Fix result of Farbar Recovery Scan Tool (x64) Version: 04-10-2016 Ran by Pedro Teixeira (07-10-2016 17:19:34) Run:1 Running from C:\Users\Pedro Teixeira\Desktop\fix Loaded Profiles: Pedro Teixeira (Available Profiles: Pedro Teixeira) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: Task: {86778E9B-77C0-4E94-A719-46F27E81F666} - System32\Tasks\UCBrowserUpdater => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ATTENTION 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [win_en_77] => [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [KzShlobj2] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => No File GroupPolicy: Restriction <======= ATTENTION R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [81792 2016-08-02] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION U0 aswVmm; no ImagePath Folder: C:\Program Files (x86)\gq0FF58 2016-09-08 23:13 - 2016-09-08 23:13 - 00000000 ____D C:\ProgramData\Avira 2016-09-08 23:13 - 2016-09-08 23:13 - 00000000 ____D C:\ProgramData\Avg Folder: C:\WINDOWS\Ogiedplofipy 2016-09-08 23:09 - 2016-09-08 23:14 - 00000000 ____D C:\Users\Pedro Teixeira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器 2016-09-08 23:08 - 2016-09-30 19:57 - 00000506 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job EmptyTemp: Reboot: end ***************** Restore point was successfully created. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86778E9B-77C0-4E94-A719-46F27E81F666}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86778E9B-77C0-4E94-A719-46F27E81F666}" => key removed successfully C:\WINDOWS\System32\Tasks\UCBrowserUpdater => moved successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater" => key removed successfully C:\WINDOWS\Tasks\UCBrowserUpdater.job => moved successfully 127.0.0.1 down.baidu2016.com => Error: No automatic fix found for this entry. 127.0.0.1 123.sogou.com => Error: No automatic fix found for this entry. 127.0.0.1 www.czzsyzgm.com => Error: No automatic fix found for this entry. 127.0.0.1 www.czzsyzxl.com => Error: No automatic fix found for this entry. 127.0.0.1 union.baidu2019.com => Error: No automatic fix found for this entry. 127.0.0.1 down.baidu2016.com => Error: No automatic fix found for this entry. 127.0.0.1 123.sogou.com => Error: No automatic fix found for this entry. 127.0.0.1 www.czzsyzgm.com => Error: No automatic fix found for this entry. 127.0.0.1 www.czzsyzxl.com => Error: No automatic fix found for this entry. 127.0.0.1 union.baidu2019.com => Error: No automatic fix found for this entry. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\win_en_77 => value removed successfully "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj2" => key removed successfully HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F3} => key not found. C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully UCGuard => Unable to stop service. UCGuard => service removed successfully aswVmm => service removed successfully ========================= Folder: C:\Program Files (x86)\gq0FF58 ======================== ====== End of Folder: ====== C:\ProgramData\Avira => moved successfully C:\ProgramData\Avg => moved successfully ========================= Folder: C:\WINDOWS\Ogiedplofipy ======================== C:\WINDOWS\Ogiedplofipy => File ====== End of Folder: ====== C:\Users\Pedro Teixeira\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UC浏览器 => moved successfully "C:\WINDOWS\Tasks\UCBrowserUpdater.job" => not found. =========== EmptyTemp: ========== BITS transfer queue => 1135043 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 94324392 B Java, Flash, Steam htmlcache => 419820907 B Windows/system/drivers => 44975993 B Edge => 4635859 B Chrome => 0 B Firefox => 394072197 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 10220 B NetworkService => 4084 B Pedro Teixeira => 42813908187 B RecycleBin => 0 B EmptyTemp: => 40.8 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 17:22:28 ====