Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by Administrator (11-02-2019 18:32:21) Run:6
Running from C:\FRST64
Loaded Profiles: Administrator (Available Profiles: Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
cmd: sc config trustedinstaller start= auto
cmd: net start trustedinstaller
cmd: fsutil resource setautoreset true %SystemDrive%\
cmd: attrib -r -s -h %SystemRoot%\System32\Config\TxR\*
StartPowershell:
function Move-LockedFile
{
param($path, $destination)
$path = (Resolve-Path $path).Path
$destination = $executionContext.SessionState.Path.GetUnresolvedProviderPathFromPSPath($destination)
$MOVEFILE_DELAY_UNTIL_REBOOT = 0x00000004
$MOVEFILE_REPLACE_EXISTING = 1
$memberDefinition = @'
[DllImport("kernel32.dll", SetLastError=true, CharSet=CharSet.Auto)]
public static extern bool MoveFileEx(string lpExistingFileName, string lpNewFileName,
int dwFlags);
'@
$type = Add-Type -Name MoveFileUtils -MemberDefinition $memberDefinition -PassThru
$type::MoveFileEx($path, $destination, $MOVEFILE_DELAY_UNTIL_REBOOT + $MOVEFILE_REPLACE_EXISTING)
}
Get-ChildItem -path "$env:SystemRoot\system32\Config\TxR\." |
Foreach-Object {
write-output $_.fullname
Move-LockedFile -path $_.fullname "$env:SystemRoot\Temp\junk"
}
EndPowershell:
cmd: attrib -r -s -h %SystemRoot%\System32\SMI\Store\Machine\*
cmd: del /f /q %SystemRoot%\System32\SMI\Store\Machine\.tm
cmd: del /f /q %SystemRoot%\System32\SMI\Store\Machine\*.blf
cmd: del /f /q %SystemRoot%\System32\SMI\Store\Machine\*.regtrans-ms
EmptyTemp:
*****************
========= sc config trustedinstaller start= auto =========
[SC] ChangeServiceConfig SUCCESS
========= End of CMD: =========
========= net start trustedinstaller =========
The requested service has already been started.
More help is available by typing NET HELPMSG 2182.
========= End of CMD: =========
========= fsutil resource setautoreset true %SystemDrive%\ =========
The operation completed successfully.
========= End of CMD: =========
========= attrib -r -s -h %SystemRoot%\System32\Config\TxR\* =========
========= End of CMD: =========
========= Powershell: =========
C:\Windows\system32\Config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.0.regtrans-ms
True
C:\Windows\system32\Config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.1.regtrans-ms
True
C:\Windows\system32\Config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.2.regtrans-ms
True
C:\Windows\system32\Config\TxR\{016888cc-6c6f-11de-8d1d-001e0bcde3ec}.TxR.blf
True
C:\Windows\system32\Config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
True
C:\Windows\system32\Config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
True
C:\Windows\system32\Config\TxR\{016888cd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
True
========= End of Powershell: =========
========= attrib -r -s -h %SystemRoot%\System32\SMI\Store\Machine\* =========
========= End of CMD: =========
========= del /f /q %SystemRoot%\System32\SMI\Store\Machine\.tm =========
Could Not Find C:\Windows\System32\SMI\Store\Machine\.tm
========= End of CMD: =========
========= del /f /q %SystemRoot%\System32\SMI\Store\Machine\*.blf =========
========= End of CMD: =========
========= del /f /q %SystemRoot%\System32\SMI\Store\Machine\*.regtrans-ms =========
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5950179 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 0 B
Firefox => 778432907 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Administrator => 3156573 B
RecycleBin => 516494 B
EmptyTemp: => 751.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:36:09 ====