diff --git a/src/TJprojMain-remover/TJprojMain-remover.sln b/src/TJprojMain-remover/TJprojMain-remover.sln
new file mode 100644
index 0000000..22247db
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover.sln
@@ -0,0 +1,25 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 16
+VisualStudioVersion = 16.0.30204.135
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "TJprojMain-remover", "TJprojMain-remover\TJprojMain-remover.csproj", "{94078440-EE7C-414E-A691-39E14AB240E2}"
+EndProject
+Global
+ GlobalSection(SolutionConfigurationPlatforms) = preSolution
+ Debug|Any CPU = Debug|Any CPU
+ Release|Any CPU = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(ProjectConfigurationPlatforms) = postSolution
+ {94078440-EE7C-414E-A691-39E14AB240E2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+ {94078440-EE7C-414E-A691-39E14AB240E2}.Debug|Any CPU.Build.0 = Debug|Any CPU
+ {94078440-EE7C-414E-A691-39E14AB240E2}.Release|Any CPU.ActiveCfg = Release|Any CPU
+ {94078440-EE7C-414E-A691-39E14AB240E2}.Release|Any CPU.Build.0 = Release|Any CPU
+ EndGlobalSection
+ GlobalSection(SolutionProperties) = preSolution
+ HideSolutionNode = FALSE
+ EndGlobalSection
+ GlobalSection(ExtensibilityGlobals) = postSolution
+ SolutionGuid = {A52767E5-7079-4921-9891-996F642D0716}
+ EndGlobalSection
+EndGlobal
diff --git a/src/TJprojMain-remover/TJprojMain-remover/App.config b/src/TJprojMain-remover/TJprojMain-remover/App.config
new file mode 100644
index 0000000..193aecc
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/App.config
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/TJprojMain-remover/TJprojMain-remover/Log.cs b/src/TJprojMain-remover/TJprojMain-remover/Log.cs
new file mode 100644
index 0000000..d90ed39
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/Log.cs
@@ -0,0 +1,54 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+public static class Log
+{
+ public static void Critical(object value)
+ {
+ Color(ConsoleColor.Magenta);
+ Console.WriteLine("[!] " + value.ToString());
+ Color();
+ }
+
+ public static void Info(object value)
+ {
+ Color(ConsoleColor.Cyan);
+ Console.WriteLine("[+] " + value.ToString());
+ }
+
+ public static bool QueryYesNo(string question)
+ {
+ var input = QueryString(question);
+ if (input.ToLower().StartsWith("y")) return true;
+ else return false;
+ }
+
+ public static string QueryString(string question)
+ {
+ Color(ConsoleColor.Yellow);
+ Console.Write("[?] " + question);
+ Color();
+ return Console.ReadLine();
+ }
+
+ public static void Info(object value, ConsoleColor color)
+ {
+ Color(color);
+ Console.WriteLine("[+] " + value.ToString());
+ }
+
+ public static void Error(object value)
+ {
+ Color(ConsoleColor.Red);
+ Console.WriteLine("[-] " + value.ToString());
+ Color();
+ }
+
+ private static void Color(ConsoleColor color = ConsoleColor.White)
+ {
+ Console.ForegroundColor = color;
+ }
+}
diff --git a/src/TJprojMain-remover/TJprojMain-remover/Program.cs b/src/TJprojMain-remover/TJprojMain-remover/Program.cs
new file mode 100644
index 0000000..80a11e2
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/Program.cs
@@ -0,0 +1,76 @@
+using Microsoft.Win32;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace TJprojMain_remover
+{
+ class Program
+ {
+ private const string AUTOSTART_REGKEY = @"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run";
+
+
+ static void Main(string[] args)
+ {
+ Log.Info("TJprojMain-remover by VollRagm", ConsoleColor.Blue);
+ CheckSafeBoot();
+
+ DisableAutostart();
+ RemoveFiles();
+
+ Log.Info("Done.");
+ }
+
+ static void CheckSafeBoot()
+ {
+ var safeBoot = Utils.IsSafeMode();
+ if (!safeBoot)
+ {
+ var proceed = Log.QueryYesNo("You did not boot into safe mode, which means that the process is running and cannot be deleted. Do you wish to try anyways? (y/n): ");
+ if (!proceed)
+ {
+ Log.Info("Here is how to boot into safe mode: https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10/");
+ Console.ReadLine();
+ Environment.Exit(0);
+ }
+ }
+ }
+
+ static void DisableAutostart()
+ {
+ Log.Info("Disabling Autostart...");
+ try
+ {
+ Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "svchost");
+ Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "Explorer");
+ Console.WriteLine();
+ }
+ catch (Exception ex)
+ {
+ Log.Error("Failed to remove autostart keys: " + ex.Message);
+ }
+ }
+
+ static void RemoveFiles()
+ {
+ try
+ {
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\svchost.exe", true);
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\spoolsv.exe", true);
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\explorer.exe", true);
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn.exe", true);
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn", false);
+ Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\tjcm.cmn", true);
+ Console.WriteLine();
+
+ }catch(Exception ex)
+ {
+ Log.Error("Could not remove files: " + ex.Message);
+ }
+ }
+
+
+ }
+}
diff --git a/src/TJprojMain-remover/TJprojMain-remover/Properties/AssemblyInfo.cs b/src/TJprojMain-remover/TJprojMain-remover/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..af3de66
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/Properties/AssemblyInfo.cs
@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("TJprojMain-remover")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("TJprojMain-remover")]
+[assembly: AssemblyCopyright("Copyright © 2021")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible
+// to COM components. If you need to access a type in this assembly from
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("94078440-ee7c-414e-a691-39e14ab240e2")]
+
+// Version information for an assembly consists of the following four values:
+//
+// Major Version
+// Minor Version
+// Build Number
+// Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/src/TJprojMain-remover/TJprojMain-remover/TJprojMain-remover.csproj b/src/TJprojMain-remover/TJprojMain-remover/TJprojMain-remover.csproj
new file mode 100644
index 0000000..81cefc7
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/TJprojMain-remover.csproj
@@ -0,0 +1,55 @@
+
+
+
+
+ Debug
+ AnyCPU
+ {94078440-EE7C-414E-A691-39E14AB240E2}
+ Exe
+ TJprojMain_remover
+ TJprojMain-remover
+ v4.8
+ 512
+ true
+ true
+
+
+ AnyCPU
+ true
+ full
+ false
+ bin\Debug\
+ DEBUG;TRACE
+ prompt
+ 4
+
+
+ AnyCPU
+ pdbonly
+ true
+ bin\Release\
+ TRACE
+ prompt
+ 4
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/src/TJprojMain-remover/TJprojMain-remover/Utils.cs b/src/TJprojMain-remover/TJprojMain-remover/Utils.cs
new file mode 100644
index 0000000..120cfa9
--- /dev/null
+++ b/src/TJprojMain-remover/TJprojMain-remover/Utils.cs
@@ -0,0 +1,78 @@
+using Microsoft.Win32;
+using System;
+using System.Collections.Generic;
+using System.Diagnostics;
+using System.IO;
+using System.Linq;
+using System.Runtime.InteropServices;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace TJprojMain_remover
+{
+ public class Utils
+ {
+ private const int SM_CLEANBOOT = 67;
+
+ [DllImport("user32.dll")]
+ private static extern int GetSystemMetrics(int smIndex);
+
+ public static bool IsSafeMode()
+ {
+ return GetSystemMetrics(SM_CLEANBOOT) != 0;
+ }
+
+ public static void RegRemoveIfExists(string key, string name)
+ {
+ using (RegistryKey regKey = Registry.CurrentUser.OpenSubKey(key, writable: true))
+ {
+ if (regKey != null)
+ {
+ if (regKey.GetValue(name) != null)
+ {
+ regKey.DeleteValue(name);
+ Log.Critical($"Registry key {name} found and removed!");
+ }
+ else
+ {
+ Log.Error($"Registry key {name} not found!");
+ }
+ }
+ }
+
+ }
+
+ public static void Unhide(string path)
+ {
+ Process.Start("attrib", $"-r -a -s -h \"{path}\"");
+ }
+
+ public static void FRemoveIfExists(string path, bool processCheck = false)
+ {
+ try
+ {
+ if (File.Exists(path))
+ {
+ if (processCheck)
+ {
+ try
+ {
+ var processes = Process.GetProcessesByName(new FileInfo(path).Name);
+ processes.Where(x => new FileInfo(x.MainModule.FileName).FullName == new FileInfo(path).FullName).FirstOrDefault().Kill();
+ }
+ catch { }
+ }
+ File.Delete(path);
+ Log.Critical($"Removed {path} successfully!");
+ }
+ else
+ {
+ Log.Error($"File {path} not found!");
+ }
+ }catch(Exception ex)
+ {
+ Log.Error($"Could not delete file {path}: {ex.Message}");
+ }
+ }
+ }
+}