System Analyzer Report 2012, 11, 20

 

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================

echo Start
echo windowexe.com & tskill "FBDManager" & echo windowdel.com
echo windowexe.com & tskill "FBDSvcMan" & echo windowdel.com
echo windowexe.com & tskill "SpeedGet" & echo windowdel.com
echo windowexe.com & tskill "autoexe" & echo windowdel.com
echo windowexe.com & tskill "DanpotSearch" & echo windowdel.com
echo windowexe.com & tskill "dm" & echo windowdel.com
echo windowexe.com & tskill "findkey" & echo windowdel.com
echo windowexe.com & tskill "keywordpop" & echo windowdel.com
echo windowexe.com & tskill "LocalBox" & echo windowdel.com
echo windowexe.com & tskill "LocalBoxupdate" & echo windowdel.com
echo windowexe.com & tskill "natsvc" & echo windowdel.com
echo windowexe.com & tskill "RaclSvc" & echo windowdel.com
echo windowexe.com & tskill "AutoUpdater" & echo windowdel.com
echo windowexe.com & tskill "SpellerSvc" & echo windowdel.com
echo windowexe.com & tskill "tabsync" & echo windowdel.com
echo windowexe.com & tskill "tabsyncu" & echo windowdel.com
echo windowexe.com & tskill "webcorese" & echo windowdel.com
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro\"" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Windows SoftwareUpdater Helper" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Windows SoftwareUpdater Helper" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "DualMatching" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "DualMatching" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "tabsync" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "tabsync" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "joy" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "joy" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "webcores" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "webcores" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Internet DownloadManager Danpot" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Internet DownloadManager Danpot" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Speller" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vcmanagerstart.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vcmanagerstart.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "findkey.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "findkey.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "xvidShareupdate.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "xvidShareupdate.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "UtilZone" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "WinPro" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "vaccinecheckerstart.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "vaccinecheckerstart.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "Racl" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SpeedDownload" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "rpga" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "keywordpop.exe" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "keywordpop.exe" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "toastpop04" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "toastpop04" /f
echo HKCU Startup Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "LocalBox" /f
echo HKLM Startup Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "LocalBox" /f
echo file Delete & attrib -r "C:\Documents and Settings\user\시작 메뉴\프로그램\시작프로그램\Internet DownloadManager Danpot.lnk"
echo file Delete & del /q "C:\Documents and Settings\user\시작 메뉴\프로그램\시작프로그램\Internet DownloadManager Danpot.lnk"
echo file Delete & attrib -r "C:\Documents and Settings\user\시작 메뉴\프로그램\시작프로그램\Windows SoftwareUpdater Helper.lnk"
echo file Delete & del /q "C:\Documents and Settings\user\시작 메뉴\프로그램\시작프로그램\Windows SoftwareUpdater Helper.lnk"
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{1AB2CFE4-D6CC-4588-A4EF-EE98B8249883}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{7B1F3650-64DD-477a-9D09-DA14ABCBFF7B}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA783CB3-27C7-4A7A-8DBA-B89CCC4A2014}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA783CB3-27C7-4A7A-8DBA-B89CCC4A2014}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA783CB3-27C7-4A7A-8DBA-B89CCC4A2014}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{BA783CB3-27C7-4A7A-8DBA-B89CCC4A2014}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE BHO Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
echo HKEY_CURRENT_USER.BHO.Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
echo HKEY_CLASSES_ROOT.CLSID Delete & reg.exe delete "HKCR\CLSID\{C1C92372-4705-4020-998B-D1E5E95716C3}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{BCE04A5B-2B7D-4F4B-BB8E-2A59611733DD}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{41ED1FD7-8C37-4806-AF9E-D5238A30E56F}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE Toolbar Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo HKEY_CURRENT_USER Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo HKCU Search Hook Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks" /v "{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo HKEY_LOCAL_MACHINE Ext PreApproved Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo HKEY_CURRENT_USER Ext Stats Delete & reg.exe delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo HKEY_CLASSES_ROOT CLSID Delete & reg.exe delete "HKCR\CLSID\{5402F30A-DE34-4240-A594-132217F7D52D}" /f
echo Created by Windowexe.com
sc stop "dlyrvizap"
echo Service Disable & sc config "dlyrvizap" start= disabled & echo Windowexe.com
sc stop "FBDSvcman"
echo Service Disable & sc config "FBDSvcman" start= disabled & echo Windowexe.com
sc stop "NATService"
echo Service Disable & sc config "NATService" start= disabled & echo Windowexe.com
sc stop "quicksvc"
echo Service Disable & sc config "quicksvc" start= disabled & echo Windowexe.com
sc stop "RunS"
echo Service Disable & sc config "RunS" start= disabled & echo Windowexe.com
sc stop "6to4"
echo Service Disable & sc config "6to4" start= disabled & echo Windowexe.com
sc stop "Ias"
echo Service Disable & sc config "Ias" start= disabled & echo Windowexe.com
sc stop "Irmon"
echo Service Disable & sc config "Irmon" start= disabled & echo Windowexe.com
sc stop "NetMSSQL"
echo Service Disable & sc config "NetMSSQL" start= disabled & echo Windowexe.com
sc stop "netsvcs_0x40"
echo Service Disable & sc config "netsvcs_0x40" start= disabled & echo Windowexe.com
sc stop "netsvcs_0x47"
echo Service Disable & sc config "netsvcs_0x47" start= disabled & echo Windowexe.com
sc stop "netsvcs_0x50"
echo Service Disable & sc config "netsvcs_0x50" start= disabled & echo Windowexe.com
sc stop "netsvcs_0x54"
echo Service Disable & sc config "netsvcs_0x54" start= disabled & echo Windowexe.com
sc stop "WebClient NetMSSQL"
echo Service Disable & sc config "WebClient NetMSSQL" start= disabled & echo Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{68C04328-167E-446A-AC57-4A04DAD74BDC}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{A005B05D-B3BD-49DB-B0A8-1D4F0CF53CFB}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{E5990159-7CB9-4E2C-A27E-4C23E2FA70E6}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{8605E9B4-68C1-4ED9-B282-74C1AA3C312E}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{D64A7743-7E62-4002-90EA-80E0671F9902}" /f
echo Created by Windowexe.com
echo HKEY_LOCAL_MACHINE EB Delete & reg.exe delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
echo HKCU EB Delete & reg.exe delete "HKCU\Software\Microsoft\Internet Explorer\Extensions\{FA214B13-1A9F-480B-B749-94A566FC59D9}" /f
echo Created by Windowexe.com
echo schtasks Delete & schtasks /delete /tn "HubGateUpdate" /f
echo Created by Windowexe.com
echo Tasklist Delete & del /q "C:\WINDOWS\Tasks\HubGateUpdate.job"
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{5121BCAB-14D5-40AD-A469-4437CC51F7AA}" /f & echo windowdel.com
echo Created by Windowexe.com
echo 000 & reg.exe delete "HKCR\CLSID\{A832F633-668F-4F8A-9EA1-A6375D1C1418}" /f & echo windowdel.com
echo Created by Windowexe.com
echo End

======================================================================
echo Created by Windowexe.com / do not delete this label.
======================================================================