Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x86) Version: 02-06-2017
Ran by Mr Amine (03-06-2017 23:26:51) Run:1
Running from C:\Users\Mr Amine\Downloads
Loaded Profiles: Mr Amine (Available Profiles: Mr Amine & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {4de08a00-c39f-11e6-8219-e811328ef8d5} - E:\AutoRun.exe
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {f8278714-10ac-11e7-b1ba-e811328ef8d5} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-09] (AVAST Software)
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2541504113-2086445549-289826373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S4 MBAMScheduler; "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
========= End of RemoveProxy: =========
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key removed successfully.
HKCR\CLSID\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key not found.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key removed successfully.
HKCR\CLSID\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\System\CurrentControlSet\Services\InstallerService => key removed successfully.
InstallerService => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMScheduler => key removed successfully.
MBAMScheduler => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMService => key removed successfully.
MBAMService => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMProtector => key removed successfully.
MBAMProtector => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMWebAccessControl => key removed successfully.
MBAMWebAccessControl => service removed successfully.
========= netsh winsock reset all =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57484755 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1828989139 B
Edge => 0 B
Chrome => 540290117 B
Firefox => 0 B
Opera => 7787258 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
LocalService => 66576 B
NetworkService => 69938 B
Mr Amine => 1088316506 B
DefaultAppPool => 0 B
RecycleBin => 5120926118 B
EmptyTemp: => 8.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:28:10 ====
Ran by Mr Amine (03-06-2017 23:26:51) Run:1
Running from C:\Users\Mr Amine\Downloads
Loaded Profiles: Mr Amine (Available Profiles: Mr Amine & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {4de08a00-c39f-11e6-8219-e811328ef8d5} - E:\AutoRun.exe
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {f8278714-10ac-11e7-b1ba-e811328ef8d5} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-09] (AVAST Software)
GroupPolicy: Restriction ? <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-2541504113-2086445549-289826373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
S4 MBAMScheduler; "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe" [X]
S2 MBAMService; "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe" [X]
S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end
*****************
Restore point was successfully created.
Processes closed successfully.
========= RemoveProxy: =========
HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
========= End of RemoveProxy: =========
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key removed successfully.
HKCR\CLSID\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key not found.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key removed successfully.
HKCR\CLSID\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKU\S-1-5-21-2541504113-2086445549-289826373-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully
HKLM\System\CurrentControlSet\Services\InstallerService => key removed successfully.
InstallerService => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMScheduler => key removed successfully.
MBAMScheduler => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMService => key removed successfully.
MBAMService => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMProtector => key removed successfully.
MBAMProtector => service removed successfully.
HKLM\System\CurrentControlSet\Services\MBAMWebAccessControl => key removed successfully.
MBAMWebAccessControl => service removed successfully.
========= netsh winsock reset all =========
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57484755 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1828989139 B
Edge => 0 B
Chrome => 540290117 B
Firefox => 0 B
Opera => 7787258 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
LocalService => 66576 B
NetworkService => 69938 B
Mr Amine => 1088316506 B
DefaultAppPool => 0 B
RecycleBin => 5120926118 B
EmptyTemp: => 8.1 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:28:10 ====