
FMRS // Furtivex Malware Removal Script

Do you have doubts about the effectiveness of your anti-virus software?
- Download Furtivex Malware Removal Script to your hard drive
- Right mouse click the saved file and select ‘Run as administrator’ to begin the scan
- Review the report when the scan is complete
- Video demonstrations are available here and here
- Example of the log output can be found here (clean) and here (infected)
- Screenshots below:

FEATURES
- Aggressive process termination. All non-essential processes are shut down while the program scans. A small whitelist is maintained.
- Aggressive RunOnce cleaning. All RunOnce entries are purged from the Windows Registry.
- Aggressive Task Scheduler cleaning. This is a unique feature of the tool compared to others in its category. A small whitelist is maintained.
- Checks for important files required by the operating system. If a file is missing, it is reported in the log’s Miscellaneous section. The file should be replaced to re-establish stability to the system.
- Clears these Event Viewer Logs: Application, Security, Setup, System, and ForwardedEvents.
- Clears caches from the following programs if they are installed: Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex, Mozilla Firefox, SteamLabs OBS, Discord, DirectX, Java, Wire, CRL URL Cache(?).
- Creates a System Restore Point named ‘Furtivex Malware Removal Script’. Use this if there are any accidents caused by the script. This will not be created if System Restore was manually turned off or turned off due to a malware infection.
- Deletes BitsTransfer Jobs(?) containing any type of error.
- Deletes Temporary Internet Files. Does not delete cookies so your existing logins are not affected.
- Lists any exclusions set for Windows Defender. This information is reported to the log’s Miscellaneous section.
- Removes all push notifications(?) from Chromium based browsers. Supports up to 3 different profiles of Microsoft Edge, Google Chrome, Vivaldi, Brave, Yandex. The tool does not discriminate on which browser push notifications are good or bad. They are all considered bad by the tool. Video evidence of this type of automatic remediation here.
- These can also be accessed manually from within the affected browser using chrome://settings/content/notifications, edge://settings/content/notifications, brave://settings/content/notifications, etc… in the browser address bar. The tool is simply providing an automated way of handling this process.
- Reverses some of the damage created by malware infections. This includes reversing a lot of registry hijacks, removing policy restrictions, unblocking other anti-virus software. An example can be found in the video demonstration here.
- Shows crash dumps which can be analyzed using WinDbg in the Miscellaneous section. Some helpers may be interested in analyzing why certain executables crashed on the system for research and further troubleshooting purposes.
- Shows event viewer logs from Windows Defender if the event ID # was equal to 3002. The purpose of this is a current work in progress related to BlackLotus. This alone isn’t evidence the user is infected.
- Shows log names from Malwarebytes if they are present on the user’s desktop. The intent of this is to better guide users who may be having trouble finding relevant log from Malwarebytes.
- Shows the contents of DrWeb and FRST quarantine in the Miscellaneous section. The intent of this is show a history of what has already been detected on the system, or if you needed to restore something from quarantine.
- Turns off the ‘Show me suggested content in the Settings app’ feature of Windows 10 and 11. More of a personal preference thing, but most users would consider this an annoyance created by the Windows operating system. [1]
ADDITIONAL INFORMATION
- It is a portable program, and therefore, does not get added to the ‘Programs and Features’ list.
- A log file is created at C: and the Desktop after it runs so you can review the results: FMRS_[date]_[time].txt
- Both 32-bit and 64-bit of Windows 10 and 11 are supported. Older operating systems are not supported at this time and the script will close itself to prevent its use.
- Multiple languages are supported: English, Arabic, Bulgarian, Chinese, Czech, Dutch (Thanks Maxstar), French, German (Thanks MKDB), Greek, Hindi, Italian, Polish (Thanks Picasso), Portuguese, Russian (Thanks Dragokas), Spanish
SUPPORT LINK


PrivWindoze // Private Windows

Do you have concerns about your private information being sent to others? Or, do you feel like your Windows installation has a lot of programs that you don’t ever use?
- Download PrivWindoze or PrivWindozeLite to your hard drive
- Double-click the saved file to launch and begin the scan
- Review the report when the scan is complete
- Video demonstration available here
Recommend this free tool to your friends and family
Additional Information:
Some notable software it removes is: Microsoft Edge, OneDrive, Bing, Cortana, Recall, ZuneVideo, ZuneMusic, Copilot, XBox, GameBar, and other bloatware / bundled software from OEM manufacturers such as Acer, Dell, HP, and Lenovo
The Lite version does not delete Microsoft Edge, OneDrive, XBox, or GameBar.
It is a portable program // Does not require installation
The script deletes all traces of itself after it is run. No further cleanup is necessary.
A System Restore point is created in case there are any accidents caused by the tool.
Both 32-bit and 64-bit of Windows 10 and 11 are supported.
Multiple languages are supported: English, Spanish, German, Polish, Portuguese, Russian, Czech, Chinese, Dutch, and French
Acer user who was experiencing slow PC had this to say after running PrivWindoze:

