Fix result of Farbar Recovery Scan Tool (x64) Version:06-05-2016 03 Ran by Mouadh B (2016-05-07 15:25:36) Run:1 Running from C:\Users\Mouadh B\Desktop Loaded Profiles: Mouadh B (Available Profiles: Mouadh B) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: RemoveProxy: HKU\S-1-5-21-3312846245-256796695-1462527662-1001\...\Run: [DrvUpdater] => C:\Users\Mouadh B\AppData\Roaming\DRPSu\DrvUpdater.exe [195256 2016-02-26] () HKU\S-1-5-21-3312846245-256796695-1462527662-1001\...\Run: [AceStream] => C:\Users\Mouadh B\AppData\Roaming\ACEStream\engine\ace_engine.exe IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Mouadh B\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () GroupPolicyScripts: Restriction <======= ATTENTION HKU\S-1-5-21-3312846245-256796695-1462527662-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ocherus.ru/?utm_content=697e4ed49a9ee39d52daa60c5fa3c7e2&utm_source=startpm&utm_term=16A235D698EF61F80616CBAF5476792F CMD: netsh winsock reset all CMD: ipconfig /flushdns hosts: EmptyTemp: Reboot: end ***************** Restore point was successfully created. Processes closed successfully. ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3312846245-256796695-1462527662-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3312846245-256796695-1462527662-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= HKU\S-1-5-21-3312846245-256796695-1462527662-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DrvUpdater => value removed successfully HKU\S-1-5-21-3312846245-256796695-1462527662-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AceStream => value removed successfully "HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully "HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully "HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}" => key removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully "HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}" => key removed successfully "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully "HKCR\Wow6432Node\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C}" => key removed successfully "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully "HKCR\Wow6432Node\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202}" => key removed successfully "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully "HKCR\Wow6432Node\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637}" => key removed successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully HKU\S-1-5-21-3312846245-256796695-1462527662-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully ========= netsh winsock reset all ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. EmptyTemp: => 552 MB temporary data Removed. The system needed a reboot. ==== End of Fixlog 15:27:38 ====