Fix result of Farbar Recovery Scan Tool (x64) Version: 01-01-2017 Ran by Germain (06-01-2017 18:09:38) Run:1 Running from C:\Users\Germain\Downloads Loaded Profiles: Germain (Available Profiles: Germain) Boot Mode: Normal ============================================== fixlist content: ***************** start CloseProcesses: Hosts: CreateRestorePoint: ShellExecuteHooks: No Name - {01147934-CC36-11E6-AD24-64006A5CFC23} - -> No File ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File BootExecute: autocheck autochk * sdnclean64.exe GroupPolicy: Restriction - Windows Defender <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2196324403-2920740886-392819837-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION S2 Ferboing; C:\Program Files (x86)\Stoerentwigry_\Stagentqejcultcnf.dll [X] S2 vyvitebi; C:\Program Files (x86)\d707c60d-8562-441e-8817-7cda80d46a341483554981\knsd707c60d-8562-441e-8817-7cda80d46a34.tmpfs [X] R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ATTENTION S3 gdrv; \??\C:\Windows\gdrv.sys [X] S3 MSICDSetup; \??\E:\CDriver64.sys [X] S3 NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys [X] U0 aswVmm; no ImagePath 2017-01-04 19:36 - 2017-01-04 19:36 - 00140288 _____ C:\Users\Germain\AppData\Roaming\Installer.dat C:\Users\Germain\AppData\Roaming\Installer.dat 2017-01-04 19:36 - 2017-01-04 19:36 - 0140288 _____ () C:\Users\Germain\AppData\Roaming\Installer.dat Task: {5C039E81-85B4-4202-9C81-0735C11941F3} - System32\Tasks\UCBrowserSecureUpdater => C:\Program Files (x86)\UCBrowser\Security\uclauncher.exe <==== ATTENTION HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" EmptyTemp: end ***************** Processes closed successfully. C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. Restore point was successfully created. HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{01147934-CC36-11E6-AD24-64006A5CFC23} => value removed successfully HKCR\CLSID\{01147934-CC36-11E6-AD24-64006A5CFC23} => key not found. HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => key removed successfully HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKU\S-1-5-21-2196324403-2920740886-392819837-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key removed successfully HKLM\System\CurrentControlSet\Services\Ferboing => key removed successfully Ferboing => service removed successfully HKLM\System\CurrentControlSet\Services\vyvitebi => key removed successfully vyvitebi => service removed successfully ucdrv => Unable to stop service. HKLM\System\CurrentControlSet\Services\ucdrv => key removed successfully ucdrv => service removed successfully ucdrv => service not found. HKLM\System\CurrentControlSet\Services\gdrv => key removed successfully gdrv => service removed successfully HKLM\System\CurrentControlSet\Services\MSICDSetup => key removed successfully MSICDSetup => service removed successfully HKLM\System\CurrentControlSet\Services\NTIOLib_1_0_C => key removed successfully NTIOLib_1_0_C => service removed successfully HKLM\System\CurrentControlSet\Services\aswVmm => key removed successfully aswVmm => service removed successfully C:\Users\Germain\AppData\Roaming\Installer.dat => moved successfully "C:\Users\Germain\AppData\Roaming\Installer.dat" => not found. "C:\Users\Germain\AppData\Roaming\Installer.dat" => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5C039E81-85B4-4202-9C81-0735C11941F3} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C039E81-85B4-4202-9C81-0735C11941F3} => key removed successfully C:\Windows\System32\Tasks\UCBrowserSecureUpdater => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserSecureUpdater => key removed successfully HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => key removed successfully HKLM\System\CurrentControlSet\Control\SafeBoot\Network\MBAMService => key removed successfully =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6291240 B Java, Flash, Steam htmlcache => 295693300 B Windows/system/drivers => 45076777 B Edge => 0 B Chrome => 9277005 B Firefox => 164843318 B Opera => 0 B Temp, IE cache, history, cookies, recent: Users => 0 B Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 16802 B systemprofile32 => 503239 B LocalService => 0 B NetworkService => 6986 B Germain => 282558453 B RecycleBin => 0 B EmptyTemp: => 775 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 18:10:04 ====