Publicité
Publicité
Format du document : text/plain
Prévisualisation
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by Célia (24-10-2016 11:46:37) Run:1
Running from C:\Users\Célia\Desktop
Loaded Profiles: Célia (Available Profiles: Célia)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome
GroupPolicy\User: Restriction
FF NewTab: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF Keyword.URL: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 Atamechterfu; C:\Program Files (x86)\Lcophtergo\Mmcmonitor.dll [X]
2016-10-21 22:53 - 2016-10-21 22:53 - 00001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00001514 _____ C:\Users\Public\Desktop\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\Users\Célia\AppData\Local\UCBrowser
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-10-21 22:53 - 2016-08-29 12:56 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
2016-10-21 22:50 - 2016-10-21 22:55 - 00000000 ____D C:\Program Files (x86)\UCBrowser
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.7.15319.5 - 广州市动景计算机科技有限公司)
FirewallRules: [{6D40EBD6-24D5-411B-8EDB-76B7FBA19520}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{28C7196E-23F0-4FBD-9598-451CB89A3453}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [TCP Query User{F6F8DB73-42D4-4E04-84F4-5BA35597F9AC}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe] => (Block) C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{5594F69A-0A62-4610-BFD7-0F66B2534C0C}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe] => (Block) C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe
EmptyTemp:
end
*****************
Processes closed successfully.
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
Firefox "newtab" removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Atamechterfu => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk => moved successfully
C:\Users\Public\Desktop\UC浏览器.lnk => moved successfully
C:\Users\Célia\AppData\Local\UCBrowser => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 => moved successfully
C:\Windows\system32\Drivers\ucguard.sys => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.7.15319.5 - 广州市动景计算机科技有限公司) => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D40EBD6-24D5-411B-8EDB-76B7FBA19520} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28C7196E-23F0-4FBD-9598-451CB89A3453} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F6F8DB73-42D4-4E04-84F4-5BA35597F9AC}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5594F69A-0A62-4610-BFD7-0F66B2534C0C}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120451874 B
Java, Flash, Steam htmlcache => 697 B
Windows/system/drivers => 14340084714 B
Edge => 0 B
Chrome => 7804000 B
Firefox => 472504989 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42337004 B
systemprofile32 => 19120017 B
LocalService => 0 B
NetworkService => 80192893 B
Célia => 37041052336 B
RecycleBin => 0 B
EmptyTemp: => 48.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:50:39 ====
Ran by Célia (24-10-2016 11:46:37) Run:1
Running from C:\Users\Célia\Desktop
Loaded Profiles: Célia (Available Profiles: Célia)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction - Chrome
GroupPolicy\User: Restriction
FF NewTab: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF Keyword.URL: Mozilla\Firefox\Profiles\7lspeg55.default -> hxxp://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=galzftpbl0cshmobu,f027e99c-fd0a-4d48-b6f7-dc93067f4253,
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 Atamechterfu; C:\Program Files (x86)\Lcophtergo\Mmcmonitor.dll [X]
2016-10-21 22:53 - 2016-10-21 22:53 - 00001526 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00001514 _____ C:\Users\Public\Desktop\UC浏览器.lnk
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\Users\Célia\AppData\Local\UCBrowser
2016-10-21 22:53 - 2016-10-21 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器
2016-10-21 22:53 - 2016-08-29 12:56 - 00081792 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys
2016-10-21 22:50 - 2016-10-21 22:55 - 00000000 ____D C:\Program Files (x86)\UCBrowser
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.7.15319.5 - 广州市动景计算机科技有限公司)
FirewallRules: [{6D40EBD6-24D5-411B-8EDB-76B7FBA19520}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [{28C7196E-23F0-4FBD-9598-451CB89A3453}] => (Allow) C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe
FirewallRules: [TCP Query User{F6F8DB73-42D4-4E04-84F4-5BA35597F9AC}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe] => (Block) C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe
FirewallRules: [UDP Query User{5594F69A-0A62-4610-BFD7-0F66B2534C0C}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe] => (Block) C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe
EmptyTemp:
end
*****************
Processes closed successfully.
HKU\S-1-5-21-1785509145-3527855224-2036375315-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
Firefox "newtab" removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Atamechterfu => service removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk => moved successfully
C:\Users\Public\Desktop\UC浏览器.lnk => moved successfully
C:\Users\Célia\AppData\Local\UCBrowser => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 => moved successfully
C:\Windows\system32\Drivers\ucguard.sys => moved successfully
C:\Program Files (x86)\UCBrowser => moved successfully
UC浏览器 (HKLM-x32\...\UCBrowser) (Version: 5.7.15319.5 - 广州市动景计算机科技有限公司) => Error: No automatic fix found for this entry.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6D40EBD6-24D5-411B-8EDB-76B7FBA19520} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{28C7196E-23F0-4FBD-9598-451CB89A3453} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F6F8DB73-42D4-4E04-84F4-5BA35597F9AC}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5594F69A-0A62-4610-BFD7-0F66B2534C0C}C:\users\célia\appdata\local\temp\is-g43of.tmp\download\minithunderplatform.exe => value removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120451874 B
Java, Flash, Steam htmlcache => 697 B
Windows/system/drivers => 14340084714 B
Edge => 0 B
Chrome => 7804000 B
Firefox => 472504989 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42337004 B
systemprofile32 => 19120017 B
LocalService => 0 B
NetworkService => 80192893 B
Célia => 37041052336 B
RecycleBin => 0 B
EmptyTemp: => 48.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:50:39 ====