Furtivex Malware Removal Script

Database update

Database update

The log no longer automatically pops up after execution. You can gather and review it from either the Desktop or at the root of C: ``` C:\FMRS_2025_02_06__13_34_53.txt C:\Users\\Desktop\FMRS_2025_02_06__13_34_53.txt ```

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Removes all push notifications([?](https://furtivex.net/pics/pushnotif.png)) from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/mBwoTpKJGzI). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Remove all push notifications from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/Av39Xlx12Eo). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Remove all push notifications from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/Av39Xlx12Eo). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Remove all push notifications from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/Av39Xlx12Eo). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Remove all push notifications from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/Av39Xlx12Eo). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)

Do you have doubts about the effectiveness of your anti-virus software? Furtivex Malware Removal Script is a free on-demand scanner and is updated daily * Download Furtivex Malware Removal Script to your hard drive * Double-click the saved file to launch and begin the scan * Review the report when the scan is complete * Video demonstrations are available [here](https://youtu.be/iVj19UersNU) and [here](https://youtu.be/BVtX2T8iPtM) * Example of the log output can be found [here](https://furtivex.net/logs/FMRS_2025_02_01__13_53_47.txt) * Screenshots provided below:  **FEATURES:** * Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry. * Aggressive Task Scheduler cleaning. This is a rather unique feature of the tool. Since many malware authors utilize scheduled tasks as a persistence mechanism to ensure their programs continue to run on the system, these auto-starts are all purged. A small whitelist is maintained. * Check for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system. * Checks and reports Windows Activation status. You should see either Licensed, Notification, or Grace Period. This is reported to the log header. * Clear 5 Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents. * Clear caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, CRL URL Cache[[?](https://www.gradenegger.eu/en/view-and-clear-the-address-cache-for-blacklists-crl-url-cache/)]. * Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if by chance System Restore was manually turned off or turned off due to a malware infection. * Deletes [BitsTransfer Jobs](https://learn.microsoft.com/en-us/powershell/module/bitstransfer/remove-bitstransfer?view=windowsserver2022-ps) containing any type of error. * Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected. * Remove all push notifications from Chromium based browsers. Supports the Default, Profile 1, and Profile 2 profiles: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation [here](https://youtu.be/Av39Xlx12Eo). * These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc in the browser address bar. The tool is simply providing an automated way of handling this task. * Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration [here](https://youtu.be/fLtOBj0OJZs). * Shows crash dumps which can be analyzed using [WinDbg](https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/) in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes. * Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to [BlackLotus](https://www.techspot.com/news/98300-microsoft-explains-how-detect-blacklotus-uefi-bootkit-infection.html). This alone isn’t evidence the user is infected. * Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes. * Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine. * Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [[1](https://techjourney.net/how-to-enable-or-disable-suggested-content-ads-in-settings-of-windows-10/)] **ADDITIONAL INFORMATION:** * It is a portable program // Does not require installation * The script deletes all traces of itself after it is run. No further cleanup is necessary. * Both 32-bit and 64-bit of Windows 10 and 11 are supported. The tool exit and delete itself if you attempt to run on an unsupported operating system. * Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish **SUPPORT LINK:** [](https://www.paypal.com/donate/?hosted_button_id=E68FUAQG2758N)