start:: CreateRestorePoint: CloseProcesses: EmptyTemp: RemoveProxy: Hosts: StartRegEdit: Windows Registry Editor Version 5.00 [HKCU\SOFTWARE\Microsoft\Internet Explorer\Main] "Start Page"="about:Blank" EndRegEdit: DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\gsRAMService C:\Program Files (x86)\Gilisoft\RAMDisk\gsRAMService.exe DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\CLSID\{CC89327D-D094-40B2-82CB-F989EE26FC51} DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\CLSID\{CC89327D-D094-40B2-82CB-F989EE26FC51} DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\CLSID\{CC89327D-D094-40B2-82CB-F989EE26FC51} unlock: C:\WINDOWS\System32\drivers\GsRamDsk.sys C:\WINDOWS\System32\drivers\GsRamDsk.sys DeleteKey: HKLM\Software\Classes\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKLM\Software\Classes\Installer\Futures\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKCU\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKCU\Software\Microsoft\Installer\Futures\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKCU\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKCU\Software\Microsoft\Installer\Features\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Installer\Products\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKU\S-1-5-21-4265624635-2019933758-61733912-1001\Software\Microsoft\Installer\Features\DF0BF511A0A162C4287A6A86A997B99B DeleteKey: HKCU\SOFTWARE\BitTorrent DeleteKey: HKCU\SOFTWARE\BitTorrentPlus DeleteKey: HKCU\SOFTWARE\uTorrentPlus C:\Users\jean-\AppData\Roaming\BitTorrent C:\Users\jean-\AppData\Roaming\uTorrent C:\Users\jean-\AppData\LocalLow\BitTorrent DeleteKey: HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent C:\Users\jean-\AppData\Roaming\BitTorrent\BitTorrent.exe DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49628261-623E-4818-ACD6-940789AE45D8} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49628261-623E-4818-ACD6-940789AE45D8} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{49628261-623E-4818-ACD6-940789AE45D8} C:\Windows\System32\Tasks\IObitSelfCheckTask DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|AppRemover DeleteKey: HKLM\SOFTWARE\Systweak DeleteKey: HKLM\SOFTWARE\WOW6432Node\Systweak DeleteKey: HKCU\SOFTWARE\OneSafe PC Cleaner DeleteKey: HKCU\SOFTWARE\Systweak C:\ProgramData\Systweak C:\Users\jean-\AppData\Roaming\OneSafe PC Cleaner C:\Users\jean-\AppData\Roaming\Systweak C:\Users\jean-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip DeleteKey: HKLM\Software\Classes\CLSID\{d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip2 DeleteKey: HKLM\Software\Classes\CLSID\{d13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip64 DeleteKey: HKLM\Software\Classes\CLSID\{d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF DeleteKey: HKLM\Software\Classes\CLSID\{e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF64 DeleteKey: HKLM\Software\Classes\CLSID\{e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\chext DeleteKey: HKLM\Software\Classes\CLSID\{E7A4C2DA-F3AF-4145-AC19-E3B215306A54} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DaemonShellExtImage DeleteKey: HKLM\Software\Classes\CLSID\{40966797-8FFE-46C8-9EF8-7003F33CCF0F} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\IObit Malware Fighter DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\CLSID\{2F844462-7CB8-489C-828C-32A6422506AF} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\VersionsPageShellExt DeleteKey: HKLM\Software\Classes\CLSID\{9E42900A-85F9-4E67-9778-575FBBA0A81C} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IobitStartMenu DeleteKey: HKLM\Software\Classes\CLSID\{AF8FA9C9-9907-463e-BDC3-4CC1200D6310} DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\CLSID\{2F844462-7CB8-489C-828C-32A6422506AF} DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\AdAwareContextMenu DeleteKey: HKLM\Software\Classes\CLSID\{5B64240D-5B36-4B9F-A75F-4925B6A53D5B} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DaemonShellExtImage DeleteKey: HKLM\Software\Classes\CLSID\{40966797-8FFE-46C8-9EF8-7003F33CCF0F} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Rebit.ContextMenu DeleteKey: HKLM\Software\Classes\CLSID\{7A9A2CC0-0164-41F8-8305-957DE59A6B0B} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\UnlockerShellExtension DeleteKey: HKLM\Software\Classes\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObit Malware Fighter DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\CLSID\{2F844462-7CB8-489C-828C-32A6422506AF} DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\chext DeleteKey: HKLM\Software\Classes\CLSID\{E7A4C2DA-F3AF-4145-AC19-E3B215306A54} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip DeleteKey: HKLM\Software\Classes\CLSID\{d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip2 DeleteKey: HKLM\Software\Classes\CLSID\{d13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip64 DeleteKey: HKLM\Software\Classes\CLSID\{d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF DeleteKey: HKLM\Software\Classes\CLSID\{e13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF64 DeleteKey: HKLM\Software\Classes\CLSID\{e13d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\IObit Malware Fighter DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\CLSID\{2F844462-7CB8-489C-828C-32A6422506AF} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnlockerShellExtension DeleteKey: HKLM\Software\Classes\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\VersionsPageShellExt DeleteKey: HKLM\Software\Classes\CLSID\{9E42900A-85F9-4E67-9778-575FBBA0A81C} DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\AdAwareContextMenu DeleteKey: HKLM\Software\Classes\CLSID\{5B64240D-5B36-4B9F-A75F-4925B6A53D5B} DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D} DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\DaemonShellExtDrive DeleteKey: HKLM\Software\Classes\CLSID\{A5415364-784A-41A5-B47A-D452909CA8FF} DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip2 DeleteKey: HKLM\Software\Classes\CLSID\{d13d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZip64 DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ASZipF64 DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\chext DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DaemonShellExtImage DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{2F844462-7CB8-489C-828C-32A6422506AF} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{410BF280-86EF-4E0F-8279-EC5848546AD3} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\VersionsPageShellExt DeleteKey: HKLM\Software\Classes\CLSID\{9E42900A-85F9-4E67-9778-575FBBA0A81C} DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\IobitStartMenu DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\AdAwareContextMenu DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{5B64240D-5B36-4B9F-A75F-4925B6A53D5B} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\CLSID\{CC89327D-D094-40B2-82CB-F989EE26FC51} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\DaemonShellExtImage DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\Rebit.ContextMenu DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{7A9A2CC0-0164-41F8-8305-957DE59A6B0B} DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\UnlockerShellExtension DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\chext DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip2 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZip64 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\ASZipF64 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PfMenu DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnLockerMenu DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UnlockerShellExtension DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\VersionsPageShellExt DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\AdAwareContextMenu DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Advanced SystemCare DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Auslogics Disk Defrag Professional Shell Context Menu 4.x DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\DaemonShellExtDrive DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\0179831522228056mcinstcleanup DeleteValue: HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{2318C2B1-4965-11D4-9B18-009027A5CD4F} cmd: ipconfig /flushdns cmd: netsh winsock reset Cmd: netsh advfirewall reset Cmd: Netsh advfirewall set allprofiles state on end::