EE48-4f0c-900B-C13CA5E291A2}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{B4FD2B96-EE48-4f0c-900B-C13CA5E291A2}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9133CA1-662F-4237-80E3-B623C4D6E461}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9133CA1-662F-4237-80E3-B623C4D6E461}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9133CA1-662F-4237-80E3-B623C4D6E461}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C9133CA1-662F-4237-80E3-B623C4D6E461}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EBF3CCAD-8529-439D-A17F-B35ACFC57939}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF3CCAD-8529-439D-A17F-B35ACFC57939}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF3CCAD-8529-439D-A17F-B35ACFC57939}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{EBF3CCAD-8529-439D-A17F-B35ACFC57939}" /f
echo Created by Windowexe.com
sc stop "ADriveDownService"
echo Service Disable & sc config "ADriveDownService" start= disabled & echo Windowexe.com
sc stop "NATService"
echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
sc stop "NediskService"
echo Service Disable & sc config "NediskService" start= disabled & echo Windowexe.com
sc stop "NSpeedMeterManager"
echo Service Disable & sc config "NSpeedMeterManager" start= disabled & echo Windowexe.com
sc stop "RPGSvcman"
echo Service Disable & sc config "RPGSvcman" start= disabled & echo Windowexe.com
sc stop "rszsqrmm3"
echo Service Disable & sc config "rszsqrmm3" start= disabled & echo Windowexe.com
sc stop "TCCheckAgent"
echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
sc stop "WindowBoanPatch OEM Monitoring Center"
echo Service Disable & sc config "WindowBoanPatch OEM Monitoring Center" start= disabled & echo Windowexe.com
sc stop "Windows WebEdit Diagnostics Service"
echo Service Disable & sc config "Windows WebEdit Diagnostics Service" start= disabled & echo Windowexe.com
sc stop "Windows WebEdit Update Class"
echo Service Disable & sc config "Windows WebEdit Update Class" start= disabled & echo Windowexe.com
sc stop "Windows WinScare Diagnostics Service"
echo Service Disable & sc config "Windows WinScare Diagnostics Service" start= disabled & echo Windowexe.com
sc stop "Windows WinsPop Diagnostics Service"
echo Service Disable & sc config "Windows WinsPop Diagnostics Service" start= disabled & echo Windowexe.com
sc stop "WindowSearch Service Manager"
echo Service Disable & sc config "WindowSearch Service Manager" start= disabled & echo Windowexe.com
sc stop "WinScare Service"
echo Service Disable & sc config "WinScare Service" start= disabled & echo Windowexe.com
sc stop "WinsPop Service"
echo Service Disable & sc config "WinsPop Service" start= disabled & echo Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0A07354E-A092-490f-9597-BA096721A26D}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{0A07354E-A092-490f-9597-BA096721A26D}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000000-5499-47ed-A234-304F5258E596}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000001-5499-47ed-A234-304F5258E596}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{00000002-5499-47ed-A234-304F5258E596}" /f
echo Created by Windowexe.com
echo schtasks Delete & schtasks /delete /tn "OKSTART" /f
echo Created by Windowexe.com
echo schtasks Delete & schtasks /delete /tn "Windows hitlink ad-System [hitlink]" /f
echo Created by Windowexe.com
echo schtasks Delete & schtasks /delete /tn "WinExpandUpdate_im0s" /f
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
echo Created by Windowexe.com
echo 000 & reg.exe add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /d "" /f & echo windowdel.com
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{CE70F673-E2D3-4711-B329-4ADE0E524C6B}" /f & echo windowdel.com
echo 000 & reg.exe delete "HKCR\TypeLib\{FEAB3553-F7EC-4685-90E0-C24720015386}" /f & echo windowdel.com
echo Created by Windowexe.com
echo End

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================