Fix result of Farbar Recovery Scan Tool (x86) Version: 02-06-2017 Ran by Mr Amine (03-06-2017 23:26:51) Run:1 Running from C:\Users\Mr Amine\Downloads Loaded Profiles: Mr Amine (Available Profiles: Mr Amine & DefaultAppPool) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: RemoveProxy: HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {4de08a00-c39f-11e6-8219-e811328ef8d5} - E:\AutoRun.exe HKU\S-1-5-21-2541504113-2086445549-289826373-1000\...\MountPoints2: {f8278714-10ac-11e7-b1ba-e811328ef8d5} - F:\AutoRun.exe ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-05-09] (AVAST Software) GroupPolicy: Restriction ? <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION Toolbar: HKU\S-1-5-21-2541504113-2086445549-289826373-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File StartMenuInternet: IEXPLORE.EXE - iexplore.exe S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X] S4 MBAMScheduler; "C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe" [X] S2 MBAMService; "C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe" [X] S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [X] S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X] CMD: netsh winsock reset all CMD: ipconfig /flushdns hosts: EmptyTemp: Reboot: end ***************** Restore point was successfully created. Processes closed successfully. ========= RemoveProxy: ========= HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => value removed successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully. HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully. HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully. HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully. ========= End of RemoveProxy: ========= HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key removed successfully. HKCR\CLSID\{4de08a00-c39f-11e6-8219-e811328ef8d5} => key not found. HKU\S-1-5-21-2541504113-2086445549-289826373-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key removed successfully. HKCR\CLSID\{f8278714-10ac-11e7-b1ba-e811328ef8d5} => key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => key removed successfully. HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully HKLM\SOFTWARE\Policies\Google => key removed successfully. HKU\S-1-5-21-2541504113-2086445549-289826373-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully. HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => value restored successfully HKLM\System\CurrentControlSet\Services\InstallerService => key removed successfully. InstallerService => service removed successfully. HKLM\System\CurrentControlSet\Services\MBAMScheduler => key removed successfully. MBAMScheduler => service removed successfully. HKLM\System\CurrentControlSet\Services\MBAMService => key removed successfully. MBAMService => service removed successfully. HKLM\System\CurrentControlSet\Services\MBAMProtector => key removed successfully. MBAMProtector => service removed successfully. HKLM\System\CurrentControlSet\Services\MBAMWebAccessControl => key removed successfully. MBAMWebAccessControl => service removed successfully. ========= netsh winsock reset all ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57484755 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 1828989139 B Edge => 0 B Chrome => 540290117 B Firefox => 0 B Opera => 7787258 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 65960 B LocalService => 66576 B NetworkService => 69938 B Mr Amine => 1088316506 B DefaultAppPool => 0 B RecycleBin => 5120926118 B EmptyTemp: => 8.1 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 23:28:10 ====