Advertisement
Reisyukaku

De-botnet Win 7 - 10

Sep 26th, 2015
1,301
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. @echo off
  2. echo
  3.  
  4. echo Step 1: Delete Updates…
  5. echo Delete KB3075249 (telemetry for Win7/8.1)
  6. echo y | start /w wusa.exe /uninstall /kb:3075249
  7. echo Delete KB3080149 (telemetry for Win7/8.1)
  8. echo y | start /w wusa.exe /uninstall /kb:3080149
  9. echo Delete KB3021917 (telemetry for Win7)
  10. echo y | start /w wusa.exe /uninstall /kb:3021917
  11. echo Delete KB3022345 (telemetry)
  12. echo y | start /w wusa.exe /uninstall /kb:3022345
  13. echo Delete KB3068708 (telemetry)
  14. echo y | start /w wusa.exe /uninstall /kb:3068708
  15. echo Delete KB3044374 (Get Windows 10 for Win8.1)
  16. echo y | start /w wusa.exe /uninstall /kb:3044374
  17. echo Delete KB3035583 (Get Windows 10 for Win7sp1/8.1)
  18. echo y | start /w wusa.exe /uninstall /kb:3035583
  19. echo Delete KB2990214 (Get Windows 10 for Win7 without sp1)
  20. echo y | start /w wusa.exe /uninstall /kb:2990214
  21. echo Delete KB2990214 (Get Windows 10 for Win7)
  22. echo y | start /w wusa.exe /uninstall /kb:2990214
  23. echo Delete KB2952664 (Get Windows 10 assistant)
  24. echo y | start /w wusa.exe /uninstall /kb:2952664
  25. echo Delete KB3075853 (update for “Windows Update” on Win8.1/Server 2012R2)
  26. echo y | start /w wusa.exe /uninstall /kb:3075853
  27. echo Delete KB3065987 (update for “Windows Update” on Win7/Server 2008R2)
  28. echo y | start /w wusa.exe /uninstall /kb:3065987
  29. echo Delete KB3050265 (update for “Windows Update” on Win7)
  30. echo y | start /w wusa.exe /uninstall /kb:3050265
  31. echo Delete KB971033 (license validation)
  32. echo y | start /w wusa.exe /uninstall /kb:971033
  33. echo Delete KB2902907 (description not available)
  34. echo y | start /w wusa.exe /uninstall /kb:2902907
  35. echo Delete KB2976987 (description not available)
  36. echo y | start /w wusa.exe /uninstall /kb:2976987
  37.  
  38. echo Step 2: Blocking Routes…
  39. route -p add 23.218.212.69 MASK 255.255.255.255 0.0.0.0
  40. route -p add 65.55.108.23 MASK 255.255.255.255 0.0.0.0
  41. route -p add 65.39.117.230 MASK 255.255.255.255 0.0.0.0
  42. route -p add 134.170.30.202 MASK 255.255.255.255 0.0.0.0
  43. route -p add 137.116.81.24 MASK 255.255.255.255 0.0.0.0
  44. route -p add 204.79.197.200 MASK 255.255.255.255 0.0.0.0
  45. route -p add 23.218.212.69 MASK 255.255.255.255 0.0.0.0
  46.  
  47. echo Step 3: Disabling tasks…
  48. schtasks /Change /TN “\Microsoft\Windows\Application Experience\AitAgent” /DISABLE
  49. schtasks /Change /TN “\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser” /DISABLE
  50. schtasks /Change /TN “\Microsoft\Windows\Application Experience\ProgramDataUpdater” /DISABLE
  51. schtasks /Change /TN “\Microsoft\Windows\Autochk\Proxy” /DISABLE
  52. schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\Consolidator” /DISABLE
  53. schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask” /DISABLE
  54. schtasks /Change /TN “Microsoft\Windows\Customer Experience Improvement Program\UsbCeip” /DISABLE
  55. schtasks /Change /TN “\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector” /DISABLE
  56. schtasks /Change /TN “\Microsoft\Windows\Maintenance\WinSAT” /DISABLE
  57. schtasks /Change /TN “\Microsoft\Windows\Media Center\ActivateWindowsSearch” /DISABLE
  58. schtasks /Change /TN “\Microsoft\Windows\Media Center\ConfigureInternetTimeService” /DISABLE
  59. schtasks /Change /TN “\Microsoft\Windows\Media Center\DispatchRecoveryTasks” /DISABLE
  60. schtasks /Change /TN “\Microsoft\Windows\Media Center\ehDRMInit” /DISABLE
  61. schtasks /Change /TN “\Microsoft\Windows\Media Center\InstallPlayReady” /DISABLE
  62. schtasks /Change /TN “\Microsoft\Windows\Media Center\mcupdate” /DISABLE
  63. schtasks /Change /TN “\Microsoft\Windows\Media Center\MediaCenterRecoveryTask” /DISABLE
  64. schtasks /Change /TN “\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask” /DISABLE
  65. schtasks /Change /TN “\Microsoft\Windows\Media Center\OCURActivate” /DISABLE
  66. schtasks /Change /TN “\Microsoft\Windows\Media Center\OCURDiscovery” /DISABLE
  67. schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscovery” /DISABLE
  68. schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscoveryW1” /DISABLE
  69. schtasks /Change /TN “\Microsoft\Windows\Media Center\PBDADiscoveryW2” /DISABLE
  70. schtasks /Change /TN “\Microsoft\Windows\Media Center\PvrRecoveryTask” /DISABLE
  71. schtasks /Change /TN “\Microsoft\Windows\Media Center\PvrScheduleTask” /DISABLE
  72. schtasks /Change /TN “\Microsoft\Windows\Media Center\RegisterSearch” /DISABLE
  73. schtasks /Change /TN “\Microsoft\Windows\Media Center\ReindexSearchRoot” /DISABLE
  74. schtasks /Change /TN “\Microsoft\Windows\Media Center\SqlLiteRecoveryTask” /DISABLE
  75. schtasks /Change /TN “\Microsoft\Windows\Media Center\UpdateRecordPath” /DISABLE
  76.  
  77. echo Step 4: Killing Diagtrack-service (if it still exists)
  78. sc stop Diagtrack
  79. sc delete Diagtrack
  80.  
  81. echo Final Step: Stop remoteregistry-service (if it still exists)
  82. sc config remoteregistry start= disabled
  83. sc stop remoteregistry
  84.  
  85. echo Done — Reboot!
  86. shutdown -r
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement