System Analyzer Report 2012, 11, 05

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================

echo Start
echo windowexe.com & tskill "ancamcorderupdate" & echo windowdel.com
echo windowexe.com & tskill "opentabup" & echo windowdel.com
echo windowexe.com & tskill "GuardConvert" & echo windowdel.com
echo windowexe.com & tskill "MicroProCon" & echo windowdel.com
echo windowexe.com & tskill "MicroProProc" & echo windowdel.com
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "signup" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "signup" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "addenagent" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "addenagent" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "AnCamCorder" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "AnCamCorder" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "opentabup" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "opentabup" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZoneUp" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZoneUp" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "badakencoder" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "badakencoder" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinProUp" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinProUp" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "IETab" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "JoyUtilService" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "JoyUtilService" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "update.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vcmanagerstart.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vcmanagerstart.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keycast.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "fastcurestart.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "fastcurestart.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "OdiskShortcut" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OdiskShortcut" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "hitlink.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "hitlink.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "MicroLabCon" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "GuardSupport" /f
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29DC2B12-2E97-488B-95C1-9589ED25C7EB}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29DC2B12-2E97-488B-95C1-9589ED25C7EB}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{29DC2B12-2E97-488B-95C1-9589ED25C7EB}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{29DC2B12-2E97-488B-95C1-9589ED25C7EB}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EEC9AFF-CA5E-4317-8A80-ED6B4FA7EBD3}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EEC9AFF-CA5E-4317-8A80-ED6B4FA7EBD3}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EEC9AFF-CA5E-4317-8A80-ED6B4FA7EBD3}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{2EEC9AFF-CA5E-4317-8A80-ED6B4FA7EBD3}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{39AA03A6-B5D9-4F47-99DF-1666A7B8D8E8}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CDEE4BC9-A278-4C02-8D24-049641326690}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDEE4BC9-A278-4C02-8D24-049641326690}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDEE4BC9-A278-4C02-8D24-049641326690}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{CDEE4BC9-A278-4C02-8D24-049641326690}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{8A5FC7EA-6031-40BB-A609-5F022672438C}" /f
echo Created by Windowexe.com
sc stop "baebmgjb"
echo Service Disable & sc config "baebmgjb" start= disabled & echo Windowexe.com
sc stop "dkoxsrwspsi"
echo Service Disable & sc config "dkoxsrwspsi" start= disabled & echo Windowexe.com
sc stop "dspupxql"
echo Service Disable & sc config "dspupxql" start= disabled & echo Windowexe.com
sc stop "fiywhfhivzd"
echo Service Disable & sc config "fiywhfhivzd" start= disabled & echo Windowexe.com
sc stop "mhjicmwrku"
echo Service Disable & sc config "mhjicmwrku" start= disabled & echo Windowexe.com
sc stop "mswibmsvc"
echo Service Disable & sc config "mswibmsvc" start= disabled & echo Windowexe.com
sc stop "quicksvc"
echo Service Disable & sc config "quicksvc" start= disabled & echo Windowexe.com
sc stop "RKSvc"
echo Service Disable & sc config "RKSvc" start= disabled & echo Windowexe.com
sc stop "TCCheckAgent"
echo Service Disable & sc config "TCCheckAgent" start= disabled & echo Windowexe.com
sc stop "zguppzkfrw"
echo Service Disable & sc config "zguppzkfrw" start= disabled & echo Windowexe.com
sc stop "zsxtrptpsm"
echo Service Disable & sc config "zsxtrptpsm" start= disabled & echo Windowexe.com
sc stop "ppsaawbrg"
echo Service Disable & sc config "ppsaawbrg" start= disabled & echo Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{44A83441-CC11-4A08-807A-A9985A90316B}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{44A83441-CC11-4A08-807A-A9985A90316B}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A91263EE-61C1-4d78-9748-81073EFB1E53}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A91263EE-61C1-4d78-9748-81073EFB1E53}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FF5CBC30-F3C4-4f82-B398-F01FC9A4830C}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
echo Created by Windowexe.com
echo End

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================